Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signatu...Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signature scheme is constructed, and it is provably existentially unforgeable under adaptive chosen message attack. By decentralizing the initial key generation process of the original scheme within the signature process, a large Merkle tree with 6.87×10^10 possible signatures can be initialized in 590 milliseconds. Storing some small Merkle trees in hard disk and memory can speed up Merkle tree signature scheme. Mekle tree signature schemes are fit for trusted computing platform in most scenarios.展开更多
This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.B...This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.Blockchain can be used in a multi-tenant cloud environment(MTCE)to improve the security of data,as it is a decentralized approach.Data is saved in unaltered form.Also,Blockchain is not owned by a single organization.The encryption process can be done using a Homomorphic encryption(HE)algorithm along with hashing technique,hereby allowing computations on encrypted data without the need for decryption.This research paper is composed of four objectives:Analysis of cloud security using Blockchain technology;Exceptional scenario of Blockchain architecture in an enterprise-level MTCE;Implementation of cipher-text policy attribute-based encryption(CPABE)algorithm;Implementation of Merkle tree using Ethereum(MTuE)in a Multi-tenant system.Out of these four objectives,the main focus is on the implementation of CP-ABE algorithm.CP-ABE parameters are proposed for different levels of tenants.The levels include inner tenant,outer tenant,Inner-Outer-Tenant,Inner-Outer-External-Tenant,Outer-Inner-Tenant,External-Outer-Inner-Tenant and the parameters such as token,private key,public key,access tree,message,attribute set,node-level,cipher-text,salting which will help in providing better security using CP-ABE algorithm in a multitenant environment(MTE)where tenants can be provided with different levels of security and achieved 92 percentage of authenticity and access-control of the data.展开更多
Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integ...Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity.In this research,an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data.Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data.Merkle Hash tree provides the efficient mapping of data and easily identifies the changesmade in the data due to proper structure.The developed model supports privacy-preserving public auditing to provide a secure cloud storage system.The data owners upload the data in the cloud and edit the data using the private key.An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches.The data files requested by the data owner are audit by a third-party auditor and the multiowner authentication method is applied during the modification process to authenticate the user.The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.展开更多
Blockchain can realize the reliable storage of a large amount of data that is chronologically related and verifiable within the system.This technology has been widely used and has developed rapidly in big data systems...Blockchain can realize the reliable storage of a large amount of data that is chronologically related and verifiable within the system.This technology has been widely used and has developed rapidly in big data systems across various fields.An increasing number of users are participating in application systems that use blockchain as their underlying architecture.As the number of transactions and the capital involved in blockchain grow,ensuring information security becomes imperative.Addressing the verification of transactional information security and privacy has emerged as a critical challenge.Blockchain-based verification methods can effectively eliminate the need for centralized third-party organizations.However,the efficiency of nodes in storing and verifying blockchain data faces unprecedented challenges.To address this issue,this paper introduces an efficient verification scheme for transaction security.Initially,it presents a node evaluation module to estimate the activity level of user nodes participating in transactions,accompanied by a probabilistic analysis for all transactions.Subsequently,this paper optimizes the conventional transaction organization form,introduces a heterogeneous Merkle tree storage structure,and designs algorithms for constructing these heterogeneous trees.Theoretical analyses and simulation experiments conclusively demonstrate the superior performance of this scheme.When verifying the same number of transactions,the heterogeneous Merkle tree transmits less data and is more efficient than traditional methods.The findings indicate that the heterogeneous Merkle tree structure is suitable for various blockchain applications,including the Internet of Things.This scheme can markedly enhance the efficiency of information verification and bolster the security of distributed systems.展开更多
With the rapid development and widespread application of Wireless Body Area Networks(WBANs),the traditional centralized system architecture cannot handle the massive data generated by the edge devices.Meanwhile,in ord...With the rapid development and widespread application of Wireless Body Area Networks(WBANs),the traditional centralized system architecture cannot handle the massive data generated by the edge devices.Meanwhile,in order to ensure the security of physiological privacy data and the identity privacy of patients,this paper presents a privacy protection strategy for Mobile Edge Computing(MEC)enhanced WBANs,which leverages the blockchain-based decentralized MEC paradigm to support efficient transmission of privacy information with low latency,high reliability within a high-demand data security scenario.On this basis,the Merkle tree optimization model is designed to authenticate nodes and to verify the source of physiological data.Furthermore,a hybrid signature algorithm is devised to guarantee the node anonymity with unforgeability,data integrity and reduced delay.The security performance analysis and simulation results show that our proposed strategy not only reduces the delay,but also secures the privacy and transmission of sensitive WBANs data.展开更多
Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mis...Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mischievous goals and makes transmission systems vulnerable against malicious attacks.In this paper we propose an improved Merkle hash tree based secure scheme that can resist current underwater attacks,i.e.,replay attack,fabricated message attack,message-altering attack,and analyst attack.Security analysis is performed to prove that the proposed scheme can resist these types of attacks.Performance evaluations show that the proposed scheme can meet UWAC limitations due to its efficiency regarding energy consumption,communication overhead,and computation cost.展开更多
The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it...The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.展开更多
Zero knowledge sets is a new cryptographic primitive introduced by Micali, Rabin, and Kilian in FOCS 2003. It has been intensively studied recently. However all the existing ZKS schemes follow the basic structure by M...Zero knowledge sets is a new cryptographic primitive introduced by Micali, Rabin, and Kilian in FOCS 2003. It has been intensively studied recently. However all the existing ZKS schemes follow the basic structure by Micali et al. That is, the schemes employ the Merkle tree as a basic structure and mercurial commitments as the commitment units to nodes of the tree. The proof for any query consists of an authentication chain. We propose in this paper a new algebraic scheme that is completely different from all the existing schemes. Our new scheme is computationally secure under the standard strong RSA assumption. Neither mercurial commitments nor tree structure is used in the new construction. In fact, the prover in our construction commits the desired set without any trapdoor information, which is another key important difference from the previous approaches.展开更多
The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it...The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.展开更多
Massive data is written to blockchain systems for the destination of keeping safe. However, existing blockchain protocols still demand that each full node has to contain the entire chain. Most nodes quit because they ...Massive data is written to blockchain systems for the destination of keeping safe. However, existing blockchain protocols still demand that each full node has to contain the entire chain. Most nodes quit because they are unable to grow their storage space with the size of data. As the number of nodes decreases, the security of blockchains would significantly reduce. We present SE-Chain, a novel scale-out blockchain model that improves storage scalability under the premise of ensuring safety and achieves efficient retrieval. The SE-Chain consists of three parts:the data layer, the processing layer and the storage layer. In the data layer, each transaction is stored in the AB-M tree (Adaptive Balanced Merkle tree), which adaptively combines the advantages of balanced binary tree (quick retrieval) and Merkle tree (quick verification). In the processing layer, the full nodes store the part of the complete chain selected by the duplicate ratio regulation algorithm. Meanwhile, the node reliability verification method is used for increasing the stability of full nodes and reducing the risk of imperfect data recovering caused by the reduction of duplicate number in the storage layer. The experimental results on real datasets show that the query time of SE-Chain based on the AB-M tree is reduced by 17% when 16 nodes exist. Overall, SE-Chain improves the storage scalability extremely and implements efficient querying of transactions.展开更多
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signature scheme is constructed, and it is provably existentially unforgeable under adaptive chosen message attack. By decentralizing the initial key generation process of the original scheme within the signature process, a large Merkle tree with 6.87×10^10 possible signatures can be initialized in 590 milliseconds. Storing some small Merkle trees in hard disk and memory can speed up Merkle tree signature scheme. Mekle tree signature schemes are fit for trusted computing platform in most scenarios.
文摘This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.Blockchain can be used in a multi-tenant cloud environment(MTCE)to improve the security of data,as it is a decentralized approach.Data is saved in unaltered form.Also,Blockchain is not owned by a single organization.The encryption process can be done using a Homomorphic encryption(HE)algorithm along with hashing technique,hereby allowing computations on encrypted data without the need for decryption.This research paper is composed of four objectives:Analysis of cloud security using Blockchain technology;Exceptional scenario of Blockchain architecture in an enterprise-level MTCE;Implementation of cipher-text policy attribute-based encryption(CPABE)algorithm;Implementation of Merkle tree using Ethereum(MTuE)in a Multi-tenant system.Out of these four objectives,the main focus is on the implementation of CP-ABE algorithm.CP-ABE parameters are proposed for different levels of tenants.The levels include inner tenant,outer tenant,Inner-Outer-Tenant,Inner-Outer-External-Tenant,Outer-Inner-Tenant,External-Outer-Inner-Tenant and the parameters such as token,private key,public key,access tree,message,attribute set,node-level,cipher-text,salting which will help in providing better security using CP-ABE algorithm in a multitenant environment(MTE)where tenants can be provided with different levels of security and achieved 92 percentage of authenticity and access-control of the data.
基金The Universiti Kebangsaan Malaysia(UKM)Research Grant Scheme FRGS/1/2020/ICT03/UKM/02/6 and GGPM-2020-028 funded this research.
文摘Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity.In this research,an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data.Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data.Merkle Hash tree provides the efficient mapping of data and easily identifies the changesmade in the data due to proper structure.The developed model supports privacy-preserving public auditing to provide a secure cloud storage system.The data owners upload the data in the cloud and edit the data using the private key.An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches.The data files requested by the data owner are audit by a third-party auditor and the multiowner authentication method is applied during the modification process to authenticate the user.The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.
基金funded by the National Natural Science Foundation of China(62072056,62172058)the Researchers Supporting Project Number(RSP2023R102)King Saud University,Riyadh,Saudi Arabia+4 种基金funded by the Hunan Provincial Key Research and Development Program(2022SK2107,2022GK2019)the Natural Science Foundation of Hunan Province(2023JJ30054)the Foundation of State Key Laboratory of Public Big Data(PBD2021-15)the Young Doctor Innovation Program of Zhejiang Shuren University(2019QC30)Postgraduate Scientific Research Innovation Project of Hunan Province(CX20220940,CX20220941).
文摘Blockchain can realize the reliable storage of a large amount of data that is chronologically related and verifiable within the system.This technology has been widely used and has developed rapidly in big data systems across various fields.An increasing number of users are participating in application systems that use blockchain as their underlying architecture.As the number of transactions and the capital involved in blockchain grow,ensuring information security becomes imperative.Addressing the verification of transactional information security and privacy has emerged as a critical challenge.Blockchain-based verification methods can effectively eliminate the need for centralized third-party organizations.However,the efficiency of nodes in storing and verifying blockchain data faces unprecedented challenges.To address this issue,this paper introduces an efficient verification scheme for transaction security.Initially,it presents a node evaluation module to estimate the activity level of user nodes participating in transactions,accompanied by a probabilistic analysis for all transactions.Subsequently,this paper optimizes the conventional transaction organization form,introduces a heterogeneous Merkle tree storage structure,and designs algorithms for constructing these heterogeneous trees.Theoretical analyses and simulation experiments conclusively demonstrate the superior performance of this scheme.When verifying the same number of transactions,the heterogeneous Merkle tree transmits less data and is more efficient than traditional methods.The findings indicate that the heterogeneous Merkle tree structure is suitable for various blockchain applications,including the Internet of Things.This scheme can markedly enhance the efficiency of information verification and bolster the security of distributed systems.
基金This work was supported in part by the National Natural Science Foundation of China(61871062,61771082 and 61901071)in part by the Program for Innovation Team Building at Institutions of Higher Education in Chongqing(CXTDX201601020)+1 种基金Science and Technology Research Program of Chongqing Municipal Education Commission(KJQN201800615)General Project of Natural Science Foundation of Chongqing(cstc2019jcyj-msxm1238).
文摘With the rapid development and widespread application of Wireless Body Area Networks(WBANs),the traditional centralized system architecture cannot handle the massive data generated by the edge devices.Meanwhile,in order to ensure the security of physiological privacy data and the identity privacy of patients,this paper presents a privacy protection strategy for Mobile Edge Computing(MEC)enhanced WBANs,which leverages the blockchain-based decentralized MEC paradigm to support efficient transmission of privacy information with low latency,high reliability within a high-demand data security scenario.On this basis,the Merkle tree optimization model is designed to authenticate nodes and to verify the source of physiological data.Furthermore,a hybrid signature algorithm is devised to guarantee the node anonymity with unforgeability,data integrity and reduced delay.The security performance analysis and simulation results show that our proposed strategy not only reduces the delay,but also secures the privacy and transmission of sensitive WBANs data.
文摘Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mischievous goals and makes transmission systems vulnerable against malicious attacks.In this paper we propose an improved Merkle hash tree based secure scheme that can resist current underwater attacks,i.e.,replay attack,fabricated message attack,message-altering attack,and analyst attack.Security analysis is performed to prove that the proposed scheme can resist these types of attacks.Performance evaluations show that the proposed scheme can meet UWAC limitations due to its efficiency regarding energy consumption,communication overhead,and computation cost.
基金This work was supported by National Natural Science Foundation of China(Grant No.61379141 and No.61772521)Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035),and the Open Project Program of the State Key Laboratory of Cryptology.
文摘The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
基金This work is supported by NSF of USA under Grant Nos.IIS-0430274, and CCR-0325951, and sponsors of CERIASRui Xue is partially supported by the Fund of the China Scholarship Council, partially by National Natural Science Foundation of China under Grant No.60773029+1 种基金National Grand Fundamental Research 973 Program of China under Grant No.2007CB311202the National High Technology Research and Development 863 Program of China under Grant No.2006AA01Z427.
文摘Zero knowledge sets is a new cryptographic primitive introduced by Micali, Rabin, and Kilian in FOCS 2003. It has been intensively studied recently. However all the existing ZKS schemes follow the basic structure by Micali et al. That is, the schemes employ the Merkle tree as a basic structure and mercurial commitments as the commitment units to nodes of the tree. The proof for any query consists of an authentication chain. We propose in this paper a new algebraic scheme that is completely different from all the existing schemes. Our new scheme is computationally secure under the standard strong RSA assumption. Neither mercurial commitments nor tree structure is used in the new construction. In fact, the prover in our construction commits the desired set without any trapdoor information, which is another key important difference from the previous approaches.
基金supported by National Natural Science Foundation of China(Grant No.61379141 and No.61772521)Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035)the Open Project Program of the State Key Laboratory of Cryptology.
文摘The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
基金supported in part by the National Natural Science Foundation of China under Grant Nos.61472069,61402089 and U1401256China Postdoctoral Science Foundation under Grant Nos.2019T120216 and 2018M641705the Fundamental Research Funds for the Central Universities of China under Grant Nos.N2019007,N180408019 and N180101028.
文摘Massive data is written to blockchain systems for the destination of keeping safe. However, existing blockchain protocols still demand that each full node has to contain the entire chain. Most nodes quit because they are unable to grow their storage space with the size of data. As the number of nodes decreases, the security of blockchains would significantly reduce. We present SE-Chain, a novel scale-out blockchain model that improves storage scalability under the premise of ensuring safety and achieves efficient retrieval. The SE-Chain consists of three parts:the data layer, the processing layer and the storage layer. In the data layer, each transaction is stored in the AB-M tree (Adaptive Balanced Merkle tree), which adaptively combines the advantages of balanced binary tree (quick retrieval) and Merkle tree (quick verification). In the processing layer, the full nodes store the part of the complete chain selected by the duplicate ratio regulation algorithm. Meanwhile, the node reliability verification method is used for increasing the stability of full nodes and reducing the risk of imperfect data recovering caused by the reduction of duplicate number in the storage layer. The experimental results on real datasets show that the query time of SE-Chain based on the AB-M tree is reduced by 17% when 16 nodes exist. Overall, SE-Chain improves the storage scalability extremely and implements efficient querying of transactions.
