A Secure Signcryption Scheme for Electronic Health Records Sharing in Blockchain

In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.

Task-Attribute-Based Access Control Scheme for IoT via Blockchain

As a new form of network,the Internet of things(IoT)is becoming more widely used in people’s lives.In this paper,related theoretical research and practical applications of the IoT are explored.The security of the IoT has become a hot research topic.Access controls are methods that control reasonable allocations of data and resources and ensure the security of the IoT.However,most access control systems do not dynamically assign users’rights.Additionally,with some access control systems,there is a risk of overstepping other user’s authority,and there may exist a central authority that is a single point of failure.Therefore,to solve these problems,this paper proposes a Task-Attribute-Based Access Control scheme for the IoT via blockchain that combines the access control technologies of both the IoT and blockchain.This model,which merges the advantages of task-based access controls and attribute-based access controls,is perfectly integrated with blockchain technology.This model uses hash functions and digital signature algorithms to ensure the authenticity and integrity of the data,and it can dynamically allocate users’minimum privileges and thus perfectly solves the single point of failure problem.The model is implemented using a Geth client and solidity code,and the simulation results demonstrate the effectiveness of the model.

A Scalable Double-Chain Storage Module for Blockchain

With the growing maturity of blockchain technology,its peer-topeer model and fully duplicated data storage pattern enable blockchain to act as a distributed ledger in untrustworthy environments.Blockchain storage has also become a research hotspot in industry,finance,and academia due to its security,and its unique data storage management model is gradually becoming a key technology to play its value in various fields’applications.However,with the increasing amount of data written into the blockchain,the blockchain system faces many problems in its actual implementation of the application,such as high storage space occupation,low data flexibility and availability,low retrieval efficiency,poor scalability,etc.To improve the above problems,this paper combines off-chain storage technology and deduplication technology to optimize the blockchain storage model.Firstly,this paper adopts the double-chain model to reduce the data storage of the major chain system,which stores a small amount of primary data and supervises the vice chain through an Application Programming Interface(API).The vice chain stores a large number of copies of data as well as non-transactional data.Our model divides the vice chain storage system into two layers,including a storage layer and a processing layer.In the processing layer,deduplication technology is applied to reduce the redundancy of vice chain data.Our doublechain storage model with high scalability enhances data flexibility,is more suitable as a distributed storage system,and performs well in data retrieval.

A Dynamic Reputation–based Consensus Mechanism for Blockchain

In recent years,Blockchain is gaining prominence as a hot topic in academic research.However,the consensus mechanism of blockchain has been criticized in terms of energy consumption and performance.Although Proof-of-Authority(PoA)consensus mechanism,as a lightweight consensus mechanism,is more efficient than traditional Proof-of-Work(PoW)and Proof-of-Stake(PoS),it suffers from the problem of centralization.To this end,on account of analyzing the shortcomings of existing consensus mechanisms,this paper proposes a dynamic reputation-based consensus mechanism for blockchain.This scheme allows nodes with reputation value higher than a threshold apply to become a monitoring node,which can monitor the behavior of validators in case that validators with excessive power cause harm to the blockchain network.At the same time,the reputation evaluation algorithm is also introduced to select nodes with high reputation to become validators in the network,thus increasing the cost of malicious behavior.In each consensus cycle,validators and monitoring nodes are dynamically updated according to the reputation value.Through security analysis,it is demonstrated that the scheme can resist the attacks of malicious nodes in the blockchain network.By simulation experiments and analysis of the scheme,the result verifies that the mechanism can effectively improve the fault tolerance of the consensus mechanism,reduce the time of consensus to guarantee the security of the system.

Clustering Collision Power Attack on RSA-CRT

In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.