With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.Howe...With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.However,with the continuous development of quantum computing,the standard Public-key Encryption with Keyword Search(PEKS)scheme cannot resist quantumbased keyword guessing attacks.Further,the credibility of the server also poses a significant threat to the security of the retrieval process.This paper proposes a searchable encryption scheme based on lattice cryptography using blockchain to address the above problems.Firstly,we design a lattice-based encryption primitive to resist quantum keyword guessing attacks.Moreover,blockchain is to decentralize the cloud storage platform’s jurisdiction of data.It also ensures that the traceability of keyword retrieval process and maintains the credibility of search result,which malicious platforms are prevented as much as possible from deliberately sending wrong search results.Last but not least,through security analysis,our proposed scheme satisfies the credibility and unforgeability of the keyword ciphertext.The comprehensive performance evaluates that our scheme has certain advantages in terms of efficiency compared with others.展开更多
We introduce a practical method to perform private membership tests.In this method,clients are able to test whether an item is in a set controlled by the server without revealing their query item to the server.After e...We introduce a practical method to perform private membership tests.In this method,clients are able to test whether an item is in a set controlled by the server without revealing their query item to the server.After executing the queries,the content of the server's set remains secret.One use case for a private membership test is to check whether a file contains any malware by checking its signature against a database of malware samples in a privacy-preserving way.We apply the Bloom filter and the Cuckoo filter in the membership test procedure.In order to achieve privacy properties,we present a novel protocol based on some homomorphic encryption schemes.In our protocol,we rearrange the data in the set into N-dimensional hypercubes.We have implemented our method in a realistic scenario where a client of an anti-malware company wants to privately check whether a hash value of a given file is in the malware database of the company.The evaluation shows that our method is feasible for real-world applications.We also have tested the performance of our protocol for databases of different sizes and data structures with different dimensions:2-dimensional,3-dimensional,and 4-dimensional hypercubes.We present formulas to estimate the cost of computation and communication in our protocol.展开更多
Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesd...Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesdropper,who will be able to destroy the authentication function.Afterwards,he or she can acquire the secret transmitted message or even modify it while escaping detection,by implementing an efficient man-in-the-middle attack.Furthermore,we show a simple scheme to defend this attack,that is,applying non-reusable identity strings.展开更多
基金This work was supported by the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province(Grant No.SKLACSS-202101)NSFC(Grant Nos.62176273,61962009,U1936216)+3 种基金the Foundation of Guizhou Provincial Key Laboratory of Public Big Data(No.2019BDKFJJ010,2019BDKFJJ014)the Fundamental Research Funds for Beijing Municipal Commission of Education,Beijing Urban Governance Research Base of North China University of Technology,the Natural Science Foundation of Inner Mongolia(2021MS06006)Baotou Kundulun District Science and technology plan project(YF2020013)Inner Mongolia discipline inspection and supervision big data laboratory open project fund(IMDBD2020020).
文摘With the increasing popularity of cloud storage,data security on the cloud has become increasingly visible.Searchable encryption has the ability to realize the privacy protection and security of data in the cloud.However,with the continuous development of quantum computing,the standard Public-key Encryption with Keyword Search(PEKS)scheme cannot resist quantumbased keyword guessing attacks.Further,the credibility of the server also poses a significant threat to the security of the retrieval process.This paper proposes a searchable encryption scheme based on lattice cryptography using blockchain to address the above problems.Firstly,we design a lattice-based encryption primitive to resist quantum keyword guessing attacks.Moreover,blockchain is to decentralize the cloud storage platform’s jurisdiction of data.It also ensures that the traceability of keyword retrieval process and maintains the credibility of search result,which malicious platforms are prevented as much as possible from deliberately sending wrong search results.Last but not least,through security analysis,our proposed scheme satisfies the credibility and unforgeability of the keyword ciphertext.The comprehensive performance evaluates that our scheme has certain advantages in terms of efficiency compared with others.
基金This work was supported in part by Tekes project"Cloudassisted Security Services"grant number 3887/31/2016 and by the Academy of Finland project"Cloud Security Services"(283135).
文摘We introduce a practical method to perform private membership tests.In this method,clients are able to test whether an item is in a set controlled by the server without revealing their query item to the server.After executing the queries,the content of the server's set remains secret.One use case for a private membership test is to check whether a file contains any malware by checking its signature against a database of malware samples in a privacy-preserving way.We apply the Bloom filter and the Cuckoo filter in the membership test procedure.In order to achieve privacy properties,we present a novel protocol based on some homomorphic encryption schemes.In our protocol,we rearrange the data in the set into N-dimensional hypercubes.We have implemented our method in a realistic scenario where a client of an anti-malware company wants to privately check whether a hash value of a given file is in the malware database of the company.The evaluation shows that our method is feasible for real-world applications.We also have tested the performance of our protocol for databases of different sizes and data structures with different dimensions:2-dimensional,3-dimensional,and 4-dimensional hypercubes.We present formulas to estimate the cost of computation and communication in our protocol.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61272057 and 61170270)
文摘Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesdropper,who will be able to destroy the authentication function.Afterwards,he or she can acquire the secret transmitted message or even modify it while escaping detection,by implementing an efficient man-in-the-middle attack.Furthermore,we show a simple scheme to defend this attack,that is,applying non-reusable identity strings.
