Outsourcing the Unsigncryption of Compact Attribute-Based Signcryption for General Circuits

In the driven of big data, social computing and information security is undergoing rapid development and beginning to cross. This paper describes a key-policy attribute-based signcryption scheme which has less computation costs than existing similar schemes by utilizing secure outsourcing of scientific computation in cloud computing and eliminates overhead for users, the ciphertext is short, compact, the correctness of transformation algorithm is verifiable. The decrease of ciphertext is 17 %. Additionally, new scheme remits the key escrow problem and is proven selective security in the standard model, it could be verified publicly, applied in mobile devices.

Quantum-Resistant Multi-Feature Attribute-Based Proxy Re-Encryption Scheme for Cloud Services

Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure.

Reversible Data Hiding Algorithm in Encrypted Images Based on Adaptive Median Edge Detection and Ciphertext-Policy Attribute-Based Encryption

With the rapid advancement of cloud computing technology,reversible data hiding algorithms in encrypted images(RDH-EI)have developed into an important field of study concentrated on safeguarding privacy in distributed cloud environments.However,existing algorithms often suffer from low embedding capacities and are inadequate for complex data access scenarios.To address these challenges,this paper proposes a novel reversible data hiding algorithm in encrypted images based on adaptive median edge detection(AMED)and ciphertext-policy attributebased encryption(CP-ABE).This proposed algorithm enhances the conventional median edge detection(MED)by incorporating dynamic variables to improve pixel prediction accuracy.The carrier image is subsequently reconstructed using the Huffman coding technique.Encrypted image generation is then achieved by encrypting the image based on system user attributes and data access rights,with the hierarchical embedding of the group’s secret data seamlessly integrated during the encryption process using the CP-ABE scheme.Ultimately,the encrypted image is transmitted to the data hider,enabling independent embedding of the secret data and resulting in the creation of the marked encrypted image.This approach allows only the receiver to extract the authorized group’s secret data,thereby enabling fine-grained,controlled access.Test results indicate that,in contrast to current algorithms,the method introduced here considerably improves the embedding rate while preserving lossless image recovery.Specifically,the average maximum embedding rates for the(3,4)-threshold and(6,6)-threshold schemes reach 5.7853 bits per pixel(bpp)and 7.7781 bpp,respectively,across the BOSSbase,BOW-2,and USD databases.Furthermore,the algorithm facilitates permission-granting and joint-decryption capabilities.Additionally,this paper conducts a comprehensive examination of the algorithm’s robustness using metrics such as image correlation,information entropy,and number of pixel change rate(NPCR),confirming its high level of security.Overall,the algorithm can be applied in a multi-user and multi-level cloud service environment to realize the secure storage of carrier images and secret data.

The New Attribute-Based Generalized Signcryption Scheme

An attribute-based generalized signcryption scheme based on bilinear pairing has been proposed. By changing attributes, encryption-only mode, signature-only mode, and signcryption mode can be switch adaptively. It shows that the scheme achieves the semantic security under the decisional bilinear Diffie- Hellman assumption and achieves the unforgeability under the computational Diffie-Hellman assumption. It is more efficient than traditional way and can be used to secure the big data in networks.

Efficient Multi-Authority Attribute-Based Searchable Encryption Scheme with Blockchain Assistance for Cloud-Edge Coordination

Cloud storage and edge computing are utilized to address the storage and computational challenges arising from the exponential data growth in IoT.However,data privacy is potentially risky when data is outsourced to cloud servers or edge services.While data encryption ensures data confidentiality,it can impede data sharing and retrieval.Attribute-based searchable encryption(ABSE)is proposed as an effective technique for enhancing data security and privacy.Nevertheless,ABSE has its limitations,such as single attribute authorization failure,privacy leakage during the search process,and high decryption overhead.This paper presents a novel approach called the blockchain-assisted efficientmulti-authority attribute-based searchable encryption scheme(BEM-ABSE)for cloudedge collaboration scenarios to address these issues.BEM-ABSE leverages a consortium blockchain to replace the central authentication center for global public parameter management.It incorporates smart contracts to facilitate reliable and fair ciphertext keyword search and decryption result verification.To minimize the computing burden on resource-constrained devices,BEM-ABSE adopts an online/offline hybrid mechanism during the encryption process and a verifiable edge-assisted decryption mechanism.This ensures both low computation cost and reliable ciphertext.Security analysis conducted under the random oracle model demonstrates that BEM-ABSE is resistant to indistinguishable chosen keyword attacks(IND-CKA)and indistinguishable chosen plaintext attacks(INDCPA).Theoretical analysis and simulation results confirm that BEM-ABSE significantly improves computational efficiency compared to existing solutions.

Heterogeneous Fault-Tolerant Aggregate Signcryption with Equality Test for Vehicular Sensor Networks

The vehicular sensor network (VSN) is an important part of intelligent transportation, which is used for real-timedetection and operation control of vehicles and real-time transmission of data and information. In the environmentofVSN, massive private data generated by vehicles are transmitted in open channels and used by other vehicle users,so it is crucial to maintain high transmission efficiency and high confidentiality of data. To deal with this problem, inthis paper, we propose a heterogeneous fault-tolerant aggregate signcryption scheme with an equality test (HFTASET).The scheme combines fault-tolerant and aggregate signcryption,whichnot onlymakes up for the deficiency oflow security of aggregate signature, but alsomakes up for the deficiency that aggregate signcryption cannot tolerateinvalid signature. The scheme supports one verification pass when all signcryptions are valid, and it supportsunbounded aggregation when the total number of signcryptions grows dynamically. In addition, this schemesupports heterogeneous equality test, and realizes the access control of private data in different cryptographicenvironments, so as to achieve flexibility in the application of our scheme and realize the function of quick searchof plaintext or ciphertext. Then, the security of HFTAS-ET is demonstrated by strict theoretical analysis. Finally, weconduct strict and standardized experimental operation and performance evaluation, which shows that the schemehas better performance.

Efficient Expressive Attribute-Based Encryption with Keyword Search over Prime-Order Groups

Attribute-based encryption with keyword search(ABEKS)is a novel cryptographic paradigm that can be used to implementfine-grained access control and retrieve ciphertexts without disclosing the sensitive information.It is a perfect combination of attribute-based encryption(ABE)and public key encryption with keyword search(PEKS).Nevertheless,most of the existing ABEKS schemes have limited search capabilities and only support single or simple conjunctive keyword search.Due to the weak search capability and inaccurate search results,it is difficult to apply these schemes to practical applications.In this paper,an effi-cient expressive ABEKS(EABEKS)scheme supporting unbounded keyword uni-verse over prime-order groups is designed,which supplies the expressive keyword search function supporting the logical connectives of“AND”and“OR”.The proposed scheme not only leads to low computation and communica-tion costs,but also supports unbounded keyword universe.In the standard model,the scheme is proven to be secure under the chosen keyword attack and the cho-sen plaintext attack.The comparison analysis and experimental results show that it has better performance than the existing EABEKS schemes in the storage,com-putation and communication costs.

Provably Secure Certificateless Ring Signcryption Scheme

Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.

Efficient and Provably Secure Multi-Recipient Signcryption from Bilinear Pairings

Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.

Certificateless Proxy Identity-Based Signcryption Scheme Without Bilinear Pairings

Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi- cient way. Certificateless signcryption and pro- xy signcryption in identity-based cryptography were proposed for different applications. Most of these schemes are constructed by bilinear pairings from elliptic curves. However, some schemes were recently presented without pai- rings. In this paper, we present a certificateless proxy identity-based signcryption scheme with- out bilinear pairings, which is efficient and secure.

Provably Secure General Aggregate Signcryption Scheme in the Random Oracle Model

To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.

Efficient Identity Based Signcryption Scheme with Public Verifiability and Forward Security

In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater’s one.

Secure and efficient multi-message and multi-receiver ID-based signcryption for rekeying in ad hoc networks

In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.

Cryptanalysis and Improvement of Signcryption Schemes on Elliptic Curves

In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.

Substring-searchable attribute-based encryption and its application for IoT devices

With the development of big data and cloud computing technology,more and more users choose to store data on cloud servers,which brings much convenience to their management and use of data,and also the risk of data leakage.A common method to prevent data leakage is to encrypt the data before uploading it,but the traditional encryption method is often not conducive to data sharing and querying.In this paper,a new kind of Attribute-Based Encryption(ABE)scheme,which is called the Sub-String Searchable ABE(SSS-ABE)scheme,is proposed for the sharing and querying of the encrypted data.In the SSS-ABE scheme,the data owner encrypts the data under an access structure,and only the data user who satisfies the access structure can query and decrypt it.The data user can make a substring query on the whole ciphertext without setting keywords in advance.In addition,the outsourcing method is also introduced to reduce the local computation of the decryption process so that the outsourcing SSS-ABE scheme can be applied to IoT devices.

Multi-Receiver Signcryption Scheme with Multiple Key Generation Centers through Public Channel in Edge Computing

The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.

Attribute-Based Re-Encryption Scheme in the Standard Model

In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.

A Novel Attribute-Based Encryption Approach with Integrity Verification for CAD Assembly Models

Cloud manufacturing is one of the three key technologies that enable intelligent manufacturing.This paper presents a novel attribute-based encryption(ABE)approach for computer-aided design(CAD)assembly models to effectively support hierarchical access control,integrity verification,and deformation protection for co-design scenarios in cloud manufacturing.An assembly hierarchy access tree(AHAT)is designed as the hierarchical access structure.Attribute-related ciphertext elements,which are contained in an assembly ciphertext(ACT)file,are adapted for content keys decryption instead of CAD component files.We modify the original Merkle tree(MT)and reconstruct an assembly MT.The proposed ABE framework has the ability to combine the deformation protection method with a content privacy of CAD models.The proposed encryption scheme is demonstrated to be secure under the standard assumption.Experimental simulation on typical CAD assembly models demonstrates that the proposed approach is feasible in applications.

A Secure Signcryption Scheme for Electronic Health Records Sharing in Blockchain

In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.

Attribute-Based Keyword Search over the Encrypted Blockchain

To address privacy concerns, data in the blockchain should be encrypted in advance to avoid data access fromall users in the blockchain. However, encrypted data cannot be directly retrieved, which hinders data sharing inthe blockchain. Several works have been proposed to deal with this problem. However, the data retrieval in theseschemes requires the participation of data owners and lacks finer-grained access control. In this paper, we proposean attribute-based keyword search scheme over the encrypted blockchain, which allows users to search encryptedfiles over the blockchain based on their attributes. In addition, we build a file chain structure to improve theefficiency of searching files with the same keyword. Security analysis proves the security of the proposed scheme.Theoretical analysis and experimental results in performance evaluation show that our scheme is feasible andefficient.