Comparative Study of the Reliability and Complexity of Symmetrical and Asymmetrical Cryptosystems for the Protection of Academic Data in the Democratic Republic of Congo

In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any modern company. A companys operational and historical data contains strategic and operational knowledge of ever-increasing added value. The emergence of a new paradigm: big data. Today, the value of the data scattered throughout this mother of knowledge is calculated in billions of dollars, depending on its size, scope and area of intervention. With the rise of computer networks and distributed systems, the threats to these sensitive resources have steadily increased, jeopardizing the existence of the company itself by drying up production and losing the interest of customers and suppliers. These threats range from sabotage to bankruptcy. For several decades now, most companies have been using encryption algorithms to protect and secure their information systems against the threats and dangers posed by the inherent vulnerabilities of their infrastructure and the current economic climate. This vulnerability requires companies to make the right choice of algorithms to implement in their management systems. For this reason, the present work aims to carry out a comparative study of the reliability and effectiveness of symmetrical and asymmetrical cryptosystems, in order to identify one or more suitable for securing academic data in the DRC. The analysis of the robustness of commonly used symmetric and asymmetric cryptosystems will be the subject of simulations in this article.

Verifiable searchable symmetric encryption for conjunctive keyword queries in cloud storage

Searchable symmetric encryption(SSE)has been introduced for secure outsourcing the encrypted database to cloud storage,while maintaining searchable features.Of various SSE schemes,most of them assume the server is honest but curious,while the server may be trustless in the real world.Considering a malicious server not honestly performing the queries,verifiable SSE(VSSE)schemes are constructed to ensure the verifiability of the search results.However,existing VSSE constructions only focus on single-keyword search or incur heavy computational cost during verification.To address this challenge,we present an efficient VSSE scheme,built on OXT protocol(Cash et al.,CRYPTO 2013),for conjunctive keyword queries with sublinear search overhead.The proposed VSSE scheme is based on a privacy-preserving hash-based accumulator,by leveraging a well-established cryptographic primitive,Symmetric Hidden Vector Encryption(SHVE).Our VSSE scheme enables both correctness and completeness verifiability for the result without pairing operations,thus greatly reducing the computational cost in the verification process.Besides,the proposed VSSE scheme can still provide a proof when the search result is empty.Finally,the security analysis and experimental evaluation are given to demonstrate the security and practicality of the proposed scheme.

Construction of a key-dependent message secure symmetric encryption scheme in the ideal cipher model

Key-dependent message （KDM） security is an important security issue that has attracted much research in recent years. In this paper, we present a new construction of the symmetric encryption scheme in the the ideal cipher model （ICM）; we prove that our scheme is KDM secure against active attacks with respect to arbitrary polynomialtime challenge functions. Our main idea is to introduce a universal hash function （UHF） h as a random value for each encrypfion, and then use s = h（sk） as the key of the ideal cipher F, where sk is the private key of our symmetric encryption scheme. Although many other schemes that are secure against KDM attacks have already been proposed, in both the ideal standard models, the much more significance of our paper is the simplicity in which we implement KDM security against active attacks.

A Secure Three-Party Authenticated Key Exchange Protocol for Social Networks

The 3PAKE(Three-Party Authenticated Key Exchange)protocol is a valuable cryptographic method that offers safe communication and permits two diverse parties to consent to a new safe meeting code using the trusted server.There have been explored numerous 3PAKE protocols earlier to create a protected meeting code between users employing the trusted server.However,existing modified 3PAKE protocols have numerous drawbacks and are incapable to provide desired secrecy against diverse attacks such as manin-the-middle,brute-force attacks,and many others in social networks.In this article,the authors proposed an improved as well as safe 3PAKE protocol based on the hash function and the symmetric encryption for the social networks.The authors utilized a well-acknowledged AVISPA tool to provide security verification of the proposed 3PAKE technique,and findings show that our proposed protocol is safer in opposition to active as well as passive attacks namely the brute-force,man-in-the-middle,parallel attack,and many more.Furthermore,compared to other similar schemes,the proposed protocol is built with a reduced computing cost as our proposed protocol consumes less time in execution and offers high secrecy in the social networks with improved accuracy.As a result,this verified scheme is more efficient as well as feasible for implementation in the social networks in comparison to previous security protocols.Although multifarious authors carried out extensive research on 3PAKE protocols to offer safe communication,still there are vital opportunities to explore and implement novel improved protocols for higher safety in the social networks and mobile commerce environment in the future in opposition to diverse active as well as passive attacks.

Message Authentication with a New Quantum Hash Function

To ensure the security during the communication,we often adopt different ways to encrypt the messages to resist various attacks.However,with the computing power improving,the existing encryption and authentication schemes are being faced with big challenges.We take the message authentication as an example into a careful consideration.Then,we proposed a new message authentication scheme with the Advanced Encryption Standard as the encryption function and the new quantum Hash function as the authentication function.Firstly,the Advanced Encryption Standard algorithm is used to encrypt the result of the initial message cascading the corresponding Hash values,which ensures that the initial message can resist eavesdropping attack.Secondly,utilizing the new quantum Hash function with quantum walks can be much more secure than traditional classical Hash functions with keeping the common properties,such as one-wayness,resisting different collisions and easy implementation.Based on these two points,the message authentication scheme can be much more secure than previous ones.Finally,it is a new way to design the message authentication scheme,which provides a new thought for other researchers in the future.Our works will contribute to the study on the new encryption and authentication functions and the combination of quantum computing with traditional cryptology in the future.

Secure and Robust Optical Multi-Stage Medical Image Cryptosystem

Due to the rapid growth of telemedicine and healthcare services,color medical image security applications have been expanded precipitously.In this paper,an asymmetric PTFrFT(Phase Truncated Fractional Fourier Transform)-based color medical image cryptosystem is suggested.Two different phases in the fractional Fourier and output planes are provided as deciphering keys.Accordingly,the ciphering keys will not be employed for the deciphering procedure.Thus,the introduced PTFrFT algorithm comprises asymmetric ciphering and deciphering processes in contrast to the traditional optical symmetric OSH(Optical Scanning Holography)and DRPE(Double Random Phase Encoding)algorithms.One of the principal impacts of the introduced asymmetric cryptosystem is that it eliminates the onedimensionality aspects of the related symmetric cryptosystems due to its remarkable feature of phase nonlinear truncation components.More comparisons on various colormedical images are examined and analyzed to substantiate the cryptosystem efficacy.The achieved experimental outcomes ensure that the introduced cryptosystem is robust and secure.It has terrific cryptography performance compared to conventional cryptography algorithms,even in the presence of noise and severe channel attacks.

Secure searchable encryption:a survey

Cloud computing facilitates convenient and on-demand network access to a centralized pool of resources.Currently,many users prefer to outsource data to the cloud in order to mitigate the burden of local storage.However,storing sensitive data on remote servers poses privacy challenges and is currently a source of concern.SE(Searchable Encryption)is a positive way to protect users sensitive data,while preserving search ability on the server side.SE allows the server to search encrypted data without leaking information in plaintext data.The two main branches of SE are SSE(Searchable Symmetric Encryption)and PEKS(Public key Encryption with Keyword Search).SSE allows only private key holders to produce ciphertexts and to create trapdoors for search,whereas PEKS enables a number of users who know the public key to produce ciphertexts but allows only the private key holder to create trapdoors.This article surveys the two main techniques of SE:SSE and PEKS.Different SE schemes are categorized and compared in terms of functionality,efficiency,and security.Moreover,we point out some valuable directions for future work on SE schemes.

Towards privacy-preserving dynamic deep packet inspection over outsourced

The prosperity of network function virtualization(NFV)pushes forward the paradigm of migrating in-house middleboxes to third-party providers,i.e.,software(virtualized)middlebox services.A lot of enterprises have outsourced traffic processing such as deep packet inspection(DPI),traffic classification,and load balancing to middleboxes provided by cloud providers.However,if the traffic is forwarded to the cloud provider without careful processing,it will cause privacy leakage,as the cloud provider has all the rights to access the data.To solve the security issue,recent efforts are made to design secure middleboxes that can directly conduct network functions over encrypted traffic and middlebox rules.However,security concerns from dynamic operations like dynamic DPI and rule updates are still not yet fully addressed.In this paper,we propose a privacy-preserving dynamic DPI scheme with forward privacy for outsourced middleboxes.Our design can enable cloud side middlebox to conduct secure packet inspection over encrypted traffic data.Besides,the middlebox providers cannot analyze the relationship between the newly added rules and the previous data.Several recent papers have proven that it is a strong property that resist adaptive attacks.Furthermore,we design a general method to inspect stateful packets while still ensuring the state privacy protection.We formally define and prove the security of our design.Finally,we implement a system prototype and analyze the performance from experimental aspects.The evaluation results demonstrate our scheme is effective and efficient.

A short non-delegatable strong designated verifier signature

A non-delegatable strong designated verifier signature （NSDVS） enforces verification of a signature by a designated verifier only. The concept is useful in various commercial cryptographic applications such as copyright protection, e-voting, and e-libraries. This paper reports the shortest NSDVS so far that consists of only two elements. The scheme is inspired by an identification scheme and Cramer et al.＇s OR-proof technique where a prover can prove that he knows at least one out two secrets. It is solidified by a symmetric key based group to group encryption algorithm. Two implementations of the algorithm are reported. The scheme is provably secure with respect to its properties of unforgeability, non-transferability, privacy of signer＇s identity, and non-delegatability.