Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its ap...Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.展开更多
We present a scheme for quantum privacy amplification (QPA) for a sequence of single qubits. The QPA procedure uses a unitary operation with two controlled-not gates and a Hadamard gate. Every two qubits are perform...We present a scheme for quantum privacy amplification (QPA) for a sequence of single qubits. The QPA procedure uses a unitary operation with two controlled-not gates and a Hadamard gate. Every two qubits are performed with the unitary gate operation, and a measurement is made on one photon and the other one is retained. The retained qubit carries the state information of the discarded one. In this way, the information leakage is reduced. The procedure can be performed repeatedly so that the information leakage is reduced to any arbitrarily low level. With this QPA scheme, the quantum secure direct communication with single qubits can be implemented with arbitrarily high security. We also exploit this scheme to do privacy amplification on the single qubits in quantum information sharing for long-distance communication with quantum repeaters.展开更多
While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contrad...While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.展开更多
Security has been regarded as one of the hardest problems in the development of cloud computing. This paper proposes an AllianceAuthentication protocol among Hybrid Clouds that include multiple private clouds and/or p...Security has been regarded as one of the hardest problems in the development of cloud computing. This paper proposes an AllianceAuthentication protocol among Hybrid Clouds that include multiple private clouds and/or public clouds. Mu tual authentication protocol among entities in the IntraCloud and InterCloud is proposed. Blind signature and bilinear mapping of automorphism groups are adopted to achieve the InterCloud Alli anceAuthentication, which overcome the complexi ty of certificate transmission and the problem of communication bottlenecks that happen in tradi tional certificatebased scheme. Blind key, instead of private key, is adopted for register, which avoids展开更多
Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the app...Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.展开更多
Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as IT...Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.展开更多
We present a quantum probabilistic encryption algorithm for a private-key encryption scheme based on conjugate coding of the qubit string. A probabilistic encryption algorithm is generally adopted in public-key encryp...We present a quantum probabilistic encryption algorithm for a private-key encryption scheme based on conjugate coding of the qubit string. A probabilistic encryption algorithm is generally adopted in public-key encryption protocols. Here we consider the way it increases the unicity distance of both classical and quantum private-key encryption schemes. The security of quantum probabilistic privatekey encryption schemes against two kinds of attacks is analyzed. By using the no-signalling postulate, we show that the scheme can resist attack to the key. The scheme's security against plaintext attack is also investigated by considering the information-theoretic indistinguishability of the encryption scheme. Finally, we make a conjecture regarding Breidbart's attack.展开更多
Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect ...Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private (signing) key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature (IBTKIS) scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme' s security is proven in the random oracle model and rests on the hardness of the computational Diffie-Helhnan problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now.展开更多
Protection of private key is the most critical part in public key infrastructure(PKI) system since it depends on the confidentiality of private key. Thread of password detection has been known as the vulnerability in ...Protection of private key is the most critical part in public key infrastructure(PKI) system since it depends on the confidentiality of private key. Thread of password detection has been known as the vulnerability in this PKI system. Recently, studies have been conducted on Bio PKI system that uses the biometric information of users in order to replace the password type of private key protection in PKI system. However, Bio PKI system also has vulnerability in that biometric information used for protection of private key cannot be reused once it is stolen or lost. So, we propose the method to protect the private key using FIDSEQi which binds sequence to biometric information. The proposed method enhances reusability of biometric information and presents higher attack complexity than the method of authentication by cross matching single biometric information.展开更多
Existing location privacy- preserving methods, without a trusted third party, cannot resist conspiracy attacks and active attacks. This paper proposes a novel solution for location based service (LBS) in vehicular a...Existing location privacy- preserving methods, without a trusted third party, cannot resist conspiracy attacks and active attacks. This paper proposes a novel solution for location based service (LBS) in vehicular ad hoc network (VANET). Firstly, the relationship among anonymity degree, expected company area and vehicle density is discussed. Then, a companion set F is set up by k neighbor vehicles. Based on secure multi-party computation, each vehicle in V can compute the centroid, not revealing its location to each other. The centroid as a cloaking location is sent to LBS provider (P) and P returns a point of interest (POI). Due to a distributed secret sharing structure, P cannot obtain the positions of non-complicity vehicles by colluding with multiple internal vehicles. To detect fake data from dishonest vehicles, zero knowledge proof is adopted. Comparing with other related methods, our solution can resist passive and active attacks from internal and external nodes. It provides strong privacy protection for LBS in VANET.展开更多
Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signat...Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al.(2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.展开更多
An arbitrated quantum signature scheme without using entangled states is proposed.In the scheme,by employing a classical hash function and random numbers,the secret keys of signer and receiver can be reused.It is show...An arbitrated quantum signature scheme without using entangled states is proposed.In the scheme,by employing a classical hash function and random numbers,the secret keys of signer and receiver can be reused.It is shown that the proposed scheme is secure against several well-known attacks.Specifically,it can stand against the receiver’s disavowal attack.Moreover,compared with previous relevant arbitrated quantum signature schemes,the scheme proposed has the advantage of less transmission complexity.展开更多
文摘Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.
基金The project supported by the National Fundamental Research Program of China under Grant No. 001CB309308, National Natural Science Foundation of China under Grant Nos. 60433050, 10325521, and 10447106, and the SRFDP Program of Ministry of Education of China
文摘We present a scheme for quantum privacy amplification (QPA) for a sequence of single qubits. The QPA procedure uses a unitary operation with two controlled-not gates and a Hadamard gate. Every two qubits are performed with the unitary gate operation, and a measurement is made on one photon and the other one is retained. The retained qubit carries the state information of the discarded one. In this way, the information leakage is reduced. The procedure can be performed repeatedly so that the information leakage is reduced to any arbitrarily low level. With this QPA scheme, the quantum secure direct communication with single qubits can be implemented with arbitrarily high security. We also exploit this scheme to do privacy amplification on the single qubits in quantum information sharing for long-distance communication with quantum repeaters.
文摘While Big Data gradually become a hot topic of research and business and has been everywhere used in many industries, Big Data security and privacy has been increasingly concerned. However, there is an obvious contradiction between Big Data security and privacy and the widespread use of Big Data. In this paper, we firstly reviewed the enormous benefits and challenges of security and privacy in Big Data. Then, we present some possible methods and techniques to ensure Big Data security and privacy.
基金the National Natural Science Foundation of China,the Innovation Group Project of Beijing Institute of Technology
文摘Security has been regarded as one of the hardest problems in the development of cloud computing. This paper proposes an AllianceAuthentication protocol among Hybrid Clouds that include multiple private clouds and/or public clouds. Mu tual authentication protocol among entities in the IntraCloud and InterCloud is proposed. Blind signature and bilinear mapping of automorphism groups are adopted to achieve the InterCloud Alli anceAuthentication, which overcome the complexi ty of certificate transmission and the problem of communication bottlenecks that happen in tradi tional certificatebased scheme. Blind key, instead of private key, is adopted for register, which avoids
文摘Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.
文摘Distributed certification via threshold cryptography is much more secu re than other ways to protect certification authority (CA) 's private key,and c an tolerate some intrusions. As the original system such as ITTC,etc.,is unsaf e ,inefficient and impracitcal in actual network environment,this paper brings u p a new distributed certification scheme,which although it generates key shares concentratively,it updates key shares distributedly,and so,avoids single-po in t failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol,but can also change the threshold (t,k) flexibly and robu stly,and so,is much more practical. In this work,the authors implement the prototype sy stem of the new scheme and test and analyze its performance.
基金supported by the National Natural Science Foundation of China under Grant No. 61173157Strategy Pilot Project of Chinese Academy of Sciences under Grant No. XD06010702IIE's Cryptography Research Project
文摘We present a quantum probabilistic encryption algorithm for a private-key encryption scheme based on conjugate coding of the qubit string. A probabilistic encryption algorithm is generally adopted in public-key encryption protocols. Here we consider the way it increases the unicity distance of both classical and quantum private-key encryption schemes. The security of quantum probabilistic privatekey encryption schemes against two kinds of attacks is analyzed. By using the no-signalling postulate, we show that the scheme can resist attack to the key. The scheme's security against plaintext attack is also investigated by considering the information-theoretic indistinguishability of the encryption scheme. Finally, we make a conjecture regarding Breidbart's attack.
基金Supported by the National Natural Science Foundation of China (No. 60970111, 61133014, 60903189, 60903020).
文摘Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private (signing) key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature (IBTKIS) scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme' s security is proven in the random oracle model and rests on the hardness of the computational Diffie-Helhnan problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now.
基金supported by the Sharing and Diffusion of National R&D Outcome funded by the Korea Institute of Science and Technology Information
文摘Protection of private key is the most critical part in public key infrastructure(PKI) system since it depends on the confidentiality of private key. Thread of password detection has been known as the vulnerability in this PKI system. Recently, studies have been conducted on Bio PKI system that uses the biometric information of users in order to replace the password type of private key protection in PKI system. However, Bio PKI system also has vulnerability in that biometric information used for protection of private key cannot be reused once it is stolen or lost. So, we propose the method to protect the private key using FIDSEQi which binds sequence to biometric information. The proposed method enhances reusability of biometric information and presents higher attack complexity than the method of authentication by cross matching single biometric information.
基金the National Natural Science Foundation of China,by the Natural Science Foundation of Anhui Province,by the Specialized Research Fund for the Doctoral Program of Higher Education of China,the Fundamental Research Funds for the Central Universities
文摘Existing location privacy- preserving methods, without a trusted third party, cannot resist conspiracy attacks and active attacks. This paper proposes a novel solution for location based service (LBS) in vehicular ad hoc network (VANET). Firstly, the relationship among anonymity degree, expected company area and vehicle density is discussed. Then, a companion set F is set up by k neighbor vehicles. Based on secure multi-party computation, each vehicle in V can compute the centroid, not revealing its location to each other. The centroid as a cloaking location is sent to LBS provider (P) and P returns a point of interest (POI). Due to a distributed secret sharing structure, P cannot obtain the positions of non-complicity vehicles by colluding with multiple internal vehicles. To detect fake data from dishonest vehicles, zero knowledge proof is adopted. Comparing with other related methods, our solution can resist passive and active attacks from internal and external nodes. It provides strong privacy protection for LBS in VANET.
基金Project (Nos 60573032, 60773092, 60842002, 60873229, and 90604036) supported by the National Natural Science Foundation of China
文摘Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al.(2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.
基金supported by the National Natural Science Foundation of China (Grants Nos.61202451 and 61103210)Fujian Province Science and Technology Cooperation Projects (Grant No.2010H6007)+2 种基金Foundation of Fujian Education Bureau (Grant No.JA12062)Program for Innovative Re search Team in Science and Technology in Fujian Province Universitya Key Project of Fujian Provincial Universities-Information Technology Research Based on Mathematics
文摘An arbitrated quantum signature scheme without using entangled states is proposed.In the scheme,by employing a classical hash function and random numbers,the secret keys of signer and receiver can be reused.It is shown that the proposed scheme is secure against several well-known attacks.Specifically,it can stand against the receiver’s disavowal attack.Moreover,compared with previous relevant arbitrated quantum signature schemes,the scheme proposed has the advantage of less transmission complexity.
