A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has be...A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.展开更多
Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor...Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.展开更多
Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies...Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies that the attribute authority can access all encrypted data,which is known as the key escrow problem.In addition,because all access privileges are defined over a single attribute universe and attributes are shared among multiple data users,the revocation of users is inefficient for the existing ABE scheme.In this paper,we propose a novel scheme that solves the key escrow problem and supports efficient user revocation.First,an access controller is introduced into the existing scheme,and then,secret keys are generated corporately by the attribute authority and access controller.Second,an efficient user revocation mechanism is achieved using a version key that supports forward and backward security.The analysis proves that our scheme is secure and efficient in user authorization and revocation.展开更多
Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support ...Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support the keyword search in a public cloud. However,they have some potential limitations. First,most of the existing schemes only consider the scenario with the single data owner. Second,they need secure channels to guarantee the secure transmission of secret keys from the data owner to data users. Third,in some schemes,the data owner should be online to help data users when data users intend to perform the search,which is inconvenient.In this paper,we propose a novel searchable scheme which supports the multi-owner keyword search without secure channels. More than that,our scheme is a non-interactive solution,in which all the users only need to communicate with the cloud server. Furthermore,the analysis proves that our scheme can guarantee the security even without secure channels. Unlike most existing public key encryption based searchable schemes,we evaluate the performance of our scheme,which shows that our scheme is practical.展开更多
This paper presents a new encryption embedded processor aimed at the application requirement of wireless sensor network (WSN). The new encryption embedded processor not only offers Rivest Shamir Adlemen (RSA), Adv...This paper presents a new encryption embedded processor aimed at the application requirement of wireless sensor network (WSN). The new encryption embedded processor not only offers Rivest Shamir Adlemen (RSA), Advanced Encryption Standard (AES), 3 Data Encryption Standard (3 DES) and Secure Hash Algorithm 1 (SHA - 1 ) security engines, but also involves a new memory encryption scheme. The new memory encryption scheme is implemented by a memory encryption cache (MEC), which protects the confidentiality of the memory by AES encryption. The experi- ments show that the new secure design only causes 1.9% additional delay on the critical path and cuts 25.7% power consumption when the processor writes data back. The new processor balances the performance overhead, the power consumption and the security and fully meets the wireless sensor environment requirement. After physical design, the new encryption embedded processor has been successfully tape-out.展开更多
文摘A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.
基金supported by the National Natural Science Foundation of China (No.61370203)China Postdoctoral Science Foundation Funded Project (No.2017M623008)+1 种基金Scientific Research Starting Project of SWPU (No.2017QHZ023)State Scholarship Foundation of China Scholarship Council (No.201708515149)
文摘Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.
基金supported by the NSFC(61173141,U1536206,61232016, U1405254,61373133,61502242,61572258)BK20150925+3 种基金Fund of Jiangsu Engineering Center of Network Monitoring(KJR1402)Fund of MOE Internet Innovation Platform(KJRP1403)CICAEETthe PAPD fund
文摘Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies that the attribute authority can access all encrypted data,which is known as the key escrow problem.In addition,because all access privileges are defined over a single attribute universe and attributes are shared among multiple data users,the revocation of users is inefficient for the existing ABE scheme.In this paper,we propose a novel scheme that solves the key escrow problem and supports efficient user revocation.First,an access controller is introduced into the existing scheme,and then,secret keys are generated corporately by the attribute authority and access controller.Second,an efficient user revocation mechanism is achieved using a version key that supports forward and backward security.The analysis proves that our scheme is secure and efficient in user authorization and revocation.
基金supported by Natural Science Foundation of China(No.61303264)
文摘Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support the keyword search in a public cloud. However,they have some potential limitations. First,most of the existing schemes only consider the scenario with the single data owner. Second,they need secure channels to guarantee the secure transmission of secret keys from the data owner to data users. Third,in some schemes,the data owner should be online to help data users when data users intend to perform the search,which is inconvenient.In this paper,we propose a novel searchable scheme which supports the multi-owner keyword search without secure channels. More than that,our scheme is a non-interactive solution,in which all the users only need to communicate with the cloud server. Furthermore,the analysis proves that our scheme can guarantee the security even without secure channels. Unlike most existing public key encryption based searchable schemes,we evaluate the performance of our scheme,which shows that our scheme is practical.
文摘This paper presents a new encryption embedded processor aimed at the application requirement of wireless sensor network (WSN). The new encryption embedded processor not only offers Rivest Shamir Adlemen (RSA), Advanced Encryption Standard (AES), 3 Data Encryption Standard (3 DES) and Secure Hash Algorithm 1 (SHA - 1 ) security engines, but also involves a new memory encryption scheme. The new memory encryption scheme is implemented by a memory encryption cache (MEC), which protects the confidentiality of the memory by AES encryption. The experi- ments show that the new secure design only causes 1.9% additional delay on the critical path and cuts 25.7% power consumption when the processor writes data back. The new processor balances the performance overhead, the power consumption and the security and fully meets the wireless sensor environment requirement. After physical design, the new encryption embedded processor has been successfully tape-out.
