Construction and Implementation of a Privacy-Preserving Identity-Based Encryption Architecture

A recent proposal by Adams integrates the digital credentials (DC) technology of Brands with the identity-based encryption (IBE) technology of Boneh and Franklin to create an IBE scheme that demonstrably enhances privacy for users. We refer to this scheme as a privacy-preserving identity-based encryption (PP-IBE) construction. In this paper, we discuss the concrete implementation considerations for PP-IBE and provide a detailed instantiation (based on q-torsion groups in supersingular elliptic curves) that may be useful both for proof-of-concept purposes and for pedagogical purposes.

OBLIVIOUS TRANSFER WITH ACCESS CONTROL AND IDENTITY-BASED ENCRYPTION WITH ANONYMOUS KEY ISSUING

In ACM'CCS 2009,Camenisch,et al.proposed the Oblivious Transfer with Access Control(AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the attributes in the associated set.Namely,AC-OT achieves access control policy for conjunction of attributes.Essentially,the functionality of AC-OT is equivalent to the sim-plified version that we call AC-OT-SV:for each item,one attribute is associated with it,and it is requested that only the users who possess the associated attribute can obtain the item by queries.On one hand,AC-OT-SV is a special case of AC-OT when there is just one associated attribute with each item.On the other hand,any AC-OT can be realized by an AC-OT-SV.In this paper,we first present a concrete AC-OT-SV protocol which is proved to be secure in the model defined by Camenisch,et al..Then from the protocol,interestingly,a concrete Identity-Based Encryption(IBE) with Anonymous Key Issuing(AKI) is given which is just a direct application to AC-OT-SV.By comparison,we show that the AKI protocol we present is more efficient in communications than that proposed by Chow.

Security Analysis of a Privacy-Preserving Identity-Based Encryption Architecture

Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple randomly-chosen entities to complete certain tasks. The main result and primary contribution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion opportunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction appears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.

Identity-Based Encryption with Keyword Search from Lattice Assumption

Public key encryption scheme

Verifiable Identity-Based Encryption with Keyword Search for IoT from Lattice

Internet of Things(IoT),which provides the solution of connecting things and devices,has increasingly developed as vital tools to realize intelligent life.Generally,source-limited IoT sensors outsource their data to the cloud,which arises the concerns that the transmission of IoT data is happening without appropriate consideration of the profound security challenges involved.Though encryption technology can guarantee the confidentiality of private data,it hinders the usability of data.Searchable encryption(SE)has been proposed to achieve secure data sharing and searching.However,most of existing SE schemes are designed under conventional hardness assumptions and may be vulnerable to the adversary with quantum computers.Moreover,the untrusted cloud server may perform an unfaithful search execution.To address these problems,in this paper,we propose the first verifiable identity-based keyword search(VIBKS)scheme from lattice.In particular,a lattice-based delegation algorithm is adopted to help the data user to verify both the correctness and the integrity of the search results.Besides,in order to reduce the communication overhead,we refer to the identity-based mechanism.We conduct rigorous proof to demonstrate that the proposed VIBKS scheme is ciphertext indistinguishable secure against the semi-honestbut-curious adversary.In addition,we give the detailed computation and communication complexity of our VIBKS and conduct a series of experiments to validate its efficiency performance.

Hybrid Cloud Security by Revocable KUNodes-Storage with Identity-Based Encryption

Cloud storage is a service involving cloud service providers providingstorage space to customers. Cloud storage services have numerous advantages,including convenience, high computation, and capacity, thereby attracting usersto outsource data in the cloud. However, users outsource data directly via cloudstage services that are unsafe when outsourcing data is sensitive for users. Therefore, cipher text-policy attribute-based encryption is a promising cryptographicsolution in a cloud environment, and can be drawn up for access control by dataowners (DO) to define access policy. Unfortunately, an outsourced architectureapplied with attribute-based encryption introduces numerous challenges, including revocation. This issue is a threat to the data security of DO. Furthermore,highly secure and flexible cipher text-based attribute access control with role hierarchy user grouping in cloud storage is implemented by extending the KUNodes(revocation) storage identity-based encryption. Result is evaluated using Cloudsim, and our algorithm outperforms in terms of computational cost by consuming32 MB for 150-MB files.

Identity-based encryption with wildcards in the standard model

In this article, based on Chatterjee-Sarkar＇ hierarchical identity-based encryption （HIBE）, a novel identity-based encryption with wildcards （WIBE） scheme is proposed and is proven secure in the standard model （without random oracle）. The proposed scheme is proven to be secure assuming that the decisional Bilinear Diffie-Hellman （DBDH） problem is hard. Compared with the Wa-WIBE scheme that is secure in the standard model, our scheme has shorter common parameters and ciphertext length.

Practical continuous leakage-resilient CCA secure identity-based encryption

Leakage of private information including private keys of user has become a threat to the security of computing systems.It has become a common security requirement that a cryptographic scheme should withstand various leakage attacks.In the real life,an adversary can break the security of cryptography primitive by performing continuous leakage attacks.Although,some research on the leakage-resilient cryptography had been made,there are still some remaining issued in previous attempts.The identity-based encryption(IBE)constructions were designed in the bounded-leakage model,and might not be able to meet their claimed security under the continuous-leakage attacks.In the real applications,the leakage is unbounded.That is,a practical cryptography scheme should keep its original security in the continuous leakage setting.The previous continuous leakage-resilient IBE schemes either only achieve chosen-plaintext attacks security or the chosen-ciphertext attacks(CCA)security is proved in the selective identity model.Aiming to solve these problems,in this paper,we show how to construct the continuous leakage-resilient IBE scheme,and the scheme’s adaptive CCA security is proved in the standard model based on the hardness of decisional bilinear Diffie-Hellman exponent assumption.For any adversary,all elements in the ciphertext are random,and an adversary cannot obtain any leakage on the private key of user from the corresponding given ciphertext.Moreover,the leakage parameter of our proposal is independent of the plaintext space and has a constant size.

A lightweight symmetric image encryption cryptosystem in wavelet domain based on an improved sine map

In the era of big data,the number of images transmitted over the public channel increases exponentially.As a result,it is crucial to devise the efficient and highly secure encryption method to safeguard the sensitive image.In this paper,an improved sine map(ISM)possessing a larger chaotic region,more complex chaotic behavior and greater unpredictability is proposed and extensively tested.Drawing upon the strengths of ISM,we introduce a lightweight symmetric image encryption cryptosystem in wavelet domain(WDLIC).The WDLIC employs selective encryption to strike a satisfactory balance between security and speed.Initially,only the low-frequency-low-frequency component is chosen to encrypt utilizing classic permutation and diffusion.Then leveraging the statistical properties in wavelet domain,Gaussianization operation which opens the minds of encrypting image information in wavelet domain is first proposed and employed to all sub-bands.Simulations and theoretical analysis demonstrate the high speed and the remarkable effectiveness of WDLIC.

A chaotic hierarchical encryption/watermark embedding scheme for multi-medical images based on row-column confusion and closed-loop bi-directional diffusion

Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is designed,and a multiimage encryption(MIE)algorithm with row and column confusion and closed-loop bi-directional diffusion is adopted in the paper.While ensuring secure communication of medical image information,people with different security levels have different levels of decryption keys,and differentiated visual effects can be obtained by using the strong sensitivity of chaotic keys.The highest security level can obtain decrypted images without watermarks,and at the same time,patient information and copyright attribution can be verified by obtaining watermark images.The experimental results show that the scheme is sufficiently secure as an MIE scheme with visualized differences and the encryption and decryption efficiency is significantly improved compared to other works.

Two-dimensional-lag complex logistic map with complex parameters and its encryption application

With the rapid development of internet technology,security protection of information has become more and more prominent,especially information encryption.Considering the great advantages of chaotic encryption,we propose a 2D-lag complex logistic map with complex parameters(2D-LCLMCP)and corresponding encryption schemes.Firstly,we present the model of the 2D-LCLMCP and analyze its chaotic properties and system stability through fixed points,Lyapunov exponent,bifurcation diagram,phase diagram,etc.Secondly,a block cipher algorithm based on the 2D-LCLMCP is proposed,the plaintext data is preprocessed using a pseudorandom sequence generated by the 2D-LCLMCP.Based on the generalized Feistel cipher structure,a round function F is constructed using dynamic S-box and DNA encoding rules as the core of the block cipher algorithm.The generalized Feistel cipher structure consists of two F functions,four XOR operations,and one permutation operation per round.The symmetric dynamic round keys that change with the plaintext are generated by the 2D-LCLMCP.Finally,experimental simulation and performance analysis tests are conducted.The results show that the block cipher algorithm has low complexit,good diffusion and a large key space.When the block length is 64 bits,only six rounds of encryption are required to provide sufficient security and robustness against cryptographic attacks.

Novel self-embedding holographic watermarking image encryption protection scheme

For digital image transmission security and information copyright,a new holographic image self-embedding watermarking encryption scheme is proposed.Firstly,the plaintext is converted to the RGB three-color channel,the corresponding phase hologram is obtained by holographic technology and the watermark is self-embedded in the frequency domain.Secondly,by applying the Hilbert transform principle and genetic center law,a complete set of image encryption algorithms is constructed to realize the encryption of image information.Finally,simulation results and security analysis indicate that the scheme can effectively encrypt and decrypt image information and realize the copyright protection of information.The introduced scheme can provide some support for relevant theoretical research,and has practical significance.

Color Image Compression and Encryption Algorithm Based on 2D Compressed Sensing and Hyperchaotic System

With the advent of the information security era,it is necessary to guarantee the privacy,accuracy,and dependable transfer of pictures.This study presents a new approach to the encryption and compression of color images.It is predicated on 2D compressed sensing(CS)and the hyperchaotic system.First,an optimized Arnold scrambling algorithm is applied to the initial color images to ensure strong security.Then,the processed images are con-currently encrypted and compressed using 2D CS.Among them,chaotic sequences replace traditional random measurement matrices to increase the system’s security.Third,the processed images are re-encrypted using a combination of permutation and diffusion algorithms.In addition,the 2D projected gradient with an embedding decryption(2DPG-ED)algorithm is used to reconstruct images.Compared with the traditional reconstruction algorithm,the 2DPG-ED algorithm can improve security and reduce computational complexity.Furthermore,it has better robustness.The experimental outcome and the performance analysis indicate that this algorithm can withstand malicious attacks and prove the method is effective.

Double quantum images encryption scheme based on chaotic system

This paper explores a double quantum images representation(DNEQR)model that allows for simultaneous storage of two digital images in a quantum superposition state.Additionally,a new type of two-dimensional hyperchaotic system based on sine and logistic maps is investigated,offering a wider parameter space and better chaotic behavior compared to the sine and logistic maps.Based on the DNEQR model and the hyperchaotic system,a double quantum images encryption algorithm is proposed.Firstly,two classical plaintext images are transformed into quantum states using the DNEQR model.Then,the proposed hyperchaotic system is employed to iteratively generate pseudo-random sequences.These chaotic sequences are utilized to perform pixel value and position operations on the quantum image,resulting in changes to both pixel values and positions.Finally,the ciphertext image can be obtained by qubit-level diffusion using two XOR operations between the position-permutated image and the pseudo-random sequences.The corresponding quantum circuits are also given.Experimental results demonstrate that the proposed scheme ensures the security of the images during transmission,improves the encryption efficiency,and enhances anti-interference and anti-attack capabilities.

Coexistence behavior of asymmetric attractors in hyperbolic-type memristive Hopfield neural network and its application in image encryption

The neuron model has been widely employed in neural-morphic computing systems and chaotic circuits.This study aims to develop a novel circuit simulation of a three-neuron Hopfield neural network(HNN)with coupled hyperbolic memristors through the modification of a single coupling connection weight.The bistable mode of the hyperbolic memristive HNN(mHNN),characterized by the coexistence of asymmetric chaos and periodic attractors,is effectively demonstrated through the utilization of conventional nonlinear analysis techniques.These techniques include bifurcation diagrams,two-parameter maximum Lyapunov exponent plots,local attractor basins,and phase trajectory diagrams.Moreover,an encryption technique for color images is devised by leveraging the mHNN model and asymmetric structural attractors.This method demonstrates significant benefits in correlation,information entropy,and resistance to differential attacks,providing strong evidence for its effectiveness in encryption.Additionally,an improved modular circuit design method is employed to create the analog equivalent circuit of the memristive HNN.The correctness of the circuit design is confirmed through Multisim simulations,which align with numerical simulations conducted in Matlab.

Enhancing visual security: An image encryption scheme based on parallel compressive sensing and edge detection embedding

A novel image encryption scheme based on parallel compressive sensing and edge detection embedding technology is proposed to improve visual security. Firstly, the plain image is sparsely represented using the discrete wavelet transform.Then, the coefficient matrix is scrambled and compressed to obtain a size-reduced image using the Fisher–Yates shuffle and parallel compressive sensing. Subsequently, to increase the security of the proposed algorithm, the compressed image is re-encrypted through permutation and diffusion to obtain a noise-like secret image. Finally, an adaptive embedding method based on edge detection for different carrier images is proposed to generate a visually meaningful cipher image. To improve the plaintext sensitivity of the algorithm, the counter mode is combined with the hash function to generate keys for chaotic systems. Additionally, an effective permutation method is designed to scramble the pixels of the compressed image in the re-encryption stage. The simulation results and analyses demonstrate that the proposed algorithm performs well in terms of visual security and decryption quality.

Physical Layer Encryption of OFDM-PON Based on Quantum Noise Stream Cipher with Polar Code

Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.

Blockchain-Based Certificateless Bidirectional Authenticated Searchable Encryption Scheme in Cloud Email System

Traditional email systems can only achieve one-way communication,which means only the receiver is allowed to search for emails on the email server.In this paper,we propose a blockchain-based certificateless bidirectional authenticated searchable encryption model for a cloud email system named certificateless authenticated bidirectional searchable encryption(CL-BSE)by combining the storage function of cloud server with the communication function of email server.In the new model,not only can the data receiver search for the relevant content by generating its own trapdoor,but the data owner also can retrieve the content in the same way.Meanwhile,there are dual authentication functions in our model.First,during encryption,the data owner uses the private key to authenticate their identity,ensuring that only legal owner can generate the keyword ciphertext.Second,the blockchain verifies the data owner’s identity by the received ciphertext,allowing only authorized members to store their data in the server and avoiding unnecessary storage space consumption.We obtain a formal definition of CL-BSE and formulate a specific scheme from the new system model.Then the security of the scheme is analyzed based on the formalized security model.The results demonstrate that the scheme achieves multikeyword ciphertext indistinguishability andmulti-keyword trapdoor privacy against any adversary simultaneously.In addition,performance evaluation shows that the new scheme has higher computational and communication efficiency by comparing it with some existing ones.

A Blind Batch Encryption and Public Ledger-Based Protocol for Sharing Sensitive Data

For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and allows privacy information to be preserved.Data owners can tightly manage their data with efficient revocation and only grant one-time adaptive access for the fulfillment of the requester.We prove that our protocol is semanticallly secure,blind,and secure against oblivious requesters and malicious file keepers.We also provide security analysis in the context of four typical attacks.

Enhancing IoT Data Security with Lightweight Blockchain and Okamoto Uchiyama Homomorphic Encryption

Blockchain technology has garnered significant attention from global organizations and researchers due to its potential as a solution for centralized system challenges.Concurrently,the Internet of Things(IoT)has revolutionized the Fourth Industrial Revolution by enabling interconnected devices to offer innovative services,ultimately enhancing human lives.This paper presents a new approach utilizing lightweight blockchain technology,effectively reducing the computational burden typically associated with conventional blockchain systems.By integrating this lightweight blockchain with IoT systems,substantial reductions in implementation time and computational complexity can be achieved.Moreover,the paper proposes the utilization of the Okamoto Uchiyama encryption algorithm,renowned for its homomorphic characteristics,to reinforce the privacy and security of IoT-generated data.The integration of homomorphic encryption and blockchain technology establishes a secure and decentralized platformfor storing and analyzing sensitive data of the supply chain data.This platformfacilitates the development of some business models and empowers decentralized applications to perform computations on encrypted data while maintaining data privacy.The results validate the robust security of the proposed system,comparable to standard blockchain implementations,leveraging the distinctive homomorphic attributes of the Okamoto Uchiyama algorithm and the lightweight blockchain paradigm.