Multivariate Broadcast Encryption with Group Key Algorithm for Secured IoT

The expanding and ubiquitous availability of the Internet of Things(IoT)have changed everyone’s life easier and more convenient.Same time it also offers a number of issues,such as effectiveness,security,and excessive power consumption,which constitute a danger to intelligent IoT-based apps.Group managing is primarily used for transmitting and multi-pathing communications that are secured with a general group key and it can only be decrypted by an authorized group member.A centralized trustworthy system,which is in charge of key distribution and upgrades,is used to maintain group keys.To provide longitudinal access controls,Software Defined Network(SDN)based security controllers are employed for group administration services.Cloud service providers provide a variety of security features.There are just a few software security answers available.In the proposed system,a hybrid protocols were used in SDN and it embeds edge system to improve the security in the group communication.Tree-based algorithms compared with Group Key Establishment(GKE)and Multivariate public key cryptosystem with Broadcast Encryption in the proposed system.When all factors are considered,Broadcast Encryption(BE)appears to become the most logical solution to the issue.BE enables an initiator to send encrypted messages to a large set of recipients in a efficient and productive way,meanwhile assuring that the data can only be decrypted by defining characteristic.The proposed method improves the security,efficiency of the system and reduces the power consumption and minimizes the cost.

Certificateless Public Key Encryption with Keyword Search

Public Key Encryption with Keyword Search （PEKS）, an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography （IBC） with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography （CLPKC） is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS （CLPEKS） is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.

Secured Cloud Data Migration Technique by Competent Probabilistic Public Key Encryption

Cloud computing, a recently emerged paradigm faces major challenges in achieving the privacy of migrated data, network security, etc. Too many cryptographic technologies are raised to solve these issues based on identity, attributes and prediction algorithms yet;these techniques are highly prone to attackers. This would raise a need of an effective encryption technique, which would ensure secure data migration. With this scenario, our proposed methodology Efficient Probabilistic Public Key Encryption(EPPKE) is optimized with Covariance Matrix Adaptation Evolution Strategies(CMA-ES). It ensures data integrity through the Luhn algorithm with BLAKE 2b encapsulation. This enables an optimized security to the data which is migrated through cloud. The proposed methodology is implemented in Open Stack with Java Language. It achieves better results by providing security compared to other existing techniques like RSA, IBA, ABE, PBE, etc.

Constructing Certificateless Encryption with Keyword Search against Outside and Inside Keyword Guessing Attacks

Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to encrypted data retrieval in cryptographic cloud storage. Certificateless public key cryptography (CLPKC) is a novel cryptographic primitive that has many merits. It overcomes the key escrow problem in identity-based cryptography (IBC) and the cumbersome certificate problem in conventional public key cryptography (PKC). Motivated by the appealing features of CLPKC, several certificateless encryption with keyword search (CLEKS) schemes have been presented in the literature. But, our cryptanalysis demonstrates that the previously proposed CLEKS frameworks suffer from the security vulnerability caused by the keyword guessing attack. To remedy the security weakness in the previous frameworks and provide resistance against both inside and outside keyword guessing attacks, we propose a new CLEKS framework. Under the new framework, we design a concrete CLEKS scheme and formally prove its security in the random oracle model. Compared with previous two CLEKS schemes, the proposed scheme has better overall performance while offering stronger security guarantee as it withstands the existing known types of keyword guessing attacks.

A Fully Homomorphic Encryption Scheme with Better Key Size

Fully homomorphic encryption is faced with two problems now. One is candidate fully homomorphic encryption schemes are few. Another is that the efficiency of fully homomorphic encryption is a big question. In this paper, we propose a fully homomorphic encryption scheme based on LWE, which has better key size. Our main contributions are： （1） According to the binary-LWE recently, we choose secret key from binary set and modify the basic encryption scheme proposed in Linder and Peikert in 2010. We propose a fully homomorphic encryption scheme based on the new basic encryption scheme. We analyze the correctness and give the proof of the security of our scheme. The public key, evaluation keys and tensored ciphertext have better size in our scheme. （2） Estimating parameters for fully homomorphic encryption scheme is an important work. We estimate the concert parameters for our scheme. We compare these parameters between our scheme and Bral2 scheme. Our scheme have public key and private key that smaller by a factor of about logq than in Bral2 scheme. Tensored ciphertext in our scheme is smaller by a factor of about log2q than in Bral2 scheme. Key switching matrix in our scheme is smaller by a factor of about log3q than in Bra12 scheme.

Identity-Based Encryption with Keyword Search from Lattice Assumption

Public key encryption scheme with keyword search （PEKS） enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.

Hash Function Based Keyword Searchable Encryption Framework in Cloud Server Using MD5 and MECC

Cloud Computing expands its usability to various fields that utilize data and store it in a common space that is required for computing and the purpose of analysis as like the IoT devices.These devices utilize the cloud for storing and retrieving data since the devices are not capable of storing processing data on its own.Cloud Computing provides various services to the users like the IaaS,PaaS and SaaS.The major drawback that is faced by cloud computing include the Utilization of Cloud services for the storage of data that could be accessed by all the users related to cloud.The use of Public Key Encryptions with keyword search(PEKS)provides security against the untrustworthy third-party search capability on publicly encryption keys without revealing the data’s contents.But the Security concerns of PEKs arise when Inside Keywords Guessing attacks(IKGA),is identified in the system due to the untrusted server presume the keyword in trapdoor.This issue could be solved by using various algorithms like the Certificateless Hashed Public Key Authenticated Encryption with Keyword Search(CL-HPAEKS)which utilizes the Modified Elliptic Curve Cryptography(MECC)along with the Mutation Centred flower pollinations algorithm(CM-FPA)that is used in enhancing the performance of the algorithm using the Optimization in keys.The additional use of Message Digests 5(MD5)hash function in the system enhances the security Level that is associated with the system.The system that is proposed achieves the security level performance of 96 percent and the effort consumed by the algorithm is less compared to the other encryption techniques.

An Internet Key Exchange Protocol Based on Public Key Infrastructure

Internet key exchange (IKE) is an automated key exchange mechanism that is used to facilitate the transfer of IPSec security associations (SAs). Public key infrastructure (PKI) is considered as a key element for providing security to new distributed communication networks and services. In this paper, we concentrate on the properties of the protocol of Phase 1 IKE. After investigating IKE protocol and PKI technology, we combine IKE protocol and PKI and present an implementation scheme of the IKE based on PKI. Then, we give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange.

Generative Trapdoors for Public Key Cryptography Based on Automatic Entropy Optimization

Trapdoor is a key component of public key cryptography design which is the essential security foundation of modern cryptography.Normally,the traditional way in designing a trapdoor is to identify a computationally hard problem,such as the NPC problems.So the trapdoor in a public key encryption mechanism turns out to be a type of limited resource.In this paper,we generalize the methodology of adversarial learning model in artificial intelligence and introduce a novel way to conveniently obtain sub-optimal and computationally hard trapdoors based on the automatic information theoretic search technique.The basic routine is constructing a generative architecture to search and discover a probabilistic reversible generator which can correctly encoding and decoding any input messages.The architecture includes a trapdoor generator built on a variational autoencoder(VAE)responsible for searching the appropriate trapdoors satisfying a maximum of entropy,a random message generator yielding random noise,and a dynamic classifier taking the results of the two generator.The evaluation of our construction shows the architecture satisfying basic indistinguishability of outputs under chosen-plaintext attack model(CPA)and high efficiency in generating cheap trapdoors.

A Modified and Secured RSA Public Key Cryptosystem Based on “n” Prime Numbers

Cryptography is the study that provides security service. It concerns with confidentiality, integrity, and authentication. Public key cryptography provides an enormous revolution in the field of the cryptosystem. It uses two different keys where keys are related in such a way that, the public key can use to encrypt the message and private key can be used to decrypt the message. This paper proposed an enhanced and modified approach of RSA cryptosystem based on “n” distinct prime number. This existence of “n” prime number increases the difficulty of the factoring of the variable “N” which increases the complexity of the algorithm. In this approach, two different public key and private key generated from the large factor of the variable “N” and perform a double encryption-decryption operation which affords more security. Experiment on a set of a random number provided that the key generation time, analysis of variable “N”, encryption and decryption will take a long time compared to traditional RSA. Thus, this approach is more efficient, highly secured and not easily breakable.

Encryption Algorithm Based NTRU in Underwater Acoustic Networks

Underwater acoustic networks (UANs) adopt acoustic communication. The opening and sharing features of underwater acoustic channel make communication in UANs vulnerable to eavesdropping and interfering. The applications of UANs such as underwater military, underwater warning and energy development are very demanding for the security level. Quantum computing poses a threat to security of the traditional public key cryptosystem such as large integer factorization and discrete logarithm. To solve these problems, a public key encryption algorithm is proposed based on number theory research unit (NTRU) for underwater acoustic networks. The traditional NTRU encryption scheme was improved and a new public key cryptosystem was provided. The algorithm combined the encryption algorithm with the identity of the node. Experimental results show that the key generation speed is very fast, and the speed of encryption and decryption is faster than RSA, ECC, ElGamal and other public key cryptosystems. It verifies that the encryption algorithm can resist quantum computing attacks.

Threshold public key encryption scheme resilient against continual leakage without random oracles

Threshold public key encryption allows a set of servers to decrypt a ciphertext if a given threshold of authorized servers cooperate. In the setting of threshold public key encryption, we consider the question of how to correctly decrypt a ciphertext where all servers continually leak information about their secret keys to an external attacker. Dodis et al. and Akavia et al. show two concrete schemes on how to store secrets on continually leaky servers. However, their construc- tions are only interactive between two servers. To achieve continual leakage security among more than two servers, we give the first threshold public key encryption scheme against adaptively chosen ciphertext attack in the continual leak- age model under three static assumptions. In our model, the servers update their keys individually and asynchronously, without any communication between two servers. Moreover, the update procedure is re-randomized and the randomness can leak as well.

A New Certificateless Public Key Encryption Scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.

A Certificateless Threshold Public Key Encryption Scheme

The decryption participant＇s private key share for decryption is delegated by key generation center in the threshold IBE scheme.However,a key generation center which is absolutely trustworthy does not exist.So the author presents a certificateless threshold public key encryption scheme.Collaborating with an administrator,the decryption participant generates his whole private key share for decryption in the scheme.The administrator does not know the decryption participant＇s private key share for decryption.Making use of q-SDH assumption,the author constructs a certificateless threshold public key encryption scheme.The security of the scheme is eventually reduced to the solving of Decisional Bilinear Diffie-Hellman problem.Moreover,the scheme is secure under the chosen ciphertext attack in the standard model.

Constructing pairing-free certificateless public key encryption with keyword search

Searchable public key encryption enables a storage server to retrieve the publicly encrypted data without revealing the original data contents.It offers a perfect cryptographic solution to encrypted data retrieval in encrypted data storage systems.Certificateless cryptography(CLC)is a novel cryptographic primitive that has many merits.It overcomes the key escrow problem in identity-based cryptosystems and the cumbersome certificate problem in conventional public key cryptosystems.Motivated by the appealing features of CLC,three certificateless encryption with keyword search(CLEKS)schemes were presented in the literature.However,all of them were constructed with the costly bilinear pairing and thus are not suitable for the devices that have limited computing resources and battery power.So,it is interesting and worthwhile to design a CLEKS scheme without using bilinear pairing.In this study,we put forward a pairing-free CLEKS scheme that does not exploit bilinear pairing.We strictly prove that the scheme achieves keyword ciphertext indistinguishability against adaptive chosen-keyword attacks under the complexity assumption of the computational Diffie-Hellman problem in the random oracle model.Efficiency comparison and the simulation show that it enjoys better performance than the previous pairing-based CLEKS schemes.In addition,we briefly introduce three extensions of the proposed CLEKS scheme.

Secure Scheme for Locating Disease-Causing Genes Based on Multi-Key Homomorphic Encryption

Genes have great significance for the prevention and treatment of some diseases.A vital consideration is the need to find a way to locate pathogenic genes by analyzing the genetic data obtained from different medical institutions while protecting the privacy of patients’genetic data.In this paper,we present a secure scheme for locating disease-causing genes based on Multi-Key Homomorphic Encryption(MKHE),which reduces the risk of leaking genetic data.First,we combine MKHE with a frequency-based pathogenic gene location function.The medical institutions use MKHE to encrypt their genetic data.The cloud then homomorphically evaluates specific gene-locating circuits on the encrypted genetic data.Second,whereas most location circuits are designed only for locating monogenic diseases,we propose two location circuits(TH-intersection and Top-q)that can locate the disease-causing genes of polygenic diseases.Third,we construct a directed decryption protocol in which the users involved in the homomorphic evaluation can appoint a target user who can obtain the final decryption result.Our experimental results show that compared to the JWB+17 scheme published in the journal Science,our scheme can be used to diagnose polygenic diseases,and the participants only need to upload their encrypted genetic data once,which reduces the communication traffic by a few hundred-fold.

改进的抗自适应泄漏公钥加密方案

Halevi提出的抗自适应泄漏公钥加密(PKE)方案(TCC 2011会议论文集)只能抵抗选择明文攻击,不能抵抗选择密文攻击(CCA)。为此,利用双加密技术和非交互的零知识证明系统对其进行改进,基于CCA安全的抗自适应泄漏的形式化定义,给出一个新的PKE方案。理论分析结果表明,与原方案相比,新方案具有相同的密钥长度和抗泄漏量,并且安全性更高。

标准模型下可证明安全的新公钥加密方案

针对标准模型下抗适应性选择密文攻击语义安全的公钥加密方案存在的效率比较低或者所基于的计算假设比较强的问题,基于最近提出的d-判定性Diffie-Hellman问题构造了一个新的可证明安全的公钥加密方案。方案的构造和安全性证明采用哈希证明系统方法,达到了高效安全的目标。方案所基于的d-判定性Diffie-Hellman问题的难度介于计算Diffie-Hellman问题和判定性Diffie-Hellman问题之间,方案的效率优于基于计算Diffie-Hellman问题的方案,与基于判定性Diffie-Hellman问题的方案相近。该方案实现了计算假设与效率之间的一个比较好的折中,并且可以根据实际需要选择不同的d值以达到不同的安全级别。

标准模型下无对运算的公钥证书加密体制

为抵抗CL-PKE加密体制中因置换用户公钥产生的拒绝解密(denial of decryption)攻击,构建了一个没有使用椭圆曲线上双线性对运算的加密算法.该体制的安全模型选用了安全性较高的标准模型.此外该体制不但可以抵制外部攻击者的拒绝解密攻击,而且可以抵制密钥生成中心(KGC)的拒绝解密攻击.在提高性能的同时,还保持了较高的计算效率.

Cryptanalysis of Public Key Cryptosystems Based on Non-Abelian Factorization Problems

Advances in quantum computers threaten to break public-key cryptosystems （e.g., RSA, ECC, and EIGamal）, based on the hardness of factoring or taking a discrete logarithm. However, no quantum algorithms have yet been found for solving certain mathematical problems in non-commutative algebraic structures. Recently, two novel public-key encryption schemes, BKT-B cryptosystem and BKT-FO cryptosystem, based on factorization problems have been proposed at Security and Communication Networks in 2013. In this paper we show that these two schemes are vulnerable to structural attacks and linearization equations attacks, and that they only require polynomial time complexity to obtain messages from associated public keys. We conduct a detailed analysis of the two attack methods and show corresponding algorithmic descriptions and efficiency analyses. In addition, we provide some improvement suggestions for the two public-key encryption schemes.