For group signature(GS)supporting membership revocation,verifier-local revocation(VLR)mechanism seems to be a more flexible choice,because it requires only that verifiers download up-to-date revocation information for...For group signature(GS)supporting membership revocation,verifier-local revocation(VLR)mechanism seems to be a more flexible choice,because it requires only that verifiers download up-to-date revocation information for signature verification,and the signers are not involved.As a post-quantum secure cryptographic counterpart of classical number-theoretic cryptographic constructions,the first lattice-based VLR group signature(VLR-GS)was introduced by Langlois et al.(2014).However,none of the contemporary lattice-based VLR-GS schemes provide backward unlinkability(BU),which is an important property to ensure that previously issued signatures remain anonymous and unlinkable even after the corresponding signer(i.e.,member)is revoked.In this study,we introduce the first lattice-based VLR-GS scheme with BU security(VLR-GS-BU),and thus resolve a prominent open problem posed by previous works.Our new scheme enjoys an O(log N)factor saving for bit-sizes of the group public-key(GPK)and the member’s signing secret-key,and it is free of any public-key encryption.In the random oracle model,our scheme is proven secure under two well-known hardness assumptions of the short integer solution(SIS)problem and learning with errors(LWE)problem.展开更多
Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to ave...Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to average-case reductions. The first lattice-based group signature scheme with verifier-local revocation(VLR) is treated as the first quantum-resistant scheme supported member revocation, and was put forward by Langlois et al. This VLR group signature(VLR-GS) has group public key size of O(nm log N log q), and a signature size of O(tm log N log q log β). Nguyen et al. constructed a simple efficient group signature from lattice, with significant advantages in bit-size of both the group public key and the signature. Based on their work, we present a VLR-GS scheme with group public key size of O(nm log q) and signature size of O(tm log q). Our group signature has notable advantages: support of membership revocation, and short in both the public key size and the signature size.展开更多
Access control is a key mechanism to secure outsourced data in mobile clouds. Some existing solutions are proposed to enforce flexible access control on outsourced data or reduce the computations performed by mobile d...Access control is a key mechanism to secure outsourced data in mobile clouds. Some existing solutions are proposed to enforce flexible access control on outsourced data or reduce the computations performed by mobile devices. However, less attention has been paid to the efficiency of revocation when there are mobile devices needed to be revoked. In this paper, we put forward a new solution, referred to as flexible access control with outsourceable revocation(FACOR) for mobile clouds. The FACOR applies the attribute-based encryption to enable flexible access control on outsourced data, and allows mobile users to outsource the time-consuming encryption and decryption computations to proxies, with only requiring attributes authorization to be fully trusted. As an advantageous feature, FACOR provides an outsourceable revocation for mobile users to reduce the complicated attribute-based revocation operations. The security analysis shows that our FACOR scheme achieves data security against collusion attacks and unauthorized accesses from revoked users. Both theoretical and experimental results confirm that our proposed scheme greatly reliefs the mobile devices from heavy encryption and decryption computations, as well as the complicated revocation of access rights in mobile clouds.展开更多
Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies...Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies that the attribute authority can access all encrypted data,which is known as the key escrow problem.In addition,because all access privileges are defined over a single attribute universe and attributes are shared among multiple data users,the revocation of users is inefficient for the existing ABE scheme.In this paper,we propose a novel scheme that solves the key escrow problem and supports efficient user revocation.First,an access controller is introduced into the existing scheme,and then,secret keys are generated corporately by the attribute authority and access controller.Second,an efficient user revocation mechanism is achieved using a version key that supports forward and backward security.The analysis proves that our scheme is secure and efficient in user authorization and revocation.展开更多
In recent years,several random key pre-distribution schemes have been proposed to bootstrap keys for encryption,but the problem of key and node revocation has received relatively little attention.In this paper,based o...In recent years,several random key pre-distribution schemes have been proposed to bootstrap keys for encryption,but the problem of key and node revocation has received relatively little attention.In this paper,based on a random key pre-distribution scheme using clustering,we present a novel random key revoca-tion protocol,which is suitable for large scale networks greatly and removes compromised information efficiently.The revocation protocol can guarantee network security by using less memory consumption and communication load,and combined by centralized and distributed revoca-tion,having virtues of timeliness and veracity for revoca-tion at the same time.展开更多
Attribute revocation is inevitable and also important for Attribute-Based Encryption (ABE) in practice.However,little attention has been paid to this issue,and it remains one of the main obstacles for the application ...Attribute revocation is inevitable and also important for Attribute-Based Encryption (ABE) in practice.However,little attention has been paid to this issue,and it remains one of the main obstacles for the application of ABE.Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revocation events occur.Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation,they mostly focused on the user revocation that revokes the user's whole attributes,or they can only be proven to be selectively secure.In this paper,we first define a model of adaptively secure ABE supporting the attribute revocation under direct revocation model.Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups.Finally,we prove our schemes to be adaptively secure by employing the methodology of dual system encryption.展开更多
Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concernin...Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be un-trustworthy. The scheme is efficient even when the number of revoked members is large.展开更多
How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divi...How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divisibility is given and a novel membership revocation method in ACJT group signature scheme is proposed: the group manager issues the product E of the public keys of current members in the group, when a group member wants to sign, he should not only proves that he has a membership certificate, but also proves that the public key in his certificate divides exactly the public key product E with zero knowledge. The proposed method is efficient since the group manager only needs one division and one exponentiation when a group member is deleted, while the signing and verifying procedure are independent of the number of current group members and excluded members, as well as the original group public key and membership certificates needn't be changed.展开更多
This work proposes authentication based on identity as a way to increase the efficiency and security of communications in vehicular ad-hoc networks. When using identity-based cryptography to achieve certificateless au...This work proposes authentication based on identity as a way to increase the efficiency and security of communications in vehicular ad-hoc networks. When using identity-based cryptography to achieve certificateless authentication, membership revocation is not a trivial problem. Thus, in order to improve the performance of revocation in such networks, the use of a dynamic authenticated data structure based on perfect k-ary hash trees combined with a duplex version of the new standard SHA-3 is here presented. Efficient algorithms in the used revocation trees allow reaching a refresh rate of at most simple updates per inserted node. Consequently, the proposal is especially useful for situations with frequent revocations, which are foreseeable when vehicular ad- hoc networks are widely deployed.展开更多
Fog computing is a concept that extends the paradigm of cloud computing to the network edge. The goal of fog computing is to situate resources in the vicinity of end users. As with cloud computing, fog computing provi...Fog computing is a concept that extends the paradigm of cloud computing to the network edge. The goal of fog computing is to situate resources in the vicinity of end users. As with cloud computing, fog computing provides storage services. The data owners can store their confidential data in many fog nodes, which could cause more challenges for data sharing security. In this paper, we present a novel architecture for data sharing in a fog environment. We explore the benefits of fog computing in addressing one-to-many data sharing applications. This architecture sought to outperform the cloud-based architecture and to ensure further enhancements to system performance, especially from the perspective of security. We will address the security challenges of data sharing, such as fine-grained access control, data confidentiality, collusion resistance, scalability, and the issue of user revocation. Keeping these issues in mind, we will secure data sharing in fog computing by combining attributebased encryption and proxy re-encryption techniques. Findings of this study indicate that our system has the response and processing time faster than classical cloud systems. Further, experimental results show that our system has an efficient user revocation mechanism, and that it provides high scalability and sharing of data in real time with low latency.展开更多
Cloud data sharing service,which allows a group of people to access and modify the shared data,is one of the most popular and efficient working styles in enterprises.Recently,there is an uprising trend that enterprise...Cloud data sharing service,which allows a group of people to access and modify the shared data,is one of the most popular and efficient working styles in enterprises.Recently,there is an uprising trend that enterprises tend to move their IT service from local to cloud to ease the management and reduce the cost.Under the new cloud environment,the cloud users require the data integrity verification to inspect the data service at the cloud side.Several recent studies have focused on this application scenario.In these studies,each user within a group is required to sign a data block created or modified by him.While a user is revoked,all the data previously signed by him should be resigned.In the existing research,the resigning process is dependent on the revoked user.However,cloud users are autonomous.They may exit the system at any time without notifying the system admin and even are revoked due to misbehaviors.As the developers in the cloud-based software development platform,they are voluntary and not strictly controlled by the system.Due to this feature,cloud users may not always follow the cloud service protocol.They may not participate in generating the resigning key and may even expose their secret keys after being revoked.If the signature is not resigned in time,the subsequent verification will be affected.And if the secret key is exposed,the shared data will be maliciously modified by the attacker who grasps the key.Therefore,forcing a revoked user to participate in the revocation process will lead to efficiency and security problems.As a result,designing a practical and efficient integrity verification scheme that supports this scenario is highly desirable.In this paper,we identify this challenging problem as the asynchronous revocation,in which the revocation operations(i.e.,re-signing key generation and resigning process)and the user's revocation are asynchronous.All the revocation operations must be able to be performed without the participation of the revoked user.Even more ambitiously,the revocation process should not rely on any special entity,such as the data owner or a trusted agency.To address this problem,we propose a novel public data integrity verification mechanism in which the data blocks signed by the revoked user will be resigned by another valid user.From the perspectives of security and practicality,the revoked user does not participate in the resigning process and the re-signing key generation.Our scheme allows anyone in the cloud computing system to act as the verifier to publicly and efficiently verify the integrity of the shared data using Homomorphic Verifiable Tags(HVTs).Moreover,the proposed scheme resists the collusion attack between the cloud server and the malicious revoked users.The numerical analysis and experimental results further validate the high efficiency and scalability of the proposed scheme.The experimental results manifest that re-signing 10,000 data blocks only takes 3.815 s and a user can finish the verification in 300 ms with a 99% error detection probability.展开更多
Vehicular Ad-hoc NETworks(VANETs)enable cooperative behaviors in vehicular environments and are seen as an integral component of Intelligent Transportation Systems(ITSs).The security of VANETs is crucial for their suc...Vehicular Ad-hoc NETworks(VANETs)enable cooperative behaviors in vehicular environments and are seen as an integral component of Intelligent Transportation Systems(ITSs).The security of VANETs is crucial for their successful deployment and widespread adoption.A critical aspect of preserving the security and privacy of VANETs is the efficient revocation of the ability of misbehaving or malicious vehicles to participate in the network.This is usually achieved by revoking the validity of the digital certificates of the offending nodes and by maintaining and distributing an accurate Certificate Revocation List(CRL).The immediate revocation of misbehaving vehicles is of prime importance for the safety of other vehicles and users.In this paper,we present a decentralized revocation approach based on Shamir’s secret sharing to revoke misbehaving vehicles with very low delays.Besides enhancing VANETs’security,our proposed protocol limits the size of the revocation list to the number of the revoked vehicles.Consequently,the authentication process is more efficient,and the communication overhead is reduced.We experimentally evaluate our protocol to demonstrate that it provides a reliable solution to the scalability,efficiency and security of VANETs.展开更多
基金the National Natural Science Foundation of China(Nos.61802075 and 61772477)the Natural Science Foundation of Henan Province,China(Nos.222300420371 and202300410508)。
文摘For group signature(GS)supporting membership revocation,verifier-local revocation(VLR)mechanism seems to be a more flexible choice,because it requires only that verifiers download up-to-date revocation information for signature verification,and the signers are not involved.As a post-quantum secure cryptographic counterpart of classical number-theoretic cryptographic constructions,the first lattice-based VLR group signature(VLR-GS)was introduced by Langlois et al.(2014).However,none of the contemporary lattice-based VLR-GS schemes provide backward unlinkability(BU),which is an important property to ensure that previously issued signatures remain anonymous and unlinkable even after the corresponding signer(i.e.,member)is revoked.In this study,we introduce the first lattice-based VLR-GS scheme with BU security(VLR-GS-BU),and thus resolve a prominent open problem posed by previous works.Our new scheme enjoys an O(log N)factor saving for bit-sizes of the group public-key(GPK)and the member’s signing secret-key,and it is free of any public-key encryption.In the random oracle model,our scheme is proven secure under two well-known hardness assumptions of the short integer solution(SIS)problem and learning with errors(LWE)problem.
基金the National Natural Science Foundations of China(Nos.61472309,61672412,61572390and 61402353)the 111 Project(No.B08038)Research Program of Anhui Education Committee(Nos.KJ2016A626,KJ2016A627)
文摘Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to average-case reductions. The first lattice-based group signature scheme with verifier-local revocation(VLR) is treated as the first quantum-resistant scheme supported member revocation, and was put forward by Langlois et al. This VLR group signature(VLR-GS) has group public key size of O(nm log N log q), and a signature size of O(tm log N log q log β). Nguyen et al. constructed a simple efficient group signature from lattice, with significant advantages in bit-size of both the group public key and the signature. Based on their work, we present a VLR-GS scheme with group public key size of O(nm log q) and signature size of O(tm log q). Our group signature has notable advantages: support of membership revocation, and short in both the public key size and the signature size.
基金supported in part by National High-Tech Research and Development Program of China(“863” Program)under Grant No.2015AA016004National Natural Science Foundation of China under Grants No.61173154,61272451,61572380
文摘Access control is a key mechanism to secure outsourced data in mobile clouds. Some existing solutions are proposed to enforce flexible access control on outsourced data or reduce the computations performed by mobile devices. However, less attention has been paid to the efficiency of revocation when there are mobile devices needed to be revoked. In this paper, we put forward a new solution, referred to as flexible access control with outsourceable revocation(FACOR) for mobile clouds. The FACOR applies the attribute-based encryption to enable flexible access control on outsourced data, and allows mobile users to outsource the time-consuming encryption and decryption computations to proxies, with only requiring attributes authorization to be fully trusted. As an advantageous feature, FACOR provides an outsourceable revocation for mobile users to reduce the complicated attribute-based revocation operations. The security analysis shows that our FACOR scheme achieves data security against collusion attacks and unauthorized accesses from revoked users. Both theoretical and experimental results confirm that our proposed scheme greatly reliefs the mobile devices from heavy encryption and decryption computations, as well as the complicated revocation of access rights in mobile clouds.
基金supported by the NSFC(61173141,U1536206,61232016, U1405254,61373133,61502242,61572258)BK20150925+3 种基金Fund of Jiangsu Engineering Center of Network Monitoring(KJR1402)Fund of MOE Internet Innovation Platform(KJRP1403)CICAEETthe PAPD fund
文摘Attribute-based encryption(ABE) supports the fine-grained sharing of encrypted data.In some common designs,attributes are managed by an attribute authority that is supposed to be fully trustworthy.This concept implies that the attribute authority can access all encrypted data,which is known as the key escrow problem.In addition,because all access privileges are defined over a single attribute universe and attributes are shared among multiple data users,the revocation of users is inefficient for the existing ABE scheme.In this paper,we propose a novel scheme that solves the key escrow problem and supports efficient user revocation.First,an access controller is introduced into the existing scheme,and then,secret keys are generated corporately by the attribute authority and access controller.Second,an efficient user revocation mechanism is achieved using a version key that supports forward and backward security.The analysis proves that our scheme is secure and efficient in user authorization and revocation.
基金supported by the Ministry of Education Doctor Foundation in China under Grant No. 20050699037
文摘In recent years,several random key pre-distribution schemes have been proposed to bootstrap keys for encryption,but the problem of key and node revocation has received relatively little attention.In this paper,based on a random key pre-distribution scheme using clustering,we present a novel random key revoca-tion protocol,which is suitable for large scale networks greatly and removes compromised information efficiently.The revocation protocol can guarantee network security by using less memory consumption and communication load,and combined by centralized and distributed revoca-tion,having virtues of timeliness and veracity for revoca-tion at the same time.
文摘Attribute revocation is inevitable and also important for Attribute-Based Encryption (ABE) in practice.However,little attention has been paid to this issue,and it remains one of the main obstacles for the application of ABE.Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revocation events occur.Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation,they mostly focused on the user revocation that revokes the user's whole attributes,or they can only be proven to be selectively secure.In this paper,we first define a model of adaptively secure ABE supporting the attribute revocation under direct revocation model.Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups.Finally,we prove our schemes to be adaptively secure by employing the methodology of dual system encryption.
基金the National Natural Science Foundation of China (No.60673081)the National Grand Foundation Research 863 Program of China (No.2006 AA01Z417).
文摘Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be un-trustworthy. The scheme is efficient even when the number of revoked members is large.
基金supported in part by the National Nature Science Foundation of China under Grant No. 60473027
文摘How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divisibility is given and a novel membership revocation method in ACJT group signature scheme is proposed: the group manager issues the product E of the public keys of current members in the group, when a group member wants to sign, he should not only proves that he has a membership certificate, but also proves that the public key in his certificate divides exactly the public key product E with zero knowledge. The proposed method is efficient since the group manager only needs one division and one exponentiation when a group member is deleted, while the signing and verifying procedure are independent of the number of current group members and excluded members, as well as the original group public key and membership certificates needn't be changed.
文摘This work proposes authentication based on identity as a way to increase the efficiency and security of communications in vehicular ad-hoc networks. When using identity-based cryptography to achieve certificateless authentication, membership revocation is not a trivial problem. Thus, in order to improve the performance of revocation in such networks, the use of a dynamic authenticated data structure based on perfect k-ary hash trees combined with a duplex version of the new standard SHA-3 is here presented. Efficient algorithms in the used revocation trees allow reaching a refresh rate of at most simple updates per inserted node. Consequently, the proposal is especially useful for situations with frequent revocations, which are foreseeable when vehicular ad- hoc networks are widely deployed.
文摘Fog computing is a concept that extends the paradigm of cloud computing to the network edge. The goal of fog computing is to situate resources in the vicinity of end users. As with cloud computing, fog computing provides storage services. The data owners can store their confidential data in many fog nodes, which could cause more challenges for data sharing security. In this paper, we present a novel architecture for data sharing in a fog environment. We explore the benefits of fog computing in addressing one-to-many data sharing applications. This architecture sought to outperform the cloud-based architecture and to ensure further enhancements to system performance, especially from the perspective of security. We will address the security challenges of data sharing, such as fine-grained access control, data confidentiality, collusion resistance, scalability, and the issue of user revocation. Keeping these issues in mind, we will secure data sharing in fog computing by combining attributebased encryption and proxy re-encryption techniques. Findings of this study indicate that our system has the response and processing time faster than classical cloud systems. Further, experimental results show that our system has an efficient user revocation mechanism, and that it provides high scalability and sharing of data in real time with low latency.
基金partially supported by National Key Research and Development Project No.2020YFC1522602National Natural Science Foundation of China Nos.62072349,U1811263,61572378+5 种基金Technological Innovation Major Program of Hubei Province No.2019AAA072Tarim University President Fund Doctoral Foundation Research Project No.19/1117596Xinjiang Regional Innovation Guidance Project No.2017DB004Basic and Advanced Research Projects of CSTC No.cstc2019jcyj-zdxm0102Chongqing Science and Technology Innovation Leading Talent Support Program No.CSTCCXLJRC201908Science and Technology Research Program of Chongqing Municipal Education Commission No.KJZD-K201900605.
文摘Cloud data sharing service,which allows a group of people to access and modify the shared data,is one of the most popular and efficient working styles in enterprises.Recently,there is an uprising trend that enterprises tend to move their IT service from local to cloud to ease the management and reduce the cost.Under the new cloud environment,the cloud users require the data integrity verification to inspect the data service at the cloud side.Several recent studies have focused on this application scenario.In these studies,each user within a group is required to sign a data block created or modified by him.While a user is revoked,all the data previously signed by him should be resigned.In the existing research,the resigning process is dependent on the revoked user.However,cloud users are autonomous.They may exit the system at any time without notifying the system admin and even are revoked due to misbehaviors.As the developers in the cloud-based software development platform,they are voluntary and not strictly controlled by the system.Due to this feature,cloud users may not always follow the cloud service protocol.They may not participate in generating the resigning key and may even expose their secret keys after being revoked.If the signature is not resigned in time,the subsequent verification will be affected.And if the secret key is exposed,the shared data will be maliciously modified by the attacker who grasps the key.Therefore,forcing a revoked user to participate in the revocation process will lead to efficiency and security problems.As a result,designing a practical and efficient integrity verification scheme that supports this scenario is highly desirable.In this paper,we identify this challenging problem as the asynchronous revocation,in which the revocation operations(i.e.,re-signing key generation and resigning process)and the user's revocation are asynchronous.All the revocation operations must be able to be performed without the participation of the revoked user.Even more ambitiously,the revocation process should not rely on any special entity,such as the data owner or a trusted agency.To address this problem,we propose a novel public data integrity verification mechanism in which the data blocks signed by the revoked user will be resigned by another valid user.From the perspectives of security and practicality,the revoked user does not participate in the resigning process and the re-signing key generation.Our scheme allows anyone in the cloud computing system to act as the verifier to publicly and efficiently verify the integrity of the shared data using Homomorphic Verifiable Tags(HVTs).Moreover,the proposed scheme resists the collusion attack between the cloud server and the malicious revoked users.The numerical analysis and experimental results further validate the high efficiency and scalability of the proposed scheme.The experimental results manifest that re-signing 10,000 data blocks only takes 3.815 s and a user can finish the verification in 300 ms with a 99% error detection probability.
文摘Vehicular Ad-hoc NETworks(VANETs)enable cooperative behaviors in vehicular environments and are seen as an integral component of Intelligent Transportation Systems(ITSs).The security of VANETs is crucial for their successful deployment and widespread adoption.A critical aspect of preserving the security and privacy of VANETs is the efficient revocation of the ability of misbehaving or malicious vehicles to participate in the network.This is usually achieved by revoking the validity of the digital certificates of the offending nodes and by maintaining and distributing an accurate Certificate Revocation List(CRL).The immediate revocation of misbehaving vehicles is of prime importance for the safety of other vehicles and users.In this paper,we present a decentralized revocation approach based on Shamir’s secret sharing to revoke misbehaving vehicles with very low delays.Besides enhancing VANETs’security,our proposed protocol limits the size of the revocation list to the number of the revoked vehicles.Consequently,the authentication process is more efficient,and the communication overhead is reduced.We experimentally evaluate our protocol to demonstrate that it provides a reliable solution to the scalability,efficiency and security of VANETs.
