The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful ...The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful for providing secure negotiation over the Internet. The ID-based deniable authentication protocol based on elliptic Diffie-Hellman key agreement protocol cannot defend the sender spoofing attack and message modification attack. In this paper, we present an improved protocol based on double elliptic Diffie- Hellman scheme. According to the comparison result, the proposed protocol performs better.展开更多
Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver cannot convince a third party that such authentication ever took place. When we consider an asynch...Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver cannot convince a third party that such authentication ever took place. When we consider an asynchronous multi-party network with open communications and an adversary that can adaptively corrupt as many parties as it wishes, we present a new approach to solve the problem of concurrent deniable authentication within the framework of universally composable (UC) security. We formulate a definition of an ideal functionality for deniable authentication. Our constructions rely on a modification of the verifiably smooth projective hashing (VSPH) with projection key function by trapdoor commitment. Our protocols are forward deniable and UC security against adaptive adversaries in the common reference string model. A new approach implies that security is preserved under concurrent composition of an unbounded number of protocol executions; it implies non-malleability with respect to arbitrary protocols and more. The novelty of our schemes is the use of witness indistinguishable protocols and the security is based on the decisional composite residuosity (DCR) assumption. This new approach is practically relevant as it leads to more efficient protocols and security reductions.展开更多
Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HI...Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.展开更多
This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protoc...This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protocol is executed successfully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenticated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.展开更多
With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. I...With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. In certain situations, this is inadequate, as user may be coerced to hand over decryption keys or passwords of sensitive APP(Ali Pay) on mobile device. Therefore, only encryption cannot protect sensitive APP and privacy data stored on user's smartphone. To address these obstacles, we design a protection system called Mobi Gemini. It enables automatic uninstalling service that can immediately uninstall multiple APP at same time, and also enabling plausibly deniable encryption(PDE) on mobile devices by hiding encrypted volume within random data in free space of cache partition. We improve the key store way of previous PDE schemes on mobile device. The evaluation results show that the scheme introduces a few overhead compared with original android system enabling full disk encryption.展开更多
This paper introduces and evaluates the performance of a novel cipher scheme, Ambiguous Multi-Symmetric Cryptography (AMSC), which conceals multiple coherent plain-texts in one cipher-text. The cipher-text can be decr...This paper introduces and evaluates the performance of a novel cipher scheme, Ambiguous Multi-Symmetric Cryptography (AMSC), which conceals multiple coherent plain-texts in one cipher-text. The cipher-text can be decrypted by different keys to produce different plain-texts. Security analysis showed that AMSC is secure against cipher-text only and known plain-text attacks. AMSC has the following applications: 1) it can send multiple messages for multiple receivers through one cipher-text;2) it can send one real message and multiple decoys for camouflage;and 3) it can send one real message to one receiver using parallel processing. Performance comparison with leading symmetric algorithms (DES, AES and RC6) demonstrated AMSC’s efficiency in execution time.展开更多
文摘The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful for providing secure negotiation over the Internet. The ID-based deniable authentication protocol based on elliptic Diffie-Hellman key agreement protocol cannot defend the sender spoofing attack and message modification attack. In this paper, we present an improved protocol based on double elliptic Diffie- Hellman scheme. According to the comparison result, the proposed protocol performs better.
基金the National Natural Science Foundation of China (Grant Nos. 60702059, 60633020 and 60573036)by the MIC of Korea, under the ITRC support program supervised by the IITA (IITA-2006-C1090-0603-0026)
文摘Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver cannot convince a third party that such authentication ever took place. When we consider an asynchronous multi-party network with open communications and an adversary that can adaptively corrupt as many parties as it wishes, we present a new approach to solve the problem of concurrent deniable authentication within the framework of universally composable (UC) security. We formulate a definition of an ideal functionality for deniable authentication. Our constructions rely on a modification of the verifiably smooth projective hashing (VSPH) with projection key function by trapdoor commitment. Our protocols are forward deniable and UC security against adaptive adversaries in the common reference string model. A new approach implies that security is preserved under concurrent composition of an unbounded number of protocol executions; it implies non-malleability with respect to arbitrary protocols and more. The novelty of our schemes is the use of witness indistinguishable protocols and the security is based on the decisional composite residuosity (DCR) assumption. This new approach is practically relevant as it leads to more efficient protocols and security reductions.
基金partially supported by the National Key Research&Development Program of China(Grant No.2017YFC0822704)National Natural Science Foundation of China(No.61602476,No.61772518 and No.61602475).
文摘Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.
基金Supported by the National Natural Science Foundation of China (60473027, 60773202)Foundation of Sun Yat-Sen University (35000-2910025,35000-3171912)
文摘This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protocol is executed successfully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenticated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.
基金supported in part by Natural Science Foundation of China under (Grant No. U1536112) National Key Technology Research and Development Program of China (Grant No. 2012BAH94F02)+1 种基金National High-tech R&D Program of China (863 Program) under Grant No. 2013AA102301 Project of New Generation Broad band Wireless Network under Grant No. 2014ZX03006003
文摘With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. In certain situations, this is inadequate, as user may be coerced to hand over decryption keys or passwords of sensitive APP(Ali Pay) on mobile device. Therefore, only encryption cannot protect sensitive APP and privacy data stored on user's smartphone. To address these obstacles, we design a protection system called Mobi Gemini. It enables automatic uninstalling service that can immediately uninstall multiple APP at same time, and also enabling plausibly deniable encryption(PDE) on mobile devices by hiding encrypted volume within random data in free space of cache partition. We improve the key store way of previous PDE schemes on mobile device. The evaluation results show that the scheme introduces a few overhead compared with original android system enabling full disk encryption.
文摘This paper introduces and evaluates the performance of a novel cipher scheme, Ambiguous Multi-Symmetric Cryptography (AMSC), which conceals multiple coherent plain-texts in one cipher-text. The cipher-text can be decrypted by different keys to produce different plain-texts. Security analysis showed that AMSC is secure against cipher-text only and known plain-text attacks. AMSC has the following applications: 1) it can send multiple messages for multiple receivers through one cipher-text;2) it can send one real message and multiple decoys for camouflage;and 3) it can send one real message to one receiver using parallel processing. Performance comparison with leading symmetric algorithms (DES, AES and RC6) demonstrated AMSC’s efficiency in execution time.
