In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

PORs: Proofs of Retrievability for Large Files

Conventional Internet of Things (IoT) ecosystems involve data streaming from sensors, through Fog devices to a centralized Cloud server. Issues that arise include privacy concerns due to third party management of Cloud servers, single points of failure, a bottleneck in data flows and difficulties in regularly updating firmware for millions of smart devices from a point of security and maintenance perspective. Blockchain technologies avoid trusted third parties and safeguard against a single point of failure and other issues. This has inspired researchers to investigate blockchain’s adoption into IoT ecosystem. In this paper, recent state-of-the-arts advances in blockchain for IoT, blockchain for Cloud IoT and blockchain for Fog IoT in the context of eHealth, smart cities, intelligent transport and other applications are analyzed. Obstacles, research gaps and potential solutions are also presented.

A survey on the adoption of blockchain in IoT: challenges and solutions

In existing authentication schemes for vehicular ad hoc networks (VANETs), the public key infrastructure (PKI)-based pseudonym certificate, identity-based encryption and group signature technology are usually used to preserve the security and privacy. However, these schemes face some challenges, e.g., the time-consuming certificate revocation list (CRL) checking, identity revocation issue and the computation overhead of group signature, respectively. To cope with these challenges, we propose a hybrid conditional privacy-preserving authentication protocol based on the PKI certificate and identity-based signature. In our scheme, the trust authority (TA) assigns the unique long-term certificate for every registered node. Only the vehicle with valid certificate can apply the anonymous short term identity from the current RSU to sign safety-related message. The identity-based signature avoids the CRL checking and the complex bilinear paring operation. When vehicle is compromised, TA can easily revoke its identity by the only long-term certificate. To further enhance efficiency, vehicle can verify the received messages by the single or batch authentication manner. In addition, we optimize the authentication process to avoid vehicle verifying the repeated and unnecessary signatures. Compared with the current schemes, the simulation result shows that our authentication protocol can effectively reduce verified messages in the case of meeting the requirement of security and privacy.

Hybrid conditional privacy-preserving authentication scheme for VANETs

Electronic Health Records (EHRs) are electronically-stored health information in a digital format. EHRs are typically shared among healthcare stakeholders and face power failure, data misuse, lack of privacy, security, and audit trail. On the other hand, blockchain is the revolutionary invention of the twentieth century that offers a distributed and decentralized setting to communicate among nodes in a list of networks without a central authority. It can address the limitations of EHRs management and provide a safer, secured, and decentralized environment for exchanging EHRs data. Three categories of blockchain-based potential solutions have been proposed by researchers to handle EHRs: conceptual, prototype, and implemented. This study focused on a Systematic Literature Review (SLR) to find and analyze articles submitted either conceptual or implemented to manage EHRs using blockchain. The study examined 99 papers that were collected from various publication categories. The deep technical analysis focused on evaluating articles based on privacy, security, scalability, accessibility, cost, consensus algorithms, and the type of blockchain used. The SLR found that blockchain technology promises to provide decentralization, security, and privacy that traditional EHRs often lack. Moreover, results obtained from the detailed studies would provide potential researchers with the type of blockchain for future research. Finally, future research directions, in the end, would direct enthusiasm to combine new blockchain-based systems to manage EHRs properly.

https://ieeexplore.ieee.org/ielx7/6287639/9668973/09673752.pdf

Blockchain-Based Electronic Health Records Management: A Comprehensive Review and Future Research Direction

Electronic Health Records (EHRs) are electronically-stored health information in a digital format. EHRs are typically shared among healthcare stakeholders and face power failure, data misuse, lack of privacy, security, and audit trail. On the other hand, blockchain is the revolutionary invention of the twentieth century that offers a distributed and decentralized setting to communicate among nodes in a list of networks without a central authority. It can address the limitations of EHRs management and provide a safer, secured, and decentralized environment for exchanging EHRs data. Three categories of blockchain-based potential solutions have been proposed by researchers to handle EHRs: conceptual, prototype, and implemented. This study focused on a Systematic Literature Review (SLR) to find and analyze articles submitted either conceptual or implemented to manage EHRs using blockchain. The study examined 99 papers that were collected from various publication categories. The deep technical analysis focused on evaluating articles based on privacy, security, scalability, accessibility, cost, consensus algorithms, and the type of blockchain used. The SLR found that blockchain technology promises to provide decentralization, security, and privacy that traditional EHRs often lack. Moreover, results obtained from the detailed studies would provide potential researchers with the type of blockchain for future research. Finally, future research directions, in the end, would direct enthusiasm to combine new blockchain-based systems to manage EHRs properly. 

/pdf/blockchain-based-electronic-health-records-management-a-1o4jr5mw.pdf

Electronic Health Record (EHR) not only contains great value, but also implies a large amount of personal privacy. Aiming at the security problems such as data forgery and tampering in EHR data sharing process, this paper proposes a blockchain-based EHR data searchable scheme to realize the calculation and application of EHR data in the decentralized network environment. This paper stores the EHR data ciphertext on the cloud, and stores the keyword index of the EHR data on the blockchain. The data visitor's search result on the blockchain is only the blind value of the data identifier, and is generated after blinding. The token for downloading ciphertext data in the cloud not only improves storage efficiency of the system, but also ensures the integrity, immutability and traceability of the EHR data index. Based on the attribute encryption mechanism, the fine-grained access control of cloud data is realized, and the attribute signature technology is used to verify the authenticity of the EHR data source. Finally, experiments show that the encryption and search time of this scheme is constant, regardless of the number of attributes.

Blockchain-Based Secure and Searchable EHR Sharing Scheme

With the widespread application of cloud storage, users could obtain many conveniences such as low-price data remote storage and flexible data sharing. Considering cloud service provider (CSP) is not full-trusted, lots of cloud auditing schemes are proposed to ensure the shared data security and integrity. However, existing cloud auditing schemes have some security risks, such as user identity disclosure, denial of service attack and single-manager abuse of power. To solve the above issues, we use certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability in this paper. Unlike the traditional schemes, our scheme realizes user identity anonymity without group signature and ring signature techniques, which guarantees the tag is compact. Meanwhile, our scheme supports that at least d managers could trace the identity of malicious user collaboratively, which avoids the abuse of single-manager power and provides non-frameability. Furthermore, we introduce an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack. That is, our scheme could solve the problem that anyone can challenge the CSP for the proofs, which averts network congestion and waste of cloud resources. In terms of function, the proposed scheme also supports efficient user revocation from a group. Certificateless cryptography ensures that our scheme does not involve certificate management burden and the key escrow problem. The security analysis shows that our scheme is provably secure against two types of adversaries in the environment of certificateless cryptography. The performance analysis demonstrates that our scheme is efficient

/pdf/privacy-preserving-cloud-auditing-for-multiple-users-scheme-238qy9epsw.pdf

Privacy-Preserving Cloud Auditing for Multiple Users Scheme With Authorization and Traceability

When users outsource the data to the remote cloud servers, they lose physical control of data while gaining storage convenience and cannot ensure the integrity of cloud data. Therefore, a series of auditing schemes were proposed to solve the problem of cloud data integrity verification. However, the existing public auditing scheme mainly focuses on a single replica, and the dynamic update of data requires a large computational overhead. Aiming at these problems, a new identity-based multi-replicas public auditing scheme is proposed by using homomorphic authentication labels and multi-branch path tree. The analysis results show that the scheme can effectively audit the integrity of cloud data. Compared with similar schemes, it has higher computational efficiency

Identity-Based Multi-replicas Data Public Audit Scheme

Vehicle ad-hoc network (VANET) is the main driving force to alleviate traffic congestion and accelerate the construction of intelligent transportation. However, the rapid growth of the number of vehicles makes the construction of the safety system of the vehicle network facing multiple tests. This paper proposes an identity-based aggregate signature scheme to protect the privacy of vehicle identity, receive messages in time and authenticate quickly in VANET. The scheme uses aggregate signature algorithm to aggregate the signatures of multiple users into one signature, and joins the idea of batch authentication to complete the authentication of multiple vehicular units, thereby improving the verification efficiency. In addition, the pseudoidentity of vehicles is used to achieve the purpose of vehicle anonymity and privacy protection. Finally, the secure storage of message signatures is effectively realized by using reliable cloud storage technology. Compared with similar schemes, this paper improves authentication efficiency while ensuring security, and has lower storage overhead.

Identity-Based Aggregate Signature Scheme in Vehicle Ad-hoc Network

Certificateless signcryption mechanism can not only provide security services, such as message integrity, non-repudiation and confidentiality, but also solve the problems of public key certificate management and key escrow. Zhou et al. proposed a certificateless signcryption mechanism without bilinear mapping and gave its security proof under the discrete logarithm problem and the computational Diffie Hellman problem in the random oracle model. However, the analysis show that this scheme has security flaws. That is, attackers can forge legitimate signatures of any messages. Finally, we give the specific attack process.

Rui Liu

Papers

Blockchain-Based Secure and Searchable EHR Sharing Scheme

Privacy-Preserving Cloud Auditing for Multiple Users Scheme With Authorization and Traceability

Identity-Based Multi-replicas Data Public Audit Scheme

Identity-Based Aggregate Signature Scheme in Vehicle Ad-hoc Network

Security analysis of a certificateless signcryption mechanism without bilinear mapping