scispace - formally typeset
Search or ask a question
Author

Xinghua Li

Other affiliations: Henan University of Technology
Bio: Xinghua Li is an academic researcher from Xidian University. The author has contributed to research in topics: Computer science & Authentication. The author has an hindex of 16, co-authored 62 publications receiving 853 citations. Previous affiliations of Xinghua Li include Henan University of Technology.


Papers
More filters
Journal ArticleDOI
TL;DR: This work proposes an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme, and provides more security guarantees while keeping efficiency.
Abstract: Smart-card-based password authentication scheme is one of the commonly used mechanisms to prevent unauthorized service and resource access and to remove the potential security threats over the insecure networks and has been investigated extensively in the last decade. Recently, Chen et al. proposed a smart-card-based password authentication scheme and claimed that the scheme can withstand offline password guessing attacks even if the information stored in the smart card is extracted by the adversary. However, we observe that the scheme of Chen et al. is insecure against offline password guessing attacks in this case. To remedy this security problem, we propose an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme. Compared with the previous schemes, our improved scheme provides more security guarantees while keeping efficiency. Copyright © 2013 John Wiley & Sons, Ltd.

110 citations

Journal ArticleDOI
TL;DR: This paper devise a practical cryptographic primitive called attribute-based multi-keyword search scheme to support comparable attributes through utilizing 0-encoding and 1-encode, and demonstrates that this scheme can drastically decrease both computational and storage costs.
Abstract: Cloud-based mobile crowdsourcing has been an attractive solution to provide data storage and share services for resource-limited mobile devices in a privacy-preserving manner, but how to enable mobile users to issue search queries and achieve fine-grained access control over ciphertexts simultaneously is still a big challenge for various circumstances. Although the ciphertext-policy attribute-based keyword search technology combining attribute-based encryption with searchable encryption has become a hot research topic, it just deals with equivalent attributes rather than more practical attribute comparisons, like “greater than” or “less than.” In this paper, we devise a practical cryptographic primitive called attribute-based multi-keyword search scheme to support comparable attributes through utilizing 0-encoding and 1-encoding. Formal security analysis proves that our scheme is selectively secure against chosen-keyword attack in generic bilinear group model and extensive experiments using real-world dataset demonstrate that our scheme can drastically decrease both computational and storage costs.

104 citations

Journal ArticleDOI
Bin Luo1, Xinghua Li1, Jian Weng2, Jingjing Guo1, Jianfeng Ma1 
TL;DR: Security analysis and extensive experiments indicate that the proposal is resilient to various trust model attacks, it can effectively detect the malicious vehicles, and preserve the location privacy of vehicles in the anonymous cloaking region construction, while the required time delay is limited.
Abstract: While enjoying the convenience brought by Location Based Service (LBS), the location privacy of vehicles in VANET may be disclosed. Distributed k -anonymity, as one of the most popular privacy protection methods, fails to take the trustworthiness of participants into account, resulting in malicious tracing of vehicles, which further leads to the sensitive information leakage, and even the safety threat of personal property. To address this issue, we propose a blockchain enabled trust-based location privacy protection scheme in VANET. Specifically, by analyzing the different requirements of the request vehicle and the cooperative vehicle during the process of constructing the anonymous cloaking region, as well as combining the characteristics of these two roles, we devise the trust management method based on Dirichlet distribution , such that both the requester and the cooperator will only cooperate with the vehicles they trust. Moreover, by employing blockchain, we also proposed the data structure to record the trustworthiness of vehicles on publicly available blocks timely, so that any vehicle can access the historical trust information of counterparties whenever necessary. Finally, the construction process of anonymous cloaking region is presented. Security analysis and extensive experiments indicate that the proposal is resilient to various trust model attacks, it can effectively detect the malicious vehicles, and preserve the location privacy of vehicles in the anonymous cloaking region construction, while the required time delay is limited.

101 citations

Journal ArticleDOI
TL;DR: This paper devise a basic cryptographic primitive called attribute-based keyword search over hierarchical data (ABKS-HD) scheme by using the ciphertext-policy attribute- based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems.
Abstract: Searchable encryption (SE) has been a promising technology which allows users to perform search queries over encrypted data. However, the most of existing SE schemes cannot deal with the shared records that have hierarchical structures. In this paper, we devise a basic cryptographic primitive called as attribute-based keyword search over hierarchical data ( ABKS-HD ) scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems. The facts that the single keyword search will yield many irrelevant search results and the revoked users can access the unauthorized data with the old or outdated secret keys make this basic scheme not scale well in practice. To this end, we also propose two improved schemes ( ABKS-HD-I , ABKS-HD-II ) for the sake of supporting multi-keyword search and user revocation, respectively. In contrast with the state-of-the-art attribute-based keyword search (ABKS) schemes, the computation overhead of our schemes almost linearly increases with the number of users’ attributes rather than the number of attributes in systems. Formal security analysis proves that our schemes are secure against both chosen-plaintext attack (CPA) and chosen-keyword attack (CKA) in the random oracle model. Furthermore, empirical study using a real-world dataset shows that our schemes are feasible and efficient in practical applications.

94 citations

Proceedings ArticleDOI
Hai Liu1, Xinghua Li1, Hui Li1, Jianfeng Ma1, Xindi Ma1 
01 May 2017
TL;DR: This paper filters out the dummies that can be identified by taking into account of the spatiotemporal correlation from three aspects, namely time reachability, direction similarity and in-degree/out-degree, so that the rest dummies can satisfy the user's personalized privacy protection requirement.
Abstract: Since the dummy-based method can provide precise query results without any requirement for a third party or key sharing, it has been widely used to protect the user's location privacy in location-based services. However, the neighboring location sets submitted in consecutive requests always include a close spatiotemporal correlation, which enables the adversary to identify some dummies. Therefore, the existing dummy-based schemes cannot protect the user's location privacy completely. To solve this problem, based on the dummies generated by the existing schemes, this paper filters out the dummies that can be identified by taking into account of the spatiotemporal correlation from three aspects, namely time reachability, direction similarity and in-degree/out-degree. In this way, the rest dummies can satisfy the user's personalized privacy protection requirement. Security analysis shows that the proposed scheme successfully perturbs the spatiotemporal correlation between neighboring location sets, therefore, it is infeasible for the adversary to distinguish the user's real location from the dummies. Furthermore, extensive experiments indicate that the proposal is able to protect the user's location privacy effectively and efficiently.

75 citations


Cited by
More filters
Journal Article
TL;DR: This work presents a general methodology and two protocol constructions that result in the first two public-key traitor tracing schemes with constant transmission rate in settings where plaintexts can be calibrated to be sufficientlylarge.
Abstract: An important open problem in the area of Traitor Tracing is designing a scheme with constant expansion of the size of keys (users' keys and the encryption key) and of the size of ciphertexts with respect to the size of the plaintext. This problem is known from the introduction of Traitor Tracing by Chor, Fiat and Naor. We refer to such schemes as traitor tracing with constant transmission rate. Here we present a general methodology and two protocol constructions that result in the first two public-key traitor tracing schemes with constant transmission rate in settings where plaintexts can be calibrated to be sufficiently large. Our starting point is the notion of copyrighted function which was presented by Naccache, Shamir and Stern. We first solve the open problem of discrete-log-based and public-key-based copyrighted function. Then, we observe the simple yet crucial relation between (public-key) copyrighted encryption and (public-key) traitor tracing, which we exploit by introducing a generic design paradigm for designing constant transmission rate traitor tracing schemes based on copyrighted encryption functions. Our first scheme achieves the same expansion efficiency as regular ElGamal encryption. The second scheme introduces only a slightly larger (constant) overhead, however, it additionally achieves efficient black-box traitor tracing (against any pirate construction).

649 citations

Journal ArticleDOI
TL;DR: This comprehensive review offers critical insight to the key underlying research themes within smart cities, highlighting the limitations of current developments and potential future directions.

477 citations

Journal ArticleDOI
TL;DR: This paper surveys the application and implementation of differential privacy in four major applications of CPSs named as energy systems, transportation systems, healthcare and medical systems, and industrial Internet of things (IIoT).
Abstract: Modern cyber physical systems (CPSs) has widely being used in our daily lives because of development of information and communication technologies (ICT). With the provision of CPSs, the security and privacy threats associated to these systems are also increasing. Passive attacks are being used by intruders to get access to private information of CPSs. In order to make CPSs data more secure, certain privacy preservation strategies such as encryption, and k-anonymity have been presented in the past. However, with the advances in CPSs architecture, these techniques also need certain modifications. Meanwhile, differential privacy emerged as an efficient technique to protect CPSs data privacy. In this paper, we present a comprehensive survey of differential privacy techniques for CPSs. In particular, we survey the application and implementation of differential privacy in four major applications of CPSs named as energy systems, transportation systems, healthcare and medical systems, and industrial Internet of things (IIoT). Furthermore, we present open issues, challenges, and future research direction for differential privacy techniques for CPSs. This survey can serve as basis for the development of modern differential privacy techniques to address various problems and data privacy scenarios of CPSs.

357 citations

Journal ArticleDOI
TL;DR: A use case of fully autonomous driving is presented to show 6G supports massive IoT and some breakthrough technologies, such as machine learning and blockchain, in 6G are introduced, where the motivations, applications, and open issues of these technologies for massive IoT are summarized.
Abstract: Nowadays, many disruptive Internet-of-Things (IoT) applications emerge, such as augmented/virtual reality online games, autonomous driving, and smart everything, which are massive in number, data intensive, computation intensive, and delay sensitive. Due to the mismatch between the fifth generation (5G) and the requirements of such massive IoT-enabled applications, there is a need for technological advancements and evolutions for wireless communications and networking toward the sixth-generation (6G) networks. 6G is expected to deliver extended 5G capabilities at a very high level, such as Tbps data rate, sub-ms latency, cm-level localization, and so on, which will play a significant role in supporting massive IoT devices to operate seamlessly with highly diverse service requirements. Motivated by the aforementioned facts, in this article, we present a comprehensive survey on 6G-enabled massive IoT. First, we present the drivers and requirements by summarizing the emerging IoT-enabled applications and the corresponding requirements, along with the limitations of 5G. Second, visions of 6G are provided in terms of core technical requirements, use cases, and trends. Third, a new network architecture provided by 6G to enable massive IoT is introduced, i.e., space–air–ground–underwater/sea networks enhanced by edge computing. Fourth, some breakthrough technologies, such as machine learning and blockchain, in 6G are introduced, where the motivations, applications, and open issues of these technologies for massive IoT are summarized. Finally, a use case of fully autonomous driving is presented to show 6G supports massive IoT.

263 citations

Journal ArticleDOI
TL;DR: This work presents a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry and presents a comprehensive heuristic security analysis to show that the protocol is secure against all the possible attacks and provides the desired security features.
Abstract: Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their protocol suffers from smart card loss attack where the user identity and password can be guessed using offline brute force techniques. Moreover, the protocol suffers from known session-specific temporary information attack, which leads to the disclosure of session keys in other sessions. Furthermore, the protocol is vulnerable to tracking attack and fails to fulfill user untraceability. To address these deficiencies, we present a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry. We conduct a formal verification of our proposed protocol using ProVerif in order to demonstrate that our scheme fulfills the required security properties. We also present a comprehensive heuristic security analysis to show that our protocol is secure against all the possible attacks and provides the desired security features. The results we obtained show that our new protocol is a secure and lightweight solution for authentication and key agreement for Internet-integrated WSNs.

259 citations