Applied Cryptography and Network Security 

About: Applied Cryptography and Network Security is an academic conference. The conference publishes majorly in the area(s): Encryption & Cryptography. Over the lifetime, 691 publications have been published by the conference receiving 21182 citations.

Privacy preserving keyword searches on remote encrypted data

Abstract: We consider the following problem: a user $\mathcal{U}$ wants to store his files in an encrypted form on a remote file server $\mathcal{S}$. Later the user $\mathcal{U}$ wants to efficiently retrieve some of the encrypted files containing (or indexed by) specific keywords, keeping the keywords themselves secret and not jeopardizing the security of the remotely stored files. For example, a user may want to store old e-mail messages encrypted on a server managed by Yahoo or another large vendor, and later retrieve certain messages while travelling with a mobile device. In this paper, we offer solutions for this problem under well-defined security requirements. Our schemes are efficient in the sense that no public-key cryptosystem is involved. Indeed, our approach is independent of the encryption method chosen for the remote files. They are also incremental, in that $\mathcal{U}$ can submit new files which are secure against previous queries but still searchable against future queries.

Secure Conjunctive Keyword Search over Encrypted Data

Abstract: We study the setting in which a user stores encrypted documents (eg e-mails) on an untrusted server In order to retrieve documents satisfying a certain search criterion, the user gives the server a capability that allows the server to identify exactly those documents Work in this area has largely focused on search criteria consisting of a single keyword If the user is actually interested in documents containing each of several keywords (conjunctive keyword search) the user must either give the server capabilities for each of the keywords individually and rely on an intersection calculation (by either the server or the user) to determine the correct set of documents, or alternatively, the user may store additional information on the server to facilitate such searches Neither solution is desirable; the former enables the server to learn which documents match each individual keyword of the conjunctive search and the latter results in exponential storage if the user allows for searches on every set of keywords

Identity-Based Proxy Re-encryption

Abstract: In a proxy re-encryption scheme a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. A number of solutions have been proposed in the public-key setting. In this paper, we address the problem of Identity-Based proxy re-encryption, where ciphertexts are transformed from one identityto another. Our schemes are compatible with current IBE deployments and do not require any extra work from the IBE trusted-party key generator. In addition, they are non-interactive and one of them permits multiple re-encryptions. Their security is based on a standard assumption (DBDH) in the random oracle model.

LBlock: a lightweight block cipher

Abstract: In this paper, we propose a new lightweight block cipher called LBlock. Similar to many other lightweight block ciphers, the block size of LBlock is 64-bit and the key size is 80-bit. Our security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differential cryptanalysis, linear cryptanalysis, impossible differential cryptanalysis and related-key attacks etc. Furthermore, LBlock can be implemented efficiently not only in hardware environments but also in software platforms such as 8-bit microcontroller. Our hardware implementation of LBlock requires about 1320 GE on 0.18 µm technology with a throughput of 200 Kbps at 100 KHz. The software implementation of LBlock on 8-bit microcontroller requires about 3955 clock cycles to encrypt a plaintext block.

SQLrand: Preventing SQL Injection Attacks

Abstract: We present a practical protection mechanism against SQL injection attacks Such attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts We apply the concept of instruction-set randomization to SQL, creating instances of the language that are unpredictable to the attacker Queries injected by the attacker will be caught and terminated by the database parser We show how to use this technique with the MySQL database using an intermediary proxy that translates the random SQL to its standard language Our mechanism imposes negligible performance overhead to query processing and can be easily retrofitted to existing systems