Showing papers on "40-bit encryption published in 2018"

Cryptanalyzing an Image Encryption Algorithm Based on Autoblocking and Electrocardiography

Abstract: This paper performs a thorough security analysis of a chaotic image encryption algorithm based on autoblocking and electrocardiography from the view point of modern cryptography. The algorithm uses electrocardiography (ECG) signals to generate the initial key for a chaotic system and applies an autoblocking method to divide a plain image into blocks of certain sizes suitable for subsequent encryption. The designers claimed that the proposed algorithm is “strong and flexible enough for practical applications”. We find it is vulnerable to the known plaintext attack: based on one pair of a known plain-image and its corresponding cipher-image, an adversary is able to derive a mask image, which can be used as an equivalent secret key to successfully decrypt other cipher images encrypted under the same key with a non-negligible probability of 1/256. Using this as a typical counterexample, we summarize some security defects existing in many image encryption algorithms.

On the Security of a Class of Diffusion Mechanisms for Image Encryption

Abstract: The need for fast and strong image cryptosystems motivates researchers to develop new techniques to apply traditional cryptographic primitives in order to exploit the intrinsic features of digital images. One of the most popular and mature technique is the use of complex dynamic phenomena, including chaotic orbits and quantum walks, to generate the required key stream. In this paper, under the assumption of plaintext attacks we investigate the security of a classic diffusion mechanism (and of its variants) used as the core cryptographic primitive in some image cryptosystems based on the aforementioned complex dynamic phenomena. We have theoretically found that regardless of the key schedule process, the data complexity for recovering each element of the equivalent secret key from these diffusion mechanisms is only ${O}$ (1). The proposed analysis is validated by means of numerical examples. Some additional cryptographic applications of this paper are also discussed.

A novel scheme for image encryption using substitution box and chaotic system

Abstract: For the last 3 decades, the inclusion of chaos for the encryption of multimedia information is considered as a remarkable aspect of nonlinear dynamics. In this article, chaotic system along with substitution box is used for image encryption. Substitution box is constructed by the group action of the projective general linear group over a finite field. On multiple attempts, using the same security key the host image gives a different encrypted image which is the main feature of this scheme. For secure communication, this idea of chaos-based image encryption along with substitution box shows relatively improved results as depicted in simulation and security analysis. The scheme demonstrates resistance against image processing attacks.

A multithreaded programming approach for multimedia big data: encryption system

Abstract: Multimedia is currently seen to dominate the internet network and the mobile network traffic; hence, it is seen as the largest Big data. Generally, the symmetric encryption algorithms are applied to the ‘big multimedia data’; however; these algorithms are thought as very slow. In our study, we developed and designed a resource-efficient encryption algorithm system which applies the multithreaded programming process for the encryption of the big multimedia data. This proposed system describes a multi-level encryption model which uses the Feistel Encryption Scheme, genetic algorithms and the Advanced Encryption Standard (AES). Our system has been assessed for actual medical-based big multimedia data and compared to the benchmarked encryption algorithms like the RC6, MARS, 3-DES, DES, and Blowfish with regards to the computational run time and its throughput for the encryption and decryption procedures. In addition, the multithreaded programming approach is adopted to implement the proposed encryption system in order to enhace the system effeciencey and porfermance. Furthermore, we also compared our system with its sequential version for showing its resource efficiency. Our results indicated that our system had the least run time and a higher throughput for the encryption and decryption processes in comparison to the already existing standard encryption algorithms. Also, our system could improve the computation run time by approximately 75% and its throughput was also increased by 4-times in comparison to its sequential version. For fulfilling the security objectives, our algorithm showed a better Avalanche Effect in comparison to the existing algorithms and therefore, could be included in any encryption/decryption process of a big plain multimedia data.

A plaintext-related image encryption algorithm based on chaos

Abstract: A symmetric key image cryptosystem based on the piecewise linear map is presented in this paper. In this cryptosystem, the encryption process and the decryption process are exactly same. They both include the same operations of plaintext-related scrambling once, diffusion twice and matrix rotating of 180 degrees four times. The length of secret key in the system is 64d where d is a positive integer. The proposed system can fight against the chosen/known plaintext attacks due to the using of plaintext-related scrambling. The simulate results and comparison analysis show that the proposed system has many merits such as high encryption/decryption speed, large key space, strong key sensitivity, strong plaintext sensitivity, strong cipher-text sensitivity, good statistical properties of cipher images, and large cipher-text information entropy. So the proposed system can be applied to actual communications.

Function-Private Functional Encryption in the Private-Key Setting

Abstract: Functional encryption supports restricted decryption keys that allow users to learn specific functions of the encrypted messages. Although the vast majority of research on functional encryption has so far focused on the privacy of the encrypted messages, in many realistic scenarios it is crucial to offer privacy also for the functions for which decryption keys are provided. Whereas function privacy is inherently limited in the public-key setting, in the private-key setting it has a tremendous potential. Specifically, one can hope to construct schemes where encryptions of messages $$\mathsf{m}_1, \ldots , \mathsf{m}_T$$ together with decryption keys corresponding to functions $$f_1, \ldots , f_T$$ , reveal essentially no information other than the values $$\{ f_i(\mathsf{m}_j)\}_{i,j\in [T]}$$ . Despite its great potential, the known function-private private-key schemes either support rather limited families of functions (such as inner products) or offer somewhat weak notions of function privacy. We present a generic transformation that yields a function-private functional encryption scheme, starting with any non-function-private scheme for a sufficiently rich function class. Our transformation preserves the message privacy of the underlying scheme and can be instantiated using a variety of existing schemes. Plugging in known constructions of functional encryption schemes, we obtain function-private schemes based either on the learning with errors assumption, on obfuscation assumptions, on simple multilinear-maps assumptions, and even on the existence of any one-way function (offering various trade-offs between security and efficiency).

Audit-Free Cloud Storage via Deniable Attribute-Based Encryption

Abstract: Cloud storage services have become increasingly popular. Because of the importance of privacy, many cloud storage encryption schemes have been proposed to protect data from those who do not have access. All such schemes assumed that cloud storage providers are safe and cannot be hacked; however, in practice, some authorities (i.e., coercers) may force cloud storage providers to reveal user secrets or confidential data on the cloud, thus altogether circumventing storage encryption schemes. In this paper, we present our design for a new cloud storage encryption scheme that enables cloud storage providers to create convincing fake user secrets to protect user privacy. Since coercers cannot tell if obtained secrets are true or not, the cloud storage providers ensure that user privacy is still securely protected.

Chaos based adaptive double-image encryption scheme using hash function and S-boxes

Abstract: Most current symmetric cryptographic algorithms (symmetric ciphers and hash functions) are considered to be relatively secure against attacks by quantum computers. Here we propose an adaptive color double-image encryption scheme based on autonomous ODE chaotic system and SHA-512. The double-image is diffused firstly by chaotic sequences with bitwise exclusive or operation, and an algorithm is designed to transform two 512-bit hash values into two S-Boxes, to substitute for the pixels of diffused double-image respectively. In each encryption process, the initial values of chaotic system are from random signal, they are true random numbers. Simulation results demonstrate that the scheme is suitable and effective for color double-image encryption.

SecureMed: Secure Medical Computation Using GPU-Accelerated Homomorphic Encryption Scheme

Abstract: Sharing the medical records of individuals among healthcare providers and researchers around the world can accelerate advances in medical research. While the idea seems increasingly practical due to cloud data services, maintaining patient privacy is of paramount importance. Standard encryption algorithms help protect sensitive data from outside attackers but they cannot be used to compute on this sensitive data while being encrypted. Homomorphic Encryption presents a very useful tool that can compute on encrypted data without the need to decrypt it. In this paper, we describe an optimized NTRU-based implementation of the GSW homomorphic encryption scheme. Our results show a factor of 58 × improvement in CPU performance compared to other recent work on encrypted medical data under the same security settings. Our system is built to be easily portable to GPUs resulting in an additional speedup of up to a factor of 104 × (and 410 ×) to offer an overall speedup of 6085 × (and 24011 ×) using a single GPU (or four GPUs), respectively.

Fuzzy encryption in cloud computation: efficient verifiable outsourced attribute-based encryption

Abstract: Attributed-based encryption (ABE) is a promising cryptographic access control mechanism with a rich expressiveness of ABE policies. Due to the high complexities of encryption and decryption, users are burdened with large computation cost. Fortunately, outsourcing technologies can be used to reduce the computation overhead for the ABE schemes. In the recent decade, the achievements of the outsourced ciphertext-policy ABE (CP-ABE) schemes are inspiring. But, the outsourcing encryption algorithms for CP-ABE schemes are not addressed properly since the encryption exponents are dynamic. In this paper, we present an efficient outsourced CP-ABE scheme with checkability, where the number of the exponential operations in the encryption can be reduced to a constant by introducing a blinding algorithm. Meanwhile, the ciphertext size is not increased. Furthermore, to guarantee the correctness of our scheme, we provide the verification mechanism based on a collision-resistance hash function, which allows the users to efficiently check the validity of messages and outsourced computation results. Besides, the proposed scheme is secure against replayable chosen ciphertext attacks based on Green’s outsourcing security model. Intensive experiments are carried out to illustrate the efficiency of the proposed scheme.

Chaotic Searchable Encryption for Mobile Cloud Storage

Abstract: This paper considers the security problem of outsourcing storage from user devices to the cloud. A secure searchable encryption scheme is presented to enable searching of encrypted user data in the cloud. The scheme simultaneously supports fuzzy keyword searching and matched results ranking, which are two important factors in facilitating practical searchable encryption. A chaotic fuzzy transformation method is proposed to support secure fuzzy keyword indexing, storage and query. A secure posting list is also created to rank the matched results while maintaining the privacy and confidentiality of the user data, and saving the resources of the user mobile devices. Comprehensive tests have been performed and the experimental results show that the proposed scheme is efficient and suitable for a secure searchable cloud storage system.

A shareable keyword search over encrypted data in cloud computing

Abstract: Cloud storage is one of the most important applications in our daily lives. User can store their own data into cloud storage and remotely access the saved data. Owing to the social media develops, users can share the digital files to other users, leading to the amount of data growing rapidly and searching abilities necessarily. In the some cases, servers cannot avoid data leakage even if the server provides complete access control. The encrypted data is a best way to resolve this problem but it may eliminate original structure and searching may become impossible. Applying searchable encryption for each receiver may produce messy duplication and occupy the quota of cloud storage from each receiver. User requires keeping their shared documents belonging up to date which are compared with the latest version. To this aim, we thus propose a sharable ID-based encryption with keyword search in cloud computing environment, which enables users to search in data owners’ shared storage while preserving privacy of data. For the performance analysis, we demonstrate the compared resultant with others ID-based or ID-relative encryption. In addition to that, we show the formal proof to verify the security of our proposed.

Encryption and decryption techniques using shuffle function

Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Securely outsourcing the ciphertext-policy attribute-based encryption

Abstract: Attribute-based Encryption (ABE) is a new and promising public key encryption that allows fine-grained authorization on data based on user attributes. Such property is favorable for multiple applications that require encrypted storage or access control on data, in particular: eHealth applications. However, ABE schemes are known not to be efficient in the encryption phase because ciphertext size and the time required to encrypt grow with the complexity of the access policy. Such drawback is critical in the context of pervasive computing, for instance, in the Internet of Things, where data producers are usually resource-constrained devices, e.g. smart phones or sensing platforms. In this work, we propose OEABE standing for Outsourcing mechanism for the Encryption of Ciphertext-Policy ABE (CP-ABE). We show how a user can offload expensive operations of CP-ABE encryption to a semi-trusted party in a secure manner. Our proposed mechanism requires only one exponentiation on resource-constrained devices. We provide also an informal security analysis of possible attacks from a semi-honest adversary against the proposed solution. To demonstrate the performance gains of our mechanism, we first conducted a performance estimation on an emulated Wismote sensor platform. Then, we implemented our proposal and did comparison to an existing implementation of CP-ABE on a laptop.

A new image encryption algorithm based on DNA approach

Abstract: recent years, various DNA based cryptographic algorithms have been suggested to develop secure image encryption techniques but still many of them have low computing security as they have low avalanche effect and require to send long key . In this regard, this paper proposes a new method of image encryption based on DNA computation technology. The original image is encrypted using DNA computation and DNA complementary rule. First, a secret key is generated using a DNA sequence and modular arithmetic operations. Then each pixel value of the image undergoes the encryption process using the key and DNA computation methods. The researcher prove the validity of the algorithm through simulation and the theoretical analysis on the parameters such as sensitivity to plaintext, key sensitivity, histogram analysis, correlation analysis including bio-security and math security. Further, the algorithm has huge key space generated using key expansion algorithm while keeping the original key sequence small. It is shown the algorithm has achieved the satisfactory computing security level in the encryption security estimating system.

Efficient and privacy-aware attribute-based data sharing in mobile cloud computing

Abstract: In the era of cloud computing, it is convenient to share large-scale data among various kinds of users. As a kind of attribute-based encryption, ciphertext-policy attribute-based encryption (CP-ABE) is a potential technique for realizing fine-grained access control on shared data. However, traditional CP-ABE is not suitable for mobile cloud computing, where mobile users are resource-limited and privacy is fragile. In this paper, we propose an efficient and privacy-aware attribute-based data sharing system supporting offline key generation and offline encryption. In the proposed system, sensitive attribute values specified in an access structure are not explicitly sent along with a ciphertext. The online/offline encryption mechanism alleviates the computational burden of mobile users by performing most of encryption tasks without draining the battery. In addition, the online/offline key generation mechanism allows the attribute authority to finish most of operations in the key generation process in advance, which enables efficient mobile user registration. Finally, the proposed system is proven fully secure in the standard model and performance analysis shows its effectiveness in mobile cloud computing.

FPGA implementation of an optimized key expansion module of AES algorithm for secure transmission of personal ECG signals

Abstract: Advanced Encryption Standard was published as Federal Information Processing Standard by National Institute of Standards and Technology in 2001. AES is a symmetric non fiestel block cipher cryptographic algorithm that encrypts and decrypts the data block of 128 bits using different key sizes (128, 192, 256). Based on the block sizes, the number of rounds of encryption and decryption operations and the number of subkeys generated from the main key differs. In this proposed algorithm, the subkey generation architecture is altered to speed up the process of generating the subkeys from the main key. The proposed architecture is simulated and is implemented in FPGA Virtex 5 XC5VLX50T and it is found that the proposed architecture generates all the subkeys by saving 50% of the time taken by architecture proposed in 2001. This paper discusses the implementation of the new proposed algorithm for encryption and decryption process of ECG signals for the purpose of secure communication.

Cryptanalysis of a homomorphic encryption scheme

Abstract: Homomorphic encryption allows to make specific operations on private data which stays encrypted. While applications such as cloud computing require to have a practical solution, the encryption scheme must be secure. In this article, we detail and analyze in-depth the homomorphic encryption scheme proposed by Zhou and Wornell (20). From the analysis of the encryption scheme, we are able to mount three attacks. The first attack enables to recover a secret plaintext message broadcasted to multiple users. The second attack performs a chosen ciphertext key recovery attack. The last attack is a related chosen plaintext decryption attack.

Attribute-based broadcast encryption scheme for lightweight devices

Abstract: Lightweight devices, such as a smartcard associated with a top-box decoder in pay-TV or a SIM card coupled with a powerful (but not totally trusted) smartphone, play an important role in modern applications. The essential requirements for a cryptographic scheme to be truly implemented in lightweight devices are that it should have compact secret key size and support fast decryption. Attribute-based broadcast encryption (ABBE) combines the functionalities of both broadcast encryption and attribute-based encryption in an efficient way, ABBE is therefore a promising cryptographic scheme to be used in practical applications such as mobile pay-TV, satellite transmission, or Internet of Things. Designing an ABBE scheme which can be truly implemented in lightweight devices is still an open question. In this study, the authors solve it by proposing an efficient constant-size private key ciphertext-policy ABBE scheme for disjunctive normal form supporting fast decryption and achieving standard security levels of an ABBE scheme. They concretely show that the authors’ scheme can be truly implemented in a prototype for a smartphone-based cloud storage use case. In particular, they show how to alleviate some parts of their scheme so as to obtain a very practical system, and they give some concrete benchmarks.

A Black-Box Construction of Non-malleable Encryption from Semantically Secure Encryption

Abstract: We show how to transform any semantically secure encryption scheme into a non-malleable one, with a black-box construction that achieves a quasi-linear blow-up in the size of the ciphertext. This improves upon the previous non-black-box construction of Pass, Shelat and Vaikuntanathan (Crypto '06). Our construction also extends readily to guarantee non-malleability under a bounded-CCA2 attack, thereby simultaneously improving on both results in the work of Cramer et al. (Asiacrypt '07). Our construction departs from the oft-used paradigm of re-encrypting the same message with different keys and then proving consistency of encryption. Instead, we encrypt an encoding of the message; the encoding is based on an error-correcting code with certain properties of reconstruction and secrecy from partial views, satisfied, e.g., by a Reed---Solomon code.

A novel location-based encryption model using fuzzy vault scheme

Abstract: The secure storage of the sensitive data in mobile devices is an urgent issue. Most of the existed encryption algorithms are location independent, which means the encrypted data can be decrypted anywhere. In this work, we propose a novel location-based encryption model using a fuzzy vault scheme. First, we may choose a proper encryption algorithm, a symmetric algorithm or an asymmetric encryption algorithm, to encrypt the sensitive data in mobile devices. Then, the crucial issue comes to securely storing the secret key in the encryption algorithm, and it will be solved in the secret key protection phase by applying a fuzzy vault scheme using a location-based digital fingerprint, which represents the valid user in the valid location region. We bind the digital fingerprint and the secret key together to construct a fuzzy vault for storing the both securely. We simulate our model on an Android device and make some performance and security analysis on it. The main contribution of our model is applying a fuzzy vault scheme which uses the location information captured by the user’s mobile devices to securely protect the secret key used in the cryptosystem for encrypting the users sensitive data on the user’s mobile devices.

RCB: leakage-resilient authenticated encryption via re-keying

Abstract: The security of modern cryptosystems relies on the secrecy of the keys. Against the expectation that the keys used in cryptographic algorithms are perfectly secure, the keys can get compromised when implemented on physical devices. Because of the computational leakages from the execution of cryptographic algorithms, a variety of side-channel measurements can lead to full breaks of the targeted physical devices. Leakage-resilient cryptography aims at defining leakages in a generic model and designing provably secure primitives to capture side-channel attacks. For this purpose, several re-keying schemes are proposed to prevent encryption scheme from using the same key many times. In this paper, we propose a leakage-resilient authenticated encryption scheme, called Re-keying Code Book (RCB), that is secure against the side-channel attacks by combining with existing re-keying schemes. Our approach is to find efficient composition by combining two independent primitives, authenticated encryption, and re-keying schemes, rather than designing new algorithms. We also give the precise definitions of privacy and authenticity for authenticated encryption in a leakage-resilient model, and then, we provide the security proofs for RCB in a leakage-resilient model.

Incremental Deterministic Public-Key Encryption

Abstract: Motivated by applications in large storage systems, we initiate the study of incremental deterministic public-key encryption. Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O'Neill (CRYPTO '07), provides an alternative to randomized public-key encryption in various scenarios where the latter exhibits inherent drawbacks. A deterministic encryption algorithm, however, cannot satisfy any meaningful notion of security for low-entropy plaintexts distributions, but Bellare et al. demonstrated that a strong notion of security can in fact be realized for relatively high-entropy plaintext distributions. In order to achieve a meaningful level of security, a deterministic encryption algorithm should be typically used for encrypting rather long plaintexts for ensuring a sufficient amount of entropy. This requirement may be at odds with efficiency constraints, such as communication complexity and computation complexity in the presence of small updates. Thus, a highly desirable property of deterministic encryption algorithms is incrementality: Small changes in the plaintext translate into small changes in the corresponding ciphertext. We present a framework for modeling the incrementality of deterministic public-key encryption. Our framework extends the study of the incrementality of cryptography primitives initiated by Bellare, Goldreich and Goldwasser (CRYPTO '94). Within our framework, we propose two schemes, which we prove to enjoy an optimal tradeoff between their security and incrementality up to lower-order factors. Our first scheme is a generic method which can be based on any deterministic public-key encryption scheme, and, in particular, can be instantiated with any semantically secure (randomized) public-key encryption scheme in the random-oracle model. Our second scheme is based on the Decisional Diffie---Hellman assumption in the standard model. The approach underpinning our schemes is inspired by the fundamental "sample-then-extract" technique due to Nisan and Zuckerman (JCSS '96) and refined by Vadhan (J. Cryptology '04), and by the closely related notion of "locally computable extractors" due to Vadhan. Most notably, whereas Vadhan used such extractors to construct private-key encryption schemes in the bounded-storage model, we show that techniques along these lines can also be used to construct incremental public-key encryption schemes.