Showing papers on "Ciphertext published in 2017"
03 Dec 2017
TL;DR: A method to construct a homomorphic encryption scheme for approximate arithmetic that supports an approximate addition and multiplication of encrypted messages, together with a new rescaling procedure for managing the magnitude of plaintext.
Abstract: We suggest a method to construct a homomorphic encryption scheme for approximate arithmetic. It supports an approximate addition and multiplication of encrypted messages, together with a new rescaling procedure for managing the magnitude of plaintext. This procedure truncates a ciphertext into a smaller modulus, which leads to rounding of plaintext. The main idea is to add a noise following significant figures which contain a main message. This noise is originally added to the plaintext for security, but considered to be a part of error occurring during approximate computations that is reduced along with plaintext by rescaling. As a result, our decryption structure outputs an approximate value of plaintext with a predetermined precision.
1,019 citations
TL;DR: A new cryptographic primitive called attribute-based encryption scheme with outsourcing key-issuing and outsourcing decryption, which can implement keyword search function (KSF-OABE) and is proved secure against chosen-plaintext attack (CPA).
Abstract: Cloud computing becomes increasingly popular for data owners to outsource their data to public cloud servers while allowing intended data users to retrieve these data stored in cloud. This kind of computing model brings challenges to the security and privacy of data stored in cloud. Attribute-based encryption (ABE) technology has been used to design fine-grained access control system, which provides one good method to solve the security issues in cloud setting. However, the computation cost and ciphertext size in most ABE schemes grow with the complexity of the access policy. Outsourced ABE (OABE) with fine-grained access control system can largely reduce the computation cost for users who want to access encrypted data stored in cloud by outsourcing the heavy computation to cloud service provider (CSP). However, as the amount of encrypted files stored in cloud is becoming very huge, which will hinder efficient query processing. To deal with above problem, we present a new cryptographic primitive called attribute-based encryption scheme with outsourcing key-issuing and outsourcing decryption, which can implement keyword search function (KSF-OABE). The proposed KSF-OABE scheme is proved secure against chosen-plaintext attack (CPA). CSP performs partial decryption task delegated by data user without knowing anything about the plaintext. Moreover, the CSP can perform encrypted keyword search without knowing anything about the keywords embedded in trapdoor.
246 citations
TL;DR: An efficient and secure data acquisition scheme based on ciphertext policy attribute-based encryption that can fulfill the security requirements of the Cloud-IoT in smart grid and effectively reduce the time cost compared with other popular approaches.
Abstract: Cloud-supported Internet of Things (Cloud-IoT) has been broadly deployed in smart grid systems. The IoT front-ends are responsible for data acquisition and status supervision, while the substantial amount of data is stored and managed in the cloud server. Achieving data security and system efficiency in the data acquisition and transmission process are of great significance and challenging, because the power grid-related data is sensitive and in huge amount. In this paper, we present an efficient and secure data acquisition scheme based on ciphertext policy attribute-based encryption. Data acquired from the terminals will be partitioned into blocks and encrypted with its corresponding access subtree in sequence, thereby the data encryption and data transmission can be processed in parallel. Furthermore, we protect the information about the access tree with threshold secret sharing method, which can preserve the data privacy and integrity from users with the unauthorized sets of attributes. The formal analysis demonstrates that the proposed scheme can fulfill the security requirements of the Cloud-IoT in smart grid. The numerical analysis and experimental results indicate that our scheme can effectively reduce the time cost compared with other popular approaches.
214 citations
Posted Content•
TL;DR: Kyber as discussed by the authors is a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices.
Abstract: Rapid advances in quantum computing, together with the announcement by the National Institute of Standards and Technology (NIST) to define new standards for digital-signature, encryption, and key-establishment protocols, have created significant interest in post-quantum cryptographic schemes. This paper introduces Kyber (part of CRYSTALS - Cryptographic Suite for Algebraic Lattices - a package submitted to NIST post-quantum standardization effort in November 2017), a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices. Our KEM is most naturally seen as a successor to the NEWHOPE KEM (Usenix 2016). In particular, the key and ciphertext sizes of our new construction are about half the size, the KEM offers CCA instead of only passive security, the security is based on a more general (and flexible) lattice problem, and our optimized implementation results in essentially the same running time as the aforementioned scheme. We first introduce a CPA-secure public-key encryption scheme, apply a variant of the Fujisaki-Okamoto transform to create a CCA-secure KEM, and eventually construct, in a black-box manner, CCA-secure encryption, key exchange, and authenticated-key-exchange schemes. The security of our primitives is based on the hardness of Module-LWE in the classical and quantum random oracle models, and our concrete parameters conservatively target more than 128 bits of post-quantum security.
180 citations
TL;DR: This paper formalizes the security notion of non-malleability under selective opening attacks (NM-SO security), and explores the relations between NM-SOSecurity and the standard SOA security, the relations among NM-so security notions, and the relations amongst NM- SO security notions.
147 citations
TL;DR: A provable secure CP-ABSC scheme for cloud-based PHR sharing system that has ability to provide fine-grained access control, confidentiality, authenticity, signcryptor privacy and public verifiability, simultaneously is proposed.
127 citations
TL;DR: An efficient and fine-grained big data access control scheme with privacy-preserving policy that can preserve the privacy from any linear secret-sharing schemes access policy without employing much overhead is proposed.
Abstract: How to control the access of the huge amount of big data becomes a very challenging issue, especially when big data are stored in the cloud. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising encryption technique that enables end-users to encrypt their data under the access policies defined over some attributes of data consumers and only allows data consumers whose attributes satisfy the access policies to decrypt the data. In CP-ABE, the access policy is attached to the ciphertext in plaintext form, which may also leak some private information about end-users. Existing methods only partially hide the attribute values in the access policies, while the attribute names are still unprotected. In this paper, we propose an efficient and fine-grained big data access control scheme with privacy-preserving policy. Specifically, we hide the whole attribute (rather than only its values) in the access policies. To assist data decryption, we also design a novel attribute bloom filter to evaluate whether an attribute is in the access policy and locate the exact position in the access policy if it is in the access policy. Security analysis and performance evaluation show that our scheme can preserve the privacy from any linear secret-sharing schemes access policy without employing much overhead.
118 citations
TL;DR: The security analysis shows that the proposed scheme is secure against known attacks, and the experimental results show that the fog nodes perform most of the computation operations of encryption, dec encryption, and signing, and hence, the time of encryption for data owner, decryption, re-encryption, and sign for users is small and constant.
Abstract: Fog computing is a paradigm that extends cloud computing to the edge of the network. It can provide computation and storage services to end devices in Internet of Things (IoT). Attribute-based cryptography is a well-known technology to guarantee data confidentiality and fine-grained data access control. However, its computational cost in encryption and decryption phase is linear with the complexity of policy. In this paper, we propose a secure and fine-grained data access control scheme with ciphertext update and computation outsourcing in fog computing for IoT. The sensitive data of data owner are first encrypted using attribute-based encryption with multiple policies and then outsourced to cloud storage. Hence, the user whose attributes satisfy the access policy can decrypt the ciphertext. Based on the attribute-based signature technique, authorized user whose attributes integrated in the signature satisfy the update policy can renew the ciphertext. Specifically, most of the encryption, decryption, and signing computations are outsourced from end devices to fog nodes, and thus, the computations for data owners to encrypt, end users to decrypt, re-encrypt, and sign are irrelevant to the number of attributes in the policies. The security analysis shows that the proposed scheme is secure against known attacks, and the experimental results show that the fog nodes perform most of the computation operations of encryption, decryption, and signing, and hence, the time of encryption for data owner, decryption, re-encryption, and signing for users is small and constant.
114 citations
TL;DR: This work presents a searchable CP‐ABE with attribute revocation, where access structures are partially hidden so that receivers cannot extract sensitive information from the ciphertext.
Abstract: Summary
To protect the sensitive data outsourced to cloud server, outsourcing data in an encrypted way has become popular nowadays. However, it is not easy to find the corresponding ciphertext efficiently, especially the large ciphertext stored on cloud server. Besides, some data owners do not want those users who attempt to decrypt to know the sensitive access structure of the ciphertext because of some business or private reasons. In addition, the user attributes revocation and key updating are important issues, which affect application of ciphertext-policy attribute-based encryption (CP-ABE) in cloud storage systems. To overcome the previous problems in cloud storage, we present a searchable CP-ABE with attribute revocation, where access structures are partially hidden so that receivers cannot extract sensitive information from the ciphertext. The security of our scheme can be reduced to the decisional bilinear Diffie–Hellman (DBDH) assumption and decisional linear (DL) assumption. Copyright © 2015 John Wiley & Sons, Ltd.
110 citations
TL;DR: Experimental results and security analysis have demonstrated the excellent performance of the proposed algorithm in image encryption.
Abstract: Based on deoxyribonucleic acid (DNA) coding and two excellent low-dimensional chaotic systems, a new color image cryptosystem is proposed in this paper. The presented image cryptosystem consists of four processes: key streams generation process, DNA sequences confusion process, DNA sequences diffusion process and pixel-level diffusion process. In the first stage, two simple improved chaotic systems and the information entropy of the plain-image are together employed to generate the pseudorandom key streams. Then, the original image is converted into the DNA sequence matrices by the DNA encoding rules, and the binary key streams are used to permute the DNA matrices. The third process performs a row and column diffusion processes on the scrambled DNA matrices by the key streams and DNA XOR operation. Finally, the DNA matrices are transformed into the encrypted image via the DNA decoding rules, and a ciphertext diffusion in crisscross pattern is further adopted to strengthen the security and sensitivity of the cryptosystem. Thus, the resulting cipher-image is obtained. Experimental results and security analysis have demonstrated the excellent performance of our proposed algorithm in image encryption.
94 citations
01 Oct 2017
TL;DR: The obfuscator satisfies distributional virtual-black-box security, which guarantees that the obfuscated program does not reveal any partial information about the function f or the target value y, as long as they are chosen from some distribution where y has sufficient pseudo-entropy given f.
Abstract: We show how to obfuscate a large and expressive class of programs, which we call compute-and-compare programs, under the learning-with-errors (LWE) assumption. Each such program CC[f,y] is parametrized by an arbitrary polynomial-time computable function f along with a target value y and we define CC[f,y](x) to output 1 if f(x)=y and 0 otherwise. In other words, the program performs an arbitrary {computation} f and then compares its output against a target y. Our obfuscator satisfies distributional virtual-black-box security, which guarantees that the obfuscated program does not reveal any partial information about the function f or the target value y, as long as they are chosen from some distribution where y has sufficient pseudo-entropy given f. We also extend our result to multi-bit compute-and-compare programs MBCC[f,y,z](x) which output a message z if f(x)=y.Compute-and-compare programs are powerful enough to capture many interesting obfuscation tasks as special cases. This includes obfuscating {conjunctions, and therefore we improve on the prior work of Brakerski et al. (ITCS 16) which constructed a conjunction obfuscator under a non-standard entropic ring-LWE assumption, while here we obfuscate a significantly broader class of programs under standard LWE. We show that our obfuscator has several interesting applications. For example, we can take any encryption scheme and publish an obfuscated plaintext equality tester that allows users to check whether a ciphertext decrypts to some target value y; as long as y has sufficient pseudo-entropy this will not harm semantic security. We can also use our obfuscator to generically upgrade attribute-based encryption to predicate encryption with one-sided attribute-hiding security, and to upgrade witness encryption to indistinguishability obfuscation which is secure for all null circuits. Furthermore, we show that our obfuscator gives new circular-security counter-examples for public-key bit encryption and for unbounded length key cycles.Our result uses the graph-induced multi-linear maps of Gentry, Gorbunov and Halevi (TCC 15), but only in a carefully restricted manner which is provably secure under LWE. Our technique is inspired by ideas introduced in a recent work of Goyal, Koppula and Waters (EUROCRYPT 17) in a seemingly unrelated context.
TL;DR: This paper proposes an efficient IBEET scheme with bilinear pairing, which reduces the need for time-consuming HashToPoint function and proves the security of the scheme for one-way secure against chosen identity and chosen ciphertext attacks (OWIDCCA) in the random oracle model (ROM).
TL;DR: Searchain is introduced, a blockchain-based keyword search system that enables oblivious search over an authorized keyword set in the decentralized storage, built on top of a novel primitive called oblivious keyword search with authorization (OKSA), which provides the guarantee of keyword authorization besides oblivious search.
Patent•
05 Apr 2017
TL;DR: In this paper, the authors proposed a privacy preserving intelligent contract method in a block chain, where the content information of a digital asset trading participant is encrypted in the intelligent contract, and ciphertext processing is carried out.
Abstract: The invention provides a privacy preserving intelligent contract method in a block chain. The content information of a digital asset trading participant is encrypted in the intelligent contract, and ciphertext processing is carried out; the intelligent contract x adopts a Merkle tree structure, a leaf node of the Merkle tree is encrypted through a public key, and a Hash digest value is adopted to replace original data of a block head. In comparison with the prior art, in a block chain with data privacy preserving requirements, digital asset trading data and process privacy preserving functions are realized, the intelligent contract trading participant can only check the trading information, and the method can be applied to any block chain application scene with data privacy preserving requirements.
20 Aug 2017
TL;DR: In this paper, the authors presented two practically efficient functional encryption schemes for a large class of quadratic functions over asymmetric bilinear groups, where the public key and each ciphertext consist of 2n+1 and 4n+2 group elements respectively.
Abstract: We present two practically efficient functional encryption schemes for a large class of quadratic functionalities. Specifically, our constructions enable the computation of so-called bilinear maps on encrypted vectors. This represents a practically relevant class of functions that includes, for instance, multivariate quadratic polynomials (over the integers). Our realizations work over asymmetric bilinear groups and are surprisingly efficient and easy to implement. For instance, in our most efficient scheme the public key and each ciphertext consist of \(2n+1\) and \(4n+2\) group elements respectively, where n is the dimension of the encrypted vectors, while secret keys are only two group elements. Our two schemes build on similar ideas, but develop them in a different way in order to achieve distinct goals. Our first scheme is proved (selectively) secure under standard assumptions, while our second construction is concretely more efficient and is proved (adaptively) secure in the generic group model.
TL;DR: A secure and efficient data collaboration scheme, in which fine-grained access control of ciphertext and secure data writing operation can be afforded based on attribute-based encryption (ABE) and attribute- based signature (ABS respectively, is proposed.
TL;DR: A Privacy-Preserving Data Processing (PPDP) system with the support of a Homomorphic Re-Encryption Scheme (HRES), which extends partial HE from a single-user system to a multi-user one by offering ciphertext re-encryption to allow multiple users to access processed ciphertexts.
Patent•
24 Oct 2017
TL;DR: In this paper, a blockchain data processing method, device and system is described, where a first node identifies whether received block information needs privacy protection processing, and if the received blocks information needs protection, a secret key of a plaintext encryption algorithm is generated, the block information is encrypted by means of the plaintext algorithm employing the secret key, and encrypted block information are generated; the secure key is encrypted in a stipulated way, and secret key ciphertext is generated.
Abstract: The invention discloses a blockchain data processing method, device and system. The blockchain data processing method comprises that a first node identifies whether received block information needs privacy protection processing; if the received block information needs privacy protection processing, a secret key of a plaintext encryption algorithm is generated, the block information is encrypted by means of the plaintext encryption algorithm employing the secret key, and encrypted block information is generated; the secret key is encrypted in a stipulated way, a secret key ciphertext is generated, the stipulated way comprises an algorithm through which a second node associated with the first node in the first node and the blockchain encrypts and decrypts the secret key ciphertext according to a preset mode; and data including the encrypted block information and the secret key ciphertext is stored a corresponding block of the blockchain as blockchain data. According to each embodiment of the invention, information data stored in the blockchain can be encrypted, so that only specific members can decrypt and check the information data, and the aim of carrying out privacy protection on special transaction information is achieved.
01 Jun 2017
TL;DR: Experimental results shows that the proposed steganography method has high capability in hiding information in any images which used as a cover media, and the proposed chaotic map randomness and sensitivity to smallest changes.
Abstract: The art and science of hiding information by embedding messages in various type of digital media is called steganography. This method performs by replacing bits of multimedia files (such as graphics, sounds and texts) with bits of secret message. The information that embeds in the cover media can be plain text, cipher text and even images. Steganography sometimes is used when encryption is not permitted or more commonly, steganography is supplement for encryption. By using steganography, if the encrypted file is deciphered, the encrypted file may still hide information. This paper is proposed a new transform domain steganography method based on integer wavelet transform (IWT) for digital images and also it used a chaotic map. This map is a modified logistic map which it increases the key length and security of proposed method. Experimental results shows that the proposed method has high capability in hiding information in any images which used as a cover media. Visual quality of image after embedding process is desirable due to Peak Signal-to-Noise Ratio (PSNR) measures. Also the NIST, DIEHARD and ENT tests suite show the proposed chaotic map randomness and sensitivity to smallest changes.
Posted Content•
TL;DR: In this article, Brakerski et al. showed how to obfuscate a large and expressive class of programs, called compute-and-compare programs, under the learning-with-errors (LWE) assumption.
Abstract: We show how to obfuscate a large and expressive class of programs, which we call compute-and-compare programs, under the learning-with-errors (LWE) assumption. Each such program CC[f,y] is parametrized by an arbitrary polynomial-time computable function f along with a target value y and we define CC[f,y](x) to output 1 if f(x)=y and 0 otherwise. In other words, the program performs an arbitrary {computation} f and then compares its output against a target y. Our obfuscator satisfies distributional virtual-black-box security, which guarantees that the obfuscated program does not reveal any partial information about the function f or the target value y, as long as they are chosen from some distribution where y has sufficient pseudo-entropy given f. We also extend our result to multi-bit compute-and-compare programs MBCC[f,y,z](x) which output a message z if f(x)=y.Compute-and-compare programs are powerful enough to capture many interesting obfuscation tasks as special cases. This includes obfuscating {conjunctions, and therefore we improve on the prior work of Brakerski et al. (ITCS 16) which constructed a conjunction obfuscator under a non-standard entropic ring-LWE assumption, while here we obfuscate a significantly broader class of programs under standard LWE. We show that our obfuscator has several interesting applications. For example, we can take any encryption scheme and publish an obfuscated plaintext equality tester that allows users to check whether a ciphertext decrypts to some target value y; as long as y has sufficient pseudo-entropy this will not harm semantic security. We can also use our obfuscator to generically upgrade attribute-based encryption to predicate encryption with one-sided attribute-hiding security, and to upgrade witness encryption to indistinguishability obfuscation which is secure for all null circuits. Furthermore, we show that our obfuscator gives new circular-security counter-examples for public-key bit encryption and for unbounded length key cycles.Our result uses the graph-induced multi-linear maps of Gentry, Gorbunov and Halevi (TCC 15), but only in a carefully restricted manner which is provably secure under LWE. Our technique is inspired by ideas introduced in a recent work of Goyal, Koppula and Waters (EUROCRYPT 17) in a seemingly unrelated context.
TL;DR: A novel primitive named hidden policy ciphertext-policy attribute-based encryption with keyword search (HP-CPABKS) is proposed, which is unable to search on encrypted data and learn any information about the access structure if his/her attribute credentials cannot satisfy the access control policy specified by the data owner.
Abstract: Attribute-based encryption with keyword search (ABKS) enables data owners to grant their search capabilities to other users by enforcing an access control policy over the outsourced encrypted data. However, existing ABKS schemes cannot guarantee the privacy of the access structures, which may contain some sensitive private information. Furthermore, resulting from the exposure of the access structures, ABKS schemes are susceptible to an off-line keyword guessing attack if the keyword space has a polynomial size. To solve these problems, we propose a novel primitive named hidden policy ciphertext-policy attribute-based encryption with keyword search (HP-CPABKS). With our primitive, the data user is unable to search on encrypted data and learn any information about the access structure if his/her attribute credentials cannot satisfy the access control policy specified by the data owner. We present a rigorous selective security analysis of the proposed HP-CPABKS scheme, which simultaneously keeps the indistinguishability of the keywords and the access structures. Finally, the performance evaluation verifies that our proposed scheme is efficient and practical.
TL;DR: This paper employs the attribute-based encryption with decryption outsourcing to encrypt the published data, such that the publishers can control the data access by themselves and the major decryption overhead can be shift from the subscribers devices to the cloud server.
TL;DR: This paper describes several identity related cryptographic techniques for securing E-health system, which include new IBE schemes, new identity based proxy re-encryption schemes and proves these schemes’ security and performance analysis show the results show the IBPRE scheme is especially highly efficient for re- Encryption, which can be used to achieve cost-effective cloud usage.
TL;DR: This paper proposes a novel method based on a new security tool referred to as one-time identity-based authenticated asymmetric group key agreement to create CMIXes which withstand malicious eavesdroppers.
Abstract: Location privacy is one of the major challenges in vehicular ad hoc networks. Due to the open and broadcast nature of wireless communication, the safety messages of vehicles can be easily collected by malicious eavesdroppers to continuously track vehicles. Cryptographic mix-zone (CMIX) is a promising tool to enhance vehicle privacy, in which the safety messages of vehicles are encrypted using a group secret key. In that way, any outsider cannot monitor the safety messages broadcasted by the vehicles in the CMIX. Existing CMIX protocols need fully trusted dealers to distribute group secret keys and/or suffer from the problem of efficient key update. This paper proposes a novel method based on a new security tool referred to as one-time identity-based authenticated asymmetric group key agreement to create CMIXes which withstand malicious eavesdroppers. Different from the existing solutions, our proposal does not rely on the existence of fully trusted dealers and deals with efficient key update in CMIX for the first time. In our protocol, any vehicle in a CMIX could be a group secret key distributer. Furthermore, once the group secret key of the CMIX has to be updated, a vehicle in the CMIX just needs to broadcast a short ciphertext, then all the vehicles in the CMIX may refresh the group secret key to the new one efficiently.
TL;DR: This work demonstrates experimentally that the traditional double random phase encoding (DPRE) technique is vulnerable to the cyphertext-only attack (COA) and reveals the most serious security issue with the DRPE.
Abstract: We demonstrate experimentally that the traditional double random phase encoding (DPRE) technique is vulnerable to the cyphertext-only attack (COA). With the statistical ergodic property of the speckle, we show that the plaintext image can be recovered from the cyphertext alone owing to the fact that their energy spectral density functions are identical. Our result reveals the most serious security issue with the DRPE as it suggests that even the one-time-pad does not guarantee its security. This will open up new inside understanding of current optical security techniques.
TL;DR: The proposed hierarchical attribute-based access control scheme with constant-size ciphertext is efficient, scalable, and fine-grained in dealing with access control for outsourced data in cloud computing.
Abstract: With the popularity of cloud computing, there have been increasing concerns about its security and privacy. Since the cloud computing environment is distributed and untrusted, data owners have to encrypt outsourced data to enforce confidentiality. Therefore, how to achieve practicable access control of encrypted data in an untrusted environment is an urgent issue that needs to be solved. Attribute-based encryption (ABE) is a promising scheme suitable for access control in cloud storage systems. This paper proposes a hierarchical attribute-based access control scheme with constant-size ciphertext. The scheme is efficient because the length of ciphertext and the number of bilinear pairing evaluations to a constant are fixed. Its computation cost in encryption and decryption algorithms is low. Moreover, the hierarchical authorization structure of our scheme reduces the burden and risk of a single authority scenario. We prove the scheme is of CCA2 security under the decisional q-Bilinear Diffie-Hellman Exponent assumption. In addition, we implement our scheme and analyse its performance. The analysis results show the proposed scheme is efficient, scalable, and fine-grained in dealing with access control for outsourced data in cloud computing.
28 Mar 2017
TL;DR: Three fully homomoprhic encryption FHE schemes that are secure against non-adaptive chosen ciphertext attacks CCA1, and two instantiations of multi-key identity-based FHE: One from LWE in the random oracle model, and one from sub-exponentially secure indistinguishability obfuscation.
Abstract: We give three fully homomoprhic encryption FHE schemes that are secure against non-adaptive chosen ciphertext attacks CCA1. For the first two, we extend the generic transformation of Boneh, Canetti, Halevi and Katz to turn any multi-key identity-based FHE scheme into a CCA1-secure FHE scheme. We then show two instantiations of multi-key identity-based FHE: One from LWE in the random oracle model, and one from sub-exponentially secure indistinguishability obfuscation. Both constructions are compact with respect to the function evaluated homomorphically but not compact with respect to the number of ciphertext involved in the homomorphic evaluation. The third scheme uses succinct non-interactive arguments of knowledge SNARKs and is fully compact.
TL;DR: A new verifiable outsourcing scheme with constant ciphertext length that is adaptable for various limited bandwidth and computation-constrained devices, such as mobile phone and it is secure against selectively chosen-plaintext attack in the standard model.
Abstract: Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in cloud. However, the correctness of the transformation ciphertext cannot be guaranteed because the user does not have the original ciphertext. Lai et al. provided an ABE scheme with verifiable outsourced decryption which helps the user to check whether the transformation done by the cloud is correct. In order to improve the computation performance and reduce communication overhead, we propose a new verifiable outsourcing scheme with constant ciphertext length. To be specific, our scheme achieves the following goals. Our scheme is verifiable which ensures that the user efficiently checks whether the transformation is done correctly by the CSP. The size of ciphertext and the number of expensive pairing operations are constant, which do not grow with the complexity of the access structure. The access structure in our scheme is AND gates on multivalued attributes and we prove our scheme is verifiable and it is secure against selectively chosen-plaintext attack in the standard model. We give some performance analysis which indicates that our scheme is adaptable for various limited bandwidth and computation-constrained devices, such as mobile phone.
15 Jun 2017
TL;DR: An efficient ciphertext retrieval techniques on a large volume of data provides security for outsourced data, and the performance of the proposed work showed better efficiency regarding of low computation and communication costs.
Abstract: A key issue for cloud storage is privacy security. The purpose of privacy, the data owner can outsource his sensitive data on the cloud and give the access control to the authorized user. When the data owner stores his data on the cloud, the data is encrypted for the security guarantee. In this paper, an efficient ciphertext retrieval techniques on a large volume of data are proposed. Initially, an index is generated by Porter stemming. Then the Blowfish algorithm is applied for encryption of files to be outsourced. For authorized access, public key encryption based elliptic curve cryptography (ECC) is used for key generation. When keyword queries are transferred to the cloud, it searches the relevant content associated with the index and retrieves the matching files. Then the Blowfish decryption algorithm is used to get the plain text. It provides security for outsourced data, and the performance of the proposed work showed better efficiency regarding of low computation and communication costs.
Patent•
15 Mar 2017
TL;DR: Li et al. as mentioned in this paper proposed a block chain privacy data access control method based on attribute encryption, which mainly solves a problem in the prior art that the real identity of a user in the block chain is anonymously protected but the and transaction privacy information is not encrypted so as to cause privacy leakage.
Abstract: The invention discloses a block chain privacy data access control method based on attribute encryption, which mainly solves a problem in the prior art that the real identity of a user in the block chain is anonymously protected but the and transaction privacy information is not encrypted so as to cause privacy leakage. The method comprises the steps that 1. a system is initialized; 1, a user registers to obtain attribute information; 3, an authoritative center, according to the user attribute information, distributes a user private key; 4 a transaction party encrypts transaction privacy data and uploads the transaction privacy data to a block chain; 5, an accountant verifies the transaction information and performs the transaction; 6, a supervisory center is authorized to use the authorized private key to decrypt and check the transaction ciphertext. The method encrypts the transaction privacy information, avoids the leakage of data privacy and can be used for privacy protection of the virtual asset transaction data in the block chain.