Showing papers on "Ciphertext published in 2018"
TL;DR: This paper proposes a new attribute-based data sharing scheme suitable for resource-limited mobile users in cloud computing and is proven secure against adaptively chosen-ciphertext attacks, which is widely recognized as a standard security notion.
407 citations
Posted Content•
TL;DR: Gazelle is designed, a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits).
Abstract: The growing popularity of cloud-based machine learning raises a natural question about the privacy guarantees that can be provided in such a setting. Our work tackles this problem in the context where a client wishes to classify private images using a convolutional neural network (CNN) trained by a server. Our goal is to build efficient protocols whereby the client can acquire the classification result without revealing their input to the server, while guaranteeing the privacy of the server's neural network.
To this end, we design Gazelle, a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits). Gazelle makes three contributions. First, we design the Gazelle homomorphic encryption library which provides fast algorithms for basic homomorphic operations such as SIMD (single instruction multiple data) addition, SIMD multiplication and ciphertext permutation. Second, we implement the Gazelle homomorphic linear algebra kernels which map neural network layers to optimized homomorphic matrix-vector multiplication and convolution routines. Third, we design optimized encryption switching protocols which seamlessly convert between homomorphic and garbled circuit encodings to enable implementation of complete neural network inference.
We evaluate our protocols on benchmark neural networks trained on the MNIST and CIFAR-10 datasets and show that Gazelle outperforms the best existing systems such as MiniONN (ACM CCS 2017) by 20 times and Chameleon (Crypto Eprint 2017/1164) by 30 times in online runtime. Similarly when compared with fully homomorphic approaches like CryptoNets (ICML 2016) we demonstrate three orders of magnitude faster online run-time.
288 citations
TL;DR: A novel image encryption algorithm is designed by employing bit-level permutation and diffusion simultaneously, which has good encryption effect and high efficiency and can resist typical attacks including statistical, brute-force, differential attacks and so forth.
283 citations
Proceedings Article•
16 Jan 2018TL;DR: Gazelle as discussed by the authors is a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits).
Abstract: The growing popularity of cloud-based machine learning raises a natural question about the privacy guarantees that can be provided in such a setting. Our work tackles this problem in the context where a client wishes to classify private images using a convolutional neural network (CNN) trained by a server. Our goal is to build efficient protocols whereby the client can acquire the classification result without revealing their input to the server, while guaranteeing the privacy of the server's neural network.
To this end, we design Gazelle, a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits). Gazelle makes three contributions. First, we design the Gazelle homomorphic encryption library which provides fast algorithms for basic homomorphic operations such as SIMD (single instruction multiple data) addition, SIMD multiplication and ciphertext permutation. Second, we implement the Gazelle homomorphic linear algebra kernels which map neural network layers to optimized homomorphic matrix-vector multiplication and convolution routines. Third, we design optimized encryption switching protocols which seamlessly convert between homomorphic and garbled circuit encodings to enable implementation of complete neural network inference.
We evaluate our protocols on benchmark neural networks trained on the MNIST and CIFAR-10 datasets and show that Gazelle outperforms the best existing systems such as MiniONN (ACM CCS 2017) by 20 times and Chameleon (Crypto Eprint 2017/1164) by 30 times in online runtime. Similarly when compared with fully homomorphic approaches like CryptoNets (ICML 2016) we demonstrate three orders of magnitude faster online run-time.
251 citations
29 Apr 2018
TL;DR: This paper proposes a new technique to refresh low-level ciphertexts based on Gentry’s bootstrapping procedure and exploits a scaled sine function as an approximation of the modular reduction operation and presents an efficient evaluation strategy.
Abstract: This paper extends the leveled homomorphic encryption scheme for an approximate arithmetic of Cheon et al. (ASIACRYPT 2017) to a fully homomorphic encryption, i.e., we propose a new technique to refresh low-level ciphertexts based on Gentry’s bootstrapping procedure. The modular reduction operation is the main bottleneck in the homomorphic evaluation of the decryption circuit. We exploit a scaled sine function as an approximation of the modular reduction operation and present an efficient evaluation strategy. Our method requires only one homomorphic multiplication for each of iterations and so the total computation cost grows linearly with the depth of the decryption circuit. We also show how to recrypt packed ciphertexts on the RLWE construction with an open-source implementation. For example, it takes 139.8 s to refresh a ciphertext that encrypts 128 numbers with 12 bits of precision, yielding an amortized rate of 1.1 seconds per slot.
206 citations
15 Oct 2018
TL;DR: This work presents a practical solution to encrypt a matrix homomorphically and perform arithmetic operations on encrypted matrices, and is the first work that supports secure evaluation of the prediction phase based on both encrypted data and encrypted model.
Abstract: Homomorphic Encryption (HE) is a powerful cryptographic primitive to address privacy and security issues in outsourcing computation on sensitive data to an untrusted computation environment Comparing to secure Multi-Party Computation (MPC), HE has advantages in supporting non-interactive operations and saving on communication costs However, it has not come up with an optimal solution for modern learning frameworks, partially due to a lack of efficient matrix computation mechanisms In this work, we present a practical solution to encrypt a matrix homomorphically and perform arithmetic operations on encrypted matrices Our solution includes a novel matrix encoding method and an efficient evaluation strategy for basic matrix operations such as addition, multiplication, and transposition We also explain how to encrypt more than one matrix in a single ciphertext, yielding better amortized performance Our solution is generic in the sense that it can be applied to most of the existing HE schemes It also achieves reasonable performance for practical use; for example, our implementation takes 921 seconds to multiply two encrypted square matrices of order 64 and 256 seconds to transpose a square matrix of order 64 Our secure matrix computation mechanism has a wide applicability to our new framework EDM, which stands for encrypted data and encrypted model To the best of our knowledge, this is the first work that supports secure evaluation of the prediction phase based on both encrypted data and encrypted model, whereas previous work only supported applying a plain model to encrypted data As a benchmark, we report an experimental result to classify handwritten images using convolutional neural networks (CNN) Our implementation on the MNIST dataset takes 2859 seconds to compute ten likelihoods of 64 input images simultaneously, yielding an amortized rate of 045 seconds per image
185 citations
TL;DR: A concrete construction in the key encapsulation mechanism setting based on Rouselakis and Waters (prime order) CP-ABE is designed, and security and extensive experimental analysis are presented to highlight the scalability and efficiency of the construction.
Abstract: As a sophisticated mechanism for secure fine-grained access control over encrypted data, ciphertext-policy attribute-based encryption (CP-ABE) is one of the highly promising candidates for cloud computing applications. However, there exist two main long-lasting open problems of CP-ABE that may limit its wide deployment in commercial applications. One is that decryption yields expensive pairing cost which often grows with the increase of access policy size. The other is that one is granted access privilege for unlimited times as long as his attribute set satisfies the access policy of a given ciphertext. Such powerful access rights, which are provided by CP-ABE, may be undesirable in real-world applications (e.g., pay-as-you-use). To address the above drawbacks, in this paper, we propose a new notion called auditable $\sigma $ -time outsourced CP-ABE , which is believed to be applicable to cloud computing. In our notion, expensive pairing operation incurred by decryption is offloaded to cloud and meanwhile, the correctness of the operation can be audited efficiently. Moreover, the notion provides $\sigma $ -time fine-grained access control . The cloud service provider may limit a particular set of users to enjoy access privilege for at most $\sigma $ times within a specified period. As of independent interest, the notion also captures key-leakage resistance . The leakage of a user’s decryption key does not help a malicious third party in decrypting the ciphertexts belonging to the user. We design a concrete construction (satisfying our notion) in the key encapsulation mechanism setting based on Rouselakis and Waters (prime order) CP-ABE, and further present security and extensive experimental analysis to highlight the scalability and efficiency of our construction.
140 citations
01 Jan 2018
TL;DR: This paper proposes the first access control (CP-ABE) scheme supporting outsourcing capability and attribute update for fog computing, and the security analysis shows that the proposed scheme is secure under the decisional bilinear Diffie–Hellman assumption.
Abstract: Fog computing as an extension of cloud computing provides computation, storage and application services to end users. Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality and fine-grained data access control. It enables data owners to define flexible access policy for data sharing. However, in CP-ABE systems, the problems of the time required to encrypt, decrypt and attribute update are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting outsourcing capability and attribute update for fog computing. Specifically, the heavy computation operations of encryption and decryption are outsourced to fog nodes, thus the computation operations for data owners to encrypt and users to decrypt are irrelevant to the number of attributes in the access structure and secret keys, respectively. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertext associated with the corresponding updated attribute. The security analysis shows that the proposed scheme is secure under the decisional bilinear Diffie–Hellman assumption. The proposed scheme is efficient, and the time of encryption for data owners and decryption for users are small and constant. The computational ability of fog nodes are fully utilizing during the access control, so the tiny computing cost is left to end users with resource-constrained devices.
135 citations
TL;DR: The cryptanalysis of a newly proposed color image encryption scheme using RT-enhanced chaotic tent map is performed and an improved encryption algorithm is proposed that can significantly increase the security of encryption images while still possessing all the merits of the original algorithm.
Abstract: In recent years, chaos-based image encryption algorithms have aroused extensive research interest. However, some image encryption algorithms still have several security defects, and the research on cryptanalysis is relatively inadequate. This paper performs the cryptanalysis of a newly proposed color image encryption scheme using RT-enhanced chaotic tent map. By using chosen-plaintext attacks, the equivalent keys of the cryptosystem are successfully broken, so that the target ciphertext image can be decoded. Based on the cryptanalysis, we then proposed an improved encryption algorithm. A new logistic-tent map is proposed and applied to the improved encryption algorithm, and a parameter related to the SHA-3 hash value of the plaintext image is introduced as a secret key parameter so that the improved algorithm can resist chosen-plaintext attacks. The security analysis and experimental tests for the improved algorithm are given in detail, which show that the improved algorithm can significantly increase the security of encryption images while still possessing all the merits of the original algorithm.
129 citations
TL;DR: This work firstly proposes the CCA security model for ABE with outsourced decryption, and then presents a concrete CCA-secure ABE scheme with outsourcing decryption that is secure and practical for fog computing.
127 citations
TL;DR: This protocol eradicates the security vulnerabilities associated with the measurement device, and greatly enhances the practical security of quantum secure direct communication, and has an extended communication distance, and a high communication capacity.
Abstract: Security in communication is vital in modern life. At present, security is realized by an encryption process in cryptography. It is unbelievable if a secure communication is achievable without encryption. In quantum cryptography, there is a unique form of quantum communication, quantum secure direct communication, where secret information is transmitted directly over a quantum channel. Quantum secure direct communication is drastically distinct from our conventional concept of secure communication, because it does not require key distribution, key storage and ciphertext transmission, and eliminates the encryption procedure completely. Hence it avoids in principle all the security loopholes associated with key and ciphertext in traditional secure communications. For practical implementation, defects always exist in real devices and it may downgrade the security. Among the various device imperfections, those with the measurement devices are the most prominent and serious ones. Here we report a measurement-device-independent quantum secure direct communication protocol using Einstein-Podolsky-Rosen pairs. This protocol eradicates the security vulnerabilities associated with the measurement device, and greatly enhances the practical security of quantum secure direct communication. In addition to the security advantage, this protocol has an extended communication distance, and a high communication capacity.
TL;DR: Connor is a novel graph encryption scheme that enables approximate CSD querying over encrypted graphs and is built based on an efficient, tree-based ciphertext comparison protocol, and makes use of symmetric-key primitives and the somewhat homomorphic encryption, making it computationally efficient.
Abstract: Constrained shortest distance (CSD) querying is one of the fundamental graph query primitives, which finds the shortest distance from an origin to a destination in a graph with a constraint that the total cost does not exceed a given threshold. CSD querying has a wide range of applications, such as routing in telecommunications and transportation. With an increasing prevalence of cloud computing paradigm, graph owners desire to outsource their graphs to cloud servers. In order to protect sensitive information, these graphs are usually encrypted before being outsourced to the cloud. This, however, imposes a great challenge to CSD querying over encrypted graphs. Since performing constraint filtering is an intractable task, existing work mainly focuses on unconstrained shortest distance queries. CSD querying over encrypted graphs remains an open research problem. In this paper, we propose Connor , a novel graph encryption scheme that enables approximate CSD querying. Connor is built based on an efficient, tree-based ciphertext comparison protocol, and makes use of symmetric-key primitives and the somewhat homomorphic encryption, making it computationally efficient. Using Connor , a graph owner can first encrypt privacy-sensitive graphs and then outsource them to the cloud server, achieving the necessary privacy without losing the ability of querying. Extensive experiments with real-world data sets demonstrate the effectiveness and efficiency of the proposed graph encryption scheme.
TL;DR: A novel double-image compression-encryption algorithm is proposed by combining co-sparse representation with random pixel exchanging to enhance the confidentiality and the robustness of double image encryption algorithms.
TL;DR: This paper proposes a novel reversible data hiding scheme for encrypted images by using homomorphic and probabilistic properties of Paillier cryptosystem that has lower computation complexity, higher security performance, and better embedding performance.
Abstract: This paper proposes a novel reversible data hiding scheme for encrypted images by using homomorphic and probabilistic properties of Paillier cryptosystem. In the proposed method, groups of adjacent pixels are randomly selected, and reversibly embedded into the rest of the image to make room for data embedding. In each group, there are a reference pixel and a few host pixels. Least significant bits (LSBs) of the reference pixels are reset before encryption and the encrypted host pixels are replaced with the encrypted reference pixel in the same group to form mirroring ciphertext groups (MCGs). In such a way, the modification on MCGs for data embedding will not cause any pixel oversaturation in plaintext domain and the embedded data can be directly extracted from the encrypted domain. In an MCG, the reference ciphertext pixel is kept unchanged as a reference while data hider embeds the encrypted additional data into the LSBs of the host ciphertext pixels by employing homomorphic multiplication. On the receiver side, the hidden ciphertext data can be retrieved by employing a modular multiplicative inverse operation between the marked host ciphertext pixels and their corresponding reference ciphertext pixels, respectively. After that, the hidden data are extracted promptly by looking for a one-to-one mapping table from ciphertext to plaintext. Data extraction and image restoration can be accomplished without any error after decryption. Compared with the existing works, the proposed scheme has lower computation complexity, higher security performance, and better embedding performance. The experiments on the standard image files also certify the effectiveness of the proposed scheme.
TL;DR: A privacy-aware multi-authority ciphertext-policy ABE scheme with accountability, which hides the attribute information in the ciphertext and allows to trace the dishonest user identity who shares the decryption key.
01 Jan 2018
TL;DR: This paper proposes a decentralized multi-authority CP-ABE access control scheme, which is more practical for supporting the user revocation and can protect the data privacy and the access policy privacy with policy hidden in the cloud storage system.
Abstract: For realizing the flexible, scalable and fuzzy fine-grained access control, ciphertext policy attribute-based encryption (CP-ABE) scheme has been widely used in the cloud storage system. However, the access structure of CP-ABE scheme is outsourced to the cloud storage server, resulting in the disclosure of access policy privacy. In addition, there are multiple authorities that coexist and each authority is able to issue attributes independently in the cloud storage system. However, existing CP-ABE schemes cannot be directly applied to data access control for multi-authority cloud storage system, due to the inefficiency for user revocation. In this paper, to cope with these challenges, we propose a decentralized multi-authority CP-ABE access control scheme, which is more practical for supporting the user revocation. In addition, this scheme can protect the data privacy and the access policy privacy with policy hidden in the cloud storage system. Here, the access policy that is realized by employing the linear secret sharing scheme. Finally, the security and performance analyses demonstrate that our scheme has high security in terms of access policy privacy and efficiency in terms of computational cost of user revocation.
Posted Content•
TL;DR: A new circuit bootstrapping is presented that makes the leveled mode of TFHE composable and which is fast enough to speed up arithmetic functions, compared to the gate bootstrapped approach.
Abstract: This work describes a fast fully homomorphic encryption scheme over the torus (TFHE) that revisits, generalizes and improves the fully homomorphic encryption (FHE) based on GSW and its ring variants. The simplest FHE schemes consist in bootstrapped binary gates. In this gate bootstrapping mode, we show that the scheme FHEW of Ducas and Micciancio (Eurocrypt, 2015) can be expressed only in terms of external product between a GSW and an LWE ciphertext. As a consequence of this result and of other optimizations, we decrease the running time of their bootstrapping from 690 to 13 ms single core, using 16 MB bootstrapping key instead of 1 GB, and preserving the security parameter. In leveled homomorphic mode, we propose two methods to manipulate packed data, in order to decrease the ciphertext expansion and to optimize the evaluation of lookup tables and arbitrary functions in $${\mathrm {RingGSW}}$$-based homomorphic schemes. We also extend the automata logic, introduced in Gama et al. (Eurocrypt, 2016), to the efficient leveled evaluation of weighted automata, and present a new homomorphic counter called $$\mathrm {TBSR}$$, that supports all the elementary operations that occur in a multiplication. These improvements speed up the evaluation of most arithmetic functions in a packed leveled mode, with a noise overhead that remains additive. We finally present a new circuit bootstrapping that converts $$\mathsf {LWE}$$ ciphertexts into low-noise $${\mathrm {RingGSW}}$$ ciphertexts in just 137 ms, which makes the leveled mode of TFHE composable and which is fast enough to speed up arithmetic functions, compared to the gate bootstrapping approach. Finally, we provide an alternative practical analysis of LWE based schemes, which directly relates the security parameter to the error rate of LWE and the entropy of the LWE secret key, and we propose concrete parameter sets and timing comparison for all our constructions.
TL;DR: This work introduces a new mechanism to enhance CP-ABE schemes that provide protections against this key-delegation abuse issue, and formalizes the security requirements for such a property, and construct a CP- ABE scheme that satisfies the new security requirements.
TL;DR: It is shown that Trivium, whose security has been firmly established for over a decade, and the new variant Kreyvium has excellent performance, and a second construction, based on exponentiation in binary fields, which is impractical but sets the lowest depth record to 8 for 128-bit security is described.
Abstract: In typical applications of homomorphic encryption, the first step consists for Alice of en-crypting some plaintext m under Bob's public key pk and of sending the ciphertext c = HE pk (m) to some third-party evaluator Charlie. This paper specifically considers that first step, i.e. the problem of transmitting c as efficiently as possible from Alice to Charlie. As others suggested before, a form of compression is achieved using hybrid encryption. Given a symmetric encryption scheme E, Alice picks a random key k and sends a much smaller ciphertext c = (HE pk (k), E k (m)) that Charlie decompresses homomorphically into the original c using a decryption circuit C E −1. In this paper, we revisit that paradigm in light of its concrete implementation constraints; in particular E is chosen to be an additive IV-based stream cipher. We investigate the performances offered in this context by Trivium, which belongs to the eSTREAM portfolio, and we also propose a variant with 128-bit security: Kreyvium. We show that Trivium, whose security has been firmly established for over a decade, and the new variant Kreyvium have excellent performance. We also describe a second construction, based on exponentiation in binary fields, which is impractical but sets the lowest depth record to 8 for 128-bit security.
TL;DR: A key-policy attribute-based encryption scheme for assured deletion (AD-KP-ABE) of cloud data that enjoys desirable properties such as no secret key update, partial ciphertext update and assured data deletion is proposed.
Posted Content•
TL;DR: Connor as mentioned in this paper is a graph encryption scheme that enables approximate constrained shortest distance (CSD) querying over encrypted graphs, where a graph owner can encrypt privacy-sensitive graphs and then outsource them to the cloud server, achieving the necessary privacy without losing the ability of querying.
Abstract: Constrained shortest distance (CSD) querying is one of the fundamental graph query primitives, which finds the shortest distance from an origin to a destination in a graph with a constraint that the total cost does not exceed a given threshold. CSD querying has a wide range of applications, such as routing in telecommunications and transportation. With an increasing prevalence of cloud computing paradigm, graph owners desire to outsource their graphs to cloud servers. In order to protect sensitive information, these graphs are usually encrypted before being outsourced to the cloud. This, however, imposes a great challenge to CSD querying over encrypted graphs. Since performing constraint filtering is an intractable task, existing work mainly focuses on unconstrained shortest distance queries. CSD querying over encrypted graphs remains an open research problem. In this paper, we propose Connor, a novel graph encryption scheme that enables approximate CSD querying. Connor is built based on an efficient, tree-based ciphertext comparison protocol, and makes use of symmetric-key primitives and the somewhat homomorphic encryption, making it computationally efficient. Using Connor, a graph owner can first encrypt privacy-sensitive graphs and then outsource them to the cloud server, achieving the necessary privacy without losing the ability of querying. Extensive experiments with real-world datasets demonstrate the effectiveness and efficiency of the proposed graph encryption scheme.
TL;DR: A symmetric key image cryptosystem based on the piecewise linear map that can fight against the chosen/known plaintext attacks due to the using of plaintext-related scrambling and has many merits such as high encryption/decryption speed, large key space, strong key sensitivity, strong plaintext sensitivity, good statistical properties of cipher images, and large cipher-text information entropy.
Abstract: A symmetric key image cryptosystem based on the piecewise linear map is presented in this paper. In this cryptosystem, the encryption process and the decryption process are exactly same. They both include the same operations of plaintext-related scrambling once, diffusion twice and matrix rotating of 180 degrees four times. The length of secret key in the system is 64d where d is a positive integer. The proposed system can fight against the chosen/known plaintext attacks due to the using of plaintext-related scrambling. The simulate results and comparison analysis show that the proposed system has many merits such as high encryption/decryption speed, large key space, strong key sensitivity, strong plaintext sensitivity, strong cipher-text sensitivity, good statistical properties of cipher images, and large cipher-text information entropy. So the proposed system can be applied to actual communications.
TL;DR: A secure and verifiable access control scheme based on the NTRU cryptosystem for big data storage in clouds that enables the data owner and eligible users to effectively verify the legitimacy of a user for accessing the data, and a user to validate the information provided by other users for correct plaintext recovery.
Abstract: Due to the complexity and volume, outsourcing ciphertexts to a cloud is deemed to be one of the most effective approaches for big data storage and access. Nevertheless, verifying the access legitimacy of a user and securely updating a ciphertext in the cloud based on a new access policy designated by the data owner are two critical challenges to make cloud-based big data storage practical and effective. Traditional approaches either completely ignore the issue of access policy update or delegate the update to a third party authority; but in practice, access policy update is important for enhancing security and dealing with the dynamism caused by user join and leave activities. In this paper, we propose a secure and verifiable access control scheme based on the NTRU cryptosystem for big data storage in clouds. We first propose a new NTRU decryption algorithm to overcome the decryption failures of the original NTRU, and then detail our scheme and analyze its correctness, security strengths, and computational efficiency. Our scheme allows the cloud server to efficiently update the ciphertext when a new access policy is specified by the data owner, who is also able to validate the update to counter against cheating behaviors of the cloud. It also enables (i) the data owner and eligible users to effectively verify the legitimacy of a user for accessing the data, and (ii) a user to validate the information provided by other users for correct plaintext recovery. Rigorous analysis indicates that our scheme can prevent eligible users from cheating and resist various attacks such as the collusion attack.
TL;DR: Experimental results such as key space analysis, key sensitivity analysis, differential analysis, histograms, information entropy, and correlation coefficients show that the image encryption algorithm is safe and reliable, and has high application potential.
Abstract: In order to overcome the difficulty of key management in “one time pad” encryption schemes and also resist the attack of chosen plaintext, a new image encryption algorithm based on chaos and SHA-256 is proposed in this paper. The architecture of confusion and diffusion is adopted. Firstly, the surrounding of a plaintext image is surrounded by a sequence generated from the SHA-256 hash value of the plaintext to ensure that each encrypted result is different. Secondly, the image is scrambled according to the random sequence obtained by adding the disturbance term associated with the plaintext to the chaotic sequence. Third, the cyphertext (plaintext) feedback mechanism of the dynamic index in the diffusion stage is adopted, that is, the location index of the cyphertext (plaintext) used for feedback is dynamic. The above measures can ensure that the algorithm can resist chosen plaintext attacks and can overcome the difficulty of key management in “one time pad” encryption scheme. Also, experimental results such as key space analysis, key sensitivity analysis, differential analysis, histograms, information entropy, and correlation coefficients show that the image encryption algorithm is safe and reliable, and has high application potential.
19 Aug 2018
TL;DR: To fully assess the post-quantum security, security analysis in the quantum random oracle model (QROM) is preferred, but current works either lacked a QROM security proof or just followed Targhi and Unruh’s proof technique and modified the original transformations by adding an additional hash to the ciphertext to achieve the Q ROM security.
Abstract: With the gradual progress of NIST’s post-quantum cryptography standardization, the Round-1 KEM proposals have been posted for public to discuss and evaluate. Among the IND-CCA-secure KEM constructions, mostly, an IND-CPA-secure (or OW-CPA-secure) public-key encryption (PKE) scheme is first introduced, then some generic transformations are applied to it. All these generic transformations are constructed in the random oracle model (ROM). To fully assess the post-quantum security, security analysis in the quantum random oracle model (QROM) is preferred. However, current works either lacked a QROM security proof or just followed Targhi and Unruh’s proof technique (TCC-B 2016) and modified the original transformations by adding an additional hash to the ciphertext to achieve the QROM security.
TL;DR: This paper designs an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity- based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism and presents a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud.
Abstract: Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by untrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
TL;DR: An improved encryption scheme is proposed, in which a feedback mechanism is introduced, a bidirectional diffusion scheme is designed, and values of the ciphertext are associated with more parameters in each diffusion process.
Abstract: This article performs the cryptanalysis of an image encryption algorithm using an S-box generated by chaos. The algorithm has the advantages of simple structure, high encryption efficiency, and good encryption performance. However, an attentive investigation reveals that it has some undiscovered security flaws. The image cryptosystem is totally breakable under proposed chosen-plaintext attack, and only two chosen plain-images are required. An array equivalent to the S-box is constructed by an elaborately designed chosen-plaintext image, and the cipher-image is deciphered without having to know the S-box itself. Both mathematical deduction and experimental results validate the feasibility of the attacking scheme. Furthermore, an improved encryption scheme is proposed, in which a feedback mechanism is introduced, a bidirectional diffusion scheme is designed, and values of the ciphertext are associated with more parameters in each diffusion process. Testing results and security analysis verify that the improved cryptographic system can achieve a higher security level and has a better performance than some of the latest encryption algorithms.
Posted Content•
TL;DR: In this paper, the authors proposed a secure matrix computation mechanism based on homomorphic encryption, which can be applied to most of the existing HE schemes and achieves reasonable performance for practical use; for example, their implementation takes 9.21 seconds to multiply two encrypted square matrices and 2.56 seconds to transpose a square matrix of order 64.
Abstract: Homomorphic Encryption (HE) is a powerful cryptographic primitive to address privacy and security issues in outsourcing computation on sensitive data to an untrusted computation environment. Comparing to secure Multi-Party Computation (MPC), HE has advantages in supporting non-interactive operations and saving on communication costs. However, it has not come up with an optimal solution for modern learning frameworks, partially due to a lack of efficient matrix computation mechanisms. In this work, we present a practical solution to encrypt a matrix homomorphically and perform arithmetic operations on encrypted matrices. Our solution includes a novel matrix encoding method and an efficient evaluation strategy for basic matrix operations such as addition, multiplication, and transposition. We also explain how to encrypt more than one matrix in a single ciphertext, yielding better amortized performance. Our solution is generic in the sense that it can be applied to most of the existing HE schemes. It also achieves reasonable performance for practical use; for example, our implementation takes 9.21 seconds to multiply two encrypted square matrices of order 64 and 2.56 seconds to transpose a square matrix of order 64. Our secure matrix computation mechanism has a wide applicability to our new framework EDM, which stands for encrypted data and encrypted model. To the best of our knowledge, this is the first work that supports secure evaluation of the prediction phase based on both encrypted data and encrypted model, whereas previous work only supported applying a plain model to encrypted data. As a benchmark, we report an experimental result to classify handwritten images using convolutional neural networks (CNN). Our implementation on the MNIST dataset takes 28.59 seconds to compute ten likelihoods of 64 input images simultaneously, yielding an amortized rate of 0.45 seconds per image.
TL;DR: The experimental results show that the proposed method can effectively encrypt the image and has prominent characteristics, such as strong plaintext sensitivity, a large key space, and excellent ciphertext statistical properties.
Abstract: Based on the Feistel network and dynamic deoxyribonucleic acid (DNA) encoding technology, an image encryption method is proposed using the “permutation-diffusion-scrambling” structure. First, the SHA-3 algorithm is used to calculate the hash value of the plaintext image as the initial value of the hyperchaotic system, and the chaos-generated sequence is used to generate the Hill cipher matrix to replace the image pixel. Second, the DNA sequence operation is used as the F function of the Feistel network. The DNA sequence database is used as the key K of Feistel network, and the image pixel value diffusion is realized by the Feistel network. Finally, further diffusion is carried out through the ciphertext feedback and through the ciphertext confusion and diffusion of three rounds of “chaotic scrambling-DNA encoding-Feistel transformation-DNA decoding,” making the ciphertext more random and resistant to attacks and ensuring that the encrypted ciphertext is more secure. The experimental results show that the proposed method can effectively encrypt the image and has prominent characteristics, such as strong plaintext sensitivity, a large key space, and excellent ciphertext statistical properties.
TL;DR: This paper proposes ECSED, a novel semantic search scheme based on the concept hierarchy and the semantic relationship between concepts in the encrypted datasets, and employs the multi-keyword ranked search over encrypted cloud data as a basic frame to propose two secure schemes.
Abstract: With the increasing adoption of cloud computing, a growing number of users outsource their datasets to cloud. To preserve privacy, the datasets are usually encrypted before outsourcing. However, the common practice of encryption makes the effective utilization of the data difficult. For example, it is difficult to search the given keywords in encrypted datasets. Many schemes are proposed to make encrypted data searchable based on keywords. However, keyword-based search schemes ignore the semantic representation information of users’ retrieval, and cannot completely meet with users search intention. Therefore, how to design a content-based search scheme and make semantic search more effective and context-aware is a difficult challenge. In this paper, we propose ECSED, a novel semantic search scheme based on the concept hierarchy and the semantic relationship between concepts in the encrypted datasets. ECSED uses two cloud servers. One is used to store the outsourced datasets and return the ranked results to data users. The other one is used to compute the similarity scores between the documents and the query and send the scores to the first server. To further improve the search efficiency, we utilize a tree-based index structure to organize all the document index vectors. We employ the multi-keyword ranked search over encrypted cloud data as our basic frame to propose two secure schemes. The experiment results based on the real world datasets show that the scheme is more efficient than previous schemes. We also prove that our schemes are secure under the known ciphertext model and the known background model.