Showing papers on "Key escrow published in 2017"

PayBreak: Defense Against Cryptographic Ransomware

Abstract: Similar to criminals in the physical world, cyber-criminals use a variety of illegal and immoral means to achieve monetary gains. Recently, malware known as ransomware started to leverage strong cryptographic primitives to hold victims' computer files "hostage" until a ransom is paid. Victims, with no way to defend themselves, are often advised to simply pay. Existing defenses against ransomware rely on ad-hoc mitigations that target the incorrect use of cryptography rather than generic live protection. To fill this gap in the defender's arsenal, we describe the approach, prototype implementation, and evaluation of a novel, automated, and most importantly proactive defense mechanism against ransomware. Our prototype, called PayBreak, effectively combats ransomware, and keeps victims' files safe. PayBreak is based on the insight that secure file encryption relies on hybrid encryption where symmetric session keys are used on the victim computer. PayBreak observes the use of these keys, holds them in escrow, and thus, can decrypt files that would otherwise only be recoverable by paying the ransom. Our prototype leverages low overhead dynamic hooking techniques and asymmetric encryption to realize the key escrow mechanism which allows victims to restore the files encrypted by ransomware. We evaluated PayBreak for its effectiveness against twenty hugely successful families of real-world ransomware, and demonstrate that our system can restore all files that are encrypted by samples from twelve of these families, including the infamous CryptoLocker, and more recent threats such as Locky and SamSam. Finally, PayBreak performs its protection task at negligible performance overhead for common office workloads and is thus ideally suited as a proactive online protection system.

One-shot verifiable encryption from lattices

Abstract: Verifiable encryption allows one to prove properties about encrypted data and is an important building block in the design of cryptographic protocols, e.g., group signatures, key escrow, fair exchange protocols, etc. Existing lattice-based verifiable encryption schemes, and even just proofs of knowledge of the encrypted data, require parallel composition of proofs to reduce the soundness error, resulting in proof sizes that are only truly practical when amortized over a large number of ciphertexts.

A Collaborative Key Management Protocol in Ciphertext Policy Attribute-Based Encryption for Cloud Data Sharing

Abstract: Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technique for fine-grained access control of outsourced data in the cloud. However, some drawbacks of key management hinder the popularity of its application. One drawback in urgent need of solution is the key escrow problem. We indicate that front-end devices of clients like smart phones generally have limited privacy protection, so if private keys are entirely held by them, clients risk key exposure that is hardly noticed but inherently existed in previous research. Furthermore, enormous client decryption overhead limits the practical use of ABE. In this paper, we propose a collaborative key management protocol in CP-ABE. Our construction realizes distributed generation, issue and storage of private keys without adding any extra infrastructure. A fine-grained and immediate attribute revocation is provided for key update. The proposed collaborative mechanism effectively solves not only key escrow problem but also key exposure. Meanwhile, it helps markedly reduce client decryption overhead. A comparison with other representative CP-ABE schemes demonstrates that our scheme has somewhat better performance in terms of cloud-based outsourced data sharing on mobile devices. Finally, we provide proof of security for the proposed protocol.

A Ciphertext-Policy Attribute-based Encryption Scheme With Optimized Ciphertext Size And Fast Decryption

Abstract: We address the problem of ciphertext-policy attribute-based encryption with fine access control, a cryptographic primitive which has many concrete application scenarios such as Pay-TV, e-Health, Cloud Storage and so on. In this context we improve on previous LSSS based techniques by building on previous work of Hohenberger and Waters at PKC'13 and proposing a construction that achieves ciphertext size linear in the minimum between the size of the boolean access formula and the number of its clauses. Our construction also supports fast decryption. We also propose two interesting extensions: the first one aims at reducing storage and computation at the user side and is useful in the context of lightweight devices or devices using a cloud operator. The second proposes the use of multiple authorities to mitigate key escrow by the authority.

PKE method and system based on SM2 algorithm

Abstract: The invention provides a partial key escrow (PKE) method and system based on a public key cryptographic algorithm SM2, and belongs to the field of information security. N (N is not less than 1) different PKE systems form one key escrow network. An SM2 private key of a user is divided into N+1 partial keys by utilizing key partition storage and multiparty combined calculation modes; the user and the N different PKE systems perform scatter storage; and the user and the N different PKE systems are combined to complete a correlation calculation when the private key needs to be used. At user key generation and use stages, the PKE system generates user partial private keys by utilizing a labeling mapping algorithm, but does not practically save the user partial private keys; therefore, the construction scale of the system can be largely reduced, investment costs of the system are reduced, and operation efficiency and service level of the system are improved.

Certificateless Signcryption in the Standard Model

Abstract: Signcryption can realize encryption and signature simultaneously with lower computational costs and communicational overheads than those of the traditional sign-then-encrypt approach. Certificateless cryptosystem solves the key escrow problem in the identity-based cryptosystem and simplifies the public key management in the traditional public key cryptosystem. There have been some certificateless signcryption schemes proposed in the standard model up to now, but all of them are just proposed in a weaker Type I security model, which is weaker than the original security model of Barbosa and Farshim, who proposed the first certificateless signcryption scheme. In this paper, we propose a certificateless signcryption scheme in the standard model by using bilinear pairings, which is Type I secure in the original security model of Barbosa and Farshim and can resist the malicious-but-passive key generation center Type II attack. The proposed scheme is proved confidential assuming the modified decisional bilinear Diffie---Hellman (M-DBDH) problem is hard, and unforgeable assuming the square computational Diffie---Hellman (Squ-CDH) problem is hard. At last, we evaluate its efficiency which shows it is of high efficiency.

Securing Content Sharing over ICN

Abstract: The emerging Information-Centric Networking (ICN) paradigm is expected to facilitate content sharing among users. ICN will make it easy for users to appoint storage nodes, in various network locations, perhaps owned or controlled by them, where shared content can be stored and disseminated from. These storage nodes should be (somewhat) trusted since not only they have (some level of) access to user shared content, but they should also properly enforce access control. Traditional forms of encryption introduce significant overhead when it comes to sharing content with large and dynamic groups of users. To this end, proxy re-encryption provides a convenient solution. In this paper, we use Identity-Based Proxy Re-Encryption (IB-PRE) to provide confidentiality and access control for content items shared over ICN, realizing secure content distribution among dynamic sets of users. In contrast to similar IB-PRE based solutions, our design allows each user to generate the system parameters and the secret keys required by the underlay encryption scheme using their own Private Key Generator, therefore, our approach does not suffer from the key escrow problem. Moreover, our design further relaxes the trust requirements on the storage nodes by preventing them from sharing usable content with unauthorized users. Finally, our scheme does not require out-of-band secret key distribution.

Towards privacy protection and malicious behavior traceability in smart health

Abstract: As a more ubiquitous concept, smart health (s-health) is the context-aware complement of mobile health within smart cities, and it has made an increasing number of people turn to cloud-based services. In a practical s-health system, security and privacy issues are of great importance and have to be addressed. In this paper, we propose a secure s-health system which realizes fine-grained access control on s-health cloud data and hence ensures users' privacy protection. The key technique is a promising cryptographic primitive called ciphertext-policy attribute-based encryption. In order to trace malicious behaviors in the proposed s-health system, two kinds of key abuse problems are considered: malicious key sharing among colluding users and key escrow problem of the semi-trusted authority. In the proposed s-health system, any malicious behavior of a user including illegal key sharing can be traced. For the semi-trusted authority, it can be accountable for its misbehavior including illegal key re-distribution. Particularly, the proposed system supports large universe and attributes do not need to be pre-specified during the system initialization phase. Besides, our system is proven fully secure in the random oracle model and it allows any monotonic access policies. Theoretical analysis and experimental results indicate that the proposed s-health system is suitable for smart city environment.

Certificateless public verification scheme with privacy-preserving and message recovery for dynamic group

Abstract: Public auditing is a topic issue as it makes a third party auditor replace user to verify the data integrity. Hence, it handles users' problems such as cannot be on-line all times and with constrained computing resources. However, this technology may reveal user's information to the verifier. Therefore, privacy-preserving should be considered in public auditing. What's more, the existing public auditing schemes are mainly based on signatures what need to transfer signature and message together. This kind of public verification scheme is not suitable in small bandwidth situation. Especially, due to unstable network, it will be difficult to upload large files and cloud server cannot ensure that the message he gets is correct. Message recovery signature is adaptable in this circumstance as it only transfers signature and the message can be recovered from the corresponding valid signature. Moreover, certificate-based schemes have certificate management problem and ID-based schemes have key escrow problem. To solve above problems, in this paper, we proposed a certificateless privacy-preserving public verification scheme which also supports message recovery and dynamic group. What's more, our scheme eliminates problems of certificates management and key escrow. Furthermore, we show that our scheme is secure and efficient in performance analysis.

Efficient and secure certificateless signature scheme in the standard model

Abstract: Summary Certificateless cryptography not only enjoys many advantages of identity-based cryptography (IBC) but also eliminates the fatal drawback, which is called the key escrow in IBC. Most of the early certificateless signature schemes are secure based on the random oracle model, and nowadays, more and more researchers put emphasis on the scheme based on the standard model. In 2010, Xia et al. demonstrated that the previous schemes in the standard model cannot resist the public-key-replace attack. In 2012, for the purpose of overcoming the common drawback, Yu et al. presented a new certificateless signature scheme. However, under the public-key-replace attack and malicious-but-passive key generation center attack, this scheme is proven to be vulnerable. Moreover, there are too many bilinear pairings used in this scheme, which lead to its low computation efficiency. Aiming at the weakness of the scheme byYu et al., we propose a new certificateless signature scheme, which provides stronger security and higher computational efficiency than the existing schemes. In addition, according to the concept of Girault's trust level, the new scheme can reach trust level 3. Copyright © 2015 John Wiley & Sons, Ltd.

Lattice-Based Revocable Certificateless Signature

Abstract: Certificateless signatures (CLS) are noticeable because they may resolve the key escrow problem in ID-based signatures and break away the management problem regarding certificate in conventional signatures. However, the security of the mostly previous CLS schemes relies on the difficulty of solving discrete logarithm or large integer factorization problems. These two problems would be solved by quantum computers in the future so that the signature schemes based on them will also become insecure. For post-quantum cryptography, lattice-based cryptography is significant due to its efficiency and security. However, no study on addressing the revocation problem in the existing lattice-based CLS schemes is presented. In this paper, we focus on the revocation issue and present the first revocable CLS (RCLS) scheme over lattices. Based on the short integer solution (SIS) assumption over lattices, the proposed lattice-based RCLS scheme is shown to be existential unforgeability against adaptive chosen message attacks. By performance analysis and comparisons, the proposed lattice-based RCLS scheme is better than the previously proposed lattice-based CLS scheme, in terms of private key size, signature length and the revocation mechanism.

An Efficient Compromised Node Revocation Scheme in Fog-Assisted Vehicular Crowdsensing

Abstract: In this paper, we propose an efficient compromised node revocation scheme for enhancing security in road surface condition monitoring system (RSCMS) using fog computing. On the basis of certificateless aggregate signcryption scheme (CLASC), a data transmission protocol for monitoring road surface conditions is designed with security properties including reports confidentiality, integrity, mutual authenticity, privacy, revocation functionality and key escrow resilience. Extensive simulations are conducted to validate the proposed protocol. It is demonstrated that the proposed protocol outperfroms counterparts in terms of scalability, user revocation and signature verification efficiency.

Multi-authority Attribute-Based Encryption Access Control Scheme with Hidden Policy and Constant Length Ciphertext for Cloud Storage

Abstract: In order to protect user privacy, save storage overhead and implement flexible and fine-grained access control, a multi-authority CP-ABE access control scheme with hidden policy and constant length ciphertext is proposed, and the scheme proves to be CPA-secure under the security model. The user's private key is generated by multiple authorities to alleviate damage of broken authorities to the system. The central authority publishes public parameters, and generates signature tags for users and authorities. However, it does not participate in the generation of any master key or attribute private key, thus avoiding the key escrow problem. The access structure is hidden within the ciphertext, so that malicious users are unable to obtain sensitive information through the access structure, which effectively protects user privacy. In addition, this scheme realizes constant length ciphertext. The number of exponentiation operation for encryption and bilinear pairing operation for decryption are fixed. Finally, theoretical analysis and experimental results show that the performance of our scheme is significantly superior to that of comparable schemes.

Accountable Multi-authority Ciphertext-Policy Attribute-Based Encryption Without Key Escrow and Key Abuse

Abstract: Ciphertext-policy attribute-based encryption (CP-ABE) is a promising public key encryption primitive enabling fine-grained access control on shared data in public cloud. However, two quite challenging issues, the prevention of key escrow and key abuse, still exist in CP-ABE system. In this paper, we propose a multi-authority CP-ABE scheme without key escrow and key abuse. To prevent key escrow, multiple authorities are employed to perform the same procedure of key generation for an attribute. Thus, no individual authority or colluded authorities that manage no common attribute can decrypt any ciphertext, and it can also resist collusion attack from curious authority with the help of dishonest users. To prevent key abuse of dishonest users, user’s global identifier along with a signature is embedded into the secret key. Thus, any third party can learn the identity from a shared secret key and publicly verify its validity. An advantage of simultaneously preventing key escrow and key abuse is that the proposed scheme can achieve accountability, i.e. an auditor can publicly audit a user or authorities abuse the secret key. At last, the proposed scheme is fully secure in the random oracle model, and due to a key aggregate algorithm its efficiency is comparable to the decentralizing CP-ABE scheme [18] on which it is based.

An Efficient ID-based Online/Offline Signature Scheme without Key Escrow.

Abstract: Recently, several identity-based signature schemes with Bilinear Pairing and Map-To-Point (MTP) functions have been introduced. However, identity-based cryptography (IBC) schemes suffer from the serious secure problem due to Key Escrow. In addition, both Bilinear Pairing and MTP function are time-consuming operations, and thus the cryptographic schemes based on these expensive operations have high computational burden. In this paper, we proposed an efficient identity-based online/offline signature scheme without using Bilinear Pairing and MTP function. Especially, the proposed scheme overcomes the key escrow problem, and achieves some good features. Furthermore, the securities of the proposed scheme were proven in the random oracle model with the hardness of elliptic curve discrete logarithm problem (ECDLP).

Internet of vehicle condition privacy protection method based on certificateless aggregate signcryption and system

Abstract: The invention discloses an Internet of vehicle condition privacy protection method based on certificateless aggregate signcryption and a system, wherein the method and the system have excellent performance based on a certificateless password system. According to the method, problems of certificate management and secret key escrow can be avoided, calculation efficiency of the Internet of vehicle during aggregate signcryption verification and aggregate signcryption efficiency during network transmission are improved, condition privacy protection of Internet-of-vehicle users is realized, and the method and the system can be safely utilized in the open Internet of vehicle.

Efficient two-party certificateless authenticated key agreement protocol under GDH assumption

Abstract: Security and efficiency are two key requirements for most of the authentication protocol, especially for the mobile wireless network. However, security and efficiency are a contradiction for the design of authentication protocol, it is hard to meet the two requirements simultaneously. Since certificateless public key cryptography (CL-PKC) has an advantage in wiping off key escrow problem, many certificateless authentication key agreement (CL_AKA) protocols have been proposed. The existing CL_AKA protocols may meet either security requirement well or efficiency requirement well, but cannot meet the two well. In this paper, we propose an efficient two-party CL_AKA protocol with strong security. We perform an in-depth security analysis in extended Canetti-Krawczyk (eCK) model to show the proposed CL_AKA protocol is provably secure. The performance analysis shows that the proposed protocol can meet the strong security and efficiency requirements simultaneously.

A universal cloud user revocation scheme with key-escrow resistance for ciphertext-policy attribute-based access control

Abstract: Cloud storage service allows its users to store and share data in a cloud environment. To secure the data from unauthorized entities while sharing, cryptographic mechanisms are used. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is one such mechanism, which has been widely used to achieve fine-grained access control over encrypted data. However, user revocation and keyescrow, in CP-ABE, are still remaining as challenging problems. In this paper, we propose a key-escrow resistant CP-ABE based access control scheme to provide efficient user revocation. The security analysis of the scheme has been done using Information Theory Tools. The security analysis establishes that it is unconditionally secure and provides any-wise revocation capability. Moreover, comparison with the other notable works in the area shows that it outperforms them in terms of computational and communication overheads.

Efficient Certificate-Based Signature and Its Aggregation

Abstract: The certificate-based cryptography is proposed to eliminate the key escrow problem of ID-based public key cryptography and simplify certificate management procedures of traditional public key infrastructure (PKI) in the same time. Since its invention, many certificate-based signature have been proposed. However, the existing schemes either only support partial aggregateability, or require a pre-negotiated one-time-use nonce. To solve this problem, in this paper, we propose a new certificate-based signature scheme where signatures on the same message signed by different users can be aggregated into a single signature without the pre-negotiated one-time-use nonce. Furthermore, verification in our proposal only involves four pairing operations. Our proposed certificate-based (aggregate) signature scheme can be considered as the combination of Gentry-Ramzan identity-based aggregate signature scheme and Boneh-Lynn-Shacham short signature scheme. Similar to their schemes, our proposal can be also proven secure in the random oracle model based on the computational Diffie-Hellman assumption.

Managing session secrets for continuous packet capture systems

Abstract: Embodiments are direct to monitoring communication between computers may be using network monitoring computers (NMCs). Network packets that are communicated between the computers may be captured and stored in a data store. If the NMCs identify a secure communication session established between two computers, the NMCs may obtain key information that corresponds to the secure communication session that includes a session key that may be provided by a key provider. Correlation information associated with the secure communication session may be captured by the NMCs. The correlation information may include tuple information associated with the secure communication session. And, the key information and the correlation information may be stored in a key escrow. The key information may be indexed in the key escrow using the correlation information.

A certificateless approach to onion routing

Abstract: Onion routing protocols allow users to establish anonymous channels to preserve their privacy over a public network. Several protocols implementing this primitive have been proposed in recent years, and The onion routing network (Tor), a real-life implementation, provides an onion routing service to thousands of users over the Internet. This paper presents Certificateless Onion Routing a new approach to the problem. Starting from the identity-based solution (PB-OR) of Kate et al. (ACM TISSEC 2000), we adopt the certificateless setting introduced by Al-Riyami and Paterson in 2003. Such a setting is particularly well suited in practice as it retains the good aspects of identity-based cryptography (no PKI is required) and traditional public key cryptography (there is no key escrow). Next, we present a novel certificateless key-encapsulation mechanism and we show how to turn it into a very efficient (and provably secure!) certificateless onion routing protocol. When compared with Tor and PB-OR, our protocol offers better performances, especially when current security levels (i.e., 128 bits) are considered. In particular, our scheme significantly improves the computational costs required from each router. In this sense, our solution is up to 7 times faster than PB-OR and up to 11 times faster than Tor.

Secure Certificateless Proxy Re-encryption Without Pairing

Abstract: A Proxy Re-encryption (PRE) is a cryptographic scheme for delegation of decryption rights. In a PRE scheme, a semi-honest proxy agent of Bob re-encrypts the ciphertext, on the message intended for Alice, on behalf of Bob, without learning anything about the message. The PRE schemes are useful in the scenarios where data are desired to be shared with the authorized users over the cloud. For such important applications, in this paper, we present an efficient and secure proxy re-encryption scheme. To avoid the overhead due to certification and to get rid of the key escrow issue of identity-based setting, we construct our scheme on the certificateless setting. The scheme has been proved secure in random oracle model under the standard assumption, the hardness of the computational Diffie-Hellman problem (CDHP). Moreover, as we device a pairing-free construction, our scheme is significantly more efficient than the best available scheme.

Parallel Long Messages Encryption Scheme Based on Certificateless Cryptosystem for Big Data

Abstract: In big data environment, the quantity of generated and stored data is huge, and the size is larger than before A general solution to encrypt large messages is to adopt the hybrid encryption method, that is, one uses an asymmtric cryptosystem to encrypt the symmetric key, and needs a symmetric cryptosystem to encrypt the real message To eliminate this requirement for an additional cryptosystem, a parallel long message encryption scheme based on certificateless cryptosystem is proposed, which eliminates the needs for public key certificates, and avoids the key escrow problem In combination with parallel computer hardware, we further improve the performance The simulation results show that it can make full use of CPU resources and has high efficiency advantages In the random oracle model, the presented scheme is secure in a One-Way Encryption (OWE) model

A Provably Secure Certificateless User Authentication Protocol for Mobile Client-Server Environment

Abstract: Based on mobile devices limitations, several user authentications and key exchange schemes have been proposed for mobile devices using identity-based public key cryptography (ID-PKC) However, these schemes suffer from key escrow problem Moreover, they are not secure against impersonation attacks, and they can’t achieve perfect forward secrecy In this paper, a new user authentication and key exchange protocol for the mobile client-server environment is proposed Certificateless public key cryptography (CL-PKC) and bilinear pairing are adopted in the proposed scheme Our protocol solves the key escrow problem of identity-based public key cryptography Also, it is secure against both adversaries type I and type II Furthermore, the proposed protocol achieves perfect forward secrecy We prove the security of our protocol in the random oracle model under the Computational Diffie-Hellman (CDH) problem Hence, the proposed scheme is more suitable for the mobile devices environments

Survey on certificateless key management schemes in mobile ad hoc networks

Abstract: In order to ensure the security of mobile ad hoc networks (MANETs), the research on certificateless key management scheme is attracting more and more attention. The certificateless key management scheme can well resist the key escrow problem and it is very suitable for MANET, which is source-constrained and has no public key infrastructure. In this paper, we give an overview of some recent certificateless key management schemes and analyse their advantages and disadvantages. Then we make a comparison of their main methods, key distribution, private key generation and their calculation cost. Finally we put forward a suggestion to solve the problems existing in the certificateless key management scheme.

An efficient certificateless signcryption scheme in the standard model

Abstract: Certificateless public key cryptography (CL-PKC) is a useful method in order to solve the problems of traditional public key infrastructure (i.e., large amount of computation, storage and communication costs for managing certificates) and ID-based public key cryptography (i.e., key escrow problem), simultaneously. A signcryption scheme is an important primitive in cryptographic protocols which provides the goals of signing and encrypting, simultaneously. In 2010, Liu et al. presented the first certificateless signcryption (CLSC) scheme in the standard model, but their scheme is vulnerable against different attacks presented in the literature, till now. In this paper, we improve their scheme and propose a new CLSC scheme, which is semantically secure against adaptive chosen ciphertext attack under the (Ѕ2, 5)-BDHE-Set assumption and existentially unforgeable against adaptive chosen message attack under the 3-CDHE assumption in the standard model. Our scheme is more efficient than all other secure CLSC schemes in the standard model proposed up to now.