Showing papers on "Plaintext-aware encryption published in 2012"

Functional Encryption with Bounded Collusions via Multi-party Computation

Abstract: We construct functional encryption schemes for polynomial-time computable functions secure against an a-priori bounded polynomial number of collusions. Our constructions require only semantically secure public-key encryption schemes and pseudorandom generators computable by small-depth circuits known to be implied by most concrete intractability assumptions. For certain special cases such as predicate encryption schemes with public index, the construction requires only semantically secure encryption schemes. Along the way, we show a "bootstrapping theorem" that builds a q-query functional encryption scheme for arbitrary functions starting from a q-query functional encryption scheme for bounded-degree functions. All our constructions rely heavily on techniques from secure multi-party computation and randomized encodings. Our constructions are secure under a strong simulation-based definition of functional encryption.

A new image encryption method: parallel sub-image encryption with hyper chaos

Abstract: A new image encryption scheme, based on a total shuffling and parallel encryption algorithm is proposed in this paper. Two chaotic systems have been used in the encryption algorithm to confuse the re- lationship between the plain-image and the cipher- image. To make the encryption procedure more con- fusing and complex, the plain-image is first divided into 4 sub-images and then the position of each sub- image is changed pseudo-randomly according to a lo- gistic map. Next, a total shuffling matrix is used to shuffle the position of pixels in the whole image and then sub-images are encrypted simultaneously in a parallel manner. The experimental results on USC data base demonstrate that the proposed encryption algo- rithm has a low time complexity and has the advan- tages of large key space and high security. Moreover, the robustness of this locally encryption method is much more in contrast with other encryption schemes and the distribution of gray values has a random-like behavior in the encrypted image.

A new image encryption scheme based on a chaotic function

Abstract: In recent years, several methods of secure image encryption were studied and developed through chaotic processes or functions. In this paper, a new image encryption scheme based on a coupling of chaotic function and xor operator is presented. The main advantages of such a method are the abilities to produce a large key space to resist brute-force attacks, and to encrypt securely images with any entropy structure assuring indistinguishability, confusion and diffusion properties in the corresponding cipher-images. The results of several statistical analysis about randomness, sensitivity and correlation of the cipher-images show that the proposed cryptosystem is efficient and secure enough to be used for the image encryption and transmission. Moreover, the implementation of the corresponding algorithm is easy and only integers are used.

Breaking a novel image encryption scheme based on improved hyperchaotic sequences

Abstract: Recently, a novel image encryption scheme based on improved hyperchaotic sequences was proposed. A pseudo-random number sequence, generated by a hyper-chaos system, is used to determine two involved encryption functions, bitwise exclusive or (XOR) operation and modulo addition. It was reported that the scheme can be broken with some pairs of chosen plain-images and the corresponding cipherimages. This paper re-evaluates the security of the encryption scheme and finds that the encryption scheme can be broken with only one known plain-image. The performance of the known-plaintext attack, in terms of success probability and computation load, become even much better when two known plain-images are available. In addition, security defects on insensitivity of the encryption result with respect to changes of secret key and plain-image are also reported.

Breaking a novel colour image encryption algorithm based on chaos

Abstract: Recently, a colour image encryption algorithm based on chaos was proposed by cascading two position permutation operations and one substitution operation, which are all determined by some pseudo-random number sequences generated by iterating the logistic map. This paper evaluates the security level of this encryption algorithm and finds that the position permutation-only part and the substitution part can be separately broken with only ⌈(log2(3MN))/8⌉ and 2 chosen plain-images, respectively, where MN is the size of the plain-image. The effectiveness of the proposed chosen-plaintext attack is supported by concise theoretical analyses, and is verified by experimental results.

Fully Homomorphic Encryption

Abstract: In one exemplary embodiment of the invention, a method and computer program include: receiving first and second ciphertexts having first and second data encrypted per an encryption scheme, the encryption scheme has public/secret keys and encryption, decryption, operation and refresh functions, the encryption function encrypts data, the decryption decrypts ciphertext, the operation receives ciphertexts and performs operation(s) on them, the refresh operates to prevent growth of the magnitude of noise for a ciphertext while reducing the modulus of the ciphertext without using the secret key, utilizing a modulus switching technique that involves transforming a first ciphertext c modulo q into a second ciphertext c′ modulo p while preserving correctness, the technique includes scaling by p/q and rounding, p

Breaking a chaotic image encryption algorithm based on perceptron model

Abstract: Recently, a chaotic image encryption algorithm based on the perceptron model was proposed. The present paper analyzes the security of the algorithm and finds that the equivalent secret key can be reconstructed with only one pair of known-plaintext/ciphertext, which is supported by both mathematical proof and experiment results. In addition, two other security defects are also reported.

Modified RSA Encryption Algorithm (MREA)

Abstract: In asymmetric key cryptography, also called Public Key cryptography, two different keys (which forms a key pair) are used. One key is used for encryption & only the other corresponding key must be used for decryption. No other key can decrypt the message, not even the original (i.e. the first) key used for encryption. The beauty of this scheme is that every communicating party needs just a key pair for communicating with any number of other communicating parties. Once some one obtains a key pair, he /she can communicate with any one else. RSA is a well known public-key cryptography algorithm. It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. The security of the RSA cryptosystem is based on two mathematical problems: the problem of factoring large numbers know mathematical attack and the problem of trying all possible private keys know brute force attack. So to improve the security, this scheme presents a new cryptography algorithm based on additive homomorphic properties called Modified RSA Encryption Algorithm (MREA). MREA is secure as compared to RSA as it is based on the factoring problem as well as decisional composite residuosity assumptions which is the intractability hypothesis. The scheme is an additive homomorphic cryptosystem, this means that, given only the public-key and the encryption of m1 and m2, one can compute the encryption of m1 + m2. This scheme also presents comparison between RSA and MREA cryptosystems in terms of security and performance.

Incremental deterministic public-key encryption

Abstract: Motivated by applications in large storage systems, we initiate the study of incremental deterministic public-key encryption. Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O'Neill (CRYPTO '07), provides a realistic alternative to randomized public-key encryption in various scenarios where the latter exhibits inherent drawbacks. A deterministic encryption algorithm, however, cannot satisfy any meaningful notion of security for low-entropy plaintexts distributions, and Bellare et al. demonstrated that a strong notion of security can in fact be realized for relatively high-entropy plaintext distributions. In order to achieve a meaningful level of security, a deterministic encryption algorithm should be typically used for encrypting rather long plaintexts for ensuring a sufficient amount of entropy. This requirement may be at odds with efficiency constraints, such as communication complexity and computation complexity in the presence of small updates. Thus, a highly desirable property of deterministic encryption algorithms is incrementality: small changes in the plaintext translate into small changes in the corresponding ciphertext. We present a framework for modeling the incrementality of deterministic public-key encryption. Within our framework we propose two schemes, which we prove to enjoy an optimal tradeoff between their security and incrementality up to small polylogarithmic factors. Our first scheme is a generic method which can be based on any deterministic public-key encryption scheme, and in particular, can be instantiated with any semantically-secure (randomized) public-key encryption scheme in the random oracle model. Our second scheme is based on the Decisional Diffie-Hellman assumption in the standard model. The approach underpinning our schemes is inspired by the fundamental "sample-then-extract" technique due to Nisan and Zuckerman (JCSS '96) and refined by Vadhan (J. Cryptology '04), and by the closely related notion of "locally-computable extractors" due to Vadhan. Most notably, whereas Vadhan used such extractors to construct private-key encryption schemes in the bounded-storage model, we show that techniques along these lines can also be used to construct incremental public-key encryption schemes.

Single-channel color image encryption based on asymmetric cryptosystem

Abstract: A single-channel color image encryption is proposed based on asymmetric cryptosystem. The color components respectively multiplied with three random phase encryption keys are first combined into one gray image using convolution for further encoding into a real-value gray ciphertext with the asymmetric cryptosystem. Then four decryption keys, which are different from encryption keys and generated in the encryption process, can be used for image decryption. As a result, a more compact and robust system, permitting a real-value gray ciphertext to be transmitted, has been obtained. The feasibility and effectiveness of the proposed method are demonstrated by numerical results.

Ciphertext policy attribute-based encryption from lattices

Abstract: Sahai and Waters [6] proposed Attribute-Based Encryption (ABE) as a new paradigm of encryption algorithms that allow the sender to set a policy describing who can decrypt a particular ciphertext. In this paper, we first propose a ciphertext policy attribute-based encryption (CP-ABE) scheme from lattices, which supports flexible threshold access policies on literal (or boolean) attributes. Then we extend it to support multi-valued attributes without increasing the public key and ciphertext size. Our scheme's master secret key has only one matrix despite of the number of the system's attributes. The security of our schemes is based on the worst-case hardness on lattices.

Hourglass schemes: how to prove that cloud files are encrypted

Abstract: We consider the following challenge: How can a cloud storage provider prove to a tenant that it's encrypting files at rest, when the provider itself holds the corresponding encryption keys? Such proofs demonstrate sound encryption policies and file confidentiality. (Cheating, cost-cutting, or misconfigured providers may bypass the computation/management burdens of encryption and store plaintext only.)To address this problem, we propose hourglass schemes, protocols that prove correct encryption of files at rest by imposing a resource requirement (e.g., time, storage or computation) on the process of translating files from one encoding domain (i.e., plaintext) to a different, target domain (i.e., ciphertext). Our more practical hourglass schemes exploit common cloud infrastructure characteristics, such as limited file-system parallelism and the use of rotational hard drives for at-rest files. For files of modest size, we describe an hourglass scheme that exploits trapdoor one-way permutations to prove correct file encryption whatever the underlying storage medium.We also experimentally validate the practicality of our proposed schemes, the fastest of which incurs minimal overhead beyond the cost of encryption. As we show, hourglass schemes can be used to verify properties other than correct encryption, e.g., embedding of "provenance tags" in files for tracing the source of leaked files. Of course, even if a provider is correctly storing a file as ciphertext, it could also store a plaintext copy to service tenant requests more efficiently. Hourglass schemes cannot guarantee ciphertext-only storage, a problem inherent when the cloud manages keys. By means of experiments in Amazon EC2, however, we demonstrate that hourglass schemes provide strong incentives for economically rational cloud providers against storage of extra plaintext file copies.

Performance evaluation of Smart Grid data aggregation via homomorphic encryption

Abstract: Homomorphic encryption allows arithmetic operations to be performed on ciphertext and gives the same result as if the same arithmetic operation is done on the plaintext. Homomorphic encryption has been touted as one of the promising methods to be employed in Smart Grid (SG) to provide data privacy which is one of the main security concerns in SG. In addition to data privacy, real-time data flow is crucial in SG to provide on-time detection and recovery of possible failures. In this paper, we investigate the overhead of using homomorphic encryption in SG in terms of bandwidth and end-to-end data delay when providing data privacy. Specifically, we compare the latency and data size of end-to-end (ETE) and hop-by-hop (HBH) homomorphic encryption within a network of Smart Meters (SMs). In HBH encryption, at each intermediate node, the received encrypted data from downstream nodes are decrypted first before the aggregation, and then the result is encrypted again for transmission to upstream nodes. On the other hand, the intermediate node in ETE encryption only performs aggregation on ciphertexts for transmission to upstream nodes. We implemented secure data aggregation using Paillier cryptosystem and tested it under various conditions. The experiment results have shown that even though HBH homomorphic encryption has additional computational overhead at intermediate nodes, surprisingly it provides comparable latency and fixed data size passing through the network compared to ETE homomorphic encryption.

Enhanced Method for RSA Cryptosystem Algorithm

Abstract: This paper proposed enhancing the RSA algorithm through the use of additional third prime number in the composition of the public and private key. This will increase the factoring complexity of the variable (n), where the process of its analysis with the development of equipment and tools becomes much easier nowadays.The existence of three prime numbers will give the ability to the enhanced encryption method to increase the difficulty of factoring of the variable (n), as well as speed increasing in the process of encryption and decryption. To generate a variable (n) using the original RSA algorithm, which contributes generating the public and private key that have a number of 300 digits by using two primes number with 150 digits each. In this case the multiplication process will take longer than the time of generating the same variable (n) by using three prime numbers where each number with 100 digits.We have conducted experiments on a set of numbers randomly, as they proved that the Enhanced Method for RSA Cryptosystem Algorithm is faster than the original algorithm in encryption and decryption process and generating public and private key. Also it shows that the analysis of the variable (n) will take a long time in the Enhanced Method for RSA Cryptosystem Algorithm and this indicates the increasing complexity in the analysis method.

A new chaotic system for image encryption

Abstract: With the increasing demand of providing security for images/videos with private information, chaos-based cryptosystems have played an important role in image encryption because of their excellent random properties and encryption performance. However, existing chaos-based systems have the security defect due to small key space or other security weakness. This paper introduces a new chaotic system using a combination of three conventional chaotic maps. The proposed chaotic system shows excellent chaotic behaviors. To demonstrate its application in image processing, a new image encryption scheme using the proposed chaotic system is also introduced. Computer simulation and security analysis demonstrate that the proposed image encryption scheme shows excellent encryption performance, high sensitivity to the security keys, and a sufficiently large key space to resist the brute attack.

Efficient ciphertext-policy attribute based encryption with hidden policy

Abstract: In an anonymous ciphertext-policy attribute-based encryption (CP-ABE) scheme, the encryptor-specified access structure is hidden in ciphertexts. The decryptor gets his secret key from a trust authority according to his attributes. However, he cannot decrypt any ciphertext or guess even what access structure was specified by the encryptor if his attributes do not satisfy the access structure associated with the ciphertext. All previous anonymous CP-ABE schemes are inefficient in that each ciphertext grows linearly with the number of attributes. In this paper, we propose an efficient anonymous CP-ABE scheme that reduces both the length of each ciphertext and the number of pairing operations to a constant level, but still leverages a hidden policy to keep recipients' privacy preserved. Furthermore, our scheme is fully secure in the standard model based on the decisional Bilinear Diffie-Hellman (DBDH) assumption in composite order groups. We remark that in our security definition, only the legitimate decryptor knows access structures associated with ciphertexts.

A Research paper: An ASCII value based data encryption algorithm and its comparison with other symmetric data encryption algorithms

Abstract: Encryption is the process of transforming plaintext into the ciphertext where plaintext is the input to the encryption process and ciphertext is the output of the encryption process. Decryption is the process of transforming ciphertext into the plaintext where ciphertext is the input to the decryption process and plaintext is the output of the decryption process. There are various encryption algorithms exist classified as symmetric and asymmetric encryption algorithms. Here, I present an algorithm for data encryption and decryption which is based on ASCII values of characters in the plaintext. This algorithm is used to encrypt data by using ASCII values of the data to be encrypted. The secret used will be modifying o another string and that string is used as a key to encrypt or decrypt the data. So, it can be said that it is a kind of symmetric encryption algorithm because it uses same key for encryption and decryption but by slightly modifying it. This algorithm operates when the length of input and the length

A CCA2 Secure Variant of the McEliece Cryptosystem

Abstract: The McEliece public-key encryption scheme has become an interesting alternative to cryptosystems based on number-theoretical problems. Different from RSA and ElGamal, McEliece PKC is not known to be broken by a quantum computer. Moreover, even though McEliece PKC has a relatively big key size, encryption and decryption operations are rather efficient. In spite of all the recent results in coding-theory-based cryptosystems, to the date, there are no constructions secure against chosen ciphertext attacks in the standard model-the de facto security notion for public-key cryptosystems. In this paper, we show the first construction of a McEliece-based public-key cryptosystem secure against chosen ciphertext attacks in the standard model. Our construction is inspired by a recently proposed technique by Rosen and Segev.

Plaintext-Checkable encryption

Abstract: We study the problem of searching on encrypted data, where the search is performed using a plaintext message or a keyword, rather than a message-specific trapdoor as done by state-of-the-art schemes. The use cases include delegation of key-word search e.g. to a cloud data storage provider or to an email server, using a plaintext message. We define a new cryptographic primitive called plaintext-checkable encryption (PCE), which extends public-key encryption by the following functionality: given a plaintext, a ciphertext and a public key, it is universally possible to check whether the ciphertext encrypts the plaintext under the key. We provide efficient generic random-oracle constructions for PCE based on any probabilistic or deterministic encryption scheme; we also give a practical construction in the standard model. As another application we show how PCE can be used to improve the efficiency in group signatures with verifier-local revocation (VLR) and backward unlinkability. These group signatures provide efficient revocation of group members, which is a key issue in practical applications.

Somewhat homomorphic encryption scheme for arithmetic operations on large integers

Abstract: Homomorphic encryption allows for processing encrypted data without the need to decrypt them. This technique aggregates privacy and security for data processing in unreliable environments. In this paper, we propose a new encryption scheme oriented for calculating arithmetic functions of large integer numbers. Our proposal is an extension of the encryption scheme proposed in [1]. We also provide an implementation of both the original and the proposed scheme. Even though the total number of allowed homomorphic operations is limited in our scheme, our results show that the new extension is more efficient in terms of processing and that the ratio between the ciphertext and plaintext sizes is similar to that of the original scheme.

A hybrid strategy for cryptanalysis of optical encryption based on double-random phase–amplitude encoding

Abstract: A hybrid two-step attack scheme that combines the chosen-plaintext attack (CPA) and the known-plaintext attack (KPA) algorithms is proposed to acquire the secret keys of the optical cryptosystem based on double-random phase–amplitude encoding (DRPAE) technique. By implementing our presented attack, an opponent can obtain not only the estimated solutions of the two random phase keys but also the accurate solution of the amplitude modulator (AM), which is introduced to the encryption process and regarded as an additional key to enhance the security level of the DRPAE-based cryptosystem. The validity and effectiveness of this attack strategy is analyzed theoretically and then verified by computer simulations.

Lower bounds for private broadcast encryption

Abstract: Broadcast encryption is a type of encryption where the sender can choose a subset from a set of designated receivers on the fly and enable them to decrypt a ciphertext while simultaneously preventing any other party from doing so. The notion of private broadcast encryption extends the primitive to a setting where one wishes to thwart an attacker that additionally attempts to extract information about what is the set of enabled users (rather than the contents of the ciphertext). In this work we provide the first lower bounds for the ciphertext size of private broadcast encryption. We first formulate various notions of privacy for broadcast encryption, (priv-eq, priv-st and priv-full) and classify them in terms of strength. We then show that any private broadcast encryption scheme in the sense of priv-eq (our weakest notion) that satisfies a simple structural condition we formalize and refer to as "atomic" is restricted to have ciphertexts of size Ω(s·k) where s is the cardinality of the set of the enabled users and k is the security parameter. We then present an atomic private broadcast encryption scheme with ciphertext size Θ(s·k) hence matching our lower bound that relies on key privacy of the underlying encryption. Our results translate to the setting priv-full privacy for a ciphertext size of Θ(n ·k) where n is the total number of users while relying only on KEM security. We finally consider arbitrary private broadcast encryption schemes and we show that in the priv-full privacy setting a lower-bound of Ω(n+k) for every ciphertext is imposed. This highlights the costs of privacy in the setting of broadcast encryption where much shorter ciphertexts have been previously attained with various constructions in the non-privacy setting.

Image encryption in the fractional-order domain

Abstract: This paper presents a new image encryption scheme based on the fractional-order Lorenz system which gives more degrees of freedom in key generation. In the modified fractional-order system, the key length is doubled using the three fractional-orde r parameters beside the three initial conditions, which makes it invulnerable to brute-force attacks. In addition, using a very simple algorithm, based on pixel confusion only, strongly encrypted images are produced. Such an algorithm can be used in real time applications. To evaluate the algorithm and analyze the encryption results, a standard image is used. A comparison of the colored correlation coefficients (horizontal, vertical, diagonal) for different cases with respect to a fractional-order parameter and another system parameter are introduced. Moreover, the encrypted image shows high sensitivity to the fractional-order key, which appears from the wrong decryption with 0.1% change of the fractional-order parameter.