Showing papers on "Plaintext-aware encryption published in 2013"

Batch Fully Homomorphic Encryption over the Integers

Abstract: We extend the fully homomorphic encryption scheme over the integers of van Dijk et al.(DGHV) into a batch fully homomorphic encryption scheme, i.e. to a scheme that supports encrypting and homomorphically processing a vector of plaintexts as a single ciphertext.

Secure Integration of Asymmetric and Symmetric Encryption Schemes

Abstract: This paper presents a generic conversion from weak asymmetric and symmetric encryption schemes to an asymmetric encryption scheme that is chosen-ciphertext secure in the random oracle model. Our conversion is the first generic transformation from an arbitrary one-way asymmetric encryption scheme to a chosen-ciphertext secure asymmetric encryption scheme in the random oracle model.

On the Achievability of Simulation-Based Security for Functional Encryption

Abstract: This work attempts to clarify to what extent simulation-based security (SIM-security) is achievable for functional encryption (FE) and its relation to the weaker indistinguishability-based security (IND-security). Our main result is a compiler that transforms any FE scheme for the general circuit functionality (which we denote by Circuit-FE) meeting indistinguishability-based security (IND-security) to a Circuit-FE scheme meeting SIM-security, where:

Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption

Abstract: We put forward a new notion, function privacy, in identity-based encryption and, more generally, in functional encryption. Intuitively, our notion asks that decryption keys reveal essentially no information on their corresponding identities, beyond the absolute minimum necessary. This is motivated by the need for providing predicate privacy in public-key searchable encryption. Formalizing such a notion, however, is not straightforward as given a decryption key it is always possible to learn some information on its corresponding identity by testing whether it correctly decrypts ciphertexts that are encrypted for specific identities.

Message-Locked Encryption for Lock-Dependent Messages

Abstract: Motivated by the problem of avoiding duplication in storage systems, Bellare, Keelveedhi, and Ristenpart have recently put forward the notion of Message-Locked Encryption (MLE) schemes which subsumes convergent encryption and its variants. Such schemes do not rely on permanent secret keys, but rather encrypt messages using keys derived from the messages themselves.

Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products

Abstract: Predicate encryption is a new paradigm for public-key encryption that generalizes identity-based encryption and more. In predicate encryption, secret keys correspond to predicates and ciphertexts are associated with attributes; the secret key SK f corresponding to a predicate f can be used to decrypt a ciphertext associated with attribute I if and only if f(I)=1. Constructions of such schemes are currently known only for certain classes of predicates. We construct a scheme for predicates corresponding to the evaluation of inner products over ? N (for some large integer N). This, in turn, enables constructions in which predicates correspond to the evaluation of disjunctions, polynomials, CNF/DNF formulas, thresholds, and more. Besides serving as a significant step forward in the theory of predicate encryption, our results lead to a number of applications that are interesting in their own right.

Attribute-Based functional encryption on lattices

Abstract: We introduce a broad lattice manipulation technique for expressive cryptography, and use it to realize functional encryption for access structures from post-quantum hardness assumptions. Specifically, we build an efficient key-policy attribute-based encryption scheme, and prove its security in the selective sense from learning-with-errors intractability in the standard model.

Simple Matrix Scheme for Encryption

Abstract: There are several attempts to build asymmetric pubic key encryption schemes based on multivariate polynomials of degree two over a finite field. However, most of them are insecure. The common defect in many of them comes from the fact that certain quadratic forms associated with their central maps have low rank, which makes them vulnerable to the MinRank attack. We propose a new simple and efficient multivariate pubic key encryption scheme based on matrix multiplication, which does not have such a low rank property. The new scheme will be called Simple Matrix Scheme or ABC in short. We also propose some parameters for practical and secure implementation.

Practical Chosen Ciphertext Secure Encryption from Factoring

Abstract: We propose a practical public-key encryption scheme whose security against chosen-ciphertext attacks can be reduced in the standard model to the assumption that factoring is intractable.

Efficient cryptosystems from 2k-th power residue symbols

Abstract: Goldwasser and Micali (1984) highlighted the importance of randomizing the plaintext for public-key encryption and introduced the notion of semantic security. They also realized a cryptosystem meeting this security notion under the standard complexity assumption of deciding quadratic residuosity modulo a composite number. The Goldwasser-Micali cryptosystem is simple and elegant but is quite wasteful in bandwidth when encrypting large messages. A number of works followed to address this issue and proposed various modifications.

Amplitude-phase retrieval attack free cryptosystem based on direct attack to phase-truncated Fourier-transform-based encryption using a random amplitude mask.

Abstract: We propose a simple amplitude-phase retrieval attack free cryptosystem based on direct attack to phase-truncated Fourier-transform-based encryption using a random amplitude mask (RAM). The RAM that is not saved during the encryption provides extremely high security for the two private keys, and no iterative calculations are involved in the nonlinear encryption process. Lack of enough constraints makes the specific attack based on iterative amplitude-phase retrieval algorithms unusable. Numerical simulation results are given for testing the validity and security of the proposed approach.

Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better Efficiency

Abstract: Revocation and key evolving paradigms are central issues in cryptography, and in PKI in particular. A novel concern related to these areas was raised in the recent work of Sahai, Seyalioglu, and Waters Crypto 2012 who noticed that revoking past keys should at times e.g., the scenario of cloud storage be accompanied by revocation of past ciphertexts to prevent unread ciphertexts from being read by revoked users. They introduced revocable-storage attribute-based encryption RS-ABE as a good access control mechanism for cloud storage. RS-ABE protects against the revoked users not only the future data by supporting key-revocation but also the past data by supporting ciphertext-update, through which a ciphertext at time T can be updated to a new ciphertext at time Ti¾?+i¾?1 using only the public key. Motivated by this pioneering work, we ask whether it is possible to have a modular approach, which includes a primitive for time managed ciphertext update as a primitive. We call encryption which supports this primitive a "self-updatable encryption" SUE. We then suggest a modular cryptosystems design methodology based on three sub-components: a primary encryption scheme, a key-revocation mechanism, and a time-evolution mechanism which controls the ciphertext self-updating via an SUE method, coordinated with the revocation when needed. Our goal in this is to allow the self-updating ciphertext component to take part in the design of new and improved cryptosystems and protocols in a flexible fashion. Specifically, we achieve the following results:

Cryptanalysis of a parallel sub-image encryption method with high-dimensional chaos

Abstract: Recently, a parallel sub-image encryption method with high-dimensional chaos has been proposed. But there is a fatal flaw in the cryptosystem that the generated keystream remains unchanged when encrypting every image. Based on this point, we could recover the plaintext by applying chosen plaintext attack. Therefore the proposed cryptosystem is not supposed to be used in image transmission system. Experimental results show the feasibility of our attack.

Expressive search on encrypted data

Abstract: Different from the traditional public key encryption, searchable public key encryption allows a data owner to encrypt his data under a user's public key in such a way that the user can generate search token keys using her secret key and then query an encryption storage server. On receiving such a search token key, the server filters all or related stored encryptions and returns matched ones as response.Searchable pubic key encryption has many promising applications. Unfortunately, existing schemes either only support simple query predicates, such as equality queries and conjunctive queries, or have a superpolynomial blowup in ciphertext size and search token key size.In this paper, based on the key-policy attribute-based encryption scheme proposed by Lewko et al. recently, we present a new construction of searchable public key encryption. Compared to previous works in this field, our construction is much more expressive and efficient and is proven secure in the standard model.

Colour image encryption based on advanced encryption standard algorithm with two-dimensional chaotic map

Abstract: In this study, a novel scheme of advanced encryption standard (AES) is proposed. Its independent round key is generated by the two-dimensional (2D) Henon map and the 2D Chebyshev map. The goal is to improve the low security and conquer the defect of the traditional AES algorithm. Then, the improved algorithm is used to encrypt colour image, and the result shows that the encryption algorithm has better security by cryptanalysis.

Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks

Abstract: Leakage-resilient public key encryption (PKE) schemes are designed to resist "memory attacks", i.e., the adversary recovers the cryptographic key in the memory adaptively, but subject to constraint that the total amount of leaked information about the key is bounded by some parameter λ. Among all the IND-CCA2 leakage-resilient PKE proposals, the leakage-resilient version of the Cramer-Shoup cryptosystem (CS-PKE), referred to as the KL-CS-PKE scheme proposed by Naor and Segev in Crypto09, is the most practical one. But, the key leakage parameter λ and plaintext length m of KL-CS-PKE are subject to λ+m≤logq−ω(logκ), where κ is security parameter and q is the prime order of the group on which the scheme is based. Such a dependence between λ and m is undesirable. For example, when λ (resp., m) approaches to logq, m (resp., λ) approaches to 0. In this paper, we designed a new variant of CS-PKE that is resilient to key leakage chosen ciphertext attacks. Our proposal is λ≤logq−ω(logκ) leakage-resilient, and the leakage parameter λ is independent of the plaintext space that has the constant size q (exactly the same as that in CS-PKE). The performance of our proposal is almost as efficient as the original CS-PKE. As far as we know, this is the first leakage-resilient CS-type cryptosystem whose plaintext length is independent of the key leakage parameter, and is also the most efficient IND-CCA2 PKE scheme resilient to up to logq−ω(logκ) leakage.

A New Approach to Partial Image Encryption

Abstract: The traffic of digital images and video has grown rapidly in the internet. Security becomes important for several applications like military image database, confidential video conferencing, medical images, etc. Several techniques have been developed for textual data but are not appropriate for images and video with huge amount of file size. In traditional image and video content protection schemes, called fully layered, the whole content is first compressed. Then, the compressed bitstream is entirely encrypted using a standard cipher. The specific characteristics of this kind of data make standard encryption algorithms inadequate. Partial encryption is a recent approach to reduce the encryption time of images in distributed network. Partial image encryption is used to reduce the amount of data to encrypt while achieving a sufficient and inexpensive security. The proposed approach involves two ways, the first is by pixel value manipulation and other second is by using SCAN mapping method. The PSNR comparison of proposed technique with the existing partial image encryption techniques shows that proposed technique gives better security than the existing techniques.

Function Private Functional Encryption and Property Preserving Encryption : New Definitions and Positive Results.

Abstract: This work furthers the exploration of meaningful definitions for security of Functional Encryption. We propose new simulation based definitions for function privacy in addition to data privacy and study their achievability. In addition, we improve efficiency/ underlying assumptions/ security achieved by existing inner product Functional Encryption and Property Preserving Encryption schemes, in both the private and public key setting. Our results can be summarized as follows: • We present a new simulation based definition, which we call Relax-AD-SIM, that lies between simulation based (SIM) and indistinguishability based (IND) definitions for data privacy, and implies the function privacy definition of [BRS13a]. Our definition relaxes the requirements on the simulator to bypass impossibility of SIM in the standard model. We show that the inner product FE scheme of [KSW08] enjoys Relax-AD-SIM security for function hiding and the inner product FE scheme of [LOS10] enjoys Relax-AD-SIM security for data hiding. • We study whether known impossibilities for achieving strong SIM based security imply actual real world attacks. For this, we present a new UC-style SIM based definition of security that captures both data and function hiding, both public key and symmetric key settings and represents the “dream” security of FE. While known impossibilities rule out its achievability in the standard model, we show, surprisingly, that it can be achieved in the generic group model for Inner Product FE ([KSW08]). This provides evidence that FE implementations may enjoy extremely strong security against a large class of real world attacks, namely generic attacks. It also implies a program obfuscator for the inner product functionality in the generic group model, which is related to the hyperplane-membership obfuscator of [CRV10]. • We provide several improvements to known constructions of Inner Product FE. In the private key setting, the construction by Shen et al. was based on non-standard assumptions, used composite order groups, and only achieved selective security. We give the first construction of a symmetric key inner product FE which is built using prime order groups, and is fully secure under the standard DLIN assumption. Our scheme is more efficient in the size of key and ciphertext than [SSW09], when the latter is converted to prime-order groups. We also port the public key inner product scheme of [KSW08] to prime order groups. • We give the first standard model construction of a property preserving encryption (PPE) scheme [PR12] for inner-products. Our scheme is secure under the DLIN assumption and satisfies the strongest definition of security – Left-or-Right security. Note that previously known constructions were only known to be secure in the generic group model. ∗UIUC. Email: sagrawl2@illinois.edu. †I.I.T, Delhi. Email: shweta.a@gmail.com. ‡UIUC. Email: bsaikrishna7393@gmail.com. §UCLA Email: abishekk@cs.ucla.edu. ¶UIUC. Email: manojmp@gmail.com. ‖UCLA Email: sahai@cs.ucla.edu.

Improvement of an image encryption algorithm based on hyper-chaos

Abstract: In this paper, we propose to enhance a recently proposed image cryptosystem based on hyper-chaos. The updated version has been builded to resist against attacks made to break the original one and to make it faster. The modification concerns the two Boxes, P-Box and S-Box, which composed the original cryptosystem. Compared with classical encryption schemes, AES and Triple-DES, the new version of the cipher shows a better performances in rapidity, in confusion and in the key sensitivity.

Modified RSA cryptosystem based on offline storage and prime number

Abstract: The most common public key algorithm is RSA cryptosystem used for encryption and decryption. It is the first public key algorithm which provides security to transfer and saving of data over the network. In RSA cryptosystem there is less security and time of computation is still lengthy. This paper suggest a new algorithm concept to presents the modified form of RSA algorithm in order to speed up the implementation of RSA algorithm during data exchange across the network. This includes the architectural design and enhanced form of RSA algorithm through the use of third prime number in order to make a modulus n which is not easily decomposable by intruders. A database system is used to store the key parameters of RSA cryptosystem before it starts the algorithm. The proposed RSA method is compared with the original RSA method by some theoretical aspects. Comparative results provide better security with proposed algorithm.

On the Relationship between Functional Encryption, Obfuscation, and Fully Homomorphic Encryption

Abstract: We investigate the relationship between Functional Encryption FE and Fully Homomorphic Encryption FHE, demonstrating that, under certain assumptions, a Functional Encryption scheme supporting evaluation on two ciphertexts implies Fully Homomorphic Encryption. We first introduce the notion of Randomized Functional Encryption RFE, a generalization of Functional Encryption dealing with randomized functionalities of interest in its own right, and show how to construct an RFE from a standard semantically secure FE. For this we define the notion of entropically secure FE and use it as an intermediary step in the construction. Finally we show that RFEs constructed in this way can be used to construct FHE schemes thereby establishing a relation between the FHE and FE primitives. We conclude the paper by recasting the construction of RFE schemes in the context of obfuscation.

Breaking and improving an image encryption scheme based on total shuffling scheme

Abstract: This paper proposes breaks for the total shuffling scheme adopted in the skew tent-map-based image cryptosystem. By applying chosen plaintext combined with chosen ciphertext attack, we demonstrate that a hacker can determine the permutation vector and the whole random code sequence used respectively in permutation and diffusion procedure, which can be exploited to reveal the plain image. Then we proposed an improved algorithm based on the skew tent map. The theoretical analysis and experimental results indicate that the improved algorithm can overcome these flaws and has better cryptographic performances in resisting against chosen plaintext and chosen ciphertext attacks, randomness, and sensitivity.

An efficient image homomorphic encryption scheme with small ciphertext expansion

Abstract: The field of image processing in the encrypted domain has been given increasing attention for the extensive potential applications, for example, providing efficient and secure solutions for privacy-preserving applications in untrusted environment. One obstacle to the widespread use of these techniques is the ciphertext expansion of high orders of magnitude caused by the existing homomorphic encryptions. In this paper, we provide a way to tackle this issue for image processing in the encrypted domain. By using characteristics of image format, we develop an image encryption scheme to limit ciphertext expansion while preserving the homomorphic property. The proposed encryption scheme first encrypts image pixels with an existing probabilistic homomorphic cryptosystem, and then compresses the whole encrypted image in order to save storage space. Our scheme has a much smaller ciphertext expansion factor compared with the element-wise encryption scheme, while preserving the homomorphic property. It is not necessary to require additional interactive protocols when applying secure signal processing tools to the compressed encrypted image. We present a fast algorithm for the encryption and the compression of the proposed image encryption scheme, which speeds up the computation and makes our scheme much more efficient. The analysis on the security, ciphertext expansion ratio, and computational complexity are also conducted. Our experiments demonstrate the validity of the proposed algorithms. The proposed scheme is suitable to be employed as an image encryption method for the applications in secure image processing.

An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length

Abstract: There is an acceleration of adoption of cloud computing among enterprises. However, moving the infrastructure and sensitive data from trusted domain of the data owner to public cloud will pose severe security and privacy risks. Attribute-based encryption (ABE) is a new cryptographic primitive which provides a promising tool for addressing the problem of secure and fine-grained data sharing and decentralized access control. Key-policy attribute-based encryption (KP-ABE) is an important type of ABE, which enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most existing KP-ABE scheme, the ciphertext size grows linearly with the number of attributes embedded in ciphertext. In this paper, we propose a new KP-ABE construction with constant ciphertext size. In our construction, the access policy can be expressed as any monotone access structure. Meanwhile, the ciphertext size is independent of the number of ciphertext attributes, and the number of bilinear pairing evaluations is reduced to a constant. We prove that our scheme is semantically secure in the selective-set model based on the general Diffie-Hellman exponent assumption.

A hybrid cryptosystem based on vigenère cipher and columnar transposition cipher

Abstract: Privacy is one of the key issues addressed by information Security. Through cryptographic encryption methods, one can prevent a third party from understanding transmitted raw data over unsecured channel during signal transmission. The cryptographic methods for enhancing the security of digital contents have gained high significance in the current era. Breach of security and misuse of confidential information that has been intercepted by unauthorized parties are key problems that information security tries to solve. This paper sets out to contribute to the general body of knowledge in the area of classical cryptography by developing a new hybrid way of encryption of plaintext. The cryptosystem performs its encryption by encrypting the plaintext using columnar transposition cipher and further using the ciphertext to encrypt the plaintext again using Vigenere cipher. At the end, cryptanalysis was performed on the ciphertext. The implementation will be done using java programming.

On the Semantic Security of Functional Encryption Schemes

Abstract: Functional encryption (FE) is a powerful cryptographic primitive that generalizes many asymmetric encryption systems proposed in recent years. Syntax and security definitions for FE were proposed by Boneh, Sahai, and Waters (BSW) (TCC 2011) and independently by O’Neill (ePrint 2010/556). In this paper we revisit these definitions, identify several shortcomings in them, and propose a new definitional approach that overcomes these limitations. Our definitions display good compositionality properties and allow us to obtain new feasibility and impossibility results for adaptive token-extraction attack scenarios that shed further light on the potential reach of general FE for practical applications.

Security analysis of an image encryption algorithm based on chaos and DNA encoding

Abstract: Chaos and cryptography have some common features. Due to the close relationship, researchers try to combine the chaotic system with cryptosystem. Despite the many proposals that use various methods in the design of encryption algorithms, there is a definite need for a mathematically rigorous cryptanalysis of these designs. In this study, we analyze the security weaknesses of an image encryption algorithm based on DNA encoding and chaos. By applying chosen-plaintext attacks, we show that all the secret parameters can be revealed.