CCA-Secure and Revocable Certificateless Encryption with Ciphertext Evolution

Abstract We study the problem of privacy-preserving approximate kNN search in an outsourced environment — the client sends the encrypted data to an untrusted server and later can perform secure approximate kNN search and updates. We design a security model and propose a generic construction based on locality-sensitive hashing, symmetric encryption, and an oblivious map. The construction provides very strong security guarantees, not only hiding the information about the data, but also the access, query, and volume patterns. We implement, evaluate efficiency, and compare the performance of two concrete schemes based on an oblivious AVL tree and an oblivious BSkiplist.

Download Full-text

A new certificateless multiple key agreement scheme

Discrete Mathematics Algorithms and Applications ◽

10.1142/s1793830917500021 ◽

2017 ◽

Vol 09 (01) ◽

pp. 1750002 ◽

Cited By ~ 1

Author(s):

Reza Alimoradi

Keyword(s):

Key Agreement ◽

Security Requirements ◽

Public Key ◽

Forward Secrecy ◽

Zero Knowledge ◽

Public Key Cryptosystems ◽

Security Properties ◽

Perfect Forward Secrecy ◽

Major Shortcoming ◽

Identity Based

Recently, by changing security requirements of computer networks, many public key schemes are introduced. One major shortcoming of identity-based cryptosystems is key screw. Certificateless public key cryptosystems were introduced to solve this problem. In this paper, a certificateless, public-key, multiple-key-agreement scheme will be offered which has some significant security properties such as perfect forward secrecy, strong security, and zero-knowledge proof. This scheme produces far more shared hidden keys per session in comparison with many existing schemes. In this paper, the security and the efficiency of the proposed scheme will be compared with some well-known current schemes.

Download Full-text

Revocable attribute-based proxy re-encryption

Journal of Mathematical Cryptology ◽

10.1515/jmc-2020-0039 ◽

2021 ◽

Vol 15 (1) ◽

pp. 465-482

Author(s):

Fucai Luo ◽

Saif Al-Kuwari

Keyword(s):

Cloud Storage ◽

Security Model ◽

Encrypted Data ◽

Practical Applications ◽

Access Policy ◽

Attribute Based Encryption ◽

The Standard Model ◽

Identity Based ◽

Learning With Errors ◽

Predicate Encryption

Abstract Attribute-based proxy re-encryption (ABPRE), which combines the notions of proxy re-encryption (PRE) and attribute-based encryption (ABE), allows a semi-trusted proxy with re-encryption key to transform a ciphertext under a particular access policy into a ciphertext under another access policy, without revealing any information about the underlying plaintext. This primitive is very useful in applications where encrypted data need to be stored in untrusted environments, such as cloud storage. In many practical applications, and in order to address scenarios where users misbehave or the re-encryption keys are compromised, an efficient revocation mechanism is necessary for ABPRE. Previously, revocation mechanism was considered in the settings of identity-based encryption (IBE), ABE, predicate encryption (PE), and broadcast PRE, but not ABPRE, which is what we set to do in this paper. We first formalize the concept of revocable ABPRE and its security model. Then, we propose a lattice-based instantiation of revocable ABPRE. Our scheme not only supports an efficient revocation mechanism but also supports polynomial-depth policy circuits and has short private keys, where the size of the keys is dependent only on the depth of the supported policy circuits. In addition, we prove that our scheme is selectively chosen-plaintext attack (CPA) secure in the standard model, based on the learning with errors assumption.

Download Full-text

Identity-based proxy signatures: a generic construction and a concrete scheme from RSA

Security and Communication Networks ◽

10.1002/sec.1284 ◽

2015 ◽

Vol 8 (18) ◽

pp. 3602-3614 ◽

Cited By ~ 1

Author(s):

Maryam Rajabzadeh Asaar ◽

Mahmoud Salmasizadeh ◽

Colin Boyd

Keyword(s):

Generic Construction ◽

Identity Based

Download Full-text

The generic construction of continuous leakage-resilient identity-based cryptosystems

Theoretical Computer Science ◽

10.1016/j.tcs.2018.11.019 ◽

2019 ◽

Vol 772 ◽

pp. 1-45 ◽

Cited By ~ 6

Author(s):

Yanwei Zhou ◽

Bo Yang ◽

Yi Mu

Keyword(s):

Generic Construction ◽

Leakage Resilient ◽

Identity Based

Download Full-text

Intrusion-resilient identity-based signatures: Concrete scheme in the standard model and generic construction

Information Sciences ◽

10.1016/j.ins.2018.02.045 ◽

2018 ◽

Vol 442-443 ◽

pp. 158-172 ◽

Cited By ~ 10

Author(s):

Jia Yu ◽

Rong Hao ◽

Hui Xia ◽

Hanlin Zhang ◽

Xiangguo Cheng ◽

...

Keyword(s):

Standard Model ◽

The Standard Model ◽

Generic Construction ◽

Identity Based

Download Full-text

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch027 ◽

2015 ◽

pp. 551-571

Author(s):

Prashant Kumar Patra ◽

Padma Lochan Pradhan

Keyword(s):

Risk Assessment ◽

Access Control ◽

Security Policy ◽

Security Requirements ◽

Management Policy ◽

Security Model ◽

Distributed Environment ◽

Web Portal ◽

Proposed Model ◽

The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Download Full-text

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

International Journal of Advanced Pervasive and Ubiquitous Computing ◽

10.4018/ijapuc.2013100104 ◽

2013 ◽

Vol 5 (4) ◽

pp. 41-62

Author(s):

Prashant Kumar Patra ◽

Padma Lochan Pradhan

Keyword(s):

Risk Assessment ◽

Access Control ◽

Security Policy ◽

Security Requirements ◽

Management Policy ◽

Security Model ◽

Distributed Environment ◽

Web Portal ◽

Proposed Model ◽

The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Download Full-text

Identity-Based Encryption Transformation for Flexible Sharing of Encrypted Data in Public Cloud

IEEE Transactions on Information Forensics and Security ◽

10.1109/tifs.2020.2985532 ◽

2020 ◽

Vol 15 ◽

pp. 3168-3180

Author(s):

Hua Deng ◽

Zheng Qin ◽

Qianhong Wu ◽

Zhenyu Guan ◽

Robert H. Deng ◽

...

Keyword(s):

Public Cloud ◽

Encrypted Data ◽

Identity Based Encryption ◽

Identity Based

Download Full-text

Secure Outsourcing Algorithms for Composite Modular Exponentiation Based on Single Untrusted Cloud

The Computer Journal ◽

10.1093/comjnl/bxz165 ◽

2020 ◽

Vol 63 (8) ◽

pp. 1271-1271

Author(s):

Qianqian Su ◽

Rui Zhang ◽

Rui Xue

Keyword(s):

Radio Frequency Identification ◽

Large Scale ◽

Low Cost ◽

Prime Numbers ◽

Modular Exponentiation ◽

Public Key Cryptosystems ◽

Rsa Algorithm ◽

Secure Outsourcing ◽

Frequency Identification ◽

Identity Based

Abstract Modular exponentiation, as a fundamental operation used in many public-key cryptosystems, has always be considered to be very time-consuming. It is difficult for some devices with limited computation capability, such as mobile devices and low-cost radio frequency identification (RFID) tags, to perform large-scale modular exponentiations. In cryptosystems, one typical case of modular exponentiation is that the modulus is a composite number. For instance, in RSA algorithm, the modulus is the product of two distinct prime numbers. In this paper, we investigate how to securely and efficiently outsource composite modular exponentiations and put forward two secure outsourcing algorithms for composite modular exponentiations based on single untrusted cloud. The first algorithm, named MCExp, is designed for outsourcing single composite modular exponentiation, i.e. $u^a$ mod $N$. The second algorithm, named SMCExp, is designed for outsourcing simultaneous composite modular exponentiation, i.e. $\prod ^{n}_{i=1}u^{a_i}_{i}$ mod $N$. Different from algorithms based on two untrusted servers, the proposed algorithms are very practical because they avoid the strong assumption that there must exist two servers without collusion. The proposed algorithms not only protect the privacy of the exponent and the base simultaneously, but also enable users to verify the correctness of the result returned by the cloud with high probability. Compared with using the square-and-multiply algorithm, the user can achieve higher efficiency by using the proposed algorithms. Besides, we prove the security of our algorithms and conduct several experiments to demonstrate the efficiency of the proposed algorithms. Finally, we show that the proposed algorithms can be used to construct the secure outsourcing algorithms for Shamir’s identity-based signature and identity-based multi-signature.

Download Full-text