Edge-Cloud-Assisted Multiuser Forward Secure Searchable Encryption (EMFSSE) Scheme in the P2P Networking Environment

P2P network enables users to share resources effectively. However, with the advent of the big data era, the sensitive data of users in P2P network are also increasing dramatically. In order to solve the contradiction between the huge amount of sensitive data and the limited local storage space, an increasing number of users choose to encrypt their sensitive data and store them in the cloud server. For the problem of the secure storage and flexible access of large amounts of user data in P2P networks, an edge-cloud-assisted multiuser forward secure searchable encryption scheme is proposed. The scheme uses the proxy reencryption technique to optimize the multiuser searchable encryption and prevent the decryption key from being directly transmitted between users. By introducing an edge-cloud architecture, the system achieves efficient communication and timely response capabilities. The security analysis proves that our scheme achieves the CPA (chosen-plaintext attack) security based on DBDH assumption and the forward privacy. Finally, the theoretical and experimental comparisons between this scheme and other schemes show that our scheme has high efficiency in the process of data update, search, and trapdoor generation. In addition, due to the use of edge-cloud architecture, our scheme reduces about 90% and 75% of the user’s consumption in the encryption and token generation process.

Download Full-text

Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage

Journal of Computer Science Research ◽

10.30564/jcsr.v2i2.1765 ◽

2020 ◽

Vol 2 (2) ◽

Author(s):

Suzanna Schmeelk ◽

Lixin Tao

Keyword(s):

Data Storage ◽

Program Analysis ◽

Web Application ◽

Security Analysis ◽

Knowledge Graph ◽

Healthcare Applications ◽

Sensitive Data ◽

Knowledge Graphs ◽

Mobile Malware Detection ◽

Software Assurance

Many organizations, to save costs, are movinheg to t Bring Your Own Mobile Device (BYOD) model and adopting applications built by third-parties at an unprecedented rate. Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection, mitigation, and prevention. This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project (OWASP). OWASP maintains lists of the top ten security threats to web and mobile applications. We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code. We analyze 200+ healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten moble threats, the threat of “Insecure Data Storage.” We find that many of the applications are storing personally identifying information (PII) in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.

Download Full-text

Privacy-Preserving Sorting Algorithms Based on Logistic Map for Clouds

Security and Communication Networks ◽

10.1155/2018/2373545 ◽

2018 ◽

Vol 2018 ◽

pp. 1-10

Author(s):

Hua Dai ◽

Hui Ren ◽

Zhiye Chen ◽

Geng Yang ◽

Xun Yi

Keyword(s):

Data Privacy ◽

Logistic Map ◽

Security Analysis ◽

Privacy Preserving ◽

Service Recommendation ◽

Sensitive Data ◽

Encrypted Data ◽

Sorting Algorithms ◽

Common Operation ◽

Cloud Servers

Outsourcing data in clouds is adopted by more and more companies and individuals due to the profits from data sharing and parallel, elastic, and on-demand computing. However, it forces data owners to lose control of their own data, which causes privacy-preserving problems on sensitive data. Sorting is a common operation in many areas, such as machine learning, service recommendation, and data query. It is a challenge to implement privacy-preserving sorting over encrypted data without leaking privacy of sensitive data. In this paper, we propose privacy-preserving sorting algorithms which are on the basis of the logistic map. Secure comparable codes are constructed by logistic map functions, which can be utilized to compare the corresponding encrypted data items even without knowing their plaintext values. Data owners firstly encrypt their data and generate the corresponding comparable codes and then outsource them to clouds. Cloud servers are capable of sorting the outsourced encrypted data in accordance with their corresponding comparable codes by the proposed privacy-preserving sorting algorithms. Security analysis and experimental results show that the proposed algorithms can protect data privacy, while providing efficient sorting on encrypted data.

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

R-OO-KASE: Revocable Online/Offline Key Aggregate Searchable Encryption

Data Science and Engineering ◽

10.1007/s41019-020-00136-y ◽

2020 ◽

Vol 5 (4) ◽

pp. 391-418

Author(s):

Mukti Padhya ◽

Devesh C. Jinwala

Keyword(s):

Radio Frequency Identification ◽

Keyword Search ◽

Electrical Power ◽

Computational Cost ◽

Security Analysis ◽

Searchable Encryption ◽

Resource Constrained ◽

Encryption Decryption ◽

Resource Constrained Devices ◽

Constrained Devices

Abstract The existing Key Aggregate Searchable Encryption (KASE) schemes allow searches on the encrypted dataset using a single query trapdoor, with a feature to delegate the search rights of multiple files using a constant size key. However, the operations required to generate the ciphertext and decrypt it in these schemes incur higher computational costs, due to the computationally expensive pairing operations in encryption/decryption. This makes the use of such schemes in resource-constrained devices, such as Radio Frequency Identification Devices, Wireless Sensor Network nodes, Internet of Things nodes, infeasible. Motivated with the goal to reduce the computational cost, in this paper, we propose a Revocable Online/Offline KASE (R-OO-KASE) scheme, based on the idea of splitting the encryption/decryption operations into two distinct phases: online and offline. The offline phase computes the majority of costly operations when the device is on an electrical power source. The online phase generates final output with the minimal computational cost when the message (or ciphertext) and keywords become known. In addition, the proposed scheme R-OO-KASE also offers multi-keyword search capability and allows the data owners to revoke the delegated rights at any point in time, the two features are not supported in the existing schemes. The security analysis and empirical evaluations show that the proposed scheme is efficient to use in resource-constrained devices and provably secure as compared to the existing KASE schemes.

Download Full-text

Research of Android Platform Application Based on HTML5

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.651-653.1901 ◽

2014 ◽

Vol 651-653 ◽

pp. 1901-1904

Author(s):

Xian Wei Li

Keyword(s):

Data Storage ◽

Computer Technology ◽

High Efficiency ◽

Rapid Development ◽

Management Information ◽

Development Environment ◽

Android Platform ◽

User Data ◽

Realization Process ◽

Application Module

In the society with the rapid development and popularization of computer technology, the management information system has become the hot field of software development. It runs stably in the browsers, like IE6, IE7, IE8, IE9 and FireFox, with high efficiency, sound security, friendly interface and simple operation. It has done research on the design and realization process of HTML5 off-line data storage on the Android platform. Under the Eclipse integrated development environment, with Android SDK and HTML5 grammar, develop the system, which realize the functions of off-line storage, addition, deletion and modification of user data. It enables the application of HTML5 of Android platform and has made detailed analysis on the Android platform and HTML5 application module. The result indicates, the webpage application design of HTML5 conducted on the Android platform, is simple and fast, which can better meet the demand of Android cellphone users.

Download Full-text

Efficient verifiable fuzzy keyword search over encrypted data in cloud computing

Computer Science and Information Systems ◽

10.2298/csis121104028w ◽

2013 ◽

Vol 10 (2) ◽

pp. 667-684 ◽

Cited By ~ 54

Author(s):

Jianfeng Wang ◽

Hua Ma ◽

Qiang Tang ◽

Jin Li ◽

Hui Zhu ◽

...

Keyword(s):

Cloud Computing ◽

Keyword Search ◽

Efficiency Analysis ◽

Sensitive Data ◽

Encrypted Data ◽

Proposed Model ◽

Cloud Server ◽

Encryption Schemes ◽

User Data ◽

Fuzzy Keyword Search

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud by users. To maintain the confidentiality of sensitive user data against untrusted servers, the data should be encrypted before they are uploaded. However, this raises a new challenge for performing search over the encrypted data efficiently. Although the existing searchable encryption schemes allow a user to search the encrypted data with confidentiality, these solutions cannot support the verifiability of searching result. We argue that a cloud server may be selfish in order to save its computation ability or bandwidth. For example, it may execute only a fraction of the search and returns part of the searching result. In this paper, we propose a new verifiable fuzzy keyword search scheme based on the symbol-tree which not only supports the fuzzy keyword search, but also enjoys the verifiability of the searching result. Through rigorous security and efficiency analysis, we show that our proposed scheme is secure under the proposed model, while correctly and efficiently realizing the verifiable fuzzy keyword search. The extensive experimental results demonstrate the efficiency of the proposed scheme.

Download Full-text

A Layered Searchable Encryption Scheme with Functional Components Independent of Encryption Methods

The Scientific World JOURNAL ◽

10.1155/2014/153791 ◽

2014 ◽

Vol 2014 ◽

pp. 1-16 ◽

Cited By ~ 2

Author(s):

Guangchun Luo ◽

Ningduo Peng ◽

Ke Qin ◽

Aiguo Chen

Keyword(s):

Range Query ◽

Searchable Encryption ◽

Sensitive Data ◽

Keyword Query ◽

Loosely Coupled ◽

The Core ◽

Symmetric Scheme ◽

Scope Of Application ◽

Functional Components ◽

Structure And Functions

Searchable encryption technique enables the users to securely store and search their documents over the remote semitrusted server, which is especially suitable for protecting sensitive data in the cloud. However, various settings (based on symmetric or asymmetric encryption) and functionalities (ranked keyword query, range query, phrase query, etc.) are often realized by different methods with different searchable structures that are generally not compatible with each other, which limits the scope of application and hinders the functional extensions. We prove that asymmetric searchable structure could be converted to symmetric structure, and functions could be modeled separately apart from the core searchable structure. Based on this observation, we propose a layered searchable encryption (LSE) scheme, which provides compatibility, flexibility, and security for various settings and functionalities. In this scheme, the outputs of the core searchable component based on either symmetric or asymmetric setting are converted to some uniform mappings, which are then transmitted to loosely coupled functional components to further filter the results. In such a way, all functional components could directly support both symmetric and asymmetric settings. Based on LSE, we propose two representative and novel constructions for ranked keyword query (previously only available in symmetric scheme) and range query (previously only available in asymmetric scheme).

Download Full-text

Security analysis of linearly filtered NLFSRs

Journal of Mathematical Cryptology ◽

10.1515/jmc-2013-5009 ◽

2013 ◽

Vol 7 (4) ◽

pp. 313-332 ◽

Cited By ~ 3

Author(s):

Mohammad Ali Orumiehchiha ◽

Josef Pieprzyk ◽

Ron Steinfeld ◽

Harry Bartlett

Keyword(s):

Linear Combination ◽

Mobile Communication ◽

Stream Cipher ◽

High Efficiency ◽

Security Analysis ◽

Linear Feedback ◽

Attractive Feature ◽

Key Recovery ◽

Distinguishing Attack ◽

Feedback Shift Register

Abstract. Non-linear feedback shift register (NLFSR) ciphers are cryptographic tools of choice of the industry especially for mobile communication. Their attractive feature is a high efficiency when implemented in hardware or software. However, the main problem of NLFSR ciphers is that their security is still not well investigated. The paper makes a progress in the study of the security of NLFSR ciphers. In particular, we show a distinguishing attack on linearly filtered NLFSR (or LF-NLFSR) ciphers. We extend the attack to a linear combination of LF-NLFSRs. We investigate the security of a modified version of the Grain stream cipher and show its vulnerability to both key recovery and distinguishing attacks.

Download Full-text

A Study of Practical Proxy Reencryption with a Keyword Search Scheme considering Cloud Storage Structure

The Scientific World JOURNAL ◽

10.1155/2014/615679 ◽

2014 ◽

Vol 2014 ◽

pp. 1-10

Author(s):

Sun-Ho Lee ◽

Im-Yeong Lee

Keyword(s):

Cloud Storage ◽

Keyword Search ◽

Storage Systems ◽

Searchable Encryption ◽

Digital Information ◽

Storage Medium ◽

Data Outsourcing ◽

Collusion Attacks ◽

Storage Limit ◽

Local Storage

Data outsourcing services have emerged with the increasing use of digital information. They can be used to store data from various devices via networks that are easy to access. Unlike existing removable storage systems, storage outsourcing is available to many users because it has no storage limit and does not require a local storage medium. However, the reliability of storage outsourcing has become an important topic because many users employ it to store large volumes of data. To protect against unethical administrators and attackers, a variety of cryptography systems are used, such as searchable encryption and proxy reencryption. However, existing searchable encryption technology is inconvenient for use in storage outsourcing environments where users upload their data to be shared with others as necessary. In addition, some existing schemes are vulnerable to collusion attacks and have computing cost inefficiencies. In this paper, we analyze existing proxy re-encryption with keyword search.

Download Full-text

Verifiable Location-Encrypted Spatial Aggregation Computing for Mobile Crowd Sensing

Security and Communication Networks ◽

10.1155/2021/6654539 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Kun Niu ◽

Changgen Peng ◽

Weijie Tan ◽

Zhou Zhou ◽

Yi Xu

Keyword(s):

Privacy Protection ◽

Spatial Information ◽

Homomorphic Encryption ◽

Security Analysis ◽

Spatial Aggregation ◽

Mobile Crowd Sensing ◽

Sensitive Data ◽

Sensing Data ◽

Crowd Sensing ◽

Mobile Crowd

Benefiting from the development of smart urban computing, the mobile crowd sensing (MCS) network has emerged as momentous communication technology to sense and collect data. The users upload data for specific sensing tasks, and the server completes the aggregation analysis and submits to the sensing platform. However, users’ privacy may be disclosed, and aggregate results may be unreliable. Those are challenges in the trust computation and privacy protection, especially for sensitive data aggregation with spatial information. To address these problems, a verifiable location-encrypted spatial aggregation computing (LeSAC) scheme is proposed for MCS privacy protection. In order to solve the spatial domain distributed user ciphertext computing, firstly, we propose an enhanced-distance-based interpolation calculation scheme, which participates in delegate evaluator based on Paillier homomorphic encryption. Then, we use aggregation signature of the sensing data to ensure the integrity and security of the data. In addition, security analysis indicates that the LeSAC can achieve the IND-CPA indistinguishability semantic security. The efficiency analysis and simulation results demonstrate the communication and computation overhead of the LeSAC. Meanwhile, we use the real environment sensing data sets to verify availability of proposed scheme, and the loss of accuracy (global RMSE) is only less than 5%, which can meet the application requirements.

Download Full-text