A Huffman-Based Joint Compression and Encryption Scheme for Secure Data Storage Using Physical Unclonable Functions

With the developments of Internet of Things (IoT) and cloud-computing technologies, cloud servers need storage of a huge volume of IoT data with high throughput and robust security. Joint Compression and Encryption (JCAE) scheme based on Huffman algorithm has been regarded as a promising technology to enhance the data storage method. Existing JCAE schemes still have the following limitations: (1) The keys in the JCAE would be cracked by physical and cloning attacks; (2) The rebuilding of Huffman tree reduces the operational efficiency; (3) The compression ratio should be further improved. In this paper, a Huffman-based JCAE scheme using Physical Unclonable Functions (PUFs) is proposed. It provides physically secure keys with PUFs, efficient Huffman tree mutation without rebuilding, and practical compression ratio by combining the Lempel-Ziv and Welch (LZW) algorithm. The performance of the instanced PUFs and the derived keys was evaluated. Moreover, our scheme was demonstrated in a file protection system with the average throughput of 473Mbps and the average compression ratio of 0.5586. Finally, the security analysis shows that our scheme resists physical and cloning attacks as well as several classic attacks, thus improving the security level of existing data protection methods.

Download Full-text

Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage

Journal of Computer Science Research ◽

10.30564/jcsr.v2i2.1765 ◽

2020 ◽

Vol 2 (2) ◽

Author(s):

Suzanna Schmeelk ◽

Lixin Tao

Keyword(s):

Data Storage ◽

Program Analysis ◽

Web Application ◽

Security Analysis ◽

Knowledge Graph ◽

Healthcare Applications ◽

Sensitive Data ◽

Knowledge Graphs ◽

Mobile Malware Detection ◽

Software Assurance

Many organizations, to save costs, are movinheg to t Bring Your Own Mobile Device (BYOD) model and adopting applications built by third-parties at an unprecedented rate. Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection, mitigation, and prevention. This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project (OWASP). OWASP maintains lists of the top ten security threats to web and mobile applications. We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code. We analyze 200+ healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten moble threats, the threat of “Insecure Data Storage.” We find that many of the applications are storing personally identifying information (PII) in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.

Download Full-text

E-ART: A New Encryption Algorithm Based on the Reflection of Binary Search Tree

Cryptography ◽

10.3390/cryptography5010004 ◽

2021 ◽

Vol 5 (1) ◽

pp. 4

Author(s):

Bayan Alabdullah ◽

Natalia Beloff ◽

Martin White

Keyword(s):

Data Storage ◽

Statistical Tests ◽

Data Encryption ◽

Search Tree ◽

Binary Search ◽

Binary Search Tree ◽

Security Level ◽

Avalanche Effect ◽

High Security Level ◽

Tree Data Structure

Data security has become crucial to most enterprise and government applications due to the increasing amount of data generated, collected, and analyzed. Many algorithms have been developed to secure data storage and transmission. However, most existing solutions require multi-round functions to prevent differential and linear attacks. This results in longer execution times and greater memory consumption, which are not suitable for large datasets or delay-sensitive systems. To address these issues, this work proposes a novel algorithm that uses, on one hand, the reflection property of a balanced binary search tree data structure to minimize the overhead, and on the other hand, a dynamic offset to achieve a high security level. The performance and security of the proposed algorithm were compared to Advanced Encryption Standard and Data Encryption Standard symmetric encryption algorithms. The proposed algorithm achieved the lowest running time with comparable memory usage and satisfied the avalanche effect criterion with 50.1%. Furthermore, the randomness of the dynamic offset passed a series of National Institute of Standards and Technology (NIST) statistical tests.

Download Full-text

Privacy-Preserving Sorting Algorithms Based on Logistic Map for Clouds

Security and Communication Networks ◽

10.1155/2018/2373545 ◽

2018 ◽

Vol 2018 ◽

pp. 1-10

Author(s):

Hua Dai ◽

Hui Ren ◽

Zhiye Chen ◽

Geng Yang ◽

Xun Yi

Keyword(s):

Data Privacy ◽

Logistic Map ◽

Security Analysis ◽

Privacy Preserving ◽

Service Recommendation ◽

Sensitive Data ◽

Encrypted Data ◽

Sorting Algorithms ◽

Common Operation ◽

Cloud Servers

Outsourcing data in clouds is adopted by more and more companies and individuals due to the profits from data sharing and parallel, elastic, and on-demand computing. However, it forces data owners to lose control of their own data, which causes privacy-preserving problems on sensitive data. Sorting is a common operation in many areas, such as machine learning, service recommendation, and data query. It is a challenge to implement privacy-preserving sorting over encrypted data without leaking privacy of sensitive data. In this paper, we propose privacy-preserving sorting algorithms which are on the basis of the logistic map. Secure comparable codes are constructed by logistic map functions, which can be utilized to compare the corresponding encrypted data items even without knowing their plaintext values. Data owners firstly encrypt their data and generate the corresponding comparable codes and then outsource them to clouds. Cloud servers are capable of sorting the outsourced encrypted data in accordance with their corresponding comparable codes by the proposed privacy-preserving sorting algorithms. Security analysis and experimental results show that the proposed algorithms can protect data privacy, while providing efficient sorting on encrypted data.

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Video Data Integrity Verification Method Based on Full Homomorphic Encryption in Cloud System

International Journal of Digital Multimedia Broadcasting ◽

10.1155/2018/7543875 ◽

2018 ◽

Vol 2018 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Ruoshui Liu ◽

Jianghui Liu ◽

Jingjie Zhang ◽

Moli Zhang

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Homomorphic Encryption ◽

Data Integrity ◽

Video Data ◽

Verification Method ◽

Whole Process ◽

Integrity Checking ◽

Verification Methods ◽

Cloud Servers

Cloud computing is a new way of data storage, where users tend to upload video data to cloud servers without redundantly local copies. However, it keeps the data out of users' hands which would conventionally control and manage the data. Therefore, it becomes the key issue on how to ensure the integrity and reliability of the video data stored in the cloud for the provision of video streaming services to end users. This paper details the verification methods for the integrity of video data encrypted using the fully homomorphic crytosystems in the context of cloud computing. Specifically, we apply dynamic operation to video data stored in the cloud with the method of block tags, so that the integrity of the data can be successfully verified. The whole process is based on the analysis of present Remote Data Integrity Checking (RDIC) methods.

Download Full-text

Cloud Computing: Data Storage Security Analysis and its Challenges

International Journal of Computer Applications ◽

10.5120/12216-8359 ◽

2013 ◽

Vol 70 (24) ◽

pp. 33-37 ◽

Cited By ~ 1

Author(s):

Navdeep Aggarwal ◽

Parshant Tyagi ◽

Bhanu P. Dubey ◽

Emmanuel S. Pilli

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Security Analysis ◽

Storage Security

Download Full-text

GIF IMAGE HARDWARE COMPRESSORS

Information, Computing and Intelligent systems ◽

10.20535/2708-4930.2.2021.244189 ◽

2021 ◽

Author(s):

Ivan Mozghovyi ◽

Anatoliy Sergiyenko ◽

Roman Yershov

Keyword(s):

Data Compression ◽

Data Storage ◽

High Speed ◽

Data Transfer ◽

Future Research ◽

Volume Data ◽

High Speed Data ◽

Lzw Algorithm ◽

And Storage ◽

Speed Data Transmission

Increasing requirements for data transfer and storage is one of the crucial questions now. There are several ways of high-speed data transmission, but they meet limited requirements applied to their narrowly focused specific target. The data compression approach gives the solution to the problems of high-speed transfer and low-volume data storage. This paper is devoted to the compression of GIF images, using a modified LZW algorithm with a tree-based dictionary. It has led to a decrease in lookup time and an increase in the speed of data compression, and in turn, allows developing the method of constructing a hardware compression accelerator during the future research.

Download Full-text

Study of privacy-preserving framework for cloud storage

Computer Science and Information Systems ◽

10.2298/csis100327029r ◽

2011 ◽

Vol 8 (3) ◽

pp. 801-819 ◽

Cited By ~ 12

Author(s):

Huang Ruwei ◽

Gui Xiaolin ◽

Yu Si ◽

Zhuang Wei

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Security Analysis ◽

Bloom Filter ◽

Data Access ◽

Data Retrieval ◽

Privacy Preserving ◽

Index Structure ◽

Structure Generation ◽

Access Right

In order to implement privacy-preserving, efficient and secure data storage and access environment of cloud storage, the following problems must be considered: data index structure, generation and management of keys, data retrieval, treatments of change of users? access right and dynamic operations on data, and interactions among participants. To solve those problems, the interactive protocol among participants is introduced, an extirpation-based key derivation algorithm (EKDA) is designed to manage the keys, a double hashed and weighted Bloom Filter (DWBF) is proposed to retrieve the encrypted keywords, which are combined with lazy revocation, multi-tree structure, asymmetric and symmetric encryptions, which form a privacypreserving, efficient and secure framework for cloud storage. The experiment and security analysis show that EKDA can reduce the communication and storage overheads efficiently, DWBF supports ciphertext retrieval and can reduce communication, storage and computation overhead as well, and the proposed framework is privacy preserving while supporting data access efficiently.

Download Full-text

An Efficient and Privacy-Preserving Biometric Identification Scheme Based on the FITing-Tree

Security and Communication Networks ◽

10.1155/2021/2313389 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Xiaopeng Yang ◽

Hui Zhu ◽

Songnian Zhang ◽

Rongxing Lu ◽

Xuesong Gao

Keyword(s):

Homomorphic Encryption ◽

Security Analysis ◽

Privacy Preserving ◽

Biometric Identification ◽

Large Dataset ◽

Biometric Data ◽

Communication Costs ◽

Identification Scheme ◽

Biometric Template ◽

Cloud Servers

Biometric identification services have been applied to almost all aspects of life. However, how to securely and efficiently identify an individual in a huge biometric dataset is still very challenging. For one thing, biometric data is very sensitive and should be kept secure during the process of biometric identification. On the other hand, searching a biometric template in a large dataset can be very time-consuming, especially when some privacy-preserving measures are adopted. To address this problem, we propose an efficient and privacy-preserving biometric identification scheme based on the FITing-tree, iDistance, and a symmetric homomorphic encryption (SHE) scheme with two cloud servers. With our proposed scheme, the privacy of the user’s identification request and service provider’s dataset is guaranteed, while the computational costs of the cloud servers in searching the biometric dataset can be kept at an acceptable level. Detailed security analysis shows that the privacy of both the biometric dataset and biometric identification request is well protected during the identification service. In addition, we implement our proposed scheme and compare it to a previously reported M-Tree based privacy-preserving identification scheme in terms of computational and communication costs. Experimental results demonstrate that our proposed scheme is indeed efficient in terms of computational and communication costs while identifying a biometric template in a large dataset.

Download Full-text

Efficient Share Generator for Slicing and Securely Retrieving the Cloud-Hosted Heterogeneous Multimedia Data

10.54216/jisiot.050103 ◽

2021 ◽

pp. 20-32

Author(s):

admin admin ◽

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Cloud Storage ◽

Implementation Strategies ◽

Critical Issue ◽

Multimedia Data ◽

Storage And Retrieval ◽

Remote Storage ◽

Source Transformation ◽

Cloud Servers

Recently, the security of heterogeneous multimedia data becomes a very critical issue, substantially with the proliferation of multimedia data and applications. Cloud computing is the hidden back-end for storing heterogeneous multimedia data. Notwithstanding that using cloud storage is indispensable, but the remote storage servers are untrusted. Therefore, one of the most critical challenges is securing multimedia data storage and retrieval from the untrusted cloud servers. This paper applies a Shamir Secrete-Sharing scheme and integrates with cloud computing to guarantee efficiency and security for sensitive multimedia data storage and retrieval. The proposed scheme can fully support the comprehensive and multilevel security control requirements for the cloud-hosted multimedia data and applications. In addition, our scheme is also based on a source transformation that provides powerful mutual interdependence in its encrypted representation—the Share Generator slices and encrypts the multimedia data before sending it to the cloud storage. The extensive experimental evaluation on various configurations confirmed the effectiveness and efficiency of our scheme, which showed excellent performance and compatibility with several implementation strategies.

Download Full-text