Computing Blindfolded on Data Homomorphically Encrypted under Multiple Keys: A Survey

With capability of performing computations on encrypted data without needing the secret key, homomorphic encryption (HE) is a promising cryptographic technique that makes outsourced computations secure and privacy-preserving. A decade after Gentry’s breakthrough discovery of how we might support arbitrary computations on encrypted data, many studies followed and improved various aspects of HE, such as faster bootstrapping and ciphertext packing. However, the topic of how to support secure computations on ciphertexts encrypted under multiple keys does not receive enough attention. This capability is crucial in many application scenarios where data owners want to engage in joint computations and are preferred to protect their sensitive data under their own secret keys. Enabling this capability is a non-trivial task. In this article, we present a comprehensive survey of the state-of-the-art multi-key techniques and schemes that target different systems and threat models. In particular, we review recent constructions based on Threshold Homomorphic Encryption (ThHE) and Multi-Key Homomorphic Encryption (MKHE). We analyze these cryptographic techniques and schemes based on a new secure outsourced computation model and examine their complexities. We share lessons learned and draw observations for designing better schemes with reduced overheads.

Oblivious algebraic data types

Secure computation allows multiple parties to compute joint functions over private data without leaking any sensitive data, typically using powerful cryptographic techniques. Writing secure applications using these techniques directly can be challenging, resulting in the development of several programming languages and compilers that aim to make secure computation accessible. Unfortunately, many of these languages either lack or have limited support for rich recursive data structures, like trees. In this paper, we propose a novel representation of structured data types, which we call oblivious algebraic data types, and a language for writing secure computations using them. This language combines dependent types with constructs for oblivious computation, and provides a security-type system which ensures that adversaries can learn nothing more than the result of a computation. Using this language, authors can write a single function over private data, and then easily build an equivalent secure computation according to a desired public view of their data.

Pengamanan Data melalui Model Super Enkripsi Autokey Cipher dan Transposisi Kolom

One of the essential instruments in the cyber era is data. Therefore, maintaining data security is an important thing to do. One way that can be done to maintain data security is through cryptography. In cryptography, two basic techniques are commonly used, namely substitution techniques and transposition techniques. One of the weaknesses of the basic cryptographic techniques is the lower level of data security. This study proposed a super encryption model in securing data by combining cryptographic algorithms with substitution techniques, i.e., autokey cipher and transposition, i.e., columnar transposition cipher. This study used the Avalanche Effect method as a measurement tool for the proposed super encryption model. The test results have shown that the proposed super encryption model can provide a better level of security. The avalanche effect test on the five data test shows that the average AE value of the proposed super encryption model is 30.76%. This value is higher than the single autokey cipher algorithm of 1.66% and column transposition with a value of 18.03%. Other results from the five data test have shown that the proposed model has a high level of accuracy of 100% in terms of the decryption process results, which is the same as the initial data before going through the encryption process.

Preservation of Data Integrity in Public Cloud Using Enhanced Vigenere Cipher Based Obfuscation

Today’s internet world is moves to cloud computing to maintain their public data privately in a secure way. In cloud scenario, many security principles are implemented to maintain the secure transmission of data over the internet. And still, the main concern is about maintaining the integrity of our own data in public cloud. Mostly, research works concentrates on cryptographic techniques for secure sharing of data but there is no such mentioned works are available for data integrity. In this paper, a data masking technique called obfuscation is implemented which is used to protect the data from unwanted modification by data breaching attacks. In this work, enhanced Vigenere encryption is used to perform obfuscation that maintains the privacy of the user’s data. Enhanced Vigenere encryption algorithm combined with intelligent rules to maintain the dissimilarity between the data masking for perform encryption with different set of rules. This work mainly concentrates on data privacy with reduced time complexity for encryption and decryption.

A Novel Method to Solve Real Time Security Issues in Software Industry Using Advanced Cryptographic Techniques

In recent times, the utility and privacy are trade-off factors with the performance of one factor tends to sacrifice the other. Therefore, the dataset cannot be published without privacy. It is henceforth crucial to maintain an equilibrium between the utility and privacy of data. In this paper, a novel technique on trade-off between the utility and privacy is developed, where the former is developed with a metaheuristic algorithm and the latter is developed using a cryptographic model. The utility is carried out with the process of clustering, and the privacy model encrypts and decrypts the model. At first, the input datasets are clustered, and after clustering, the privacy of data is maintained. The simulation is conducted on the manufacturing datasets over various existing models. The results show that the proposed model shows improved clustering accuracy and data privacy than the existing models. The evaluation with the proposed model shows a trade-off privacy preservation and utility clustering in smart manufacturing datasets.

Modeling a multi-layered blockchain framework for digital services that governments can implement

The general population increasingly uses digital services, meaning services which are delivered over the internet or an electronic network, and events such as pandemics have accelerated the need of using new digital services. Governments have also increased their number of digital services, however, these digital services still lack of sufficient information security, particularly integrity. Blockchain uses cryptographic techniques that allow decentralization and increase the integrity of the information it handles, but it still has disadvantages in terms of efficiency, making it incapable of implementing some digital services where a high rate of transactions are required. In order to increase its efficient, a multi-layer proposal based on blockchain is presented. It has four layers, where each layer specializes in a different type of information and uses properties of public blockchain and private blockchain. An statistical analysis is performed and the proposal is modeled showing that it maintains and even increases the integrity of the information while preserving the efficiency of transactions. Besides, the proposal can be flexible and adapt to different types of digital services. It also considers that voluntary nodes participate in the decentralization of information making it more secure, verifiable, transparent and reliable.

Accessing Cloud Services Using Token based Framework for IoT Devices

Nowadays cloud environments are used by many business service sectors like healthcare, retail marketing, banking, and many business fields. At the same time, the usage of Internet of Things (IoT) devices in different sectors also increasing tremendously. So, there is a general problem for securing any business service in enterprise cloud environments restricting by only authorized devices. We are proposing cryptographic techniques with the help of a token-based framework by enabling a secure handshake between consuming applications and the source business service which aims to authorize the target end consumers of the respective business service. The proposed work aims to achieve the desired secure handshake so that any consuming application or device requests the desired business service with a secret token and an input combination. The source business service creates a secure token using any latest robust cryptographic algorithm on the above input combination and returns the token to the consuming application. The consuming application requests to the source business service, it must pass the above token which if validated then only would receive the required data. Hence, in this paper, we propose the delegation of the authorization task to the end consumers, who are responsible to fetch the security tokens and use them in their application lifecycle.

Systematic Literature Review of the Role of Fuzzy Logic in the Development of Cryptographic and Steganographic Techniques

The rapid technological revolution had an impact on a variety of information security techniques. This will be important because information can be confidential to some entities that communicate with each other. Internet in intelligent technology will be a loophole for cryptanalysts to look for information vulnerabilities. Cryptography is a method of securing data and information which is currently still supported by the development of the method. However, the data and information that are secured will still have vulnerabilities in their delivery. The combination of fuzzy logic techniques with cryptographic techniques has been applied to support the improvement of information security. This study applies a systematic literature review method, to find articles that combine the two fields. The purpose of this study is to see the development of information security techniques with a fuzzy logic approach. As a result, it is found that the development of cryptographic and steganographic techniques that utilize fuzzy logic to help improve information security. In addition, the use of fuzzy logic is also not limited to increasing security. Fuzzy logic also plays a role in selecting the best key and password and issuing random numbers from a Pseudo-Random Number Generator (PRNG).

An overview of generic tools for information-theoretic secrecy performance analysis over wiretap fading channels

Physical layer security (PLS) has been proposed to afford an extra layer of security on top of the conventional cryptographic techniques. Unlike the conventional complexity-based cryptographic techniques at the upper layers, physical layer security exploits the characteristics of wireless channels, e.g., fading, noise, interference, etc., to enhance wireless security. It is proved that secure transmission can benefit from fading channels. Accordingly, numerous researchers have explored what fading can offer for physical layer security, especially the investigation of physical layer security over wiretap fading channels. Therefore, this paper aims at reviewing the existing and ongoing research works on this topic. More specifically, we present a classification of research works in terms of the four categories of fading models: (i) small-scale, (ii) large-scale, (iii) composite, and (iv) cascaded. To elaborate these fading models with a generic and flexible tool, three promising candidates, including the mixture gamma (MG), mixture of Gaussian (MoG), and Fox’s H-function distributions, are comprehensively examined and compared. Their advantages and limitations are further demonstrated via security performance metrics, which are designed as vivid indicators to measure how perfect secrecy is ensured. Two clusters of secrecy metrics, namely (i) secrecy outage probability (SOP), and the lower bound of SOP; and (ii) the probability of nonzero secrecy capacity (PNZ), the intercept probability, average secrecy capacity (ASC), and ergodic secrecy capacity, are displayed and, respectively, deployed in passive and active eavesdropping scenarios. Apart from those, revisiting the secrecy enhancement techniques based on Wyner’s wiretap model, the on-off transmission scheme, jamming approach, antenna selection, and security region are discussed.