CESCR: CP-ABE for efficient and secure sharing of data in collaborative ehealth with revocation and no dummy attribute

With the rapid advancement of information and communication technologies, there is a growing transformation of healthcare systems. A patient’s health data can now be centrally stored in the cloud and be shared with multiple healthcare stakeholders, enabling the patient to be collaboratively treated by more than one healthcare institution. However, several issues, including data security and privacy concerns still remain unresolved. Ciphertext-policy attribute-based encryption (CP-ABE) has shown promising potential in providing data security and privacy in cloud-based systems. Nevertheless, the conventional CP-ABE scheme is inadequate for direct adoption in a collaborative ehealth system. For one, its expressiveness is limited as it is based on a monotonic access structure. Second, it lacks an attribute/user revocation mechanism. Third, the computational burden on both the data owner and data users is linear with the number of attributes in the ciphertext. To address these inadequacies, we propose CESCR, a CP-ABE for efficient and secure sharing of health data in collaborative ehealth systems with immediate and efficient attribute/user revocation. The CESCR scheme is unbounded, i.e., it does not bind the size of the attribute universe to the security parameter, it is based on the expressive and non-restrictive ordered binary decision diagram (OBDD) access structure, and it securely outsources the computationally demanding attribute operations of both encryption and decryption processes without requiring a dummy attribute. Security analysis shows that the CESCR scheme is secure in the selective model. Simulation and performance comparisons with related schemes also demonstrate that the CESCR scheme is expressive and efficient.

Systematic review on effects of bioenergy from edible versus inedible feedstocks on food security

Achieving food security is a critical challenge of the Anthropocene that may conflict with environmental and societal goals such as increased energy access. The “fuel versus food” debate coupled with climate mitigation efforts has given rise to next-generation biofuels. Findings of this systematic review indicate just over half of the studies (56% of 224 publications) reported a negative impact of bioenergy production on food security. However, no relationship was found between bioenergy feedstocks that are edible versus inedible and food security (P value = 0.15). A strong relationship was found between bioenergy and type of food security parameter (P value < 0.001), sociodemographic index of study location (P value = 0.001), spatial scale (P value < 0.001), and temporal scale (P value = 0.017). Programs and policies focused on bioenergy and climate mitigation should monitor multiple food security parameters at various scales over the long term toward achieving diverse sustainability goals.

A Spectrum-Efficient Cross-Layer RF Distance Bounding Scheme

Distance bounding protocols guarantee a credible distance upper bound between the devices which require the spatial distance as a security parameter to defend Mafia Fraud attacks. However, in RF systems, the realization of distance bounding protocol faces obstacles due to low spectrum efficiency, since the distance bound estimation consumes a significant amount of frequency band in existing schemes. This hinders RF distance bounding from being practically deployed, especially in commonly used ISM bands. In this work, we propose an alternative, spectrum-efficient scheme for RF distance bounding. We build the physical layer as well as a protocol design based on SFCW signal and SFCW ranging. Thus, comparing existing schemes that consume many frequency bands, our scheme frees many spectrum resources. We propose solutions to the unique challenges facing such an SFCW-based scheme design, namely, data communication over unintelligent SFCW signals, and secure synchronization in the SFCW-based challenge-response exchange. We evaluate our scheme via the security analysis and physical layer simulations. The results show (i) its resistance to attacks commonly concerned in distance bounding, (ii) the feasibility of the physical layer design such as accurate ranging and data communication function, and (iii) the communication noise tolerance and the ability of multipath signal discrimination.

Secure Data Deduplication of Encrypted Data in Cloud

In the present digital scenario, data is of prime significance for individuals and moreover for organizations. With the passage of time, data content being produced increases exponentially, which poses a serious concern as the huge amount of redundant data contents stored on the cloud employs a severe load on the cloud storage systems itself which cannot be accepted. Therefore, a storage optimization strategy is a fundamental prerequisite to cloud storage systems. Data deduplication is a storage optimization strategy that is used for deleting identical copies of redundant data, optimizing bandwidth, improves utilization of storage space, and hence, minimizes storage cost. To guarantee the security parameter, the data which is stored on the cloud must be in an encrypted form to ensure the security of the stored data. Consequently, executing deduplication safely over the encrypted information in the cloud seems to be a challenging job. This chapter discusses various existing data deduplication techniques with a notion of securing the data on the cloud that addresses this challenge.

A trade-off between classical and quantum circuit size for an attack against CSIDH

We propose a heuristic algorithm to solve the underlying hard problem of the CSIDH cryptosystem (and other isogeny-based cryptosystems using elliptic curves with endomorphism ring isomorphic to an imaginary quadratic order 𝒪). Let Δ = Disc(𝒪) (in CSIDH, Δ = −4p for p the security parameter). Let 0 < α < 1/2, our algorithm requires:A classical circuit of size $2^{\tilde{O}\left(\log(|\Delta|)^{1-\alpha}\right)}.$A quantum circuit of size $2^{\tilde{O}\left(\log(|\Delta|)^{\alpha}\right)}.$Polynomial classical and quantum memory.Essentially, we propose to reduce the size of the quantum circuit below the state-of-the-art complexity $2^{\tilde{O}\left(\log(|\Delta|)^{1/2}\right)}$ at the cost of increasing the classical circuit-size required. The required classical circuit remains subexponential, which is a superpolynomial improvement over the classical state-of-the-art exponential solutions to these problems. Our method requires polynomial memory, both classical and quantum.

Tightly Secure Hierarchical Identity-Based Encryption

We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme based on standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014). At the core of our constructions is a novel randomization technique that enables us to randomize user secret keys for identities with flexible length. The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation.

Public-Key Encryption In The Standard Model Against Strong Leakage Adversary

Over the years, security against adaptively chosen-ciphertext attacks (CCA2) is considered as the strongest security definition for public-key encryption schemes. With the uprise of side-channel attacks, new security definitions are proposed, addressing leakage of secret keys together with the standard CCA2 definition. Among the new security definitions, security against continuous and after-the-fact leakage-resilient CCA2 can be considered as the strongest security definition, which is called as security against (continuous) adaptively chosen-ciphertext leakage attacks (continuous CCLA2). In this paper, we present a construction of a public-key encryption scheme, namely LR-PKE, which satisfies the aforementioned security definition. The security of our public-key encryption scheme is proven in the standard model, under decision BDH assumption. Thus, we emphasize that our public-key encryption scheme LR-PKE is (continuous) CCLA2-secure in the standard model. For our construction of LR-PKE, we have used a strong one-time signature scheme and a leakage-resilient refreshing protocol as underlying building blocks. The leakage bound is $0.15n\log p -1$ bits per leakage query, for a security parameter $k$ and a statistical security parameter $n$, such that $\log p \geq k$ and $n$ is a function of $k$. It is possible to see that LR-PKE is efficient enough to be used for real-world usage.