A Hash-Based Quantum-Resistant Chameleon Signature Scheme

As a standard digital signature may be verified by anybody, it is unsuitable for personal or economically sensitive applications. The chameleon signature system was presented by Krawczyk and Rabin as a solution to this problem. It is based on a hash then sign model. The chameleon hash function enables the trapdoor information holder to compute a message digest collision. The holder of a chameleon signature is the recipient of a chameleon signature. He could compute collision on the hash value using the trapdoor information. This keeps the recipient from disclosing his conviction to a third party and ensures the privacy of the signature. The majority of the extant chameleon signature methods are built on the computationally infeasible number theory problems, like integer factorization and discrete log. Unfortunately, the construction of quantum computers would be rendered insecure to those schemes. This creates a solid requirement for construct chameleon signatures for the quantum world. Hence, this paper proposes a novel quantum secure chameleon signature scheme based on hash functions. As a hash-based cryptosystem is an essential candidate of a post-quantum cryptosystem, the proposed hash-based chameleon signature scheme would be a promising alternative to the number of theoretic-based methods. Furthermore, the proposed method is key exposure-free and satisfies the security requirements such as semantic security, non-transferability, and unforgeability.

Not so fast: understanding and mitigating negative impacts of compiler optimizations on code reuse gadget sets

Despite extensive testing and correctness certification of their functional semantics, a number of compiler optimizations have been shown to violate security guarantees implemented in source code. While prior work has shed light on how such optimizations may introduce semantic security weaknesses into programs, there remains a significant knowledge gap concerning the impacts of compiler optimizations on non-semantic properties with security implications. In particular, little is currently known about how code generation and optimization decisions made by the compiler affect the availability and utility of reusable code segments called gadgets required for implementing code reuse attack methods such as return-oriented programming. In this paper, we bridge this gap through a study of the impacts of compiler optimization on code reuse gadget sets. We analyze and compare 1,187 variants of 20 different benchmark programs built with two production compilers (GCC and Clang) to determine how their optimization behaviors affect the code reuse gadget sets present in program variants with respect to both quantitative and qualitative metrics. Our study exposes an important and unexpected problem; compiler optimizations introduce new gadgets at a high rate and produce code containing gadget sets that are generally more useful to an attacker than those in unoptimized code. Using differential binary analysis, we identify several undesirable behaviors at the root of this phenomenon. In turn, we propose and evaluate several strategies to mitigate these behaviors. In particular, we show that post-production binary recompilation can effectively mitigate these behaviors with negligible performance impacts, resulting in optimized code with significantly smaller and less useful gadget sets.

Implementation of Algorithms for Identity Based Encryption and Decryption

Identity-based cryptosystems were introduced to overcome one of the main problems in public key encryption, the generation of public and private keys. In the identity-based cryptosystem, an identifier such as an e-mail address of a user can be used to generate public and private keys by a trusted third party. The trusted third party uses a system-wide master secret to provide private keys to a user. Identity-based cryptosystems can be constructed using the idea of pairings. This article discusses four different identity-based cryptosystems: the Boneh-Franklin scheme, the Cock's scheme, the Authenticated IBE scheme and the Hierarchical IBE scheme. This article also discusses the security notions considered for the identity-based cryptosystem. The security notions considered are: one-wayness, indistinguishability, semantic security and non-malleability. An architecture consisting of a public parameter server and private key generator for the implementation of the identity-based cryptosystems is also discussed.

Implementation of Algorithms for Identity Based Encryption and Decryption

Identity-based cryptosystems were introduced to overcome one of the main problems in public key encryption, the generation of public and private keys. In the identity-based cryptosystem, an identifier such as an e-mail address of a user can be used to generate public and private keys by a trusted third party. The trusted third party uses a system-wide master secret to provide private keys to a user. Identity-based cryptosystems can be constructed using the idea of pairings. This article discusses four different identity-based cryptosystems: the Boneh-Franklin scheme, the Cock's scheme, the Authenticated IBE scheme and the Hierarchical IBE scheme. This article also discusses the security notions considered for the identity-based cryptosystem. The security notions considered are: one-wayness, indistinguishability, semantic security and non-malleability. An architecture consisting of a public parameter server and private key generator for the implementation of the identity-based cryptosystems is also discussed.

Secure Data Duplication Checking with Backup Recovery in Big Data Environments

With the rapidly increasing amounts of data produced worldwide, networked and multi- user storage systems are becoming very popular. However, concerns over data security still prevent many users from migrating data to remote storage. The conventional solution is to encrypt the data before it leaves the owner’s premises. While sound from a security perspective,this approach prevents the storage provider from effectively applying storage efficiency functions, such as compression and deduplication, which would allow optimal usage of the resources and consequently lower service cost. Client-side data deduplication in particular ensures that multiple uploads of the same content only consume network bandwidth and storage space of a single upload. Deduplication is actively used by a number of backup providers as well as various data services. In this project, we present a scheme that permits the storage without duplication of multiple types of files. And also need the intuition is that outsourced data may require different levels of protection. Based on this idea, we design an encryption scheme that guarantees semantic security for unpopular data and provides weaker security and better storage and bandwidth benefits for popular data. This way, data deduplication can be effective for popular data, whilst semantically secure encryption protects unpopular content. We can use the backup recover system at the time of blocking and also analyze frequent log in access system.

Multi-use Deterministic Public Key Proxy Re-Encryption from Lattices in the Auxiliary-Input Setting

Proxy Re-Encryption (PRE) is a cryptographic primitive that allows a proxy to turn an Alice’s ciphertext into a Bob’s ciphertext on the same plaintext. All of the PRE schemes are public key encryption and semantic security. Deterministic Public Key Encryption (D-PKE) provides an alternative to randomized public key encryption in various scenarios where the latter exhibits inherent drawbacks. In this paper, we construct the first multi-use unidirectional D-PRE scheme from Lattices in the auxiliary-input setting. We also prove that it is PRIV1-INDr secure in the standard model based on the LWR. Finally, an identity-based D-PRE is obtained from the basic construction.

Combinatorial Subset Difference—IoT-Friendly Subset Representation and Broadcast Encryption

In the Internet of Things (IoT) systems, it is often required to deliver a secure message to a group of devices. The public key broadcast encryption is an efficient primitive to handle IoT broadcasts, by allowing a user (or a device) to broadcast encrypted messages to a group of legitimate devices. This paper proposes an IoT-friendly subset representation called Combinatorial Subset Difference (CSD), which generalizes the existing subset difference (SD) method by allowing wildcards (*) in any position of the bitstring. Based on the CSD representation, we first propose an algorithm to construct the CSD subset, and a CSD-based public key broadcast encryption scheme. By providing the most general subset representation, the proposed CSD-based construction achieves a minimal header size among the existing broadcast encryption. The experimental result shows that our CSD saves the header size by 17% on average and more than 1000 times when assuming a specific IoT example of IP address with 20 wildcards and 2 20 total users, compared to the SD-based broadcast encryption. We prove the semantic security of CSD-based broadcast encryption under the standard l-BDHE assumption, and extend the construction to a chosen-ciphertext-attack (CCA)-secure version.