A Secure and Privacy-Preserving Approach to Protect User Data across Cloud based Online Social Networks

The tremendous growth of social networking systems enables the active participation of a wide variety of users. This has led to an increased probability of security and privacy concerns. In order to solve the issue, the article defines a secure and privacy-preserving approach to protect user data across Cloud-based online social networks. The proposed approach models social networks as a directed graph, such that a user can share sensitive information with other users only if there exists a directed edge from one user to another. The connectivity between data users data is efficiently shared using an attribute-based encryption (ABE) with different data access levels. The proposed ABE technique makes use of a trapdoor function to re-encrypt the data without the use of proxy re-encryption techniques. Experimental evaluation states that the proposed approach provides comparatively better results than the existing techniques.

A Public Key Cryptosystem Using a Group of Permutation Polynomials

In this paper we propose an efficient multivariate encryption scheme based on permutation polynomials over finite fields. We single out a commutative group ℒ(q, m) of permutation polynomials over the finite field Fqm. We construct a trapdoor function for the cryptosystem using polynomials in ℒ(2, m), where m =2k for some k ≥ 0. The complexity of encryption in our public key cryptosystem is O(m3) multiplications which is equivalent to other multivariate public key cryptosystems. For decryption only left cyclic shifts, permutation of bits and xor operations are used. It uses at most 5m2+3m – 4 left cyclic shifts, 5m2 +3m + 4 xor operations and 7 permutations on bits for decryption.

A Secure and Privacy-Preserving Approach to Protect User Data across Cloud based Online Social Networks

The tremendous growth of social networking systems enables the active participation of a wide variety of users. This has led to an increased probability of security and privacy concerns. In order to solve the issue, the article defines a secure and privacy-preserving approach to protect user data across Cloud-based online social networks. The proposed approach models social networks as a directed graph, such that a user can share sensitive information with other users only if there exists a directed edge from one user to another. The connectivity between data users data is efficiently shared using an attribute-based encryption (ABE) with different data access levels. The proposed ABE technique makes use of a trapdoor function to re-encrypt the data without the use of proxy re-encryption techniques. Experimental evaluation states that the proposed approach provides comparatively better results than the existing techniques.

Novel Framework for Maximizing Security over Wireless Network

With the increasing adoption of application running over wireless networking system, there is also an increasing security concern in it. Review of existing security protocols in wireless networks shows that they are highly specific to adversaries and hence they cannot be applicable with the dynamic state of network vulnerabilities. Apart from this, it was also explored that public key encryption requires a drastic change in its design methodology in order to make it more resource friendly for increased network lifetime. Therefore, this manuscript presents a novel framework that develops an enhanced model of public key encryption using algebraic structure that can generate an elite secret key. The study also introduces a design of an efficient trapdoor function which renders maximum resiliency towards different forms of lethal attacks as well as adhere to maximum security standards in wireless network. The study outcome shows that proposed system out performs frequently used existing security standards in many aspects.

Updatable Lossy Trapdoor Functions Under Consecutive Leakage

Lossy trapdoor functions (LTFs), introduced by Peikert and Waters (STOC’08), have already been found to be a very useful tool in constructing complex cryptographic primitives in a black-box manner, such as one-way trapdoor functions, deterministic public-key encryption, CCA-secure public-key encryption, etc. Due to the existence of the side-channel attack, the leakage of trapdoor information in lossy trapdoor function systems can lead to the impossibility of provable security. Recently, Zhang et al. introduced a model of consecutive and continual leakage-resilient and updatable lossy trapdoor functions (ULTFs) and provided a concrete construction to achieve the security. Meanwhile, they proposed a consecutive and continual leakage-resilient public-key encryption scheme. However, in this paper, we demonstrate that the correctness of injective function can not be satisfied. Furthermore, the attacker can easily distinguish the evaluation key of ULTFs generated by the challenger according to the security model. Finally, we show two new constructions based on the continual leakage-resilient public-key encryption scheme of Brakerski et al. (FOCS 2010) and demonstrate the security of our scheme in the consecutive and continual leakage model.

DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT †

IoT devices provide real-time data to a rich ecosystem of services and applications. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core networks. To alleviate the core of the network, other technologies like fog computing can be used. On the security side, designers of IoT low-cost devices and applications often reuse old versions of development frameworks and software components that contain vulnerabilities. Many server applications today are designed using microservice architectures where components are easier to update. Thus, IoT can benefit from deploying microservices in the fog as it offers the required flexibility for the main players of ubiquitous computing: nomadic users. In such deployments, IoT devices need the dynamic instantiation of microservices. IoT microservices require certificates so they can be accessed securely. Thus, every microservice instance may require a newly-created domain name and a certificate. The DNS-based Authentication of Named Entities (DANE) extension to Domain Name System Security Extensions (DNSSEC) allows linking a certificate to a given domain name. Thus, the combination of DNSSEC and DANE provides microservices’ clients with secure information regarding the domain name, IP address, and server certificate of a given microservice. However, IoT microservices may be short-lived since devices can move from one local fog to another, forcing DNSSEC servers to sign zones whenever new changes occur. Considering DNSSEC and DANE were designed to cope with static services, coping with IoT dynamic microservice instantiation can throttle the scalability in the fog. To overcome this limitation, this article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme. Chameleon signatures are signatures computed over a chameleon hash, which have a property: a secret trapdoor function can be used to compute collisions to the hash. Since the hash is maintained, the signature does not have to be computed again. In the soft delegation schema, DNS servers obtain a trapdoor that allows performing changes in a constrained zone without affecting normal DNS operation. In this way, a server can receive this soft delegation and modify the DNS zone to cope with frequent changes such as microservice dynamic instantiation. Changes in the soft delegated zone are much faster and do not require the intervention of the DNS primary servers of the zone.