共查询到20条相似文献,搜索用时 31 毫秒
1.
Yuh‐Min Tseng Yi‐Hung Huang Hui‐Ju Chang 《International Journal of Communication Systems》2014,27(7):1034-1050
Multireceiver identity (ID) based encryption and ID‐based broadcast encryption allow a sender to use the public identities of multiple receivers to encrypt messages so that only the selected receivers or a privileged set of users can decrypt the messages. It can be used for many practical applications such as digital content distribution, pay‐per‐view and multicast communication. For protecting the privacy of receivers or providing receiver anonymity, several privacy‐preserving (or anonymous) multireceiver ID‐based encryption and ID‐based broadcast encryption schemes were recently proposed, in which receiver anonymity means that nobody (including any selected receiver), except the sender, knows who the other selected receivers are. However, security incompleteness or flaws were found in these schemes. In this paper, we propose a new privacy‐preserving multireceiver ID‐based encryption scheme with provable security. We formally prove that the proposed scheme is semantically secure for confidentiality and receiver anonymity. Compared with the previously proposed anonymous multireceiver ID‐based encryption and ID‐based broadcast encryption schemes, the proposed scheme has better performance and robust security. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
2.
Cloud storage is gaining popularity as it relieves the data owners from the burden of data storage and maintenance cost. However, outsourcing data to third‐party cloud servers raise several concerns such as data availability, confidentiality, and integrity. Recently, regenerating codes have gained popularity because of their low repair bandwidth while ensuring data availability. In this paper, we propose a secure regenerating code‐based cloud storage (SRCCS) scheme, which utilizes the verifiable computation property of homomorphic encryption scheme to check the integrity of outsourced data. In this work, an error‐correcting code (ECC)–based homomorphic encryption scheme (HES) is employed to simultaneously provide data privacy as well as error correction while supporting efficient integrity verification. In SRCCS, server regeneration process is initiated on detection of data corruption events in order to ensure data availability. The ECC‐based HES significantly reduces the probability of server regeneration and minimizes the repair cost. Extensive theoretical analysis and simulation results validate the security, efficiency, and practicability of the proposed scheme. 相似文献
3.
Attribute-based fully homomorphic encryption scheme over rings 总被引:1,自引:0,他引:1
The fully homomorphic encryption has important applications in the area of data security and privacy security of cloud computing,but the size of secret keys and ciphertext in most of current homomorphic encryption schemes were too large,which restricted its practical.To improve these drawbacks,a recoding scheme and a attribute-based encryption scheme based on learning with errors problem over rings were provided,then a attribute-based fully homomorphic encryption was constructed.The new scheme overcame the above mentioned drawbacks,because it did't need public key certificate,meanwhile,it can achieve the fine-grained access control to the ciphertext.Compared with similar results,proposed method decreases the size of keys and ciphertext greatly. 相似文献
4.
Laicheng Cao Jinbo Zhang Xiaoye Dong Chengzhe Xi Yafei Wang Yangyang Zhang Xian Guo Tao Feng 《International Journal of Communication Systems》2018,31(10)
Cloud computing has great economical advantages and wide application, more and more data owners store their data in the cloud storage server (CSS) to avoid tedious local data management and insufficient storage resources. But the privacy of data owners faces enormous challenges. The most recent searchable encryption technology adopts the ciphertext‐policy attribute‐based encryption (CP‐ABE), which is one good method to deal with this security issue. However, the access attributes of the users are transmitted and assigned in plaintext form. In this paper, we propose a based on blinded CP‐ABE searchable encryption cloud storage service (BCP‐ABE‐SECSS) scheme, which can blind the access attributes of the users in order to prevent the collusion attacks of the CSS and the users. Data encryption and keyword index generation are performed by the data owners; meanwhile, we construct that CSS not only executes the access control policy of the data but also performs the pre‐decryption operation about the encrypted data to solve higher time cost of decryption calculation to the data users. Security proof results show that this scheme has access attribute security, data confidentiality, indistinguishable security against chosen keyword attack, and resisting the collusion attack between the data user and the CSS. Performance analysis and the experimental results show that this scheme can effectively reduce the computation time cost of the data owners and the data users. 相似文献
5.
针对数字混沌密码无法直接在轻量的传感节点上实现,介绍了一种基于整数型混沌映射的轻量级分组加密算法,并提出一种新型的消息鉴别码方案,具有输出长度可变、混沌序列复合安全等特点,最后实现了一个完整的无线传感网数据安全传输应用方案,并在Mica2节点上给出性能分析。实验表明该方案对无线传感网具有更高的实用性。 相似文献
6.
As cloud storage becomes more popular, concerns about data leakage have been increasing. Encryption techniques can be used to protect privacy of videos stored in the cloud. However, the recently proposed sketch attack for encrypted H.264/AVC video, which is based on the macroblock bitstream size (MBS), can generate the outline images of both intra-frames and inter-frames from a video encrypted by most existing encryption schemes; thus, the protection of the original video may be considered a failure. In this paper, a novel selective encryption scheme for H.264/AVC video with improved visual security is presented. Two different scrambling strategies that do not destroy the format compatibility are proposed to change the relative positions between macroblocks in intra-frames and inter-frames respectively, which in turn substantially distort the sketched outline images so that they do not disclose meaningful information. Moreover, the sign bits of non-zero DCT coefficients are encrypted to contribute to the visual security of our scheme, and an adaptive encryption key related to the intra prediction mode and the DCT coefficient distribution of each frame is employed to provide further security. The experimental results show that our encryption scheme can achieve a better visual scrambling effect with a small adverse impact on the video file size. Furthermore, the security analysis demonstrates that our scheme can successfully resist the MBS sketch attack compared with other related schemes. The proposed method is also proven secure against some other known attacks. 相似文献
7.
Gangasandra Mahadevaiah Kiran Narasimhaiah Nalini 《International Journal of Communication Systems》2020,33(15)
Nowadays, security and data access control are some of the major concerns in the cloud storage unit, especially in the medical field. Therefore, a security‐aware mechanism and ontology‐based data access control (SA‐ODAC) has been developed to improve security and access control in cloud computing. The model proposed in this research work is based on two operational methods, namely, secure awareness technique (SAT) and ontology‐based data access control (ODAC), to improve security and data access control in cloud computing. The SAT technique is developed to provide security for medical data in cloud computing, based on encryption, splitting and adding files, and decryption. The ODAC ontology is launched to control unauthorized persons accessing data from storage and create owner and administrator rules to allow access to data and is proposed to improve security and restrict access to data. To manage the key of the SAT technique, the secret sharing scheme is introduced in the proposed framework. The implementation of the algorithm is performed by MATLAB, and its performance is verified in terms of delay, encryption time, encryption time, and ontology processing time and is compared with role‐based access control (RBAC), context‐aware RBAC and context‐aware task RBAC, and security analysis of advanced encryption standard and data encryption standard. Ultimately, the proposed data access control and security scheme in SA‐ODAC have achieved better performance and outperform the conventional technique. 相似文献
8.
针对云计算环境中数字内容安全和用户隐私保护的需求,提出了一种云计算环境中支持隐私保护的数字版权保护方案。设计了云计算环境中数字内容版权全生命周期保护和用户隐私保护的框架,包括系统初始化、内容加密、许可授权和内容解密4个主要协议;采用基于属性基加密和加法同态加密算法的内容加密密钥保护和分发机制,保证内容加密密钥的安全性;允许用户匿名向云服务提供商订购内容和申请授权,保护用户的隐私,并且防止云服务提供商、授权服务器和密钥服务器等收集用户使用习惯等敏感信息。与现有的云计算环境中数字版权保护方案相比,该方案在保护内容安全和用户隐私的同时,支持灵活的访问控制,并且支持在线和超级分发应用模式,在云计算环境中具有较好的实用性。 相似文献
9.
属性基加密(ABE, attribute-based encryption)用于提供细粒度访问控制及一对多加密,现已被广泛应用于分布式环境下数据共享方案以提供隐私保护。然而,现有的属性基加密数据共享方案均允许数据拥有者任意修改数据,导致数据真实性无法保证,经常难以满足一些实际应用需求,如个人电子病例、审核系统、考勤系统等。为此,提出一种能保证数据真实可靠且访问控制灵活的数据共享方案。首先,基于RSA代理加密技术实现读写权限分离机制以保证数据真实可靠;其次,使用属性基加密机制提供灵活的访问控制策略;最后,利用关键字检索技术实现支持密钥更新的高效撤销机制。详细的安全性分析表明本方案能提供数据机密性以实现隐私保护,且性能分析和仿真表明本方案具有较高效率,能有效满足实际应用需求。 相似文献
10.
In a Wireless Sensor Network (WSN), aggregation exploits the correlation between spatially and temporally proximate sensor data to reduce the total data volume to be transmitted to the sink. Mobile agents (MAs) fit into this paradigm, and data can be aggregated and collected by an MA from different sensor nodes using context specific codes. The MA-based data collection suffers due to large size of a typical WSN and is prone to security problems. In this article, homomorphic encryption in a clustered WSN has been proposed for secure and efficient data collection using MAs. The nodes keep encrypted data that are given to an MA for data aggregation tasks. The MA performs all the data aggregation operations upon encrypted data as it migrates between nodes in a tree-like structure in which the nodes are leafs and the cluster head is the root of the tree. It returns and deposits the encrypted aggregated data to the cluster head after traversing through all the intra cluster nodes over a shortest path route. The homomorphic encryption and aggregation processing in encrypted domain makes the data collection process secure. Simulation results confirm the effectiveness of the proposed secure data aggregation mechanism. In addition to security, MA-based mechanism leads to lesser delay and bandwidth requirements. 相似文献
11.
Mingwu Zhang Chunzhi Wang Bo Yang Tsuyoshi Takagi 《International Journal of Communication Systems》2014,27(12):4307-4327
An encryption scheme is a tuple of algorithms used to ensure secrecy while exchanging messages over a public channel. Spatial encryption is a generalized extension of id‐based encryption with the ability of partial order role delegation. In this paper, we propose an efficient spatial encryption with vector privacy preservation, which is derived from the technique of static assumption from dual system encryption in composite order groups. The proposed scheme achieves the cryptosystem properties of message confidentiality, recipient anonymity, adaptively full security, and short constant ciphertext. Provable security in our setting consists of three steps: the first one is giving a rigorous definition of security, the second one is giving the construction of a scheme, and the last one is giving a rigorous mathematical proof showing that the scheme satisfies the security definition given in the first stage. Compared with related schemes, our proposed scheme has a comparable advantage in security while it holds an approximate computing efficiency and communicating payload such as public parameters, private keys, and ciphertexts. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
12.
13.
Yalan Li Siguang Chen Chuanxin Zhao Weifeng Lu 《International Journal of Communication Systems》2020,33(9)
The emergence of fog computing facilitates industrial Internet of Things (IIoT) to be more real‐time and efficient; in order to achieve secure and efficient data collection and applications in fog‐assisted IIoT, it usually sacrifices great computation and bandwidth resources. From the low computation and communication overheads perspective, this paper proposes a layered data aggregation scheme with efficient privacy preservation (LDA‐EPP) for fog‐assisted IIoT by integrating the Chinese remainder theorem (CRT), modified Paillier encryption, and hash chain technology. In LDA‐EPP scheme, the entire network is divided into several subareas; the fog node and cloud are responsible for local and global aggregations, respectively. Specially, the cloud is able to obtain not only the global aggregation result but also the fine‐grained aggregation results of subareas, which enables that can provide fine‐grained data services. Meanwhile, the LDA‐EPP realizes data confidentiality by the modified Paillier encryption, ensures that both outside attackers and internal semi‐trusted nodes (such as, fog node and cloud) are unable to know the privacy data of individual device, and guarantees data integrity by utilizing simply hash chain to resist tempering and polluting attacks. Moreover, the fault tolerance is also supported in our scheme; ie, even though some IIoT devices or channel links are failure, the cloud still can decrypt incomplete aggregation ciphertexts and derive expected aggregation results. Finally, the performance evaluation indicates that our proposed LDA‐EPP has less computation and communication costs. 相似文献
14.
15.
Selasi Kwame Ocansey Wolali Ametepe Xiao Wei Li Changda Wang 《International Journal of Communication Systems》2018,31(1)
The dynamic searchable encryption schemes generate search tokens for the encrypted data on a cloud server periodically or on a demand. With such search tokens, a user can query the encrypted data whiles preserving the data's privacy; ie, the cloud server can retrieve the query results to the user but do not know the content of the encrypted data. A framework DSSE with Forward Privacy (dynamic symmetric searchable encryption [DSSE] with forward privacy), which consists of Internet of Things and Cloud storage, with the attributes of the searchable encryption and the privacy preserving are proposed. Compared with the known DSSE schemes, our approach supports the multiusers query. Furthermore, our approach successfully patched most of the security flaws related to the sensitive information's leakage in the DSSE schemes. Both security analysis and simulations show that our approach outperforms other DSSE schemes with respect to both effectiveness and efficiency. 相似文献
16.
全同态加密可以用来解决云计算环境中的隐私保护问题,然而现有体制具有系统参数大、效率低的缺点.针对现有攻击技术,首先设计了一种高效的NTRU格上的基于身份公钥加密体制,无需借助额外的安全性假设,具有更高的安全性和更小的系统参数.之后,基于近似特征向量技术,构造了一种高效的全同态加密转化方式.通过将以上两种方法结合,给出了一种高效的基于身份全同态加密体制.和现有体制相比,除了不需要计算密钥、实现了真正意义上的基于身份特性以外,还减小了密钥、密文尺寸,提高了计算和传输效率. 相似文献
17.
Xiaodong Lin Rongxing Lu Xuemin Shen 《Wireless Communications and Mobile Computing》2010,10(6):843-856
In this paper, we propose a novel multidimensional privacy‐preserving data aggregation scheme for improving security and saving energy consumption in wireless sensor networks (WSNs). The proposed scheme integrates the super‐increasing sequence and perturbation techniques into compressed data aggregation, and has the ability to combine more than one aggregated data into one. Compared with the traditional data aggregation schemes, the proposed scheme not only enhances the privacy preservation in data aggregation, but also is more efficient in terms of energy costs due to its unique multidimensional aggregation. Extensive analyses and experiments are given to demonstrate its energy efficiency and practicability. Copyright © 2009 John Wiley & Sons, Ltd. 相似文献
18.
An authenticated encryption scheme is a symmetric encryption scheme whose goal is to provide both privacy and integrity. We
consider two possible notions of authenticity for such schemes, namely integrity of plaintexts and integrity of ciphertexts,
and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the standard notions of
privacy IND-CCA and NM-CPA (indistinguishability under chosen-ciphertext attack and nonmalleability under chosen-plaintext
attack) by presenting implications and separations between all notions considered. We then analyze the security of authenticated
encryption schemes designed by “generic composition,” meaning making black-box use of a given symmetric encryption scheme
and a given MAC. Three composition methods are considered, namely Encrypt-and-MAC, MAC-then-encrypt, and Encrypt-then-MAC. For each of these and for each notion of security, we indicate whether or not the resulting scheme meets the notion in question
assuming that the given symmetric encryption scheme is secure against chosen-plaintext attack and the given MAC is unforgeable
under chosen-message attack. We provide proofs for the cases where the answer is “yes” and counter-examples for the cases
where the answer is “no.”
M. Bellare’s work was supported in part by a 1996 Packard Foundation Fellowship in Science and Engineering, NSF CAREER Award
CCR-9624439, NSF grants CNS-0524765 and CNS-0627779, and a gift from Intel Corporation.
C. Namprempre’s work was supported in part by grants of the first author and the Thailand Research Fund. 相似文献
19.
随着信息技术的发展,目前社会已经进入了大数据时代。大数据使得人们的生活更加方便,国家、社会各领域、各行业的发展中发挥了巨大的推动作用。但是,随之而来的是用户个人隐私泄露问题,在一定程度上,与社会、军事、政治安全也具有密切关联。因此,文章对大数据背景下的安全风险进行分析,与可搜索加密、安全多方计算、同态加密等技术结合,对基于大数据背景的密码领域展开探讨,可为相关工作的开展提供参考。 相似文献