共查询到20条相似文献,搜索用时 531 毫秒
1.
Yalan Li Siguang Chen Chuanxin Zhao Weifeng Lu 《International Journal of Communication Systems》2020,33(9)
The emergence of fog computing facilitates industrial Internet of Things (IIoT) to be more real‐time and efficient; in order to achieve secure and efficient data collection and applications in fog‐assisted IIoT, it usually sacrifices great computation and bandwidth resources. From the low computation and communication overheads perspective, this paper proposes a layered data aggregation scheme with efficient privacy preservation (LDA‐EPP) for fog‐assisted IIoT by integrating the Chinese remainder theorem (CRT), modified Paillier encryption, and hash chain technology. In LDA‐EPP scheme, the entire network is divided into several subareas; the fog node and cloud are responsible for local and global aggregations, respectively. Specially, the cloud is able to obtain not only the global aggregation result but also the fine‐grained aggregation results of subareas, which enables that can provide fine‐grained data services. Meanwhile, the LDA‐EPP realizes data confidentiality by the modified Paillier encryption, ensures that both outside attackers and internal semi‐trusted nodes (such as, fog node and cloud) are unable to know the privacy data of individual device, and guarantees data integrity by utilizing simply hash chain to resist tempering and polluting attacks. Moreover, the fault tolerance is also supported in our scheme; ie, even though some IIoT devices or channel links are failure, the cloud still can decrypt incomplete aggregation ciphertexts and derive expected aggregation results. Finally, the performance evaluation indicates that our proposed LDA‐EPP has less computation and communication costs. 相似文献
2.
安全多方计算是密码学界的一个重要研究方向,本文主要研究区间的安全计算问题.首先应用Paillier加密方案设计"点与区间"以及"区间与区间"关系两方保密计算基础协议,协议的特点是判定结果以密文形式输出.将其推广为有理区间关系判定协议时,相比已有协议,本文协议更为安全与高效.在此基础上,进一步研究多维度的"点与区间"以及"区间与区间"关系阈值判定这一类新问题.由于基础协议的输出结果为密文,故以此为基础所设计的多维度问题协议更加安全.最后,应用模拟范例方法严格证明了协议的安全性,并对协议进行了效率分析及模拟实验,理论分析及实验结果都说明本文协议是高效的. 相似文献
3.
With the pervasiveness of secure data transmission techniques and increasing requirements of information authentication, the public key-based digital signature scheme has been extensively used in various fields. However, the process speed of digital signature has gradually become the bottleneck of various security and high-concurrency applications. In this paper, a high-throughput SM2 digital signature computing scheme based on Graphics Processing Unit(GPU) platform is proposed. Firstly, the basic operations are optimized by low-level instructions of GPU. Then, according to the characteristics of GPU platform, the addition chain of SM2 recommended prime number is reduced and the speed of modular inverse operation based on Fermat's theorem is improved. Furthermore, a pre-computing table is constructed and the repeated doubling algorithm is introduced to accelerate the unknown point multiplication. Due to the construction of pre-computing table, divergence of threads can be successfully avoided. The experiments show that the proposed scheme can effectively speed up SM2 algorithm, and the throughput of signing and verification can respectively reach 76.09 million ops and 3.46 million ops on RTX3090. 相似文献
4.
5.
The Internet of Things-based smart healthcare provides numerous facilities to patients and medical professionals. Medical professionals can monitor the patient's real-time medical data and diagnose diseases through the medical health history stored in the cloud database. Any kind of attack on the cloud database will result in misdiagnosis of the patients by medical professionals. Therefore, it becomes a primary concern to secure private data. On the other hand, the conventional data aggregation method for smart healthcare acquires immense communication and computational cost. Edge-enabled smart healthcare can overcome these limitations. The paper proposes an edge-enabled efficient privacy-preserving data aggregation (EEPPDA) scheme to secure health data. In the EEPPDA scheme, captured medical data have been encrypted by the Paillier homomorphic cryptosystem. Homomorphic encryption is engaged in the assurance of secure communication. For data transmission from patients to the cloud server (CS), data aggregation is performed on the edge server (ES). Then aggregated ciphertext data are transmitted to the CS. The CS validates the data integrity and analyzes and processes the authenticated aggregated data. The authorized medical professional executes the decryption, then the aggregated ciphertext data are decrypted in plaintext. EEPPDA utilizes the batch verification process to reduce communication costs. Our proposed scheme maintains the privacy of the patient's identity and medical data, resists any internal and external attacks, and verifies the health data integrity in the CS. The proposed scheme has significantly minimized computational complexity and communication overhead concerning the existing approach through extensive simulation. 相似文献
6.
国产密码算法SM9是我国自主设计的标识密码方案,现已受到各界的广泛关注。为了解决现有属性签名(ABS)方案验签效率不高这一问题,该文基于国密SM9算法构造新的支持树形访问策略的属性签名方案,该方案的验签操作仅需1次双线性对映射和1次指数运算。此外,所提方案具有签名者身份可追踪功能,防止恶意签名者利用属性签名的匿名性进行非法签名操作,从而避免传统属性签名中无条件匿名性下的签名滥用问题。安全分析结果表明所提方案在随机谕言机模型下具有不可伪造性,同时也可抗合谋攻击。与现有的可追踪属性签名方案相比,所提方案的追踪算法效率更高,签名与验签开销也更低。实验结果表明,所提方案验签算法的计算复杂度与策略规模无关,完成1次验签算法仅需2 ms。 相似文献
7.
Data aggregation is an efficient method to reduce the energy consumption in wireless sensor networks (WSNs). However, data aggregation schemes pose challenges in ensuring data privacy in WSN because traditional encryption schemes cannot support data aggregation. Homomorphic encryption schemes are promising techniques to provide end to end data privacy in WSN. Data reliability is another main issue in WSN due to the errors introduced by communication channels. In this paper, a symmetric additive homomorphic encryption scheme based on Rao‐Nam scheme is proposed to provide data confidentiality during aggregation in WSN. This scheme also possess the capability to correct errors present in the aggregated data. The required security levels can be achieved in the proposed scheme through channel decoding problem by embedding security in encoding matrix and error vector. The error vectors are carefully designed so that the randomness properties are preserved while homomorphically combining the data from different sensor nodes. Extensive cryptanalysis shows that the proposed scheme is secure against all attacks reported against private‐key encryption schemes based on error correcting codes. The performance of the encryption scheme is compared with the related schemes, and the results show that the proposed encryption scheme outperforms the existing schemes. 相似文献
8.
Data aggregation is a promising solution for minimizing the communication overhead by merging redundant data thereby prolonging the lifetime of energy starving Wireless Sensor Network (WSN). Deployment of heterogeneous sensors for measuring different kinds of physical parameter requires the aggregator to combine diverse data in a smooth and secure manner. Supporting multi functional data aggregation can reduce the transmission cost wherein the base station can compute multiple statistical operations in one query. In this paper, we propose a novel secure energy efficient scheme for aggregating data of diverse parameters by representing sensed data as number of occurrences of different range value using binary encoded form thereby enabling the base station to compute multiple statistical functions over the obtained aggregate of each single parameter in one query. This also facilitates aggregation at every hop with less communication overhead and allows the network size to grow dynamically which in turn meets the need of large scale WSN. To support the recovery of parameter wise elaborated view from the multi parameter aggregate a novelty is employed in additive aggregation. End to end confidentiality of the data is secured by adopting elliptic curve based homomorphic encryption scheme. In addition, signature is attached with the cipher text to preserve the data integrity and authenticity of the node both at the base station and the aggregator which filters out false data at the earliest there by saving bandwidth. The efficiency of the proposed scheme is analyzed in terms of computation and communication overhead with respect to various schemes for various network sizes. This scheme is also validated against various attacks and proved to be efficient for aggregating more number of parameters. To the best of our understanding, our proposed scheme is the first to meet all of the above stated quality measures with a good performance.
相似文献9.
在签名算法中,一旦签名私钥被窃取,敌手就可以随意伪造合法用户的签名,从而致使合法用户的权益受到侵害.为了降低签名私钥泄露的风险,本文提出了一种安全的两方协作SM2数字签名算法,该算法将签名私钥拆分成两个部分,分别交由两方来保管,通过采用零知识证明、比特承诺、同态加密等密码学技术保证了只有合法的通信双方才能安全地协作产生完整的SM2签名,任何一方都不能单独恢复出完整的签名私钥,方案的安全性在通用可组合安全框架下被证明,与已有的SM2协作签名方案相比,本文方案具有交互次数少、协作签名效率高等优势. 相似文献
10.
Pu Wang Jun Zheng Fang Yang Cheng Li 《Wireless Communications and Mobile Computing》2010,10(4):573-583
This paper proposes a joint data aggregation and encryption scheme using Slepian‐Wolf coding for efficient and secured data transmission in clustered wireless sensor networks (WSNs). We first consider the optimal intra‐cluster rate allocation problem in using Slepian‐Wolf coding for data aggregation, which aims at finding a rate allocation subject to Slepian‐Wolf theorem such that the total energy consumed by all sensor nodes in a cluster for sending encoded data is minimized. Based on the properties of Slepian‐Wolf coding with optimal intra‐cluster rate allocation, a novel encryption mechanism, called spatially selective encryption, is then proposed for data encryption within a single cluster. This encryption mechanism only requires a cluster head to encrypt its data while allowing all its cluster members to send their data without performing any encryption. In this way, the data from all cluster members can be protected as long as the data of the cluster head (called virtual key) is protected. This can significantly reduce the energy consumption for performing data encryption. Furthermore, an energy‐efficient key establishment protocol is also proposed to securely and efficiently establish the key used for encrypting the data of a cluster head. Simulation results show that the joint data aggregation and encryption scheme can significantly improve energy efficiency in data transmission while providing a high level of data security. Copyright © 2009 John Wiley & Sons, Ltd. 相似文献
11.
12.
In this paper, reversible image data hiding in the Paillier cryptosystem is investigated. To transmit additional data in homomorphic encryption domain, two algorithms are proposed for different application scenarios. By exploiting the additive homomorphism, high-capacity data hiding can be accomplished with the first algorithm by conducting value expansion on the encrypted pixel values. But the hidden data can only be extracted after image decryption (i.e., in plain-text domain). With the second algorithm, both of data embedding and extraction can be performed in the encryption domain by exploiting the self-blinding property, while the corresponding plain-text values are unchanged. Compared with the reversible data hiding algorithms designed for encryption with a cipher stream, the proposed ones are more applicable in cloud computing without degrading the security level. Thus the additional data can be losslessly transmitted in the different applications of Paillier cryptosystem. 相似文献
13.
《Journal of Visual Communication and Image Representation》2014,25(5):1164-1170
Encrypted image-based reversible data hiding (EIRDH) is a well-known method allowing that (1) the image provider gives the data hider an encrypted image, (2) the data hider embeds the secret message into it to generate the encrypted image with the embedded secret message to the receiver, and (3) finally the receiver can extract the message and recover the original image without encryption. In the literature, the data hider and image provider must be specific parties who know the shared key with the receiver in traditional encrypted image-based reversible data hiding. In this paper, we propose an encrypted signal-based reversible data hiding (ESRDH) with public key cryptosystem, not only for images. The proposed scheme is secure based on Paillier homomorphic encryption. Finally, the experimental results show that the proposed scheme has much payload and high signal quality. 相似文献
14.
15.
An aggregate signature scheme is a digital signature scheme that allows aggregation of n distinct signatures by n distinct users on n distinct messages. In this paper, we present an aggregate signcryption scheme (ASC) that is useful for reducing the size of certification chains (by aggregating all signatures in the chain) and for reducing message size in secure routing protocols. The new ASC scheme combines identity‐based encryption and the aggregation of signatures in a practical way that can simultaneously satisfy the security requirements for confidentiality and authentication. We formally prove the security of the new scheme in a random oracle model with respect to security properties IND‐CCA2, AUTH‐CMA2, and EUF‐CMA. 相似文献
16.
左建业 《太赫兹科学与电子信息学报》2021,19(3):485-489
随着智能电网(SG)的迅速发展,其安全和效率受到广泛关注。在SG中,居住区域内多个智能电表(SM)设备将感测数据传输至控制中心,使得用户数据需经过一些中间节点才到达控制中心。而通过挖掘用户相关数据(URD),攻击者能够窃取用户的习惯和行为,因此,需要保护用户的隐私。为此,提出面向隐私保护的数据聚合(PPDA)算法。PPDA算法利用群位置隐私(GLP)掩饰由SM产生的数据,并利用Paillier加密系统对用户数据进行保护。此外,PPDA算法无需任何安全信道。仿真结果表明,提出的PPDA算法能够防御偷听攻击和勾结攻击,并控制了计算开销。 相似文献
17.
Claude Castelluccia 《Wireless Personal Communications》2004,29(3-4):221-232
Cryptographically Generated Addresses (CGAs) have been designed to solve the so-called IPv6 Address Ownership problem. The current IETF CGA proposal relies on RSA signature. Generating an RSA signature is quite expensive and might be prohibitive for small devices with limited capacities. For example, a 1024-RSA signature requires approximately 1536 modular multiplications. In this paper, we propose a new CGA scheme whose verification requires fewer than 10 modular multiplications. We achieve this performance gain by (1) selecting an efficient signature scheme, namely the small prime variation of the Feige-Fiat-Shamir scheme and (2) tuning the cryptographic parameters of this signature scheme to the security strength of the CGA (i.e. the size of the hash function used to generate it). 相似文献
18.
一个采用分段验证签密隐蔽路由的设计与实现 总被引:1,自引:0,他引:1
在公开的计算机网络中采用隐蔽路由网络连接,任何隐蔽网络的用户只能获得与其直接连接的前序和后继节点的地址,使得攻击者既不能窃听到机密,也不能实施流量分析.现有的隐蔽路由方案或采用原子签名和加密,或采用嵌套加密和签名,即洋葱路由,本文应用分段验证签密的方法提出了一个新的隐蔽路由实现方案,该方案用签密代替现有方案中先签名再加密两步常规密码方法,减少协议的计算和通信量,提高了执行效率,并包容了两种方法各自具有的优点.最后分析了方案的安全性. 相似文献
19.
《Digital Communications & Networks》2021,7(4):543-550
With the rapid development of the genomic sequencing technology, the cost of obtaining personal genomic data and effectively analyzing it has been gradually reduced. The analysis and utilization of genomic data gradually entered the public view, and the leakage of genomic data privacy has attracted the attention of researchers. The security of genomic data is not only related to the protection of personal privacy, but also related to the biological information security of the country. However, there is still no effective genomic data privacy protection scheme using Shangyong Mima(SM) algorithms. In this paper, we analyze the widely used genomic data file formats and design a large genomic data files encryption scheme based on the SM algorithms. Firstly, we design a key agreement protocol based on the SM2 asymmetric cryptography and use the SM3 hash function to guarantee the correctness of the key. Secondly, we used the SM4 symmetric cryptography to encrypt the genomic data by optimizing the packet processing of files, and improve the usability by assisting the computing platform with key management. Software implementation demonstrates that the scheme can be applied to securely transmit the genomic data in the network environment and provide an encryption method based on SM algorithms for protecting the privacy of genomic data. 相似文献
