对一个基于身份签密方案的分析与改

基于身份的签密方案计算开销小,密钥管理简单,适用于保证信息的保密性和认证性。Zhang等提出了一个高效的基于身份签密方案,并在随机预言模型下证明了该方案的安全性。通过分析发现Zhang等的签密方案存在缺陷,针对缺陷提出了相应的改进方案,并且基于随机预言模型证明了新方案的安全性。理论分析和实验仿真证明,所提方案计算复杂度低,适合于实际应用。     

Cross-domain data cloud storage auditing scheme based on certificateless cryptography

With the development of Internet of things (IoT), more and more intelligent terminal devices outsource data to cloud servers (CSs). However, the CS is not fully trusted, and the heterogeneity among different domains makes it difficult for third-party auditor (TPA) to conduct an efficient integrity auditing of outsourced data. Therefore, the cross-domain data cloud storage auditing scheme based on certificateless cryptography is proposed, which can effectively avoid the big burden of certificate management or key escrow problems in identity-based cryptography. At the same time, TPA can effectively audit the integrity of outsourced data in different domains. Formal security proof and analysis show that the cloud storage auditing scheme satisfies the security and privacy requirements. Performance analysis demonstrates that the efficiency is acceptable.     

Reversible data hiding in encrypted images based on absolute mean difference of multiple neighboring pixels

Recently, with the development of cloud computing, more and more secret data are stored in cloud. Reversible data hiding in encrypted images is a technique that makes contribution to cloud data management in privacy preserving and data security. In previous works, Zhang and Hong presented two reversible dada hiding methods in encrypted images, respectively. However, Zhang’s work neglected the pixels in the borders of image blocks, and Hong et al.’s research only considered two adjacent pixels of each pixel. In addition, their works only considered that all image blocks are embedded into additional data. In this paper, we propose a novel method of evaluating the complexity of image blocks, which considers multiple neighboring pixels according to the locations of different pixels. Furthermore, data embedding ratio is considered. Experiments show that this novel method can reduce average extracted-bit error rate when the block size is appropriate.     

新的具有隐私保护功能的异构聚合签密方案

异构聚合签密方案不仅可以保证异构密码系统之间数据的机密性和不可伪造性,而且可以提供多个密文批量验证。该文分析了一个具有隐私保护功能的异构聚合签密方案的安全性,指出该方案不能抵挡恶意密钥生成中心(KGC)攻击,恶意KGC可以伪造有效的单密文和聚合密文。为了提高原方案的安全性,该文提出一种新的具有隐私保护功能的异构聚合签密方案。该方案克服了原方案存在的安全性问题,实现了无证书密码环境到身份密码环境之间的数据安全传输,在随机预言机模型下证明新方案的安全性。效率分析表明新方案与原方案效率相当。     

基于身份公平的匿名多接收者签密方案

针对Lal等人所提出的基于身份的多接收者签密方案中存在的暴露接收者身份信息隐私性和解密不公平的问题,应用拉格拉日插值方法,提出一种满足接收者身份匿名性和解密公平性的新的多接收者签密方案。基于双线性 Diffie-Hellman 问题和计算 Diffie-Hellman 问题,对随机模预言模型下的 IND-sMIBSC-CCA2和EUF-sMIBSC-CMA的安全性进行了证明,验证本方案具有保密性和不可否认性。     

利用RLWE构造基于身份的全同态加密体制

全同态加密为云计算中数据全生命周期隐私保护等难题的解决都提供了新的思路.公钥尺寸较大是现有全同态加密体制普遍存在的问题.本文将基于身份加密的思想和全同态加密体制相结合,利用环上容错学习问题（Ring Learning With Errors,RLWE）,其中将环的参数m扩展到任意正整数,提出了一种基于身份的全同态加密体制.体制以用户身份标识作为公钥,在计算效率和密钥管理方面都具有优势,安全性在随机喻示模型下可规约为判定性RLWE问题难解性假设.     

<Emphasis Type="Italic">EIAS-CP:</Emphasis> new efficient identity-based authentication scheme with conditional privacy-preserving for VANETs

In VANETs, vehicles broadcast traffic-related messages periodically according to Dedicated Short Range Communication protocol. To ensure the reliability and integrity of messages, authentication schemes are involved in VANETs. As traffic-related messages are time-sensitive, they must be verified and processed timely, or it may cause inestimable harm to the traffic system. However, the OBUs and the RSUs are limited in computation ability and cannot afford vast messages’ verification. Recently, some identity-based authentication schemes using bilinear pairing have been proposed to improve the efficiency of message verification for VANETs. Nevertheless, the bilinear pairing is not suited for VANETs due to its complex operations. The design of an efficient and secure authentication scheme with low computation cost for VANETs still is a rewarding challenge. To settle this challenge, a new efficient identity-based authentication scheme is proposed in this paper. The proposed scheme ensures reliability and integrity of messages and provides conditional privacy-preserving. Compared with the most recent proposed authentication schemes for VANETs, the computation costs of the message signing and verification in the proposed scheme reduce by 88 and 93 % respectively, while security analysis demonstrates that our proposed scheme satisfies all security and privacy requirements for VANETs.     

Identity-based cloud storage integrity checking from lattices

With the rapid development of cloud storage,more and more users are storing their data in the cloud.To verify whether the users’ data stored in the cloud is corrupted,one effective method is to adopt cloud storage integrity checking schemes.An identity-based cloud storage integrity checking scheme was proposed on the small integer solution problem over ideal lattices,and it was proven to be secure against the adaptive identity attacks of clouds in the random oracle model.To validate the efficiency of the scheme,extensive experiments were conducted to make performance-comparisons between the scheme and the existing two identity-based cloud storage integrity checking schemes.The experimental results show that the online tag-generation time and the proof-verification time of the scheme are respectively reduced by 88.32%～93.74% and 98.81%～99.73%.     

云环境下的数据多副本安全共享与关联删除方案

针对共享在公共云环境的用户数据因所有权与管理权分离而导致的用户隐私泄露问题,结合对称加密算法、属性加密算法和副本定位技术,提出一种云环境下的数据多副本安全共享与关联删除方案,对用户数据进行加密等处理封装成副本关联对象(RAO, replication associated object),随后将RAO共享到云服务商,建立副本关联模型对RAO所产生副本进行管理并实现关联删除。分析表明方案是安全与有效的,能够对用户共享的数据及其副本进行安全共享与关联删除,有效保障了数据多副本的隐私安全。     

An Improved RFID Authentication Protocol Based on Group Anonymous Model

Aiming at the security and privacy, and authentication efficiency shortages of existing RFID authentication protocol, an improved scheme is proposed based on Alavi et al.’s protocol. Firstly, in order to resist against replay attack, we add the timestamp generator to the reader side and use hash function to encrypt the reader identification, the random number and timestamp generated by the reader; meanwhile, to solve the data integrity problem in the original scheme, the reader matches the decrypted data with the server side message to ensure that it can detect if the data is tampered with by the attacker. Finally, the improved group anonymous authentication model is used to improve the back-end server’s authentication efficiency. Theoretical analysis and experimental results show that the improved protocol effectively solves the security problems and reduces the back-end server’s authentication time. In addition, this paper simulates the impact of group number on system privacy level and authentication efficiency through experiments. In practical applications, the group number can be adjusted appropriately according to different privacy and efficiency requirements, so the privacy and authentication efficiency of the system will be well-balanced.     

On the security and improvement of privacy‐preserving 3‐factor authentication scheme for TMIS

The telecare medicine information system (TMIS) enables patients from different regions to remotely share the same telecare services, which significantly enhances the quality and effectiveness of medical treatment. On the other hand, patients' electronic health records usually involve their privacy information, they thus hesitate to directly transmit these information in TMIS over the public network due to the threat of privacy disclosure. The authenticated key agreement, as a core building of securing communications over the public network, is considered to be necessary for strengthening the security of TMIS. Recently, we note Zhang et al introduced a 3‐factor authenticated key agreement scheme for TMIS and asserted that the proposed scheme can resist various well‐known attacks. Unfortunately, in this paper, we point out that the scheme of Zhang et al cannot achieve the claimed security guarantees. Specifically, their scheme is vulnerable to offline password/identity guessing attack and user/server impersonation attack. To conquer the above security pitfalls, we put forward a new 3‐factor authenticated key agreement scheme with privacy preservation for TMIS. The security evaluation and performance discussion indicate that our scheme can be free from those well‐known and classical attacks including offline guessing attack and impersonation attack, without increasing additional computation cost when compared with related works. Consequently, the new authentication scheme would be more desirable for securing communications in TMIS.     

智慧医疗中基于属性加密的云存储数据共享

在电子病历系统中,为了实现多用户环境下的数据搜索,该文提出一种属性基可搜索加密方案。该文将密文和安全索引存储在医疗云,当用户请求医疗数据时,利用属性基可搜索加密算法进行数据搜索,实现了细粒度访问控制。同时方案引入了密文验证算法,解决了半诚实且好奇的云服务器模型下搜索结果不正确的问题。利用数据去重技术实现了重复数据的消除,减少占用医疗云的存储空间。方案同时实现了访问策略的隐藏,保证了数据用户的隐私安全。安全性分析表明,所提方案能很好地保护用户的隐私以及数据的安全。性能分析表明,该方案具有较好的性能,更加适用于智慧医疗等多对多应用场景,有效实现了医生和第三方数据用户在不侵犯患者隐私的前提下共享患者电子病历。     

一种NTRU格上基于身份全同态加密体制设计

全同态加密可以用来解决云计算环境中的隐私保护问题,然而现有体制具有系统参数大、效率低的缺点.针对现有攻击技术,首先设计了一种高效的NTRU格上的基于身份公钥加密体制,无需借助额外的安全性假设,具有更高的安全性和更小的系统参数.之后,基于近似特征向量技术,构造了一种高效的全同态加密转化方式.通过将以上两种方法结合,给出了一种高效的基于身份全同态加密体制.和现有体制相比,除了不需要计算密钥、实现了真正意义上的基于身份特性以外,还减小了密钥、密文尺寸,提高了计算和传输效率.     

Provable data possession scheme based on public verification and private verification

More and more users choose to transfer their applications and data into the cloud.Data security is a key issue for cloud storage systems.To ensure the integrity and validity of the data stored in the cloud,provable data possession (PDP) scheme is particularly important.In order to verify whether the cloud storage service provider had stored the data of the user completely,a scheme on the basis of NRPDP (non-repudiable PDP) was improved and extended,and a data retention scheme based on public authentication and private authentication was proposed.The scheme can verify the trustworthiness of the service provider and the user in the cloud storage at the same time,which satisfies the non-repudiation of the verification.The theory proves the non-repudiation of the proposed scheme.The experiment proves that the efficiency of each stage is better than that of the existing single public verification method or private authentication method.     

Lightweight integrity verification scheme for cloud based group data

In order to protect the security of the data stored in the cloud by group users,a data integrity verification scheme was designed which can protect the privacy of the group users.The scheme can efficiently detect the shared data in the cloud and support the dynamic updating of the data,and use the characteristic of the ring signature to hide the iden-tity of the signer corresponding to the data block.That is,the third-party verifier can not spy on the users identity and other private information when validating.The aggregated approach is used to generate data labels,which reduces the storage cost of labels and supports the dynamic operation of group data,so that the users in the group can easily modify the cloud group data.     

An enhanced authentication with key agreement scheme for satellite communication systems

To ensure secure communication in satellite communication systems, recently, Zhang et al presented an authentication with key agreement scheme and claimed that their scheme satisfies various security requirements. However, this paper demonstrates that Zhang et al's scheme is insecure against the stolen‐verifier attack and the denial of service attack. Furthermore, to authenticate a user, Zhang et al's scheme requires large computational load to exhaustively retrieve the user's identity and password from the account database according to a temporary identity and then update the temporary identity in the database. To overcome the weaknesses existing in Zhang et al's scheme, we proposed an enhanced authentication with key agreement scheme for satellite communication systems. The analyses of our proposed scheme show that the proposed scheme possesses perfect security properties and eliminates the weaknesses of Zhang et al's scheme well. Therefore, from the authors' viewpoints, the proposed scheme is more suitable for the authentication scheme of mobile satellite communication systems.     

一种可证安全的车联网无证书聚合签名改进方案

车联网(VANETs)是组织车－X(X:车、路、行人及互联网等)之间的无线通信和信息交换的大型网络,是智慧城市重要组成部分。其消息认证算法的安全与效率对车联网至关重要。该文分析王大星等人的VANETs消息认证方案的安全不足,并提出一种改进的可证安全的无证书聚合签名方案。该文方案利用椭圆曲线密码构建了一个改进的安全无证书聚合认证方案。该方案降低了密码运算过程中的复杂性,同时实现条件隐私保护功能。严格安全分析证明该文方案满足VANETs的安全需求。性能分析表明该文方案相比王大星等人方案,较大幅度地降低了消息签名、单一验证以及聚合验证算法的计算开销,同时也减少了通信开销。     

A Secure and Effective Anonymous User Authentication Scheme for Roaming Service in Global Mobility Networks

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we also propose a new smart card based anonymous user authentication scheme for roaming service. Compared with the existing schemes, our protocol uses a different user authentication mechanism, which does not require the home agent to share a static secret key with the foreign agent, and hence, it is more practical and realistic. We show that our proposed scheme can provide stronger security than previous protocols.     

Cryptanalysis and security enhancement of a remote user authentication scheme using smart cards

With the broad implementations of the electronic business and government applications,robust system security and strong privacy protection have become essential requirements for remote user authentication schemes.Recently,Chen et al.pointed out that Wang et al.’s scheme is vulnerable to the user impersonation attack and parallel session attack,and proposed an enhanced version to overcome the identified security flaws.In this paper,however,we show that Chen et al.’s scheme still cannot achieve the claimed security goals and report its following problems:(1) It suffers from the offline password guessing attack,key compromise impersonation attack and known key attack;(2) It fails to provide forward secrecy;(3) It is not easily repairable.As our main contribution,a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects,while preserving the merits of different related schemes.The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship.     

An improved anonymous multi‐receiver identity‐based encryption scheme

Anonymous receiver encryption is an important cryptographic primitive. It allows a sender to use the public identities of multiple receivers to encrypt messages so that only the authorized receivers or a privileged set of users can decrypt the messages, and the identities of the receivers are not revealed. Recently, Zhang et al. proposed a novel anonymous multi‐receiver encryption scheme and claimed that their scheme could realize the receiver's identity privacy. Unfortunately, in this paper, we pointed out that the scheme by Zhang et al. did not achieve the anonymity of the receiver identity after analyzing the security of the scheme. At the same time, we give the corresponding attack. After analyzing the reason to produce such attacks, a novel anonymous multi‐receiver encryption scheme is given to achieve the anonymity of the receiver's identities. And we formally prove that the proposed scheme is semantically secure for confidentiality and receiver identities’ anonymity. The security of the scheme is based on decisional bilinear Diffie‐Hellman problem. Compared with the scheme by Zhang et al., Fan et al., Wang et al., and Chien et al., our scheme is shown to be better performance and robust security. To the best of our knowledge, our scheme is most efficient in terms of computational cost and communication overhead. Copyright © 2013 John Wiley & Sons, Ltd.