DNA-chip-based dynamic broadcast encryption scheme with constant-size ciphertexts and decryption keys

In this paper we present DNA-DBE,a DNA-chip-based dynamic broadcast encryption scheme.In our scheme,new users can join dynamically without modification of other users’decryption keys.Either the ciphertext or the decryption key is of constant-size.Backward secrecy is achieved in DNA-DBE:if new users join the system dynamically,they will not be able to retrieve past data.The security of our scheme relies on hard biological problems,which are immune to attacks of new computing technologies in the future.There exists a special feature in DNA–based cryptosystems,i.e.the set of encryption keys and the set of decryption keys have a many-to-many relationship.The implementation of more complicated DNA cryptosystems taking advantage of this special feature has been previously left as an open problem.Our DNA-DBE system is a solution to this open problem,which is also the first exploration of DNA based group-oriented encryption system.     

Fully CCA2 secure identity-based broadcast encryption with black-box accountable authority

The concept of accountable authority identity-based encryption was introduced as a convenient tool to reduce the amount of trust in authorities in identity-based encryption. In this model, if the Private Key Generator (PKG) maliciously re-distributes users’ decryption keys, it runs the risk of being caught and prosecuted. Libert and Vergnaud proposed an accountable authority identity-based broadcast encryption, which allows white-box tracing or weak black-box tracing. Their scheme was proved only secure in selective-ID model. We present a weak black-box accountable authority identity-based broadcast encryption scheme, which is proven as fully CCA2 secure against adaptive adversary with tight reduction. Our scheme achieves O(m) public keys size, O(m) private keys size, and O(1) ciphertext length, where m is the maximum number of receivers allowed in each broadcast.     

Fully CCA2 secure identity based broadcast encryption without random oracles

In broadcast encryption schemes, a broadcaster encrypts messages and transmits them to some subset S of users who are listening to a broadcast channel. Any user in S can use his private key to decrypt the broadcast. An identity based cryptosystem is a public key cryptosystem where the public key can be represented as an arbitrary string. In this paper, we propose the first identity based broadcast encryption (IBBE) scheme that is IND-ID-CCA2 secure without random oracles. The public key and ciphertext are constant size, and the private key size is linear in the total number of receivers. To the best of our knowledge, it is the first IBBE scheme that is fully CCA2 secure without random oracles. Moreover, our IBBE scheme is collusion resistant for arbitrarily large collusion of users.     

Flexible ciphertext-policy attribute-based encryption supporting AND-gate and threshold with short ciphertexts

International Journal of Information Security - Ciphertext-policy attribute-based encryption (CP-ABE) is a very promising cryptographic primitive that allows a data owner to encrypt messages and...     

Efficient broadcast encryption with user profiles

Broadcast encryption (BE) deals with secure transmission of a message to a group of users such that only an authorized subset of users can decrypt the message. Some of the most effective BE schemes in the literature are the tree-based schemes of complete subtree (CS) and subset difference (SD). The key distribution trees in these schemes are traditionally constructed without considering user preferences. In fact these schemes can be made significantly more efficient when user profiles are taken into account. In this paper, we consider this problem and study how to construct the CS and SD trees more efficiently according to user profiles. We first analyze the relationship between the transmission cost and the user profile distribution and prove a number of key results in this aspect. Then we propose several optimization algorithms which can reduce the bandwidth requirement of the CS and SD schemes significantly. This reduction becomes even more significant when a number of free riders can be allowed in the system.     

可追踪密钥的策略隐藏属性基加密方案

传统的属性基加密方案中存在着访问策略所包含的属性会泄露用户的敏感信息以及恶意用户泄露私钥获取非法利益而不会被追责的问题。同时私钥长度、密文长度和解密运算量均会随属性数量增加而带来较大的通信开销和计算开销。针对以上问题提出了一种可追踪且隐藏访问结构的属性基加密方案。该方案在不影响加/解密效率的前提下提高了加密算法的安全性,并采用双因子身份认证机制实现了更安全高效的访问控制。并且引入一个安全的签名机制用于支持可追踪密钥来追踪恶意用户。该方案基于DBDH假设,在标准模型下被证明是安全的。     

Optimal subset-difference broadcast encryption with free riders

Broadcast encryption (BE) deals with secure transmission of a message to a group of receivers such that only an authorized subset of receivers can decrypt the message. The transmission cost of a BE system can be reduced considerably if a limited number of free riders can be tolerated in the system. In this paper, we study the problem of how to optimally place a given number of free riders in a subset-difference (SD)-based BE system, which is currently the most efficient BE scheme in use and has also been incorporated in standards, and we propose a polynomial-time optimal placement algorithm and three more efficient heuristics for this problem. Simulation experiments show that SD-based BE schemes can benefit significantly from the proposed algorithms.     

Practical parallel key-insulated encryption with multiple helper keys

Parallel key-insulated encryption (PKIE) usually allows two independent helper keys to be alternately used in temporary secret key update operations. At least half of temporary secret keys would be exposed and at least half of ciphertexts could be decrypted if one of the helper keys is exposed. In this paper, we propose a new PKIE scheme with $m$ helper keys, where $m\in Z,m>2$. If one of the helper keys is exposed, only $1/m$ temporary secret keys would be exposed and $1/m$ ciphertexts could be decrypted, so the new PKIE scheme can greatly decrease loss due to key-exposure. The scheme is provably secure without random oracles based on a bilinear group of composite order. Most important, the scheme is practical and much more efficient than the extended ones from the previous PKIE schemes.     

一种基于属性的固定密文长度广播加密方案*

针对目前基于属性的广播加密方案存在密文较长、加解密时计算花销较大等问题,提出了一种高效的密文策略的基于属性的广播加密方案。该方案基于椭圆曲线加密算法,采用动态门限访问结构,加密方可根据需要动态调整门限值。该方案仅当用户的身份信息包含在广播的授权用户集合中并且用户的属性包含在访问结构中时,解密方方可通过双线性配对运算进行密文解密。方案的密文长度及加解密双线性对运算次数固定,计算效率高并且通信开销小。仿真结果验证了方案的有效性。方案安全性是建立在q-BDHE假设之上,在标准模型下可证CPA安全。     

Aleakage-resilient certificateless public key encryption scheme with CCA2 security

In recent years, much attention has been focused on designing provably secure cryptographic primitives in the presence of key leakage. Many constructions of leakage-resilient cryptographic primitives have been proposed. However, for any polynomial time adversary, most existing leakage-resilient cryptographic primitives cannot ensure that their outputs are random, and any polynomial time adversary can obtain a certain amount of leakage on the secret key from the corresponding output of a cryptographic primitive. In this study, to achieve better performance, a new construction of a chosen ciphertext attack 2 (CCA2) secure, leakage-resilient, and certificateless public-key encryption scheme is proposed, whose security is proved based on the hardness of the classic decisional Diffie-Hellman assumption. According to our analysis, our method can tolerate leakage attacks on the private key. This method also achieves better performance because polynomial time adversaries cannot achieve leakage on the private key from the corresponding ciphertext, and a key leakage ratio of 1/2 can be achieved. Because of these good features, our method may be significant in practical applications.     

Towards secure and communication-efficient broadcast encryption systems

Many emerging network applications are based upon a group communication model where security is a critical design issue. We address the broadcast encryption problem of distributing to a group of network entities a confidential cryptographic key, which needs to be updated from session to session. The design goals of such a system essentially include not only security but also communication efficiency concerning the distribution of the session key. We show that there is a disconnect between the essence of broadcast encryption and a scheme proposed very recently. The observation also motivates us to seek for secure and efficient broadcast encryption solutions. Three distinctive constructions, based on the bilinear map, the one-way hash function, and the RSA cryptosystem, respectively, are then presented to demonstrate reasonable tweaks and various tradeoffs when designing practical group-oriented communication systems. These constructions exhibit not only promising security but also impressive communication efficiency, and we also discuss the diverse networking scenarios to which they are applicable.     

具有较短公钥的批处理整数上的全同态加密

Coron等人将批处理技术应用在整数上的全同态加密方案,可以在一个密文中同态地处理和加密一个明文向量,提高了原方案的效率,但它的公钥尺寸为O~（λ⁸）。为了减小该方案的公钥尺寸,结合公钥元素的二次形式与密文压缩技术,提出一种批处理整数上全同态加密算法的改进方案,改进后方案的公钥尺寸为O~（λ^5.5）,具有较小的公钥尺寸,并证明了该方案语义安全。     

对一种身份型广播加密方案的分析和改进

双系统密码技术下的身份型广播加密方案具有在标准模型下, 尺寸固定的短密文和密钥, 无须随机标签和全安全等特点。研究发现该方案是不安全的, 进而提出了一种改进方案, 并在标准模型下运用双系统密码技术给出了改进方案的安全性证明。     

动态存取控制新方案在广播加密中的应用

为了解决通信系统中的访问控制问题,设计了一种新的分级结构中的基于单向函数思想的方案,同时将此方案应用于广播加密技术中。当使用子集覆盖方法实现广播加密技术时,利用动态存取的特性,使用户能够产生出所属子集密钥。该机制还能有效地完成密钥的分发、用户添加以及用户密钥更换等功能。     

Generalized Beimel-Chor schemes for broadcast encryption and interactive key distribution

In 1993, Beimel and Chor presented an unconditionally secure interactive protocol which allows a subset of users in a network to establish a common key. This scheme made use of a key predistribution scheme due to Blom. In this paper, we describe some variations and generalizations of the Beimel-Chor scheme, including broadcast encryption schemes as well as interactive key distribution schemes. Our constructions use the key predistribution scheme of Blundo et al., which is a generalization of the Blom scheme. We obtain families of schemes in which the amount of secret information held by the network users can be traded off against the amount of information that needs to be broadcast. We also consider lower bounds for protocols of these types, using the concept of entropy as our main tool. Some of our schemes are optimal (or close to optimal) with respect to the bounds we prove.     

Color image encryption based on one-time keys and robust chaotic maps

We designed a stream-cipher algorithm based on one-time keys and robust chaotic maps, in order to get high security and improve the dynamical degradation. We utilized the piecewise linear chaotic map as the generator of a pseudo-random key stream sequence. The initial conditions were generated by the true random number generators, the MD5 of the mouse positions. We applied the algorithm to encrypt the color image, and got the satisfactory level security by two measures: NPCR and UACI. When the collision of MD5 had been found, we combined the algorithm with the traditional cycle encryption to ensure higher security. The ciphered image is robust against noise, and makes known attack unfeasible. It is suitable for application in color image encryption.     

滚动式密钥新型加密算法的分析与设计

从整体角度给出了IC卡信息加密的安全体系结构,对IC卡安全体系结构采用的加密技术进行了全面分析与研究,用标准算法DES和KEELOQ设计了一种更安全的、用于IC卡的混合加密技术,并对加密技术给予了软件实现,为研究和实施IC卡提供了一个更完整、更安全的解决方案.     

Authentic secret share creation techniques using visual cryptography with public key encryption

In the digital transparent world, share the secret messages are challenged one. Visual cryptography (VC) is safer method for information transfer without any distraction by hackers. It is giving more security to the information sharing through digital form. This method hides the messages into images. So intruder cannot understand the distorted image and the data communication become secured. Through VC method number of shares has been generated from the original images. So here each RGB pixel shares are separately created by Visual Secret Share (VSS) scheme. The created multiple shares of the secret images are encrypted and decrypted with RSA algorithm. In the encryption process the multiplication technique is used for key generation process and public key is used for encryption process and private key is used for decryption process. Secret image’s quality has been compared through the Peak Signal to Noise Ratio (PSNR) and Mean Square Error (MSE) values. The experimental result of decrypted image PSNR value is 156.32 and MSE value is 0.5031. The Number of Changing Pixel Rate (NPCR) and Unified Averaged Changed Intensity (UACI) values are compared for the secure level of the secret image. The result of decrypted image NPCR value is 69.44 and UACI value is 13.88. Finally, the experiment result shows that the proposed method is giving more security and quality of secret image sharing and also execution time is faster than existing method.

     

基于混沌加密的可同步更新RFID双向认证协议

针对日益突出的RFID系统安全隐私问题,提出了一个基于混沌序列的RFID双向认证协议。利用混沌对初始值的敏感性生成混沌序列,对密钥进行加密。该协议引入标签密钥动态更新机制,并设计了自同步解决方案,实现了对标签的二次认证。采用BAN逻辑对其安全性进行证明,并与已有的协议进行安全性分析和性能比较。其分析结果表明,该协议降低了标签成本,减少了标签和后端数据库的计算量,提高了后端数据库的检索效率。不仅有效地解决了RFID系统的隐私保护及安全问题,同时也提高了RFID协议认证的执行效率,更适合低成本的RF1D系统。