A Design of System using homomorphic encryption for multimedia data management

Multimedia Tools and Applications - With the introduction of the concept of information warfare, the way military operations are done is changing quickly. Now, much more than it was in past, quick...     

Identity-based public data integrity verification scheme in cloud storage system via blockchain

The Journal of Supercomputing - Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea...     

Efficient data integrity auditing for storage security in mobile health cloud

Cloud storage services can enable data owners to eliminate the need for the initial investment of expensive infrastructure setup and also minimize development and maintenance costs. Outsourcing the health data to e-health cloud storage server is very beneficial. Nonetheless, storing the health data on cloud servers also brings serious security challenges. In this paper, we propose a highly efficient data integrity auditing scheme for cloud storage for mobile health applications. The authentication tag for each data block generated by biosensor nodes is minimal in our scheme due to the use of hash operation. Moreover, in data integrity checking phase, message-locked encryption scheme is utilized to encrypt and transport the auditing information of the checked data blocks, which significantly reduces the required amount of calculation and communication resources. Compared with the conventional third party auditing schemes, the presented scheme speeds up the tag generation and tag checking process by more than one thousand times.     

Efficient retrieval of replicated data

Declustering is a common technique used to reduce query response times. Data is declustered over multiple disks and query retrieval can be parallelized. Most of the research on declustering is targeted at spatial range queries and investigates schemes with low additive error. Recently, declustering using replication has been proposed to reduce the additive overhead. Replication significantly reduces retrieval cost of arbitrary queries. In this paper, we propose a disk allocation and retrieval mechanism for arbitrary queries based on design theory. Using the proposed c-copy replicated declustering scheme, buckets can be retrieved using at most k disk accesses. Retrieval algorithm is very efficient and is asymptotically optimal with complexity for a query Q. In addition to the deterministic worst-case bound and efficient retrieval, proposed algorithm handles nonuniform data, high dimensions, supports incremental declustering and has good fault-tolerance property. Experimental results show the feasibility of the algorithm. Recommended by: Sunil Prabhakar     

Privacy-preserving iris authentication using fully homomorphic encryption

Multimedia Tools and Applications - Rapid advancement in technology has led to the use of biometric authentication in every field. In particular, from the past few years, iris recognition systems...     

Efficient audio integrity verification algorithm using discrete cosine transform

Audio recordings have been used as evidence for long times. Multimedia processing advancement makes it difficult to be completely sure about what is heard is the truth. This paper presents a promising approach for integrity verification of recorded audio signals using discrete cosine transform. This approach is based on self embedding concept which embeds block-based marks extracted from the same audio signal after being transformed into 2-D format into other blocks according to a specific algorithm. After the self-embedding process, the data is converted back into 1-D style which represents a marked audio signal. The 1-D audio signal is converted into a 2-D format and then converted back into a 1-D format using the popular lexicographic ordering scheme utilized in image processing. Reverse processes are executed to extract the verification marks from the audio signal throughout the integrity verification process. Based on the extracted audio signal properties, the integrity of the marked audio signal is evaluated. Different audio processing tasks and attacks are implemented to examine the suitability of the proposed algorithm for verifying the integrity of high-confidentiality recorded audio data. The results show that the efficient ability of the proposed approach to verify integrity and detect attacks.     

Grover algorithm-based quantum homomorphic encryption ciphertext retrieval scheme in quantum cloud computing

Quantum Information Processing - An important topic in quantum information is the theory of error correction codes. Practical situations often involve quantum systems with states in an...     

Discrete logarithm based additively homomorphic encryption and secure data aggregation

At PKC 2006, Chevallier-Mames, Paillier, and Pointcheval proposed discrete logarithm based encryption schemes that are partially homomorphic, either additively or multiplicatively and announced an open problem: finding a discrete logarithm based cryptosystem that would help realize fully additive or multiplicative homomorphism. In this study, we achieve this goal by enclosing two opposite settings on the discrete logarithm problems (DLP) simultaneously: the first setting is that DLP over Z_p0 (where p₀ − 1 is smooth) is used to encode messages, while the second setting is that DLP over Z_p (where p − 1 is non-smooth, i.e., containing large prime factors) is used to encrypt plaintexts. Then, based on the proposed scheme, novel protocols for secure data aggregation in wireless sensor networks are presented. Finally, taking Paillier’s factoring-based additively homomorphic encryption schemes as the reference framework, we present detailed performance comparisons and further enhancement.     

基于同态加密的生物数据版本管理

随着生物技术的发展和研究的深入,生物数据也逐步完备。对于同一物种的基因组测序,也在原始版本的基础上不断完善。当前主流的存储方式为将多个测序版本完整保存,由于生物数据本身体积较大,对相似的大数据存储大量重复部分是不划算的。同时,由于这些数据经常涉及到较高的隐私性,在公开情景执行修改和分析时,需要有一定的手段对其进行保护。文章设计了数据的差异文件版本管理方案,并结合同态加密技术,实现基因组数据的轻便存储和安全修改,并通过对短DNA序列的分析实现了验证。     

面向云存储的基于全同态密码技术的文档相似度计算方法

针对云存储服务中存在的用户隐私保护需求,提出了一种在密文状态下的文档相似度计算方法。数据拥有者将文档ID、加密后的文档密文以及文档simhash值的密文上传到云服务器中;云服务提供者进行待计算相似度文档的simhash密文值和数据拥有者文档simhash密文值的全同态加法运算,获得文档间汉明距离的密文;数据拥有者解密汉明距离密文获得文档相似度排序结果。云端在不获悉数据内容及其simhash明文的情况下完成数据对象相似度运算,保护了数据隐私。给出了该方法的详细过程及相关的实验数据,验证了该方法的可行性。     

Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage

It is secure for customers to store and share their sensitive data in the cryptographic cloud storage.However,the revocation operation is a sure performance killer in the cryptographic access control system.To optimize the revocation procedure,we present a new efficient revocation scheme which is efficient,secure,and unassisted.In this scheme,the original data are first divided into a number of slices,and then published to the cloud storage.When a revocation occurs,the data owner needs only to retrieve one slice,and re-encrypt and re-publish it.Thus,the revocation process is accelerated by affecting only one slice instead of the whole data.We have applied the efficient revocation scheme to the ciphertext-policy attribute-based encryption(CP-ABE) based cryptographic cloud storage.The security analysis shows that our scheme is computationally secure.The theoretically evaluated and experimentally measured performance results show that the efficient revocation scheme can reduce the data owner’s workload if the revocation occurs frequently.     

Time-variant attribute-based multitype encryption algorithm for improved cloud data security using user profile

The Journal of Supercomputing - Cloud computing becomes more sophisticated to provide different services at different levels of user access. Even though various services are accessed at a different...     

Dual-image-based reversible data hiding scheme with integrity verification using exploiting modification direction

Multimedia Tools and Applications - In this paper, a novel dual-image-based reversible data hiding scheme using exploiting modification direction (EMD) is proposed. This scheme embeds two 5-base...     

基于属性加密的雾协同云数据共享方案

为解决现有的属性加密数据共享方案粗粒度和开销大等问题,提出一种能保证数据隐私且访问控制灵活的雾协同云数据共享方案(FAC-ABE)。设计属性加密机制,将数据的访问控制策略分为个性化和专业化两种。通过个性化的访问策略,根据用户的经验和偏好,将数据共享给相应的云端。利用雾节点对数据分类,将共享的数据分流,保障数据共享给专业的云服务器。安全分析结果表明,该方案能保障数据机密性,实现更细粒度的访问控制。实验结果表明,用户能将加密开销转移到雾节点上,降低了云端用户开销。     

云存储服务中支持动态数据完整性检测方法

在云存储服务中,为了让用户可以验证存储在云存储服务器上数据的完整性,提出一种支持动态更新和公开验证的云存储数据完整性检测方法.通过引入双线性对和用户随机选择待检测数据块可以无限次验证数据完整性是否完好无损;可信第三方的引入解决了云用户与云存储供应商在数据完整性问题上产生的纠纷,实现数据完整性的公开验证;然后给出该方法的正确性、安全性以及性能分析,最后通过实验验证了该方法是高效可行的.     

一种在去重备份系统中数据完整性校验算法

在数据备份系统中,使用重复数据删除技术在消除重复数据提高系统存储的空间效率时,将必然会有多个逻辑映像共享去重后的数据实例,如果某个数据实例丢失或者数据被更改,将导致所有引用该实例的逻辑映像均发生错误,因此提出了一种在去重备份系统中数据完整性验证算法.如果当前备份的文件在数据服务器端已经存在数据实例,添加引用之前先对被引用的数据实例进行分块循环顺序校验,判断数据实例的完整性.实验结果证明,这种添加验证码的去重合成备份算法不仅不影响备份速度,而且对备份系统中被引用的数据实例的完整性提供了一种验证的算法.这种数据完整性校验算法提高了去重备份系统的可靠性.     

云系统中基于同态哈希认证的大数据安全传输

针对云系统中现有安全数据传输机制缺乏明确的数据分类以及传输过程中安全风险较大等问题,提出一种云系统中基于同态哈希认证的大数据安全传输.将不同类型的文件转换为文本文件,基于风险影响程度对其分类,文件被标识为机密或公共.当机密文件传输时,发送方加密文件,接收方基于同态哈希对发送方进行身份认证,确保数据安全性.在Hadoop...     

Secure Hamming distance computation for biometrics using ideal-lattice and ring-LWE homomorphic encryption

With widespread development of biometrics, concerns about security and privacy are rapidly increasing. Homomorphic encryption enables us to operate on encrypted data without decryption, and it can be applied to construct a privacy-preserving biometric system. In this article, we apply two homomorphic encryption schemes based on ideal-lattice and ring-LWE (Learning with Errors), which both have homomorphic correctness over the ring of integers of a cyclotomic field. We compare the two schemes in applying them to privacy-preserving biometrics. In biometrics, the Hamming distance is used as a metric to compare two biometric feature vectors for authentication. We propose an efficient method for secure Hamming distance. Our method can pack a biometric feature vector into a single ciphertext, and it enables efficient computation of secure Hamming distance over our packed ciphertexts.     

Key Derivation Policy for data security and data integrity in cloud computing

Cloud computing is currently emerging as a promising next-generation architecture in the Information Technology (IT) industry and education sector. The encoding process of state information from the data and protection are governed by the organizational access control policies. An encryption technique protects the data confidentiality from the unauthorized access leads to the development of fine-grained access control policies with user attributes. The Attribute-Based Encryption (ABE) verifies the intersection of attributes to the multiple sets. The handling of adding or revoking the users is difficult with respect to changes in policies. The inclusion of multiple encrypted copies for the same key raised the computational cost. This paper proposes an efficient Key Derivation Policy (KDP) for improvement of data security and integrity in the cloud and overcomes the problems in traditional methods. The local key generation process in proposed method includes the data attributes. The secret key is generated from the combination of local keys with the user attribute by a hash function. The original text is recovered from the ciphertext by the decryption process. The key sharing between data owner and user validates the data integrity referred MAC verification process. The proposed efficient KDP with MAC verification analyze the security issues and compared with the Cipher Text–Attribute-Based Encryption (CP-ABE) schemes on the performance parameters of encryption time, computational overhead and the average lifetime of key generation. The major advantage of proposed approach is the updating of public information and easy handling of adding/revoking of users in the cloud.