Zhusen Liu,Weizheng Wang,Yutong Ye,Nan Min,Zhenfu Cao,Lu Zhou,Zhe Liu

DOI: https://doi.org/10.1109/tifs.2024.3428410

IF: 7.231

2024-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Mobile smart devices provide convenience for people’s daily life with the users’ data, but also put consumers’ privacy and security at risk. Privacy-enhancing technologies (PETs), including secure two/multi-party computation, have emerged as solutions to alleviate privacy concerns in mobile cloud computing (MCC). However, cloud servers, although capable of easing the burden of PETs, introduce potential risks by being malicious and colluding with computation parties to access additional private data. In this article, we propose a privacy-preserving cloud-assisted two-party computation scheme and the optimized variant with the half-gate method in MCC with a higher security level. To the best of our knowledge, the work is the first cloud-assisted two-party computation, designed to resist all collusion attacks in the malicious model. This is achieved by distributing circuit generation tasks among the parties and separately processing private inputs based on authenticated garbled circuits. Security analysis demonstrates that our scheme ensures correctness and fairness. Performance comparison results indicate the efficiency of our work, even with stronger security against malicious servers and any collusion attack. It outperforms the state-of-the-art scheme, particularly in terms of the server’s communication cost in the online phase, achieving a remarkable reduction of approximately 96.8%.

Boyang Wang,Ming Li,Chow, S.S.M.,Hui Li

DOI: https://doi.org/10.1109/CNS.2013.6682768

2013-01-01

Abstract:The emergence of cloud computing brings users abundant opportunities to utilize the power of cloud to perform computation on data contributed by multiple users. These cloud data should be encrypted under multiple keys due to privacy concerns. However, existing secure computation techniques are either limited to single key or still far from practical. In this paper, we design two efficient schemes for secure outsourced computation over cloud data encrypted under multiple keys. Our schemes employ two non-colluding cloud servers to jointly compute polynomial functions over multiple users' encrypted cloud data without learning the inputs, intermediate or final results, and require only minimal interactions between the two cloud servers but not the users. We demonstrate our schemes' efficiency experimentally via applications in machine learning. Our schemes are also applicable to privacy-preserving data aggregation such as in smart metering.

Xiaotong Li,Hao Wang,Zhi Li,Lei Wu,Xiaochao Wei,Ye Su,Rongxing Lu

DOI: https://doi.org/10.1109/tsc.2024.3380258

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Although secure multi-party computation breaks down data barriers, its utility is reduced when participants have limited computation and communication resources. To make secure multi-party computation more practical, there exists an approach to distribute users' private inputs to multiple servers in a secret sharing manner, and the servers accomplish secure computation tasks through interaction. We propose a new secure computation framework that enables the detection of malicious cloud servers by introducing homomorphic MACs. We utilize pairing-based homomorphic commitments to record MACs on a bulletin board, providing public verifiability while reducing the computation burden on the cloud servers. Additionally, our framework not only supports the underlying general computation, but also prepares for various types of nontrivial high-level operations, such as comparison and bit decomposition. We design a smart payment platform enabling fair payment with the help of smart contracts to protect the rights of both data owners and cloud service providers. Compared to previous works, our framework breaks the limitations of servers being restricted to semi-honest or even honest and provides public verifiability. Performance evaluations demonstrate satisfactory computation and communication efficiency during the online phase of our system.

computer science, information systems, software engineering

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe L. Jiang,Siu-Ming Yiu,Hao Wang

DOI: https://doi.org/10.1016/j.csi.2021.103552

2022-01-01

Abstract:<p>Cloud computing has become one of the most popular distributed computing paradigms in recent years. With its advantages of low cost, on-demand flexibility, and high data processing abilities, more and more enterprises have adopted the cloud computing paradigm to build up their IT infrastructure. By performing collaborative computation tasks (e.g., big data analysis tasks) with multiple datasets of different correlated enterprises in cloud computing, the generated valuable information will provide the enterprises with higher productivity and financial gains. However, due to the privacy concerns from the enterprises, how to efficiently enable them to achieve secure multi-party joint datasets analysis in cloud computing without leaking their own private dataset becomes a critical but challenging problem for the enterprises. In this paper, focusing on securely performing any collaborative computation task in cloud computing, we construct a generic server-aided secure multi-party computation protocol to tackle the problem. Our solution can provide security guarantee in the setting where at most n-1 client parties are malicious while the server is semi-honest and there is no collusion between the server and clients. The security and experimental performance analysis show that this work is currently the most efficient server-aided secure multi-party computation protocol with the same security guarantee compared with all the previous works to the best of our knowledge.</p>

computer science, software engineering, hardware & architecture

Zhusen Liu,Luyao Wang,Haiyong Bao,Zhenfu Cao,Lu Zhou,Zhe Liu

DOI: https://doi.org/10.1109/tii.2023.3342882

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:Prevailing smart devices collect individual or industrial sensitive data for collaborative computation to provide convenient service in heterogeneous networks. Nowadays, protecting privacy and security is a significant issue and raises increasing concerns in academia and industry. But diverse smart devices are equipped with unequal resources and some devices with limited resources cannot afford expensive privacy-preserving computation. In this article, we propose a generic efficient and privacy-preserving cloud-assisted two-party computation scheme for smart devices in heterogeneous networks. We adopt the cloud server to assist the collaborative computation and reduce the overhead of smart devices. Besides, we apply preprocessing and online phases to guarantee different devices to operate with a lower burden online. What is more, the work is, to our best knowledge, the first to resist the malicious cloud server and computing parties simultaneously by adopting authenticated masked bits to strengthen the garbled circuit scheme. At the same time, our scheme can guarantee correctness and fairness, as shown in security analysis. The performance comparison result shows that this work is efficient and surpasses the previous best counterpart scheme while maintaining nearly identical computation cost. It outperforms in terms of total communication cost by 49% and total execution time by 32%, even though it takes extra and acceptable cost in the online phase for stronger security against the malicious server.

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe Lin Jiang,Qian Chen,Peng Xu

DOI: https://doi.org/10.1109/TDSC.2020.2966632

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:With the ubiquity of mobile devices and rapid development of cloud computing, mobile cloud computing (MCC) has been considered as an essential computation setting to support complicated, scalable and flexible mobile applications by overcoming the physical limitations of mobile devices with the aid of cloud. In the MCC setting, since many mobile applications (e.g., map apps) interacting with cloud ...

Jialin Li,Penghao Lu,Xuemin Lin

DOI: https://doi.org/10.1109/access.2022.3166523

IF: 3.9

2022-01-01

IEEE Access

Abstract:Although tremendous revolution has been made in the emerging cloud computing technologies over digital devices, privacy gradually becomes a big concern in outsourcing computation. Homomorphic encryption has been proposed to facilitate the preservation of data privacy while computational tasks being executed on ciphertext. However, many existing studies only support limited homomorphic calculation functions which barely satisfy complex computing tasks such as machine learning with massive computing resources and rich types of function. To address this problem, a novel multifunctional and privacy-preserving outsourcing computation toolkit is proposed in this paper, which supports several homomorphic computing protocols including division and power on ciphertext of integers and floating point numbers. Specifically, we first implement the homomorphic mutual conversion protocol between integer and floating point ciphertext to balance the efficiency and feasibility, considering the high-precision ciphertext operation on floating point numbers costs 100x computational overhead than that on integers. Second, we implement a homomorphic K-means algorithm based on our proposed toolkit for clustering and design the homomorphic silhouette coefficient as the evaluation index, thereby providing an informative cluster assessment for local users with limited resources. Then, we simulate the protocols of our proposed toolkit to explore the parameter sensitivity in terms of computational efficiency. Last, we report security analysis to prove the security of our toolkit without privacy leakage to unauthorized parties. Comprehensive experiments further demonstrate the efficiency and utility of our toolkit.

Xiaoyu Zhang,Tao Jiang,Kuan-Ching Li,Xiaofeng Chen

DOI: https://doi.org/10.1007/978-3-319-57186-7_5

IF: 8.1

2017-01-01

Information Sciences

Abstract:With the prevalence of cloud computing, the resource constrained clients are trended to outsource their computation-intensive tasks to the cloud server. Although outsourcing computation paradigm brings many benefits for both clients and cloud server, it causes some security challenges. In this paper, we focus on the outsourcing computation of matrix multiplication, and propose a new publicly verifiable computation scheme for batch matrix multiplication. Different from traditional matrix computation outsourcing model, the outsourcing task of our scheme is to compute MXi for group of clients, where Xi is a private matrix chosen by different clients and M is a public matrix given by a data center beforehand. Based on the two techniques of privacy-preserving matrix transformation and matrix digest, our scheme can protect the secrecy of the client's private matrix Xi and dramatically reduce the computation cost in both the key generation and the compute phases. The security analysis shows that the proposed scheme can also achieve the desired security properties under the co-CDH assumption.

Zhengkai Li,Zhenfu Cao,Jiachen Shen,Xiaolei Dong

DOI: https://doi.org/10.1109/icfeict57213.2022.00084

2022-01-01

Abstract:We propose a new scheme for privacy-preserving outsourced calculation. With the help of this scheme, a user on a local host can securely transfer his sensitive information to a cloud platform for processing and storage avoiding disclosing the original information to the unreliable cloud and prying eyes. In addition, the Cloud Platform (CP) can carry out specifical operations on ciphertexts with the help of a Cryptographic Service Provider (CSP) according to the user's requests and send the results to user in the form of ciphertext. Furthermore, data encrypted with multiple keys can also be calculated together, and the computed results will be decrypted by an authorized receiver. We not only implement addition and multiplication operations on ciphertexts, but also design an efficient comparison protocol on ciphertexts (the operations are all in encrypted domain). We then show the security of our encryption and the suggested secure computation sub-protocols. We use a one-way trapdoor permutation and a symmetric somewhat homomorphic encryption as the framework's building blocks rather than the fully homomorphic encryption (FHE) technique. Finally, we use simulations to show the effectiveness and extraordinary efficiency of our suggested scheme.

Jun Zhang,Zoe L. Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1007/978-3-030-74717-6_23

2020-01-01

Abstract:With the popularity of cloud computing, data owners encrypt their data with different keys before uploading data to the cloud due to privacy concerns. Homomorphic encryption makes it possible to calculate on encrypted data but is usually restricted to single key. Based on an additively homomorphic encryption supporting one multiplication, we propose a general computing framework to execute common arithmetic operations on encrypted data under multiple keys such as addition, multiplication, exponentiation. Our scheme rely on two non-colluding servers and is proven to be secure against semi-honest attackers. The experimental evaluations demonstrate the practicality of our computing framework in terms of lower computational complexity and communication overhead.

Jun Zhang,Zoe L.Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1016/j.ins.2021.06.017

IF: 8.1

2021-10-01

Information Sciences

Abstract:<p>Preparing large amounts of training data is the key to the success of machine learning. Due to the public's concern about individual privacy, different techniques are proposed to achieve privacy preserving machine learning. Homomorphic encryption enables calculation on encrypted data in the cloud. However, current schemes either focus on single key or a specific algorithm. Cooperation between different institutions is quite common in this era of big data. Encrypting data from different institutions under one single key is a risk to data privacy. Moreover, constructing secure scheme for a specific machine learning algorithm lacks universality. Based on an additively homomorphic encryption supporting one multiplication, we propose a general multikey computing framework to execute common arithmetic operations on encrypted data such as addition, multiplication, comparison, sorting, division and etc. Our scheme can be used to run different machine learning algorithms. Our scheme is proven to be secure against semi-honest attackers and the experimental evaluations demonstrate the practicality of our computing framework.</p>

computer science, information systems

Ke Cheng,Liangmin Wang,Yulong Shen,Hua Wang,Yongzhi Wang,Xiaohong Jiang,Hong Zhong

DOI: https://doi.org/10.1109/tbdata.2017.2707552

2017-01-01

IEEE Transactions on Big Data

Abstract:The k-nearest neighbors (k-NN) query is a fundamental primitive in spatial and multimedia databases. It has extensive applications in location-based services, classification & clustering and so on. With the promise of confidentiality and privacy, massive data are increasingly outsourced to cloud in the encrypted form for enjoying the advantages of cloud computing (e.g., reduce storage and query processing costs). Recently, many schemes have been proposed to support k-NN query on encrypted cloud data. However, prior works have all assumed that the query users (QUs) are fully-trusted and know the key of the data owner (DO), which is used to encrypt and decrypt outsourced data. The assumptions are unrealistic in many situations, since many users are neither trusted nor knowing the key. In this paper, we propose a novel scheme for secure k-NN query on encrypted cloud data with multiple keys, in which the DO and each QU all hold their own different keys, and do not share them with each other; meanwhile, the DO encrypts and decrypts outsourced data using the key of his own. Our scheme is constructed by a distributed two trapdoors public-key cryptosystem (DT-PKC) and a set of protocols of secure two-party computation, which not only preserves the data confidentiality and query privacy but also supports the offline data owner. Our extensive theoretical and experimental evaluations demonstrate the effectiveness of our scheme in terms of security and performance.

Chun Liu,Xuexian Hu,Xiaofeng Chen,Jianghong Wei,Wenfen Liu

DOI: https://doi.org/10.48550/arXiv.2105.05525

2021-05-12

Abstract:As one of the most important basic operations, matrix multiplication computation (MMC) has varieties of applications in the scientific and engineering community such as linear regression, k-nearest neighbor classification and biometric identification. However handling these tasks with large-scale datasets will lead to huge computation beyond resource-constrained client s computation power. With the rapid development of cloud computing, outsourcing intensive tasks to cloud server has become a promising method. While the cloud server is generally out of the control of clients, there are still many challenges concerned with the privacy security of clients sensitive data. Motivated by this, Lei et al. presented an efficient encryption scheme based on random permutation to protect the privacy of client s data in outsourcing MMC task. Nevertheless, there exists inherent security flaws in their scheme, revealing the statistic information of zero elements in the original data thus not satisfying the computational indistinguishability (IND-ZEA). Aiming to enhance the security of the outsourcing MMC task, we propose a new encryption scheme based on subtly designed invertible matrix where the additive perturbation is introduced besides the multiplicative perturbation. Furthermore, we show that the proposed encryption scheme can be applied to not only MMC task but also other kinds of outsourced tasks such as linear regression and principal component analysis. Theoretical analyses and experiments indicate that our methods are more secure in terms of data privacy, with comparable performance to the state-of-the-art scheme based on matrix transformation.

Cryptography and Security

Xian Guo,Ye Li,Yongbo Jiang,Jing Wang,Junli Fang

DOI: https://doi.org/10.3390/cryptography7040059

2023-11-17

Cryptography

Abstract:In recent years, many companies have chosen to outsource data and other data computation tasks to cloud service providers to reduce costs and increase efficiency. However, there are risks of security and privacy breaches when users outsource data to a cloud environment. Many researchers have proposed schemes based on cryptographic primitives to address these risks under the assumption that the cloud is a semi-honest participant and query users are honest participants. However, in a real-world environment, users’ data privacy and security may be threatened by the presence of malicious participants. Therefore, a novel scheme based on secure multi-party computation is proposed when attackers gain control over both the cloud and a query user in the paper. We prove that our solution can satisfy our goals of security and privacy protection. In addition, our experimental results based on simulated data show feasibility and reliability.

ZhenHua Chen,WeiGuo Zhang,ShunDong Li,DaoShun Wang,Qiong Huang

DOI: https://doi.org/10.3969/j.issn.0372-2112.2017.05.013

2017-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Secure multiparty computation of set membership is significant to privacy-preserving data mining,data query,etc.In this paper,we first transform the original problem into the one-time evaluation problem for polynomial,and then construct four protocols.We design the trivial protocol 1 using homomorphic encryption and construct the efficient protocol 2 using discrete logarithm instead of encryption,which is very concise.Lastly,according to the different application scenarios,we also propose protocol 3 and protocol 4:the former can be used to outsource computation in cloud computing environment;the latter can be used for public secure computation against repudiation.The analysis and comparison show that our protocols are more efficient and concise than previously known.

Xuelian Li,Hui Li,Juntao Gao,Runsong Wang

DOI: https://doi.org/10.1016/j.jisa.2023.103463

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:As the world grapples with the COVID-19 and its variants, multi-user collaboration by means of cloud computing is ubiquitous. How to make better use of cloud resources while preventing user privacy leakage has become particularly important. Multi-key homomorphic encryption(MKHE) can effectively deal with the privacy disclosure issue during the multi-user collaboration in the cloud computing setting. Firstly, we improve the DGHV homomorphic scheme by modifying the selection of key and the coefficients in encryption, so as to eliminate the restriction on the parity of the ciphertext modulus in the public key. On this basis, we further propose a DGHV-type MKHE scheme based on the number theory. In our scheme, an extended key is introduced for ciphertext extension, and we prove that it is efficient in performance analysis. The semantic security of our schemes is proved under the assumption of error-free approximate greatest common divisor and the difficulty of large integer factorization. Furthermore, the simulation experiments show the availability and computational efficiency of our MKHE scheme. Therefore, our scheme is suitable for the multi-user scenario in cloud environment.

Shaojing Fu,Yunpeng Yu,Ming Xu

DOI: https://doi.org/10.1145/3055259.3055263

2017-01-01

Abstract:Matrix multiplication computation (MMC) is a common scientific and engineering computational task. But such computation involves enormous computing resources for large matrices, which is burdensome for the resource-limited clients. Cloud computing enables computational resource-limited clients to economically outsource such problems to the cloud server. However, outsourcing matrix multiplication to the cloud brings great security concerns and challenges since the matrices and their products often usually contains sensitive information. In a previous work, Lei et al. [1] proposed an algorithm for secure outsourcing MMC by using permutation matrix and the authors argued that it can achieve data privacy. In this paper, we first review the design of Lei's scheme and find a security vulnerability in their algorithm that it reveals the number of zero element in the input matrix to cloud server. Then we present a new verifiable, efficient, and privacy preserving algorithm for outsourcing MMC, which can protect the number privacy of zero elements in original matrices. Our algorithm builds on a series of carefully-designed pseudorandom matrices and well-designed privacy-preserving matrix transformation. Security analysis shows that our algorithm is practically-secure, and offers a higher level of privacy protection than the state-of-the-art algorithm.

Xinyu Lei,Xiaofeng Liao,Tingwen Huang,Feno Heriniaina

DOI: https://doi.org/10.1016/j.ins.2014.05.014

IF: 8.1

2014-01-01

Information Sciences

Abstract:Computation outsourcing to the cloud has become a popular application in the age of cloud computing. This computing paradigm brings in some new security concerns and challenges, such as input/output privacy and result verifiability. Given that matrix multiplication computation (MMC) is a ubiquitous scientific and engineering computational task, we are motivated to design a protocol to enable secure, robust cheating resistant, and efficient outsourcing of MMC to a malicious cloud in this paper. The main idea to protect the privacy is employing some transformations on the original MMC problem to get an encrypted MMC problem which is sent to the cloud; and then transforming the result returned from the cloud to get the correct result to the original MMC problem. Next, a randomized Monte Carlo verification algorithm with one-sided error is introduced to successfully handle result verification. We analytically show that the proposed protocol is correct, secure, and robust cheating resistant. Extensive theoretical analysis and experimental evaluation also show its high-efficiency and immediate practicability. Finally, comparisons between the proposed protocol and the previous protocols are given to demonstrate the improvements of the proposed protocol.

Jiayan Shen,Peng Zeng,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/jiot.2021.3135308

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Provable data possession (PDP) is widely considered to be an efficient method in verifying the integrity of remote data. While earlier PDP schemes are generally designed to check the integrity of data copies on a single cloud server (CS), there have been attempts to design multicopy and multiserver PDP (MCMS-PDP) schemes in recent years. However, it is known that MCMS-PDP schemes may be vulnerable to copy-summation attacks or do not support dynamic operations. The former enables a (dishonest) CS to only store a summation of copies for successful verification, while the latter does not allow the data owner to update the stored data. In this article, we propose a new MCMS-PDP scheme based on homomorphic verifiable tags. Specifically, our proposed scheme is designed to check the integrity of all copies in one challenge–response and resist copy-summation attacks. The scheme also supports public verification and block-level dynamic operations, such as modification, insertion, and deletion using the divide-and-conquer table. We then prove the security of our scheme, assuming the intractability of the computational Diffie–Hellman problem, in the random oracle model. We also evaluate the performance of the scheme to demonstrate its efficiency.