Alawi A. Al-saggaf,H. S. Acharya

DOI: https://doi.org/10.48550/arXiv.0809.1318

2008-09-08

Abstract:This paper attempt has been made to explain a fuzzy commitment scheme. In the conventional Commitment schemes, both committed string m and valid opening key are required to enable the sender to prove the commitment. However there could be many instances where the transmission involves noise or minor errors arising purely because of the factors over which neither the sender nor the receiver have any control. The fuzzy commitment scheme presented in this paper is to accept the opening key that is close to the original one in suitable distance metric, but not necessarily identical. The concept itself is illustrated with the help of simple situation.

Cryptography and Security

Benjamin Tams

DOI: https://doi.org/10.48550/arXiv.1406.1154

2014-09-21

Abstract:The fuzzy commitment scheme is a cryptographic primitive that can be used to store biometric templates being encoded as fixed-length feature vectors protected. If multiple related records generated from the same biometric instance can be intercepted, their correspondence can be determined using the decodability attack. In 2011, Kelkboom et al. proposed to pass the feature vectors through a record-specific but public permutation process in order to prevent this attack. In this paper, it is shown that this countermeasure enables another attack also analyzed by Simoens et al. in 2009 which can even ease an adversary to fully break two related records. The attack may only be feasible if the protected feature vectors have a reasonably small Hamming distance; yet, implementations and security analyses must account for this risk. This paper furthermore discusses that by means of a public transformation, the attack cannot be prevented in a binary fuzzy commitment scheme based on linear codes. Fortunately, such transformations can be generated for the non-binary case. In order to still be able to protect binary feature vectors, one may consider to use the improved fuzzy vault scheme by Dodis et al. which may be secured against linkability attacks using observations made by Merkle and Tams.

Cryptography and Security

Zhaoqing Liu,Qiong Li,Xiamu Niu

DOI: https://doi.org/10.1007/s00521-012-0850-4

2013-01-01

Neural Computing and Applications

Abstract:The security of image robust hash has drawn great attention as an open question. A great similarity between the security requirements of the image robust digest and biometric template is found through the analysis and comparison between the vulnerability of the robust hash-based image authentication system and the biometric authentication system. A security improvement scheme of image robust hash is proposed in this paper based on fuzzy commitment scheme, which is originally a biometric template protection scheme. In our scheme, it is unnecessary to store the image robust digest in the database directly. In addition, the matching operation can be implemented in the cryptographic field. Many security weaknesses, such as the weakness induced by the poor diffusion of an image robust hash algorithm, can be overcome. The experimental results have also proved the feasibility of our scheme.

Upputuri Neelima,Fazal Noorbasha

Abstract:Reed-Muller codes play an important role in communication. In communication, security and error free data transmission are two major problems. In this paper, we propose a eight bit original data is encoded using distinct Reed-Muller techniques such as positive polarity Reed-Muller(PPRM), negative polarity Reed-Muller(NPRM), fixed polarity Reed-Muller(FPRM) for secure data communication and also we can compare these techniques in terms of cost. The eight bit encoded data which is obtains from these Reed-Muller techniques are encoded again using hamming code for error free communication. It is found that among all these techniques fixed polarity Reed-Muller is the best technique which gives less cost .We can also observes that secure and error free communication is possible between transmitter and receiver. The data encryption and decryption process has been simulated using Isim simulator and the code is written in Verilog HDL. Keyword -Reed- Muller, Hamming code, Encoder, Decoder, Verilog HDL.

Computer Science

WANG Mingqiang,WANG Xiaoyun,ZHENG Shihui

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.23.014

2006-01-01

Abstract:The concept of fuzzy signatures allow two entities to produce two signatures in such a way that,from the point of view of any third party,both signatures are ambiguous with respect to the identity of signing party until an extra piece of information is released by one of the parties.This paper designs a new fuzzy signature scheme based on the discrete algorithm problem.From this concurrent scheme,it proposes a signature protocol in which the signature can be fairly exchanged between signers.

Liangliang Wang,Junzuo Lai,Hu Xiong,Kefei Chen,Yu Long

DOI: https://doi.org/10.1002/sec.1572

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:According to the inspirations from history, we introduce a new cryptography primitive called fuzzy certificateless signature, which not only eliminates the key escrow problem inherently existed in fuzzy identity-based signature but also possesses the error tolerance property of fuzzy identity-based signature that allows for a set of attributes ω to verify a signature produced with a private key for an identity ω' if and only if the distance between the two identities ω and ω' is within a certain threshold. In this paper, the concept of fuzzy certificateless signature is first proposed, and then, the syntax and security model of fuzzy certificateless signature are formally defined. In the next step, so far, the first concrete fuzzy certificateless signature scheme is proposed, which may be practicably implemented in biometric identification. In addition, a formal security proof is provided, so as to demonstrate that in the random oracle model, our newly proposed scheme is existentially unforgeable against Types I and II chosen message attacks formalized in the security model under the computational Diffie-Hellman assumption. Copyright © 2016 John Wiley & Sons, Ltd.

Hung-Min Sun,Shih-Ying Chang,Hsin-Ta Chiao

DOI: https://doi.org/10.1109/ispacs.2009.5383769

2009-01-01

Abstract:Forward error correction (FEC) allows the receiver to correct erasure without asking retransmission. This advantage is significant for several applications where retransmission is not available or desirable. In recent years, applying FEC codes to peer-to-peer data distribution networks is an innovation. In this way, the downloader can efficiently reconstruct the data from the encoding symbols multicasted from multiple distributors. However, FEC codes suffer from pollution attacks where the attackers corrupt some encoding symbols such that the data can not correctly be reconstructed. Although Krohn et al. propose a homomorphic hash based verification scheme, the scheme is specifically designed for Fountain codes and the variants. That is, the scheme can not apply to other FEC codes and suffers from another specific attacks, distribution attacks. Thus, in this paper we propose a new verification scheme for polynomial based FEC codes like Vandermonde codes. The scheme can defend against not only pollution attacks but distribution attacks. The analysis also shows the security and feasibility of the proposed scheme.

Xu An Wang,Xiaoyuan Yang,Minqing Zhang,Yong Yu

DOI: https://doi.org/10.15388/informatica.2012.361

2012-01-01

Informatica

Abstract:Fuzzy identity based encryption (FIBE), proposed by Sahai and Waters, is a new kind of identity based encryption. It allows users with identity w can decrypt ciphertext for w' if and only if w is close enough to w'. Recently, Ren et al. proposed a new FIBE scheme and claimed it is fully CCA2 secure in the standard model with a tight reduction. However, in this paper we will show that their scheme is not correct. Furthermore, the key generation process of their scheme cannot resist the collusion attack, which is a basic security requirement for FIBE. At last, we propose a new fully secure FIBE scheme based on the Sahai Waters FIBE scheme and prove its security by using the "dual system encryption" technique.

Bhavuk Sikka Bajaj

2024-07-24

Abstract:This study addresses the use of Reed-Solomon error correction codes in QR codes to enhance resilience against failures. To fully grasp this approach, a basic cryptographic context is provided, necessary for understanding Reed-Solomon codes. The study begins by defining a code and explores key outcomes for codes with additional properties, such as linearity. The theoretical framework is further developed with specific definitions and examples of Reed-Solomon codes, presented as a particular variant of BCH codes. Additionally, the structure of QR codes is analyzed, encompassing different versions and how data is represented in the form of black and white pixels within an image. Finally, an inherent vulnerability of Reed-Solomon Codes, and particularly of QR codes, related to selective manipulation of modules is examined. This vulnerability leverages the error correction mechanisms present in Reed-Solomon codes.

Information Theory,Cryptography and Security

Zhuoran Zhang,Fangguo Zhang,Haibo Tian

DOI: https://doi.org/10.1007/978-3-030-59013-0_16

2020-01-01

Abstract:In secret handshake schemes, the members in the same organization can anonymously authenticate each other and commonly negotiate a secret key for communication. Since its proposing in 2003, secret handshake schemes become an important privacy protection cryptographic technique on internet applications. In this paper, a secret handshake scheme based on coding theory (we call $$\mathsf {CSH}$$) is presented. This is the first code-based secret handshake scheme. $$\mathsf {CSH}$$ is constructed by combining the CFS signature system and Stern’s identification system, thus the security of $$\mathsf {CSH}$$ relies on the syndrome decoding problem just like the two above systems. Moreover, as far as we know, $$\mathsf {CSH}$$ is the first scheme to use a generic construction of Fiat-Shamir paradigm in secret handshake schemes. This may lead to a more generic framework construction.

Khaled Ahmed Nagaty

DOI: https://doi.org/10.48550/arXiv.1906.03043

2019-05-23

Cryptography and Security

Abstract:In this paper an enhanced fuzzy vault scheme is proposed which we refer to as fuzzy-fuzzy vault scheme. The proposed scheme builds on the classical fuzzy vault by adding the concept of uncertainty and imprecision to the classical scheme. To lock a secret key K in the classical fuzzy vault the locking and unlocking elements are crisp or real elements and consequently the locking and unlocking operations are strict imperative. In the fuzzy-fuzzy vault scheme, Alice locks the secret key K using a set of fuzzy elements that belong to multi-fuzzy set A~ obtained from a universe public set of fuzzy elements in a multi-fuzzy set F~_q and projecting them on polynomial p. The elements in multi-fuzzy sets F~_q and A~ are fuzzy using m membership functions MF_i, i=1,2,...,m. Alice selects a set k of fuzzy elements fuzzy with a specific membership function MF_K from A~ to lock the vault. To hide the genuine locking points Alice generates a set of fuzzy chaff points that some of them do not lie on polynomial p while the other fuzzy chaff points may lie on polynomial p but fuzzy with different membership functions other than the membership function MF_K used to lock the vault. To unlock the fuzzy-fuzzy vault and retrieve the secret key K , Bob should have a set of unlocking fuzzy elements belonging to multi-fuzzy set B~ which substantially overlap with A~ is required. Then Bob selects t'_(TF_ki) fuzzy elements from B~ which are close to the t_(TF_k) fuzzy elements from A~ used by Alice to lock the vault. We show that adding uncertainty and imprecision by introducing fuzzy theory will enhance the security threshold of the fuzzy vault.

DING Su-quan,YANG Zhi-xing,PAN Chang-yong,WANG Jun

DOI: https://doi.org/10.3321/j.issn:1001-506x.2007.06.036

2007-01-01

Abstract:To achieve good tradeoffs between error performance and decoding complexity,two types of symbol-level soft-decision decoding algorithms for Reed-Solomon codes are proposed.The first algorithm integrates order statistic decoding into Chase decoding while the second algorithm employs Chase-2 algorithm in a step-by-step version.Both algorithms make good use of the received soft-decision information.Simulation results show that the first algorithm performs well when the decoding complexity is low while the second algorithm provides good flexibility and performs well when the decoding complexity is affordable.Both algorithms outperform some popular symbol-level SDD algorithms in some cases.

N He,JP Xiong,HX Li,HB Jia,CL Jiang

DOI: https://doi.org/10.1117/12.483338

2002-01-01

Abstract:As the error probability is inherently high in the high-density optical storage system, it is very important to encode the data to ensure the data integrality before recording them on the disc. As the performance of the Reed-Solomon (RS) code is perfect for the applications where burst errors and random errors exist together, RS code is adopted as the error control scheme in our design of the multi-wavelength optical storage system. Since field programmable gate array (FPGA) is reconfigurable, the FPGA-based encoding circuit in the multi-wavelength optical storage system provides a flexible and cost efficient platform for the evaluation and verification of various error control schemes. The design and implementation of RS codes on FPGA are presented in this paper. The experiment result shows that it is practical to be used in the multi-wavelength optical storage system.

Chunqiang Hu,Nan Zhang,Hongjuan Li,Xiuzhen Cheng,Xiaofeng Liao

DOI: https://doi.org/10.1109/jsac.2013.sup.0513004

IF: 16.4

2013-09-01

IEEE Journal on Selected Areas in Communications

Abstract:Body Area Networks (BANs) are expected to play a major role in the field of patient-health monitoring in the near future. While it is vital to support secure BAN access to address the obvious safety and privacy concerns, it is equally important to maintain the elasticity of such security measures. For example, elasticity is required to ensure that first-aid personnel have access to critical information stored in a BAN in emergent situations. The inherent tradeoff between security and elasticity calls for the design of novel security mechanisms for BANs. In this paper, we develop the Fuzzy Attribute-Based Signcryption (FABSC), a novel security mechanism that makes a proper tradeoff between security and elasticity. FABSC leverages fuzzy Attribute-based encryption to enable data encryption, access control, and digital signature for a patient's medical information in a BAN. It combines digital signatures and encryption, and provides confidentiality, authenticity, unforgeability, and collusion resistance. We theoretically prove that FABSC is efficient and feasible. We also analyze its security level in practical BANs.

telecommunications,engineering, electrical & electronic

Yuanhang Zhou,Fuchen Ma,Yuanliang Chen,Meng Ren,Yu Jiang

DOI: https://doi.org/10.1145/3628160

IF: 3.685

2024-01-01

ACM Transactions on Software Engineering and Methodology

Abstract:Cryptography is a core component of many security applications, and flaws hidden in its implementation will affect the functional integrity or, more severely, pose threats to data security. Hence, guaranteeing the correctness of the implementation is important. However, the semantic characteristics (e.g., diverse input data and complex functional transformation) challenge those traditional program validation techniques (e.g., static analysis and dynamic fuzzing). In this article, we propose CLFuzz, a semantic-aware fuzzer for the vulnerability detection of cryptographic algorithm implementation. CLFuzz first extracts the semantic information of targeted algorithms including their cryptographic-specific constraints and function signatures. Based on them, CLFuzz generates high-quality input data adaptively to trigger error-prone situations efficiently. Furthermore, CLFuzz applies innovative logical cross-check that strengthens the logical bug detection ability. We evaluate CLFuzz on the widely used implementations of 54 cryptographic algorithms. It outperforms state-of-the-art cryptographic fuzzing tools. For example, compared with Cryptofuzz, it achieves a coverage speedup of 3.4× and increases the final coverage by 14.4%. Furthermore, CLFuzz has detected 12 previously unknown implementation bugs in 8 cryptographic algorithms (e.g., CMAC in OpenSSL and Message Digest in SymCrypt), most of which are security-critical and have been successfully collected in the national vulnerability database (7 in NVD/CNVD) and is awarded by the Microsoft bounty program (2 for $1,000).

Guoxiu Liu,Geng Yang,Shuangjie Bai,Qiang Zhou,Hua Dai

DOI: https://doi.org/10.1109/ACCESS.2020.2966367

IF: 3.9

2020-01-01

IEEE Access

Abstract:Currently, searchable encryption has attracted considerable attention in the field of cloud computing. The existing research mainly focuses on keyword-based search schemes, most of which support the exact matching of keywords. However, keyword-based search schemes ignore spelling errors and semantic expansions of keywords. The significant drawback makes the existing techniques unsuitable in cloud computing as it greatly affects system usability and can not completely satisfy the users' search intentions. In this paper, we propose an effective fuzzy semantic searchable encryption scheme (FSSE) that supports multi-keyword search over encrypted data in cloud computing. In our scheme, we exploit a keyword fingerprint generation algorithm to generate a fingerprint set of the keyword dictionary and a fingerprint of the query keywords, and employ Hamming distance to quantify keywords similarity. Based on the proposed fingerprint generation algorithm and Hamming distance, we realize fuzzy search. Furthermore, we utilize the semantic expansion technique to expand query keywords and calculate the semantic similarity between the query keywords and the expanded word of the query keywords to achieve the semantic search. To improve the search efficiency, we construct an inverted index structure and use the vector intersection matching as well as short-circuit matching operations to effectively filter irrelevant documents. The theoretical analysis and experimental results demonstrate that our proposed scheme satisfies the security guarantee of searchable encryption, enhances system usability, and is more efficient in comparison with the state of the art schemes.

Liangmin Wang,Xiaofeng Chen,Yuan Chen,Tao Jiang,Jianfeng Ma,Xu Yuan,Ke Cheng

DOI: https://doi.org/10.1109/TDSC.2022.3185313

2023-05-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Data deduplication is of critical importance to reduce the storage cost for clients and to relieve the unnecessary storage pressure for cloud servers. While various techniques have been proposed for secure deduplication of identical files/blocks, the effective and secure deduplication solutions on fuzzy similar data (image, video, and others) which occupy a large portion in the real world across wide applications, remain open. In this article, we propose a novel deduplication system, named Fuzzy Deduplication (FuzzyDedup), to implement the secure deduplication of similar data (i.e., similar files, chunks, or blocks). In particular, we leverage the similarity-preserving hash, a fuzzy extractor based on error-correcting codes, and the encryption with customized design to construct a fuzzy-style deduplication encryption scheme (FuzzyMLE), achieving the ciphertext-based deduplication for similar data. Besides, to defend against data ownership cheating attack and duplicate-faking attack, a fuzzy-style proof of ownership scheme (FuzzyPoW) is designed for the cloud server to securely verify a client in possession of the similar data. To further enhance security and efficiency, we also propose both server-aided and random-tag FuzzyMLE to make FuzzyDedup robust against off-line brute-force attack and to support tag randomization, respectively. Then, we design Hamming distance reduction and tag cutting optimization algorithms to improve the tag query efficiency of FuzzyDedup. In the end, we formally prove the security of our solution and conduct experiments on real-world datasets for performance evaluation. Experimental results exhibit the efficiency of FuzzyDedup in terms of computation cost and communication overhead.

Computer Science

Hu Xiong,YaNan Chen,GuoBin Zhu,ZhiGuang Qin

DOI: https://doi.org/10.1007/s11432-014-5152-2

2014-01-01

Science China Information Sciences

Abstract:To enjoy the property of error tolerance in the biometric identities extraction, the fuzzy identitybased signature has been initialized to issue a signature on behalf of a descriptive attributes set ω instead of a single string. Any attributes set ω′ can be used to verify the validity of the signature in case the distance between ω and ω′ is less than a pre-defined threshold. Recently, Wang re-formalized the notion of fuzzy identitybased signature and proposed a concrete pairing-based construction along with the efficiency analysis and formal security proof. Unfortunately, by giving concrete attack, we indicate that Wang’s scheme is not secure against forgery attack. We also present an improved scheme to prevent this attack.

Khaled Ahmed Nagaty

DOI: https://doi.org/10.48550/arXiv.1905.07561

2019-05-18

Abstract:In this paper a three fuzzy vault schemes which integrated with discrete logarithmic encryption scheme are proposed. In the first scheme, the message m is encoded with discrete logarithmic encryption scheme using randomly generated identity key \k{appa} for every message and then divided into non-overlapping segments. In the second scheme, the message is divided into non-overlapping segments and each segment is encoded with discrete logarithmic encryption scheme using the randomly generated identity key \k{appa}. In the third scheme, the message is divided into non-overlapping segments where even segments are encoded with identity key \k{appa}_even and odd segments are encoded with identity key \k{appa}_odd. Identity keys \k{appa}_even and \k{appa}_odd are randomly generated for every message. Finally, the encoded segments are declared as coefficients of a polynomial of specific degree. In all proposed schemes, elements of locking set A are used as X-coordinate values to compute evaluations of the polynomial by projecting elements of A onto points lying on the polynomial. A large number of random chaff points that do not lie on the polynomial are added to create noise to hide the encoded segments. Security analysis has shown the proposed scheme enjoys provable security over classical fuzzy vaults.

Cryptography and Security,Information Theory

Zhishuo Zhang,Wen Huang,Lin Yang,Yongjian Liao,Shijie Zhou

DOI: https://doi.org/10.1109/jiot.2023.3268699

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Outsourced Decryption Attribute-based Encryption (OD-ABE) is emerging as a promising cryptographic tool to provide efficient fine-grained access control for data accessing and sharing in cloud-assisted Intelligent Internet of Mobile Things (IIoMT). Decryption verification is an essential property of OD-ABE to enable the mobile user to verify the precision of the decryption data. Unfortunately, the most representative verification (commitment) algorithms have various security flaws. In this paper, we first indicate that the two state-of-art key-based commitment schemes are vulnerable to “Commitment Extract(Decrypt)-then-Reuse Attack” and “Commitment Impersonation Attack” which demolish the unforgeability of the commitment. Then to cover all the existing attacks to commitment algorithms, we re-define a robuster verifiable security model for verifiable OD-ABE. Subsequently, we invent a ciphertext fingerprint (CTfp) based commitment scheme and give rigorous proof to the proposed commitment scheme including binding, hiding, unforgeability, and non-repudiation (traceability) in the random oracle. Next, we apply our CTfp-based commitment to the widely used OD-ABE schemes to provide them robuster verifiability. Finally, the theoretical comparison and simulation experiments are presented to show our new type of commitment algorithm is more secure and practical.

computer science, information systems,telecommunications,engineering, electrical & electronic