Xiaojuan Dong,Weiming Zhang,Mohsin Shah,Bei Wang,Nenghai Yu

DOI: https://doi.org/10.48550/arXiv.1912.09034

2019-12-19

Abstract:The modified Paillier cryptosystem has become extremely popular and applied in many fields, owning to its additive homomorphism. This cryptosystem provides weak private keys and a strong private key. A weak private key only can decrypt ciphertexts under the corresponding public key. The strong private key can decrypt all ciphertexts even under different public keys. When the modified Paillier cryptosystem is applied in a system, the member, often the system administrator, has the strong private key and can decrypt all ciphertexts. If this system administrator is attacked or compromised, the security of the application system absolutely break down. Thus, it is important to stop the decryption of the strong private key. To address this issue, we propose an restrained version of the modified Paillier cryptosystem (Restrained-Paillier), by endowing the multiplicative homomorphism. We perform the additive encryption on the multiplicative ciphertext and generate the mixed ciphertext, which can not be decrypted by the strong private key. Based on this Restrained-Paillier, we develop two applications. Firstly, we realize access control of common secret of two owners. In our scheme, only one owner cannot access secret. Secondly, we present three protocols for identity distribution and key management, identity authentication and private key recovery. Security analysis shows that the Restrained-Paillier cryptosystem can resist the chosen plaintext attack. The experimental results illustrate the utility and efficiency of the proposed protocols.

Cryptography and Security

Yunxia Han,Chunxiang Xu,Shanshan Li,Changsong Jiang,Kefei Chen

DOI: https://doi.org/10.1016/j.jisa.2023.103658

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:Error tolerant password-authenticated key exchange (PAKE) allows a user to authenticate to a server using a password and agree on a session key with the server, provided that the password for authentication and the registered one are “close enough”. Recently, an ingenious error tolerant PAKE scheme (faPAKE) for generalized passwords (e.g., fingerprints) emerged. In this paper, inspired by the mechanism of faPAKE, we propose a typo tolerance password-authenticated key exchange scheme, dubbed ttPAKE, for ordinary passwords. In ttPAKE, we introduce double-layered secret sharing (DLSS) that splits a main secret into shares and further splits the shares into sub-shares. DLSS can be considered homomorphic to typo tolerance of a password and would be an effective approach to achieve typo tolerance of the password without direct operations on the password for security requirements. A table is built to associate DLSS with typo tolerance of the password. The password is converted into position information for DLSS to store the sub-shares in the table. The table is scrambled with random numbers, and hence the information of the password is concealed. Using DLSS, our scheme implicitly determines whether typos in a password for authentication is no more than a threshold, which accomplishes typo tolerance while protecting passwords. We demonstrate that ttPAKE is secure under the Universal Composability model with security proofs. The performance evaluation shows that ttPAKE is efficient in terms of computation, communication, and storage costs.

Xiuli Chai,Yinjing Wang,Zhihua Gan,Xiuhui Chen,Yushu Zhang

DOI: https://doi.org/10.1016/j.ins.2022.05.008

IF: 8.1

2022-01-01

Information Sciences

Abstract:Owing to the rapid development of cloud services and personal privacy requirements, content-based encrypted image retrieval in the cloud has been increasing. Outsourced images are encrypted into noiselike ones to protect privacy, however, the obtained unrecognized appearance limits their availability. Besides, users have to decrypt all search results to browse, while some of them may not be needed, which undoubtedly wastes bandwidth and computing resources. To cope with this problem, a compromise strategy is proposed that considers the tradeoff between privacy and usability of cipher images. Wherein, a thumbnail preserving encryption (TPE) based on genetic algorithm is proposed. The pixels in the sub-blocks of the plain image are scrambled and diffused at the bit-level through crossover and mutation operators of the genetic algorithm. Moreover, two new operators of Mutation Compensation and Mutation Failure are defined and incorporated into the traditional genetic algorithm to achieve an ideal TPE, that cipher image has the same thumbnail as the original image. Additionally, a color histogram-based retrieval algorithm is introduced to retrieve cipher images using the color information preserved by thumbnails; and to improve retrieval accuracy by using the Bhattacharyya distance. A series of simulations verify the security and effectiveness of our scheme.

Sena Sahin,Frank Li

DOI: https://doi.org/10.1145/3460120.3484791

2021-11-12

Abstract:To enhance the usability of password authentication, typo-tolerant password authentication schemes permit certain deviations in the user-supplied password, to account for common typographical errors yet still allow the user to successfully log in. In prior work, analysis by Chatterjee et al. demonstrated that typo-tolerance indeed notably improves password usability, yet (surprisingly) does not appear to significantly degrade authentication security. In practice, major web services such as Facebook have employed typo-tolerant password authentication systems. In this paper, we revisit the security impact of typo-tolerant password authentication. We observe that the existing security analysis of such systems considers only password spraying attacks. However, this threat model is incomplete, as password authentication systems must also contend with credential stuffing and tweaking attacks. Factoring in these missing attack vectors, we empirically re-evaluate the security impact of password typo-tolerance using password leak datasets, discovering a significantly larger degradation in security. To mitigate this issue, we explore machine learning classifiers that predict when a password's security is likely affected by typo-tolerance. Our resulting models offer various suitable operating points on the functionality-security tradeoff spectrum, ultimately allowing for partial deployment of typo-tolerant password authentication, preserving its functionality for many users while reducing the security risks.

WeiDong Zhong,Xu An Wang,Ziqing Wang,Yi Ding

DOI: https://doi.org/10.1109/CIS.2011.217

2011-01-01

Abstract:Proxy re-encryption (PRE) allows a proxy to transform a cipher text for Alice (delegator) to be the one which can be decrypted by Bob (delegatee). Since it is introduced by Blaze et al. in 1998, many variants of PRE have been proposed. In this paper, we concentrate on two of them: anonymous conditional proxy re-encryption (ACPRE) and constrained proxy re-encryption with keyword search (PRES). Conditional proxy re-encryption (CPRE) is a primitive which only allows those cipher texts satisfying the condition can be re-encrypted correctly by the proxy. Anonymous conditional proxy re-encryption (ACPRE) requires the proxy not knowing which condition the cipher text associated with. PRES is a primitive which allows the proxy simultaneously re-encrypt and search the delegator's cipher text. Based on the PRES proposed by Shao et al., We show the definition of constrained proxy re-encryption with keyword search (CPRES), give its security models and discuss its potential applications. At last, based on a concrete ACPRE scheme, we construct a concrete CPRES scheme.

Thitikorn Pongmorrakot,Rahul Chatterjee

DOI: https://doi.org/10.1007/978-3-030-66626-2_1

2020-01-01

Abstract:Password-authenticated key exchange (PAKE) enables a user to authenticate to a server by proving the knowledge of the password without actually revealing their password to the server. PAKE protects user passwords from being revealed to an adversary who compromises the server (or a disgruntled employee). Existing PAKE protocols, however, do not allow even a small typographical mistake in the submitted password, such as accidentally adding a character at the beginning or at the end of the password. Logins are rejected for such password submissions; the user has to retype their password and reengage in the PAKE protocol with the server. Prior works have shown that users often make typographical mistakes while typing their passwords. Allowing users to log in with small typographical mistakes would improve the usability of passwords and help users log in faster. Towards this, we introduce tPAKE: a typo-tolerant PAKE, that allows users to authenticate (or exchange high-entropy keys) using a password while tolerating small typographical mistakes. tPAKEallows edit-distance-based errors, but only those that are frequently made by users. This benefits security, while still improving usability. We discuss the security considerations and challenges in designing tPAKE. We implement tPAKE and show that it is computationally feasible to be used in place of traditional PAKEs while providing improved usability. We also provide an extension to tPAKE, called adaptive-tPAKE, that will enable the server to allow a user to log in with their frequent mistakes (without ever learning those mistakes).

Enka Blanchard

DOI: https://doi.org/10.4018/ijsssp.302622

2022-07-13

International Journal of Systems and Software Security and Protection

Abstract:Credential leaks still happen with regular frequency, and show evidence that, despite decades of warnings, password hashing is still not correctly implemented in practice. The common practice today, inherited from previous but obsolete constraints, is to transmit the password in cleartext to the server, where it is hashed and stored. This allows some usability improvements, such as typo-tolerant password checkers — which can correct up to 32% of typos, with no negative impact on security — formally introduced by Chatterjee et al. in 2016, but used in some preliminary forms since 2012. This article investigates the advantages and drawbacks of the alternative of hashing client-side, and shows that it is present today exclusively on Chinese websites. It introduces an alternative typo-correction framework based on client-side hashing, which corrects up to 57% of typos without affecting user experience, at no computational cost to the server. Finally, it proposes some potential ways to improve the industry standards by enforcing accountability on password security.

Ping Zhang,Honggang Hu

DOI: https://doi.org/10.1109/DSC.2017.37

2017-01-01

Abstract:This paper focuses on the security of permutation-based tweakable on-line ciphers against related-key attacks. We firstly formalize syntaxes of tweakable on-line ciphers and tweakable on-line authenticated encryption modes, and set up their security models, respectively. Then we propose the first new parallelizable permutation-based tweakable on-line cipher PTOC, which is constructed by a public random permutation and a universal hash function family with a tweak and a key. We prove that PTOC achieves related-key strong tweakable on-line pseudorandom permutation security using H-coefficients technique. Finally, this paper introduces a provably secure permutation-based tweakable on-line authenticated encryption scheme PTOAE, which provides both decryption-misuse resistance and related-key security. Tweakable on-line schemes can be widely applied to the data storage security, database security, cloud security, big data security, and so on.

Yuanhao Wang,Qiong Huang,Hongbo Li,Meiyan Xiao,Jianye Huang,Guomin Yang

DOI: https://doi.org/10.1007/978-3-030-90402-9_3

2021-01-01

Abstract:The rise of cloud computing is driving the development in various fields and becoming one of the hot topics in recent years. To solve the problem of comparing ciphertexts between different users in cloud storage, Public Key Encryption with Equality Test (PKEET) was proposed. In PKEET, a tester can determine whether two ciphertexts encrypted with different public keys contain the same message without decrypting the ciphertexts. However, PKEET only supports exact matching, which may not be practical when two messages have misspellings, formatting differences, or differences in the data itself. Therefore, to support fuzzy matching, in this paper we propose the concept of Public Key Encryption with Fuzzy Matching (PKEFM), which allows to determine whether the edit distance between two encrypted messages is less than a threshold value. PKEFM can be well applied to support fuzzy data comparison in encrypted e-mail systems or encrypted gene testing. We then modify the scheme to provide the decryption function, and support (encrypted) wildcards in the matching, in order to further improve the generality of PKEFM at the cost of a small amount of extra computation.

Mohammed Raouf Senouci,Ilyas Benkhaddra,Abdelkader Senouci,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2021.102271

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:As the wave of data breaches continues crashing down on companies, specially for companies that provide cloud storage services, the data security and privacy have become the main concern of most clients that use this kind of services. Certificateless public key encryption with keyword search (CLPEKS) is a novel cryptographic primitives that if implemented correctly, provides the possibility to search over an encrypted data that has been outsourced to the cloud server, while guaranteeing the privacy of the search-keyword used in the process. Several CLPEKS schemes have been presented in the literature, but many of them are found vulnerable to offline/online keyword guessing attacks either performed by inside attackers, outside attackers or by both. To overcome these security weaknesses, we propose an efficient and secure certificateless searchable encryption scheme that is proven to be resistant against different keyword guessing attacks under both, the hardness of solving the discrete logarithm (DL) and the computational Diffie-Hellman (CDH) problems in the random oracle model. Then, by conducting a comprehensive comparison between our proposed scheme and other related schemes, we found that the proposed scheme has better overall performance in terms of communication and computation complexities, while guaranteeing security against online and offline KGA performed by either outside attackers or inside attacker.

Setareh Sharifian,Reihaneh Safavi-Naini

DOI: https://doi.org/10.48550/arXiv.2102.02243

2021-02-03

Cryptography and Security

Abstract:A hybrid encryption scheme is a public-key encryption system that consists of a public-key part called the key encapsulation mechanism (KEM), and a (symmetric) secret-key part called data encapsulation mechanism (DEM): the public-key part is used to generate a shared secret key between two parties, and the symmetric key part is used to encrypt the message using the generated key. Hybrid encryption schemes are widely used for secure communication over the Internet. In this paper, we initiate the study of hybrid encryption in preprocessing model which assumes access to initial correlated variables by all parties (including the eavesdropper). We define information-theoretic KEM (iKEM) that, together with a (computationally) secure DEM, results in a hybrid encryption scheme in preprocessing model. We define the security of each building block, and prove a composition theorem that guarantees (computational) qe-chosen plaintext (CPA) security of the hybrid encryption system if the iKEM and the DEM satisfy qe-chosen encapculation attack and one-time security, respectively. We show that iKEM can be realized by a one-way SKA (OW-SKA) protocol with a revised security definition. Using an OW-SKA that satisfies this revised definition of security effectively allows the secret key that is generated by the OW-SKA to be used with a one-time symmetric key encryption system such as XORing a pseudorandom string with the message, and provide qe-CPA security for the hybrid encryption system.We discuss our results and directions for future work.

Randy Kuang,Maria Perepechaenko,Ryan Toth

DOI: https://doi.org/10.48550/arXiv.2301.11995

2023-01-27

Cryptography and Security

Abstract:This paper proposes a new homomorphic functional encryption using modular multiplications over a hidden ring. Unlike traditional homomorphic encryption where users can only passively perform ciphertext addition or multiplication, the homomorphic functional encryption retains homomorphic addition and scalar multiplication properties, but also allows for the user's inputs through polynomial variables. The proposed homomorphic encryption can be applied to any polynomials over a finite field, with their coefficients considered as their privacy. We denote the polynomials before homomorphic encryption as plain polynomials and after homomorphic encryption as cipher polynomials. A cipher polynomial can be evaluated with variables from the finite field, GF(p), by calculating the monomials of variables modulo a prime p. These properties allow functional homomorphic encryption to be used for public key encryption of certain asymmetric cryptosystems to hide the structure of its central map construction. We propose a new variant of MPKC with homomorphic encryption of its public key. We propose to use a single plaintext vector and a noise vector of multiple variables to be associated with the central map, in place of the secret plaintext vector to be encrypted in MPKC. We call this variant of encrypted MPKC, a Homomorphic Polynomial Public Key algorithm or HPPK algorithm. The HPPK algorithm holds the property of indistinguishability under the chosen-plaintext attacks or IND-CPA. The overall classical complexity to crack the HPPK algorithm is exponential in the size of the prime field GF(p). We briefly report on benchmarking performance results using the SUPERCOP toolkit. Benchmarking results demonstrate that HPPK offers rather fast performance, which is comparable and in some cases outperforms the NIST PQC finalists for key generation, encryption, and decryption.

潘长勇,韩凯

DOI: https://doi.org/10.3969/j.issn.1002-8692.2010.06.013

2010-01-01

Abstract:A conditional access advanced security technique and its implementation are introduced in this paper.It's based on iterative secret key encryption and can prevent the piracy of pay-TV and protect the profit of pay-TV operator.The technique is proved to be effective by prototype experimentation in lab and now in mass production.

Yaojun Mao,Xingbing Fu,Chen Guo,Guohua Wu

DOI: https://doi.org/10.1002/ett.3531

IF: 3.6

2018-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Public key encryption With keyword search (PEKS) enables a cloud server (CS) to get the search trapdoor to identify ciphertext containing the target keyword without decrypting the ciphertext or knowing the target keyword. With the advent of mobile cloud computing, PEKS has ushered in an era of new development opportunities and new challenges. In mobile cloud computing environment, the PEKS schemes demand strict bounded timing response and security. However, traditional PEKS schemes rely on heavy bilinear pairing computations, which causes a delay from the CS to the mobile terminal. Moreover, as computing power increases, PEKS is more vulnerable to suffer from an inherent insecurity known as inside keyword guessing attack, which leaks user data query information. To achieve a secure and efficient searchable encryption scheme in the mobile cloud computing environment, we put forward a lattice‐based searchable encryption scheme that supports conjunctive keyword search. Our scheme achieves higher computational efficiency and is resistant against quantum attacks compared with traditional PEKS schemes. To further enhance security and make our scheme secure against keyword guessing attack, we hide the decryption parameters by outsourcing part of the decryption process to a semitrusted third party called unusual keyword server, so that the CS cannot guess the exact keyword by performing consistency verification.

Yu Zhang,Songfeng Lu

DOI: https://doi.org/10.1145/2660267.2662361

2014-01-01

Abstract:A previous work proposed a method which can change a predicate encryption supporting inner product (IPE) scheme into a public key encryption with conjunctive keyword search (PECK) or public key encryption with disjunctive keyword search (PEDK) scheme. However, there are two problems in this method. The one is that the PEDK scheme based on this method has low efficiency on the time and space complexity. The other is that the PECK scheme and the PEDK scheme generated by using this approach can not be combine into one scheme which can support both conjunctive and disjunctive keyword search over encrypted data. To mitigate these concerns, we propose a method for constructing a scheme called public key encryption with conjunctive and disjunctive keyword search (PECDK), and give an instance. The comparison shows that our scheme can solve two problems mentioned above efficiently.

Abdelrhman Hassan,Yong Wang,Rashad Elhabob,Nabeil Eltayieb,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101776

IF: 5.836

2020-01-01

Journal of Systems Architecture

Abstract:The challenges confronting the privacy of outsourcing medical data have become a significant concern for patients and healthcare providers. The encryption of this sensitive data before outsourcing to the healthcare server present an effective solution for protection. However, searching on different ciphertexts while protecting the privacy of data remains a research challenge. Indeed, most of the existing schemes are inefficient, particularly for deployment on mobile devices due to limited resources (e.g. computing power, battery lifetime, and storage capacity). In this paper, we propose a CertificateLess Public-Key Encryption with Authorized Equality Test (CLPKE-AET) scheme. With the CLPKE-AET scheme, an authorized cloud server is permitted to check the equivalence of two different ciphertexts consisting of the same messages. Moreover, We provide four types of authorizations, base on which an authorized user can directly search on different user's ciphertext using different methods while enhancing the privacy of the user's data. We present our construction from bilinear pairing and demonstrate its security under modified Bilinear Diffie-Hellman (mBDHI) assumption in the Random Oracle Model (ROM). Finally, compared with other's similar schemes, the performance analysis shows that our CLPKE-AET scheme is practical and more suitable for healthcare environments.

Wenjian Luo,Yamin Hu,Hao Jiang,Junteng Wang

DOI: https://doi.org/10.1109/tifs.2018.2844854

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Secure password storage is a vital aspect in systems based on password authentication, which is still the most widely used authentication technique, despite some security flaws. In this paper, we propose a password authentication framework that is designed for secure password storage and could be easily integrated into existing authentication systems. In our framework, first, the received plain password from a client is hashed through a cryptographic hash function (e.g., SHA-256). Then, the hashed password is converted into a negative password. Finally, the negative password is encrypted into an encrypted negative password (ENP) using a symmetric-key algorithm (e.g., AES), and multi-iteration encryption could be employed to further improve security. The cryptographic hash function and symmetric encryption make it difficult to crack passwords from ENPs. Moreover, there are lots of corresponding ENPs for a given plain password, which makes precomputation attacks (e.g., lookup table attack and rainbow table attack) infeasible. The algorithm complexity analyses and comparisons show that the ENP could resist lookup table attack and provide stronger password protection under dictionary attack. It is worth mentioning that the ENP does not introduce extra elements (e.g., salt); besides this, the ENP could still resist precomputation attacks. Most importantly, the ENP is the first password protection scheme that combines the cryptographic hash function, the negative password, and the symmetric-key algorithm, without the need for additional information except the plain password.

Ping Zhang,Hong-Gang Hu

DOI: https://doi.org/10.1007/s11390-018-1886-4

IF: 1.871

2018-01-01

Journal of Computer Science and Technology

Abstract:This paper describes a generalized tweakable blockcipher HPH (Hash-Permutation-Hash), which is based on a public random permutation P and a family of almost-XOR-universal hash functions \( \mathcal{H}={\left\{ HK\right\}}_{K\in \mathcal{K}} \) as a tweak and key schedule, and defined as y = HPHK((t1, t2), x) = P(x ⊕ HK(t1)) ⊕ HK(t2), where K is a key randomly chosen from a key space \( \mathcal{K} \), (t1, t2) is a tweak chosen from a valid tweak space \( \mathcal{T} \), x is a plaintext, and y is a ciphertext. We prove that HPH is a secure strong tweakable pseudorandom permutation (STPRP) by using H-coefficients technique. Then we focus on the security of HPH against multi-key and related-key attacks. We prove that HPH achieves both multi-key STPRP security and related-key STPRP security. HPH can be extended to wide applications. It can be directly applied to authentication and authenticated encryption modes. We apply HPH to PMAC1 and OPP, provide an improved authentication mode HPMAC and a new authenticated encryption mode OPH, and prove that the two modes achieve single-key security, multi-key security, and related-key security.

T.V. Laptyeva,S. Flach,K. Kladko

DOI: https://doi.org/10.1209/0295-5075/95/50007

2011-07-01

Abstract:Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors we design an algorithm that strengthens security of passwords. The core idea of our method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies.

Cryptography and Security,Other Condensed Matter,Chaotic Dynamics

Puwen Wei,Yuliang Zheng,Xiaoyun Wang

DOI: https://doi.org/10.1007/978-3-642-28368-0_14

2012-01-01

Cryptography and Security

Abstract:We investigate public key encryption that allows the originator of a ciphertext to retrieve a "forgotten" plaintext from the ciphertext. This type of public key encryption with "backward recovery" contrasts more widely analyzed public key encryption with "forward secrecy". We advocate that together they form the two sides of a whole coin, whereby offering complementary roles in data security, especially in cloud computing, 3G/4G communications and other emerging computing and communication platforms. We formalize the notion of public key encryption with backward recovery, and present two construction methods together with formal analyses of their security. The first method embodies a generic public key encryption scheme with backward recovery using the "encrypt then sign" paradigm, whereas the second method provides a more efficient scheme that is built on Hofheinz and Kiltz's public key encryption in conjunction with target collision resistant hashing. Security of the first method is proved in a two-user setting, whereas the second is in a more general multi-user setting.