Jian Zhang,Yang,Yanjiao Chen,Jing Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2017.08.019

IF: 5.493

2017-01-01

Computer Networks

Abstract:With the growing popularity of cloud storage, to guarantee the security of outsourced data becomes more and more important. In this paper, we make the first attempt to explore the intrinsic relationship between secure cloud storage and homomorphic encryption scheme, based on which we present a Generic way to design a Secure Cloud Storage protocol, denoted as G-SCS, using any homomorphic encryption scheme (HES). The proposed G-SCS is secure under a definition that satisfy the security requirement of cloud storage. To address various issues in real application scenarios, we further extend the protocol to support deterministic and randomized auditing, data dynamics (i.e., data insertion, deletion and modification), as well as third-party public auditing, while preserving the efficiency and security of the protocol. By instantiating all abstract semantics in G-SCS, we construct three concrete secure cloud storage protocols using RSA-based, Paillier-based and DGHV-based HESs, which are multiplicatively, additively and fully HESs, respectively. We conduct extensive theoretical analysis and experimental evaluations to validate the practicability of the proposed protocol.

Qi Xie,Guilin Wang,Fubiao Xia,Deren Chen

DOI: https://doi.org/10.1002/cpe.3058

2013-01-01

Concurrency and Computation Practice and Experience

Abstract:By integrating self-certified public-key systems and the designated verifier proxy signature with message recovery, Wu and Lin proposed the first self-certified proxy convertible authenticated encryption (SP-CAE) scheme and its variants based on discrete logarithm problem (DLP) in 2009. Though their schemes are claimed provably secure, we demonstrate that their schemes are existentially forgeable under adaptive chosen warrants, unconfidentiable and verifiable under adaptive chosen messages and designated verifiers. Then we propose a provably secure SP-CAE scheme in the random oracle model.

Adi Akavia,Craig Gentry,Shai Halevi,Margarita Vald

DOI: https://doi.org/10.1007/s00145-024-09526-1

2024-11-28

Journal of Cryptology

Abstract:Homomorphic encryption ( HE ) protects data in-use, but can be computationally expensive. To avoid the costly bootstrapping procedure that refreshes ciphertexts, some works have explored client-aided outsourcing protocols, where the client intermittently refreshes ciphertexts for a server that is performing homomorphic computations. But is this approach secure against malicious servers? We present a CPA -secure encryption scheme that is completely insecure in this setting. We define a new notion of security, called funcCPA , that we prove is sufficient. Additionally, we show:

computer science, theory & methods,engineering, electrical & electronic,mathematics, applied

Gang Du,Chunguang Ma,Zengpeng Li,Ding Wang

DOI: https://doi.org/10.1007/978-3-319-68542-7_21

2017-01-01

Abstract:Despite the convenience brought by cloud computing, internet users, meanwhile, are faced with risks of data theft, tampering, forgery, etc. Fully homomorphic encryption (FHE) has the ability to deal with the ciphertext directly, which can solve the problem of data security in cloud computing. Therefore, fully homomorphic encryption (FHE) has been widely used in cloud computing as well as multiparty computing, functional encryption and private information retrieval, etc. However, previous FHE schemes are based on standard (ring) learning with errors (LWE) assumption and the most typical schemes were created by Brakerski (CRYPTO2012) and Gentry-Sahai-Waters (GSW) (CRYPTO2013). Moreover, inspired by the work of Li et al. at ICPADS2016, they made use of Brakerski's scale-invariant technology and constructed a new FHE scheme with errorless key switching under Dual-First-is-errorless LWE (Dual-Ferr. LWE) problem. Hence, armed with Li et al.'s work, in this paper, we use Gentry-Peikert-Vaikuntanathan's scheme (i.e., under dual LWE assumption) as building block to construct a FHE scheme. Lastly, under the assumption of decisional learning with errors (LWE), we prove that our scheme is CPA (chosen-plaintext-attack) secure.

Linming Gong,Mingming Wang,Xiangjian Zuo,Shundong Li,Daoshun Wang

DOI: https://doi.org/10.1109/access.2019.2891075

IF: 3.9

2019-01-01

IEEE Access

Abstract:We study how to make any deterministic encryption scheme probabilistic and secure against adaptively chosen ciphertext attacks. A new transpositional padding encryption scheme is proposed, with which we construct a universal scheme, namely, a transpositional padding encryption scheme, which has three novel attributes: 1) it can pad a given plaintext into several different values once the randomness is chosen while the previous padding schemes only pad a given plaintext into a fixed value; 2) it introduces the randomness into a ciphertext without employing hash function or random oracle, and; 3) it enables the encrypted message to contain more useful information that may exceed the upper limit of plaintext space. Then, we give this encryption scheme an instantiation of RSA, which is proven to be indistinguishable under adaptively chosen ciphertext attacks without random oracle that assumes a variant of the standard RSA problem. The variant problem is a novel arithmetic problem, and it is weaker than the standard RSA problem.

Yuanju Gan,Licheng Wang,Jianhua Yan,Yixian Yang

DOI: https://doi.org/10.4304/jsw.8.5.1245-1253

2013-01-01

Journal of Software

Abstract:Most threshold key encapsulation mechanisms (KEM) have been studied in a weak model–static corruption model or random oracle model. In this paper, we propose a threshold KEM scheme with provable security based on the bilinear groups of composite order in the standard model. We use a direct construction from Boyen-Mei-Waters’ KEM scheme and Libert and Yung’s threshold decryption scheme to obtain a threshold KEM scheme that can withstand adaptive chosen ciphertext attacks (CCA) and adaptive corruption attacks. However, to achieve a higher security level, our construction does not increase overall additional size of ciphertext compare to other schemes.

Roohallah Rastaghi

DOI: https://doi.org/10.48550/arXiv.1302.6352

2013-02-26

Cryptography and Security

Abstract:Design efficient lattice-based cryptosystem secure against adaptive chosen ciphertext attack (IND-CCA2) is a challenge problem. To the date, full CCA2-security of all proposed lattice-based PKE schemes achieved by using a generic transformations such as either strongly unforgeable one-time signature schemes (SU-OT-SS), or a message authentication code (MAC) and weak form of commitment. The drawback of these schemes is that encryption requires "separate encryption". Therefore, the resulting encryption scheme is not sufficiently efficient to be used in practice and it is inappropriate for many applications such as small ubiquitous computing devices with limited resources such as smart cards, active RFID tags, wireless sensor networks and other embedded devices. In this work, for the first time, we introduce an efficient universal random data padding (URDP) scheme, and show how it can be used to construct a "direct" CCA2-secure encryption scheme from "any" worst-case hardness problems in (ideal) lattice in the standard model, resolving a problem that has remained open till date. This novel approach is a "black-box" construction and leads to the elimination of separate encryption, as it avoids using general transformation from CPA-secure scheme to a CCA2-secure one. IND-CCA2 security of this scheme can be tightly reduced in the standard model to the assumption that the underlying primitive is an one-way trapdoor function.

Lin-Ming GONG,Shun-Dong LI,Jia-Wei DOU,YI-Min GUO,Dao-Shun WANG

DOI: https://doi.org/10.13328/j.cnki.jos.005239

2018-01-01

Abstract:In recent years,secure multiparty computation is one of research focuses in the field of cryptography,and secret geometry calculation is an important branch of it.The problem of safely calculating a straight line by two private coordinate point has important application prospect in space information security.First,a variant of Paillier's homomorphic encryption scheme is put forward in that the base is calculated by sender during encryption,and its indistinguishability under adaptive chosen-plaintext attack is proved.Then,based on this homomorphic encryption scheme,a protocol that can safely calculate a straight line by two private coordinate point in semi-honesty model is designed.Moreover,this protocol can be applied to solve a type of secure multiparty computational geometry problem that can be reduced to compute coordinate difference quotient.Thus,the problem that there is a non-negligible probability of private information leakage in the current coordinate difference quotient calculation protocols based on homomorphic encryption is solved.

LI Shun-dong,WANG Dao-shun

DOI: https://doi.org/10.3969/j.issn.0372-2112.2013.04.029

2013-01-01

Abstract:Secure multiparty computation is a key privacy-preserving technology in cyberspaces and a research focus in the international cryptographic community.We first present a new encoding scheme to encode private data.By using this encoding scheme together with homomorphic encryption scheme,we construct a new scheme for Yao′s millionaires′ problem and prove its privacy-preserving property.This new scheme is more concise,more general and can be applied to compare any two objects on which a total order can be defined.We finally utilize the new scheme to propose a solution to the coprime problem and prove the privacy-preserving properties of the solution.

Huige Wang,Kefei Chen,Tianyu Pan,Yunlei Zhao

DOI: https://doi.org/10.1155/2020/8823788

IF: 1.968

2020-01-01

Security and Communication Networks

Abstract:Functional encryption (FE) can implement fine-grained control to encrypted plaintext via permitting users to compute only some specified functions on the encrypted plaintext using private keys with respect to those functions. Recently, many FEs were put forward; nonetheless, most of them cannot resist chosen-ciphertext attacks (CCAs), especially for those in the secret-key settings. This changed with the work, i.e., a generic transformation of public-key functional encryption (PK-FE) from chosen-plaintext (CPA) to chosen-ciphertext (CCA), where the underlying schemes are required to have some special properties such as restricted delegation or verifiability features. However, examples for such underlying schemes with these features have not been found so far. Later, a CCA-secure functional encryption from projective hash functions was proposed, but their scheme only applies to inner product functions. To construct such a scheme, some nontrivial techniques will be needed. Our key contribution in this work is to propose CCA-secure functional encryptions in the PKE and SK environment, respectively. In the existing generic transformation from (adaptively) simulation-based CPA- (SIM-CPA-) secure ones for deterministic functions to (adaptively) simulation-based CCA- (SIM-CCA-) secure ones for randomized functions, whether the schemes were directly applied to CCA settings for deterministic functions is not implied. We give an affirmative answer and derive a SIM-CCA-secure scheme for deterministic functions by making some modifications on it. Again, based on this derived scheme, we also propose an (adaptively) indistinguishable CCA- (IND-CCA-) secure SK-FE for deterministic functions. The final results show that our scheme can be instantiated under both nonstandard assumptions (e.g., hard problems on multilinear maps and indistinguishability obfuscation (IO)) and under standard assumptions (e.g., DDH, RSA, LWE, and LPN).

Tao Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1145/2430475.2430493

2012-01-01

Abstract:To achieve a trustworthy cloud data service, there is a need to both provide the right services from a security engineering perspective, as well as to allows specific types of computations to be carried out on encrypted cloud data. However, traditional encryption solutions can't be used to process outsourcing encrypted data hosting to an untrusted cloud provider. A novel encryption scheme, called fully homomorphic encryption (FHE), could afford the circuit ability over encrypted data without decrypting it. In this paper, we deliver a universal construction framework for fully homomorphic encryption schemes. At first, this framework initializes a somewhat homomorphic encryption scheme based on the concept of metric space in abstract algebra which encodes the plaintext into a offset vector and generates a ciphertext by adding the offset vector to a random eigenvector in the metric space. As an abelian group, the ring is closed under addition and multiplication, this abstract algebra assume the metric space could forma ring and the eigenvectors belong to an ideal of this ring, then this framework could achieve homomorphism by having the scheme live in rings. We also deduce some well-known fully homomorphic schemes from the construction framework, and propose a prototype with an FHE encryption proxy to solve confidentiality problems in cloud systems. At last, we show the performance of FHE with some experiments, and speed the performance of fully homomorphic encryption up with cloud computing (parallel computing, distribute computing, etc.). We also discuss some opening issues and directions for future fully homomorphic encryption researches.

Juyan Li,Zhiqi Qiao,Kejia Zhang,Chen Cui

DOI: https://doi.org/10.3390/s21010288

2021-01-04

Abstract:The homomorphic proxy re-encryption scheme combines the characteristics of a homomorphic encryption scheme and proxy re-encryption scheme. The proxy can not only convert a ciphertext of the delegator into a ciphertext of the delegatee, but also can homomorphically calculate the original ciphertext and re-encryption ciphertext belonging to the same user, so it is especially suitable for cloud computing. Yin et al. put forward the concept of a strong collusion attack on a proxy re-encryption scheme, and carried out a strong collusion attack on the scheme through an example. The existing homomorphic proxy re-encryption schemes use key switching algorithms to generate re-encryption keys, so it can not resist strong collusion attack. In this paper, we construct the first lattice-based homomorphic proxy re-encryption scheme with strong anti-collusion (HPRE-SAC). Firstly, algorithm TrapGen is used to generate an encryption key and trapdoor, then trapdoor sampling is used to generate a decryption key and re-encryption key, respectively. Finally, in order to ensure the homomorphism of ciphertext, a key switching algorithm is only used to generate the evaluation key. Compared with the existing homomorphic proxy re-encryption schemes, our HPRE-SAC scheme not only can resist strong collusion attacks, but also has smaller parameters.

xing li,jianping yu,peng zhang,xiaoqiang sun

DOI: https://doi.org/10.1109/ICEIEC.2015.7284526

2015-01-01

Abstract:Fully homomorphic encryption has been viewed as a mechanism that enables to do arbitrary computations on encrypted data, without ever decrypting it. So fully homomorphic encryption owns great value in cloud computing, secure multiparty computation and so on. To obtain a leveled fully homomorphic encryption scheme, we present a comparatively simple and natural method, that is the approximate eigenvector method. The homomorphic addition and multiplication involved are just matrix addition and multiplication, and the error growth is slow and linear. In this essay we show an approximate-eigenvector leveled fully homomorphic encryption scheme based on Error-Free Approximate GCD, whose plaintext is a diagonal matrix. So this scheme can encrypt l bits at a time.

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

Jinyong Chang,Yanyan Ji,Bilin Shao,Maozhi Xu,Rui Xue

DOI: https://doi.org/10.1109/TNET.2020.3013902

2020-12-15

IEEE/ACM Transactions on Networking

Abstract:Homomorphic signature is an extremely important public key authentication technique for network coding to defend against pollution attacks. As a public key cryptographic primitive, it also encounters the same problem of how to confirm the relationship between some public key $pk$ and the identity $ID$ of its owner. In the setting of distributed network coding, the intermediate and destination nodes need to use the public key of source node S to check the validity of vector-signature pairs. Therefore, the binding of S and its corresponding public key becomes crucial. The popular and traditional solution is based on certificates which are issued by a trusted certification authority (CA) center. However, the generation and management of certificates is extremely cumbersome. Hence, in recent work, Lin et al. proposed a new notion of identity-based homomorphic signature, which intends to avoid using certificates. But the key escrow problem is inevitable for identity-based primitives. In this article, we propose another new notion (for network coding): certificateless homomorphic signature (CLHS), which is a compromise for the above two techniques. In particular, we first describe the definition and security model of certificateless homomorphic signature. Then based on bilinear map and the computational Diffie-Hellman (CDH) assumption, give a concrete implementation and detailedly analyze its security. Finally, performance analysis illustrates that our construction is practical.

telecommunications,computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Somnath Panja,Setareh Sharifian,Shaoquan Jiang,Reihaneh Safavi-Naini

2024-03-25

Abstract:A hybrid encryption (HE) system is an efficient public key encryption system for arbitrarily long messages. An HE system consists of a public key component called key encapsulation mechanism (KEM), and a symmetric key component called data encapsulation mechanism (DEM). The HE encryption algorithm uses a KEM generated key k to encapsulate the message using DEM, and send the ciphertext together with the encapsulaton of k, to the decryptor who decapsulates k and uses it to decapsulate the message using the corresponding KEM and DEM components. The KEM/DEM composition theorem proves that if KEM and DEM satisfy well-defined security notions, then HE will be secure with well defined security. We introduce HE in correlated randomness model where the encryption and decryption algorithms have samples of correlated random variables that are partially leaked to the adversary. Security of the new KEM/DEM paradigm is defined against computationally unbounded or polynomially bounded adversaries. We define iKEM and cKEM with respective information theoretic computational security, and prove a composition theorem for them and a computationally secure DEM, resulting in secure HEs with proved computational security (CPA and CCA) and without any computational assumption. We construct two iKEMs that provably satisfy the required security notions of the composition theorem. The iKEMs are used to construct two efficient quantum-resistant HEs when used with an AES based DEM. We also define and construct combiners with proved security that combine the new KEM/DEM paradigm of HE with the traditional public key based paradigm of HE.

Cryptography and Security

Konstantin G. Kogos,Kseniia S. Filippova,Anna V. Epishkina

DOI: https://doi.org/10.1109/eiconrus.2017.7910591

2017-01-01

Abstract:The challenge of maintaining confidentiality of stored and processed data in a remote database or cloud is quite urgent. Using homomorphic encryption may solve the problem, because it allows to compute some functions over encrypted data without preliminary deciphering of data. Fully homomorphic encryption schemes have a number of limitations such as accumulation of noise and increase of ciphertext extension during performing operations, the range of operations is limited. Nowadays a lot of homomorphic encryption schemes and their modifications have been investigated, so more than 25 reports on homomorphic encryption schemes have already been published on Cryptology ePrint Archive for 2016. We propose an overview of current Fully Homomorphic Encryption Schemes and analyze specific operations for databases which homomorphic cryptosystems allow to perform. We also investigate the possibility of sorting over encrypted data and present our approach to compare data encrypted by Multi-bit FHE scheme.

Zengpeng Li,Chunguang Ma,Gang Du,Weiping Ouyang

DOI: https://doi.org/10.1109/icpads.2016.0154

2016-01-01

Abstract:Cloud computing raises new challenges for how to protect user privacy. Fully homomorphic encryption is one way to solve the problem. In this paper, we show a useful property of Dual-LWE assumption to construct Key-Switching procedure compared with LWE assumption without extra error term. Hence, we propose to construct "Errorless Key Switching" fully homomorphic encryption (FHE) scheme based on dual learning with errors (Dual-LWE) assumption. Specifically, we compile the Dual-LWE problem proposed by Gentry et.al. at STOC2008 and First-is-errorless LWE (Ferr.LWE) problem proposed by Brakerski et al. at STOC2013 into Dual-First-is-errorless LWE (Dual-Ferr.LWE) problem. Then, utilizing Dual-Ferr.LWE assumption to construct a various GPV(vGPV) scheme, and we use vGPV scheme as the fundamental building block to construct FHE with errorless key switching scheme. Lastly, under the assumption of decisional learning with errors(DLWE), we prove that our scheme is CPA secure.

Dung Hoang Duong,Partha Sarathi Roy,Willy Susilo,Kazuhide Fukushima,Shinsaku Kiyomoto,Arnaud Sipasseuth

DOI: https://doi.org/10.48550/arXiv.2005.03178

2020-05-07

Cryptography and Security

Abstract:With the rapid growth of cloud storage and cloud computing services, many organisations and users choose to store the data on a cloud server for saving costs. However, due to security concerns, data of users would be encrypted before sending to the cloud. However, this hinders a problem of computation on encrypted data in the cloud, especially in the case of performing data matching in various medical scenarios. Public key encryption with equality test (PKEET) is a powerful tool that allows the authorized cloud server to check whether two ciphertexts are generated by the same message. PKEET has then become a promising candidate for many practical applications like efficient data management on encrypted databases. Lee et al. (Information Sciences 2020) proposed a generic construction of PKEET schemes in the standard model and hence it is possible to yield the first instantiation of post-quantum PKEET schemes based on lattices. At ACISP 2019, Duong et al. proposed a direct construction of PKEET over integer lattices in the standard model. However, their scheme does not reach the CCA2-security. In this paper, we propose an efficient CCA2-secure PKEET scheme based on ideal lattices. In addition, we present a modification of the scheme by Duong et al. over integer lattices to attain the CCA2-security. Both schemes are proven secure in the standard model, and they enjoy the security in the upcoming quantum computer era.

Zhaoe Min,Geng Yang,Arun Kumar Sangaiah,Shuangjie Bai,Guoxiu Liu

DOI: https://doi.org/10.1186/s13638-018-1317-9

2019-01-21

EURASIP Journal on Wireless Communications and Networking

Abstract:<h3 class="a-plus-plus">Abstract</h3> <p class="a-plus-plus">Cyber physical system (CPS) is facing enormous security challenges because of open and interconnected network and the interaction between cyber components and physical components, the development of cyber physical systems is constrained by security and privacy threats. A feasible solution is to combine the fully homomorphic encryption (FHE) technique to realize the efficient operation of ciphertext without decryption. However, most current homomorphic encryption algorithms only support limited data types, making it difficult to be widely applied in actual environment. To address this limitation, we propose a parallel fully homomorphic encryption algorithm that supports floating-point numbers. The proposed algorithm not only expands the data types supported by the existing fully homomorphic encryption algorithms, but also utilizes the characteristics of multi-nodes in cloud environment to conduct parallel encryption through simultaneous group-wise ciphertext computations. The experimental results show that, in a 16-core 4-node cluster with MapReduce environment, the proposed encryption algorithm achieves the maximum speed-up exceeding 5, which not only solves the limited application problem of the existing fully homomorphic encryption algorithm, but also meets the requirements for the efficient homomorphic encryption of floating-point numbers in cloud computing environment.</p>

telecommunications,engineering, electrical & electronic