Zhengkai Li,Zhenfu Cao,Jiachen Shen,Xiaolei Dong

DOI: https://doi.org/10.1109/icfeict57213.2022.00084

2022-01-01

Abstract:We propose a new scheme for privacy-preserving outsourced calculation. With the help of this scheme, a user on a local host can securely transfer his sensitive information to a cloud platform for processing and storage avoiding disclosing the original information to the unreliable cloud and prying eyes. In addition, the Cloud Platform (CP) can carry out specifical operations on ciphertexts with the help of a Cryptographic Service Provider (CSP) according to the user's requests and send the results to user in the form of ciphertext. Furthermore, data encrypted with multiple keys can also be calculated together, and the computed results will be decrypted by an authorized receiver. We not only implement addition and multiplication operations on ciphertexts, but also design an efficient comparison protocol on ciphertexts (the operations are all in encrypted domain). We then show the security of our encryption and the suggested secure computation sub-protocols. We use a one-way trapdoor permutation and a symmetric somewhat homomorphic encryption as the framework's building blocks rather than the fully homomorphic encryption (FHE) technique. Finally, we use simulations to show the effectiveness and extraordinary efficiency of our suggested scheme.

Jun Zhang,Zoe L. Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1007/978-3-030-74717-6_23

2020-01-01

Abstract:With the popularity of cloud computing, data owners encrypt their data with different keys before uploading data to the cloud due to privacy concerns. Homomorphic encryption makes it possible to calculate on encrypted data but is usually restricted to single key. Based on an additively homomorphic encryption supporting one multiplication, we propose a general computing framework to execute common arithmetic operations on encrypted data under multiple keys such as addition, multiplication, exponentiation. Our scheme rely on two non-colluding servers and is proven to be secure against semi-honest attackers. The experimental evaluations demonstrate the practicality of our computing framework in terms of lower computational complexity and communication overhead.

Xiong Li,Shanpeng Liu,Rongxing Lu

DOI: https://doi.org/10.1109/tifs.2020.2978592

IF: 7.231

2020-01-01

IEEE Transactions on Information Forensics and Security

Abstract:In this paper, we discuss a security weakness of Shen et al.'s public auditing protocol for cloud data [IEEE Transactions on Information Forensics and Security, 12(10): 2402-2415, 2017.]. Specifically, we point out their protocol is vulnerable to a data privacy breach attack, i.e., an adversary, once he compromises the third-party auditor latently, can also obtain all data owners' outsourced data by constructing appropriate challenges. As a result, it breaks the property of "privacy preserving". We hope that by identifying this design flaw, similar weaknesses can be avoided in future designs.

Jun Ye,Xiaofeng Chen,Jianfeng Ma

DOI: https://doi.org/10.1504/ijahuc.2016.079260

2016-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:With the development of cloud computing, outsourcing computation becomes a hot issue recently. Outsourcing computation allows a resource-constrained client to outsource the complicated computing tasks to a cloud server which is powerful but not honest. Modular exponentiation with a large modulus, which is considered as the most expensive operation in discrete logarithm based cryptographic protocols, has been widely used in public key cryptosystems for secure data communications. In this paper we put forth a new improved outsourcing algorithm for secure outsourcing of modular exponentiations. In the proposed algorithm, the modular exponentiations need to be computed are hidden to the malicious server. In the computation procedure, the server cannot obtain any information with respect to the input and output while the client can verify the returned result efficiently. Compared with the algorithms of Hohenberger and Lysyanskaya (2005) and Chen et al. (2012), ours are superior in checkability. In addition, the proposed algorithm can promote the efficiency of all security protocols based on discrete logarithm.

Kai Fan,Tingting Liu,Kuan Zhang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.jpdc.2019.09.008

IF: 4.542

2020-01-01

Journal of Parallel and Distributed Computing

Abstract:<p>With the development of computer technology, it makes malicious users more easily get data stored in cloud. However, these data are always related to users' privacy, and it is harmful when the data are acquired by attackers. Ciphertext-policy attribute-based encryption (CP-ABE) is suitable to achieve privacy and security in cloud. In this paper, we put forward a secure and efficient outsourced computation algorithm on data sharing scheme for privacy computing. Existing schemes only outsource decryption computation to the cloud, users still have heavy burden in encryption. In order to reduce the computing burden of users, most encryption and decryption computations are outsourced to the cloud service provider in our construction. At the same time, to apply in practice, we propose efficient user and attribute revocation. Finally, the security analysis and simulation results show that our scheme is secure and efficient compared with existing schemes.</p>

computer science, theory & methods

Fangguo Zhang,Xu Ma,Shengli Liu

DOI: https://doi.org/10.1016/j.ins.2014.07.017

IF: 8.1

2014-01-01

Information Sciences

Abstract:The rise of cloud computing and the proliferation of mobile devices make computation outsourcing popular. However, the servers are not fully trusted, and a critical problem is the verifiability and privacy of such computations. Although some computation outsourcing schemes provided a general method, the complicated cryptographic tools involved result in great inefficiency. The existing efficient computation outsourcing schemes however aim only at a specific computation task, lacking in generality. In this paper, we show how to construct a generic outsourcing computation scheme for inverting a class of homomorphic functions with computation disequilibrium. Extensive analysis shows that many cryptographic computations fall into this category. The formal security analysis proves that our scheme satisfies verifiability, input and output privacy in information-theoretic sense. Since the construction of our scheme tactfully takes advantage of the intrinsic property of the computation task being outsourced, no public key operations are used in the scheme, thus our solution clearly outperforms the existing schemes in terms of efficiency. In addition, we instantiate our generic construction with concrete examples, and the experimental result testifies the efficiency of our construction.

Boyang Wang,Ming Li,Chow, S.S.M.,Hui Li

DOI: https://doi.org/10.1109/CNS.2013.6682768

2013-01-01

Abstract:The emergence of cloud computing brings users abundant opportunities to utilize the power of cloud to perform computation on data contributed by multiple users. These cloud data should be encrypted under multiple keys due to privacy concerns. However, existing secure computation techniques are either limited to single key or still far from practical. In this paper, we design two efficient schemes for secure outsourced computation over cloud data encrypted under multiple keys. Our schemes employ two non-colluding cloud servers to jointly compute polynomial functions over multiple users' encrypted cloud data without learning the inputs, intermediate or final results, and require only minimal interactions between the two cloud servers but not the users. We demonstrate our schemes' efficiency experimentally via applications in machine learning. Our schemes are also applicable to privacy-preserving data aggregation such as in smart metering.

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

Jialin Li,Penghao Lu,Xuemin Lin

DOI: https://doi.org/10.1109/access.2022.3166523

IF: 3.9

2022-01-01

IEEE Access

Abstract:Although tremendous revolution has been made in the emerging cloud computing technologies over digital devices, privacy gradually becomes a big concern in outsourcing computation. Homomorphic encryption has been proposed to facilitate the preservation of data privacy while computational tasks being executed on ciphertext. However, many existing studies only support limited homomorphic calculation functions which barely satisfy complex computing tasks such as machine learning with massive computing resources and rich types of function. To address this problem, a novel multifunctional and privacy-preserving outsourcing computation toolkit is proposed in this paper, which supports several homomorphic computing protocols including division and power on ciphertext of integers and floating point numbers. Specifically, we first implement the homomorphic mutual conversion protocol between integer and floating point ciphertext to balance the efficiency and feasibility, considering the high-precision ciphertext operation on floating point numbers costs 100x computational overhead than that on integers. Second, we implement a homomorphic K-means algorithm based on our proposed toolkit for clustering and design the homomorphic silhouette coefficient as the evaluation index, thereby providing an informative cluster assessment for local users with limited resources. Then, we simulate the protocols of our proposed toolkit to explore the parameter sensitivity in terms of computational efficiency. Last, we report security analysis to prove the security of our toolkit without privacy leakage to unauthorized parties. Comprehensive experiments further demonstrate the efficiency and utility of our toolkit.

Youwen Zhu,Zhiqiu Huang,Liusheng Huang,Tsuyoshi Takagi

DOI: https://doi.org/10.1109/tdsc.2014.2345404

2015-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recently, Jung and Li [1] propose a highly efficient privacy-preserving product calculation scheme without requiring secure communication channels. Then, they present secure approaches to solve several application problems using the product calculation protocol. In this work, we observe several security flawsin their privacy-preserving product calculation scheme and some application protocols. We show the security vulnerabilities will result in the disclosure of private data. In two application protocols, almost all the private numbers will be revealed. We further suggest solutions to fix the security problems.

Wenxiu Ding,Rui Hu,Zheng Yan,Xinren Qian,Robert H. Deng,Laurence T. Yang,Mianxiong Dong

DOI: https://doi.org/10.1109/tnsm.2019.2952462

2020-01-01

Abstract:Cloud computing offers various services based on outsourced data by utilizing its huge volume of resources and great computation capability. However, it also makes users lose full control over their data. To avoid the leakage of user data privacy, encrypted data are preferred to be uploaded and stored in the cloud, which unfortunately complicates data analysis and access control. In particular, few existing works consider the fine-grained access control over the computational results from ciphertexts. Though our previous work proposed a framework to support several basic computations (such as addition, multiplication and comparison) with flexible access control, privacy-preserving division calculations over encrypted data, as a crucial operation in many statistical processes and machine learning algorithms, is neglected. In this paper, we propose four privacy-preserving division computation schemes with flexible access control to fill this gap, which can adapt to various application scenarios. Furthermore, we extend a division scheme over encrypted integers to support privacy-preserving division over multiple data types including fixed-point numbers and fractional numbers. Finally, we give their security proof and show their efficiency and superiority through comprehensive simulations and comparisons with existing work.

Jun Zhang,Zoe L.Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1016/j.ins.2021.06.017

IF: 8.1

2021-10-01

Information Sciences

Abstract:<p>Preparing large amounts of training data is the key to the success of machine learning. Due to the public's concern about individual privacy, different techniques are proposed to achieve privacy preserving machine learning. Homomorphic encryption enables calculation on encrypted data in the cloud. However, current schemes either focus on single key or a specific algorithm. Cooperation between different institutions is quite common in this era of big data. Encrypting data from different institutions under one single key is a risk to data privacy. Moreover, constructing secure scheme for a specific machine learning algorithm lacks universality. Based on an additively homomorphic encryption supporting one multiplication, we propose a general multikey computing framework to execute common arithmetic operations on encrypted data such as addition, multiplication, comparison, sorting, division and etc. Our scheme can be used to run different machine learning algorithms. Our scheme is proven to be secure against semi-honest attackers and the experimental evaluations demonstrate the practicality of our computing framework.</p>

computer science, information systems

Bingbing Jiang,Yuan Zhang

DOI: https://doi.org/10.1109/PCCC.2015.7410266

2015-01-01

Abstract:We design a secure protocol that a server can compute the minimum number of all participants' data while kept unknown additional information about the users' data in its execution. Ours protocol is based on fully homomorphic encryption and we utilize it to fix the problem of securely computing the minimum value. Besides, the used FHE scheme is a lattice-based cryptosystem that can resist some quantum adversaries who can carry out quantum computations on classical queries. We also expand the secure min computing protocol to the privacy-preserving the k-th min computing protocol, and present the security analysis of the two protocols on the assumption of the semi-honest model. In the previous literature, their solutions are based on secure arithmetic sum computations as well as secure bitwise XOR computations. Our protocols are more secure with the comparison to them.

Anmin Fu,Yiming Zhu,Guomin Yang,Shui Yu,Yan Yu

DOI: https://doi.org/10.1007/s10586-018-2830-7

2018-01-01

Cluster Computing

Abstract:Nowadays, cloud computing is increasingly popular. As its important application, outsourcing has aroused great concern. Modular exponentiation is an expensive discrete-logarithm operation and it is difficult for users to calculate locally. Therefore, securely outsourcing modular exponentiation to cloud is a good choice for resource-limited users to reduce computation overhead. In this paper, to outsource modular exponentiation calculation, we dope out a fully verifiable secure outsourcing scheme with single server, so as to eliminate the collusion attacks which occur in algorithms based on two untrusted servers. Meanwhile, our algorithm allows outsourcers to detect any misbehavior with probability 1, which means the checkability of our algorithm shows a significant improvement in comparison to other single server based schemes. Furthermore, to protect data privacy, we propose a new division method to hide the primitive outsourced data. Compared with the state-of-the-art schemes, our secure outsourcing algorithm has an outstanding performance in both efficiency and checkability.

Shaojing Fu,Yunpeng Yu,Ming Xu

DOI: https://doi.org/10.1145/3055259.3055263

2017-01-01

Abstract:Matrix multiplication computation (MMC) is a common scientific and engineering computational task. But such computation involves enormous computing resources for large matrices, which is burdensome for the resource-limited clients. Cloud computing enables computational resource-limited clients to economically outsource such problems to the cloud server. However, outsourcing matrix multiplication to the cloud brings great security concerns and challenges since the matrices and their products often usually contains sensitive information. In a previous work, Lei et al. [1] proposed an algorithm for secure outsourcing MMC by using permutation matrix and the authors argued that it can achieve data privacy. In this paper, we first review the design of Lei's scheme and find a security vulnerability in their algorithm that it reveals the number of zero element in the input matrix to cloud server. Then we present a new verifiable, efficient, and privacy preserving algorithm for outsourcing MMC, which can protect the number privacy of zero elements in original matrices. Our algorithm builds on a series of carefully-designed pseudorandom matrices and well-designed privacy-preserving matrix transformation. Security analysis shows that our algorithm is practically-secure, and offers a higher level of privacy protection than the state-of-the-art algorithm.

Kaiyang Zhao,Xu An Wang,Bo Yang,Youliang Tian,Jindan Zhang

DOI: https://doi.org/10.1016/j.ipm.2022.102880

2022-03-01

Abstract:Predictive computation now is a more and more popular paradigm for artificial intelligence. In this article, we discuss how to design a privacy preserving computing toolkit for secure predictive computation in smart cities. Predictive computation technology is very important in the management of cloud data in smart cities, which can realize intelligent computing and efficient management of cloud data in the city. Concretely, we propose a homomorphic outsourcing computing toolkit to protect the privacy of multiple users for predictive computation. It can meet the needs of large-scale users to securely outsource their data to cloud servers for storage, management and processing of their own data. This toolkit, using the Paillier encryption system and Lagrangian interpolation law, can implement most commonly basic calculations such as addition, subtraction, multiplication and division etc. It can also implement secure comparison of user data in the encrypted domain. In addition, we discuss how to implement the derivative of polynomial functions using our homomorphic computing encryption tool. We also introduce its application in neural networks. Finally, we demonstrate the security and efficiency of all our protocols through rigorous mathematical analysis and performance analysis. The results show that our toolkit is efficient and secure.

computer science, information systems,information science & library science

Shaojing Fu,Yunpeng Yu,Ming Xu

DOI: https://doi.org/10.1587/transfun.2019cil0002

2020-01-01

Abstract:Cloud computing enables computational resource-limited devices to economically outsource much computations to the cloud. Modular exponentiation is one of the most expensive operations in public key cryptographic protocols, and such operation may be a heavy burden for the resource-constraint devices. Previous works for secure outsourcing modular exponentiation which use one or two untrusted cloud server model or have a relatively large computational overhead, or do not support the 100% possibility for the checkability. In this letter, we propose a new efficient and verifiable algorithm for securely outsourcing modular exponentiation in the two untrusted cloud server model. The algorithm improves efficiency by generating random pairs based on EBPV generators, and the algorithm has 100% probability for the checkability while preserving the data privacy.

Chun Liu,Xuexian Hu,Xiaofeng Chen,Jianghong Wei,Wenfen Liu

DOI: https://doi.org/10.48550/arXiv.2105.05525

2021-05-12

Abstract:As one of the most important basic operations, matrix multiplication computation (MMC) has varieties of applications in the scientific and engineering community such as linear regression, k-nearest neighbor classification and biometric identification. However handling these tasks with large-scale datasets will lead to huge computation beyond resource-constrained client s computation power. With the rapid development of cloud computing, outsourcing intensive tasks to cloud server has become a promising method. While the cloud server is generally out of the control of clients, there are still many challenges concerned with the privacy security of clients sensitive data. Motivated by this, Lei et al. presented an efficient encryption scheme based on random permutation to protect the privacy of client s data in outsourcing MMC task. Nevertheless, there exists inherent security flaws in their scheme, revealing the statistic information of zero elements in the original data thus not satisfying the computational indistinguishability (IND-ZEA). Aiming to enhance the security of the outsourcing MMC task, we propose a new encryption scheme based on subtly designed invertible matrix where the additive perturbation is introduced besides the multiplicative perturbation. Furthermore, we show that the proposed encryption scheme can be applied to not only MMC task but also other kinds of outsourced tasks such as linear regression and principal component analysis. Theoretical analyses and experiments indicate that our methods are more secure in terms of data privacy, with comparable performance to the state-of-the-art scheme based on matrix transformation.

Cryptography and Security

En Zhang,Jie Peng,Ming Li

DOI: https://doi.org/10.1049/iet-ifs.2017.0026

2018-01-01

IET Information Security

Abstract:Secret sharing is an important component of cryptography protocols and has a wide range of practical applications. However, the existing secret sharing schemes cannot apply to computationally weak devices and cannot efficiently guarantee fairness. In this study, a novel outsourcing secret sharing scheme is proposed. In the setting of outsourcing secret sharing, clients only need a small amount of decryption and verification operations, while the expensive reconstruction computation and verifiable computation can be outsourced to cloud service providers (CSP). The scheme does not require complex interactive argument or zero-knowledge proof. The malicious behaviour of clients and CSP can be detected in time. Moreover, the CSP cannot get any useful information about the secret, and it is fair for every client to obtain the secret. At the end of this study, the authors prove the security of the proposed scheme and compare it with other secret sharing schemes.

Xiaofeng Chen,Jin Li,Jianfeng Ma,Qiang Tang,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2013.180

IF: 5.3

2014-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:With the rapid development of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attention in the scientific community. Exponentiations modulo a large prime have been considered the most expensive operations in discrete-logarithm-based cryptographic protocols, and they may be burdensome for the resource-limited devices such as RFID tags or smartcards. Therefore, it is important to present an efficient method to securely outsource such operations to (untrusted) cloud servers. In this paper, we propose a new secure outsourcing algorithm for (variable-exponent, variable-base) exponentiation modulo a prime in the two untrusted program model. Compared with the state-of-the-art algorithm, the proposed algorithm is superior in both efficiency and checkability. Based on this algorithm, we show how to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. We then propose the first efficient outsource-secure algorithm for simultaneous modular exponentiations. Finally, we provide the experimental evaluation that demonstrates the efficiency and effectiveness of the proposed outsourcing algorithms and schemes.