Yilei Wang,Zhe Liu,Tao Li,Qiuliang Xu

DOI: https://doi.org/10.1007/978-3-319-11698-3_36

2014-01-01

Abstract:Rational parties in secure two-party computation (STPC) are willing to maximize their utilities. However, they have no incentives to cooperate in STPC under correctness and exclusivity assumptions since cooperation will bring them inferior utilities. Consequently, both parties will not participate in STPC. Therefore, new methods must be introduced to make parties cooperate such that they can complete this computation task. In this paper, we redefine utility considering the notion of reputation derived from social cloud to promote cooperation. In social cloud, parties form their reputation when they interact with others. Parties will get a higher utility if they have a higher cooperative reputation. Therefore they have incentives to cooperate. The computation of reputation is completed in the social cloud, which reduce the computation work for parties. Furthermore, we prove that given proper parameters in rational STPC, it is possible to construct an efficient computation protocol, where only one exchanging round in the second stage of the hybrid protocol.

Yilei Wang,Tao Li,Qianqian Liu,Jing Sun,Zhe Liu

DOI: https://doi.org/10.3233/jhs-150519

2015-01-01

Journal of High Speed Networks

Abstract:Rational computation means secure multi-party computation in the presence of rational parties, who care about maximizing their utility. Here the notion of utility denotes payoffs when parties take certain actions in the computation. Therefore rational parties may carefully choose their actions before they interact with others. Traditionally, the main tasks of rational computation is to encourage parties to exchange information with their opponents, even if they do not trust each other. Exchanging information is similar to the action of cooperation towards the view of game theory. Therefore, measures should be taken to encourage parties to cooperate with others in rational computation. In this paper, we assume that rational parties who participate in the computation protocol form a social cloud. Parties in the social cloud may interact within several rounds and in each round, some desirable properties such as reputation may be generated. Parties who have good reputation means they are likely to cooperate with others. The structure of social cloud is not static. Instead, it evolutes when parties complete one round of computation. We mainly discuss the impact of social cloud structure on rational computation. Simulation results show that when the community structure reach to a proper value, parties are more likely to cooperate in the computation protocol. In addition, rational parties can gain optimal utilities.

Wu Ji-Yi,Chen De-Ren

DOI: https://doi.org/10.13232/j.cnki.jnju.2011.04.014

2011-01-01

Abstract:As the latest development of the distributed storage technology,cloud storage is a product of the integration of distributed storage and virtualization technologies.Cloud storage allows use to storage facilities available on the internet.Relative to the current Master/Slave computing model cloud storage file systems,including GFS,HDFS,Sector and KFS,an open P2P(peer-to-peer) cloud storage system based on DHT was proposed,and we constructed a prototype system named MingCloud based on the Kademlia algorithm.According to the research-development needs of the system,a reputation mechanism was designed for the system,specifically including the calculation of reputation degree,trust model design,work process of reputation mechanism,and safety analysis.Our simulation results show that the mechanism of this model provides a high degree of effectiveness and robustness.Meanwhile,the reputation model can effectively protect honest nodes,reduce the trust value of malicious nodes,and restrain malicious behaviors.

Hua Chen,Qin-Ming He,Jian-Fei Qian

DOI: https://doi.org/10.1109/icmlc.2006.258513

2006-01-01

Abstract:Notice of Violation of IEEE Publication Principles "Cognitive Overhead Reducing Based on Collaborative Filtering in Project Management," by Hua Chen, Qin-Ming He, Jian-Fei Qian in the Proceedings of the Fifth International Conference on Machine Learning and Cybernetics, August 2006 After careful and considered review of the content and authorship of this paper by a duly constituted expert committee, this paper has been found to be in violation of IEEE's Publication Principles. This paper contains significant portions of original text from the paper cited below. The original text was copied without attribution (including appropriate references to the original author(s) and/or paper title) and without permission. Due to the nature of this violation, reasonable effort should be made to remove all past references to this paper, and future references should be made to the following article: "Eigentaste: A Constant Time Collaborative Filtering Algorithm," by Ken Goldberg, Theresa Roeder, Dhruv Gupta, and Chris Perkins, in Information Retrieval, Vol. 4, No. 2, 2001, pp. 133-151 As projects are scaled up to share a large amount of data or to handle a large number of users, a large amount of data can be potentially available to project members, and the shared data can frequently change due to modifications by project members or external sources. Reducing cognitive load on users by better organizing coordination activity, by filtering unnecessary information, and by delivering key information can greatly increase the effectiveness of project management. In this paper, we propose an approach of cognitive overhead reducing based on collaborative filtering (CF) algorithm called personality diagnosis (CFCOR). Given a list of artifacts user had accessed in a project and a new artifact, we compute the probability that he or she need the new artifact

Yilei Wang,Qiuliang Xu,Zhe Liu

DOI: https://doi.org/10.1109/incos.2012.22

2012-01-01

Abstract:In traditional rational multi-party computation, parties are assumed to have utility functions and they act according to the utility assumptions. In economics and political scenarios, parties in multi-party computation may have some other properties such as reputation which plays an important role on boosting mutual cooperation in multiparty computation. In this paper we put forward a new kind of parties satisfying reputation assumption and utility assumptions. Meanwhile we construct a social rational multiparty computation protocol under incomplete information and incomplete network to facilitate the implementation of the protocol within constant rounds.

Yilei Wang,Chuan Zhao,Qiuliang Xu,Zhihua Zheng,Zhenhua Chen,Zhe Liu

DOI: https://doi.org/10.1155/2015/637458

2015-01-01

Abstract:With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

Yuan Zhang,Chunxiang Xu,Jining Zhao,Xiaojun Zhang,Junwei Wen

DOI: https://doi.org/10.1016/j.jisa.2015.05.001

IF: 4.96

2015-01-01

Journal of Information Security and Applications

Abstract:Cloud storage provides an efficient way for users to work together as a group by sharing data with each other. However, since shared data can be accessed and modified by multiple users and group membership may be changed frequently, this new paradigm poses many challenges for keeping integrity of shared data. Recently, Yuan et al. proposed an efficient integrity checking scheme (IEEE INFOCOM 2014, doi: 10.1109/INFOCOM.2014.6848154) for cloud data sharing with multi-user modification, which had many appealing features. They claimed that the scheme is secure and efficient, and they also provided the formal security proof and the performance evaluation. Regretfully, existing two security flaws in Yuan et al.'s scheme are pointed out in this letter. Specifically, by fooling the third-party auditor (TPA) into trusting that the data is well maintained by the cloud server, an adversary can process the following two deceiving methods. Firstly, the adversary can modify the shared data and tamper with the interaction messages between the cloud server and the TPA, thus invalidating shared data integrity checking. Secondly, an adversary, who records a fraction of the cloud-stored data, can overwrite the vast majority of the shared data by using the recorded data and passing shared data integrity verification. Furthermore, we suggest a solution to the two security flaws while retaining all the desirable features of the original scheme.

Yilei Wang,Leisi Chen,Ho-fung Leung,Chengyu Hu,Beijing Chen

DOI: https://doi.org/10.1007/s00500-015-1974-0

IF: 3.732

2015-01-01

Soft Computing

Abstract:Cloud computing is based on utility and consumption of computer resources. To solve the security issues in cloud computing, secure computing protocols are often used. Recently, rational parties as a new kind of parties are proposed, who wish to maximize their utilities in secure computing protocols. The utility definitions in most previous rational secure computing protocols derive from prisoner's dilemma game (PD game). In two-party rational computing protocols, parties decide to send their shares according to their utilities. Recently, we revisit the incentives for rational parties in secure computing protocols and give new utility definitions according to them. We find that the new utility definition is not similar to PD game any more. We discuss two-party and multi-party cases, respectively, and prove that parties have incentives to send their share to others. Furthermore, we also prove that parties can maximize their utilities in both cases.

Yonghong Yu,Wenyang Bai

DOI: https://doi.org/10.1109/MEC.2011.6025814

2011-01-01

Abstract:Notice of Violation of IEEE Publication Principles "Privacy Protection in Outsourced Database Services" by Yonghong Yu and Wenyang Bai in the Proceedings of the International Conference on Mechatronic Science, Electric Engineering and Computer, August 2011, pp. 1726-1731 After careful and considered review of the content and authorship of this paper by a duly constituted expert committee, this paper has been found to be in violation of IEEE's Publication Principles. This paper contains substantial duplication of original text from the paper cited below. The original text was copied without attribution (including appropriate references to the original author(s) and/or paper title) and without permission. Due to the nature of this violation, reasonable effort should be made to remove all past references to this paper, and future references should be made to the following article: "Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients" by Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati in the Proceedings of the 23rd Annula IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec), July 2009 "Fragmentation and Encryption to Enforce Privacy in Data Storage" by Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati in the Proceedings of the 12th European Symposium on Research in Computer Security (ESORICS), September 2007 "Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases" by Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati in the Proceedings of the 29th International Conference on Distributed Computing Systems (ICDCS), June 2009 Technical consideratio- s and many significant commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external partied. In this paper, we propose a solution to enforce data confidentiality, data privacy and accountable user privacy in outsourced database services. The approach starts from a flexible definition of privacy constraints, applies encryption on information in a parsimonious way and mostly relies on attribute partition to protect sensitive information. Based on the approximation algorithm for the minimal encryption attribute partition, the approach allows storing the outsourced data on un-trusted database server and minimizing the amount of encrypted data. By combining cryptographic with auxiliary random server, the approach can reduce the computational and communication complexity of private information retrieval to provide user privacy protection. By introducing verifiable encryption and revocation of decryption based on event capsule, the approach obtains accountability when the user misbehaves. The theoretical analysis shows that our new approach can provide efficient data privacy, efficient accountable user privacy protection with lower computational complexity and not increase the cost of communication complexity simultaneously.

Yuling Chen,Juan Ma,Xianmin Wang,Xinyu Zhang,Huiyu Zhou

DOI: https://doi.org/10.48550/arXiv.2110.09160

2022-06-18

Abstract:Rational secure multi-party computation (RSMC) means two or more rational parties to complete a function on private inputs. In the process, the rational parties choose strategies to maximize utility, which will cause players to maliciously execute the protocol and undermine the fairness and correctness of the protocol. To solve this problem, we leverage game theory to propose the direction entropy-based solution. First, we utilize the direction vector of the direction entropy to examine the player's strategy uncertainty and quantify its strategy from different dimensions. Specifically, when parties choose a cooperation strategy, the direction vector is positive, and the information transmitted is positive, conversely, it is negative information. Then, we provide mutual information to construct new utility functions for the players. What's more, we measure the mutual information of players to appraise their strategies. Finally, we prove in detail the protocol we gave, and the result show that the fairness problem in rational secure two-party computation. We also prove that the proposed protocol reaches the Nash equilibrium. Furthermore, we conduct experiments using mutual information to construct utility, and the results show that the utility obtained when the player is honest will be higher.

Cryptography and Security

Changyu Dong,Yilei Wang,Amjad Aldweesh,Patrick McCorry,Aad van Moorsel

DOI: https://doi.org/10.1145/3133956.3134032

2017-01-01

Abstract:Cloud computing has become an irreversible trend. Together comes the pressing need for verifiability, to assure the client the correctness of computation outsourced to the cloud. Existing verifiable computation techniques all have a high overhead, thus if being deployed in the clouds, would render cloud computing more expensive than the on-premises counterpart. To achieve verifiability at a reasonable cost, we leverage game theory and propose a smart contract based solution. In a nutshell, a client lets two clouds compute the same task, and uses smart contracts to stimulate tension, betrayal and distrust between the clouds, so that rational clouds will not collude and cheat. In the absence of collusion, verification of correctness can be done easily by crosschecking the results from the two clouds. We provide a formal analysis of the games induced by the contracts, and prove that the contracts will be effective under certain reasonable assumptions. By resorting to game theory and smart contracts, we are able to avoid heavy cryptographic protocols. The client only needs to pay two clouds to compute in the clear, and a small transaction fee to use the smart contracts. We also conducted a feasibility study that involves implementing the contracts in Solidity and running them on the official Ethereum network.

Zihang Yin,Cheng Chi,Jiale Song,Faguo Wu

DOI: https://doi.org/10.1109/CSCloud62866.2024.00035

2024-06-28

Abstract:Traditional threshold secret sharing scheme provides a mechanism to prevent the over-concentration of secrets while allowing for flexibility through the distribution and reconstruction of sub-secrets. However, this approach often simplifies participant behavior into categories of complete honesty or continuous deceit, neglecting the nuances of rational decision-making. To address this limitation, the rational secret sharing scheme merges threshold secret sharing with game theory, where each participant is considered rational and acts solely in self-interest. Nonetheless, existing schemes encounter challenges such as the prisoner's dilemma and the inability to reconstruct secrets due to the prioritization of individual interests. To mitigate these issues, our proposed scheme integrates a reward and punishment mechanism that balances short-term gains with long-term incentives, effectively deterring malicious behavior among participants. Moreover, traditional solutions based on elliptic curves and bilinear pairs lack resilience against quantum attacks. In response, our solution incorporates lattice-based cryptography to enhance security in the face of quantum threats. Additionally, we introduce an attribute access control tree to empower secret dealers in selecting suitable participants based on attribute restrictions, ensuring a more flexible, convenient, and secure rational secret sharing plan. This comprehensive approach improves participant selection and strengthens security measures in secret sharing scenarios.

Computer Science,Physics

Huirong Yang,Shanshan Liu,Pengbin Fu,Haihuan Qin,Liheng Gu

DOI: https://doi.org/10.1109/cise.2009.5366267

2009-01-01

Abstract:Notice of Violation of IEEE Publication Principles "A Semantic Distance Measure for Matching Web Services" by Huirong Yang, Shanshan Liu, Pengbin Fu, Haihuan Qin, Liheng Gu in the Proceedings of the International Conference on Computational Intelligence and Software Engineering (CiSE), December 2009 After careful and considered review of the content and authorship of this paper by a duly constituted expert committee, this paper has been found to be in violation of IEEE's Publication Principles. This paper copied portions of text and a figure from the paper cited below. The original content was copied without attribution (including appropriate references to the original author(s) and/or paper title) and without permission. "A Semantic Distance Measure for Matching Web Service" by Arif Bramantoro, Shonali Krishnaswamy, Maria Indrawan in the Proceedings of the Web Information Systems Engineering (WISE) Workshops, November 2005, pp. 217-226

Yilei Wang,Shuaifeng Zhang,Yi Tang,Qingtang Su,Beijing Chen

DOI: https://doi.org/10.1007/s12652-017-0669-z

IF: 3.662

2018-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:Secure two-party computation evaluates a function among two distributed parties without revealing the parties' inputs except for the function's outputs. Secure two-party computation can be applied into various fields like cloud computing, which is a composition of distribute computing, parallel computing and utility computing etc. Rational secure two-party computation may achieve some desirable properties under two assumptions deriving from STOC 2004. However, the emergence of new computing paradigms like pay-as-you-go model restricts the application of rational protocols. Previous adversaries does not consider payment in secure two-party protocols. Therefore, new type of adversaries should be propose for these new paradigms. In this paper, we address this problem by proposing a new kind of rational adversary, who consider payment in his relaxed utilities. The utilities are based on economic incentives instead of standard assumptions. Furthermore, the new rational adversary is assumed to negotiate with rational parties in protocols. It's similar to cost corruption but more flexible. Our new adversary can dynamically negotiate with each rational party in different phases in order to maximize his utilities. To verify the validity of the new adversary, we model a rational secure two-party protocol, which inherits the hybrid framework of STOC 2007. We also prove the security in the presence of the new rational adversary under ideal/real paradigm.

Yilei Wang,Duncan S. Wong,Chuan Zhao,Qiuliang Xu

DOI: https://doi.org/10.1002/sec.979

IF: 1.968

2014-01-01

Security and Communication Networks

Abstract:ABSTRACTRational secure two‐party computation (RSTPC) applies game theory to cryptographic protocols, where rational parties only care about how to maximize their utilities. Fairness can be achieved by assuming rational behavior in RSTPC. Previous RSTPC protocols achieve fairness under symmetric information, which seems quite strong and unnatural for rational parties. In this paper, we consider a general RSTPC protocol under asymmetric information where previous equilibriums are inadequate to guarantee fairness. Therefore, we propose a stronger equilibrium named computationally sequential equilibrium to guarantee fairness under asymmetric information. Furthermore, our protocol only requires small constant communication rounds. Copyright © 2014 John Wiley & Sons, Ltd.

Zhang Xiaohui,Miao Xianghua

DOI: https://doi.org/10.48550/arXiv.2107.06662

2021-07-13

Abstract:The CTI (Cyber Threat Intelligence) sharing and exchange is an effective method to improve the responsiveness of the protection party. Blockchain technology enables sharing collaboration consortium to conduct a trusted CTI sharing and exchange without a trusted centralized institution. However, the distributed connectivity of the blockchain-based CTI sharing model proposed before exposes the systems into byzantine attacks, the compromised members of partner organizations will further decrease the accuracy and trust level of CTI by generating false reporting. To address the unbalance issues of performance in speed, scalability and security, this paper proposes a new blockchain-based CTI model, which combines consortium blockchain and distributed reputation management systems to achieve automated analysis and response of tactical threat intelligence. In addition, the novel consensus algorithm of consortium blockchain that is fit for CTI sharing and exchange introduced in this paper. The new consensus algorithm is called 'Proof-of Reputation' (PoR) consensus, which meets the requirements of transaction rate and makes the consensus in a creditable network environment through constructing a reputation model. Finally, the effectiveness and security performance of the proposed model and consensus algorithm is verified by experiments.

Cryptography and Security

Yilei Wang,Tao Li,Lufeng Chen,Ping Li,Ho-fung Leung,Zhe Liu,Qiuliang Xu

DOI: https://doi.org/10.1007/s00500-015-1773-7

IF: 3.732

2015-01-01

Soft Computing

Abstract:Secure multi-party computing (SMPC) is often used to solve security problems in cloud computing. Rational SMPC is a kind of SMPC in the presence of rational parties, who wish to maximize their utilities. Previous works about rational SMPC only studied the security properties under complete information scenario, where parties’ types are common knowledge. However, parties in practical applications have private types, which is unknown to others. This scenario is called incomplete information. In this paper, rational parties are allowed to have private types, which affect their utilities. Previously, rational parties obtain expected utilities due to unknown private types under incomplete information scenario. However, rational parties prefer to obtain pure utilities in actual life. To solve this contradiction, we use fuzzy theory to confirm the private type of his opponent; then they execute the protocol as if they know the private types just like the execution under complete information scenario. Consequently, they obtain pure utilities other than expected utility. In addition, our protocol can reduce round complexity than previous ones. Consequently, it will improve the security level and efficiency of cloud computing.

YU Yong-hong,BAI Wen-yang

DOI: https://doi.org/10.4304/jsw.6.3.404-412

2011-01-01

Abstract:“ Data Privacy and User Privacy over Outsourced Database Service ” by Yonghong Yu, Wenyang Bai Journal of Software Volume 6, Number 3, March 2011, Page(s): 404-412 After careful and considered review of the content and authorship of this paper by a duly constituted expert committee, the above paper has been found to be in violation of Academy Publisher’s Publication Principles. The first author ( Yonghong Yu ) has taken full responsibility and this violation was done without the knowledge of the second author ( Wenyang Bai ). This paper contains significant portions of original text from the papers cited below. The original text was copied without attribution (including appropriate references to the original authors and/or paper title) and without permission: Due to the nature of this violation, reasonable effort should be made to remove all past references to this paper, and future references should be made to the following articles: [1] V. Ciriani, S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, Fragmentation and Encryption to Enforce Privacy in Data Storage, in Proc. of the 12th European Symposium On Research In Computer Security (ESORICS 2007), Dresden, Germany, September 24-26, 2007 [2] V. Ciriani, S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients, in Proc. of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2009), Montreal, Quebec, Canada, July 12-15, 2009 [3] V. Ciriani, S. De Capita ti, S. Jajodia, S. Paraboschi, and P. Samarati, Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases, in Proc. of the 29th International Conference on Distributed Computing Systems (ICDCS 2009), Montreal, Quebec, Canada, June 22-26, 2009

Yilei Wang,Zhe Liu,Hao Wang,Qiuliang Xu

DOI: https://doi.org/10.1002/cpe.3823

2016-01-01

Concurrency and Computation Practice and Experience

Abstract:There exist some inappropriate citations and typos in our paper ‘Social Rational Secure Multi-party Computation’, Vol. 26, No. 5 (2014), Pages: 1067–1083. We would like to use this corrigendum to point out these places so that the readers can understand the context of this paper in a better way. We are sorry for the unexpected inconvenience we brought for ‘Concurrency and Computation: Practice and Experience’ and the authors of the reference [27] cited in our paper, as well as the readers of our paper. The following corrections should be included.

Yilei Wang,Tao Li,Hairong Qin,Jin Li,Wei Gao,Zhe Liu,Qiuliang Xu

DOI: https://doi.org/10.1007/s12652-015-0299-2

IF: 3.662

2015-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:Intelligent agents (IA) are autonomous entities which observe through sensors and act upon an environment using actuators to adjust their activities towards achieving certain goals. The architectures of agents have enormous potentials when they are applied into critical systems, where agents choose actions between working with their own and cooperating with others. Rational utility-based agents choose actions to maximize their expected utilities. Rational secure multi-party computing (RSMPC) means secure multi-party computing (SMPC) in the presence of rational utility-based agents. Here, we call them rational parties. In this paper certain goals of rational parties are maximizing their utilities. The introduction of rational parties considers the incentives in executing protocols. The security definitions under rational framework can better demonstrate the executing environment of real protocols. Furthermore, rational two-party computing removes some impossibility in traditional two-party computing, such as fairness. This paper represents the research status of RSMPC and some typical protocols. The advantages and disadvantages of previous rational SMPC protocols are discussed here. As an emerging field, there are still lots of open problems in RSMPC, such as communication channels, utility assumptions and equilibrium notions etc.