YAO Lin,FAN Qing-na,KONG Xiang-wei

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.32.030

2010-01-01

Abstract:Pervasive computing raises new challenges to the security and privacy of the Internet communication,and conventional authentication protocols cannot meet the requirements of this new pervasive environment.A novel mutual authentication and key establishment scheme to secure the interactions between mobile users and service providers is proposed.Highly integrating biometric encryption and the Diffie-Hellman key exchange,the proposed protocol achieves mutual authentication without revealing any privacy information of the user.Secure session key establishment is enabled by the proposed algorithm.Differentiated service access control is also achieved with the biometric encryption.It is shown that the protocol can resist most of the attacks,especially the denial of service attack.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Imran Memon,Ibrar Hussain,Rizwan Akhtar,Gencai Chen

DOI: https://doi.org/10.1007/s11277-015-2699-1

IF: 2.017

2015-01-01

Wireless Personal Communications

Abstract:Past few years, the mobile technology and location based services have experienced a great increment in number of its users. The privacy issues related to these services are becoming main concerns because of the leakage of users' private information and contents. To prevent revelation of private information, many researchers have proposed several secure and authentication schemes which apply various technologies to provide integral security properties, such as symmetric encryption, digital signature, timestamp, etc. Unfortunately, some of these schemes still exhibit security and efficiency issues. In this research paper, we proposed an efficient and secure anonymous communication for location based service using asymmetric cryptography scheme over the wireless system was attempted missing some system detail. We also proposed the prevent user private information and secure communication by asymmetric cryptography scheme. We solved the wireless communication problem in A3 algorithm such as eavesdropping and this problem solved by asymmetric cryptography scheme because of its robustness against this type of attack by providing mutual authentication make the system more secure. Finally, performance and cost analysis show our scheme is more suitable for low-power and resource limited wireless system and thus availability for real implementation. According to our security analysis and performance, we can prove that our proposed asymmetric cryptography scheme is able to improve wireless communication system security and enhance efficiency in comparison to previous schemes.

Yuan Gao,Yang Guo,Ping Wang,Siming Yang,Jing Wang,Xiaonan Wang,Yu Ding,Weidang Lu,Yu Zhang,Guoxing Huang,Jiang Cao

DOI: https://doi.org/10.1109/infocomwkshps54753.2022.9798116

2022-01-01

Abstract:Non-orthogonal multiple access (NOMA) based unmanned aerial vehicle and mobile edge computing (UAV-MEC) networks become a prospective scheme to effectively handle the burst of data for multiple users. However, due to the sensitivity of data privacy and the line-of-sight (LoS) characteristics of UAV, the secure communication of the NOMA-based UAV-MEC network is worth studying. In this paper, we propose a novel scheme to enhance the secure computing capacity performance of the NOMA-based UAV-MEC network. With the requirements of the minimum secure computing tasks of terminal users (TUs), we maximize the secure computing capacity of the network via jointly optimizing UAV trajectory and resources allocation, which include channel relationship coefficient, CPU computing frequency and local computation through applying block coordinate descent (BCD) and successive convex approximation (SCA). Numerical results show that the secure computing performance of our proposed secure scheme is significantly better than the benchmarks.

Zhang Yukun,Wei Wenxue

DOI: https://doi.org/10.1007/s12083-022-01333-4

2022-05-28

Abstract:Mobile Edge Computing (MEC), which is a product of 5G technology development, is actually a kind of edge computing form. It takes the base station as the edge server and sinks the cloud computing services to the network edge. To better protect the users and the base stations, a lightweight authentication and key agreement scheme, which is applicable to the MEC field, is proposed in this paper. It achieves secure and efficient key agreement under the premise that the users and the edge servers are completely anonymous and untraceable. For this scheme, instead of the complicated elliptic curve computation and the bilinear pairing computation, it flexibly adopts a number of temporarily generated symmetric keys to realize the identity authentication of the three parties while guaranteeing both the security and efficiency. Compared with other schemes, it is featured in low performance requirements and can better adapt to MEC environment.

computer science, information systems,telecommunications

Ben Niu,Tanran Zhang,Xiaoyan Zhu,Hui Li,Zongqing Lu

DOI: https://doi.org/10.48550/arXiv.1401.8064

2014-01-31

Abstract:The rapid developments of mobile devices and online social networks have resulted in increasing attention to Mobile Social Networking (MSN). The explosive growth of mobile-connected and location-aware devices makes it possible and meaningful to do the Proximity-based Mobile Social Networks (PMSNs). Users can discover and make new social interactions easily with physical-proximate mobile users through WiFi/Bluetooth interfaces embedded in their smartphones. However, users enjoy these conveniences at the cost of their growing privacy concerns. To address this problem, we propose a suit of priority-aware private matching schemes to privately match the similarity with potential friends in the vicinity. Unlike most existing work, our proposed priority-aware matching scheme (P-match) achieves the privacy goal by combining the commutative encryption function and the Tanimoto similarity coefficient which considers both the number of common attributes between users as well as the corresponding priorities on each common attribute. Further, based on the newly constructed similarity function which takes the ratio of attributes matched over all the input set into consideration, we design an enhanced version to deal with some potential attacks such as unlimitedly inputting the attribute set on either the initiator side or the responder side, etc. Finally, our proposed E-match avoids the heavy cryptographic operations and improves the system performance significantly by employing a novel use of the Bloom filter. The security and communication/computation overhead of our schemes are thoroughly analyzed and evaluated via detailed simulations and implementation.

Cryptography and Security

Yiming Mou,Lunzhi Deng,Yu Ruan

DOI: https://doi.org/10.1002/cpe.8321

2024-10-31

Concurrency and Computation Practice and Experience

Abstract:Certificateless cryptography, which solves the key escrow problem and avoids the complexity of certificate management, is an important part of public key cryptography. In the multi‐user scenarios, broadcast encryption can improve computational efficiency and reduce communication cost. Moreover, there may be some malicious users in the above scenarios, and the decryption permissions of these users need an effective mechanism to revoke them. In this paper, a revocable certificateless encryption scheme for multi‐user (RCLE‐MU) is proposed to address this issue. In the scheme, the Cloud Server Provider (CSP) utilizes the master time key to periodically generate time keys for legitimate users. For illegitimate users, their decryption privileges are revoked since they are unable to obtain the time keys. Then this new scheme is proved to be ciphertext indistinguishable under selected identity and chosen‐ciphertext attacks (sID‐CCAs). Finally, compared with several other schemes, the new scheme has more efficiency advantage. So it is suitable for multi‐user scenarios.

computer science, theory & methods, software engineering

Xiaoyan Zhu,Jie Liu,Shunrong Jiang,Zengbao Chen,Hui Li

DOI: https://doi.org/10.1109/ICC.2014.6883965

2014-01-01

Abstract:Proximity-based mobile social networks (PMSNs) are becoming increasingly popular in recent years with the explosive growth of mobile devices, where a user can find a best matching friend in vicinity through profile matching. However, the matching process calls for the publication of users' personal information, which conflicts with users' growing privacy concerns about revealing their profiles to strangers. To achieve privacy-preserving friend discovery, many schemes are proposed based on traditional cryptographic methods, such as homomorphic and commutative encryption, which inevitably introduce tremendous overhead to the system and are not practical for the resource-limited mobile devices. In this paper, we propose an Efficient Weight-based Private Matching (EWPM) protocol, which provides a realistic matching approach considering both the number of common interests and the corresponding weights on them. In EWPM, we utilize the Confusion Matrix Transformation (CMT) algorithm to achieve a secure and efficient matching. Security analysis and detailed simulations show that our proposed scheme can realize privacy-preserving friend discovery with higher efficiency.

Xin Sun,Yiyang Yao,Yingjie Xia,Xuejiao Liu,Jian Chen,Zhiqiang Wang

DOI: https://doi.org/10.3837/tiis.2016.04.024

2016-01-01

Abstract:Mobile social network is becoming more and more popular with respect to the development and popularity of mobile devices and interpersonal sociality. As the amount of social data increases in a great deal and cloud computing techniques become developed, the architecture of mobile social network is evolved into cloud-based that mobile clients send data to the cloud and make data accessible from clients. The data in the cloud should be stored in a secure fashion to protect user privacy and restrict data sharing defined by users. Ciphertext-policy attribute-based encryption (CP-ABE) is currently considered to be a promising security solution for cloud-based mobile social network to encrypt the sensitive data. However, its ciphertext size and decryption time grow linearly with the attribute numbers in the access structure. In order to reduce the computing overhead held by the mobile devices, in this paper we propose a new Outsourcing decryption and Match-then-decrypt CP-ABE algorithm (OM-CP-ABE) which firstly outsources the computation-intensive bilinear pairing operations to a proxy, and secondly performs the decryption test on the attributes set matching access policy in ciphertexts. The experimental performance assessments show the security strength and efficiency of the proposed solution in terms of computation, communication, and storage. Also, our construction is proven to be replayable choosen-ciphertext attacks (RCCA) secure based on the decisional bilinear Diffie-Hellman (DBDH) assumption in the standard model.

Jiaqing Mo,Zhongwang Hu,Hang Chen,Wei Shen

DOI: https://doi.org/10.1155/2019/4520685

2019-01-01

Wireless Communications and Mobile Computing

Abstract:Nowadays, due to the rapid development and wide deployment of handheld mobile devices, the mobile users begin to save their resources, access services, and run applications that are stored, deployed, and implemented in cloud computing which has huge storage space and massive computing capability with their mobile devices. However, the wireless channel is insecure and vulnerable to various attacks that pose a great threat to the transmission of sensitive data. Thus, the security mechanism of how the mobile devices and remote cloud server authenticate each other to create a secure session in mobile cloud computing environment has aroused the interest of researchers. In this paper, we propose an efficient and provably secure anonymous two-factor user authentication protocol for the mobile cloud computing environment. The proposed scheme not only provides mutual authentication between mobile devices and cloud computing but also fulfills the known security evaluation criteria. Moreover, utilization of ECC in our scheme reduces the computing cost for mobile devices that are computation capability limited and battery energy limited. In addition, the formal security proof is given to show that the proposed scheme is secure under random oracle model. Security analysis and performance comparisons indicate that the proposed scheme has reasonable computation cost and communication overhead at the mobile client side as well as the server side and is more efficient and more secure than the related competitive works.

Lunzhi Deng

DOI: https://doi.org/10.1007/s00500-019-04375-8

IF: 3.732

2019-09-24

Soft Computing

Abstract:In community management services, it is a common requirement for management centers to send the same encrypted message to some units and individuals in the community, while avoiding the leakage of personal information of the user. In order to achieve this goal safely and efficiently, the multi-receiver encryption is a good option. In the setting, a sender generates the ciphertext for a designed group of receivers. Any receiver in the group can obtain the plaintext by decrypting the ciphertext using his own private key, and the true identity of the receiver is kept secret to anyone including other receivers. Recently, several certificateless multi-receiver encryption (CLMRE) schemes have been introduced, and all of them are proved to be secure in the random oracles model (ROM). ROM is a simulation of the hash function and can not replace the real hash function computation. In this paper, a new CLMRE scheme is constructed and it is proved to be secure based on decision bilinear Diffie–Hellman problem in the standard model (SM). It achieves the anonymity of the receivers and is suitable for smart community management systems.

computer science, artificial intelligence, interdisciplinary applications

Daojing He,Maode Ma,Yan Zhang,Chun Chen,Jiajun Bu

DOI: https://doi.org/10.1016/j.comcom.2010.02.031

IF: 5.047

2011-01-01

Computer Communications

Abstract:Seamless roaming over wireless network is highly desirable to mobile users, and security such as authentication of mobile users is challenging. Recently, due to tamper-resistance and convenience in managing a password file, some smart card based secure authentication schemes have been proposed. This paper shows some security weaknesses in those schemes. As the main contribution of this paper, a secure and light-weight authentication scheme with user anonymity is presented. It is simple to implement for mobile user since it only performs a symmetric encryption/decryption operation. Having this feature, it is more suitable for the low-power and resource-limited mobile devices. In addition, it requires four message exchanges between mobile user, foreign agent and home agent. Thus, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. As a special case, we consider the authentication protocol when a user is located in his/her home network. Also, the session key will be used only once between the mobile user and the visited network. Besides, security analysis demonstrates that our scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, no password/verifier table, and high efficiency in password authentication, etc. Moreover, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the attacker. To the best of our knowledge, until now no user authentication scheme for wireless communications has been proposed to prevent from smart card breach. Finally, performance analysis shows that compared with known smart card based authentication protocols, our proposed scheme is more simple, secure and efficient.

Ding Wang,Haibo Cheng,Debiao He,Ping Wang

DOI: https://doi.org/10.1109/jsyst.2016.2585681

IF: 4.802

2018-01-01

IEEE Systems Journal

Abstract:Providing secure, efficient, and privacy-preserving user authentication in mobile networks is a challenging problem due to the inherent mobility of users, variety of attack vectors, and resource-constrained nature of user devices. Recent studies show that identity-based cryptosystems can eliminate the certificate overhead and thus address the issues associated with public-key infrastructure technology-which is a rare bit of good news in today's computer security world. In this paper, we employ three representative identity-based remote user authentication schemes (i.e., Truong et al.'s scheme, Li et al.'s scheme, and Zhang et al.'s scheme) as case studies to reveal the challenges and subtleties in designing a practical authentication scheme for mobile devices. First, we demonstrate that Truong et al.'s scheme, which was presented at the IEEE AINA 2012, cannot achieve a few important security goals under our new attacking scenarios: 1) it fails to resist against known session-specific temporary information attack; 2) it cannot withstand key compromise impersonation attack; and 3) it is of poor usability. Second, we show that Li et al.'s privacy-preserving scheme, which was proposed at GLOBECOM 2012, is subject to some subtle (yet severe) efficiency problems that make it virtually impossible for any practical use. Third, we scrutinize a "provably secure" scheme for roaming services in mobile networks designed by Zhang et al. at SCN 2015 and find it prone to collusion attack and replay attack. Further, we investigate into the underlying causes for these identified failures, and figure out an improvement over Truong et al.'s scheme to overcome the revealed challenges while maintaining reasonable efficiency.

Li Yu,Xingxing Nan,Shufen Niu

DOI: https://doi.org/10.3390/electronics13112175

IF: 2.9

2024-06-03

Electronics

Abstract:In mobile social networks, users can easily communicate with others through smart devices. Therefore, the protection of user privacy in social networks is becoming a significant subject. To solve this problem, this paper proposes a fine-grained data access control scheme that uses attributes to match friends. In our scheme, the friend-making parties generate friend preference and self-description lists, respectively, realizing attribute hiding by converting friendship preference into ciphertext access control policies and self-description into attribute keys. The social platform matches user profiles to quickly eliminate unmatched users and avoids invalid decryption. In order to reduce the computational burden and communication cost of mobile devices, we adopt an algorithm mechanism for outsourcing decryption. When the user meets the matching conditions, the algorithm outsources the bilinear pair operation with large computation to the friend server. After that, the user finally decrypts the ciphertext. Security analysis shows that our scheme is safe and effective. In addition, performance evaluation shows that the proposed scheme is efficient and practical.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jingjin Wu,Guoqiang Long,Canhua Wang,Jianhua Wu

DOI: https://doi.org/10.1088/1402-4896/ad195b

2023-12-28

Physica Scripta

Abstract:Abstract Recent advances in cellular mobile telecommunication field have dramatically facilitated the multi-party collaborative work in social networks. However, the privacy issues exposed by insecure network channels and semi-trusted service providers, such as underlying data analysis and mining, have also gradually aroused public concerns. In this context, a novel Multi-Party Privacy Data Encryption (MP-PDE) scheme built upon the deep learning framework is proposed. In this scheme, a four-dimensional autonomous chaotic system is initially leveraged to configurate the key-controlled cipher streams. Under the guidance of a multi-objective optimization function, the proposed encryption network manipulates the multi party private data into a cipher image with the statistical pseudo-randomness. At the recipient side, distinct participants can decrypt the matching data availing their own licensing key from the identical cipher image. Furthermore, the encryption and decryption networks are equivalent except for their network parameters. Finally, numerous experiments are conducted to verify the effectiveness and security of the proposed scheme.

physics, multidisciplinary

Rachid Chergui

DOI: https://doi.org/10.48550/arXiv.1502.06993

2015-02-24

Cryptography and Security

Abstract:In this document, a privacy-preserving distributed profile matching protocol is proposed in a particular network context called \emph{mobile social network}. Such networks are often deployed in more or less hostile environments, requiring rigorous security mechanisms. In the same time, energy and computational resources are limited as these heterogeneous networks are frequently constituted by wireless components like tablets or mobile phones. This is why a new encryption algorithm having an high level of security while preserving resources is proposed in this paper. The approach is based on elliptic curve cryptography, more specifically on an almost completely homomorphic cryptosystem over a supersingular elliptic curve, leading to a secure and efficient preservation of privacy in distributed profile matching.

Zhen Yan,Haipeng Qu,Xiaoshuai Zhang,Jian-Liang Xu,Xi-Jun Lin

DOI: https://doi.org/10.1016/j.sysarc.2023.102950

IF: 5.836

2023-07-22

Journal of Systems Architecture

Abstract:Cloud-based anonymous messaging systems have been widely utilized in covert conversations to enable people to anonymously exchange encrypted data in public using cryptographic techniques. Recently, Ateniese et al . proposed the identity-based matchmaking encryption (IB-ME) which provides confidentiality, anonymity and authenticity in a logical single step for such systems. However, there are two crucial and practical issues in IB-ME. On the one hand, the existing IB-MEs only achieve indistinguishability under adaptive chosen identity and plaintext attacks (IND-ID-CPA). How to structure the IB-ME with indistinguishability under adaptive chosen identity and ciphertext attacks (IND-ID-CCA) is still an open problem. On the other hand, the computational cost of the receiver is considerable when using IB-ME since the ciphertext leaks no information about its sender's and specified receiver's identities. Thus, the receiver has to attempt to match "all" ciphertexts one by one with its own decryption key and "all" potential senders' identities. To reduce such a cost of the receiver in IB-ME, it is desired for the receiver to delegate the decryption ability with respect to the potential senders to some proxies. With the proxy keys, these proxies can match the ciphertexts parallelly. Nonetheless, an obvious challenge is how to delegate such ability to a proxy without losing anonymity and authenticity to protect the privacy of both the sender and the receiver. In this paper, we propose a novel CCA-secure solution, called identity-based proxy matchmaking encryption (IB-PME) for cloud-based anonymous messaging systems, to address the foregoing issues. The security analysis and the performance evaluation demonstrate that our proposed IB-PME is highly practical.

computer science, software engineering, hardware & architecture

Jingwei Liu,Lihuan Zhang,Rong Sun,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1811.03741

2018-11-09

Abstract:With the emerging of mobile communication technologies, we are entering the fifth generation mobile communication system (5G) era. Various application scenarios will arise in the 5G era to meet the different service requirements. Different 5G network slicings may deploy different public key cryptosystems. The security issues among the heterogeneous systems should be considered. In order to ensure the secure communications between 5G network slicings, in different public cryptosystems, we propose two heterogeneous signcryption schemes which can achieve mutual communications between the Public Key Infrastructure (PKI) and the CertificateLess public key Cryptography (CLC) environment. We prove that our schemes have the INDistinguishability against Adaptive Chosen Ciphertext Attack (IND-CCA2) under the Computational Diffie-Hellman Problem (CDHP) and the Existential UnForgeability against adaptive Chosen Message Attack (EUF-CMA) under the Discrete Logarithm Problem (DLP) in the random oracle model. We also set up two heterogeneous cryptosystems on Raspberry Pi to simulate the interprocess communication between different public key environments. Furthermore, we quantify and analyze the performance of each scheme. Compared with the existing schemes, our schemes have greater efficiency and security.

Cryptography and Security

Chen Tianzhou,Mao Haixia,Dai Hongjun

2006-01-01

Abstract:This paper briefly analyzes the security mechanisms of GSM/UMTS and finds their security defects, such as unidirectional authentication and cipher key transmission without encryption. For these defects, existing mobile communication systems can not prevent hostile attacks to satisfy high-level security demands. To solve these problems, we propose the robust Middleware Architecture for Mobile Communication Security (MAMCS), which employs new Authentication and Key Agreement (AKA) protocols, chooses different encryption algorithms for different applications and implements integrity control mechanism. In the end, we analyze the performance of MAMCS and show that MAMCS gets a 200%~2% improvement in security only at the cost of 1.51% descent in bandwidth and 18.14 ms extra latency.