Fang Liu,Wee Keong Ng,Wei Zhang,Do Hoang Giang,Shuguo Han

DOI: https://doi.org/10.1109/ic2e.2014.18

2014-01-01

Abstract:Secure and efficient data storage and computation for an outsourced database is a primary concern for users, especially with the push for cloud computing that affords both compute and resource scalability. Among the diverse secure building blocks for secure analytical computations on outsourced databases, the encrypted set intersection operation extracts common sensitive information from datasets belonging to different users. In existing methods, each user holds their sensitive data and all users follow a secure protocol to perform set intersection. This approach is not applicable to the cloud platform, where data resides in the cloud platform in encrypted form and not at each user site. To address this limitation, in this paper, we design the Encrypted Set Intersection Protocol (ESIP) that allows server and users to perform collaborative operations to obtain the correct set intersection result without violating privacy of data contributed by each user at the server.

Xuefei Cao,Hui. Li,Lanjun Dang,Yin Lin

DOI: https://doi.org/10.1016/j.csi.2016.08.004

2017-01-01

Abstract:Set intersection is a fundamental operation in data mining and cloud computing. In this paper, a protocol is proposed to determine the intersection between two datasets while preserving the privacy of each set. Malicious participants are considered and the misbehavior of participants is prevented. Our method is based on a combination of commutative encryption and hash-based commitments. Performance evaluation demonstrates the effectiveness of the protocol. Security discussion is given showing that the protocol provides data privacy, secure set intersection and tolerance to participants cheating.

Xin Liu,Ruxue Wang,Lu Peng,Dan Luo,Gang Xu,Xiu-Bo Chen,Neal Xiong,Xiaomeng Liu

DOI: https://doi.org/10.1109/jiot.2024.3385476

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Data fusion in the Internet of Things (IoT) is based on the intersection and union problems of sets without complete set restrictions to achieve accurate and reliable location services. However, protecting users’ privacy in IoT is challenging, for which a solution is proposed herein in conjunction with secure multi-party computation (MPC). Using the proposed solutions, users’ privacy can be ensured while achieving accurate and reliable location positioning. Current privacy-preserving schemes used for data fusion require a set’s elements belonging to an appropriate complete set, and the range of elements used by such schemes is usually integers. Moreover, a unified range of all elements in a set cannot be determined in real-time for practical scenarios. Limiting the range of elements to integers is also impossible, because the type of data collected by IoT devices is uncertain. To address these issues, new encoding and transformation methods are proposed herein to map a set of rational numbers to the Cartesian coordinate system. The NTRU encryption scheme is used to design the intersection and union MPC protocols of rational numbers’ sets without any complete set restriction under the semi-honest model. Then, to prevent possible malicious behaviors in the semi-honest model protocols, MPC protocols for the intersection and union of rational numbers’ sets are designed without any complete set. The security of the protocols is demonstrated by applying the real/ideal model paradigm. The comparison of the proposed protocols with other schemes shows that our protocols have higher computational efficiency.

Jingzhi Li,Fengling Li,Lei Zhu,Hui Cui,Jingjing Li

DOI: https://doi.org/10.1145/3581783.3613837

2023-01-01

Abstract:Although deep cross-modal hashing methods have shown superiorities for cross-modal retrieval recently, there is a concern about potential data privacy leakage when training the models. Federated learning adopts a distributed machine learning strategy, which can collaboratively train models without leaking local private data. It is a promising technique to support privacy-preserving cross-modal hashing. However, existing federated learning-based cross-modal retrieval methods usually rely on a large number of semantic annotations, which limits the scalability of the retrieval models. Furthermore, they mostly update the global models by aggregating local model parameters, ignoring the differences in the quantity and category of multi-modal data from multiple clients. To address these issues, we propose a Prototype Transfer-based Federated Unsupervised Cross-modal Hashing(PT-FUCH) method for solving the privacy leakage problem in cross-modal retrieval model learning. PT-FUCH protects local private data by exploring unified global prototypes for different clients, without relying on any semantic annotations. Global prototypes are used to guide the local cross-modal hash learning and promote the alignment of the feature space, thereby alleviating the model bias caused by the difference in the distribution of local multi-modal data and improving the retrieval accuracy. Additionally, we design an adaptive cross-modal knowledge distillation to transfer valuable semantic knowledge from modal-specific global models to local prototype learning processes, reducing the risk of overfitting. Experimental results on three benchmark cross-modal retrieval datasets validate that our PT-FUCH method can achieve outstanding retrieval performance when trained under distributed privacy-preserving mode. The source codes of our method are available at https://github.com/exquisite1210/PT-FUCH_P.

HUANG Qingqing,HUANG Tao,CHEN Zhiyu,GUO Chen,SONG Tao,WU Duanji,GUO Kun

DOI: https://doi.org/10.16707/j.cnki.fjpc.2023.04.001

2023-01-01

Abstract:With the advent of the information age, people produce vast amounts of data in their daily lives and work, yet the majority of this data is dispersed across numerous institutions or organizations, making it challenging to link them together. Most of the existing user information matching algorithms based on privacy-preserving reachability queries assume that there is a data provider with a complete data set, but in reality, the data is often scattered among different participants, and it is necessary to combine the data of all participants to form a complete data set. To solve this problem, this paper proposes a federated privacy protection user information matching algorithm. The operation results in a manual dataset show that the method in this article can match user information in a scenario where data is scattered, and the addition of a local early screening stage can effectively reduce the number of natural persons to be verified and reduce communication overhead.

WANG Xiangyu,MA Jianfeng,MIAO Yinbin

DOI: https://doi.org/10.11959/j.issn.1000?436x.2019023

2019-01-01

Abstract:The traditional privacy-preserving image retrieval schemes not only bring large computational and communication overhead,but also cannot protect the image and query privacy in multi-user scenarios.To solve above problems,an efficient privacy-preserving content-based image retrieval scheme was proposed in multi-user scenarios.The scheme used Euclidean distance comparison technique to rank the pictures according to similarity of picture feature vectors and return top-k returned.Meanwhile,the efficient key conversion protocol designed in proposed image retrieval scheme allowed each search user to generate queries based on his own private key so that he can retrieval encrypted images generated by different data owners.Strict security analysis shows that the user privacy and cloud data security can be well protected during the image retrieval process,and the performance analysis using real-world dataset shows that the proposed image retrieval scheme is efficient and feasible in practical applications.

Tao-shen LI,Yi WANG,Ru-wei HUANG

2016-01-01

Abstract:In order to provide multiple authorized users shared cryptographic files and fuzzy retrieval in the cloud computing environment,an encryption algorithm supporting multiuser fuzzy retrieval under the cloud computing environment is proposed.Through the use of Elgamal proxy encryption scheme and method of wildcard-based fuzzy set,this algorithm multiple encrypts the data owner's file and put the keywords in the document stored to the cloud server after the construction of fuzzy word set.And then,the cloud server carry out keywords fuzzy search based on authorized users' search request and return the relevant encryption files.Finally,authorized users use their private key to decrypt the files.The algorithm implements multiple authorized users to use their private key to encrypt and decrypt data,and supports the fuzzy retrieval of encrypted string.Security analysis and performance evaluation shows that the algorithm is IND-CPA safe and can effectively realize the sharing of data and fuzzy string search.

Lvhao Chen,Xiaofeng Liao,Nankun Mu,Jiahui Wu,Junqing Junqing

DOI: https://doi.org/10.1109/SSCI44817.2019.9003109

2019-01-01

Abstract:With cloud computing’s development, more users are decide to store information on the cloud server. Owing to the cloud server’s insecurity, many documents should be encrypted to avoid information leakage before being sent to the cloud. Nevertheless, it leads to the problem that plaintext search techniques can not be directly applied to the ciphertext search. In this case, many searchable encryption schemes based on single data owner model have been proposed. But, the actual situation is that users want to do research with encrypted documents originating from various data owners. This paper puts forward a privacy-preserving scheme that is based on fuzzy multi-keyword search (PPFMKS) for multiple data owners. For the sake of espousing fuzzy multi-keyword and accurate search, secure indexes on the basis of Locality-Sensitive Hashing (LSH) and Bloom Filter (BF)are established. To guarantee the search privacy under multiple data owners model, a new encryption method allowing that different data owners have diverse keys to encrypt files is proposed. This method also solves the high cost caused by inconvenience of key management.

LI Shu-Yuan,JI Yu-Dian,SHI Ding-Yuan,LIAO Wang-Dong,ZHANG Li-Peng,TONG Yong-Xin,XU Ke

DOI: https://doi.org/10.21655/ijsi.1673-7288.00273

2022-01-01

International Journal of Software and Informatics

Abstract:PDF HTML XML Export Cite reminder A Secure Multi-party Data Federation System DOI: 10.21655/ijsi.1673-7288.00273 Author: Affiliation: Clc Number: Fund Project: National Key Research and Development Program of China (2018AAA0101100); National Natural Science Foundation of China (61822201, U1811463, 62076017); the CCF-Huawei Database System Innovation Research Plan (CCF-HuaweiDBIR2020008B); State Key Laboratory of Software Development Environment (Beihang University) Open Program (SKLSDE-2020ZX-07) Article | Figures | Metrics | Reference | Related | Cited by | Materials | Comments Abstract:In the era of big data, data is of great value as an essential factor in production. It is of great significance to implement its analysis, mining, and utilization of large-scale data via data sharing. However, due to the heterogeneous dispersion of data and increasingly rigorous privacy protection regulations, data owners cannot arbitrarily share data, and thus data owners are turned into data silos. Since data federation can achieve collaborative queries while preserving the privacy of data silos, we present in this paper a secure multi-party relational data federation system based on the idea of federated computation that ``data stays, computation moves.'' The system is compatible with a variety of relational databases and can shield users from the heterogeneity of the underlying data from multiple data owners. On the basis of secret sharing, the system implements the secure multi-party operator library supporting the secure multi-party basic operations, and the resulting reconstruction process of operators is optimized with higher execution efficiency. On this basis, the system supports query operations such as Summation (SUM), Averaging (AVG), Minimization/Maximization (MIN/MAX), equi-join, and $\theta $-join and makes full use of multi-party features to reduce data interactions among data owners and security overhead, thus effectively supporting efficient data sharing. Finally, experiments are conducted on the benchmark dataset TPC-H. The experimental results show that the system can support more data owners than the current data federation systems SMCQL and Conclave and has higher execution efficiency in a variety of query operations, exceeding the existing systems by as much as 3.75 times. Reference Related Cited by

Su-Fang ZHOU,Shun-Dong LI,Yi-Min GUO,Jia-Wei DOU,Zhen-Hua CHEN

DOI: https://doi.org/10.11897/SP.J.1016.2018.00464

2018-01-01

Chinese Journal of Computers

Abstract:Secure multi-party computation,which is a key technology of the information security in the cyberspace,is an important field of research in cryptography,and it is a research focus in the international cryptographic community in recent years.Scientific computation is a branch of secure multiparty computation.Set theory is the most important base of modern mathematics,and many mathematical branches are based on set theory.Since many problems can be abstracted as set problems,set theory and its mathematical thought are applied in more and more fields.The secure set computation is a highly important problem in the secure multiparty computation.Secure set intersection computation is an important problem within the secure set computation and attracts many attentions.The secure set intersection computation has many applications in the privacy preservation,such as the secure data mining,secure data outsourcing,analysis of the sensitive medical data,and secret sharing of the personal property data and other private data,etc.At present,the research of the secure set intersection computation has two aspects.On one hand,researchers research on the protocols that there are two parties,and their sets are taken from an infinite set.Even though most of researches focus on this circumstance,the solution for this circumstance is only computationally secure and not so efficient in term of computational complexity.On the other hand,the research for the secure multi-party set computation is quite few,and they are not efficient either.This paper designs different solutions for the different situations where the researchers have not well solved.In the multi-party set intersection computation,based on the polynomial representation of a finite set,this study first constructs a secure multi-party set intersection protocol which is not based on any primitives of cryptography,and it is information theoretically secure and has a low overhead of the computation and the communication.Based on this multi party protocol,we offer another protocol that has less computational complexity,while it sacrifices a little communication complexity.In the next,for the two-party set intersection computation and the sets of these two parties are taken from an infinite set,this manuscript presents an efficient protocol based on the one-way property of the one-way hash function.In addition,for the situation that the sets of two parties are subsets of a finite set,this work introduces an efficient protocol based on the assumption of the hardness of computing discrete logarithm.At the same time,the protocol we present for the two-party set intersection computation can be used to either the secure computation of the cardinality of the set intersection or the set union,and the authenticating of the secure set computation with a little changes.Finally,as an application of the first protocol,we demonstrate how to use the protocol to privately compute the greatest common divisor of several private numbers.The protocols that we present in this paper are proven to be secure in the semi-honest model using the simulation paradigm which is widely used in secure multiparty computation.

Yao Li,Xiaochao Wei,Guopeng Cai,Hao Wang

DOI: https://doi.org/10.1007/s12243-023-00946-x

2024-01-01

Annals of Telecommunications

Abstract:As Internet of Things (IoT) devices develop, an increasing number of images appear in our everyday lives. The emergence of massive amounts of image data has increased the burden on local IoT devices. As IoT owners try to outsource to the cloud server, privacy disclosure may occur during the outsourcing process. In this study, we designed a secure image-retrieval scheme that supports multiple sources. In our solution, we first encrypt the image features by improving a secure multiparty sum protocol, which can effectively support the similarity calculation of encrypted features gathered from multiple sources. Then, IoT owners store the feature vectors locally to avoid disclosing similarity information to the cloud. Finally, we created an index to improve search efficiency by locality-sensitive hashing. Security is analyzed to demonstrate that the privacy of images and matching results have been well protected against the cloud server. In addition, the performance analysis and experimental results show that the proposed scheme achieves highly competitive results on real datasets.

Run-hua Shi,Yi Mu,Hong Zhong,Jie Cui,Shun Zhang

DOI: https://doi.org/10.1007/s11128-015-1165-z

IF: 1.965

2015-01-01

Quantum Information Processing

Abstract:Private Set Intersection allows a client to privately compute set intersection with the collaboration of the server, which is one of the most fundamental and key problems within the multiparty collaborative computation of protecting the privacy of the parties. In this paper, we first present a cheat-sensitive quantum scheme for Private Set Intersection. Compared with classical schemes, our scheme has lower communication complexity, which is independent of the size of the server’s set. Therefore, it is very suitable for big data services in Cloud or large-scale client–server networks.

Jin Li,Xiaofeng Chen

2013-01-01

Abstract:As cloud computing becomes prevalent, more and more sensitive information are being centralized into the cloud. For the protection of data privacy, sensitive data usually have to be encrypted before outsourcing, which makes effective data utilization a very challenging task. In this paper, we propose a new method to enable effective fuzzy keyword search in a multi-user system over encrypted cloud data while maintaining keyword privacy. In this new system, differential searching privileges are supported, which is achieved with the technique of attribute-based encryption. Edit distance is utilized to quantify keywords similarity and develop fuzzy keyword search technique, which achieve optimized storage and representation overheads. We further propose a symbol-based trie-traverse searching scheme to improve the search efficiency. Through rigorous security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of fuzzy keyword search with multiple users.

Harsh Kasyap,Ugur Ilker Atmaca,Carsten Maple,Graham Cormode,Jiancong He

2024-11-08

Abstract:Financial institutions rely on data for many operations, including a need to drive efficiency, enhance services and prevent financial crime. Data sharing across an organisation or between institutions can facilitate rapid, evidence-based decision-making, including identifying money laundering and fraud. However, modern data privacy regulations impose restrictions on data sharing. For this reason, privacy-enhancing technologies are being increasingly employed to allow organisations to derive shared intelligence while ensuring regulatory compliance. This paper examines the case in which regulatory restrictions mean a party cannot share data on accounts of interest with another (internal or external) party to determine individuals that hold accounts in both datasets. The names of account holders may be recorded differently in each dataset. We introduce a novel privacy-preserving scheme for fuzzy name matching across institutions, employing fully homomorphic encryption over MinHash signatures. The efficiency of the proposed scheme is enhanced using a clustering mechanism. Our scheme ensures privacy by only revealing the possibility of a potential match to the querying party. The practicality and effectiveness are evaluated using different datasets, and compared against state-of-the-art schemes. It takes around 100 and 1000 seconds to search 1000 names from 10k and 100k names, respectively, meeting the requirements of financial institutions. Furthermore, it exhibits significant performance improvement in reducing communication overhead by 30-300 times.

Cryptography and Security

Jingwei Li,Jin Li,Xiaofeng Chen,Zheli Liu,Chunfu Jia

DOI: https://doi.org/10.1016/j.future.2013.06.011

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud, which raises a new challenge on how to utilize the outsourced data in a privacy-preserving manner. Although searchable encryption allows for privacy-preserving keyword search over encrypted data, it could not work effectively for restricting unauthorized access to the outsourced private data. In this paper, aiming at tackling the challenge of privacy-preserving utilization of data in cloud computing, we propose a practical hybrid architecture in which a private cloud is introduced as an access interface between the data owner/user and the public cloud. Under this architecture, a data utilization system is provided to achieve both exact keyword search and fine-grained access control over encrypted data. Security and efficiency analysis for the proposed system are presented in detail. Then, further enhancements for this system are considered in two steps. (1) We show how to extend our system to support efficient fuzzy keyword search while overcoming the disadvantage of insignificant decryption in the existing privacy-preserving fuzzy keyword search scheme. (2) We demonstrate approaches to realize an outsourcing cryptographic access control mechanism and further reduce the computational cost at the data user side.

ZHANG Yuan-Yuan,LI Shu-Yuan,SHI Ye-Xuan,ZHOU Nan,XU Yi,XU Ke

DOI: https://doi.org/10.21655/ijsi.1673-7288.00298

2023-01-01

International Journal of Software and Informatics

Abstract:Recently, many countries and regions have enacted data security policies, such as the General Data Protection Regulation proposed by the EU.The release of related laws and regulations has aggravated the problem of data silos, which makes it difficult to share data among various data owners.Data federation is a possible solution to this problem.Data federation refers to the calculation of query tasks jointly performed by multiple data owners without original data leaks using privacy computing technologies such as secure multi-party computing.This concept has become a research trend in recent years, and a series of representative systems have been proposed, such as SMCQL and Conclave.However, for the core join queries in the relational database system, the existing data federation system still has the following problems.First of all, the join query type is single, which is difficult to meet the query requirements under complex join conditions.Secondly, the algorithm performance has huge improvement space because the existing systems often call the security tool library directly, which means the runtime and communication overhead is high.Therefore, this paper proposes a join algorithm under data federation to address the above issues.The main contributions of this paper are as follows: firstly, multi-party-oriented federation security operators are designed and implemented, which can support many operations.Secondly, a federated θ-join algorithm and an optimization strategy are proposed to significantly reduce the security computation cost.Finally, the performance of the algorithm proposed in this paper is verified by the benchmark dataset TPC-H.The experimental results show that the proposed algorithm can reduce the runtime and communication overhead by 61.33% and 95.26%, respectively, compared with the existing data federation systems SMCQL and Conclave.

Fucai Zhou,Zifeng Xu,Yuxi Li,Jian Xu,Su Peng

DOI: https://doi.org/10.1007/978-3-319-59870-3_13

2017-01-01

Abstract:A wide range of applications can benefit from storing and managing data as graph structures, and graph theory algorithms can be used to solve various computing problems. In this paper, we propose a secure two-party private graph intersection protocol against semi-honest servers. The protocol allows a server and a client, each holding a private graph, to jointly compute the intersection of their graphs. The protocol utilizes homomorphic encryptions and a private set intersection sub-protocol to prevent information leakage during the process. At the end of the protocol, the server learns the graph intersection, and the client learns the vertex intersection.

Shuo Qiu,Boyang Wang,Ming Li,Jesse Victors,Jiqiang Liu,Yanfeng Shi,Wei Wang

DOI: https://doi.org/10.1145/2898445.2898453

2016-01-01

Abstract:Computing similarity, especially Jaccard Similarity, between two datasets is a fundamental building block in big data analytics, and extensive applications including genome matching, plagiarism detection, social networking, etc. The increasing user privacy concerns over the release of has sensitive data have made it desirable and necessary for two users to evaluate Jaccard Similarity over their datasets in a privacy-preserving manner. In this paper, we propose two efficient and secure protocols to compute the Jaccard Similarity of two users' private sets with the help of an unfully-trusted server. Specifically, in order to boost the efficiency, we leverage Minhashing algorithm on encrypted data, where the output of our protocols is guaranteed to be a close approximation of the exact value. In both protocols, only an approximate similarity result is leaked to the server and users. The first protocol is secure against a semi-honest server, while the second protocol, with a novel consistency-check mechanism, further achieves result verifiability against a malicious server who cheats in the executions. Experimental results show that our first protocol computes an approximate Jaccard Similarity of two billion-element sets within only 6 minutes (under 256-bit security in parallel mode). To the best of our knowledge, our consistency-check mechanism represents the very first work to realize an efficient verification particularly on approximate similarity computation.

Cheng Guo,Jing Jia,Yingmo Jie,Charles Zhechao Liu,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/jiot.2020.2964412

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:Significant volume of information of a broad variety (or modalities, such as image, audio, video, and text) is sensed and collected [such as those by the Internet of Things (IoT) devices] regularly (e.g., hourly). Such information is then analyzed to inform decision making, such as clinical diagnosis and product recommendation. Data with different representations may have the same semantic information, and there have been considerable efforts devoted to designing efficient searching approaches on objects with different modalities. However, multimodal data carry sensitive information, and maintaining privacy is crucial in our privacy-aware and interconnected society. In this article, we combine both the collective matrix factorization (CMF) and homomorphic encryption (HE) to construct an efficient and accurate scheme to facilitate cross-modal retrieval, without the loss of any sensitive information. Our scheme identifies the unified feature vectors for every object in the training set with different modalities and obtains the mapping matrices for out-of-sample objects. After the encryption process, these matrices are stored on the remote cloud server (CS). Hence, the server can calculate the secure, unified features for any query. In this article, we also built a privacy-preserving index structure using locality-sensitive hashing (LSH), which provides both security and efficiency. Performance evaluations demonstrate the potential for our proposed scheme in the real-world IoT applications.

Ziyu Niu,Hao Wang,Zhi Li,Xiangfu Song

DOI: https://doi.org/10.1002/int.22420

IF: 8.993

2021-03-28

International Journal of Intelligent Systems

Abstract:<p>With the rapid development of Internet and the widespread application of distributed computing, people enjoy various conveniences while at the same time their privacy has also been threatened. Secure multiparty computation (MPC) can solve the problem of how data owners who do not trust each other jointly compute in distributed scenarios. Using MPC technique, people can not only realize data joint computing, but also ensure data privacy. In most data application scenarios, private data held by different parties can often be represented by sets. To complete the relevant statistical computations of the intersection of two private sets, we propose a suite of protocols based on MPC. These protocols can compute the statistical functions of the associated data of the intersection, including cardinality, sum, average, variance, range, and so forth, without revealing any additional information other than the result. To achieve these functions, we design a private membership test protocol with the result as the arithmetic sharing value, called the arithmetic shared private membership test (ASPMT) protocol. On the basis of the ASPMT protocol, the size and other statistics of the intersection can be computed securely and efficiently. All fundamental computations are constructed based on secret sharing and oblivious transfer techniques. Thanks to the use of precomputation technique, all protocols are highly efficient.</p>

computer science, artificial intelligence