Fundamenta Informaticae - Volume 157, issue 1-2

Authors: Xhafa, Fatos | Cao, Zhenfu

Article Type: Other

DOI: 10.3233/FI-2018-1614

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. v-viii, 2018

Authors: Zhang, Mingwu

Article Type: Research Article

Abstract: In order to provide a flexible access control in a secure manner in open networks, Attribute-Based Encryption (ABE) implements a fine-grained decentralized access control that is based on properties or attributes a user/node owns, which has paid more attention to the applications in large-scale and dynamic networks such as Mesh network, Wireless Body Area Networks (WBAN), and Internet of Things etc . However, as the openness and exposure in such networks, an attacker (e.g., virus, eavesdropper or sniffer) can blow the concrete implementation of cryptosystems, for example side channel attacks, and then obtains some sensitive and secret states …in the system by monitoring pseudo-random numbers , internal results and secret keys and thus breaks the provable security of the systems. In this paper, in order to tolerate the possible key leakage , we model a fine-grained attribute revocable attribute-based encryption, namely ADR-lrABE , and then give the concrete construction, security analysis and resilient-leakage performance. The scheme tolerates the key of matching the challenge ciphertext to be partially revealed (i.e., key leakage resilience ), and it provides a update mechanism to tolerate continual leakage that allows the attacker gains the leakage beyond the bound in the lifetime of the system (i.e., continual leakage tolerance ). Also, it supports the properties of attribute direct revocation that the revocation procedure does not affect any other user’s secret key. That is, the proposed scheme is proven to be semantically secure even the decryption key is partially leaked to the attacker. We analyze the leakage-resilient performance of our scheme, and indicate that the scheme achieves approximate (82 + o (1)) fraction of the bits of a decryption key being leaked. We also provide a mechanism to transform the scheme into a prime-order group. To the best of our knowledge, our schemes are the first ABE that support attribute direct revocation mechanism in the presence of key leakage in noise channel or memory leakage environments. Show more

Keywords: Attribute-based encryption, Leakage resilience, Attribute revocation, Key refresh, Leakage rate, Side-channel attack

DOI: 10.3233/FI-2018-1615

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 1-27, 2018

Authors: Li, Jing | Wang, Licheng | Niu, Xinxin | Gu, Lize | Qu, Zhiguo

Article Type: Research Article

Abstract: In this paper, we propose the notion of Star-Topological encryption that enables some clients confidentially talking to a server but without revealing their identities to others. Then, an encryption scheme is constructed to achieve this cryptosystem based on non-abelian groups. The proposal realizes identity-based encryption and identity authenticity, simultaneously. In this encryption system, both the encryptions and decryptions of two sides of the communications are relying on secret key. Therefore, the encryption/decryption algorithms employ the idea of symmetric key cryptosystem. Meanwhile, the client’s decryption key is generated by taking client’s identity and server’s master secret key as input. Therefore, our …encryption scheme can be viewed as an identity-based encryption in Symmetric Key Cryptosystem. Furthermore, the security of the scheme is based on the intractability of factorization search problem over non-abelian algebraic structures. A matrix group over group ring is suggested and an algorithm of computing the inverse of an invertible group ring element is given. Finally, we discuss that our cryptosystem is secure against determinant attacks and quantum attacks. Show more

Keywords: Star-Topological Encryption, Factorization Search Problem, Group Ring Matrix

DOI: 10.3233/FI-2018-1616

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 29-46, 2018

Authors: Wang, Licheng | Li, Jing | Gu, Lize | Yan, Jianhua | Qu, Zhiguo

Article Type: Research Article

Abstract: Proxy re-encryption (PRE) enables a semi-trusted proxy to transfer Alice’s secrets into Bob’s secrets but without seeing the secrets. This functionality is very interesting for making balance between the information confidentiality and the mutual accessibility in various scenarios such as public cloud storage systems. During the past decades, many smart PRE schemes were built based on intractability assumptions such as integer factorization problems (IFP) and discrete logarithm problems (DLP). However, Shor’s efficient quantum algorithms for IFP and DLP stand great threats towards the security baseline of these schemes. Enlightened by Gu et al.’s recent work on resisting known quantum attacks, …we propose an efficient PRE scheme based on the intractability of the (semi)group factorization problems in this paper. The security of the proposed scheme is analyzed according to some heuristic attacks. Moreover, a special instantiation technique is present in detail, and some illustrations are provided for manifesting the effectiveness and efficiency of the proposed methodology. Show more

Keywords: Proxy re-encryption, quantum attack resistant, group factorization, non-commutative cryptography

DOI: 10.3233/FI-2018-1617

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 47-62, 2018

Authors: Wei, Lifei | Zhang, Kai | Zhang, Lei | Huang, Dongmei

Article Type: Research Article

Abstract: Homomorphic encryption always allows the linear arithmetic operations performed over the ciphertext and then returns equaling results as if the operations are taken over the original plaintext, which is always used for data aggregation in wireless sensor networks to keep the confidentiality of the data and cut down the transmission overhead of the ciphertext. In the marine sensor networks, sensors collect the multiple data such as temperature, salinity, pressure, and chlorophyll concentration in the ocean using a single hardware unit for further statistical analysis such as computing the mean and the variance and making regression analysis. However, directly using the …homomorphic encryption cannot perform well in marine sensor data forwarding since the data need to turn to satellites or vessels as relays and be forwarded in multi-hop way. The data are not expected to be decrypted until arriving the final destinations. To tackle these issues, we design a secure data forwarding protocol based on the Paillier homomorphic encryption and multi-use proxy re-encryption. We also evaluate the computational overhead in term of the delay in the transmission and operation in various test beds. The experiment results show that the additional computational overhead brought by cryptographic operations could be minor and it has the merit of providing fixed data size passing through the multi-hop transmission. Show more

Keywords: Secure transmission, Proxy re-encryption, Paillier encryption, Marine sensors networks, Statistical analysis

DOI: 10.3233/FI-2018-1618

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 63-78, 2018

Authors: Jeyabalu, Mahalakshmi | Krishnamoorthy, Kuppusamy

Article Type: Research Article

Abstract: Cloud Computing, a type of interpersonal computing offers services on demand. There arise numerous vulnerabilities and threats that jeopardize the authentication of the cloud services. Security services remain prevalent despite of standard policies offered by service providers, especially on public cloud. An encryption service is one of the conventional way to protect the plain data, by converting it into inarticulate form. This paper brings an interesting application service that provides security as a service to the users. This innovative service works based on a symmetric key encryption scheme. Encryption keys in the cryptographic process reveal the quality of encryption. Multiple …keys are involved in this proposed encryption process, among them, one interesting key generation is from hybridization of improved cipher block chaining encryption operation and another from nature inspired genetic algorithm. Motivation for designing this hybrid algorithm is to minimize the execution time and storage space capacity. The experimental analysis is performed for multimedia files, including plain text, images. Performance of the proposed encryption algorithm is analyzed using various metrics that reveals the quality and strength of the algorithm in spite of various attacks. Evaluation reports state that this application service relics potential for authenticating multimedia files with better satisfaction while out-sourced as application in cloud computing environment. Show more

Keywords: Security-as-a-service, Improved encryption algorithm, Genetic Algorithm, Multimedia files, Outsourcing, Public Cloud, local optimization, symmetric key encryption

DOI: 10.3233/FI-2018-1619

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 79-109, 2018

Authors: Li, Jiguo | Yuan, Hong | Zhang, Yichen

Article Type: Research Article

Abstract: In order to satisfy application in resource constrained environment, aggregate signature schemes have been widely investigated. Recently, He et al. pointed out that certificateless aggregate signature (CLAS) scheme proposed by Xiong et al. was insecure against the Type II adversary and presented an possible improvement. In this article, we show that their improved scheme is not secure against a malicious-but-passive KGC attack. We analyze attack reason and propose an improved certificateless aggregate signature scheme. Based on the CDH difficult problem assumption, the proposed CLAS scheme is existentially unforgeable against adaptive chosen-message attacks in the random oracle model.

Keywords: Certificateless signature, Aggregate signature, Cryptanalysis, Malicious KGC attack

DOI: 10.3233/FI-2018-1620

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 111-123, 2018

Authors: Wei, Yuechuan | Rong, Yisheng | Fan, Cunyang

Article Type: Research Article

Abstract: Lightweight block cipher is usually used in “Internet of Thing” to protect confidentiality as well as to authentication. LBlock is a lightweight block cipher designed for tiny computing devices, such as RFID tags and sensor network nodes. The cipher algorithm iterates a Feistel structure with SP type round function by 32 rounds. Its block size is 64 bits and key size is 80 bits. The designers show that LBlock is resistant against most classical attacks, such as differential and linear cryptanalysis. This paper proposed differential fault analysis on LBlock based on different depth of fault model, the theoretical analysis demonstrates …that LBlock is vulnerable to deep differential fault attack due to its Feistel structure and diffusion layer. By injecting faults in the 27th round to the 29th round, a differential fault analysis on LBlock based on a nibble-oriented random fault model is presented. The experiment shows that 4.3 faults on average could recover a round key. For reveal the whole key information, 13.3 faults on average are needed. This indicates that cryptographic devices supporting LBlock should be carefully protected. Show more

Keywords: Block cipher, DFA, LBlock, Attack mode

DOI: 10.3233/FI-2018-1621

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 125-139, 2018

Authors: Zhang, Huajun | Cao, Zhenfu | Dong, Xiaolei | Shen, Jiachen

Article Type: Research Article

Abstract: For disaster recovery, we store backups of a file in several positions far away from each other. If we delegate this task to an untrusted cloud service provider, a verification method is desired. In this paper, we construct a generic transformation from “proof of retrievability” to “proof of multicopy”. We present this work in two stages. In the first stage, we propose a generic protocol of “proof of file position” based on an arbitrary secure “proof of retrievability” protocol. In the second stage, we propose a “proof of multicopy” protocol based on our “proof of file position” protocol. Both of …our protocols are provably secure. Show more

Keywords: proof of retrievability, proof of file position, proof of multicopy

DOI: 10.3233/FI-2018-1622

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 141-151, 2018

Authors: Zhang, Miao | Wang, Chenyu | Wang, Jiteng | Tian, Si | Li, Yanwei

Article Type: Research Article

Abstract: ZigBee networks, with their characteristics of high availability, low power consumption and cost-effective devices, are perfectly appropriate to construct Wireless Sensor Networks (WSNs). Also, the natures of WSN listed above bring significant benefits over traditional communication networks used in smart home systems. A smart home system is meant to improve the quality of life through offering various automated, interactive and comfortable services, such as sensing and communicating the family member’s health information with their doctors, or remotely controlling the appliances via cellular phones, emails etc. These critical services make the security of personal privacy and the authority of control commands …vital issues in Smart Home environments. While the smart home system suffer from many attacks, the security of the smart home system become an important and hard problem. And the authentication is the first parclose to the security of the system. However, according to our analysis, most system fail to achieve the authentication between the user and the device, Which leading to the compromise of the whole system. In this paper, we analyze the authentication challenges between the user the device in WSNs and in smart home Systems. To thoroughly detect, defense and foresee the authentication vulnerabilities existing in smart home networks, we proposed a security evaluation technique based on attack graph generation. We discuss the distinction between the attack graphs deployed in traditional networks and in smart home networks. Furthermore, we apply this technique into an experiment, and the results prove its practicality. And we then suggest a widely used protocol to the smart home authentication system. Show more

Keywords: Smart Home, Wireless Sensor Networks, security, attack graph

DOI: 10.3233/FI-2018-1623

Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 153-165, 2018