nMIBAS: A Novel Multi-Receiver ID-Based Anonymous Signcryption with Decryption Fairness

Based on the ring signature technology, the multi-receiver ID-based anonymous signcryption (MIBAS) is proposed, and its goal is to protect the privacy of the sender or so-called signer. In an MIBAS scheme, every receiver can verify whether the sender is a member of a trusted group and thus ensure the reliability of the message source, but he could not get the real sender. However, MIBAS paid no attention to privacy of the receivers and has not taken the privacy of the receivers into account during its design. Our analyses show that there widely exist the receiver privacy exposure and decryption unfairness problems in the existing multi-receiver ID-based signcryption schemes. Motivated by these concerns, a new multi-receiver ID-based anonymous signcryption (nMIBAS) is proposed to protect the identity of the receivers. The nMIBAS scheme can not only solve the problem that the existing schemes cannot protect the privacy of receivers, but also meet the fairness of decryption to prevent the possible cheating behavior of the sender effectively. Analysis shows that this scheme is a secure and effective signcryption scheme

Constant-size threshold attribute based SignCryption for cloud applications

In this paper, we propose a novel constant-size threshold attribute-based signcryption scheme for securely sharing data through public clouds. Our proposal has several advantages. First, it provides flexible cryptographic access control, while preserving users’ privacy as the identifying information for satisfying the access control policy are not revealed. Second, the proposed scheme guarantees both data origin authentication and anonymity thanks to the novel use of attribute based signcryption mechanism, while ensuring the unlinkability between the different access sessions. Third, the proposed signcryption scheme has efficient computation cost and constant communication overhead whatever the number of involved attributes. Finally, our scheme satisfies strong security properties in the random oracle model, namely Indistinguishability against the Adaptive Chosen Ciphertext Attacks (IND-CCA2), Existential Unforgeability against Chosen Message Attacks (EUFCMA) and privacy preservation of the attributes involved in the signcryption process, based on the assumption that the augmented Multi-Sequence of Exponents Decisional Diffie-Hellman (aMSE-DDH) problem and the Computational Diffie Hellman Assumption (CDH) are hard

Novel lightweight signcryption-based key distribution mechanisms for MIKEY

Part 1: Authentication and Key ManagementInternational audienceMultimedia Internet KEYing (MIKEY) is a standard key management protocol, used to set up common secrets between any two parties for multiple scenarios of communications. As MIKEY becomes widely deployed, it becomes worthwhile to not confine its applications to real-time or other specific applications, but also to extend the standard to other scenarios as well. For instance, MIKEY can be used to secure key establishment in the Internet of Things. In this particular context, Elliptic Curve Cryptography-based (ECC) algorithms seem to be good candidate to be employed by MIKEY, since they can support equivalent security level when compared with other recommended cryptographic algorithms like RSA, and at the same time requiring smaller key sizes and offering better performance. In this work, we propose novel lightweight ECC-based key distribution extensions for MIKEY that are built upon a previously proposed certificateless signcryption scheme. To our knowledge, these extensions are the first ECC-based MIKEY extensions that employ signcryption schemes. Our proposed extensions benefit from the lightness of the signcryption scheme, while being discharged from the burden of the public key infrastructure (PKI) thanks to its certificateless feature. To demonstrate their performance, we implemented our proposed extensions in the Openmote sensor platform and conducted a thorough performance assessment by measuring the energy consumption and execution time of each operation in the key establishment procedure. The experimental results prove that our new MIKEY extensions are perfectly suited for resource-constrained device

Lagrangian Recurrent Steganalysis and Hyper Elliptic Certificateless Signcryption for Secure Image Transmission

Present-day evolution in communication and information technology dispenses straightforward and effortless access to data, but the most noteworthy condition is the formation of secure communication. Numerous approaches were designed for safety communication. One of the crucial approaches is image steganography. Moreover, provisioning of information security services is arrived at via cryptosystems where cryptosystems make certain the secure messages transmission between the users in an untrustworthy circumstance.  The conventional method of providing encryption and signature is said to be first signing and then encryption, but both the computation and communication costs are found to be high. A certificateless signcryption mechanism is designed to transfer the medical data or images securely. This mechanism will minimize the storage and verification costs of public key certificates. The author of this article proposes a method named Lagrangian recurrent Steganalysis and Hyper Elliptic Certificateless Signcryption for transferring the medical data or images securely. In two sections the LRS-HECS method is split. They are medical image steganalysis and certificateless signcryption. First with the Chest X-Ray images obtained as input, a Codeword Correlated Lagrangian Recurrent Neural Network-based image steganography model is applied to generate steg images. Second, to transfer the medical images securely the steg images provided as input is designed a model named a Hyper Elliptic Curve-based Certificateless Signcryption. The issue of providing the integrity and validity of the transmitted medical images and receiver anonymity is addressed by the application of Hyper Elliptic Curve. Chest X-Ray pictures were used in experimental simulations, and the findings showed that the LRS-HECS approach had more advantages over existing state-of-the-art methods in terms of higher peak signal to noise ratio with data integrity and with reduced encryption time and transmission cost

Studies on the Security of Selected Advanced Asymmetric Cryptographic Primitives

The main goal of asymmetric cryptography is to provide confidential communication, which allows two parties to communicate securely even in the presence of adversaries. Ever since its invention in the seventies, asymmetric cryptography has been improved and developed further, and a formal security framework has been established around it. This framework includes different security goals, attack models, and security notions. As progress was made in the field, more advanced asymmetric cryptographic primitives were proposed, with other properties in addition to confidentiality. These new primitives also have their own definitions and notions of security. This thesis consists of two parts, where the first relates to the security of fully homomorphic encryption and related primitives. The second part presents a novel cryptographic primitive, and defines what security goals the primitive should achieve. The first part of the thesis consists of Article I, II, and III, which all pertain to the security of homomorphic encryption schemes in one respect or another. Article I demonstrates that a particular fully homomorphic encryption scheme is insecure in the sense that an adversary with access only to the public material can recover the secret key. It is also shown that this insecurity mainly stems from the operations necessary to make the scheme fully homomorphic. Article II presents an adaptive key recovery attack on a leveled homomorphic encryption scheme. The scheme in question claimed to withstand precisely such attacks, and was the only scheme of its kind to do so at the time. This part of the thesis culminates with Article III, which is an overview article on the IND-CCA1 security of all acknowledged homomorphic encryption schemes. The second part of the thesis consists of Article IV, which presents Vetted Encryption (VE), a novel asymmetric cryptographic primitive. The primitive is designed to allow a recipient to vet who may send them messages, by setting up a public filter with a public verification key, and providing each vetted sender with their own encryption key. There are three different variants of VE, based on whether the sender is identifiable to the filter and/or the recipient. Security definitions, general constructions and comparisons to already existing cryptographic primitives are provided for all three variants.Doktorgradsavhandlin

A Comprehensive Survey on Signcryption Security Mechanisms in Wireless Body Area Networks

WBANs (Wireless Body Area Networks) are frequently depicted as a paradigm shift in healthcare from traditional to modern E-Healthcare. The vitals of the patient signs by the sensors are highly sensitive, secret, and vulnerable to numerous adversarial attacks. Since WBANs is a real-world application of the healthcare system, it’s vital to ensure that the data acquired by the WBANs sensors is secure and not accessible to unauthorized parties or security hazards. As a result, effective signcryption security solutions are required for the WBANs’ success and widespread use. Over the last two decades, researchers have proposed a slew of signcryption security solutions to achieve this goal. The lack of a clear and unified study in terms of signcryption solutions can offer a bird’s eye view of WBANs. Based on the most recent signcryption papers, we analyzed WBAN’s communication architecture, security requirements, and the primary problems in WBANs to meet the aforementioned objectives. This survey also includes the most up to date signcryption security techniques in WBANs environments. By identifying and comparing all available signcryption techniques in the WBANs sector, the study will aid the academic community in understanding security problems and causes. The goal of this survey is to provide a comparative review of the existing signcryption security solutions and to analyze the previously indicated solution given for WBANs. A multi-criteria decision-making approach is used for a comparative examination of the existing signcryption solutions. Furthermore, the survey also highlights some of the public research issues that researchers must face to develop the security features of WBANs.publishedVersio