11,167 research outputs found
AnonyControl: Control Cloud Data Anonymously with Multi-Authority Attribute-Based Encryption
Cloud computing is a revolutionary computing paradigm which enables flexible,
on-demand and low-cost usage of computing resources. However, those advantages,
ironically, are the causes of security and privacy problems, which emerge
because the data owned by different users are stored in some cloud servers
instead of under their own control. To deal with security problems, various
schemes based on the Attribute- Based Encryption (ABE) have been proposed
recently. However, the privacy problem of cloud computing is yet to be solved.
This paper presents an anonymous privilege control scheme AnonyControl to
address the user and data privacy problem in a cloud. By using multiple
authorities in cloud computing system, our proposed scheme achieves anonymous
cloud data access, finegrained privilege control, and more importantly,
tolerance to up to (N -2) authority compromise. Our security and performance
analysis show that AnonyControl is both secure and efficient for cloud
computing environment.Comment: 9 pages, 6 figures, 3 tables, conference, IEEE INFOCOM 201
Search Me If You Can: Privacy-preserving Location Query Service
Location-Based Service (LBS) becomes increasingly popular with the dramatic
growth of smartphones and social network services (SNS), and its context-rich
functionalities attract considerable users. Many LBS providers use users'
location information to offer them convenience and useful functions. However,
the LBS could greatly breach personal privacy because location itself contains
much information. Hence, preserving location privacy while achieving utility
from it is still an challenging question now. This paper tackles this
non-trivial challenge by designing a suite of novel fine-grained
Privacy-preserving Location Query Protocol (PLQP). Our protocol allows
different levels of location query on encrypted location information for
different users, and it is efficient enough to be applied in mobile platforms.Comment: 9 pages, 1 figure, 2 tables, IEEE INFOCOM 201
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Remarks on the Cryptographic Primitive of Attribute-based Encryption
Attribute-based encryption (ABE) which allows users to encrypt and decrypt
messages based on user attributes is a type of one-to-many encryption. Unlike
the conventional one-to-one encryption which has no intention to exclude any
partners of the intended receiver from obtaining the plaintext, an ABE system
tries to exclude some unintended recipients from obtaining the plaintext
whether they are partners of some intended recipients. We remark that this
requirement for ABE is very hard to meet. An ABE system cannot truly exclude
some unintended recipients from decryption because some users can exchange
their decryption keys in order to maximize their own interests. The flaw
discounts the importance of the cryptographic primitive.Comment: 9 pages, 4 figure
Security of a biometric identity-based encryption scheme
Biometric identity-based encryption (Bio-IBE) is a kind of fuzzy
identity-based encryption (fuzzy IBE) where a ciphertext encrypted under an
identity w' can be decrypted using a secret key corresponding to the identity w
which is close to w' as measured by some metric. Recently, Yang et al. proposed
a constant-size Bio-IBE scheme and proved that it is secure against adaptive
chosen-ciphertext attack (CCA2) in the random oracle model. Unfortunately, in
this paper, we will show that their Bio-IBE scheme is even not chosen-plaintext
secure. Specifically, user w using his secret key is able to decrypt any
ciphertext encrypted under an identity w' even though w is not close to w'.Comment: Journal version of the paper will be appearing in International
Journal of Network Securit
- …