Efficient searchble technique to retrive ranked documents in cloud

A secure searchable encryption system is presented to allow searching of encrypted user data in the cloud. The system concurrently supports fuzzy keyword searching and matched results ranking, which are two important factors in facilitating practical searchable encryption. A chaotic fuzzy conversion technique is proposed to support secure fuzzy keyword indexing, storage and query. A secure posting list is also created to rank the matched results while maintaining the privacy and confidentiality of the user data, and saving the resources of the user mobile device

Efficient Verifiable Computation of XOR for Biometric Authentication

This work addresses the security and privacy issues in remotebiometric authentication by proposing an efficient mechanism to verifythe correctness of the outsourced computation in such protocols.In particular, we propose an efficient verifiable computation of XORingencrypted messages using an XOR linear message authenticationcode (MAC) and we employ the proposed scheme to build a biometricauthentication protocol. The proposed authentication protocol is bothsecure and privacy-preserving against malicious (as opposed to honest-but-curious) adversaries. Specifically, the use of the verifiable computation scheme together with an homomorphic encryption protects the privacy of biometric templates against malicious adversaries. Furthermore, in order to achieve unlinkability of authentication attempts, while keeping a low communication overhead, we show how to apply Oblivious RAM and biohashing to our protocol. We also provide a proof of security for the proposed solution. Our simulation results show that the proposed authentication protocol is efficient

A proposal to improve the authentication process in m-health environments

Special Section: Mission Critical Public-Safety Communications: Architectures, Enabling Technologies, and Future Applications One of the challenges of mobile health is to provide a way of maintaining privacy in the access to the data. Especially, when using ICT for providing access to health services and information. In these scenarios, it is essential to determine and verify the identity of users to ensure the security of the network. A way of authenticating the identity of each patient, doctor or any stakeholder involved in the process is to use a software application that analyzes the face of them through the cams integrated in their devices. The selection of an appropriate facial authentication software application requires a fair comparison between alternatives through a common database of face images. Users usually carry out authentication with variations in their aspects while accessing to health services. This paper presents both 1) a database of facial images that combines the most common variations that can happen in the participants and 2) an algorithm that establishes different levels of access to the data based on data sensitivity levels and the accuracy of the authentication

Ghostshell: Secure Biometric Authentication using Integrity-based Homomorphic Evaluations

Biometric authentication methods are gaining popularity due to their convenience. For an authentication without relying on trusted hardwares, biometrics or their hashed values should be stored in the server. Storing biometrics in the clear or in an encrypted form, however, raises a grave concern about biometric theft through hacking or man-in-the middle attack. Unlike ID and password, once lost biometrics cannot practically be replaced. Encryption can be a tool for protecting them from theft, but encrypted biometrics should be recovered for comparison. In this work, we propose a secure biometric authentication scheme, named Ghostshell, in which an encrypted template is stored in the server and then compared with an encrypted attempt \emph{without} decryption. The decryption key is stored only in a user\u27s device and so biometrics can be kept secret even against a compromised server. Our solution relies on a somewhat homomorphic encryption (SHE) and a message authentication code (MAC). Because known techniques for SHE is computationally expensive, we develop a more practical scheme by devising a significantly efficient matching function exploiting SIMD operations and a one-time MAC chosen for efficient homomorphic evaluations (of multiplication depth 2). When applied to Hamming distance matching on 2400-bit irises, our implementation shows that the computation time is approximately 0.47 and 0.1 seconds for the server and the user, respectively

Efficient Fuzzy Search on Encrypted Data

We study the problem of efficient (sub-linear) fuzzy search on encrypted outsourced data, in the symmetric-key setting. In particular, a user who stores encrypted data on a remote untrusted server forms queries that enable the server to efficiently locate the records containing the requested keywords, even though the user may misspell keywords or provide noisy data in the query. We define an appropriate primitive for a general \emph{closeness} function on the message space that we call \emph{efficiently fuzzy-searchable encryption} (\emph{EFSE}). Next we identify an optimal security notion for EFSE. We demonstrate that existing schemes do not meet our security definition and propose a new scheme that we prove secure under basic assumptions. Unfortunately, the scheme requires large ciphertext length, but we show that, in a sense, this space-inefficiency is unavoidable for a general, optimally-secure scheme. Seeking the right balance between efficiency and security, we then show how to construct schemes that are more efficient and satisfy a weaker security notion that we propose. To illustrate, we present and analyze a more space-efficient scheme for supporting fuzzy search on biometric data that achieves the weaker notion

Appraisal of Cashless Policy on the Nigerian Financial System

The Central Bank of Nigeria (CBN) has been active in the inauguration of policies and schemes to foster the implementation of the cashless policy in Nigeria. However the current transition to cashless economy raises a lot of concerns with no substantial evidence yet to justify its implementation. This study was carried out in order to appraise the implementation of the cashless policy since its introduction into the Nigerian financial system in 2012 and also to examine the persistent challenges facing its implementation. In view of the above stated objective, primary data were collected with the aid of the questionnaire, which was randomly administered to 120 respondents ranging from First Bank, Zenith Bank and United Bank for Africa. The banks were selected based on their total assets and the information collected covered the activities of the CBN and that of these banks towards implementation of the cashless policy from 2012 till date.The data collected were presented and analyzed with the aid of the Statistical Package for Social Sciences (SPSS) using descriptive statistics and one-sample t-test. The results led to the conclusion that despite the need to operate cashless transactions dominating the modern Nigerian economy, the cashless policy will have the desired impact only if a lot is done to ensure the implementation of an effective cashless system

동형암호를 이용한 안전한 연산

학위논문 (박사)-- 서울대학교 대학원 자연과학대학 수리과학부, 2017. 8. 천정희.(Fully) Homomorphic encryption (FHE, HE) is one of the natural and powerful tools for ensuring privacy of sensitive data since it enables to handle ciphertexts without decryption and thus allow complicated computations on the encrypted data. Due to this property, homomorphic encryption can be applied to many scenarios in the real life, especially, databases. Until now, most of homomorphic encryption schemes restrict a plaintext space as an integer and thus numeric data should be represented by integers. However, there are many applications working in the real number system that operate on very sensitive information, for example, user's location information and patient's medical information. Usually, these information can be represented by the real numbers and thus it should be encoded into the integers. The general decimal representation requires \emph{quite large} plaintext space and a polynomial representation also requires a \emph{higher degree} of polynomials, which has a bad influence to the performance of FHE scheme. In this thesis, we employ continued fraction to represent real numbers and to alleviate this inefficiency. With continued fraction, real numbers can be represented by a set of \emph{quite small} integers and it makes performance improvement than other encoding techniques. Moreover, we can develop a set of algorithms and circuits using continued fraction for the following operations: homomorphic integer division, equality circuit and comparison circuits over the real numbers. First, we suggest an algorithm for homomorphic integer division using continued fraction and restoring division algorithm. Since the integer is not closed under the division, the most of homomorphic encryption schemes cannot support the division, however, we suggest a transformation from rational numbers to continued fractions being encrypted and it allows to divide two encrypted integers. Further, we can evaluate a polynomial whose coefficients are in the rational numbers. Second, we describe comparison circuits over the encrypted real numbers including equality circuits. Since comparing two continued fraction is also easy as much as comparing two decimal numbers, we can build \emph{more efficient} comparison circuits while maintaining the small message space utilizing the homomorphic comparison circuits over the integers. With our efficient comparison circuits, we can apply to the real-type database which indicates each numeric data is represented by the real numbers and our circuits enable to sorting and private database queries such as retrieval queries and aggregate queries, which makes database useful. Finally, we present a proof of correct decryption in a single party homomorphic encryption. Although a server evaluates some polynomial being encrypted, the server cannot know any information about the result. Thus, if a server is interested in the result, a data owner returns the decryption result. The problem is that the server should believe the data owner at this time because the data owner can manipulate the decryption result and the server cannot recognize it. We prevent this situation by utilizing one-time message authentication code. Moreover, this technique can be applied to many scenarios, especially, a protocol for authentication of biometrics.1 Introduction 1 1.1 Overview and Contributions 2 1.1.1 Homomorphic Integer Division 2 1.1.2 Homomorphic Comparisons over the Real Numbers 4 1.1.3 Integrity of Homomorphic Evaluations 6 2 Preliminaries 9 2.1 Notation 9 2.2 Continued Fraction 9 2.3 Homomorphic Encryption 14 2.4 Homomorphic Comparisons over the Integers 16 2.4.1 Equality Circuit over the Integers 16 2.4.2 Greater-Than and Less-Than Circuits over the Integers 17 2.5 Fuzzy Extractor 18 2.5.1 Reusable Fuzzy Extractor 19 3 Algorithms for Homomorphic Integer Division 22 3.1 Overview and RelatedWorks 22 3.2 Restoring Division Algorithm 24 3.3 Homomorphic Integer Division 27 3.3.1 Algorithm 28 3.3.2 Efficiency 29 3.4 Homomorphic Arithmetics over the Polynomials 31 3.4.1 Description 31 4 Algorithms for Homomorphic Comparisons over the Real Numbers 33 4.1 Overview and Related Works 33 4.2 Comparing Two Continued Fractions 37 4.2.1 Our Idea: Comparing Two CFs in the Clear 37 4.3 EqualityCircuit 39 4.3.1 Construction 40 4.3.2 Complexity 40 4.4 Greater-Than and Less-Than 41 4.4.1 Construction 41 4.4.2 Complexity 42 4.5 Implementation 44 4.5.1 Environment 44 4.5.2 Scheme Parameters 45 4.5.3 Experimental Results and Comparisons 46 4.6 Applications to Database Service 48 4.6.1 Sorting 48 4.6.2 Private Database Queries 49 5 Algorithms for Integrity-based Homomorphic Evaluations 54 5.1 Overview and RelatedWorks 54 5.2 Models and Settings 57 5.2.1 System Model and Participants 57 5.2.2 Threat Model 57 5.2.3 Security Model 58 5.3 Integrity of Homomorphic Evaluations 59 5.3.1 Message Authentication Code 59 5.3.2 Protocol Constructions 60 5.3.3 Security Proof 63 5.4 Application to Biometric Authentication 72 5.4.1 How Ghostshell Works 72 5.4.2 Analysis 73 5.4.3 Optimization 74 5.5 Implementation 79 5.5.1 Micro-experiments 80 5.6 Reusable Fuzzy Extractor for the Hamming Distance 83 5.6.1 Insecurity of Previous Reusable Fuzzy Extractor 84 5.6.2 Revising Reusable Fuzzy Extractor 85 5.6.3 Revising Idea 86 5.6.4 Our Construction 87 5.6.5 Analyisis 88 6 Conclusion 90 Abstract (in Korean) 100Docto