204,657 research outputs found
HardIDX: Practical and Secure Index with SGX
Software-based approaches for search over encrypted data are still either
challenged by lack of proper, low-leakage encryption or slow performance.
Existing hardware-based approaches do not scale well due to hardware
limitations and software designs that are not specifically tailored to the
hardware architecture, and are rarely well analyzed for their security (e.g.,
the impact of side channels). Additionally, existing hardware-based solutions
often have a large code footprint in the trusted environment susceptible to
software compromises. In this paper we present HardIDX: a hardware-based
approach, leveraging Intel's SGX, for search over encrypted data. It implements
only the security critical core, i.e., the search functionality, in the trusted
environment and resorts to untrusted software for the remainder. HardIDX is
deployable as a highly performant encrypted database index: it is logarithmic
in the size of the index and searches are performed within a few milliseconds
rather than seconds. We formally model and prove the security of our scheme
showing that its leakage is equivalent to the best known searchable encryption
schemes. Our implementation has a very small code and memory footprint yet
still scales to virtually unlimited search index sizes, i.e., size is limited
only by the general - non-secure - hardware resources
Detecting brute-force attacks on cryptocurrency wallets
Blockchain is a distributed ledger, which is protected against malicious
modifications by means of cryptographic tools, e.g. digital signatures and hash
functions. One of the most prominent applications of blockchains is
cryptocurrencies, such as Bitcoin. In this work, we consider a particular
attack on wallets for collecting assets in a cryptocurrency network based on
brute-force search attacks. Using Bitcoin as an example, we demonstrate that if
the attack is implemented successfully, a legitimate user is able to prove that
fact of this attack with a high probability. We also consider two options for
modification of existing cryptocurrency protocols for dealing with this type of
attacks. First, we discuss a modification that requires introducing changes in
the Bitcoin protocol and allows diminishing the motivation to attack wallets.
Second, an alternative option is the construction of special smart-contracts,
which reward the users for providing evidence of the brute-force attack. The
execution of this smart-contract can work as an automatic alarm that the
employed cryptographic mechanisms, and (particularly) hash functions, have an
evident vulnerability.Comment: 10 pages, 2 figures; published versio
Particle swarm optimization with composite particles in dynamic environments
This article is placed here with the permission of IEEE - Copyright @ 2010 IEEEIn recent years, there has been a growing interest in the study of particle swarm optimization (PSO) in dynamic environments. This paper presents a new PSO model, called PSO with composite particles (PSO-CP), to address dynamic optimization problems. PSO-CP partitions the swarm into a set of composite particles based on their similarity using a "worst first" principle. Inspired by the composite particle phenomenon in physics, the elementary members in each composite particle interact via a velocity-anisotropic reflection scheme to integrate valuable information for effectively and rapidly finding the promising optima in the search space. Each composite particle maintains the diversity by a scattering operator. In addition, an integral movement strategy is introduced to promote the swarm diversity. Experiments on a typical dynamic test benchmark problem provide a guideline for setting the involved parameters and show that PSO-CP is efficient in comparison with several state-of-the-art PSO algorithms for dynamic optimization problems.This work was supported in part by the Key Program of the National Natural Science Foundation (NNSF) of China under Grant 70931001 and 70771021, the Science Fund for Creative Research Group of the NNSF of China under Grant 60821063 and 70721001, the Ph.D. Programs Foundation of the Ministry of education of China under Grant 200801450008, and by the Engineering and Physical Sciences Research Council of U.K. under Grant EP/E060722/1
A Practical Searchable Symmetric Encryption Scheme for Smart Grid Data
Outsourcing data storage to the remote cloud can be an economical solution to
enhance data management in the smart grid ecosystem. To protect the privacy of
data, the utility company may choose to encrypt the data before uploading them
to the cloud. However, while encryption provides confidentiality to data, it
also sacrifices the data owners' ability to query a special segment in their
data. Searchable symmetric encryption is a technology that enables users to
store documents in ciphertext form while keeping the functionality to search
keywords in the documents. However, most state-of-the-art SSE algorithms are
only focusing on general document storage, which may become unsuitable for
smart grid applications. In this paper, we propose a simple, practical SSE
scheme that aims to protect the privacy of data generated in the smart grid.
Our scheme achieves high space complexity with small information disclosure
that was acceptable for practical smart grid application. We also implement a
prototype over the statistical data of advanced meter infrastructure to show
the effectiveness of our approach
Genetic Programming for Smart Phone Personalisation
Personalisation in smart phones requires adaptability to dynamic context
based on user mobility, application usage and sensor inputs. Current
personalisation approaches, which rely on static logic that is developed a
priori, do not provide sufficient adaptability to dynamic and unexpected
context. This paper proposes genetic programming (GP), which can evolve program
logic in realtime, as an online learning method to deal with the highly dynamic
context in smart phone personalisation. We introduce the concept of
collaborative smart phone personalisation through the GP Island Model, in order
to exploit shared context among co-located phone users and reduce convergence
time. We implement these concepts on real smartphones to demonstrate the
capability of personalisation through GP and to explore the benefits of the
Island Model. Our empirical evaluations on two example applications confirm
that the Island Model can reduce convergence time by up to two-thirds over
standalone GP personalisation.Comment: 43 pages, 11 figure
- …