Homomorphic signcryption with public plaintext-result checkability

Signcryption originally proposed by Zheng (CRYPTO \u27 97) is a useful cryptographic primitive that provides strong confidentiality and integrity guarantees. This article addresses the question whether it is possible to homomorphically compute arbitrary functions on signcrypted data. The answer is affirmative and a new cryptographic primitive, homomorphic signcryption (HSC) with public plaintext-result checkability is proposed that allows both to evaluate arbitrary functions over signcrypted data and makes it possible for anyone to publicly test whether a given ciphertext is the signcryption of the message under the key. Two notions of message privacy are also investigated: weak message privacy and message privacy depending on whether the original signcryptions used in the evaluation are disclosed or not. More precisely, the contributions are two-fold: (i) two different definitions of HSC with public plaintext-result checkability is provided for arbitrary functions in terms of syntax, unforgeability and message privacy depending on if the homomorphic computation is performed in a private or in a public evaluation setting, (ii) two HSC constructions are proposed: one for a public evaluation setting and another for a private evaluation setting and security is formally proved

Provably secure homomorphic signcryption

2017, Springer International Publishing AG. Signcryption has shown many useful applications, in particular for the environment where the computation and communication resources are constrained, for instance, for applications on lightweight devices. However, we notice that traditional signcryption schemes do not support homomorphic properties, which are very useful in many application scenarios. We also notice that the previous attempt of capturing the homomorphism in signcryption is not provably secure. In this paper, we propose a provably secure additive homomorphic signcryption. Our scheme offers the following two features: (1) Signing and encrypting are carried out in one go, unlike the traditional encryption and signature schemes which are computed separately. (2) We allow the collected signcrypted data items to be aggregated without requiring decryption. The second feature confirms the significance of the first feature in that the traditional signcryption cannot be applied due to lacking of the homomorphic property. Our scheme is the first provably secure signcryption that supports homomorphic property

Provably Secure (Broadcast) Homomorphic Signcryption

Signcryption has drawn a lot of attention due to its useful applications in many areas, in particular for applications where the computation and communication resources are constrained, for example, for lightweight devices. The traditional signcryption scheme does not support the homomorphic property. Recent work by Rezaeibagha et al. (Provsec 2017) offered a provably secure homomorphic signcryption scheme, in which for the first time, provided a scheme provably secure under some restriction. In this paper, we show that the homomorphic signcryption can be extended to provably secure broadcast signcryption scheme. We allow the broadcasted signcrypted data items to be aggregated without requiring decryption that is a desirable feature in distributed environments

Secure and Privacy-Preserved Solutions for Distributed Electronic Health Systems

With the development of online services, the traditional paper-based healthcare services are replaced by the Electronic Health Record System (EHRS) that has contributed significantly to the improvement of individual well-being and public health. In recent years, advances in EHRS have ameliorated the integration among various medical practitioners and healthcare givers where medical data could be accessed more conveniently. This has not only accelerated decision-making procedures but also saved the users time and money vastly. However, the adoption of EHRS has arisen a common concern about security and privacy as EHR accumulates sensitive health data. Therefore, protection of patient privacy and security of EHR must be considered in designing the EHRS. Although a number of mature cryptographic tools could be adopted, the nature of complexity of EHRS and sophistical data access requirements among medical stakeholders in EHRS have made the tasks challenging. While one of the advantages of EHRS is data sharing, it poses difficulties about how to control data sharing so that security and privacy can be ensured. In this thesis, we present several novel techniques, which can help to solve some critical problems we have identified in EHRS. One of the major tools we developed in this thesis is novel access control technologies for EHRS to solve the security and privacy issues. The challenge we face is that EHRS is usually operated in a distributed environment. Although we need to ensure flexibility and scalability in data sharing, data security against potential attacks must be achieved. Traditional access control systems are not sufficient. In this thesis, we adopt novel encryption techniques such as attribute-based encryption and authenticated encryption to achieve access control for the special needs of EHRS. We allow multiple authorities to better manage the distributed EHRS such as those operated in the cloud. We present the security protocols in order to demonstrate how to apply our approaches to real world EHR application. As an important part of access control technology, access control policies are the core of the entire system. We investigate various access control policies for EHRS. We present a policy integration approach as a novel solution based on a policy similarity, which has provided a new way for EHRS in cloud computing, where two or more access control policies can be integrated in order to suit the need of policy management. We use XACML as an example to show how this can be done in practice. We also provide a novel approach for access control policy transformation in cloud computing, where the policy for the private patient records in a private cloud can be transformed into a di↵erent policy which can handle access rights for different stakeholders. This thesis also covers the user mobility issues in EHRS. We proposed several security protocols that capture secure communication between patients and doctors who are located in different locations. Our proposed protocols achieve authentication, confidentiality and anonymity features in remote telemedicine systems. Our protocols are the first of this kind, which provide sound solutions to user mobility in EHRS. Within the scope of this thesis, we present an approach to manage a patient monitoring system in order to provide efficient authentication and confidentiality to patient data transmission. Again, we assume that our system is set up in a distributed environment. We propose a new signcryption scheme which o↵ers the feature of homomorphism. Therefore, the signencrypted patient data items can be automatically aggregated without the need of decryption. Our scheme is the first provably secure homomorphic signcryption scheme, in that the previous solution is not provably secure