Secure data storage and retrieval in cloud computing

Nowadays cloud computing has been widely recognised as one of the most inuential information technologies because of its unprecedented advantages. In spite of its widely recognised social and economic benefits, in cloud computing customers lose the direct control of their data and completely rely on the cloud to manage their data and computation, which raises significant security and privacy concerns and is one of the major barriers to the adoption of public cloud by many organisations and individuals. Therefore, it is desirable to apply practical security approaches to address the security risks for the wide adoption of cloud computing

Subversion-Resilient Signatures without Random Oracles

In the aftermath of the Snowden revelations in 2013, concerns about the integrity and security of cryptographic systems have grown significantly. As adversaries with substantial resources might attempt to subvert cryptographic algorithms and undermine their intended security guarantees, the need for subversion-resilient cryptography has become paramount. Security properties are preserved in subversion-resilient schemes, even if the adversary implements the scheme used in the security experiment. This paper addresses this pressing concern by introducing novel constructions of subversion-resilient signatures and hash functions while proving the subversion-resilience of existing cryptographic primitives. Our main contribution is the first construction of subversion-resilient signatures under complete subversion in the offline watchdog model (with trusted amalgamation) without relying on random oracles. We demonstrate that one-way permutations naturally yield subversion-resilient one-way functions, thereby enabling us to establish the subversion-resilience of Lamport signatures, assuming a trusted comparison is available. Additionally, we develop subversion-resilient target-collision-resistant hash functions using a trusted XOR. By leveraging this approach, we expand the arsenal of cryptographic tools that can withstand potential subversion attacks. Our research builds upon previous work in the offline watchdog model with trusted amalgamation (Russell et al. ASIACRYPT\u2716) and subversion-resilient pseudo-random functions (Bemmann et al. ACNS\u2723), culminating in the formal proof of subversion-resilience for the classical Naor-Yung signature construction

Identity-Based Encryption for Fair Anonymity Applications: Defining, Implementing, and Applying Rerandomizable RCCA-secure IBE

Our context is anonymous encryption schemes hiding their receiver, but in a setting which allows authorities to reveal the receiver when needed. While anonymous Identity-Based Encryption (IBE) is a natural candidate for such fair anonymity (it gives trusted authority access by design), the de facto security standard (a.k.a. IND-ID-CCA) is incompatible with the ciphertext rerandomizability which is crucial to anonymous communication. Thus, we seek to extend IND-ID-CCA security for IBE to a notion that can be meaningfully relaxed for rerandomizability while it still protects against active adversaries. To the end, inspired by the notion of replayable adaptive chosen-ciphertext attack (RCCA) security (Canetti et al., Crypto\u2703), we formalize a new security notion called Anonymous Identity-Based RCCA (ANON-ID-RCCA) security for rerandomizable IBE and propose the first construction with rigorous security analysis. The core of our scheme is a novel extension of the double-strand paradigm, which was originally proposed by Golle et al. (CT-RSA\u2704) and later extended by Prabhakaran and Rosulek (Crypto\u2707), to the well-known Gentry-IBE (Eurocrypt\u2706). Notably, our scheme is the first IBE that simultaneously satisfies adaptive security, rerandomizability, and recipient-anonymity to date. As the application of our new notion, we design a new universal mixnet in the identity-based setting that does not require public key distribution (with fair anonymity). More generally, our new notion is also applicable to most existing rerandomizable RCCA-secure applications to eliminate the need for public key distribution infrastructure while allowing fairness

Privacy-preserving data search and sharing protocol for social networks through wireless applications

Data search and sharing are two important functionalities in social networks. The social network users can form a peer-to-peer group and securely and flexibly search and share cloud data through wireless applications. When the number of users increases, the communication, storage, and computational overheads will be increased, and the quality of services such as searching and data sharing for clients could be affected

Anonymous identity-based broadcast encryption with revocation for file sharing

Traditionally, a ciphertext from an identity-based broadcast encryption can be distributed to a group of receivers whose identities are included in the ciphertext. Once the ciphertext has been created, it is not possible to remove any intended receivers from it without conducting decryption. In this paper, we consider an interesting question: how to remove target designated receivers from a ciphertext generated by an anonymous identity-based broadcast encryption? The solution to this question is found applicable to file sharing with revocation. In this work, we found an affirmative answer to this question. We construct an anonymous identity-based broadcast encryption, which offers the user revocation of ciphertext and the revocation process does not reveal any information of the plaintext and receiver identity. In our proposed scheme, the group of receiver identities are anonymous and only known by the encryptor. We prove that our scheme is semantically secure in the random oracle model

One-round privacy-preserving meeting location determination for smartphone applications

With the widely adopted GPS technology in mobile devices, users enjoy many types of location services. As a recently proposed application, determining the optimal private meeting location with an aid of a location server has been an interesting research topic. The challenge in this paper is due to the requirements of security and privacy, because user locations should not be revealed to the honest-but-curious or semi-trusted location server. Adding the security and privacy protection to a location service will inevitably introduce computational complexity and communication overhead. In order to introduce robust location service and make this location service practical, we propose an efficient optimal private meeting location determination protocol, which needs only one round communication and light computation. Our proposed protocol satisfies the requirement of location privacy against outsiders, the semi-trusted meeting location determination server, and the semi-trusted group users. In order to study the performance of our protocol in a real deployment, we simulate our scheme on smartphones. The simulation results and the performance comparison with another scheme demonstrate its advantages in communication and computation efficiency

Efficient k-out-of-n oblivious transfer scheme with the ideal communication cost

In this paper, we propose a two-round k-out-of-n oblivious transfer scheme with the minimum communication cost. In our proposed scheme, the messages sent by the receiver R to the sender S consist of only three elements, which is independent of n and k, while the messages from S to R are (n+1) elements when the sender holds n secrets. Our scheme features a nice property of universal parameter, where the system parameter can be used by all senders and receivers. The proposed k-out-of-n oblivious transfer scheme is the most efficient two-round scheme in terms of the number of messages transferred between two communicating parties in known constructions. The scheme preserves the privacy of receiver\u27s choice and sender\u27s security

Privacy-preserving Data Packet Filtering Protocol With Source Ip Authentication

Packet filtering allows a network gateway to control the network traffic flows and protect the computer system. Most of the recent research works on the filtering systems mainly concern the performance, reliability and defence against common network attacks. However, since the gateway might be controlled by red an untrusted attacker, who might try to infer the identity privacy of the sender host and mount IP tracking to its data packets. IP spoofing is another problem. To avoid data packets to be filtered in the packet filtering system, the malicious sender host might use a spoofed source IP address. Therefore, to preserve the source IP privacy and provide source IP authentication simultaneously in the filtering system is an interesting and challenging problem. To deal with the problem, we construct a data packet filtering scheme, which is formally proved to be semantic secure against the chosen IP attack and IP guessing attack. Based on this filtering scheme, we propose the first privacy-preserving packet filtering system, where the data packets whose source IP addresses are at risk are filtered, the privacy of the source IP is protected and its correctness can be verified by the recipient host. The analysis shows that our protocol can fulfil the objectives of a data packet filtering system. The performance evaluation demonstrates its applicability in the current network systems. We also presented a packet filtering scheme, where the data packets from one subnet can be filtered with only one filter policy

Secure channel free ID-based searchable encryption for peer-to-peer group

Data sharing and searching are important functionalities in cloud storage. In this paper, we show how to securely and flexibly search and share cloud data among a group of users without a group manager. We formalize a novel cryptosystem: secure channel free searchable encryption in a peer-to-peer group, which features with the secure cloud data sharing and searching for group members in an identity-based setting. Our scheme allows group members to join or leave the group dynamically. We present two schemes: basic scheme and enhanced scheme. We formally prove that our basic scheme achieves consistency and indistinguishability against the chosen keyword and ciphertext attack and the outsider\u27s keyword guessing attack, respectively. An enhanced scheme is also proposed to achieve forward secrecy, which allows to revoke user search right over the former shared data