nMIBAS: A Novel Multi-Receiver ID-Based Anonymous Signcryption with Decryption Fairness

Based on the ring signature technology, the multi-receiver ID-based anonymous signcryption (MIBAS) is proposed, and its goal is to protect the privacy of the sender or so-called signer. In an MIBAS scheme, every receiver can verify whether the sender is a member of a trusted group and thus ensure the reliability of the message source, but he could not get the real sender. However, MIBAS paid no attention to privacy of the receivers and has not taken the privacy of the receivers into account during its design. Our analyses show that there widely exist the receiver privacy exposure and decryption unfairness problems in the existing multi-receiver ID-based signcryption schemes. Motivated by these concerns, a new multi-receiver ID-based anonymous signcryption (nMIBAS) is proposed to protect the identity of the receivers. The nMIBAS scheme can not only solve the problem that the existing schemes cannot protect the privacy of receivers, but also meet the fairness of decryption to prevent the possible cheating behavior of the sender effectively. Analysis shows that this scheme is a secure and effective signcryption scheme

Composite Fixed-Length Ordered Features for Palmprint Template Protection with Diminished Performance Loss

Palmprint recognition has become more and more popular due to its advantages over other biometric modalities such as fingerprint, in that it is larger in area, richer in information and able to work at a distance. However, the issue of palmprint privacy and security (especially palmprint template protection) remains under-studied. Among the very few research works, most of them only use the directional and orientation features of the palmprint with transformation processing, yielding unsatisfactory protection and identification performance. Thus, this paper proposes a palmprint template protection-oriented operator that has a fixed length and is ordered in nature, by fusing point features and orientation features. Firstly, double orientations are extracted with more accuracy based on MFRAT. Then key points of SURF are extracted and converted to be fixed-length and ordered features. Finally, composite features that fuse up the double orientations and SURF points are transformed using the irreversible transformation of IOM to generate the revocable palmprint template. Experiments show that the EER after irreversible transformation on the PolyU and CASIA databases are 0.17% and 0.19% respectively, and the absolute precision loss is 0.08% and 0.07%, respectively, which proves the advantage of our method

A Survey of Research Progress and Development Tendency of Attribute-Based Encryption

With the development of cryptography, the attribute-based encryption (ABE) draws widespread attention of the researchers in recent years. The ABE scheme, which belongs to the public key encryption mechanism, takes attributes as public key and associates them with the ciphertext or the user’s secret key. It is an efficient way to solve open problems in access control scenarios, for example, how to provide data confidentiality and expressive access control at the same time. In this paper, we survey the basic ABE scheme and its two variants: the key-policy ABE (KP-ABE) scheme and the ciphertext-policy ABE (CP-ABE) scheme. We also pay attention to other researches relating to the ABE schemes, including multiauthority, user/attribute revocation, accountability, and proxy reencryption, with an extensive comparison of their functionality and performance. Finally, possible future works and some conclusions are pointed out

Two-level incremental checkpoint recovery scheme for reducing system total overheads.

Long-running applications are often subject to failures. Once failures occur, it will lead to unacceptable system overheads. The checkpoint technology is used to reduce the losses in the event of a failure. For the two-level checkpoint recovery scheme used in the long-running tasks, it is unavoidable for the system to periodically transfer huge memory context to a remote stable storage. Therefore, the overheads of setting checkpoints and the re-computing time become a critical issue which directly impacts the system total overheads. Motivated by these concerns, this paper presents a new model by introducing i-checkpoints into the existing two-level checkpoint recovery scheme to deal with the more probable failures with the smaller cost and the faster speed. The proposed scheme is independent of the specific failure distribution type and can be applied to different failure distribution types. We respectively make analyses between the two-level incremental and two-level checkpoint recovery schemes with the Weibull distribution and exponential distribution, both of which fit with the actual failure distribution best. The comparison results show that the total overheads of setting checkpoints, the total re-computing time and the system total overheads in the two-level incremental checkpoint recovery scheme are all significantly smaller than those in the two-level checkpoint recovery scheme. At last, limitations of our study are discussed, and at the same time, open questions and possible future work are given

Strongly Unforgeable and Efficient Proxy Signature Scheme with Fast Revocation Secure in the Standard Model

The existing proxy signature schemes with the proxy revocation function are proven to be malleable and do not possess strong unforgeability. Motivated by these concerns, a new proxy signature scheme with fast revocation is proposed, and it can be proved that the proposed scheme can achieve strong unforgeability in the standard model. By using this scheme, the original signer can generate the delegation warrant for the proxy signer, and at the same time, he/she can perform the immediate revocation to completely terminate the delegation when needed. Analyses show that the proposed scheme satisfies all of the security requirements of proxy signature and has shorter public parameters than the existing ones

Completely anonymous multi-recipient signcryption scheme with public verification.

Most of the existing multi-recipient signcryption schemes do not take the anonymity of recipients into consideration because the list of the identities of all recipients must be included in the ciphertext as a necessary element for decryption. Although the signer's anonymity has been taken into account in several alternative schemes, these schemes often suffer from the cross-comparison attack and joint conspiracy attack. That is to say, there are few schemes that can achieve complete anonymity for both the signer and the recipient. However, in many practical applications, such as network conference, both the signer's and the recipient's anonymity should be considered carefully. Motivated by these concerns, we propose a novel multi-recipient signcryption scheme with complete anonymity. The new scheme can achieve both the signer's and the recipient's anonymity at the same time. Each recipient can easily judge whether the received ciphertext is from an authorized source, but cannot determine the real identity of the sender, and at the same time, each participant can easily check decryption permission, but cannot determine the identity of any other recipient. The scheme also provides a public verification method which enables anyone to publicly verify the validity of the ciphertext. Analyses show that the proposed scheme is more efficient in terms of computation complexity and ciphertext length and possesses more advantages than existing schemes, which makes it suitable for practical applications. The proposed scheme could be used for network conferences, paid-TV or DVD broadcasting applications to solve the secure communication problem without violating the privacy of each participant

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards