30 research outputs found
Forward Private Searchable Symmetric Encryption with Optimized I/O Efficiency
Recently, several practical attacks raised serious concerns over the security
of searchable encryption. The attacks have brought emphasis on forward privacy,
which is the key concept behind solutions to the adaptive leakage-exploiting
attacks, and will very likely to become mandatory in the design of new
searchable encryption schemes. For a long time, forward privacy implies
inefficiency and thus most existing searchable encryption schemes do not
support it. Very recently, Bost (CCS 2016) showed that forward privacy can be
obtained without inducing a large communication overhead. However, Bost's
scheme is constructed with a relatively inefficient public key cryptographic
primitive, and has a poor I/O performance. Both of the deficiencies
significantly hinder the practical efficiency of the scheme, and prevent it
from scaling to large data settings. To address the problems, we first present
FAST, which achieves forward privacy and the same communication efficiency as
Bost's scheme, but uses only symmetric cryptographic primitives. We then
present FASTIO, which retains all good properties of FAST, and further improves
I/O efficiency. We implemented the two schemes and compared their performance
with Bost's scheme. The experiment results show that both our schemes are
highly efficient, and FASTIO achieves a much better scalability due to its
optimized I/O
Water Quality of L. Taihu in China and the Possibility of Water cleaning by Plant floating culture system -L. Wuli and L. Meiliang-
The water quality of L.Wuli and L.Mei1iang of L. Taihu in China, and the possibility of water cleaning by plants floating culture system were examined. The eutriphication of lake water are strongly affected by both domestic and industrial wastewater because of the about 90% of wastewater without any treatments. Eutrophication has increased in most of the Chinese lake by high anthropogenic input of nutrients with the rapid progress human activity after the 1980s. For almost elements of water of L.Wuli were more polluted compared with those of L.Meiliang. The relation of nitrogen concentration of water was NH(3-)N > NO(3-)N> N0(2-)N in L. Wuli, and NO(3-)N > NH(3-)N > NO(2-)N in L.Meiliang, respectively. From the results of water quality analysis, the nutrient concentrations were increased, but not polluted by some heavy metals and slightly increased by surfactants, anionic surface active agents. It seemed to be able to clean the lake water by plant floating culture methods with using many kinds of plants by the data of another experiments in phytotron and in natural field
CryptoMask : Privacy-preserving Face Recognition
Face recognition is a widely-used technique for identification or
verification, where a verifier checks whether a face image matches anyone
stored in a database. However, in scenarios where the database is held by a
third party, such as a cloud server, both parties are concerned about data
privacy. To address this concern, we propose CryptoMask, a privacy-preserving
face recognition system that employs homomorphic encryption (HE) and secure
multi-party computation (MPC). We design a new encoding strategy that leverages
HE properties to reduce communication costs and enable efficient similarity
checks between face images, without expensive homomorphic rotation.
Additionally, CryptoMask leaks less information than existing state-of-the-art
approaches. CryptoMask only reveals whether there is an image matching the
query or not, whereas existing approaches additionally leak sensitive
intermediate distance information. We conduct extensive experiments that
demonstrate CryptoMask's superior performance in terms of computation and
communication. For a database with 100 million 512-dimensional face vectors,
CryptoMask offers and speed-ups
in terms of computation and communication, respectively.Comment: 18 pages,3 figures, accepted by ICICS202
Beyond Volume Pattern: Storage-Efficient Boolean Searchable Symmetric Encryption with Suppressed Leakage
Boolean Searchable Symmetric Encryption (BSSE) enables users to perform retrieval operations on the encrypted data while sup- porting complex query capabilities. This paper focuses on addressing the storage overhead and privacy concerns associated with existing BSSE schemes. While Patel et al. (ASIACRYPT’21) and Bag et al. (PETS’23) introduced BSSE schemes that conceal the number of single keyword re- sults, both of them suffer from quadratic storage overhead and neglect the privacy of search and access patterns. Consequently, an open ques- tion arises: Can we design a storage-efficient Boolean query scheme that effectively suppresses leakage, covering not only the volume pattern for singleton keywords, but also search and access patterns?
In light of the limitations of existing schemes in terms of storage over- head and privacy protection, this work presents a novel solution called SESAME. It realizes efficient storage and privacy preserving based on Bloom filter and functional encryption. Moreover, we propose an en- hanced version, SESAME+, which offers improved search performance. By rigorous security analysis on the leakage functions of our schemes, we provide a formal security proof. Finally, we implement our schemes and demonstrate that SESAME+ achieves superior search efficiency and reduced storage overhead
Secret-Shared Shuffle with Malicious Security
A secret-shared shuffle (SSS) protocol permutes a secret-shared vector using a random secret permutation. It has found numerous applications, however, it is also an expensive operation and often a performance bottleneck. Chase et al. (Asiacrypt\u2720) recently proposed a highly efficient semi-honest two-party SSS protocol known as the CGP protocol. It utilizes purposely designed pseudorandom correlations that facilitate a communication-efficient online shuffle phase. That said, semi-honest security is insufficient in many real-world application scenarios since shuffle is usually used for highly sensitive applications. Considering this, recent works (CANS\u2721, NDSS\u2722) attempted to enhance the CGP protocol with malicious security over authenticated secret sharings. However, we find that these attempts are flawed, and malicious adversaries can still learn private information via malicious deviations. This is demonstrated with concrete attacks proposed in this paper. Then the question is how to fill the gap and design a maliciously secure CGP shuffle protocol. We answer this question by introducing a set of lightweight correlation checks and a leakage reduction mechanism. Then we apply our techniques with authenticated secret sharings to achieve malicious security. Notably, our protocol, while increasing security, is also efficient. In the two-party setting, experiment results show that our maliciously secure protocol introduces an acceptable overhead compared to its semi-honest version and is more efficient than the state-of-the-art maliciously secure SSS protocol from the MP-SPDZ library
Scalable Private Decision Tree Evaluation with Sublinear Communication
Private decision tree evaluation (PDTE) allows a decision tree holder to run
a secure protocol with a feature provider. By running the protocol, the feature
provider will learn a classification result. Nothing more is revealed to either
party. In most existing PDTE protocols, the required communication grows
exponentially with the tree's depth , which is highly inefficient for large
trees. This shortcoming motivated us to design a sublinear PDTE protocol with
communication complexity. The core of our construction is a shared
oblivious selection (SOS) functionality, allowing two parties to perform a
secret-shared oblivious read operation from an array. We provide two SOS
protocols, both of which achieve sublinear communication and propose
optimizations to further improve their efficiency. Our sublinear PDTE protocol
is based on the proposed SOS functionality and we prove its security under a
semi-honest adversary. We compare our protocol with the state-of-the-art, in
terms of communication and computation, under various network settings. The
performance evaluation shows that our protocol is practical and more scalable
over large trees than existing solutions
An Efficient Outsourced Oblivious Transfer Extension Protocol and Its Applications
Oblivious transfer (OT) is a cryptographic primitive originally used to transfer a collection of messages from the sender to the receiver in an oblivious manner. OT extension protocol reduces expensive asymmetric operations by running a small number of OT instances first and then cheap symmetric operations. While most earlier works discussed security model or communication and computation complexity of OT in general case, we focus on concrete application scenarios, especially where the sender in the OT protocol is a database with less computation and limited interaction capability. In this paper, we propose a generic outsourced OT extension protocol (OTex) that outsources all the asymmetric operations of the sender to a semihonest server so as to adapt to specific scenarios above. We give OTex a standard security definition, and the proposed protocol is proven secure in the semihonest model. In OTex, the sender works on the fly and performs only symmetric operations locally. Whatever the number of rounds OT to be executed and the length of messages in OT to be sent, our protocol realizes optimal complexity. Besides, OTex can be used to construct high-level protocols, such as private membership test (PMT) and private set intersection (PSI). We believe our OTex construction may be a building block in other applications as well