Public Key Broadcast Encryption
|
|
- Rodney Wilkinson
- 5 years ago
- Views:
Transcription
1 Public Key Broadcast Encryption Leyou Zhang Centre for Computer and Information Security University of Wollongong Australia 1
2 Nature Science Foundation(NSF) of China: Public key Broadcast Encryption(BE)(Finished, ) Nature Science Foundation(NSF) of China: Provably Secure HIBE in the Standard model( ) Nature Science Foundation(NSF) of China: ABE for Fine-grained Access Control Policy in the Cloud.( ) Nature Science Foundation(NSF) of Shaanxi Province: Broadcast Encryption over New Hardness Assumptions. ( )
3 Outline Backgrounds Definition and Security Model Some Typical Schemes Some Special Case Key Research Points ( ) Conclusion
4 Backgrounds In computer networking, multicast (one-to-many or many-to-many distribution) is group communication where information is addressed to a group of destination computers simultaneously. 1 IP multicast 2 Application layer multicast 3 Multicast over wireless networks and cable-tv 4 Other multicast technologies
5 Cloud Characteristics Broadcasting is used
6 How to broadcast the messages
7 PK 1 PK n users pk 1 pk n users PK 2 pkn 1 pk 2 PKn 1
8 PK 1 PK n users pk 1 pk n users PK 2 pkn 1 pk 2 PKn 1
9 n users users It is called multi-receiver encryption[1]. Assume that there are n receivers, numbered 1 n, and that each of them keeps a private and public key pair denoted by (ski,pki). A sender then encrypts a message Mi directed to receiver i using pki for i = 1,, n and sends (C1,,Cn) as a ciphertext. Upon receiving the ciphertext, receiver i extracts Ci and decrypts it using its private key ski. [1] M. Bellare, A. Boldyreva, and D. Pointcheval, Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use, In PKC 2003, LNCS 2567, pp , Springer-Verlag, 2003.
10 n users users It is called multi-receiver encryption. Assume that there are n receivers, numbered 1 n, and that each of them keeps a private and public key pair denoted by (ski,pki). A sender then encrypts a message Mi directed to receiver i using pki for i = 1,, n and sends (C1,,Cn) as a ciphertext. Upon receiving the ciphertext, receiver i extracts Ci and decrypts it using its private key ski. [BSS] Joonsang Baek, Reihaneh Safavi-naini, Willy Susilo. Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption (2005),In Proc. of PKC 05.
11 What is the definition of BE?
12 Broadcast Encryption [FN 93] d 1 CT = E[M,S] S {1,,n} d 2 Encrypt to arbitrary subsets S. d 3 Collusion resistance: secure even if all users in S c collude [FN 93] A. Fiat and M. Naor. Broadcast encryption. In Proceedings of Crypto 93, volume 773 of LNCS, pages Springer-Verlag, 1993.
13 Typically, broadcast encryption schemes are classified as either stateful or stateless. Stateful schemes provide keys that may be updated after join or revocation events. It require receivers to be online in order to receive key update messages. Stateful schemes typically achieve lower communication cost than stateless schemes. Stateless schemes provide users with long-term keys that are never changed throughout the lifetime of the system. [2] D. Naor, M. Naor, and J.Lotspiech, Revocation and tracing schemes for stateless receivers, in Advances in Cryptology - Crypto 01, vol of LNCS, pp , Springer-Verlag, 2001.
14 Stateless Schemes Symmetric Encryption 1) High efficiency but no dynamic feature Asymmetric Encryption(PK) 1) Support dynamic feature We say that a broadcast system is dynamic[3] when i) the system setup as well as the ciphertext size are fully independent from the expected number of users or an upper bound thereof, ii) a new user can join anytime without implying a modification of preexisting user decryption keys, iii) the encryption key is unchanged in the private-key setting or incrementally updated in the public-key setting, meaning that this operation must be of complexity at most O(1). [3] Cecile Delerabl ee, Pascal Paillier, and David Pointcheval. Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In Pairing 2007, LNCS 4575, pages Springer, 2007.
15 Stateless Schemes Certificate Authority pk i C=E(PK,M)
16 PK Broadcast Encryption Public-key BE system: Setup(n): output private keys d 1,, d n and public-key PK. Encrypt(S, PK, M): Encrypt M for users S {1,, n} Output ciphertext CT. Decrypt(CT, S, j, d j, PK): If j S, output M. Note: broadcast contains ( [S], CT )
17 PK Broadcast Encryption Public-key BE system: Setup(n): output private keys d 1,, d n and public-key PK. Encrypt(S, PK, M): Encrypt M for users S {1,, n} Output ciphertext CT. Decrypt(CT, S, j, d j, PK): If j S, output M. Note: broadcast contains ( [S], CT )
18 PK Broadcast Encryption Public-key BE system: Setup(n): output private keys d 1,, d n and public-key PK. Encrypt(S, PK, M): Encrypt M for users S {1,, n} Output ciphertext CT. Decrypt(CT, S, j, d j, PK): If j S, output M. Note: broadcast contains ( [S], CT )
19 In a word, PK broadcast encryption is the following manner: Single Public key, Multi-private-key. pk1 PK pkn
20 Broadcast Encryption Security Semantic security when users collude.(selective security) Challenger Run Setup(n) b {0,1} S {1,, n }, j S PK, { d j j S } m 0, m 1 G C * = Enc( S, PK, m b ) Extract queries { d j j S } b {0,1} Attacker Def: Alg. A -breaks BE sem. sec. if Pr[b=b ] > ½ + (t, )-security: no t-time alg. can -break BE sem. sec. If no S is outputted, adaptive security is achieved. 20
21 Some Known schemes The following section will give some typical BE schemes
22 1) BGW scheme(dan Boneh, Craig Gentry, and Brent Waters) Setup(n): g G,, Z p, g k = g ( k ), PK = ( g, g 1, g 2,, g n, g n+2,, g 2n, v=g ) G 2n+1 For k=1,,n set: d k = (g k ) G Encrypt(S, PK, M): t Z p CT = ( g t, (v j S g n+1-j ) t, M e(g n,g 1 ) t ) Decrypt(CT, S, k,d k, PK): CT = (C 0, C 1, C 2 ) Fact: K=e( g k, C 1 ) / e( d k g n+1-j+k, C 0 ) = e(g n,g 1 ) t M= C 2 /K. 22
23 2 -Identity-based BE
24 * This is the first identity-based broadcast encryption scheme (IBBE) with constant size ciphertexts and private keys. Compared with BGW scheme, it has comparable properties, but with a better efficiency: the public key is shorter than in BGW. Moreover, the total number of possible users in the system does not have to be fixed in the setup. 24
25 Shortcomings: 1) Hardness Assumption Given 2) Random Oracles We better it in 2011, Leyou Zhang, Yupu Hu and Qing Wu. New Constructions of Identity-based Broadcast Encryption without Random Oracles. TIIS Trans. on internet and information systems, Vol.5 No.2, pp , Leyou Zhang, Yupu Hu and Qing Wu. Adaptively Secure Identity-based Broadcast Encryption with constant size private keys and ciphertexts from the Subgroups. Mathematical and computer Modelling, 2012, 55,pp ,2012.
26 3 Our work based on Dual System Encryption Setup To generate the system parameters, the PKG picks randomly g h u u G, ZN v. The public parameters are defined as PK={ g h u1 e( g, g) } and the master key is.,, 1,, l p1,,,, u, Extract Given the identity ID i S( S s l ), PKG selects randomly ri ZNand also chooses random elements Ri 0, R i0, Ri 1,, Ri ( i 1), Ri ( i 1),, Ris G p3. Then it computes private keys as follows: d d d d d d d ( ( ),,,,,,, ). ID ( 0, ', 1,, 1, 1,, ) i i i s g hu IDi ri r 0 i r 0 1 i r 1 i r 1 ( 1) i r i Ri g Ri u Ri ui Ri i ui 1 Ri ( i 1) us i Ris Encrypt Without loss of generality, let S = ( ID 1, ID 2,, ID s ) denote the set of users with s l. A broadcaster selects a random k * Z N, computes C = ( C 0, Hdr) ( C 0, C 1, C 2 ) =( vm, k s IDi k k ( h u ) i 1 i, g ). Decrypt Given the ciphertexts C ( C0, C1, C2 ), any user ID i S uses his private keys to compute did i e( C, d ') 1 M C0 s ID e d j 0 j 1, j i d j C 2 (, ). l
27 4 scheme
28
29
30
31
32 Some Special Case 1) Threshold Broadcast Encryption In a threshold public key encryption scheme a message is encrypted and sent to a group of receivers, in such a way that the cooperation of at least t of them (where t is the threshold) is necessary in order to recover the original message.
33 The fact that the set of receivers and the threshold are set from the beginning can limit the applications of these schemes in real life. One can imagine that the sender of the message, who wants to protect some information, may want to decide who will be the designated receivers in an ad-hoc way, just before encrypting the message, and also decide the threshold of receivers which will be necessary to recover the information.
34 Motivations
35
36 Shortcomings in the existing works: 1) Strong Assumptions; 2) High computation cost; 3) Selective security( with constant size ciphertexts); 4) Adaptive security but ciphertexts size relies on threshold value and users depth. Our works: -Leyou Zhang, Yupu Hu and Qing Wu. Identity-based threshold broadcast encryption in the standard model. TIIS Trans. on internet and information systems, Vol. 4, No. 3, pp , 2010
37 2) HIBE broadcaster (Id1,,Idn) If we convert (Id1,,Idn) to (Id1 Id2 Idn), we can obtain an HIBE scheme. An Identity Based Encryption (IBE) system is a public key system where the public key can be an arbitrary string such as an address. A central authority uses a master key to issue private keys to identities that request them. Hierarchical IBE (HIBE) is a generalization of IBE that mirrors an organizational hierarchy. An identity at level k of the hierarchy tree can issue private keys to its descendant identities, but cannot decrypt messages intended for other identities.
38
39 Dan Boneh, Xavier Boyen,Eu-Jin Goh--- HIBE Scheme* *Boneh, D., Boyen, X., Goh, E.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R.J.F. (ed.) EUROCRYPT LNCS, vol. 3494, pp Springer, Heidelberg, 2005.
40
41 Transformed to a IBBE by Jong Hwan Park and Dong Hoon Lee
42 -Jong Hwan Park and Dong Hoon Lee. A New Public Key Broadcast Encryption Using Boneh-Boyen-Goh s HIBE Scheme.L. Chen, Y. Mu, and W. Susilo (Eds.): ISPEC 2008, LNCS 4991, pp , Leyou Zhang, Yupu Hu and Qing Wu. New Constructions of Identity-based Broadcast Encryption without Random Oracles. TIIS Trans. on internet and information systems, Vol.5 No.2, pp , Leyou Zhang, Yupu Hu and Qing Wu. Adaptively Secure Identity-based Broadcast Encryption with constant size private keys and ciphertexts from the Subgroups. Mathematical and computer Modelling, 2012, 55,pp ,2012
43 3) Traitor Tracing Scheme Consider the distribution of digital content to subscribers over a broadcast channel. Typically, the distributor gives each authorized subscriber a hardware or software decoder ( box ) containing a secret decryption key. The distributor then broadcasts an encrypted version of the digital content. Authorized subscribers are able to decrypt and make use of the content. This scenario comes up in the context of pay-per-view television, and more commonly in web based electronic commerce (e.g. broadcast of online stock quotes or broadcast of proprietary market analysis).
44 However, nothing prevents a legitimate subscriber from giving a copy of her decryption software to someone else. Worse, she might try to expose the secret key buried in her decryption box and make copies of the key freely available. The traitor would thus make all of the distributor s broadcasts freely available to non-subscribers. Chor, Fiat and Naor introduced the concept of a traitor tracing scheme to discourage subscribers from giving away their keys. Their approach is to give each subscriber a distinct set of keys that both identify the subscriber and enable her to decrypt. In a sense, each set of keys is a watermark that traces back to the owner of a particular decryption box.
45 App : Content Protection DVD Content Protection.. d 1 d 2 d 3 d 4 45
46 Key Research Points my opinion 1) The trade-off between the security and efficiency; 2) The trade-off between private keys/public keys size and ciphertexts; 3) Applications in real life; 4) Public Key Traitor tracing schemes; 5) Relationship between BE and others PKE; 6) New mathematical hardness assumptions(e.g. LWE--lattice). 7) New version: functional BE(Attribute-based BE).
47 Conclusions PKBE is a useful PK in the real life. The existing works have many shortcomings and limit the application, which is also a motivation to make this research continually. In a word, the bottleneck is over there but the challenge is also over there.
48 Thanks to All
Secure Data Sharing in Cloud Computing: Challenges and Research Directions
Cyber Summer School Melbourne, 12-13 Feb 2018 Secure Data Sharing in Cloud Computing: Challenges and Research Directions Willy Susilo Institute of Cybersecurity and Cryptology School of Computing and Information
More informationA New Hierarchical ID-Based Cryptosystem and CCA-Secure PKE
A New Hierarchical ID-Based Cryptosystem and CCA-Secure PKE Jin Li 1, Fangguo Zhang 2,3, and Yanming Wang 1,4 1 School of Mathematics and Computational Science, Sun Yat-sen University, Guangzhou, 510275,
More informationAttribute-based encryption with encryption and decryption outsourcing
Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 2014 Attribute-based encryption with encryption and decryption outsourcing
More informationTracing Insider Attacks in the Context of Predicate Encryption Schemes
Tracing Insider Attacks in the Context of Predicate Encryption Schemes Jonathan Katz and Dominique Schröder University of Maryland Email: {jkatz,schroder}@cs.umd.edu Abstract In a predicate encryption
More informationOn the Security of an Efficient Group Key Agreement Scheme for MANETs
On the Security of an Efficient Group Key Agreement Scheme for MANETs Purushothama B R 1,, Nishat Koti Department of Computer Science and Engineering National Institute of Technology Goa Farmagudi, Ponda-403401,
More informationSpatial Encryption. March 17, Adam Barth, Dan Boneh, Mike Hamburg
Adam Barth Dan Boneh Mike Hamburg March 17, 2008 Traditional Public-Key Infrastructure CA Alice Bob Traditional Public-Key Infrastructure CA PK Bob, proof of identity Alice Bob Traditional Public-Key Infrastructure
More informationEfficient Multi-receiver identity-based encryption and its application to broadcast encryption
University of Wollongong Research Online Faculty of Informatics - Papers (Archive) Faculty of Engineering and Information Sciences 2005 Efficient Multi-receiver identity-based encryption and its application
More informationMTAT Research Seminar in Cryptography IND-CCA2 secure cryptosystems
MTAT.07.006 Research Seminar in Cryptography IND-CCA2 secure cryptosystems Dan Bogdanov October 31, 2005 Abstract Standard security assumptions (IND-CPA, IND- CCA) are explained. A number of cryptosystems
More informationHierarchical Identity-Based Online/Offline Encryption
University of Wollongong Research Online Faculty of Informatics - Papers Archive Faculty of Engineering and Information Sciences 2008 Hierarchical Identity-Based Online/Offline Encryption Zhongren Liu
More informationOn the Security of a Certificateless Public-Key Encryption
On the Security of a Certificateless Public-Key Encryption Zhenfeng Zhang, Dengguo Feng State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100080,
More informationA compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.
A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems. G Swetha M.Tech Student Dr.N.Chandra Sekhar Reddy Professor & HoD U V N Rajesh Assistant Professor Abstract Cryptography
More informationMulti-Channel Broadcast Encryption
This extended abstract appeared in Proceedings of the 2013 ACM Symposium on Information, computer and communications security (AsiaCCS âăź13 (May 7 10, 2013, Hangzhou, China, pages??????, ACM Press, New
More informationOn the Diculty of Software Key Escrow. Abstract. At Eurocrypt'95, Desmedt suggested a scheme which allows individuals to encrypt
On the Diculty of Software Key Escrow Lars R. Knudsen Katholieke Universiteit Leuven Dept. Elektrotechniek-ESAT Kardinaal Mercierlaan 94 B-3001 Heverlee Torben P. Pedersen y Cryptomathic Arhus Science
More informationKey-Policy Attribute-Based Encryption
Key-Policy Attribute-Based Encryption Present by Xiaokui Shu 09/08/2011 Identity-Based Encryption Basic KP-ABE Secret-Sharing Scheme Fine-grained Access Control Application Scenario Advanced Topics Related
More informationImprovement of Camenisch-Neven-Shelat Oblivious Transfer Scheme
Improvement of Camenisch-Neven-Shelat Oblivious Transfer Scheme Zhengjun Cao and Hanyue Cao Department of Mathematics, Shanghai University, Shanghai, China caozhj@shu.edu.cn Abstract. In 2007, Camenisch,
More informationEnhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms
Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms A.Sarika*1, Smt.J.Raghaveni*2 M.Tech Student, Dept of CSE, S.R.K.R Engineering college, Bhimavaram, AP,
More informationDelegation Scheme based on Proxy Re-encryption in Cloud Environment
Vol.133 (Information Technology and Computer Science 2016), pp.122-126 http://dx.doi.org/10.14257/astl.2016. Delegation Scheme based on Proxy Re-encryption in Cloud Environment You-Jin Song Department
More informationSimple and Efficient Threshold Cryptosystem from the Gap Diffie-Hellman Group
Simple and Efficient Threshold Cryptosystem from the Gap Diffie-Hellman Group Joonsang Baek Monash University Frankston, VIC 3199, Australia Email: joonsang.baek@infotech.monash.edu.au Yuliang Zheng UNC
More informationFine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing
wwwijcsiorg 10 Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing Yinghui Zhang 12 1 National Engineering Laboratory for Wireless Security Xi'an University of Posts and Telecommunications
More informationSecurity of Identity Based Encryption - A Different Perspective
Security of Identity Based Encryption - A Different Perspective Priyanka Bose and Dipanjan Das priyanka@cs.ucsb.edu,dipanjan@cs.ucsb.edu Department of Computer Science University of California Santa Barbara
More informationImplementation of IBE with Outsourced Revocation technique in Cloud Computing
Implementation of IBE with Outsourced Revocation technique in Cloud Computing M.MOHANRAO, POCKLA PAVANI Assistant Professor, M.TECH STUDENT Dept of CSE,Megha Institute of Engineering & Technology For womens,edulabad,ghatkesar
More informationOn the security of a certificateless signature scheme in the standard model
On the security of a certificateless signature scheme in the standard model Lin Cheng, Qiaoyan Wen, Zhengping Jin, Hua Zhang State Key Laboratory of Networking and Switch Technology, Beijing University
More informationREMOVE KEY ESCROW FROM THE IDENTITY-BASED ENCRYPTION SYSTEM
REMOVE KEY ESCROW FROM THE IDENTITY-BASED ENCRYPTION SYSTEM Zhaohui Cheng, Richard Comley Luminita Vasiu School of Computing Science, Middlesex University White Hart Lane, London N17 8HR, United Kingdom
More informationAbstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp
Vol.2, No.2, June 30 (2016), pp. 35-41 http://dx.doi.org/10.21742/apjcri.2016.06.05 1) 2) Abstract Cloud computing gives an adaptable and helpful route for information sharing, which brings different advantages
More informationSecurity Analysis of Batch Verification on Identity-based Signature Schemes
Proceedings of the 11th WSEAS International Conference on COMPUTERS, Agios Nikolaos, Crete Island, Greece, July 26-28, 2007 50 Security Analysis of Batch Verification on Identity-based Signature Schemes
More informationVerifiably Encrypted Signature Scheme with Threshold Adjudication
Verifiably Encrypted Signature Scheme with Threshold Adjudication M. Choudary Gorantla and Ashutosh Saxena Institute for Development and Research in Banking Technology Road No. 1, Castle Hills, Masab Tank,
More informationRole-Based Cryptography
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 10, October 2014,
More informationAttribute-Based Encryption. Allison Lewko, Microsoft Research
Attribute-Based Encryption Allison Lewko, Microsoft Research The Cast of Characters This talk will feature work by: Brent Waters Amit Sahai Vipul Goyal Omkant Pandey With special guest appearances by:
More informationP2P Social Networks With Broadcast Encryption Protected Privacy
P2P Social Networks With Broadcast Encryption Protected Privacy Oleksandr Bodriagov, Sonja Buchegger School of Computer Science and Communication KTH - The Royal Institute of Technology Stockholm, Sweden
More informationMalicious KGC Attacks in Certificateless Cryptography
Malicious KGC Attacks in Certificateless Cryptography Man Ho Au School of Information Technology and Computer Science University of Wollongong Wollongong, Australia mhaa456@uow.edu.au Yi Mu School of Information
More informationCollusion-Resistant Group Key Management Using Attributebased
Collusion-Resistant Group Key Management Using Attributebased Encryption Presented by: Anurodh Joshi Overview of the Paper Presents a ciphertext-policy attribute-based encryption (CP-ABE) scheme to solve
More informationAn IBE Scheme to Exchange Authenticated Secret Keys
An IBE Scheme to Exchange Authenticated Secret Keys Waldyr Dias Benits Júnior 1, Routo Terada (Advisor) 1 1 Instituto de Matemática e Estatística Universidade de São Paulo R. do Matão, 1010 Cidade Universitária
More informationCryptanalysis on Two Certificateless Signature Schemes
Int. J. of Computers, Communications & Control, ISSN 1841-9836, E-ISSN 1841-9844 Vol. V (2010), No. 4, pp. 586-591 Cryptanalysis on Two Certificateless Signature Schemes F. Zhang, S. Li, S. Miao, Y. Mu,
More informationA concrete certificateless signature scheme without pairings
University of Wollongong Research Online Faculty of Informatics - Papers (Archive) Faculty of Engineering and Information Sciences 2009 A concrete certificateless signature scheme without pairings Aijun
More informationSecure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption
Indian Journal of Science and Technology, Vol 8(S9), 318 325, May 2015 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 DOI: 10.17485/ijst/2015/v8iS9/65600 Secure Data Storage and Data Retrieval in Cloud
More informationIntroduction to Security Reduction
springer.com Computer Science : Data Structures, Cryptology and Information Theory Springer 1st edition Printed book Hardcover Printed book Hardcover ISBN 978-3-319-93048-0 Ca. $ 109,00 Planned Discount
More informationA Short Certificate-based Signature Scheme with Provable Security
ISSN 1392 124X (print), ISSN 2335 884X (online) INFORMATION TECHNOLOGY AND CONTROL, 2016, T. 45, Nr. 3 A Short Certificate-based Signature Scheme with Provable Security Ying-Hao Hung, Sen-Shan Huang, Yuh-Min
More informationImplementing Fully Key-Homomorphic Encryption in Haskell. Maurice Shih CS 240h
Implementing Fully Key-Homomorphic Encryption in Haskell Maurice Shih CS 240h Abstract Lattice based encryption schemes have many desirable properties. These include uantum and classic computer attack
More informationEfficient identity-based GQ multisignatures
Int. J. Inf. Secur. DOI 10.1007/s10207-008-0072-z REGULAR CONTRIBUTION Efficient identity-based GQ multisignatures Lein Harn Jian Ren Changlu Lin Springer-Verlag 2008 Abstract ISO/IEC 14888 specifies a
More informationBroadcast Encryption Based on Braid Groups
12 IJCSNS International Journal of Computer Science and Network Security, VOL.12 No.2, February 2012 Broadcast Encryption Based on Braid Groups Norranut Saguansakdiyotin and Pipat Hiranvanichakorn National
More informationAttribute Based Encryption with Privacy Protection in Clouds
Attribute Based Encryption with Privacy Protection in Clouds Geetanjali. M 1, Saravanan. N 2 PG Student, Department of Information Technology, K.S.R College of Engineering, Tiruchengode, Tamilnadu, India
More informationDistributed ID-based Signature Using Tamper-Resistant Module
, pp.13-18 http://dx.doi.org/10.14257/astl.2013.29.03 Distributed ID-based Signature Using Tamper-Resistant Module Shinsaku Kiyomoto, Tsukasa Ishiguro, and Yutaka Miyake KDDI R & D Laboratories Inc., 2-1-15,
More informationCode-Based Cryptography McEliece Cryptosystem
Code-Based Cryptography McEliece Cryptosystem I. Márquez-Corbella 0 2. McEliece Cryptosystem 1. Formal Definition 2. Security-Reduction Proof 3. McEliece Assumptions 4. Notions of Security 5. Critical
More informationCertificateless Public Key Cryptography
Certificateless Public Key Cryptography Mohsen Toorani Department of Informatics University of Bergen Norsk Kryptoseminar November 9, 2011 1 Public Key Cryptography (PKC) Also known as asymmetric cryptography.
More informationGENERALIZED TRACEABILITY CODES
U.P.B. Sci. Bull., Series A, Vol. 78, Iss. 2, 2016 ISSN 1223-7027 GENERALIZED TRACEABILITY CODES Majid MAZROOEI 1, Ali ZAGHIAN 2 In this paper, we introduce generalizations of frameproof, secure frameproof,
More informationCollusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys
Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys Dan Boneh 1,, Craig Gentry 2, and Brent Waters 1 1 Stanford University {dabo, bwaters}@cs.stanford.edu 2 DoCoMo USA Labs
More informationHIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES
HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES P.Senthil Kumar 1 Associate professor, PSNA college of engineering and technology,dindigul,tamilnadu,india Abstract: With the recent
More informationGroup-based Proxy Re-encryption Scheme Secure against Chosen Ciphertext Attack
International Journal of Network Security, Vol.8, No., PP.266 270, May 2009 266 Group-based Proxy Re-encryption Scheme Secure against Chosen Ciphertext Attack Chunbo Ma and Jun Ao (Corresponding author:
More informationDECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE
DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE ABSTRACT We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our system, any party can become an authority
More informationImproved Delegation Of Computation Using Somewhat Homomorphic Encryption To Reduce Storage Space
Improved Delegation Of Computation Using Somewhat Homomorphic Encryption To Reduce Storage Space Dhivya.S (PG Scholar) M.E Computer Science and Engineering Institute of Road and Transport Technology Erode,
More informationAn Attack on A Traitor Tracing Scheme
An Attack on A Traitor Tracing Scheme Jeff Jianxin Yan 1 and Yongdong Wu 2 1 Computer Laboratory, University of Cambridge Jeff.Yan@cl.cam.ac.uk 2 Kent Ridge Digital Labs (KRDL), Singapore wydong@krdl.org.sg
More informationA New Dynamic Hash Algorithm in Digital Signature
A New Dynamic Hash Algorithm in Digital Signature Erfaneh Noroozi 1, Salwani Mohd Daud 1, Ali Sabouhi 2, and Hafiza Abas 1 1 Advanced Informatics School (AIS), Universiti Teknologi Malaysia Kuala Lumpur,
More informationStateful Key Encapsulation Mechanism
Stateful Key Encapsulation Mechanism Peng Yang, 1 Rui Zhang, 2 Kanta Matsuura 1 and Hideki Imai 2 The concept of stateful encryption was introduced to reduce computation cost of conventional public key
More informationEncryption from the Diffie-Hellman assumption. Eike Kiltz
Encryption from the Diffie-Hellman assumption Eike Kiltz Elliptic curve public-key crypto Key-agreement Signatures Encryption Diffie-Hellman 76 passive security ElGamal 84 passive security Hybrid DH (ECDH)
More informationOn the Security of Group-based Proxy Re-encryption Scheme
On the Security of Group-based Proxy Re-encryption Scheme Purushothama B R 1, B B Amberker Department of Computer Science and Engineering National Institute of Technology Warangal Warangal, Andhra Pradesh-506004,
More informationOptimal Multicast Group Communication
Optimal Multicast Group Communication Zhibin Zhou and Dijiang Huang Arizona State University Abstract Many IP multicast based applications, such as Pay- TV, Multiplayer games, require controlling the group
More informationIdentity-Based Threshold Cryptography for Electronic Voting
Identity-Based Threshold Cryptography for Electronic Voting GINA GALLEGOS-GARCÍA 1, ROBERTO GÓMEZ-CÁRDENAS 2, GONZALO I. DUCHÉN-SÁNCHEZ 1 1 Graduate School, 2 Department of Computer Science 1 Instituto
More informationASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1
ASYMMETRIC (PUBLIC-KEY) ENCRYPTION Mihir Bellare UCSD 1 Recommended Book Steven Levy. Crypto. Penguin books. 2001. A non-technical account of the history of public-key cryptography and the colorful characters
More informationDual-server public-key encryption with keyword search for secure cloud storage
ISSN:2348-2079 Volume-6 Issue-2 International Journal of Intellectual Advancements and Research in Engineering Computations Dual-server public-key encryption with keyword search for secure cloud storage
More informationEFFECTIVE KEY GENERATION FOR MULTIMEDIA AND WEB APPLICATION
EFFECTIVE KEY GENERATION FOR MULTIMEDIA AND WEB APPLICATION Mr. Sagar Sharad Bhuite Department of Computer Science and Engg, College of Engg. Pandharpur Solapur University, Solapur, India Prof. Yoginath
More informationInsecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme
2014 Tenth 10th International Conference on Computational Intelligence and Security Insecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme Changji Wang, Haitao
More informationStrong Privacy for RFID Systems from Plaintext-Aware Encryption
Strong Privacy for RFID Systems from Plaintext-Aware Encryption Khaled Ouafi and Serge Vaudenay ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE http://lasec.epfl.ch/ supported by the ECRYPT project SV strong
More informationNotes for Lecture 14
COS 533: Advanced Cryptography Lecture 14 (November 6, 2017) Lecturer: Mark Zhandry Princeton University Scribe: Fermi Ma Notes for Lecture 14 1 Applications of Pairings 1.1 Recap Consider a bilinear e
More informationDirect Chosen Ciphertext Security from Identity-Based Techniques
Updated version of a paper published in the proceedings of the 12th ACM Conference on Computer and Communications Security CCS 2005, Alexandria, VA, November 2005. Current version available from the IACR
More informationDual-Server Public-key Encryption with Keyword Search for Secure Cloud Storage
Dual-Server Public-key Encryption with Keyword Search for Secure Cloud Storage A.VIJAYA DURGA 1, N. KOTESWARAMMA 2, B. LAKSHMI PRAVEENA 3 1,2 Dept. of MCA, VVIT, Guntur, AP 3 Dept. of IT, VVIT, Guntur,
More informationASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1
ASYMMETRIC (PUBLIC-KEY) ENCRYPTION Mihir Bellare UCSD 1 Recommended Book Steven Levy. Crypto. Penguin books. 2001. A non-technical account of the history of public-key cryptography and the colorful characters
More informationID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption
ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption ABSTRACT Danfeng Yao Dept. of Computer Science Brown University Providence, RI 02912 dyao@cs.brown.edu
More informationAdvanced Cryptography 1st Semester Symmetric Encryption
Advanced Cryptography 1st Semester 2007-2008 Pascal Lafourcade Université Joseph Fourrier, Verimag Master: October 22th 2007 1 / 58 Last Time (I) Security Notions Cyclic Groups Hard Problems One-way IND-CPA,
More informationINTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)
INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN 0976 ISSN 0976 6464(Print)
More informationKey Escrow free Identity-based Cryptosystem
Key Escrow free Manik Lal Das DA-IICT, Gandhinagar, India About DA-IICT and Our Group DA-IICT is a private university, located in capital of Gujarat state in India. DA-IICT offers undergraduate and postgraduate
More informationEfficiency Optimisation Of Tor Using Diffie-Hellman Chain
Efficiency Optimisation Of Tor Using Diffie-Hellman Chain Kun Peng Institute for Infocomm Research, Singapore dr.kun.peng@gmail.com Abstract Onion routing is the most common anonymous communication channel.
More informationRelaxing IND-CCA: Indistinguishability Against Chosen. Chosen Ciphertext Verification Attack
Relaxing IND-CCA: Indistinguishability Against Chosen Ciphertext Verification Attack Indian Statistical Institute Kolkata January 14, 2012 Outline 1 Definitions Encryption Scheme IND-CPA IND-CCA IND-CCVA
More informationIND-CCA2 secure cryptosystems, Dan Bogdanov
MTAT.07.006 Research Seminar in Cryptography IND-CCA2 secure cryptosystems Dan Bogdanov University of Tartu db@ut.ee 1 Overview Notion of indistinguishability The Cramer-Shoup cryptosystem Newer results
More informationBounded-Collusion IBE from Key Homomorphism
Bounded-Collusion IBE from Key Homomorphism Shafi Goldwasser 1, Allison Lewko 2, and David A. Wilson 3 1 MIT CSAIL and Weizmann Institute shafi@csail.mit.edu 2 UT Austin alewko@cs.utexas.edu 3 MIT CSAIL
More informationEfficient Auditable Access Control Systems for Public Shared Cloud Storage
Efficient Auditable Access Control Systems for Public Shared Cloud Storage Vidya Patil 1, Prof. Varsha R. Dange 2 Student, Department of Computer Science Dhole Patil College of Engineering, Pune, Maharashtra,
More informationCCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts
CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts Vanesa Daza 1, Javier Herranz 2, az Morillo 3 and Carla Ràfols 3 1 Dept. D Enginyeria Informàtica i Matemàtiques, Universitat Rovira
More informationFoundations of Cryptography CS Shweta Agrawal
Foundations of Cryptography CS 6111 Shweta Agrawal Course Information 4-5 homeworks (20% total) A midsem (25%) A major (35%) A project (20%) Attendance required as per institute policy Challenge questions
More informationk Anonymous Private Query Based on Blind Signature and Oblivious Transfer
Edith Cowan University Research Online International Cyber Resilience conference Conferences, Symposia and Campus Events 2011 k Anonymous Private Query Based on Blind Signature and Oblivious Transfer Russell
More informationIDENTITY-BASED ENCRYPTION WITH EFFICIENT REVOCATION FOR CLOUD SERVICE PROVIDER IN CLOUD COMPUTING
IDENTITY-BASED ENCRYPTION WITH EFFICIENT REVOCATION FOR CLOUD SERVICE PROVIDER IN CLOUD COMPUTING 1 Nadar Deepika Karthesan, 2 Dr.T.Priyaradhikadevi, 1 PG scholar, Dept of CSC, Mailam College of Engineering,
More informationSHE AND FHE. Hammad Mushtaq ENEE759L March 10, 2014
SHE AND FHE Hammad Mushtaq ENEE759L March 10, 2014 Outline Introduction Needs Analogy Somewhat Homomorphic Encryption (SHE) RSA, EL GAMAL (MULT) Pallier (XOR and ADD) Fully Homomorphic Encryption (FHE)
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationFully Secure Anonymous HIBE with Short Ciphertexts
Fully Secure Anonymous HIBE with Short Ciphertexts Angelo De Caro Vincenzo Iovino Giuseppe Persiano Dipartimento di Informatica ed Applicazioni, Università di Salerno, 84084 Fisciano (SA), Italy. {decaro,iovino,giuper}@dia.unisa.it
More informationSecurity Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13
Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13 Payal Chaudhari, Manik Lal Das, Anish Mathuria DA-IICT, Gandhinagar, India {payal chaudhari, maniklal das, anish mathuria}@daiict.ac.in
More informationinformation Black Box Traceable Ciphertext Policy Attribute-Based Encryption Scheme Information 2015, 6, ; doi:10.
Information 2015, 6, 481-493; doi:10.3390/info6030481 OPEN ACCESS information ISSN 2078-2489 www.mdpi.com/journal/information Article Black Box Traceable Ciphertext Policy Attribute-Based Encryption Scheme
More informationIdentity-Based Decryption
Identity-Based Decryption Daniel R. L. Brown May 30, 2011 Abstract Identity-based decryption is an alternative to identity-based encryption, in which Alice encrypts a symmetric key for Bob under a trusted
More informationBridging Broadcast Encryption and Group Key Agreement
Bridging Broadcast Encryption and Group Key Agreement Qianhong Wu 1,2,BoQin 1,3,LeiZhang 4, Josep Domingo-Ferrer 1, and Oriol Farràs 1,5 1 Universitat Rovira i Virgili, Department of Computer Engineering
More informationTheft-protected proprietary certificates
Theft-protected proprietary certificates A. Boldyreva M. Jakobsson 2002 Abstract The notion of proprietary certificates [7] was recently introduced in an attempt to discourage sharing of access rights
More informationRelations between Semantic Security and Anonymity in Identity Based Encryption
Relations between Semantic Security and Anonymity in Identity Based Encryption Javier Herranz 1, Fabien Laguillaumie 2, and Carla Ràfols 1 1 Dept. Matemàtica Aplicada IV, Universitat Politècnica de Catalunya,
More informationKey Grids: A Protocol Family for Assigning Symmetric Keys
Key Grids: A Protocol Family for Assigning Symmetric Keys Amitanand S. Aiyer University of Texas at Austin anand@cs.utexas.edu Lorenzo Alvisi University of Texas at Austin lorenzo@cs.utexas.edu Mohamed
More informationID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption
ID-Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption Danfeng Yao Nelly Fazio Yevgeniy Dodis Anna Lysyanskaya Abstract A forward-secure encryption scheme
More informationA Group-oriented Access Control Scheme for P2P Networks 1
I.J. Wireless and Microwave Technologies, 2011, 1, 30-37 Published Online February 2011 in MECS (http://www.mecs-press.net DOI: 10.5815/ijwmt.2011.01.05 Available online at http://www.mecs-press.net/ijwmt
More informationTimed-Release Certificateless Encryption
Timed-Release Certificateless Encryption Toru Oshikiri Graduate School of Engineering Tokyo Denki University Tokyo, Japan Taiichi Saito Tokyo Denki University Tokyo, Japan Abstract Timed-Release Encryption(TRE)
More informationSTRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS
STRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS Essam Ghadafi University College London e.ghadafi@ucl.ac.uk CT-RSA 2015 STRONGER SECURITY
More informationGeneralized Identity Based and Broadcast Encryption Schemes
Generalized Identity Based and Broadcast Encryption Schemes Dan Boneh and Michael Hamburg Stanford University {dabo,mhamburg}@cs.stanford.edu Abstract. We provide a general framework for constructing identitybased
More informationA robust smart card-based anonymous user authentication protocol for wireless communications
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2014 A robust smart card-based anonymous user authentication
More informationAn Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem
An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem Mihir Bellare, Alexandra Boldyreva and Adriana Palacio Dept. of Computer Science & Engineering, University of California, San
More informationCourse Map. COMP 7/8120 Cryptography and Data Security. Learning Objectives. How to use PRPs (Block Ciphers)? 2/14/18
Course Map Key Establishment Authenticated Encryption Key Management COMP 7/8120 Cryptography and Data Security Lecture 8: How to use Block Cipher - many time key Stream Ciphers Block Ciphers Secret Key
More informationAttribute Based Encryption for Multiples Authorities Using Shamir's Secret Sharing Algorithm
International Journal of Computer Science and Software Engineering Volume 1, Number 1 (2015), pp. 1-8 International Research Publication House http://www.irphouse.com Attribute Based Encryption for Multiples
More informationAn Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing
An Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing Qin Liu, Guojun Wang, and Jie Wu School of Information Science and Engineering Central South University Changsha 410083, Hunan Province,
More informationPrivacy Preserving (Outsourced) Data Share and Search
Privacy Preserving (Outsourced) Data Share and Search Surrey Centre for Cyber Security, Department of Computer Science, University of Surrey. December 13, 2017 Outline Introduction 1 Introduction 2 3 4
More information