Public Key Setting Research Articles

Time-Based Cryptosystem

In this paper we introduce a Time-Based Cryptosystem (TBC) scheme. This scheme requires a Time-Based Key Generation Center (TBKGC) to broadcast a set of public keys based on the Multi-prime RSA (MPRSA) at every new interval. The sender encrypts the plaintext with a specified period of time and the corresponding public key broadcast by the TBKGC. And the receiver acquires the corresponding key from the TBKGC to decrypt the ciphertext. We discuss the difference between TBC and Time-Specific Encryption (TSE). Finally we suggest extension and directions of improvement of TBC.

CSI-Otter: isogeny-based (partially) blind signatures from the class group action with a twist

In this paper, we construct the first provably-secure isogeny-based (partially) blind signature scheme. While at a high level the scheme resembles the Schnorr blind signature, our work does not directly follow from that construction, since isogenies do not offer as rich an algebraic structure. Specifically, our protocol does not fit into the linear identification protocol abstraction introduced by Hauck, Kiltz, and Loss (EUROCYRPT’19), which was used to generically construct Schnorr-like blind signatures based on modules such as classical groups and lattices. Consequently, our scheme is provably secure in the random oracle model (ROM) against poly-logarithmically-many concurrent sessions assuming the subexponential hardness of the group action inverse problem. In more detail, our blind signature exploits the quadratic twist of an elliptic curve in an essential way to endow isogenies with a strictly richer structure than abstract group actions (but still more restrictive than modules). The basic scheme has public key size 128 B and signature size 8 KB under the CSIDH-512 parameter sets—these are the smallest among all provably secure post-quantum secure blind signatures. Relying on a new ring variant of the group action inverse problem (rGAIP\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\ extsf{rGAIP}$$\\end{document}), we can halve the signature size to 4 KB while increasing the public key size to 512 B. We provide preliminary cryptanalysis of rGAIP\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$${\ extsf{rGAIP}} $$\\end{document} and show that for certain parameter settings, it is essentially as secure as the standard GAIP\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\ extsf{GAIP}$$\\end{document}. Finally, we show a novel way to turn our blind signature into a partially blind signature, where we deviate from prior methods since they require hashing into the set of public keys while hiding the corresponding secret key—constructing such a hash function in the isogeny setting remains an open problem.

Hierarchical Identity-Based Authenticated Encryption with Keyword Search over encrypted cloud data

With the rapid development of cloud computing technology, cloud storage services are becoming more and more mature. However, the storage of sensitive data on remote servers poses privacy risks and is presently a source of concern. Searchable Encryption (SE) is an effective method for protecting sensitive data while preserving server-side searchability. Hierarchical Public key Encryption with Keyword Search (HPEKS), a new variant of SE, allows users with higher access permission to search over encrypted data sent to lower-level users. To the best of our knowledge, there exist only four HPEKS schemes in the literature. Two of them are in traditional public-key setting, and the remaining ones are identity-based public key cryptosystems. Unfortunately, all of the four existing HPEKS schemes are vulnerable against inside Keyword Guessing Attacks (KGAs). Moreover, all of the existing HPEKS schemes are based on the computationally expensive bilinear pairing operation which dramatically increases the computational costs. To overcome these issues, in this paper, we introduce the notion of Hierarchical Identity-Based Authenticated Encryption with Keyword Search (HIBAEKS). We formulate a security model for HIBAEKS and propose an efficient pairing-free HIBAEKS scheme. We then prove that the proposed HIBAEKS scheme is secure under the defined security model and is resistant against KGAs. Finally, we compare our proposed scheme with related constructions regarding security requirements, computational and communication costs to indicate the overall superiority of our proposed scheme.

On the Construction of Perfect Keyword Secure PEKS Scheme

With the growing popularity of cloud computing, searchable encryption has become centre of attraction to enhance privacy and usability of the shared data. First searchable encryption scheme under the public key setting was proposed by Bonah et al. which is known as PEKS. In the PEKS scheme, one can easily link between cipher text and the trapdoor. In Information Sciences 2017 paper, Huang et al. proposed a public key SE scheme. In this scheme, encryption of a document or keyword requires the secret key of the data sender. The data sender generates ciphertexts, and upload them onto the cloud server. The data receiver generates trapdoors depending upon the public key of the sender and its own secret key. Thus, the PEKS scheme of Huang et al. circumvents the above attack by linking the ciphertext and the trapdoor to the key of the sender. However no work is available in the literature to stop attacks against linking user key and cipher text and server key and cipher text. In this paper we address these issues. We formalize the two new security notions, namely UKI-security and SKI-security. We have shown that our scheme is secure under these newly introduced security notions.

Kth min Threshold Encryption for Privacy-preserving Data Evaluation

Abstract The $k$th min threshold is to judge whether the $k$th smallest element of an attribute set along with a confidential file is greater than a predefined threshold, which is a fundamental, primitive operation in data evaluation, such as risk evaluation in business investment. However, it will compromise the privacy of the confidential files when proceeding with such a data evaluation because there is often a large amount of sensitive information involved in them, which the organizations/individuals are reluctant to expose due to the risk of losing a competitive advantage. Motivated by the issue how to preserve the privacy of the confidential files during data evaluation, in this research, we first present a new encryption notion called $k$th min threshold encryption (KTE) for serving privacy-preserving data evaluation. In this notion, the confidential file will be encrypted under an attribute set for its privacy protection prior to being sent to a receiver, and a decryption key is generated from a threshold $d$ and a rank $k$ of element, both selected by the receiver. The decryption will be successful if and only if the $k$th smallest element of the attribute set is greater than $d$. We then describe a concrete construction of KTE in the public-key setting. In particular, our construction features optimally short private keys, which only consists of one group element. By virtue of this advantage, it is quite practical because of only two pairing operations for decryption computation.

Supporting secure dynamic alert zones using searchable encryption and graph embedding

Location-based alerts have gained increasing popularity in recent years, whether in the context of healthcare (e.g., COVID-19 contact tracing), marketing (e.g., location-based advertising), or public safety. However, serious privacy concerns arise when location data are used in clear in the process. Several solutions employ searchable encryption (SE) to achieve secure alerts directly on encrypted locations. While doing so preserves privacy, the performance overhead incurred is high. We focus on a prominent SE technique in the public-key setting–hidden vector encryption, and propose a graph embedding technique to encode location data in a way that significantly boosts the performance of processing on ciphertexts. We show that the optimal encoding is NP-hard, and we provide three heuristics that obtain significant performance gains: gray optimizer, multi-seed gray optimizer and scaled gray optimizer. Furthermore, we investigate the more challenging case of dynamic alert zones, where the area of interest changes over time. Our extensive experimental evaluation shows that our solutions can significantly improve computational overhead compared to existing baselines.

Unbounded Predicate Inner Product Functional Encryption from Pairings

Predicate inner product functional encryption (P-IPFE) is essentially attribute-based IPFE (AB-IPFE) which additionally hides attributes associated to ciphertexts. In a P-IPFE, a message {textbf {x}} is encrypted under an attribute {textbf {w}} and a secret key is generated for a pair ({textbf {y}}, {textbf {v}}) such that recovery of langle {{textbf {x}}}, {{textbf {y}}}rangle requires the vectors {textbf {w}}, {textbf {v}} to satisfy a linear relation. We call a P-IPFE unbounded if it can encrypt unbounded length attributes and message vectors. bullet zero predicate IPFE. We construct the first unbounded zero predicate IPFE (UZP-IPFE) which recovers langle {{textbf {x}}}, {{textbf {y}}}rangle if langle {{textbf {w}}}, {{textbf {v}}}rangle =0. This construction is inspired by the unbounded IPFE of Tomida and Takashima (ASIACRYPT 2018) and the unbounded zero inner product encryption of Okamoto and Takashima (ASIACRYPT 2012). The UZP-IPFE stands secure against general attackers capable of decrypting the challenge ciphertext. Concretely, it provides full attribute-hiding security in the indistinguishability-based semi-adaptive model under the standard symmetric external Diffie–Hellman assumption. bullet non-zero predicate IPFE. We present the first unbounded non-zero predicate IPFE (UNP-IPFE) that successfully recovers langle {{textbf {x}}}, {{textbf {y}}}rangle if langle {{textbf {w}}}, {{textbf {v}}}rangle ne 0. We generically transform an unbounded quadratic FE (UQFE) scheme to weak attribute-hiding UNP-IPFE in both public and secret key setting. Interestingly, our secret key simulation secure UNP-IPFE has succinct secret keys and is constructed from a novel succinct UQFE that we build in the random oracle model. We leave the problem of constructing a succinct public key UNP-IPFE or UQFE in the standard model as an important open problem.

ENHANCED AUTHORIZATION FOR SECURE MANAGEMENT OF SENSITIVE DATA IN HYBRID APPLICATIONS

Sensitive data is often managed by cloud-based applications, which can be vulnerable to attackers who seek unauthorized access to this data. Traditional approaches to authorization may not be sufficient to protect sensitive data from such attacks. In this article, we propose an enhanced authorization approach that uses a combination of symmetric and asymmetric cryptography to secure sensitive data. Specifically, we propose generating a unique encryption key per file and a set of public and private keys per user, which are used to encrypt and decrypt the data. We demonstrate the feasibility of our approach with examples in Node.js, showing how to generate public and private keys, encrypt and decrypt files, and store encrypted data on a drive. Our approach provides an effective solution to the problem of managing sensitive data in hybrid applications, while preserving user and developer convenience.

Dual-server certificateless public key encryption with authorized equality test for outsourced IoT data

The Internet of Things (IoT) devices with restricted storage and computing sources are unable to store and handle massive data at local. A promising method is to engage some cloud server for maintaining outsourced encrypted IoT data and responding user request, in the meantime, the privacy of outsourced data can be protected. Existing encryption techniques with equality test allow the authorized cloud server to compare encrypted data and perform data classification. However, these schemes in the single server model cannot resist internal keyword guessing attacks. Also, the existing schemes in public key setting confront the burden of maintaining public key certificates, and the ones in identity-based setting face the key escrow problem. To address these issues, this paper proposes a dual-server certificateless public key encryption scheme supporting authorized equality test (DS-CL-AET) in bilinear groups. Security analysis indicates that the proposed DS-CL-AET scheme offers confidentiality protection for outsourced ciphertext and authentication tokens. Performance analysis demonstrates the practicality of our DS-CL-AET scheme in securing outsourced IoT data in clouds.

A more efficient public-key authenticated encryption scheme with keyword search

To realize ciphertext retrieval without decryption in the public key settings, Boneh et al. in 2004 proposed a cryptographic primitive named Public-key Encryption with Keyword Search (PEKS) and proposed the first PEKS scheme. Following Boneh et al.’s work, various PEKS schemes were proposed; however, most schemes are vulnerable to inside keyword guessing attacks (IKGA). Huang and Li proposed a new primitive named Public-key Authenticated Encryption with Keyword Search (PAEKS) in 2017, which resists the IKGA in the setting of only one test server. Their main idea to resist IKGA is to require the data sender to authenticate the ciphertext while encrypting a keyword. However, in the era of big data, as the number of encrypted files increases, huge storage overhead and heavy retrieval costs become problems in PAEKS. In this paper, we proposed a new PAEKS scheme that costs low storage space and supports fast search. We introduced the ciphertext deduplication into PAEKS to reduce storage space and leveraged the inverted index to accelerate the retrieval process. We simulated the proposed scheme and several related schemes with a desktop computer. The experiment results show that our proposed scheme is of lower storage overhead and higher retrieval efficiency compared with related schemes.

A Secure Certificateless Signature Scheme for Space-Based Internet of Things

Space-based Internet of things (S-IoT) can provide global services and connection capabilities. It has broad emerging application, including marine monitoring, forest monitoring, animal monitoring, disaster emergency response and other fields. However, owing to the openness of satellite communications, S-IoT is vulnerable to hijacking attacks, and malicious attackers can tamper with or forge transmitted messages. More seriously, due to limited S-IoT node resources, it is difficult to directly apply existing security solutions to terrestrial networks to the S-IoT. In this study, we propose CSP, a novel, secure, and efficient scheme based on certificateless signatures and bilinear pairings for S-IoT. CSP consists of six phases: system setup, partial private key settings, private key settings, public key settings, signing and verifying. In CSP, we especially design that part of the private key comes from the ground KGC and the other part is generated by the communication entity itself. We theoretically prove CSP is secure, and it is able to resist tampering or forgery attacks. Moreover, it can also ensure the authenticity, integrity, unforgeability, and nonrepudiation of transmitted messages. We also conducted extensive experiments and compared CSP with the existing schemes. The experimental results demonstrate that CSP can significantly reduce the total scheme time consumption. Especially, it can reduce about 50–60% of the time in the signature verification phase.

Identity-Based Key Agreement for Blockchain-Powered Intelligent Edge

In the new paradigm of blockchain-powered intelligent edge, the key agreement is a significant problem that has not been extensively studied so far. Existing key agreement protocols in the traditional public-key setting are usually too complicated and heavy for edge and end devices. Besides, most protocols in use do not have effective measures to resist side-channel attacks, which are increasingly threatening cloud servers, edge devices, and end devices. Identity (ID)-based protocols can be conveniently implemented in the blockchain-powered intelligent edge. Several leakage-resilient ID-based protocols, which can resist side-channel attacks, have been proposed. However, they all involve time-consuming pairing computations. Besides, none of them address side-channel attacks to the key generation center (KGC). This article designs and realizes two novel ID-based key agreement protocols for the blockchain-powered intelligent edge, including an extended Canetti-Krawczyk (eCK) secure ID-based authenticated key agreement (AKA) protocol and a continuous after-the-fact leakage-resilient eCK (CAFL-eCK) secure ID-based AKA protocol. Both protocols do not involve any heavy pairing computation. Besides, the second one can resist side-channel attacks to the KGC and the communicating parties. A hybrid implementation of the two protocols can achieve high efficiency and strong security at the same time in blockchain-powered intelligent edge environments. This is demonstrated via a use case of a blockchain-powered smart home.

An Efficient and Secure Data Sharing Method Using Asymmetric Pairing with Shorter Ciphertext to Enable Rapid Learning in Healthcare.

The recent advent of cloud computing provides a flexible way to effectively share data among multiple users. Cloud computing and cryptographic primitives are changing the way of healthcare unprecedentedly by providing real-time data sharing cost-effectively. Sharing various data items from different users to multiple sets of legitimate subscribers in the cloud environment is a challenging issue. The online electronic healthcare system requires multiple data items to be shared by different users for various purposes. In the present scenario, COVID-19 data is sensitive and must be encrypted to ensure data privacy. Secure sharing of such information is crucial. The standard broadcast encryption system is inefficient for this purpose. Multichannel broadcast encryption is a mechanism that enables secure sharing of different messages to different set of users efficiently. We propose an efficient and secure data sharing method with shorter ciphertext in public key setting using asymmetric (Type-III) pairings. The Type-III setting is the most efficient form among all pairing types regarding operations required and security. The semantic security of this method is proven under decisional BDHE complexity assumption without random oracle model.

Complementary set encryption for privacy-preserving data consolidation

Privacy-preserving data consolidation is one of the prominent research topics in the big data era, mostly because of the need of consolidating data from various database communities, which are highly sensitive or competitive in nature. This leads to a new emerging problem namely how to accomplish data consolidation among different organization data sets or databases appropriately without revealing any competitive or sensitive information to non-owners. To address this issue, we first introduce a new encryption notion called “complementary set encryption” (CSE) to apply to privacy-preserving data consolidation. In this notion, to provide privacy protection, the data in one database will be encrypted under a set W prior to being sent to the other database, and a decryption key will be generated with another set Q. The data will be decrypted and consolidated into the other database, if and only if both sets W and Q are complementary. Here, the “complementary” means that the intersection of set W and set Q is empty and meanwhile the union of both is to be completed into a universal set exactly. We then describe two constructions of CSE under the public-key setting. Our first construction is designed under a weaker security notion – “payload hiding”, which only preserves the data privacy but achieves a higher performance. The second construction is a stronger security notion, which we refer to as an “attribute hiding”, which preserves both the privacy of the data and its associated set W. Finally, we provide a formal analysis to prove the security of our two constructions, followed by a theoretical performance comparison and an experimental evaluation. In particular, the first construction is of an independent interest in the context of cryptography since it was able to stand out for its efficiency as a predicate encryption scheme in the sense that it features both low communication overhead and computational costs simultaneously, and only requires a private key size of O(1), a ciphertext size of O(1), and only O(1) pairing computations.

Trapdoor Privacy in Public Key Encryption With Keyword Search: A Review

The public key encryption with keyword search (PEKS) scheme allows searches to be performed over ciphertext by a server in a public-key setting. The PEKS scheme suffers from a major drawback which is keyword guessing attack. A keyword guessing attack (KGA) allows the attacker to successfully guess the correct keyword encrypted in a searchable ciphertext and trapdoor. To overcome this vulnerability, security notions, such as keyword privacy and trapdoor privacy were introduced. Keyword privacy prevents any information leaked from the keyword itself, and similarly trapdoor privacy prevents any information leaked from the trapdoor side. A PEKS scheme that is secure against KGA should satisfy trapdoor privacy. In this paper, we compare various types of PEKS schemes in terms of their underlying computational hardness, system model, search function, security properties of keyword privacy and trapdoor privacy, and security against offline KGA and online KGA. From the comparison analysis, we highlight that trapdoor privacy and keyword privacy are essential for a PEKS scheme to be secure against KGA. Lastly, we draw some potential research directions.

Secure resource sharing in grid system without public key settings

Secure resource sharing in grid system without public key settings

Dynamic Multi-Key FHE in Asymmetric Key Setting From LWE

Multi-key Fully homomorphic encryption (MFHE) schemes allow computation on the encrypted data under different keys. However, traditional multi-key FHE schemes based on Learning with errors (LWE) have the undesirable property that is the number of keys has to be fixed in advance. A dynamic multi-key FHE scheme is the most versatile variant which the information about the participants is not required before key generation. To support further homomorphic computation on extended ciphertexts and ciphertexts encrypted under additional keys, Peikert and Shiehian (TCC ’16) proposed a leveled dynamic multi-key FHE scheme. Nevertheless, it introduces the circular-security assumption for the LWE parameters to ensure its security, which provides weaker security to the scheme. The problem of how to construct a LWE-based dynamic multi-key FHE scheme is still open. To address the above problem, in this work, we present a dynamic multi-key FHE scheme based on the LWE assumption in public key setting. The ciphertext can be extended and performed homomorphic evaluation with the ciphertexts encrypted under additional keys. Compared with current constructions, our proposed method requires fewer “local” memory and the process of ciphertext extension is distributed. Our proposed method provides a new way to extend the ciphertext such that the ciphertext homomorphism computation is more efficient. Our scheme is proven to be secure under standard LWE assumptions without using the circular-security assumption.

Secure resource sharing in grid system without public key settings

Grid system involves the collaborative use of computers, networks, devices, software, databases and interfaces maintained by multiple organisations. Grid security has attracted increasing interests...

Enabling Efficient Spatial Keyword Queries on Encrypted Data With Strong Security Guarantees

Structured Encryption (STE), which allows a server to provide secure search services on encrypted data structures, has been widely investigated in recent years. To meet expressive search requirements in practical applications, a large number of STE constructions have been proposed either on textual keywords or spatial data. However, STE on spatio-textual data, which are widely used in location-based services, has not been fully investigated. In this paper, we formally define the notion of Spatial Keyword Structured Encryption (SKSE) and propose several concrete SKSE constructions with various efficiency-security trade-offs. Firstly, we propose a basic construction with linear search complexity, which only leaks the private files matching both spatial range query and all query keywords. Then, to improve the search efficiency on large-scale datasets, we present a novel tree-based construction with sub-linear search complexity. Finally, we introduce a post-validation approach to remove false positives and further improve storage and search performance. Our constructions are general in the sense that they can be constructed from any hidden vector encryption schemes, including public-key setting and symmetric-key setting, which can meet different sharing requirements. Our rigorous security analysis and comprehensive performance evaluation demonstrate that the proposed constructions are secure and outperform the start-of-the-art solutions.

A Secure Cloud Data Sharing Protocol for Enterprise Supporting Hierarchical Keyword Search

Cloud storage becomes the priority for storing and sharing data for enterprise users. Encrypting prior to uploading data to the cloud is the best way to protect business secrets, however, it hinders the convenient operations on plaintexts, such as searching over the cloud data. In addition, employees in an enterprise have multiple layer structures and a higher layer employee should have the privilege to monitor the lower layer employees’ data to check if these users violate the regulation without letting the employees be aware of. Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive suitable for secure cloud storage, which supports keyword search without decryption in public key encryption settings. Unfortunately, no existing PEKS scheme supports the monitoring function without authorization from the sender. To address this issue, we propose a variant of PEKS named Hierarchical Public Key Encryption with Keyword Search (HPEKS) and provide a semi-generic construction utilizing a public key tree (PKTree) and a PEKS scheme. To better suit for the enterprise secret data sharing, we build an advanced HPEKS scheme, named designated-tester decryptable hierarchical public key encryption with keyword search (dDHPEKS), which enjoys stronger security and integrates the public key and symmetric key encryptions. We prove our dDHPEKS scheme secure under the security definition in the random oracle model. Particularly, it satisfies the security against outside offline keyword guessing attacks and furthermore, enjoys the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">transparency</i> property so that the sender does not need to know the internal hierarchy structure of an enterprise in order to share encrypted data to the enterprise. Theoretical evaluation and concrete experiments show that our dDHPEKS scheme has comparable running efficiency with existing PEKS schemes.