With the rapid advancement of cloud computing technology,reversible data hiding algorithms in encrypted images(RDH-EI)have developed into an important field of study concentrated on safeguarding privacy in distributed...
详细信息
With the rapid advancement of cloud computing technology,reversible data hiding algorithms in encrypted images(RDH-EI)have developed into an important field of study concentrated on safeguarding privacy in distributed cloud ***,existing algorithms often suffer from low embedding capacities and are inadequate for complex data access *** address these challenges,this paper proposes a novel reversible data hiding algorithm in encrypted images based on adaptive median edge detection(AMED)and ciphertext-policyattributebasedencryption(CP-ABE).This proposed algorithm enhances the conventional median edge detection(MED)by incorporating dynamic variables to improve pixel prediction *** carrier image is subsequently reconstructed using the Huffman coding *** image generation is then achieved by encrypting the image based on system user attributes and data access rights,with the hierarchical embedding of the group’s secret data seamlessly integrated during the encryption process using the CP-ABE ***,the encrypted image is transmitted to the data hider,enabling independent embedding of the secret data and resulting in the creation of the marked encrypted *** approach allows only the receiver to extract the authorized group’s secret data,thereby enabling fine-grained,controlled *** results indicate that,in contrast to current algorithms,the method introduced here considerably improves the embedding rate while preserving lossless image ***,the average maximum embedding rates for the(3,4)-threshold and(6,6)-threshold schemes reach 5.7853 bits per pixel(bpp)and 7.7781 bpp,respectively,across the BOSSbase,BOW-2,and USD ***,the algorithm facilitates permission-granting and joint-decryption ***,this paper conducts a comprehensive examination of the algorithm’s robustness using metrics such as image correlation,information entropy,and number of pix
The Internet of Things (IoT) is a heterogeneous network composed of numerous dynamically connected devices. While it brings convenience, the IoT also faces serious challenges in data security. ciphertext-policy attrib...
详细信息
The Internet of Things (IoT) is a heterogeneous network composed of numerous dynamically connected devices. While it brings convenience, the IoT also faces serious challenges in data security. ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptography method that supports fine-grained access control, offering a solution to the IoT's security issues. However, existing CP-ABE schemes are inefficient and unsuitable for IoT devices with limited computing resources. To address this problem, this paper proposes an efficient pairing-free CP-ABE scheme for the IoT. The scheme is based on lightweight elliptic curve scalar multiplication and supports multi-authority and verifiable outsourced decryption. The proposed scheme satisfies indistinguishability against chosen-plaintext attacks (CPA) under the elliptic curve decisional Diffie-Hellman (ECDDH) problem. Performance analysis shows that our proposed scheme is more efficient and better suited to the IoT environment compared to existing schemes.
With the rapid deployment of storage services, secure and efficient user authorization and revocation data shared through the cloud have become a grand challenge hindering cloud data *** previous direct and indirect u...
详细信息
With the rapid deployment of storage services, secure and efficient user authorization and revocation data shared through the cloud have become a grand challenge hindering cloud data *** previous direct and indirect user revocation schemes implemented large-scale user revocation, they faced heavy communication and computational costs. To address these challenges, this study presents a new encryption scheme that combines ciphertext-policy attribute-based encryption(CP-ABE) with puncturable encryption to achieve efficient and flexible user revocation. We design a proxy server to reduce the computational overhead in the decryption phase. Because the puncture process is performed on a semi-honest cloud, we use the digital signature method to verify the correctness of its operation. Furthermore, we prove the security of our scheme under the chosen-plaintext attack(CPA), and compare it with other schemes to highlight its advantages. Numerical analysis and experimental simulation results reveal that our scheme is more suitable than other schemes for use in a cloud environment for user revocation.
ciphertext-policy attribute-based encryption (CP-ABE) has attracted much interest from the practical community to enforce access control in distributed settings such as the Internet of Things (IoT). In such settings, ...
详细信息
ISBN:
(纸本)9783031174322;9783031174339
ciphertext-policy attribute-based encryption (CP-ABE) has attracted much interest from the practical community to enforce access control in distributed settings such as the Internet of Things (IoT). In such settings, encryption devices are often constrained, having small memories and little computational power, and the associated networks are lossy. To optimize both the ciphertext sizes and the encryption speed is therefore paramount. In addition, the master public key needs to be small enough to fit in the encryption device's memory. At the same time, the scheme needs to be expressive enough to support common access control models. Currently, however, the state of the art incurs undesirable efficiency trade-offs. Existing schemes often have linear ciphertexts, and consequently, the ciphertexts may be too large and encryption may be too slow. In contrast, schemes with small ciphertexts have extremely large master public keys, and are generally computationally inefficient. In this work, we propose TinyABE: a novel CP-ABE scheme that is expressive and can be configured to be efficient enough for settings with embedded devices and low-quality networks. In particular, we demonstrate that our scheme can be configured such that the ciphertexts are small, encryption is fast and the master public key is small enough to fit in memory. From a theoretical standpoint, the new scheme and its security proof are non-trivial generalizations of the expressive scheme with constant-size ciphertexts by Agrawal and Chase (TCC'16, Eurocrypt'17) and its proof to the unbounded setting. By using techniques of Rouselakis and Waters (CCS'13), we remove the restrictions that the Agrawal-Chase scheme imposes on the keys and ciphertexts, making it thus more flexible. In this way, TinyABE is especially suitable for IoT devices and networks.
ciphertext-policy attribute-based encryption(CP-ABE)is a promising cryptographic solution to the problem for enforcing fine-grained access control over encrypted data in the ***,when applying CP-ABE to data outsourcin...
详细信息
ciphertext-policy attribute-based encryption(CP-ABE)is a promising cryptographic solution to the problem for enforcing fine-grained access control over encrypted data in the ***,when applying CP-ABE to data outsourcing scenarios,we have to address the challenging issue of policy updates because access control elements,such as users,attributes,and access rules may change *** this paper,we propose a notion of access policy updatable ciphertext-policy attribute-based encryption(APU-CP-ABE)by combining the idea of ciphertext-policyattribute-based key encapsulation and symmetric proxy *** an access policy update occurs,data owner is no longer required to download any data for re-encryption from the cloud,all he needs to do is generate a re-encryption key and produce a new encapsulated symmetric key,and then upload them to the *** cloud server executes re-encryption without *** the re-encrypted ciphertext is encrypted under a completely new key,users cannot decrypt data even if they keep the old symmetric keys or parts of the previous *** present an APU-CP-ABE construction based on Syalim et al.’s[Syalim,Nishide and Sakurai(2017)]improved symmetric proxy re-encryption scheme and Agrawal et al.’s[Agrawal and Chase(2017)]attribute-based message encryption *** requires only 6 bilinear pairing operations for decryption,regardless of the number of attributes *** makes our construction particularly attractive when decryption is time-critical.
Cloud-assisted smart grid has been broadly deployed to improve the economics, efficiency, sustainability, and reliability of electricity services. The new revolution of technology will also bring new challenges to dat...
详细信息
Cloud-assisted smart grid has been broadly deployed to improve the economics, efficiency, sustainability, and reliability of electricity services. The new revolution of technology will also bring new challenges to data security, particularly data confidentiality. As a promising encryption method for supporting fine-grained access control, attribute-basedencryption (ABE) is widely given attention by the academia and industry. However, most existing schemes suffer from the efficiency problem limiting its deployment for the cloud-assisted smart grid, especially for resource-limited users. To address this problem, this paper proposes two efficient pairing-free ciphertext-policyattribute-based schemes that eliminate the computation-intensive bilinear pairing operation. The basic scheme only uses some simple scalar multiplications based on elliptic curves, and the enhanced scheme provides an important usability feature, namely the users and attributes revocation. The security of the proposed schemes is reduced to the elliptic curve decisional Diffie-Hellman problem. Finally, the performance analysis and extensive experiments demonstrate that our proposed schemes are suitable for the cloud-assisted smart grid.
Timed-release CP-ABE can provide fine-grained and timed-release access control while ensuring data confidentiality. Existing schemes usually rely on a trusted third-party called time server. This paper proposes a nove...
详细信息
Timed-release CP-ABE can provide fine-grained and timed-release access control while ensuring data confidentiality. Existing schemes usually rely on a trusted third-party called time server. This paper proposes a novel timed-release CP-ABE scheme named ciphertext-policyattribute-based delay encryption (CP-ABDE), which does not require a time server. Specifically, we formalise the notion of CP-ABDE and its system model and security model. Furthermore, we provide a formal construction that is secure under the decisional bilinear Diffie-Hellman assumption and repeated squaring assumption. Finally, performance analysis shows that the scheme performs well while achieving timed-release access control.
In emergency care, fast and efficient treatment is vital. The availability of Electronic Medical Records (EMR) allows healthcare professionals to access a patient's data promptly, which facilitates the decision-ma...
详细信息
In emergency care, fast and efficient treatment is vital. The availability of Electronic Medical Records (EMR) allows healthcare professionals to access a patient's data promptly, which facilitates the decision-making process and saves time by not repeating medical procedures. Unfortunately, the complete EMR of a patient is often not available during an emergency situation to all treatment teams. Cloud services emerge as a promising solution to this problem by allowing ubiquitous access to information. However, EMR storage and sharing through clouds raise several concerns about security and privacy. To this end, we propose a protocol through which all treatment teams involved in the emergency care can securely decrypt relevant data from the patient's EMR and add new information about the patient's status. Furthermore, our protocol ensures that treatment teams will only access the patient's EMR for the period during which the patient is under their care. Finally, we present a formal security analysis of our protocol and some initial experimental results.
It is the most important and challenging problem to share the data safely in cloud computing. Some so-called trusted third parties may also infringe users' data privacy. It is an urgent problem for data owners to ...
详细信息
It is the most important and challenging problem to share the data safely in cloud computing. Some so-called trusted third parties may also infringe users' data privacy. It is an urgent problem for data owners to share data safely with the designated users rather than the third party or other users. Traditional encryption schemes utilize different keys to produce multiple encrypted copies of the same data for users. It is no longer applicable for cloud data sharing security. attribute-basedencryption can solve above problems, but it needs to rely on trusted third parties to protect the users' privacy. In this article, in order to address the above problems, we propose a blockchain-basedciphertext-policy attribute-based encryption scheme for cloud data secure sharing without relying on any trusted third parties. Blockchain-basedciphertext-policy attribute-based encryption scheme can protect the rights and security of data owner. Compared with existing cloud security schemes, the proposed scheme has more advantages in terms of the six aspects: (1) data owners have the authority to decide who can decrypt the data;(2) the operations of users are retained permanently, and all records are tamper-proof;(3) our proposed scheme has the characteristic of "one-to-many" encryption, and data is encrypted only once;(4) our scheme does not rely on any trusted third party;(5) in terms of the discrete logarithm problem and decisional q parallel-bilinear Diffie-Hellman exponent problem, we prove that our proposed scheme is secure;and (6) experiment shows that our proposed scheme is more efficient than the comparative scheme.
The scheme [1] is flawed because: (1) its circuit access structure is confusingly described;(2) the cloud server cannot complete the related computations;(3) some users can conspire to generate new decryption keys, wi...
详细信息
The scheme [1] is flawed because: (1) its circuit access structure is confusingly described;(2) the cloud server cannot complete the related computations;(3) some users can conspire to generate new decryption keys, without the help of the key generation authority.
暂无评论