Currently, sm9 algorithm has received more and more attention as a new cryptographic product. The sm9 algorithm encryption and decryption principle relies on the mapping relationship on the elliptic curve. Although th...
详细信息
ISBN:
(纸本)9781665403924
Currently, sm9 algorithm has received more and more attention as a new cryptographic product. The sm9 algorithm encryption and decryption principle relies on the mapping relationship on the elliptic curve. Although this mapping relationship improves the security, it will slightly reduce the efficiency. The goal of this article is to improve the efficiency of the sm9 algorithm. Different from the traditional assembly line acceleration method, we decided to start with the basic operation of the algorithm itself. There is a bilinear pairing operation on the elliptic curve, which completes the point to point on the elliptic curve. The calculation complexity directly determines the sm9 algorithm. For this reason, we propose two new bilinear pair processing methods. The former uses the properties of isomorphic mapping to transfer the operations involved in the calculation of bilinear pairs from a large feature domain to a small feature domain, reducing the number of operations on the feature domain. The latter is for special operations in the bilinear pairing process, adding intermediate variables to convert them into low-time-consuming multiplication operations. According to the traditional Miller algorithm, the calculation of bilinear pairs requires 900 multiplication time units. Our solution can reduce this value to 700 and 800 multiplication time units respectively. In addition, the two algorithms have not changed the mapping relationship of the bilinear pair. On the premise of ensuring the correct mapping relationship, the efficiency of the sm9 algorithm is improved.
As the number and frequency of interactions between vehicles and the external environment increase, the security threats faced by vehicles have become more numerous and destructive in the context of the Internet of ve...
详细信息
Dispatching and Control Cloud (DCC) is a cloud platform constructed by State Grid Corporation with the technology of cloud computing. DCC has improved the overall operation and monitoring capabilities, the smart level...
详细信息
Dispatching and Control Cloud (DCC) is a cloud platform constructed by State Grid Corporation with the technology of cloud computing. DCC has improved the overall operation and monitoring capabilities, the smart level and many other advantages of power grid. However, the development of DCC has been hampered by security and privacy issues. Secure unified identity authentication, access control and authorisation management are significant topics in DCC. To find out a solution for the topics above, we have employed some encryption schemes using the attribute-based encryption(ABE), as ABE can preserve users' privacy and achieve access control with fine grain over the encrypted information. sm9 is a kind of Chinese official standard in the field of cryptography, which contains the sm9 encryption algorithm (sm9-IBE). In this paper, an ABE scheme based on sm9-IBE is proposed, making sm9 support fine-grained access control which would be better applied in DCC. Our proposed scheme (sm9-ABE) has been proven to be of great security in the selective CPA model under DBDH assumption. Furthermore, we implement sm9-ABE and evaluate its practical performance. The implementation indicates our scheme performs well in the matter of security and functionality, at an additional time cost which is acceptable.
To protect data privacy in cloud storage, sensitive data is commonly encrypted before being uploaded to a cloud storage server (CSS). This process challenges secure and efficient ciphertext retrieval. Identity-based e...
详细信息
To protect data privacy in cloud storage, sensitive data is commonly encrypted before being uploaded to a cloud storage server (CSS). This process challenges secure and efficient ciphertext retrieval. Identity-based encryption with keyword search (IBEKS) enables secure ciphertext retrieval but remains vulnerable to internal adversary attacks, particularly algorithm substitution attacks (ASA) in sm9-based searchable encryption schemes. Additionally, existing protocols lack proactive defense mechanisms, making them vulnerable to insider threats that compromise system integrity. To address these challenges, this article proposes sm9-based Searchable Encryption with Cryptographic Reverse Firewall (sm9SE-CRF), a novel scheme designed to resist internal attacks while ensuring efficient ciphertext retrieval. Initially, a re-randomizable IBEKS framework is developed as the foundation for constructing the sm9 searchable encryption scheme, enhancing both security and performance. Furthermore, Cryptographic reverse firewalls are deployed at both the Key Generation Center (KGC) and user ends, which dynamically re-randomize cryptographic parameters to mitigate risks posed by internal adversaries. The sm9SE-CRF scheme is implemented using the JPBC library and evaluated through comprehensive security and performance analyses. Results demonstrate that sm9SE-CRF effectively mitigates offline keyword guessing attacks and ASA threats from malicious insiders. Performance evaluations reveal that at a 128-bit security level, sm9SE-CRF achieves a 93% reduction in runtime compared to existing schemes, with the cryptographic reverse firewall adding merely 1.16% overhead. This minimal computational cost highlights the practical applicability of sm9SE-CRF in privacy-preserving cloud storage systems, particularly in enterprise data sharing, secure outsourced storage, and cloud-based information retrieval applications.
The forward triage characteristic of telemedicine highlights its importance again in the COVID-19 pandemic. Telemedicine can provide timely emergency response in the case of environmental or biological hazards, and th...
详细信息
The forward triage characteristic of telemedicine highlights its importance again in the COVID-19 pandemic. Telemedicine can provide timely emergency response in the case of environmental or biological hazards, and the patient's medical privacy data generated in this process can also accelerate the establishment of models for preventing and treating infectious diseases. However, the reuse process of telemedicine user privacy data based on federated learning also faces significant challenges. Differences in regions, economic levels, and grades lead to heterogeneous data and resource-constrained environments, seriously damaging the federated learning process. Besides, the weak password authentication of medical terminals and eavesdropping attacks on transmission channels may cause illegal access to terminals and platforms and leakage of sensitive data. This paper proposed a telemedicine data secure-sharing scheme based on heterogeneous federated learning. Specifically, we proposed a heterogeneous federated learning scheme with model alignment to guide telemedicine practice through the reuse of telemedicine data;in addition, we designed an sm9 threshold identity authentication scheme to guarantee that the patient's medical privacy data is protected from leakage during the federated learning process. We evaluated our scheme using two third-party medical datasets. The evaluation results indicate that this scheme can still assist the federated learning process in resisting data heterogeneity and resource constraints with almost no performance cost.
暂无评论