To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties o...To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.展开更多
This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinea...This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinear analytical tools to thoroughly investigate the dynamics of the chaotic map,which allows us to select optimal parameter configurations for the encryption process.Our findings indicate that the proposed sine-cosine map is capable of generating a rich variety of chaotic attractors,an essential characteristic for effective encryption.The encryption technique is based on bit-plane decomposition,wherein a plain image is divided into distinct bit planes.These planes are organized into two matrices:one containing the most significant bit planes and the other housing the least significant ones.The subsequent phases of chaotic confusion and diffusion utilize these matrices to enhance security.An auxiliary matrix is then generated,comprising the combined bit planes that yield the final encrypted image.Experimental results demonstrate that our proposed technique achieves a commendable level of security for safeguarding sensitive patient information in medical images.As a result,image quality is evaluated using the Structural Similarity Index(SSIM),yielding values close to zero for encrypted images and approaching one for decrypted images.Additionally,the entropy values of the encrypted images are near 8,with a Number of Pixel Change Rate(NPCR)and Unified Average Change Intensity(UACI)exceeding 99.50%and 33%,respectively.Furthermore,quantitative assessments of occlusion attacks,along with comparisons to leading algorithms,validate the integrity and efficacy of our medical image encryption approach.展开更多
The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protec...The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protect those links,as the hardware node tends to be resource-constrained.Then Pseudo Random Number Generators are employed to produce random keys,whose final behavior depends on the initial seed.To guarantee good mathematical behavior,most key generators need an unpredictable voltage signal as input.However,physical signals evolve slowly and have a significant autocorrelation,so they do not have enough entropy to support highrandomness seeds.Then,electronic mechanisms to generate those high-entropy signals artificially are required.This paper proposes a robust hyperchaotic circuit to obtain such unpredictable electric signals.The circuit is based on a hyperchaotic dynamic system,showing a large catalog of structures,four different secret parameters,and producing four high entropy voltage signals.Synchronization schemes for the correct secret key calculation and distribution among all remote communicating modules are also analyzed and discussed.Security risks and intruder and attacker models for the proposed solution are explored,too.An experimental validation based on circuit simulations and a real hardware implementation is provided.The results show that the random properties of PRNG improved by up to 11%when seeds were calculated through the proposed circuit.展开更多
The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography ...The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography can eliminate much of the overhead associated with the deployment and management of certificate.However,exposure of private keys can be the most devastating attack on a public key based cryptosystem since such that all security guarantees are lost.In this paper,an ID-based authenticated key agreement protocol was presented.For solving the problem of key exposure of the basic scheme,the technique of key insulation was applied and a key insulated version is developed.展开更多
ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we...ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.展开更多
Cloud storage service reduces the burden of data users by storing users' data files in the cloud. But, the files might be modified in the cloud. So, data users hope to check data files integrity periodically. In a pu...Cloud storage service reduces the burden of data users by storing users' data files in the cloud. But, the files might be modified in the cloud. So, data users hope to check data files integrity periodically. In a public auditing protocol, there is a trusted auditor who has certain ability to help users to check the integrity of data files. With the advantages of no public key management and verification, researchers focus on public auditing protocol in ID-based cryptography recently. However, some existing protocols are vulnerable to forgery attack. In this paper, based on ID-based signature technology, by strengthening information authentication and the computing power of the auditor, we propose an ID-based public auditing protocol for cloud data integrity checking. We also prove that the proposed protocol is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard. Furthermore, we compare the proposed protocol with other two ID-based auditing protocols in security features, communication efficiency and computation cost. The comparisons show that the proposed protocol satisfies more security features with lower computation cost.展开更多
Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
In existing software registration schemes, the privacy of users is not taken into account and may be in the risks of abuses. In this paper, we proposed a novel software registration system which can greatly reduce una...In existing software registration schemes, the privacy of users is not taken into account and may be in the risks of abuses. In this paper, we proposed a novel software registration system which can greatly reduce unauthorized use of software while keeping the privacy of users. To the best of our knowledge, this is the first system that the privacy of users is guaranteed in software registration. Our system enjoys a modular design and can be implemented by any secure ID-based partially blind signature scheme. Furthermore, the proposal allows flexible registration information definition. This feature makes our scheme flexible and practical for more software registration applications.展开更多
In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this pape...In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.展开更多
Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD ...Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD protocol , which is fully authenticated by a proven-secure ID-based signature scheme. T he protocol can res ist the impersonation attack, and other security attributes are also satisfied. Compared with Choi et al and Du et al schemes, the proposed one is mor e efficient and applicable for dynamic groups.展开更多
Peer-to-peer computing has recently started to gain significant acceptance, since it can greatly increase the performance and reliability of overall system. However, the security issue is still a major gating factor f...Peer-to-peer computing has recently started to gain significant acceptance, since it can greatly increase the performance and reliability of overall system. However, the security issue is still a major gating factor for its full adoption. In order to guarantee the security of data exchanged between two peers in Peer-to-Peer system, this paper comes up with an ID-based authenticated key agreement from bilinear pairings and uses BAN logic to prove the protocol’s security. Compared with other existing protocols, the proposed protocol seems more secure and efficient, since it adopts the static shared Diffie-Hellman key.展开更多
Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually si...Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.展开更多
Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential....Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential.In this paper,a novel Fibonacci sine exponential map is designed,the hyperchaotic performance of which is particularly suitable for image encryption algorithms.An encryption algorithm tailored for handling the multi-band attributes of remote sensing images is proposed.The algorithm combines a three-dimensional synchronized scrambled diffusion operation with chaos to efficiently encrypt multiple images.Moreover,the keys are processed using an elliptic curve cryptosystem,eliminating the need for an additional channel to transmit the keys,thus enhancing security.Experimental results and algorithm analysis demonstrate that the algorithm offers strong security and high efficiency,making it suitable for remote sensing image encryption tasks.展开更多
In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any mod...In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any modern company. A companys operational and historical data contains strategic and operational knowledge of ever-increasing added value. The emergence of a new paradigm: big data. Today, the value of the data scattered throughout this mother of knowledge is calculated in billions of dollars, depending on its size, scope and area of intervention. With the rise of computer networks and distributed systems, the threats to these sensitive resources have steadily increased, jeopardizing the existence of the company itself by drying up production and losing the interest of customers and suppliers. These threats range from sabotage to bankruptcy. For several decades now, most companies have been using encryption algorithms to protect and secure their information systems against the threats and dangers posed by the inherent vulnerabilities of their infrastructure and the current economic climate. This vulnerability requires companies to make the right choice of algorithms to implement in their management systems. For this reason, the present work aims to carry out a comparative study of the reliability and effectiveness of symmetrical and asymmetrical cryptosystems, in order to identify one or more suitable for securing academic data in the DRC. The analysis of the robustness of commonly used symmetric and asymmetric cryptosystems will be the subject of simulations in this article.展开更多
针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,...针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,既可保障隐私信息安全,亦可使得消息具备新鲜性和不确定性。对所设计协议进行安全性分析、基于GNY逻辑形式化证明、性能分析,结果表明该协议具备良好的安全要求、严谨的推理、性能优于其他对比协议。展开更多
基金The National Natural Science Foundation of China(No.60473028)the Natural Science Foundation of Zhengzhou University of Light Industry(No.2006XXJ18)the Doctor Foundation of Zhengzhou University of Light Industry(No.20080014)
文摘To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.
文摘This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinear analytical tools to thoroughly investigate the dynamics of the chaotic map,which allows us to select optimal parameter configurations for the encryption process.Our findings indicate that the proposed sine-cosine map is capable of generating a rich variety of chaotic attractors,an essential characteristic for effective encryption.The encryption technique is based on bit-plane decomposition,wherein a plain image is divided into distinct bit planes.These planes are organized into two matrices:one containing the most significant bit planes and the other housing the least significant ones.The subsequent phases of chaotic confusion and diffusion utilize these matrices to enhance security.An auxiliary matrix is then generated,comprising the combined bit planes that yield the final encrypted image.Experimental results demonstrate that our proposed technique achieves a commendable level of security for safeguarding sensitive patient information in medical images.As a result,image quality is evaluated using the Structural Similarity Index(SSIM),yielding values close to zero for encrypted images and approaching one for decrypted images.Additionally,the entropy values of the encrypted images are near 8,with a Number of Pixel Change Rate(NPCR)and Unified Average Change Intensity(UACI)exceeding 99.50%and 33%,respectively.Furthermore,quantitative assessments of occlusion attacks,along with comparisons to leading algorithms,validate the integrity and efficacy of our medical image encryption approach.
基金supported by Comunidad de Madrid within the framework of the Multiannual Agreement with Universidad Politecnica de Madrid to encourage research by young doctors(PRINCE).
文摘The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protect those links,as the hardware node tends to be resource-constrained.Then Pseudo Random Number Generators are employed to produce random keys,whose final behavior depends on the initial seed.To guarantee good mathematical behavior,most key generators need an unpredictable voltage signal as input.However,physical signals evolve slowly and have a significant autocorrelation,so they do not have enough entropy to support highrandomness seeds.Then,electronic mechanisms to generate those high-entropy signals artificially are required.This paper proposes a robust hyperchaotic circuit to obtain such unpredictable electric signals.The circuit is based on a hyperchaotic dynamic system,showing a large catalog of structures,four different secret parameters,and producing four high entropy voltage signals.Synchronization schemes for the correct secret key calculation and distribution among all remote communicating modules are also analyzed and discussed.Security risks and intruder and attacker models for the proposed solution are explored,too.An experimental validation based on circuit simulations and a real hardware implementation is provided.The results show that the random properties of PRNG improved by up to 11%when seeds were calculated through the proposed circuit.
文摘The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography can eliminate much of the overhead associated with the deployment and management of certificate.However,exposure of private keys can be the most devastating attack on a public key based cryptosystem since such that all security guarantees are lost.In this paper,an ID-based authenticated key agreement protocol was presented.For solving the problem of key exposure of the basic scheme,the technique of key insulation was applied and a key insulated version is developed.
基金Supported bythe National Key Basic Research andDevelopment Program (973 Program G1999035804),the NationalNatural Science Foundation of China (90204015 ,60473021) and theElitist Youth Foundation of Henan Province (021201400)
文摘ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.
基金Supported by the Applied Basic and Advanced Technology Research Programs of Tianjin(15JCYBJC15900)the National Natural Science Foundation of China(51378350)
文摘Cloud storage service reduces the burden of data users by storing users' data files in the cloud. But, the files might be modified in the cloud. So, data users hope to check data files integrity periodically. In a public auditing protocol, there is a trusted auditor who has certain ability to help users to check the integrity of data files. With the advantages of no public key management and verification, researchers focus on public auditing protocol in ID-based cryptography recently. However, some existing protocols are vulnerable to forgery attack. In this paper, based on ID-based signature technology, by strengthening information authentication and the computing power of the auditor, we propose an ID-based public auditing protocol for cloud data integrity checking. We also prove that the proposed protocol is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard. Furthermore, we compare the proposed protocol with other two ID-based auditing protocols in security features, communication efficiency and computation cost. The comparisons show that the proposed protocol satisfies more security features with lower computation cost.
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
基金Supported by the National High Technology Research and Development Program of China (863 Program) (2006AA01Z442)the Spanish Government through Projects (E-AEGIS) (TSI2007- 65406-C03-01)+1 种基金(ARES) CONSOLIDER INGENIO 2010 (CSD2007- 00004)the Government of Catalonia (2005 SGR 00446)
文摘In existing software registration schemes, the privacy of users is not taken into account and may be in the risks of abuses. In this paper, we proposed a novel software registration system which can greatly reduce unauthorized use of software while keeping the privacy of users. To the best of our knowledge, this is the first system that the privacy of users is guaranteed in software registration. Our system enjoys a modular design and can be implemented by any secure ID-based partially blind signature scheme. Furthermore, the proposal allows flexible registration information definition. This feature makes our scheme flexible and practical for more software registration applications.
基金Supported by the National Natural Science Foundation of China (60473021) and the Science Foundation of Henan Province (0511010900)
文摘In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.
文摘Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD protocol , which is fully authenticated by a proven-secure ID-based signature scheme. T he protocol can res ist the impersonation attack, and other security attributes are also satisfied. Compared with Choi et al and Du et al schemes, the proposed one is mor e efficient and applicable for dynamic groups.
文摘Peer-to-peer computing has recently started to gain significant acceptance, since it can greatly increase the performance and reliability of overall system. However, the security issue is still a major gating factor for its full adoption. In order to guarantee the security of data exchanged between two peers in Peer-to-Peer system, this paper comes up with an ID-based authenticated key agreement from bilinear pairings and uses BAN logic to prove the protocol’s security. Compared with other existing protocols, the proposed protocol seems more secure and efficient, since it adopts the static shared Diffie-Hellman key.
文摘Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.
基金supported by the National Natural Science Foundation of China(Grant No.91948303)。
文摘Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential.In this paper,a novel Fibonacci sine exponential map is designed,the hyperchaotic performance of which is particularly suitable for image encryption algorithms.An encryption algorithm tailored for handling the multi-band attributes of remote sensing images is proposed.The algorithm combines a three-dimensional synchronized scrambled diffusion operation with chaos to efficiently encrypt multiple images.Moreover,the keys are processed using an elliptic curve cryptosystem,eliminating the need for an additional channel to transmit the keys,thus enhancing security.Experimental results and algorithm analysis demonstrate that the algorithm offers strong security and high efficiency,making it suitable for remote sensing image encryption tasks.
文摘In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any modern company. A companys operational and historical data contains strategic and operational knowledge of ever-increasing added value. The emergence of a new paradigm: big data. Today, the value of the data scattered throughout this mother of knowledge is calculated in billions of dollars, depending on its size, scope and area of intervention. With the rise of computer networks and distributed systems, the threats to these sensitive resources have steadily increased, jeopardizing the existence of the company itself by drying up production and losing the interest of customers and suppliers. These threats range from sabotage to bankruptcy. For several decades now, most companies have been using encryption algorithms to protect and secure their information systems against the threats and dangers posed by the inherent vulnerabilities of their infrastructure and the current economic climate. This vulnerability requires companies to make the right choice of algorithms to implement in their management systems. For this reason, the present work aims to carry out a comparative study of the reliability and effectiveness of symmetrical and asymmetrical cryptosystems, in order to identify one or more suitable for securing academic data in the DRC. The analysis of the robustness of commonly used symmetric and asymmetric cryptosystems will be the subject of simulations in this article.
文摘针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,既可保障隐私信息安全,亦可使得消息具备新鲜性和不确定性。对所设计协议进行安全性分析、基于GNY逻辑形式化证明、性能分析,结果表明该协议具备良好的安全要求、严谨的推理、性能优于其他对比协议。
