Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized ma...Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized management and transmission latency of the cloud makes it difficult to support real-time processing and distributed access structures.As a result,fog computing and the Internet of Things(IoT)have emerged as crucial applications.Fog-assisted proxy re-encryption is a commonly adopted technique for sharing cloud ciphertexts.It allows a semitrusted proxy to transforma data owner’s ciphertext into another re-encrypted ciphertext intended for a data requester,without compromising any information about the original ciphertext.Yet,the user revocation and cloud ciphertext renewal problems still lack effective and secure mechanisms.Motivated by it,we propose a revocable conditional proxy re-encryption scheme offering ciphertext evolution(R-CPRE-CE).In particular,a periodically updated time key is used to revoke the user’s access privileges while an access condition prevents a malicious proxy from reencrypting unauthorized ciphertext.We also demonstrate that our scheme is provably secure under the notion of indistinguishability against adaptively chosen identity and chosen ciphertext attacks in the random oracle model.Performance analysis shows that our scheme reduces the computation time for a complete data access cycle from an initial query to the final decryption by approximately 47.05%compared to related schemes.展开更多
In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext unde...In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.展开更多
In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called mult...In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been ...Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure.展开更多
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur...With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.展开更多
Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud ar...Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud architecture,makes it difficult to quickly respond to the demands of IoT applications and local computation.To make up for these deficiencies in the cloud,fog computing has emerged as a critical role in the IoT applications.It decentralizes the computing power to various lower nodes close to data sources,so as to achieve the goal of low latency and distributed processing.With the data being frequently exchanged and shared between multiple nodes,it becomes a challenge to authorize data securely and efficiently while protecting user privacy.To address this challenge,proxy re-encryption(PRE)schemes provide a feasible way allowing an intermediary proxy node to re-encrypt ciphertext designated for different authorized data requesters without compromising any plaintext information.Since the proxy is viewed as a semi-trusted party,it should be taken to prevent malicious behaviors and reduce the risk of data leakage when implementing PRE schemes.This paper proposes a new fog-assisted identity-based PRE scheme supporting anonymous key generation,equality test,and user revocation to fulfill various IoT application requirements.Specifically,in a traditional identity-based public key architecture,the key escrow problem and the necessity of a secure channel are major security concerns.We utilize an anonymous key generation technique to solve these problems.The equality test functionality further enables a cloud server to inspect whether two candidate trapdoors contain an identical keyword.In particular,the proposed scheme realizes fine-grained user-level authorization while maintaining strong key confidentiality.To revoke an invalid user identity,we add a revocation list to the system flows to restrict access privileges without increasing additional computation cost.To ensure security,it is shown that our system meets the security notion of IND-PrID-CCA and OW-ID-CCA under the Decisional Bilinear Diffie-Hellman(DBDH)assumption.展开更多
Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal ...Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal services even when certain proxy servers are paralyzed or damaged.A non-interactive identity-based TPRE(IB-TPRE)scheme over lattices is proposed which removes the public key certificates.To accomplish this scheme,Shamir’s secret sharing is employed twice,which not only effectively hides the delegator’s private key information,but also decentralizes the proxy power by splitting the re-encryption key.Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share.This property is achieved by lattice-based fully homomorphic signatures.As a result,the whole scheme is thoroughly capable of resisting quantum attacks even when they are available.The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model.Two typical application scenarios,including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography,are presented.展开更多
With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the...With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.展开更多
Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribu...Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.展开更多
With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,bus...With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment.展开更多
Proxy re-encryption(PRE)allows users to transfer decryption rights to the data requester via proxy.Due to the current PRE schemes from lattice(LPRE)cannot fulfill chosen-ciphertext attack(CCA)security,an identity-base...Proxy re-encryption(PRE)allows users to transfer decryption rights to the data requester via proxy.Due to the current PRE schemes from lattice(LPRE)cannot fulfill chosen-ciphertext attack(CCA)security,an identity-based PRE(IB-PRE)scheme from learning with errors over ring(RLWE)assumption with ciphertext evolution(IB-LPRE-CE)was proposed.IB-LPRE-CE generates the private key using the preimage sampling algorithm(SamplePre)and completes the ciphertext delegation using the re-encryption algorithm.In addition,for the problem of ciphertext delegation change caused by the long-term secret key update,the idea of PRE is used to complete ciphertext evolution and the modification of ciphertext delegation,which improves the efficiency of secure data sharing.In terms of security,IB-LPRE-CE is CCA security based on RLWE assumption.Compared with the current LPRE schemes,IB-LPRE-CE offers greater security and improves the computational efficiency of the encryption algorithm.展开更多
The strong convergence of an explicit full-discrete scheme is investigated for the stochastic Burgers-Huxley equation driven by additive space-time white noise,which possesses both Burgers-type and cubic nonlinearitie...The strong convergence of an explicit full-discrete scheme is investigated for the stochastic Burgers-Huxley equation driven by additive space-time white noise,which possesses both Burgers-type and cubic nonlinearities.To discretize the continuous problem in space,we utilize a spectral Galerkin method.Subsequently,we introduce a nonlinear-tamed exponential integrator scheme,resulting in a fully discrete scheme.Within the framework of semigroup theory,this study provides precise estimations of the Sobolev regularity,L^(∞) regularity in space,and Hölder continuity in time for the mild solution,as well as for its semi-discrete and full-discrete approximations.Building upon these results,we establish moment boundedness for the numerical solution and obtain strong convergence rates in both spatial and temporal dimensions.A numerical example is presented to validate the theoretical findings.展开更多
As blockchain technology rapidly evolves,smart contracts have seen widespread adoption in financial transactions and beyond.However,the growing prevalence of malicious Ponzi scheme contracts presents serious security ...As blockchain technology rapidly evolves,smart contracts have seen widespread adoption in financial transactions and beyond.However,the growing prevalence of malicious Ponzi scheme contracts presents serious security threats to blockchain ecosystems.Although numerous detection techniques have been proposed,existing methods suffer from significant limitations,such as class imbalance and insufficient modeling of transaction-related semantic features.To address these challenges,this paper proposes an oversampling-based detection framework for Ponzi smart contracts.We enhance the Adaptive Synthetic Sampling(ADASYN)algorithm by incorporating sample proximity to decision boundaries and ensuring realistic sample distributions.This enhancement facilitates the generation of high-quality minority class samples and effectively mitigates class imbalance.In addition,we design a Contract Transaction Graph(CTG)construction algorithm to preserve key transactional semantics through feature extraction from contract code.A graph neural network(GNN)is then applied for classification.This study employs a publicly available dataset from the XBlock platform,consisting of 318 verified Ponzi contracts and 6498 benign contracts.Sourced from real Ethereum deployments,the dataset reflects diverse application scenarios and captures the varied characteristics of Ponzi schemes.Experimental results demonstrate that our approach achieves an accuracy of 96%,a recall of 92%,and an F1-score of 94%in detecting Ponzi contracts,outperforming state-of-the-art methods.展开更多
Clouds play an important role in global atmospheric energy and water vapor budgets, and the low cloud simulations suffer from large biases in many atmospheric general circulation models. In this study, cloud microphys...Clouds play an important role in global atmospheric energy and water vapor budgets, and the low cloud simulations suffer from large biases in many atmospheric general circulation models. In this study, cloud microphysical processes such as raindrop evaporation and cloud water accretion in a double-moment six-class cloud microphysics scheme were revised to enhance the simulation of low clouds using the Global-Regional Integrated Forecast System(GRIST)model. The validation of the revised scheme using a single-column version of the GRIST demonstrated a reasonable reduction in liquid water biases. The revised parameterization simulated medium-and low-level cloud fractions that were in better agreement with the observations than the original scheme. Long-term global simulations indicate the mitigation of the originally overestimated low-level cloud fraction and cloud-water mixing ratio in mid-to high-latitude regions,primarily owing to enhanced accretion processes and weakened raindrop evaporation. The reduced low clouds with the revised scheme showed better consistency with satellite observations, particularly at mid-and high-latitudes. Further improvements can be observed in the simulated cloud shortwave radiative forcing and vertical distribution of total cloud cover. Annual precipitation in mid-latitude regions has also improved, particularly over the oceans, with significantly increased large-scale and decreased convective precipitation.展开更多
In this paper,we present a finite volume trigonometric weighted essentially non-oscillatory(TWENO)scheme to solve nonlinear degenerate parabolic equations that may exhibit non-smooth solutions.The present method is de...In this paper,we present a finite volume trigonometric weighted essentially non-oscillatory(TWENO)scheme to solve nonlinear degenerate parabolic equations that may exhibit non-smooth solutions.The present method is developed using the trigonometric scheme,which is based on zero,first,and second moments,and the direct discontinuous Galerkin(DDG)flux is used to discretize the diffusion term.Moreover,the DDG method directly applies the weak form of the parabolic equation to each computational cell,which can better capture the characteristics of the solution,especially the discontinuous solution.Meanwhile,the third-order TVD-Runge-Kutta method is applied for temporal discretization.Finally,the effectiveness and stability of the method constructed in this paper are evaluated through numerical tests.展开更多
This study proposes a class of augmented subspace schemes for the weak Galerkin(WG)finite element method used to solve eigenvalue problems.The augmented subspace is built with the conforming linear finite element spac...This study proposes a class of augmented subspace schemes for the weak Galerkin(WG)finite element method used to solve eigenvalue problems.The augmented subspace is built with the conforming linear finite element space defined on the coarse mesh and the eigen-function approximations in the WG finite element space defined on the fine mesh.Based on this augmented subspace,solving the eigenvalue problem in the fine WG finite element space can be reduced to the solution of the linear boundary value problem in the same WG finite element space and a low dimensional eigenvalue problem in the augmented sub-space.The proposed augmented subspace techniques have the second order convergence rate with respect to the coarse mesh size,as demonstrated by the accompanying error esti-mates.Finally,a few numerical examples are provided to validate the proposed numerical techniques.展开更多
In this paper,we propose and analyze two second-order accurate finite difference schemes for the one-dimensional heat equation with concentrated capacity on a computa-tional domain=[a,b].We first transform the target ...In this paper,we propose and analyze two second-order accurate finite difference schemes for the one-dimensional heat equation with concentrated capacity on a computa-tional domain=[a,b].We first transform the target equation into the standard heat equation on the domain excluding the singular point equipped with an inner interface matching(IIM)condition on the singular point x=ξ∈(a,b),then adopt Taylor’s ex-pansion to approximate the IIM condition at the singular point and apply second-order finite difference method to approximate the standard heat equation at the nonsingular points.This discrete procedure allows us to choose different grid sizes to partition the two sub-domains[a,ξ]and[ξ,b],which ensures that x=ξ is a grid point,and hence the pro-posed schemes can be generalized to the heat equation with more than one concentrated capacities.We prove that the two proposed schemes are uniquely solvable.And through in-depth analysis of the local truncation errors,we rigorously prove that the two schemes are second-order accurate both in temporal and spatial directions in the maximum norm without any constraint on the grid ratio.Numerical experiments are carried out to verify our theoretical conclusions.展开更多
This paper deals with the numerical solutions of two-dimensional(2D)semi-linear reaction-diffusion equations(SLRDEs)with piecewise continuous argument(PCA)in reaction term.A high-order compact difference method called...This paper deals with the numerical solutions of two-dimensional(2D)semi-linear reaction-diffusion equations(SLRDEs)with piecewise continuous argument(PCA)in reaction term.A high-order compact difference method called Ⅰ-type basic scheme is developed for solving the equations and it is proved under the suitable conditions that this method has the computational accuracy O(τ^(2)+h_(x)^(4)+h_(y)^(4)),where τ,h_(x )and h_(y) are the calculation stepsizes of the method in t-,x-and y-direction,respectively.With the above method and Newton linearized technique,a Ⅱ-type basic scheme is also suggested.Based on the both basic schemes,the corresponding Ⅰ-and Ⅱ-type alternating direction implicit(ADI)schemes are derived.Finally,with a series of numerical experiments,the computational accuracy and efficiency of the four numerical schemes are further illustrated.展开更多
基金supported in part by the National Science and Technology Council of Republic of China under the contract numbers NSTC 114-2221-E-019-055-MY2NSTC 114-2221-E-019-069.
文摘Cloud data sharing is an important issue in modern times.To maintain the privacy and confidentiality of data stored in the cloud,encryption is an inevitable process before uploading the data.However,the centralized management and transmission latency of the cloud makes it difficult to support real-time processing and distributed access structures.As a result,fog computing and the Internet of Things(IoT)have emerged as crucial applications.Fog-assisted proxy re-encryption is a commonly adopted technique for sharing cloud ciphertexts.It allows a semitrusted proxy to transforma data owner’s ciphertext into another re-encrypted ciphertext intended for a data requester,without compromising any information about the original ciphertext.Yet,the user revocation and cloud ciphertext renewal problems still lack effective and secure mechanisms.Motivated by it,we propose a revocable conditional proxy re-encryption scheme offering ciphertext evolution(R-CPRE-CE).In particular,a periodically updated time key is used to revoke the user’s access privileges while an access condition prevents a malicious proxy from reencrypting unauthorized ciphertext.We also demonstrate that our scheme is provably secure under the notion of indistinguishability against adaptively chosen identity and chosen ciphertext attacks in the random oracle model.Performance analysis shows that our scheme reduces the computation time for a complete data access cycle from an initial query to the final decryption by approximately 47.05%compared to related schemes.
基金the Natural Science Foundation of Shandong Province (Y2007G37)the Science and Technology Development Program of Shandong Province (2007GG10001012)
文摘In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.
基金supported,in part,by the National Nature Science Foundation of China under grant numbers 61502240,61502096,61304205,61773219in part,by the Natural Science Foundation of Jiangsu Province under Grant Numbers BK20191401。
文摘In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
基金The project is provided funding by the Natural Science Foundation of China(Nos.62272124,2022YFB2701400)the Science and Technology Program of Guizhou Province(No.[2020]5017)+3 种基金the Research Project of Guizhou University for Talent Introduction(No.[2020]61)the Cultivation Project of Guizhou University(No.[2019]56)the Open Fund of Key Laboratory of Advanced Manufacturing Technology,Ministry of Education,GZUAMT2021KF[01]the Postgraduate Innovation Program in Guizhou Province(No.YJSKYJJ[2021]028).
文摘Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure.
基金supported by National Key Research and Development Project(No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034)。
文摘With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.
基金supported in part by the National Science and Technology Council of Taiwan under the contract numbers NSTC 114-2221-E-019-055-MY2 and NSTC 114-2221-E-019-069.
文摘Cloud services,favored by many enterprises due to their high flexibility and easy operation,are widely used for data storage and processing.However,the high latency,together with transmission overheads of the cloud architecture,makes it difficult to quickly respond to the demands of IoT applications and local computation.To make up for these deficiencies in the cloud,fog computing has emerged as a critical role in the IoT applications.It decentralizes the computing power to various lower nodes close to data sources,so as to achieve the goal of low latency and distributed processing.With the data being frequently exchanged and shared between multiple nodes,it becomes a challenge to authorize data securely and efficiently while protecting user privacy.To address this challenge,proxy re-encryption(PRE)schemes provide a feasible way allowing an intermediary proxy node to re-encrypt ciphertext designated for different authorized data requesters without compromising any plaintext information.Since the proxy is viewed as a semi-trusted party,it should be taken to prevent malicious behaviors and reduce the risk of data leakage when implementing PRE schemes.This paper proposes a new fog-assisted identity-based PRE scheme supporting anonymous key generation,equality test,and user revocation to fulfill various IoT application requirements.Specifically,in a traditional identity-based public key architecture,the key escrow problem and the necessity of a secure channel are major security concerns.We utilize an anonymous key generation technique to solve these problems.The equality test functionality further enables a cloud server to inspect whether two candidate trapdoors contain an identical keyword.In particular,the proposed scheme realizes fine-grained user-level authorization while maintaining strong key confidentiality.To revoke an invalid user identity,we add a revocation list to the system flows to restrict access privileges without increasing additional computation cost.To ensure security,it is shown that our system meets the security notion of IND-PrID-CCA and OW-ID-CCA under the Decisional Bilinear Diffie-Hellman(DBDH)assumption.
基金Project supported by the National Natural Science Foundation of China(Nos.U1636114,61572521,and 61772550)the Innovative Research Team in Engineering University of People’s Armed Police,China(No.KYTD201805)+1 种基金the Natural Science Foundation of Shaanxi Province,China(No.2021JM-252)the Basic Research Project of Engineering University of People’s Armed Police,China(No.WJY201914)。
文摘Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal services even when certain proxy servers are paralyzed or damaged.A non-interactive identity-based TPRE(IB-TPRE)scheme over lattices is proposed which removes the public key certificates.To accomplish this scheme,Shamir’s secret sharing is employed twice,which not only effectively hides the delegator’s private key information,but also decentralizes the proxy power by splitting the re-encryption key.Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share.This property is achieved by lattice-based fully homomorphic signatures.As a result,the whole scheme is thoroughly capable of resisting quantum attacks even when they are available.The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model.Two typical application scenarios,including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography,are presented.
基金supported by the National Natural Science Foundation of China(Grant No.U24B20146)the National Key Research and Development Plan in China(Grant No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034).
文摘With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.
基金Programs for Science and Technology Development of Henan Province,grant number 242102210152The Fundamental Research Funds for the Universities of Henan Province,grant number NSFRF240620+1 种基金Key Scientific Research Project of Henan Higher Education Institutions,grant number 24A520015Henan Key Laboratory of Network Cryptography Technology,grant number LNCT2022-A11.
文摘Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.
基金This work is supported by“13th Five-Year”National Crypto Development Fund(No.MMJJ20170122)Zhejiang Provincial Natural Science Foundation of China(No.Y15F020053)+1 种基金the Project of Education Department of Henan Province(No.18A413001,No.16A520013)Natural Science Foundation of Henan Polytechnic University(No.T2018-1).
文摘With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment.
基金supported by the Henan Key Laboratory of Network Cryptography Technology(LNCT2022-A11)the Shaanxi Key Laboratory of Information Communication Network and Security(ICNS202006)。
文摘Proxy re-encryption(PRE)allows users to transfer decryption rights to the data requester via proxy.Due to the current PRE schemes from lattice(LPRE)cannot fulfill chosen-ciphertext attack(CCA)security,an identity-based PRE(IB-PRE)scheme from learning with errors over ring(RLWE)assumption with ciphertext evolution(IB-LPRE-CE)was proposed.IB-LPRE-CE generates the private key using the preimage sampling algorithm(SamplePre)and completes the ciphertext delegation using the re-encryption algorithm.In addition,for the problem of ciphertext delegation change caused by the long-term secret key update,the idea of PRE is used to complete ciphertext evolution and the modification of ciphertext delegation,which improves the efficiency of secure data sharing.In terms of security,IB-LPRE-CE is CCA security based on RLWE assumption.Compared with the current LPRE schemes,IB-LPRE-CE offers greater security and improves the computational efficiency of the encryption algorithm.
基金partially supported by the National Natural Science Foundation of China(Grant No.12071073)financial support by the Jiangsu Provincial Scientific Research Center of Applied Mathematics(Grant No.BK20233002).
文摘The strong convergence of an explicit full-discrete scheme is investigated for the stochastic Burgers-Huxley equation driven by additive space-time white noise,which possesses both Burgers-type and cubic nonlinearities.To discretize the continuous problem in space,we utilize a spectral Galerkin method.Subsequently,we introduce a nonlinear-tamed exponential integrator scheme,resulting in a fully discrete scheme.Within the framework of semigroup theory,this study provides precise estimations of the Sobolev regularity,L^(∞) regularity in space,and Hölder continuity in time for the mild solution,as well as for its semi-discrete and full-discrete approximations.Building upon these results,we establish moment boundedness for the numerical solution and obtain strong convergence rates in both spatial and temporal dimensions.A numerical example is presented to validate the theoretical findings.
基金supported by the Key Project of Joint Fund of the National Natural Science Foundation of China“Research on Key Technologies and Demonstration Applications for Trusted and Secure Data Circulation and Trading”(U24A20241)the National Natural Science Foundation of China“Research on Trusted Theories and Key Technologies of Data Security Trading Based on Blockchain”(62202118)+4 种基金the Major Scientific and Technological Special Project of Guizhou Province([2024]014)Scientific and Technological Research Projects from the Guizhou Education Department(Qian jiao ji[2023]003)the Hundred-Level Innovative Talent Project of the Guizhou Provincial Science and Technology Department(Qiankehe Platform Talent-GCC[2023]018)the Major Project of Guizhou Province“Research and Application of Key Technologies for Trusted Large Models Oriented to Public Big Data”(Qiankehe Major Project[2024]003)the Guizhou Province Computational Power Network Security Protection Science and Technology Innovation Talent Team(Qiankehe Talent CXTD[2025]029).
文摘As blockchain technology rapidly evolves,smart contracts have seen widespread adoption in financial transactions and beyond.However,the growing prevalence of malicious Ponzi scheme contracts presents serious security threats to blockchain ecosystems.Although numerous detection techniques have been proposed,existing methods suffer from significant limitations,such as class imbalance and insufficient modeling of transaction-related semantic features.To address these challenges,this paper proposes an oversampling-based detection framework for Ponzi smart contracts.We enhance the Adaptive Synthetic Sampling(ADASYN)algorithm by incorporating sample proximity to decision boundaries and ensuring realistic sample distributions.This enhancement facilitates the generation of high-quality minority class samples and effectively mitigates class imbalance.In addition,we design a Contract Transaction Graph(CTG)construction algorithm to preserve key transactional semantics through feature extraction from contract code.A graph neural network(GNN)is then applied for classification.This study employs a publicly available dataset from the XBlock platform,consisting of 318 verified Ponzi contracts and 6498 benign contracts.Sourced from real Ethereum deployments,the dataset reflects diverse application scenarios and captures the varied characteristics of Ponzi schemes.Experimental results demonstrate that our approach achieves an accuracy of 96%,a recall of 92%,and an F1-score of 94%in detecting Ponzi contracts,outperforming state-of-the-art methods.
基金National Natural Science Foundation of China(42375153,42105153,42205157)Development of Science and Technology at Chinese Academy of Meteorological Sciences(2023KJ038)。
文摘Clouds play an important role in global atmospheric energy and water vapor budgets, and the low cloud simulations suffer from large biases in many atmospheric general circulation models. In this study, cloud microphysical processes such as raindrop evaporation and cloud water accretion in a double-moment six-class cloud microphysics scheme were revised to enhance the simulation of low clouds using the Global-Regional Integrated Forecast System(GRIST)model. The validation of the revised scheme using a single-column version of the GRIST demonstrated a reasonable reduction in liquid water biases. The revised parameterization simulated medium-and low-level cloud fractions that were in better agreement with the observations than the original scheme. Long-term global simulations indicate the mitigation of the originally overestimated low-level cloud fraction and cloud-water mixing ratio in mid-to high-latitude regions,primarily owing to enhanced accretion processes and weakened raindrop evaporation. The reduced low clouds with the revised scheme showed better consistency with satellite observations, particularly at mid-and high-latitudes. Further improvements can be observed in the simulated cloud shortwave radiative forcing and vertical distribution of total cloud cover. Annual precipitation in mid-latitude regions has also improved, particularly over the oceans, with significantly increased large-scale and decreased convective precipitation.
基金The Natural Science Foundation of Xinjiang Uygur Autonomous Region of China“RBF-Hermite difference scheme for the time-fractional kdv-Burgers equation”(2024D01C43)。
文摘In this paper,we present a finite volume trigonometric weighted essentially non-oscillatory(TWENO)scheme to solve nonlinear degenerate parabolic equations that may exhibit non-smooth solutions.The present method is developed using the trigonometric scheme,which is based on zero,first,and second moments,and the direct discontinuous Galerkin(DDG)flux is used to discretize the diffusion term.Moreover,the DDG method directly applies the weak form of the parabolic equation to each computational cell,which can better capture the characteristics of the solution,especially the discontinuous solution.Meanwhile,the third-order TVD-Runge-Kutta method is applied for temporal discretization.Finally,the effectiveness and stability of the method constructed in this paper are evaluated through numerical tests.
基金partly supported by the Beijing Natural Science Foundation(Grant No.Z200003)by the National Natural Science Foundation of China(Grant Nos.12331015,12301475,12301465)+1 种基金by the National Center for Mathematics and Interdisciplinary Science,Chinese Academy of Sciencesby the Research Foundation for the Beijing University of Technology New Faculty(Grant No.006000514122516).
文摘This study proposes a class of augmented subspace schemes for the weak Galerkin(WG)finite element method used to solve eigenvalue problems.The augmented subspace is built with the conforming linear finite element space defined on the coarse mesh and the eigen-function approximations in the WG finite element space defined on the fine mesh.Based on this augmented subspace,solving the eigenvalue problem in the fine WG finite element space can be reduced to the solution of the linear boundary value problem in the same WG finite element space and a low dimensional eigenvalue problem in the augmented sub-space.The proposed augmented subspace techniques have the second order convergence rate with respect to the coarse mesh size,as demonstrated by the accompanying error esti-mates.Finally,a few numerical examples are provided to validate the proposed numerical techniques.
基金supported by the National Natural Science Foundation of China(Grant No.11571181)by the Natural Science Foundation of Jiangsu Province(Grant No.BK20171454).
文摘In this paper,we propose and analyze two second-order accurate finite difference schemes for the one-dimensional heat equation with concentrated capacity on a computa-tional domain=[a,b].We first transform the target equation into the standard heat equation on the domain excluding the singular point equipped with an inner interface matching(IIM)condition on the singular point x=ξ∈(a,b),then adopt Taylor’s ex-pansion to approximate the IIM condition at the singular point and apply second-order finite difference method to approximate the standard heat equation at the nonsingular points.This discrete procedure allows us to choose different grid sizes to partition the two sub-domains[a,ξ]and[ξ,b],which ensures that x=ξ is a grid point,and hence the pro-posed schemes can be generalized to the heat equation with more than one concentrated capacities.We prove that the two proposed schemes are uniquely solvable.And through in-depth analysis of the local truncation errors,we rigorously prove that the two schemes are second-order accurate both in temporal and spatial directions in the maximum norm without any constraint on the grid ratio.Numerical experiments are carried out to verify our theoretical conclusions.
文摘This paper deals with the numerical solutions of two-dimensional(2D)semi-linear reaction-diffusion equations(SLRDEs)with piecewise continuous argument(PCA)in reaction term.A high-order compact difference method called Ⅰ-type basic scheme is developed for solving the equations and it is proved under the suitable conditions that this method has the computational accuracy O(τ^(2)+h_(x)^(4)+h_(y)^(4)),where τ,h_(x )and h_(y) are the calculation stepsizes of the method in t-,x-and y-direction,respectively.With the above method and Newton linearized technique,a Ⅱ-type basic scheme is also suggested.Based on the both basic schemes,the corresponding Ⅰ-and Ⅱ-type alternating direction implicit(ADI)schemes are derived.Finally,with a series of numerical experiments,the computational accuracy and efficiency of the four numerical schemes are further illustrated.
