With the rapid development of Cloud-Edge-End(CEE)computing,the demand for secure and lightweight communication protocols is increasingly critical,particularly for latency-sensitive applications such as smart manufactu...With the rapid development of Cloud-Edge-End(CEE)computing,the demand for secure and lightweight communication protocols is increasingly critical,particularly for latency-sensitive applications such as smart manufacturing,healthcare,and real-time monitoring.While traditional cryptographic schemes offer robust protection,they often impose excessive computational and energy overhead,rendering them unsuitable for use in resource-constrained edge and end devices.To address these challenges,in this paper,we propose a novel lightweight encryption framework,namely Dynamic Session Key Allocation with Time-Indexed Ascon(DSKA-TIA).Built upon the NIST-endorsed Ascon algorithm,the DSKA-TIA introduces a time-indexed session key generation mechanism that derives unique,ephemeral keys for each communication round.The scheme supports bidirectional key separation to isolate uplink and downlink data,thereby minimizing the risk of key reuse and compromise.Additionally,mutual authentication is integrated through nonce-based validation and one-time token exchanges,ensuring entity legitimacy and protection against impersonation and replay attacks.We validate the performance of DSKA-TIA through implementation on a resource-constrained microcontroller platform.Results show that our scheme achieves significantly lower latency and computational cost compared to baseline schemes such as AES and standard Ascon.Security analysis demonstrates high entropy in key generation,resistance to brute-force and replay attacks,and robustness against eavesdropping and key compromise.The protocol also exhibits resilience to quantum computing threats by relying on symmetric encryption principles and randomized key selection.Given its efficiency,scalability,and temporal security enhancements,DSKA-TIA is well-suited for real-time,secure communication in heterogeneous CEE environments.Future work will explore post-quantum extensions and deployment in domains such as smart agriculture and edge-based healthcare.展开更多
Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (C...Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (CB-AK) protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart's protocol.展开更多
Many organizations have insisted on protecting the cloud server from the outside,although the risks of attacking the cloud server are mostly from the inside.There are many algorithms designed to protect the cloud serv...Many organizations have insisted on protecting the cloud server from the outside,although the risks of attacking the cloud server are mostly from the inside.There are many algorithms designed to protect the cloud server from attacks that have been able to protect the cloud server attacks.Still,the attackers have designed even better mechanisms to break these security algorithms.Cloud cryptography is the best data protection algorithm that exchanges data between authentic users.In this article,one symmetric cryptography algorithm will be designed to secure cloud server data,used to send and receive cloud server data securely.A double encryption algorithm will be implemented to send data in a secure format.First,the XOR function will be applied to plain text,and then salt technique will be used.Finally,a reversing mechanism will be implemented on that data to provide more data security.To decrypt data,the cipher text will be reversed,salt will be removed,andXORwill be implemented.At the end of the paper,the proposed algorithm will be compared with other algorithms,and it will conclude how much better the existing algorithm is than other algorithms.展开更多
Cloud computing is a kind of computing that depends on shared figuring assets instead of having nearby servers or individual gadgets to deal with applications. Technology is moving to the cloud more and more. It’s no...Cloud computing is a kind of computing that depends on shared figuring assets instead of having nearby servers or individual gadgets to deal with applications. Technology is moving to the cloud more and more. It’s not just a trend, the shift away from ancient package models to package as service has steadily gained momentum over the last ten years. Looking forward, the following decade of cloud computing guarantees significantly more approaches to work from anyplace, utilizing cell phones. Cloud computing focused on better performances, better scalability and resource consumption but it also has some security issue with the data stored in it. The proposed algorithm intents to come with some solutions that will reduce the security threats and ensure far better security to the data stored in cloud.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It ...An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.展开更多
Cryptography is the study that provides security service. It concerns with confidentiality, integrity, and authentication. Public key cryptography provides an enormous revolution in the field of the cryptosystem. It u...Cryptography is the study that provides security service. It concerns with confidentiality, integrity, and authentication. Public key cryptography provides an enormous revolution in the field of the cryptosystem. It uses two different keys where keys are related in such a way that, the public key can use to encrypt the message and private key can be used to decrypt the message. This paper proposed an enhanced and modified approach of RSA cryptosystem based on “n” distinct prime number. This existence of “n” prime number increases the difficulty of the factoring of the variable “N” which increases the complexity of the algorithm. In this approach, two different public key and private key generated from the large factor of the variable “N” and perform a double encryption-decryption operation which affords more security. Experiment on a set of a random number provided that the key generation time, analysis of variable “N”, encryption and decryption will take a long time compared to traditional RSA. Thus, this approach is more efficient, highly secured and not easily breakable.展开更多
文摘With the rapid development of Cloud-Edge-End(CEE)computing,the demand for secure and lightweight communication protocols is increasingly critical,particularly for latency-sensitive applications such as smart manufacturing,healthcare,and real-time monitoring.While traditional cryptographic schemes offer robust protection,they often impose excessive computational and energy overhead,rendering them unsuitable for use in resource-constrained edge and end devices.To address these challenges,in this paper,we propose a novel lightweight encryption framework,namely Dynamic Session Key Allocation with Time-Indexed Ascon(DSKA-TIA).Built upon the NIST-endorsed Ascon algorithm,the DSKA-TIA introduces a time-indexed session key generation mechanism that derives unique,ephemeral keys for each communication round.The scheme supports bidirectional key separation to isolate uplink and downlink data,thereby minimizing the risk of key reuse and compromise.Additionally,mutual authentication is integrated through nonce-based validation and one-time token exchanges,ensuring entity legitimacy and protection against impersonation and replay attacks.We validate the performance of DSKA-TIA through implementation on a resource-constrained microcontroller platform.Results show that our scheme achieves significantly lower latency and computational cost compared to baseline schemes such as AES and standard Ascon.Security analysis demonstrates high entropy in key generation,resistance to brute-force and replay attacks,and robustness against eavesdropping and key compromise.The protocol also exhibits resilience to quantum computing threats by relying on symmetric encryption principles and randomized key selection.Given its efficiency,scalability,and temporal security enhancements,DSKA-TIA is well-suited for real-time,secure communication in heterogeneous CEE environments.Future work will explore post-quantum extensions and deployment in domains such as smart agriculture and edge-based healthcare.
基金Supported by the National Natural Science Founda-tion of China (60225007, 60572155) and the Science and Technology Research Project of Shanghai (04DZ07067)
文摘Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (CB-AK) protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart's protocol.
文摘Many organizations have insisted on protecting the cloud server from the outside,although the risks of attacking the cloud server are mostly from the inside.There are many algorithms designed to protect the cloud server from attacks that have been able to protect the cloud server attacks.Still,the attackers have designed even better mechanisms to break these security algorithms.Cloud cryptography is the best data protection algorithm that exchanges data between authentic users.In this article,one symmetric cryptography algorithm will be designed to secure cloud server data,used to send and receive cloud server data securely.A double encryption algorithm will be implemented to send data in a secure format.First,the XOR function will be applied to plain text,and then salt technique will be used.Finally,a reversing mechanism will be implemented on that data to provide more data security.To decrypt data,the cipher text will be reversed,salt will be removed,andXORwill be implemented.At the end of the paper,the proposed algorithm will be compared with other algorithms,and it will conclude how much better the existing algorithm is than other algorithms.
文摘Cloud computing is a kind of computing that depends on shared figuring assets instead of having nearby servers or individual gadgets to deal with applications. Technology is moving to the cloud more and more. It’s not just a trend, the shift away from ancient package models to package as service has steadily gained momentum over the last ten years. Looking forward, the following decade of cloud computing guarantees significantly more approaches to work from anyplace, utilizing cell phones. Cloud computing focused on better performances, better scalability and resource consumption but it also has some security issue with the data stored in it. The proposed algorithm intents to come with some solutions that will reduce the security threats and ensure far better security to the data stored in cloud.
文摘基于数据序列的保密运算可以解决保密的数据查询、保密的数据外包、保密投票、隐私数据的安全共享等多种实际问题,是安全多方计算领域的重要研究方向.两方的序列保密计算已有很多解决方案,但多方序列的保密计算相关的问题和解决方案仍然较少.本文主要研究多方序列相同位置元素和的保密计算和排序问题,其在保密投票、保密选择、保密推荐系统、匿名评价等实际应用中有极其重要的意义.本文首先提出此问题,并给出安全高效的计算协议.协议基于OU公钥密码系统的加法同态性质,在密文上进行多方协同计算,能够在不泄露具体元素与真实和值的情况下给出排序结果.用模拟范例证明了协议在半诚实模型下能够抵抗任意合谋攻击,并通过理论分析和实验证明协议是高效的.当协议参与者有50位、序列元素个数是80时,协议执行时间仅为10.024413 s.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
基金Supported by the National Natural Science Foundation of China(No.60970111,60903189,60903020)the National High Technology Research and Development Programme of China(No.2009AA012418)+1 种基金the National Basic Research Program of China(No.2007CB311201)the Foundation of NLMC(No.9140C1103020803)
文摘An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.
文摘Cryptography is the study that provides security service. It concerns with confidentiality, integrity, and authentication. Public key cryptography provides an enormous revolution in the field of the cryptosystem. It uses two different keys where keys are related in such a way that, the public key can use to encrypt the message and private key can be used to decrypt the message. This paper proposed an enhanced and modified approach of RSA cryptosystem based on “n” distinct prime number. This existence of “n” prime number increases the difficulty of the factoring of the variable “N” which increases the complexity of the algorithm. In this approach, two different public key and private key generated from the large factor of the variable “N” and perform a double encryption-decryption operation which affords more security. Experiment on a set of a random number provided that the key generation time, analysis of variable “N”, encryption and decryption will take a long time compared to traditional RSA. Thus, this approach is more efficient, highly secured and not easily breakable.
