With increasing demand for data circulation,ensuring data security and privacy is paramount,specifically protecting privacy while maximizing utility.Blockchain,while decentralized and transparent,faces challenges in p...With increasing demand for data circulation,ensuring data security and privacy is paramount,specifically protecting privacy while maximizing utility.Blockchain,while decentralized and transparent,faces challenges in privacy protection and data verification,especially for sensitive data.Existing schemes often suffer from inefficiency and high overhead.We propose a privacy protection scheme using BGV homomorphic encryption and Pedersen Secret Sharing.This scheme enables secure computation on encrypted data,with Pedersen sharding and verifying the private key,ensuring data consistency and immutability.The blockchain framework manages key shards,verifies secrets,and aids security auditing.This approach allows for trusted computation without revealing the underlying data.Preliminary results demonstrate the scheme's feasibility in ensuring data privacy and security,making data available but not visible.This study provides an effective solution for data sharing and privacy protection in blockchain applications.展开更多
Ciphertext data retrieval in cloud databases suffers from some critical limitations,such as inadequate security measures,disorganized key management practices,and insufficient retrieval access control capabilities.To ...Ciphertext data retrieval in cloud databases suffers from some critical limitations,such as inadequate security measures,disorganized key management practices,and insufficient retrieval access control capabilities.To address these problems,this paper proposes an enhanced Fully Homomorphic Encryption(FHE)algorithm based on an improved DGHV algorithm,coupled with an optimized ciphertext retrieval scheme.Our specific contributions are outlined as follows:First,we employ an authorization code to verify the user’s retrieval authority and perform hierarchical access control on cloud storage data.Second,a triple-key encryption mechanism,which separates the data encryption key,retrieval authorization key,and retrieval key,is designed.Different keys are provided to different entities to run corresponding system functions.The key separation architecture proves particularly advantageous in multi-verifier coexistence scenarios,environments involving untrusted third-party retrieval services.Finally,the enhanced DGHV-based retrieval mechanism extends conventional functionality by enabling multi-keyword queries with similarity-ranked results,thereby significantly improving both the functionality and usability of the FHE system.展开更多
Fully homomorphic encryption is faced with two problems now. One is candidate fully homomorphic encryption schemes are few. Another is that the efficiency of fully homomorphic encryption is a big question. In this pap...Fully homomorphic encryption is faced with two problems now. One is candidate fully homomorphic encryption schemes are few. Another is that the efficiency of fully homomorphic encryption is a big question. In this paper, we propose a fully homomorphic encryption scheme based on LWE, which has better key size. Our main contributions are: (1) According to the binary-LWE recently, we choose secret key from binary set and modify the basic encryption scheme proposed in Linder and Peikert in 2010. We propose a fully homomorphic encryption scheme based on the new basic encryption scheme. We analyze the correctness and give the proof of the security of our scheme. The public key, evaluation keys and tensored ciphertext have better size in our scheme. (2) Estimating parameters for fully homomorphic encryption scheme is an important work. We estimate the concert parameters for our scheme. We compare these parameters between our scheme and Bral2 scheme. Our scheme have public key and private key that smaller by a factor of about logq than in Bral2 scheme. Tensored ciphertext in our scheme is smaller by a factor of about log2q than in Bral2 scheme. Key switching matrix in our scheme is smaller by a factor of about log3q than in Bra12 scheme.展开更多
A scheme that can realize homomorphic Turing- equivalent privacy-preserving computations is proposed, where the encoding of the Turing machine is independent of its inputs and running time. Several extended private in...A scheme that can realize homomorphic Turing- equivalent privacy-preserving computations is proposed, where the encoding of the Turing machine is independent of its inputs and running time. Several extended private information retrieval protocols based on fully homomorphic encryption are designed, so that the reading and writing of the tape of the Turing machine, as well as the evaluation of the transition function of the Turing machine, can be performed by the permitted Boolean circuits of fully homomorphic encryption schemes. This scheme overwhelms the Turing-machine-to- circuit conversion approach, which also implements the Turing-equivalent computation. The encoding of a Turing- machine-to-circuit conversion approach is dependent on both the input data and the worst-case runtime. The proposed scheme efficiently provides the confidentiality of both program and data of the delegator in the delegator-worker model of outsourced computation against semi-honest workers.展开更多
Although the learning with errors(LWE)-based full homomorphic encryption scheme was the first example of deviation from the original Gentry's blueprint, the scheme did not give detailed conversion process of circui...Although the learning with errors(LWE)-based full homomorphic encryption scheme was the first example of deviation from the original Gentry's blueprint, the scheme did not give detailed conversion process of circuit layer structure, and must rely on bootstrapping technique to achieve full homomorphism. Therefore, through modifying the re-linearization technique proposed by the above scheme, a technique called non-matrix key switching is presented, which includes key switching with re-linearization and pure key switching. The complex matrix operations of existing key switching technique are removed. Combining this technique with modulus switching, a (leveled) fully homomorphic encryption scheme without bootstrapping from LWE is constructed. In order to make circuit layer structure clear, the scheme gives detailed refresh door operation. Finally, we use bootstrapping to upgrade arithmetic circuit to any layer, and make the homomorphic computing capability of the scheme have nothing to circuit depth.展开更多
Homomorphic encryption has giant advantages in the protection of privacy information.In this paper,we present a new kind of probabilistic quantum homomorphic encryption scheme for the universal quantum circuit evaluat...Homomorphic encryption has giant advantages in the protection of privacy information.In this paper,we present a new kind of probabilistic quantum homomorphic encryption scheme for the universal quantum circuit evaluation.Firstly,the pre-shared non-maximally entangled states are utilized as auxiliary resources,which lower the requirements of the quantum channel,to correct the errors in non-Clifford gate evaluation.By using the set synthesized by Clifford gates and T gates,it is feasible to perform the arbitrary quantum computation on the encrypted data.Secondly,our scheme is different from the previous scheme described by the quantum homomorphic encryption algorithm.From the perspective of application,a two-party probabilistic quantum homomorphic encryption scheme is proposed.It is clear what the computation and operation that the client and the server need to perform respectively,as well as the permission to access the data.Finally,the security of probabilistic quantum homomorphic encryption scheme is analyzed in detail.It demonstrates that the scheme has favorable security in three aspects,including privacy data,evaluated data and encryption and decryption keys.展开更多
The significant advantage of the quantum homomorphic encryption scheme is to ensure the perfect security of quantum private data.In this paper,a novel secure multiparty quantum homomorphic encryption scheme is propose...The significant advantage of the quantum homomorphic encryption scheme is to ensure the perfect security of quantum private data.In this paper,a novel secure multiparty quantum homomorphic encryption scheme is proposed,which can complete arbitrary quantum computation on the private data of multiple clients without decryption by an almost dishonest server.Firstly,each client obtains a secure encryption key through the measurement device independent quantum key distribution protocol and encrypts the private data by using the encryption operator and key.Secondly,with the help of the almost dishonest server,the non-maximally entangled states are preshared between the client and the server to correct errors in the homomorphic evaluation of T gates,so as to realize universal quantum circuit evaluation on encrypted data.Thirdly,from the perspective of the application scenario of secure multi-party computation,this work is based on the probabilistic quantum homomorphic encryption scheme,allowing multiple parties to delegate the server to perform the secure homomorphic evaluation.The operation and the permission to access the data performed by the client and the server are clearly pointed out.Finally,a concrete security analysis shows that the proposed multiparty quantum homomorphic encryption scheme can securely resist outside and inside attacks.展开更多
In order to guarantee the user's privacy and the integrity of data when retrieving ciphertext in an untrusted cloud environment, an improved ciphertext retrieval scheme was proposed based on full homomorphic encry...In order to guarantee the user's privacy and the integrity of data when retrieving ciphertext in an untrusted cloud environment, an improved ciphertext retrieval scheme was proposed based on full homomorphic encryption. This scheme can encrypt two bits one time and improve the efficiency of retrieval. Moreover, it has small key space and reduces the storage space. Meanwhile, the homomorphic property of this scheme was proved in detail. The experimental results and comparisons show that the proposed scheme is characterized by increased security, high efficiency and low cost.展开更多
As data analysis often incurs significant communication and computational costs,these tasks are increasingly outsourced to cloud computing platforms.However,this introduces privacy concerns,as sensitive data must be t...As data analysis often incurs significant communication and computational costs,these tasks are increasingly outsourced to cloud computing platforms.However,this introduces privacy concerns,as sensitive data must be transmitted to and processed by untrusted parties.To address this,fully homomorphic encryption(FHE)has emerged as a promising solution for privacy-preserving Machine-Learning-as-a-Service(MLaaS),enabling computation on encrypted data without revealing the plaintext.Nevertheless,FHE remains computationally expensive.As a result,approximate homomorphic encryption(AHE)schemes,such as CKKS,have attracted attention due to their efficiency.In our previous work,we proposed RP-OKC,a CKKS-based clustering scheme implemented via TenSEAL.However,errors inherent to CKKS operations—termed CKKS-errors—can affect the accuracy of the result after decryption.Since these errors can be mitigated through post-decryption rounding,we propose a data pre-scaling technique to increase the number of significant digits and reduce CKKS-errors.Furthermore,we introduce an Operation-Error-Estimation(OEE)table that quantifies upper-bound error estimates for various CKKS operations.This table enables error-aware decryption correction,ensuring alignment between encrypted and plaintext results.We validate our method on K-means clustering using the Kaggle Customer Segmentation dataset.Experimental results confirm that the proposed scheme enhances the accuracy and reliability of privacy-preserving data analysis in cloud environments.展开更多
This paper proposes a strategy for machine learning in the ciphertext domain.The data to be trained in the linear regression equation is encrypted by SHE homomorphic encryption,and then trained in the ciphertext domai...This paper proposes a strategy for machine learning in the ciphertext domain.The data to be trained in the linear regression equation is encrypted by SHE homomorphic encryption,and then trained in the ciphertext domain.At the same time,it is guaranteed that the error of the training results between the ciphertext domain and the plaintext domain is in a controllable range.After the training,the ciphertext can be decrypted and restored to the original plaintext training data.展开更多
Due to the rapid advancement of information technology,data has emerged as the core resource driving decision-making and innovation across all industries.As the foundation of artificial intelligence,machine learning(M...Due to the rapid advancement of information technology,data has emerged as the core resource driving decision-making and innovation across all industries.As the foundation of artificial intelligence,machine learning(ML)has expanded its applications into intelligent recommendation systems,autonomous driving,medical diagnosis,and financial risk assessment.However,it relies on massive datasets,which contain sensitive personal information.Consequently,Privacy-Preserving Machine Learning(PPML)has become a critical research direction.To address the challenges of efficiency and accuracy in encrypted data computation within PPML,Homomorphic Encryption(HE)technology is a crucial solution,owing to its capability to facilitate computations on encrypted data.However,the integration of machine learning and homomorphic encryption technologies faces multiple challenges.Against this backdrop,this paper reviews homomorphic encryption technologies,with a focus on the advantages of the Cheon-Kim-Kim-Song(CKKS)algorithm in supporting approximate floating-point computations.This paper reviews the development of three machine learning techniques:K-nearest neighbors(KNN),K-means clustering,and face recognition-in integration with homomorphic encryption.It proposes feasible schemes for typical scenarios,summarizes limitations and future optimization directions.Additionally,it presents a systematic exploration of the integration of homomorphic encryption and machine learning from the essence of the technology,application implementation,performance trade-offs,technological convergence and future pathways to advance technological development.展开更多
Digital twin is a novel technology that has achieved significant progress in industrial manufactur-ing systems in recent years.In the digital twin envi-ronment,entities in the virtual space collect data from devices i...Digital twin is a novel technology that has achieved significant progress in industrial manufactur-ing systems in recent years.In the digital twin envi-ronment,entities in the virtual space collect data from devices in the physical space to analyze their states.However,since a lot of devices exist in the physical space,the digital twin system needs to aggregate data from multiple devices at the edge gateway.Homomor-phic integrity and confidentiality protections are two important requirements for this data aggregation pro-cess.Unfortunately,existing homomorphic encryp-tion algorithms do not support integrity protection,and existing homomorphic signing algorithms require all signers to use the same signing key,which is not feasible in the digital twin environment.Moreover,for both integrity and confidentiality protections,the homomorphic signing algorithm must be compatible with the aggregation manner of the homomorphic en-cryption algorithm.To address these issues,this paper designs a novel homomorphic aggregation scheme,which allows multiple devices in the physical space to sign different data using different keys and support in-tegrity and confidentiality protections.Finally,the security of the newly designed scheme is analyzed,and its efficiency is evaluated.Experimental results show that our scheme is feasible for real world applications.展开更多
In this study,we investigated privacy-preserving ID3 Decision Tree(PPID3)training and inference based on fully homomorphic encryption(FHE),which has not been actively explored due to the high computational cost associ...In this study,we investigated privacy-preserving ID3 Decision Tree(PPID3)training and inference based on fully homomorphic encryption(FHE),which has not been actively explored due to the high computational cost associated with managing numerous child nodes in an ID3 tree.We propose HEaaN-ID3,a novel approach to realize PPID3 using the Cheon-Kim-Kim-Song(CKKS)scheme.HEaaN-ID3 is the first FHE-based ID3 framework that completes both training and inference without any intermediate decryption,which is especially valuable when decryption keys are inaccessible or a single-cloud security domain is assumed.To enhance computational efficiency,we adopt a modified Gini impurity(MGI)score instead of entropy to evaluate information gain,thereby avoiding costly inverse operations.In addition,we fully leverage the Single Instruction Multiple Data(SIMD)property of CKKS to parallelize computations at multiple tree nodes.Unlike previous approaches that require decryption at each node or rely on two-party secure computation,our method enables a fully non-interactive training and inference pipeline in the encrypted domain.We validated the proposed scheme using UCI datasets with both numerical and nominal features,demonstrating inference accuracy comparable to plaintext implementations in Scikit-Learn.Moreover,experiments show that HEaaN-ID3 significantly reduces training and inference time per node relative to earlier FHE-based approaches.展开更多
A medical image encryption is proposed based on the Fisher-Yates scrambling,filter diffusion and S-box substitution.First,chaotic sequence associated with the plaintext is generated by logistic-sine-cosine system,whic...A medical image encryption is proposed based on the Fisher-Yates scrambling,filter diffusion and S-box substitution.First,chaotic sequence associated with the plaintext is generated by logistic-sine-cosine system,which is used for the scrambling,substitution and diffusion processes.The three-dimensional Fisher-Yates scrambling,S-box substitution and diffusion are employed for the first round of encryption.The chaotic sequence is adopted for secondary encryption to scramble the ciphertext obtained in the first round.Then,three-dimensional filter is applied to diffusion for further useful information hiding.The key to the algorithm is generated by the combination of hash value of plaintext image and the input parameters.It improves resisting ability of plaintext attacks.The security analysis shows that the algorithm is effective and efficient.It can resist common attacks.In addition,the good diffusion effect shows that the scheme can solve the differential attacks encountered in the transmission of medical images and has positive implications for future research.展开更多
We propose an unbounded fully homomorphic encryption scheme, i.e. a scheme that allows one to compute on encrypted data for any desired functions without needing to decrypt the data or knowing the decryption keys. Thi...We propose an unbounded fully homomorphic encryption scheme, i.e. a scheme that allows one to compute on encrypted data for any desired functions without needing to decrypt the data or knowing the decryption keys. This is a rational solution to an old problem proposed by Rivest, Adleman, and Dertouzos [1] in 1978, and to some new problems that appeared in Peikert [2] as open questions 10 and open questions 11 a few years ago. Our scheme is completely different from the breakthrough work [3] of Gentry in 2009. Gentry’s bootstrapping technique constructs a fully homomorphic encryption (FHE) scheme from a somewhat homomorphic one that is powerful enough to evaluate its own decryption function. To date, it remains the only known way of obtaining unbounded FHE. Our construction of an unbounded FHE scheme is straightforward and can handle unbounded homomorphic computation on any refreshed ciphertexts without bootstrapping transformation technique.展开更多
The public key of the integer homomorphic encryption scheme which was proposed by Van Dijk et al. is long, so the scheme is almost impossible to use in practice. By studying the scheme and Coron’s public key compress...The public key of the integer homomorphic encryption scheme which was proposed by Van Dijk et al. is long, so the scheme is almost impossible to use in practice. By studying the scheme and Coron’s public key compression technique, a scheme which is able to encrypt n bits plaintext once was obtained. The scheme improved the efficiency of the decrypting party and increased the number of encrypting parties, so it meets the needs of cloud computing better. The security of the scheme is based on the approximate GCD problem and the sparse-subset sum problem.展开更多
Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application pro...Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application process,and the rapid development of quantum computing also brings the threat of quantum attack to blockchain.In this paper,we propose a lattice-based certificateless fully homomorphic encryption(LCFHE)algorithm based on approximate eigenvector firstly.And we use the lattice-based delegate algorithm and preimage sampling algorithm to extract part of the private key based on certificateless scheme,which is composed of the private key together with the secret value selected by the user,thus effectively avoiding the problems of certificate management and key escrow.Secondly,we propose a post-quantum blockchain transaction privacy protection scheme based on LCFHE algorithm,which uses the ciphertext calculation characteristic of homomorphic encryption to encrypt the account balance and transaction amount,effectively protecting the transaction privacy of users and having the ability to resist quantum attacks.Finally,we analyze the correctness and security of LCFHE algorithm,and the security of the algorithm reduces to the hardness of learning with errors(LWE)hypothesis.展开更多
Due to the development of cloud computing and machine learning,users can upload their data to the cloud for machine learning model training.However,dishonest clouds may infer user data,resulting in user data leakage.P...Due to the development of cloud computing and machine learning,users can upload their data to the cloud for machine learning model training.However,dishonest clouds may infer user data,resulting in user data leakage.Previous schemes have achieved secure outsourced computing,but they suffer from low computational accuracy,difficult-to-handle heterogeneous distribution of data from multiple sources,and high computational cost,which result in extremely poor user experience and expensive cloud computing costs.To address the above problems,we propose amulti-precision,multi-sourced,andmulti-key outsourcing neural network training scheme.Firstly,we design a multi-precision functional encryption computation based on Euclidean division.Second,we design the outsourcing model training algorithm based on a multi-precision functional encryption with multi-sourced heterogeneity.Finally,we conduct experiments on three datasets.The results indicate that our framework achieves an accuracy improvement of 6%to 30%.Additionally,it offers a memory space optimization of 1.0×2^(24) times compared to the previous best approach.展开更多
Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digita...Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.展开更多
With the continuous growth of exponential data in IoT,it is usually chosen to outsource data to the cloud server.However,cloud servers are usually provided by third parties,and there is a risk of privacy leakage.Encry...With the continuous growth of exponential data in IoT,it is usually chosen to outsource data to the cloud server.However,cloud servers are usually provided by third parties,and there is a risk of privacy leakage.Encrypting data can ensure its security,but at the same time,it loses the retrieval function of IoT data.Searchable Encryption(SE)can achieve direct retrieval based on ciphertext data.The traditional searchable encryption scheme has the problems of imperfect function,low retrieval efficiency,inaccurate retrieval results,and centralized cloud servers being vulnerable and untrustworthy.This paper proposes an Efficient searchable encryption scheme supporting fuzzy multi-keyword ranking search on the blockchain.The blockchain and IPFS are used to store the index and encrypted files in a distributed manner respectively.The tamper resistance of the distributed ledger ensures the authenticity of the data.The data retrieval work is performed by the smart contract to ensure the reliability of the data retrieval.The Local Sensitive Hash(LSH)function is combined with the Bloom Filter(BF)to realize the fuzzy multi-keyword retrieval function.In addition,to measure the correlation between keywords and files,a new weighted statistical algorithm combining RegionalWeight Score(RWS)and Term Frequency–Inverse Document Frequency(TF-IDF)is proposed to rank the search results.The balanced binary tree is introduced to establish the index structure,and the index binary tree traversal strategy suitable for this scheme is constructed to optimize the index structure and improve the retrieval efficiency.The experimental results show that the scheme is safe and effective in practical applications.展开更多
基金supported by the National Key Research and Development Plan in China(Grant No.2020YFB1005500)。
文摘With increasing demand for data circulation,ensuring data security and privacy is paramount,specifically protecting privacy while maximizing utility.Blockchain,while decentralized and transparent,faces challenges in privacy protection and data verification,especially for sensitive data.Existing schemes often suffer from inefficiency and high overhead.We propose a privacy protection scheme using BGV homomorphic encryption and Pedersen Secret Sharing.This scheme enables secure computation on encrypted data,with Pedersen sharding and verifying the private key,ensuring data consistency and immutability.The blockchain framework manages key shards,verifies secrets,and aids security auditing.This approach allows for trusted computation without revealing the underlying data.Preliminary results demonstrate the scheme's feasibility in ensuring data privacy and security,making data available but not visible.This study provides an effective solution for data sharing and privacy protection in blockchain applications.
基金supported by the Innovation Program for Quantum Science and technology(2021ZD0301300)supported by the Fundamental Research Funds for the Central Universities(Nos.3282024046,3282024052,3282024058,3282023017).
文摘Ciphertext data retrieval in cloud databases suffers from some critical limitations,such as inadequate security measures,disorganized key management practices,and insufficient retrieval access control capabilities.To address these problems,this paper proposes an enhanced Fully Homomorphic Encryption(FHE)algorithm based on an improved DGHV algorithm,coupled with an optimized ciphertext retrieval scheme.Our specific contributions are outlined as follows:First,we employ an authorization code to verify the user’s retrieval authority and perform hierarchical access control on cloud storage data.Second,a triple-key encryption mechanism,which separates the data encryption key,retrieval authorization key,and retrieval key,is designed.Different keys are provided to different entities to run corresponding system functions.The key separation architecture proves particularly advantageous in multi-verifier coexistence scenarios,environments involving untrusted third-party retrieval services.Finally,the enhanced DGHV-based retrieval mechanism extends conventional functionality by enabling multi-keyword queries with similarity-ranked results,thereby significantly improving both the functionality and usability of the FHE system.
基金The first author would like to thank for the Fund of Jiangsu Innovation Program for Graduate Education,the Fundamental Research Funds for the Central Universities,and Ningbo Natural Science Foundation,the Chinese National Scholarship fund,and also appreciate the benefit to this work from projects in science and technique of Ningbo municipal.The third author would like to thank for Ningbo Natural Science Foundation
文摘Fully homomorphic encryption is faced with two problems now. One is candidate fully homomorphic encryption schemes are few. Another is that the efficiency of fully homomorphic encryption is a big question. In this paper, we propose a fully homomorphic encryption scheme based on LWE, which has better key size. Our main contributions are: (1) According to the binary-LWE recently, we choose secret key from binary set and modify the basic encryption scheme proposed in Linder and Peikert in 2010. We propose a fully homomorphic encryption scheme based on the new basic encryption scheme. We analyze the correctness and give the proof of the security of our scheme. The public key, evaluation keys and tensored ciphertext have better size in our scheme. (2) Estimating parameters for fully homomorphic encryption scheme is an important work. We estimate the concert parameters for our scheme. We compare these parameters between our scheme and Bral2 scheme. Our scheme have public key and private key that smaller by a factor of about logq than in Bral2 scheme. Tensored ciphertext in our scheme is smaller by a factor of about log2q than in Bral2 scheme. Key switching matrix in our scheme is smaller by a factor of about log3q than in Bra12 scheme.
基金The National Basic Research Program of China(973Program)(No.2013CB338003)
文摘A scheme that can realize homomorphic Turing- equivalent privacy-preserving computations is proposed, where the encoding of the Turing machine is independent of its inputs and running time. Several extended private information retrieval protocols based on fully homomorphic encryption are designed, so that the reading and writing of the tape of the Turing machine, as well as the evaluation of the transition function of the Turing machine, can be performed by the permitted Boolean circuits of fully homomorphic encryption schemes. This scheme overwhelms the Turing-machine-to- circuit conversion approach, which also implements the Turing-equivalent computation. The encoding of a Turing- machine-to-circuit conversion approach is dependent on both the input data and the worst-case runtime. The proposed scheme efficiently provides the confidentiality of both program and data of the delegator in the delegator-worker model of outsourced computation against semi-honest workers.
基金Supported by the National 863 Project(2012AA011705)Guangxi Natural Science Foundation(2013GXNSFBB053005)+2 种基金Guangxi Science Research&Technology Development Project(14124004-4-10)Guangdong Natural Science Foundation(2014A030313517)Guangxi Experiment Center of Information Science Foundation
文摘Although the learning with errors(LWE)-based full homomorphic encryption scheme was the first example of deviation from the original Gentry's blueprint, the scheme did not give detailed conversion process of circuit layer structure, and must rely on bootstrapping technique to achieve full homomorphism. Therefore, through modifying the re-linearization technique proposed by the above scheme, a technique called non-matrix key switching is presented, which includes key switching with re-linearization and pure key switching. The complex matrix operations of existing key switching technique are removed. Combining this technique with modulus switching, a (leveled) fully homomorphic encryption scheme without bootstrapping from LWE is constructed. In order to make circuit layer structure clear, the scheme gives detailed refresh door operation. Finally, we use bootstrapping to upgrade arithmetic circuit to any layer, and make the homomorphic computing capability of the scheme have nothing to circuit depth.
基金the Fundamental Research Funds for the Central Universities(Grant No.2019XDA02)the Scientific Research Foundation of North China University of Technology。
文摘Homomorphic encryption has giant advantages in the protection of privacy information.In this paper,we present a new kind of probabilistic quantum homomorphic encryption scheme for the universal quantum circuit evaluation.Firstly,the pre-shared non-maximally entangled states are utilized as auxiliary resources,which lower the requirements of the quantum channel,to correct the errors in non-Clifford gate evaluation.By using the set synthesized by Clifford gates and T gates,it is feasible to perform the arbitrary quantum computation on the encrypted data.Secondly,our scheme is different from the previous scheme described by the quantum homomorphic encryption algorithm.From the perspective of application,a two-party probabilistic quantum homomorphic encryption scheme is proposed.It is clear what the computation and operation that the client and the server need to perform respectively,as well as the permission to access the data.Finally,the security of probabilistic quantum homomorphic encryption scheme is analyzed in detail.It demonstrates that the scheme has favorable security in three aspects,including privacy data,evaluated data and encryption and decryption keys.
基金This work was supported by the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province(Grant No.SKLACSS-202101)NSFC(Grant Nos.62176273,61962009)+3 种基金the Foundation of Guizhou Provincial Key Laboratory of Public Big Data(No.2019BDKFJJ010,2019BDKFJJ014)the Fundamental Re-search Funds for Beijing Municipal Commission of Education,Beijing Urban Governance Re-search Base of North China University of Technology,the Natural Science Foundation of Inner Mongolia(2021MS06006)Baotou Kundulun District Science and technology plan project(YF2020013)Inner Mongolia discipline inspection and supervision big data laboratory open project fund(IMDBD2020020).
文摘The significant advantage of the quantum homomorphic encryption scheme is to ensure the perfect security of quantum private data.In this paper,a novel secure multiparty quantum homomorphic encryption scheme is proposed,which can complete arbitrary quantum computation on the private data of multiple clients without decryption by an almost dishonest server.Firstly,each client obtains a secure encryption key through the measurement device independent quantum key distribution protocol and encrypts the private data by using the encryption operator and key.Secondly,with the help of the almost dishonest server,the non-maximally entangled states are preshared between the client and the server to correct errors in the homomorphic evaluation of T gates,so as to realize universal quantum circuit evaluation on encrypted data.Thirdly,from the perspective of the application scenario of secure multi-party computation,this work is based on the probabilistic quantum homomorphic encryption scheme,allowing multiple parties to delegate the server to perform the secure homomorphic evaluation.The operation and the permission to access the data performed by the client and the server are clearly pointed out.Finally,a concrete security analysis shows that the proposed multiparty quantum homomorphic encryption scheme can securely resist outside and inside attacks.
基金Supported by the Research Program of Chongqing Education Commission(JK15012027,JK1601225)the Chongqing Research Program of Basic Research and Frontier Technology(cstc2017jcyjBX0008)+1 种基金the Graduate Student Research and Innovation Foundation of Chongqing(CYB17026)the Basic Applied Research Program of Qinghai Province(2019-ZJ-7099)
文摘In order to guarantee the user's privacy and the integrity of data when retrieving ciphertext in an untrusted cloud environment, an improved ciphertext retrieval scheme was proposed based on full homomorphic encryption. This scheme can encrypt two bits one time and improve the efficiency of retrieval. Moreover, it has small key space and reduces the storage space. Meanwhile, the homomorphic property of this scheme was proved in detail. The experimental results and comparisons show that the proposed scheme is characterized by increased security, high efficiency and low cost.
基金funded by National Science and Technology Council,Taiwan,grant numbers are 110-2401-H-002-094-MY2 and 112-2221-E-130-001.
文摘As data analysis often incurs significant communication and computational costs,these tasks are increasingly outsourced to cloud computing platforms.However,this introduces privacy concerns,as sensitive data must be transmitted to and processed by untrusted parties.To address this,fully homomorphic encryption(FHE)has emerged as a promising solution for privacy-preserving Machine-Learning-as-a-Service(MLaaS),enabling computation on encrypted data without revealing the plaintext.Nevertheless,FHE remains computationally expensive.As a result,approximate homomorphic encryption(AHE)schemes,such as CKKS,have attracted attention due to their efficiency.In our previous work,we proposed RP-OKC,a CKKS-based clustering scheme implemented via TenSEAL.However,errors inherent to CKKS operations—termed CKKS-errors—can affect the accuracy of the result after decryption.Since these errors can be mitigated through post-decryption rounding,we propose a data pre-scaling technique to increase the number of significant digits and reduce CKKS-errors.Furthermore,we introduce an Operation-Error-Estimation(OEE)table that quantifies upper-bound error estimates for various CKKS operations.This table enables error-aware decryption correction,ensuring alignment between encrypted and plaintext results.We validate our method on K-means clustering using the Kaggle Customer Segmentation dataset.Experimental results confirm that the proposed scheme enhances the accuracy and reliability of privacy-preserving data analysis in cloud environments.
文摘This paper proposes a strategy for machine learning in the ciphertext domain.The data to be trained in the linear regression equation is encrypted by SHE homomorphic encryption,and then trained in the ciphertext domain.At the same time,it is guaranteed that the error of the training results between the ciphertext domain and the plaintext domain is in a controllable range.After the training,the ciphertext can be decrypted and restored to the original plaintext training data.
基金supported by the fllowing projects:Natural Science Foundation of China under Grant 62172436Self-Initiated Scientific Research Project of the Chinese People's Armed Police Force under Grant ZZKY20243129Basic Frontier Innovation Project of the Engineering University of the Chinese People's Armed Police Force under Grant WJY202421.
文摘Due to the rapid advancement of information technology,data has emerged as the core resource driving decision-making and innovation across all industries.As the foundation of artificial intelligence,machine learning(ML)has expanded its applications into intelligent recommendation systems,autonomous driving,medical diagnosis,and financial risk assessment.However,it relies on massive datasets,which contain sensitive personal information.Consequently,Privacy-Preserving Machine Learning(PPML)has become a critical research direction.To address the challenges of efficiency and accuracy in encrypted data computation within PPML,Homomorphic Encryption(HE)technology is a crucial solution,owing to its capability to facilitate computations on encrypted data.However,the integration of machine learning and homomorphic encryption technologies faces multiple challenges.Against this backdrop,this paper reviews homomorphic encryption technologies,with a focus on the advantages of the Cheon-Kim-Kim-Song(CKKS)algorithm in supporting approximate floating-point computations.This paper reviews the development of three machine learning techniques:K-nearest neighbors(KNN),K-means clustering,and face recognition-in integration with homomorphic encryption.It proposes feasible schemes for typical scenarios,summarizes limitations and future optimization directions.Additionally,it presents a systematic exploration of the integration of homomorphic encryption and machine learning from the essence of the technology,application implementation,performance trade-offs,technological convergence and future pathways to advance technological development.
基金supported by ZTE Industry-University-Institute Cooperation Funds under Grant No.IA20230628015the State Key Laboratory of Particle Detection and Electronics under Grant No.SKLPDE-KF-202314.
文摘Digital twin is a novel technology that has achieved significant progress in industrial manufactur-ing systems in recent years.In the digital twin envi-ronment,entities in the virtual space collect data from devices in the physical space to analyze their states.However,since a lot of devices exist in the physical space,the digital twin system needs to aggregate data from multiple devices at the edge gateway.Homomor-phic integrity and confidentiality protections are two important requirements for this data aggregation pro-cess.Unfortunately,existing homomorphic encryp-tion algorithms do not support integrity protection,and existing homomorphic signing algorithms require all signers to use the same signing key,which is not feasible in the digital twin environment.Moreover,for both integrity and confidentiality protections,the homomorphic signing algorithm must be compatible with the aggregation manner of the homomorphic en-cryption algorithm.To address these issues,this paper designs a novel homomorphic aggregation scheme,which allows multiple devices in the physical space to sign different data using different keys and support in-tegrity and confidentiality protections.Finally,the security of the newly designed scheme is analyzed,and its efficiency is evaluated.Experimental results show that our scheme is feasible for real world applications.
基金supported by Institute of Information communications Technology Planning Evaluation(IITP)grant funded by theKorea government(MSIT)[No.2022-0-01047,Development of statistical analysis algorithm and module using homomorphic encryption based on real number operation,100%].
文摘In this study,we investigated privacy-preserving ID3 Decision Tree(PPID3)training and inference based on fully homomorphic encryption(FHE),which has not been actively explored due to the high computational cost associated with managing numerous child nodes in an ID3 tree.We propose HEaaN-ID3,a novel approach to realize PPID3 using the Cheon-Kim-Kim-Song(CKKS)scheme.HEaaN-ID3 is the first FHE-based ID3 framework that completes both training and inference without any intermediate decryption,which is especially valuable when decryption keys are inaccessible or a single-cloud security domain is assumed.To enhance computational efficiency,we adopt a modified Gini impurity(MGI)score instead of entropy to evaluate information gain,thereby avoiding costly inverse operations.In addition,we fully leverage the Single Instruction Multiple Data(SIMD)property of CKKS to parallelize computations at multiple tree nodes.Unlike previous approaches that require decryption at each node or rely on two-party secure computation,our method enables a fully non-interactive training and inference pipeline in the encrypted domain.We validated the proposed scheme using UCI datasets with both numerical and nominal features,demonstrating inference accuracy comparable to plaintext implementations in Scikit-Learn.Moreover,experiments show that HEaaN-ID3 significantly reduces training and inference time per node relative to earlier FHE-based approaches.
文摘A medical image encryption is proposed based on the Fisher-Yates scrambling,filter diffusion and S-box substitution.First,chaotic sequence associated with the plaintext is generated by logistic-sine-cosine system,which is used for the scrambling,substitution and diffusion processes.The three-dimensional Fisher-Yates scrambling,S-box substitution and diffusion are employed for the first round of encryption.The chaotic sequence is adopted for secondary encryption to scramble the ciphertext obtained in the first round.Then,three-dimensional filter is applied to diffusion for further useful information hiding.The key to the algorithm is generated by the combination of hash value of plaintext image and the input parameters.It improves resisting ability of plaintext attacks.The security analysis shows that the algorithm is effective and efficient.It can resist common attacks.In addition,the good diffusion effect shows that the scheme can solve the differential attacks encountered in the transmission of medical images and has positive implications for future research.
文摘We propose an unbounded fully homomorphic encryption scheme, i.e. a scheme that allows one to compute on encrypted data for any desired functions without needing to decrypt the data or knowing the decryption keys. This is a rational solution to an old problem proposed by Rivest, Adleman, and Dertouzos [1] in 1978, and to some new problems that appeared in Peikert [2] as open questions 10 and open questions 11 a few years ago. Our scheme is completely different from the breakthrough work [3] of Gentry in 2009. Gentry’s bootstrapping technique constructs a fully homomorphic encryption (FHE) scheme from a somewhat homomorphic one that is powerful enough to evaluate its own decryption function. To date, it remains the only known way of obtaining unbounded FHE. Our construction of an unbounded FHE scheme is straightforward and can handle unbounded homomorphic computation on any refreshed ciphertexts without bootstrapping transformation technique.
文摘The public key of the integer homomorphic encryption scheme which was proposed by Van Dijk et al. is long, so the scheme is almost impossible to use in practice. By studying the scheme and Coron’s public key compression technique, a scheme which is able to encrypt n bits plaintext once was obtained. The scheme improved the efficiency of the decrypting party and increased the number of encrypting parties, so it meets the needs of cloud computing better. The security of the scheme is based on the approximate GCD problem and the sparse-subset sum problem.
基金supported by NSFC(Grant Nos.92046001,61671087,61962009,61971021)the Fundamental Research Funds for Beijing Municipal Commission of Education,the Scientific Research Launch Funds of North China University of Technology,and Beijing Urban Governance Research Base of North China University of Technology.
文摘Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application process,and the rapid development of quantum computing also brings the threat of quantum attack to blockchain.In this paper,we propose a lattice-based certificateless fully homomorphic encryption(LCFHE)algorithm based on approximate eigenvector firstly.And we use the lattice-based delegate algorithm and preimage sampling algorithm to extract part of the private key based on certificateless scheme,which is composed of the private key together with the secret value selected by the user,thus effectively avoiding the problems of certificate management and key escrow.Secondly,we propose a post-quantum blockchain transaction privacy protection scheme based on LCFHE algorithm,which uses the ciphertext calculation characteristic of homomorphic encryption to encrypt the account balance and transaction amount,effectively protecting the transaction privacy of users and having the ability to resist quantum attacks.Finally,we analyze the correctness and security of LCFHE algorithm,and the security of the algorithm reduces to the hardness of learning with errors(LWE)hypothesis.
基金supported by Natural Science Foundation of China(Nos.62303126,62362008,author Z.Z,https://www.nsfc.gov.cn/,accessed on 20 December 2024)Major Scientific and Technological Special Project of Guizhou Province([2024]014)+2 种基金Guizhou Provincial Science and Technology Projects(No.ZK[2022]General149) ,author Z.Z,https://kjt.guizhou.gov.cn/,accessed on 20 December 2024)The Open Project of the Key Laboratory of Computing Power Network and Information Security,Ministry of Education under Grant 2023ZD037,author Z.Z,https://www.gzu.edu.cn/,accessed on 20 December 2024)Open Research Project of the State Key Laboratory of Industrial Control Technology,Zhejiang University,China(No.ICT2024B25),author Z.Z,https://www.gzu.edu.cn/,accessed on 20 December 2024).
文摘Due to the development of cloud computing and machine learning,users can upload their data to the cloud for machine learning model training.However,dishonest clouds may infer user data,resulting in user data leakage.Previous schemes have achieved secure outsourced computing,but they suffer from low computational accuracy,difficult-to-handle heterogeneous distribution of data from multiple sources,and high computational cost,which result in extremely poor user experience and expensive cloud computing costs.To address the above problems,we propose amulti-precision,multi-sourced,andmulti-key outsourcing neural network training scheme.Firstly,we design a multi-precision functional encryption computation based on Euclidean division.Second,we design the outsourcing model training algorithm based on a multi-precision functional encryption with multi-sourced heterogeneity.Finally,we conduct experiments on three datasets.The results indicate that our framework achieves an accuracy improvement of 6%to 30%.Additionally,it offers a memory space optimization of 1.0×2^(24) times compared to the previous best approach.
文摘Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.
基金funded by the Jilin Provincial Department of Education Scientific Research Project(Project No.JJKH20250872KJ).
文摘With the continuous growth of exponential data in IoT,it is usually chosen to outsource data to the cloud server.However,cloud servers are usually provided by third parties,and there is a risk of privacy leakage.Encrypting data can ensure its security,but at the same time,it loses the retrieval function of IoT data.Searchable Encryption(SE)can achieve direct retrieval based on ciphertext data.The traditional searchable encryption scheme has the problems of imperfect function,low retrieval efficiency,inaccurate retrieval results,and centralized cloud servers being vulnerable and untrustworthy.This paper proposes an Efficient searchable encryption scheme supporting fuzzy multi-keyword ranking search on the blockchain.The blockchain and IPFS are used to store the index and encrypted files in a distributed manner respectively.The tamper resistance of the distributed ledger ensures the authenticity of the data.The data retrieval work is performed by the smart contract to ensure the reliability of the data retrieval.The Local Sensitive Hash(LSH)function is combined with the Bloom Filter(BF)to realize the fuzzy multi-keyword retrieval function.In addition,to measure the correlation between keywords and files,a new weighted statistical algorithm combining RegionalWeight Score(RWS)and Term Frequency–Inverse Document Frequency(TF-IDF)is proposed to rank the search results.The balanced binary tree is introduced to establish the index structure,and the index binary tree traversal strategy suitable for this scheme is constructed to optimize the index structure and improve the retrieval efficiency.The experimental results show that the scheme is safe and effective in practical applications.
