Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is desi...Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is designed,and a multiimage encryption(MIE)algorithm with row and column confusion and closed-loop bi-directional diffusion is adopted in the paper.While ensuring secure communication of medical image information,people with different security levels have different levels of decryption keys,and differentiated visual effects can be obtained by using the strong sensitivity of chaotic keys.The highest security level can obtain decrypted images without watermarks,and at the same time,patient information and copyright attribution can be verified by obtaining watermark images.The experimental results show that the scheme is sufficiently secure as an MIE scheme with visualized differences and the encryption and decryption efficiency is significantly improved compared to other works.展开更多
According to the relation of an attribute set and its subset,the author presents a hierarchical attribute-based encryption scheme in which a secret key is associated with an attribute set.A user can delegate the priva...According to the relation of an attribute set and its subset,the author presents a hierarchical attribute-based encryption scheme in which a secret key is associated with an attribute set.A user can delegate the private key corresponding to any subset of an attribute set while he has the private key corresponding to the attribute set.Moreover,the size of the ciphertext is constant,but the size of private key is linear with the order of the attribute set in the hierarchical attribute-based encryption scheme.Lastly,we can also prove that this encryption scheme meets the security of IND-sSETCPA in the standard model.展开更多
The Advanced Metering Infrastructure(AMI),as a crucial subsystem in the smart grid,is responsible for measuring user electricity consumption and plays a vital role in communication between providers and consumers.Howe...The Advanced Metering Infrastructure(AMI),as a crucial subsystem in the smart grid,is responsible for measuring user electricity consumption and plays a vital role in communication between providers and consumers.However,with the advancement of information and communication technology,new security and privacy challenges have emerged for AMI.To address these challenges and enhance the security and privacy of user data in the smart grid,a Hierarchical Privacy Protection Model in Advanced Metering Infrastructure based on Cloud and Fog Assistance(HPPM-AMICFA)is proposed in this paper.The proposed model integrates cloud and fog computing with hierarchical threshold encryption,offering a flexible and efficient privacy protection solution that significantly enhances data security in the smart grid.The methodology involves setting user protection levels by processing missing data and utilizing fuzzy comprehensive analysis to evaluate user importance,thereby assigning appropriate protection levels.Furthermore,a hierarchical threshold encryption algorithm is developed to provide differentiated protection strategies for fog nodes based on user IDs,ensuring secure aggregation and encryption of user data.Experimental results demonstrate that HPPM-AMICFA effectively resists various attack strategies while minimizing time costs,thereby safeguarding user data in the smart grid.展开更多
Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q b...Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.展开更多
At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model ...At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model of IaaS.After analyzing the vulnerabilities performance of IaaS cloud computing system,the mapping relationship was established between the vulnerabilities of IaaS and the nine threats of cloud computing which was released by cloud security alliance(CSA).According to the mapping relationship,a model for evaluating security of IaaS was proposed which verified the effectiveness of the model on OpenStack by the analytic hierarchy process(AHP) and the fuzzy evaluation method.展开更多
Hierarchical Identity-Based Broadcast Encryption (HIBBE) organizes users into a tree-like structure, and it allows users to delegate their decryption ability to subordinates and enable encryption to any subset of us...Hierarchical Identity-Based Broadcast Encryption (HIBBE) organizes users into a tree-like structure, and it allows users to delegate their decryption ability to subordinates and enable encryption to any subset of users while only intended users can decrypt. However, current HIBBE schemes do not support efficient revocation of private keys. Here, a new primitive called Revocable Hierarchical Identity-Based Broadcast Encryption (RHIBBE) is formalized that allows revocation of the HIBBE. Ciphertext indistinguishability is defined against the selectively Bounded Revocable Identity-Vector-Set and Chosen-Plaintext Attack (IND-sBRIVS-CPA). An IND-sBRIVS-CPA secure RHIBBE scheme is constructed with efficient revocation on prime-order bilinear groups. The unbounded version of the scheme is also shown to be secure but a little weaker than the former under the decisional n-Weak Bilinear Diffie-Hellman inversion assumption.展开更多
IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current ...IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.展开更多
基金Project supported by the National Natural Science Foundation of China(Grant No.62061014)the Natural Science Foundation of Liaoning province of China(Grant No.2020-MS-274).
文摘Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is designed,and a multiimage encryption(MIE)algorithm with row and column confusion and closed-loop bi-directional diffusion is adopted in the paper.While ensuring secure communication of medical image information,people with different security levels have different levels of decryption keys,and differentiated visual effects can be obtained by using the strong sensitivity of chaotic keys.The highest security level can obtain decrypted images without watermarks,and at the same time,patient information and copyright attribution can be verified by obtaining watermark images.The experimental results show that the scheme is sufficiently secure as an MIE scheme with visualized differences and the encryption and decryption efficiency is significantly improved compared to other works.
基金Supported by the National Natural Science Foundation of China(60903175,60703048)the Natural Science Foundation of Hubei Province(2009CBD307,2008CDB352)
文摘According to the relation of an attribute set and its subset,the author presents a hierarchical attribute-based encryption scheme in which a secret key is associated with an attribute set.A user can delegate the private key corresponding to any subset of an attribute set while he has the private key corresponding to the attribute set.Moreover,the size of the ciphertext is constant,but the size of private key is linear with the order of the attribute set in the hierarchical attribute-based encryption scheme.Lastly,we can also prove that this encryption scheme meets the security of IND-sSETCPA in the standard model.
基金This research was funded by the National Natural Science Foundation of China(Grant Number 61902069)Natural Science Foundation of Fujian Province of China(Grant Number 2021J011068)+1 种基金Research Initiation Fund Program of Fujian University of Technology(GY-S24002,GY-Z21048)Fujian Provincial Department of Science and Technology Industrial Guidance Project(Grant Number 2022H0025).
文摘The Advanced Metering Infrastructure(AMI),as a crucial subsystem in the smart grid,is responsible for measuring user electricity consumption and plays a vital role in communication between providers and consumers.However,with the advancement of information and communication technology,new security and privacy challenges have emerged for AMI.To address these challenges and enhance the security and privacy of user data in the smart grid,a Hierarchical Privacy Protection Model in Advanced Metering Infrastructure based on Cloud and Fog Assistance(HPPM-AMICFA)is proposed in this paper.The proposed model integrates cloud and fog computing with hierarchical threshold encryption,offering a flexible and efficient privacy protection solution that significantly enhances data security in the smart grid.The methodology involves setting user protection levels by processing missing data and utilizing fuzzy comprehensive analysis to evaluate user importance,thereby assigning appropriate protection levels.Furthermore,a hierarchical threshold encryption algorithm is developed to provide differentiated protection strategies for fog nodes based on user IDs,ensuring secure aggregation and encryption of user data.Experimental results demonstrate that HPPM-AMICFA effectively resists various attack strategies while minimizing time costs,thereby safeguarding user data in the smart grid.
基金Project supported by the National Natural Science Foundation of China(Nos.61303198,61471409,61472470,and 61402112) the Natural Science Foundation of Shandong Province,China(No.ZR2013FQ031)
文摘Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.
基金National Natural Science Foundation of China(No.61462070)the"ChunHui Plan"Project of Educational Department,China(No.Z2009-1-01062)the Research of Evaluation Technology of Security and Reliability of Cloud Computing and the Built of Testing Platform That is a Technology Plan Project of Inner Mongolia,China
文摘At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model of IaaS.After analyzing the vulnerabilities performance of IaaS cloud computing system,the mapping relationship was established between the vulnerabilities of IaaS and the nine threats of cloud computing which was released by cloud security alliance(CSA).According to the mapping relationship,a model for evaluating security of IaaS was proposed which verified the effectiveness of the model on OpenStack by the analytic hierarchy process(AHP) and the fuzzy evaluation method.
基金supported by the National Key Research and Development Program of China (No. 2017YFB0802502)the National Natural Science Foundation of China (Nos. 61672083, 61370190, 61532021, 61472429, 61402029, 61702028, and 61571024)+3 种基金the National Cryptography Development Fund (No. MMJJ20170106)the Planning Fund Project of Ministry of Education (No. 12YJAZH136)the Beijing Natural Science Foundation (No. 4132056)the Fund of the State Key Laboratory of Information Security, the Institute of Information Engineering, and the Chinese Academy of Sciences (No. 2017-MS-02)
文摘Hierarchical Identity-Based Broadcast Encryption (HIBBE) organizes users into a tree-like structure, and it allows users to delegate their decryption ability to subordinates and enable encryption to any subset of users while only intended users can decrypt. However, current HIBBE schemes do not support efficient revocation of private keys. Here, a new primitive called Revocable Hierarchical Identity-Based Broadcast Encryption (RHIBBE) is formalized that allows revocation of the HIBBE. Ciphertext indistinguishability is defined against the selectively Bounded Revocable Identity-Vector-Set and Chosen-Plaintext Attack (IND-sBRIVS-CPA). An IND-sBRIVS-CPA secure RHIBBE scheme is constructed with efficient revocation on prime-order bilinear groups. The unbounded version of the scheme is also shown to be secure but a little weaker than the former under the decisional n-Weak Bilinear Diffie-Hellman inversion assumption.
文摘IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.
