With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the...With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.展开更多
Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribu...Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.展开更多
Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the informat...Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take account of multi-factor and ciphertext to satisfy the complex requirement for cloud data protection. We propose a proxy re-encryption (PRE) based multi-factor access control (PMAC) for cipher text in the above background. The PMAC adapts to the privacy and the protection of data confidently. We explain the motivation and some assumptions of PMAC at first. Then we define system model and algorithm. The system model and algorithm show how to create the data with corresponding accessing Policy and how to grant and revoke the nermission.展开更多
The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untru...The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time.展开更多
In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext unde...In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.展开更多
An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-t...An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-trusted,it should place as little trust as necessary to allow it to perform the translations.In some applications such as distributed file system,it demands the adversary cannot identify the sender and recipient’s identities.However,none of the exiting IB-PRE schemes satisfy this requirement.In this work,we first define the security model of key-private IB-PRE.Finally,we propose the first key-private IB-PRE scheme.Our scheme is chosen plaintext secure(CPA)and collusion resistant in the standard model.展开更多
In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called mult...In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.展开更多
The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in ...The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data i...With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data in a cloud environment.Proxy re-encryption is a public key encryption system with ciphertext security conversion function.A semi-trusted agent plays the role of ciphertext conversion,which can convert the user ciphertext into the same plaintext encrypted by the principal’s public key.Proxy re-encryption has been a hotspot in the field of information security since it was proposed by Blaze et al.[Blaze,Bleumer and Strauss(1998)].After 20 years of development,proxy re-encryption has evolved into many forms been widely used.This paper elaborates on the definition,characteristics and development status of proxy re-encryption,and classifies proxy re-encryption from the perspectives of user identity,conversion condition,conversion hop count and conversion direction.The aspects of the existing program were compared and briefly reviewed from the aspects of features,performance,and security.Finally,this paper looks forward to the possible development direction of proxy re-encryption in the future.展开更多
Wireless sensor networks(WSNs)have become increasingly popular due to the rapid growth of the Internet of Things.As open wireless transmission media are easy to attack,security is one of the primary design concerns fo...Wireless sensor networks(WSNs)have become increasingly popular due to the rapid growth of the Internet of Things.As open wireless transmission media are easy to attack,security is one of the primary design concerns for WSNs.Current solutions consider routing and data encryption as two isolated issues,providing incomplete security.Therefore,in this paper,we divide the WSN communication process into a data path selection phase and a data encryption phase.We propose an improved transmission method based on ant colony optimization(ACO)and threshold proxy re-encryption for WSNs,and we named it as ACOTPRE.The method resists internal and external attacks and ensures safe and efficient data transmission.In the data path selection stage,the ACO algorithm is used for network routing.The improvement of the pheromone concentration is proposed.In order to resist attacks from external attackers,proxy re-encryption is extended to WSN in the data encryption stage.The threshold secret sharing algorithm is introduced to generate a set of re-encryption key fragments composed of random numbers at the source node.We confirm the performance of our model via simulation studies.展开更多
With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,bus...With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment.展开更多
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur...With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.展开更多
Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been ...Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure.展开更多
In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. Th...In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude "safe". Furthermore, it is compatible with current IBE (identity-based encryption) deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.展开更多
The new energy power generation is becoming increasingly important in the power system.Such as photovoltaic power generation has become a research hotspot,however,due to the characteristics of light radiation changes,...The new energy power generation is becoming increasingly important in the power system.Such as photovoltaic power generation has become a research hotspot,however,due to the characteristics of light radiation changes,photovoltaic power generation is unstable and random,resulting in a low utilization rate and directly affecting the stability of the power grid.To solve this problem,this paper proposes a coordinated control strategy for a newenergy power generation system with a hybrid energy storage unit based on the lithium iron phosphate-supercapacitor hybrid energy storage unit.Firstly,the variational mode decomposition algorithm is used to separate the high and low frequencies of the power signal,which is conducive to the rapid and accurate suppression of the power fluctuation of the energy storage system.Secondly,the fuzzy control algorithm is introduced to balance the power between energy storage.In this paper,the actual data is used for simulation,and the simulation results show that the strategy realizes the effective suppression of the bus voltage fluctuation and the accurate control of the internal state of the energy storage unit,effectively avoiding problems such as overshoot and over-discharge,and can significantly improve the stability of the photovoltaic power generation systemand the stability of the Direct Current bus.It is of great significance to promote the development of collaborative control technology for photovoltaic hybrid energy storage units.展开更多
This paper presents the design of an asymmetrically variable wingtip anhedral angles morphing aircraft,inspired by biomimetic mechanisms,to enhance lateral maneuver capability.Firstly,we establish a lateral dynamic mo...This paper presents the design of an asymmetrically variable wingtip anhedral angles morphing aircraft,inspired by biomimetic mechanisms,to enhance lateral maneuver capability.Firstly,we establish a lateral dynamic model considering additional forces and moments resulting during the morphing process,and convert it into a Multiple Input Multiple Output(MIMO)virtual control system by importing virtual inputs.Secondly,a classical dynamics inversion controller is designed for the outer-loop system.A new Global Fast Terminal Incremental Sliding Mode Controller(NDO-GFTISMC)is proposed for the inner-loop system,in which an adaptive law is implemented to weaken control surface chattering,and a Nonlinear Disturbance Observer(NDO)is integrated to compensate for unknown disturbances.The whole control system is proven semiglobally uniformly ultimately bounded based on the multi-Lyapunov function method.Furthermore,we consider tracking errors and self-characteristics of actuators,a quadratic programmingbased dynamic control allocation law is designed,which allocates virtual control inputs to the asymmetrically deformed wingtip and rudder.Actuator dynamic models are incorporated to ensure physical realizability of designed allocation law.Finally,comparative experimental results validate the effectiveness of the designed control system and control allocation law.The NDO-GFTISMC features faster convergence,stronger robustness,and 81.25%and 75.0%reduction in maximum state tracking error under uncertainty compared to the Incremental Nonlinear Dynamic Inversion Controller based on NDO(NDO-INDI)and Incremental Sliding Mode Controller based on NDO(NDO-ISMC),respectively.The design of the morphing aircraft significantly enhances lateral maneuver capability,maintaining a substantial control margin during lateral maneuvering,reducing the burden of the rudder surface,and effectively solving the actuator saturation problem of traditional aircraft during lateral maneuvering.展开更多
This work proposes the application of an iterative learning model predictive control(ILMPC)approach based on an adaptive fault observer(FOBILMPC)for fault-tolerant control and trajectory tracking in air-breathing hype...This work proposes the application of an iterative learning model predictive control(ILMPC)approach based on an adaptive fault observer(FOBILMPC)for fault-tolerant control and trajectory tracking in air-breathing hypersonic vehicles.In order to increase the control amount,this online control legislation makes use of model predictive control(MPC)that is based on the concept of iterative learning control(ILC).By using offline data to decrease the linearized model’s faults,the strategy may effectively increase the robustness of the control system and guarantee that disturbances can be suppressed.An adaptive fault observer is created based on the suggested ILMPC approach in order to enhance overall fault tolerance by estimating and compensating for actuator disturbance and fault degree.During the derivation process,a linearized model of longitudinal dynamics is established.The suggested ILMPC approach is likely to be used in the design of hypersonic vehicle control systems since numerical simulations have demonstrated that it can decrease tracking error and speed up convergence when compared to the offline controller.展开更多
Model predictive control(MPC)has been deemed as an attractive control method in motor drives by virtue of its simple structure,convenient multi-objective optimization,and satisfactory dynamic performance.However,the s...Model predictive control(MPC)has been deemed as an attractive control method in motor drives by virtue of its simple structure,convenient multi-objective optimization,and satisfactory dynamic performance.However,the strong reliance on mathematical models seriously restrains its practical application.Therefore,improving the robustness of MPC has attained significant attentions in the last two decades,followed by which,model-free predictive control(MFPC)comes into existence.This article aims to reveal the current state of MFPC strategies for motor drives and give the categorization from the perspective of implementation.Based on this review,the principles of the reported MFPC strategies are introduced in detail,as well as the challenges encountered in technology realization.In addition,some of typical and important concepts are experimentally validated via case studies to evaluate the performance and highlight their features.Finally,the future trends of MFPC are discussed based on the current state and reported developments.展开更多
Purpose–This study aims to propose a cooperative adhesion control method for trains with multiple motors electric locomotives.The method is intended to optimize the output torque of each motor,maximize the utilizatio...Purpose–This study aims to propose a cooperative adhesion control method for trains with multiple motors electric locomotives.The method is intended to optimize the output torque of each motor,maximize the utilization of train adhesion within the total torque command,reduce the train skidding/sliding phenomenon and achieve optimal adhesion utilization for each axle,thus realizing the optimal allocation of the multi-motor electric locomotives.Design/methodology/approach–In this study,a model predictive control(MPC)-based cooperative maximum adhesion tracking control method for multi-motor electric locomotives is presented.Firstly,train traction system with multiple motors is constructed in accordance with Newton’s second law.These equations include the train dynamics equations,the axle dynamics equations,and the wheel-rail adhesion coefficient equations.Then,a new MPC-based multi-axle adhesion co-optimization method is put forward.This method calculates the optimal output torque through real-time iteration based on the known reference slip speed to achieve multi-axle co-optimization under different circumstances.Findings–This paper presents a MPC system designed for the cooperative control of multi-axle adhesion.The results indicate that the proposed control system is able to optimize the adhesion of multiple axles under numerous different conditions and achieve the optimal power distribution based on the reduction of train skidding/sliding.Originality/value–This study presents a novel cooperative adhesion tracking control scheme.It is designed for multi-motor electric locomotives,which has rarely been studied before.And simulations are carried out in different conditions,including variable surfaces and motor failing.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.U24B20146)the National Key Research and Development Plan in China(Grant No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034).
文摘With the rapid development of web3.0 applications,the volume of data sharing is increasing,the inefficiency of big data file sharing and the problem of data privacy leakage are becoming more and more prominent,and the existing data sharing schemes have been difficult to meet the growing demand for data sharing,this paper aims at exploring a secure,efficient and privacy-protecting data sharing scheme under web3.0 applications.Specifically,this paper adopts interplanetary file system(IPFS)technology to realize the storage of large data files to solve the problem of blockchain storage capacity limitation,and utilizes ciphertext policy attribute-based encryption(CP-ABE)and proxy re-encryption(PRE)technology to realize secure multi-party sharing and finegrained access control of data.This paper provides the detailed algorithm design and implementation of data sharing phases and processes,and analyzes the algorithms from the perspectives of security,privacy protection,and performance.
基金Programs for Science and Technology Development of Henan Province,grant number 242102210152The Fundamental Research Funds for the Universities of Henan Province,grant number NSFRF240620+1 种基金Key Scientific Research Project of Henan Higher Education Institutions,grant number 24A520015Henan Key Laboratory of Network Cryptography Technology,grant number LNCT2022-A11.
文摘Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.
基金the National Natural Science Foundation of China(Nos.61702266 and 61572255)the Natural Science Foundation of Jiangsu Province(Nos.BK20150787 and BK20141404)
文摘Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take account of multi-factor and ciphertext to satisfy the complex requirement for cloud data protection. We propose a proxy re-encryption (PRE) based multi-factor access control (PMAC) for cipher text in the above background. The PMAC adapts to the privacy and the protection of data confidently. We explain the motivation and some assumptions of PMAC at first. Then we define system model and algorithm. The system model and algorithm show how to create the data with corresponding accessing Policy and how to grant and revoke the nermission.
基金Projects(61472192,61202004)supported by the National Natural Science Foundation of ChinaProject(14KJB520014)supported by the Natural Science Fund of Higher Education of Jiangsu Province,China
文摘The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time.
基金the Natural Science Foundation of Shandong Province (Y2007G37)the Science and Technology Development Program of Shandong Province (2007GG10001012)
文摘In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.
基金This work is supported by the National Natural Science Foundation of China(Nos.61702236,61672270,61602216,61872181)Changzhou Sci&Tech Program(Grant No.CJ20179027).
文摘An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-trusted,it should place as little trust as necessary to allow it to perform the translations.In some applications such as distributed file system,it demands the adversary cannot identify the sender and recipient’s identities.However,none of the exiting IB-PRE schemes satisfy this requirement.In this work,we first define the security model of key-private IB-PRE.Finally,we propose the first key-private IB-PRE scheme.Our scheme is chosen plaintext secure(CPA)and collusion resistant in the standard model.
基金supported,in part,by the National Nature Science Foundation of China under grant numbers 61502240,61502096,61304205,61773219in part,by the Natural Science Foundation of Jiangsu Province under Grant Numbers BK20191401。
文摘In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.
基金supported by the National Natural Science Foundation of China(6120200461472192)+1 种基金the Special Fund for Fast Sharing of Science Paper in Net Era by CSTD(2013116)the Natural Science Fund of Higher Education of Jiangsu Province(14KJB520014)
文摘The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH).
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
基金This work is supported by the NSFC(Nos.61772280,61702236)the Changzhou Sci&Tech Program(No.CJ20179027),and the PAPD fund from NUIST.Prof.
文摘With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data in a cloud environment.Proxy re-encryption is a public key encryption system with ciphertext security conversion function.A semi-trusted agent plays the role of ciphertext conversion,which can convert the user ciphertext into the same plaintext encrypted by the principal’s public key.Proxy re-encryption has been a hotspot in the field of information security since it was proposed by Blaze et al.[Blaze,Bleumer and Strauss(1998)].After 20 years of development,proxy re-encryption has evolved into many forms been widely used.This paper elaborates on the definition,characteristics and development status of proxy re-encryption,and classifies proxy re-encryption from the perspectives of user identity,conversion condition,conversion hop count and conversion direction.The aspects of the existing program were compared and briefly reviewed from the aspects of features,performance,and security.Finally,this paper looks forward to the possible development direction of proxy re-encryption in the future.
基金This work was supported in part by Beijing Municipal Natural Science Foundation(19L2020)National Key Research and Development Project(Key Technologies and Applications of Security and Trusted Industrial Control System NO.2020YFB2009500).
文摘Wireless sensor networks(WSNs)have become increasingly popular due to the rapid growth of the Internet of Things.As open wireless transmission media are easy to attack,security is one of the primary design concerns for WSNs.Current solutions consider routing and data encryption as two isolated issues,providing incomplete security.Therefore,in this paper,we divide the WSN communication process into a data path selection phase and a data encryption phase.We propose an improved transmission method based on ant colony optimization(ACO)and threshold proxy re-encryption for WSNs,and we named it as ACOTPRE.The method resists internal and external attacks and ensures safe and efficient data transmission.In the data path selection stage,the ACO algorithm is used for network routing.The improvement of the pheromone concentration is proposed.In order to resist attacks from external attackers,proxy re-encryption is extended to WSN in the data encryption stage.The threshold secret sharing algorithm is introduced to generate a set of re-encryption key fragments composed of random numbers at the source node.We confirm the performance of our model via simulation studies.
基金This work is supported by“13th Five-Year”National Crypto Development Fund(No.MMJJ20170122)Zhejiang Provincial Natural Science Foundation of China(No.Y15F020053)+1 种基金the Project of Education Department of Henan Province(No.18A413001,No.16A520013)Natural Science Foundation of Henan Polytechnic University(No.T2018-1).
文摘With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment.
基金supported by National Key Research and Development Project(No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034)。
文摘With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.
基金The project is provided funding by the Natural Science Foundation of China(Nos.62272124,2022YFB2701400)the Science and Technology Program of Guizhou Province(No.[2020]5017)+3 种基金the Research Project of Guizhou University for Talent Introduction(No.[2020]61)the Cultivation Project of Guizhou University(No.[2019]56)the Open Fund of Key Laboratory of Advanced Manufacturing Technology,Ministry of Education,GZUAMT2021KF[01]the Postgraduate Innovation Program in Guizhou Province(No.YJSKYJJ[2021]028).
文摘Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure.
基金Supported by the National Natural Science Foundation of China (60673070)the Natural Science Foundation of Jiangsu Province, China (BK2006217)
文摘In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude "safe". Furthermore, it is compatible with current IBE (identity-based encryption) deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.
基金supported by the State Grid Corporation of China Science and Technology Project,grant number 52270723000900K.
文摘The new energy power generation is becoming increasingly important in the power system.Such as photovoltaic power generation has become a research hotspot,however,due to the characteristics of light radiation changes,photovoltaic power generation is unstable and random,resulting in a low utilization rate and directly affecting the stability of the power grid.To solve this problem,this paper proposes a coordinated control strategy for a newenergy power generation system with a hybrid energy storage unit based on the lithium iron phosphate-supercapacitor hybrid energy storage unit.Firstly,the variational mode decomposition algorithm is used to separate the high and low frequencies of the power signal,which is conducive to the rapid and accurate suppression of the power fluctuation of the energy storage system.Secondly,the fuzzy control algorithm is introduced to balance the power between energy storage.In this paper,the actual data is used for simulation,and the simulation results show that the strategy realizes the effective suppression of the bus voltage fluctuation and the accurate control of the internal state of the energy storage unit,effectively avoiding problems such as overshoot and over-discharge,and can significantly improve the stability of the photovoltaic power generation systemand the stability of the Direct Current bus.It is of great significance to promote the development of collaborative control technology for photovoltaic hybrid energy storage units.
基金supported by the National Natural Science Foundation of China(Nos.62103052 and No.52175214)。
文摘This paper presents the design of an asymmetrically variable wingtip anhedral angles morphing aircraft,inspired by biomimetic mechanisms,to enhance lateral maneuver capability.Firstly,we establish a lateral dynamic model considering additional forces and moments resulting during the morphing process,and convert it into a Multiple Input Multiple Output(MIMO)virtual control system by importing virtual inputs.Secondly,a classical dynamics inversion controller is designed for the outer-loop system.A new Global Fast Terminal Incremental Sliding Mode Controller(NDO-GFTISMC)is proposed for the inner-loop system,in which an adaptive law is implemented to weaken control surface chattering,and a Nonlinear Disturbance Observer(NDO)is integrated to compensate for unknown disturbances.The whole control system is proven semiglobally uniformly ultimately bounded based on the multi-Lyapunov function method.Furthermore,we consider tracking errors and self-characteristics of actuators,a quadratic programmingbased dynamic control allocation law is designed,which allocates virtual control inputs to the asymmetrically deformed wingtip and rudder.Actuator dynamic models are incorporated to ensure physical realizability of designed allocation law.Finally,comparative experimental results validate the effectiveness of the designed control system and control allocation law.The NDO-GFTISMC features faster convergence,stronger robustness,and 81.25%and 75.0%reduction in maximum state tracking error under uncertainty compared to the Incremental Nonlinear Dynamic Inversion Controller based on NDO(NDO-INDI)and Incremental Sliding Mode Controller based on NDO(NDO-ISMC),respectively.The design of the morphing aircraft significantly enhances lateral maneuver capability,maintaining a substantial control margin during lateral maneuvering,reducing the burden of the rudder surface,and effectively solving the actuator saturation problem of traditional aircraft during lateral maneuvering.
基金supported by the National Natural Science Foundation of China(12072090).
文摘This work proposes the application of an iterative learning model predictive control(ILMPC)approach based on an adaptive fault observer(FOBILMPC)for fault-tolerant control and trajectory tracking in air-breathing hypersonic vehicles.In order to increase the control amount,this online control legislation makes use of model predictive control(MPC)that is based on the concept of iterative learning control(ILC).By using offline data to decrease the linearized model’s faults,the strategy may effectively increase the robustness of the control system and guarantee that disturbances can be suppressed.An adaptive fault observer is created based on the suggested ILMPC approach in order to enhance overall fault tolerance by estimating and compensating for actuator disturbance and fault degree.During the derivation process,a linearized model of longitudinal dynamics is established.The suggested ILMPC approach is likely to be used in the design of hypersonic vehicle control systems since numerical simulations have demonstrated that it can decrease tracking error and speed up convergence when compared to the offline controller.
基金supported in part by the National Natural Science Foundation of China under Grant 52077002。
文摘Model predictive control(MPC)has been deemed as an attractive control method in motor drives by virtue of its simple structure,convenient multi-objective optimization,and satisfactory dynamic performance.However,the strong reliance on mathematical models seriously restrains its practical application.Therefore,improving the robustness of MPC has attained significant attentions in the last two decades,followed by which,model-free predictive control(MFPC)comes into existence.This article aims to reveal the current state of MFPC strategies for motor drives and give the categorization from the perspective of implementation.Based on this review,the principles of the reported MFPC strategies are introduced in detail,as well as the challenges encountered in technology realization.In addition,some of typical and important concepts are experimentally validated via case studies to evaluate the performance and highlight their features.Finally,the future trends of MFPC are discussed based on the current state and reported developments.
基金supported by Scientific Research Projects of China Association of Metros(CAMET-KY-2022039)State Key Laboratory of Traction and Control System of EMU and Locomotive(2023YJ386).
文摘Purpose–This study aims to propose a cooperative adhesion control method for trains with multiple motors electric locomotives.The method is intended to optimize the output torque of each motor,maximize the utilization of train adhesion within the total torque command,reduce the train skidding/sliding phenomenon and achieve optimal adhesion utilization for each axle,thus realizing the optimal allocation of the multi-motor electric locomotives.Design/methodology/approach–In this study,a model predictive control(MPC)-based cooperative maximum adhesion tracking control method for multi-motor electric locomotives is presented.Firstly,train traction system with multiple motors is constructed in accordance with Newton’s second law.These equations include the train dynamics equations,the axle dynamics equations,and the wheel-rail adhesion coefficient equations.Then,a new MPC-based multi-axle adhesion co-optimization method is put forward.This method calculates the optimal output torque through real-time iteration based on the known reference slip speed to achieve multi-axle co-optimization under different circumstances.Findings–This paper presents a MPC system designed for the cooperative control of multi-axle adhesion.The results indicate that the proposed control system is able to optimize the adhesion of multiple axles under numerous different conditions and achieve the optimal power distribution based on the reduction of train skidding/sliding.Originality/value–This study presents a novel cooperative adhesion tracking control scheme.It is designed for multi-motor electric locomotives,which has rarely been studied before.And simulations are carried out in different conditions,including variable surfaces and motor failing.
