Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- RFID (3)
- Authenticated Key Exchange (2)
- Certificateless cryptography (2)
- Chameleon All-But-One Trapdoor Functions (2)
- Identity-based cryptography (2)
-
- Lossy Trapdoor Functions (2)
- Manipulation (2)
- Non-delegatability (2)
- Non-transferability (2)
- Price (2)
- Public key encryption (2)
- Return-oriented programming (2)
- Self-selection (2)
- Signature scheme (2)
- Strong designated verifier signature (2)
- Access control (1)
- Accountability (1)
- Address space randomization (1)
- Anomaly detection (1)
- Anti-collision (1)
- Automated bug fixing (1)
- Bad Randomness (1)
- Certificateless Cryptography (1)
- Certificateless signcryption (1)
- Chameleon ABO-TDFs (1)
- Chameleon Hash (1)
- Chameleon Hash Functions (1)
- Character escaping (1)
- Chosen Ciphertext Security (1)
- Ciphertext Policy Attribute-Based Encryption (1)
Articles 1 - 30 of 38
Full-Text Articles in Physical Sciences and Mathematics
Understanding And Protecting Privacy: Formal Semantics And Principled Audit Mechanisms, Anupam Datta, Jeremiah Blocki, Nicolas Christin, Henry Deyoung, Deepak Garg, Limin Jia, Dilsun Kaynar, Arunesh Sinha
Understanding And Protecting Privacy: Formal Semantics And Principled Audit Mechanisms, Anupam Datta, Jeremiah Blocki, Nicolas Christin, Henry Deyoung, Deepak Garg, Limin Jia, Dilsun Kaynar, Arunesh Sinha
Research Collection School Of Computing and Information Systems
Privacy has become a significant concern in modern society as personal information about individuals is increasingly collected, used, and shared, often using digital technologies, by a wide range of organizations. Certain information handling practices of organizations that monitor individuals’ activities on the Web, data aggregation companies that compile massive databases of personal information, cell phone companies that collect and use location data about individuals, online social networks and search engines—while enabling useful services—have aroused much indignation and protest in the name of privacy. Similarly, as healthcare organizations are embracing electronic health record systems and patient portals to enable patients, employees, …
On Two Rfid Privacy Notions And Their Relations, Yingjiu Li, Robert H. Deng, Junzuo Lai, Changshe Ma
On Two Rfid Privacy Notions And Their Relations, Yingjiu Li, Robert H. Deng, Junzuo Lai, Changshe Ma
Research Collection School Of Computing and Information Systems
Privacy of RFID systems is receiving increasing attention in the RFID community. Basically, there are two kinds of RFID privacy notions in the literature: one based on the indistinguishability of two tags, denoted as ind-privacy, and the other based on the unpredictability of the output of an RFID protocol, denoted as unp*-privacy. In this article, we first revisit the existing unpredictability-based RFID privacy models and point out their limitations. We then propose a new RFID privacy model, denoted as unp*-privacy, based on the indistinguishability of a real tag and a virtual tag. We formally clarify its relationship with the ind-privacy …
Automated Removal Of Cross Site Scripting Vulnerabilities In Web Applications, Lwin Khin Shar, Hee Beng Kuan Tan
Automated Removal Of Cross Site Scripting Vulnerabilities In Web Applications, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
Context: Cross site scripting (XSS) vulnerability is among the top web application vulnerabilities according to recent surveys. This vulnerability occurs when a web application uses inputs received from users in web pages without properly checking them. This allows an attacker to inject malicious scripts in web pages via such inputs such that the scripts perform malicious actions when a client visits the exploited web pages. Such an attack may cause serious security violations such as account hijacking and cookie theft. Current approaches to mitigate this problem mainly focus on effective detection of XSS vulnerabilities in the programs or prevention of …
Launching Return-Oriented Programming Attacks Against Randomized Relocatable Executables, Limin Liu, Jin Han, Debin Gao, Jiwu Jing, Daren Zha
Launching Return-Oriented Programming Attacks Against Randomized Relocatable Executables, Limin Liu, Jin Han, Debin Gao, Jiwu Jing, Daren Zha
Research Collection School Of Computing and Information Systems
Since the day it was proposed, return-oriented programming has shown to be an effective and powerful attack technique against the write or execute only (W ⊕ X) protection. However, a general belief in the previous research is, systems deployed with address space randomization where the executables are also randomized at run-time are able to defend against return-oriented programming, as the addresses of all instructions are randomized. In this paper, we show that due to the weakness of current address space randomization technique, there are still ways of launching return-oriented programming attacks against those well-protected systems efficiently. We demonstrate and evaluate …
Applying Time-Bound Hierarchical Key Assignment In Wireless Sensor Networks, Wentao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Applying Time-Bound Hierarchical Key Assignment In Wireless Sensor Networks, Wentao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Research Collection School Of Computing and Information Systems
Access privileges in distributed systems can be effectively organized as a partial-order hierarchy that consists of distinct security classes, and are often designated with certain temporal restrictions. The time-bound hierarchical key assignment problem is to assign distinct cryptographic keys to distinct security classes according to their privileges so that users from a higher class can use their class key to derive the keys of lower classes, and these keys are time-variant with respect to sequentially allocated temporal units called time slots. In this paper, we explore applications of time-bound hierarchical key assignment in a wireless sensor network environment where there …
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Research Collection School Of Computing and Information Systems
When a customer interacts with a firm, extensive personal information often is gathered without the individual's knowledge. Significant risks are associated with handling this kind of information. Providing protection may reduce the risk of the loss and misuse of private information, but it imposes some costs on both the firm and its customers. Nevertheless, customer information security breaches still may occur. They have several distinguishing characteristics: (1) typically it is hard to quantify monetary damages related to them; (2) customer information security breaches may be caused by intentional attacks, as well as through unintentional organizational and customer behaviors; and (3) …
General Construction Of Chameleon All-But-One Trapdoor Functions, Shengli Liu, Junzuo Lai, Robert H. Deng
General Construction Of Chameleon All-But-One Trapdoor Functions, Shengli Liu, Junzuo Lai, Robert H. Deng
Research Collection School Of Computing and Information Systems
Lossy trapdoor functions enable black-box construction of public key encryption (PKE) schemes secure against chosen-ciphertext attack [18]. Recently, a more efficient black-box construction of public key encryption was given in [12] with the help of chameleon all-but-one trapdoor functions (ABO-TDFs).In this paper, we propose a black-box construction for transforming any ABO-TDFs into chameleon ABO-TDFs with the help of chameleon hash functions. Instantiating the proposed general black-box construction of chameleon ABO-TDFs, we can obtain the first chameleon ABO-TDFs based on the Decisional Diffie-Hellman (DDH) assumption.
Adaptive Collision Resolution For Efficient Rfid Tag Identification, Yung-Chun Chen, Kuo-Hui Yeh, Nai-Wei Lo, Yingjiu Li, Enrico Winata
Adaptive Collision Resolution For Efficient Rfid Tag Identification, Yung-Chun Chen, Kuo-Hui Yeh, Nai-Wei Lo, Yingjiu Li, Enrico Winata
Research Collection School Of Computing and Information Systems
In large-scale RFID systems, all of the communications between readers and tags are via a shared wireless channel. When a reader intends to collect all IDs from numerous existing tags, a tag identification process is invoked by the reader to collect the tags' IDs. This phenomenon results in tag-to-reader signal collisions which may suppress the system performance greatly. To solve this problem, we design an efficient tag identification protocol in which a significant gain is obtained in terms of both identification delay and communication overhead. A k-ary tree-based abstract is adopted in our proposed tag identification protocol as underlying architecture …
Packed, Printable, And Polymorphic Return-Oriented Programming, Kangjie Lu, Dabi Zou, Weiping Wen, Debin Gao
Packed, Printable, And Polymorphic Return-Oriented Programming, Kangjie Lu, Dabi Zou, Weiping Wen, Debin Gao
Research Collection School Of Computing and Information Systems
Return-oriented programming (ROP) is an attack that has been shown to be able to circumvent W ⊕ X protection. However, it was not clear if ROP can be made as powerful as non-ROP malicious code in other aspects, e.g., be packed to make static analysis difficult, be printable to evade non-ASCII filtering, be polymorphic to evade signature-based detection, etc. Research in these potential advances in ROP is important in designing counter-measures. In this paper, we show that ROP code could be packed, printable, and polymorphic. We demonstrate this by proposing a packer that produces printable and polymorphic ROP code. It …
Linear Obfuscation To Combat Symbolic Execution, Zhi Wang, Jiang Ming, Chunfu Jia, Debin Gao
Linear Obfuscation To Combat Symbolic Execution, Zhi Wang, Jiang Ming, Chunfu Jia, Debin Gao
Research Collection School Of Computing and Information Systems
Trigger-based code (malicious in many cases, but not necessarily) only executes when specific inputs are received. Symbolic execution has been one of the most powerful techniques in discovering such malicious code and analyzing the trigger condition. We propose a novel automatic malware obfuscation technique to make analysis based on symbolic execution difficult. Unlike previously proposed techniques, the obfuscated code from our tool does not use any cryptographic operations and makes use of only linear operations which symbolic execution is believed to be good in analyzing. The obfuscated code incorporates unsolved conjectures and adds a simple loop to the original code, …
Tamper Detection In The Epc Network Using Digital Watermarking, Shui-Hua Han, Chao-Hsien Chu, Zongwei Luo
Tamper Detection In The Epc Network Using Digital Watermarking, Shui-Hua Han, Chao-Hsien Chu, Zongwei Luo
Research Collection School Of Computing and Information Systems
One of the most relevant problems in radio frequency identification (RFID) technology is the lack of security measures in its wireless communication channel between the reader and tag. This article analyzes potential data tampering threats in the electronic product code (EPC) network and proposes solutions using fragile watermarking technologies.
Driverguard: A Fine-Grained Protection On I/O Flow, Yueqiang Cheng, Xuhua Ding, Robert H. Deng
Driverguard: A Fine-Grained Protection On I/O Flow, Yueqiang Cheng, Xuhua Ding, Robert H. Deng
Research Collection School Of Computing and Information Systems
Most commodity peripheral devices and their drivers are geared to achieve high performance with security functions being opted out. The absence of security measures invites attacks on the I/O data and consequently threats those applications feeding on them, such as biometric authentication. In this paper, we present the design and implementation of DriverGuard, a hypervisor based protection mechanism which dynamically shields I/O flows such that I/O data are not exposed to the malicious kernel. Our design leverages a composite of cryptographic and virtualization techniques to achieve fine-grained protection. DriverGuard is lightweight as it only needs to protect around 2% of …
Privacy Beyond Single Sensitive Attribute, Yuan Fang, Mafruz Zaman Ashrafi, See Kiong Ng
Privacy Beyond Single Sensitive Attribute, Yuan Fang, Mafruz Zaman Ashrafi, See Kiong Ng
Research Collection School Of Computing and Information Systems
Publishing individual specific microdata has serious privacy implications. The k-anonymity model has been proposed to prevent identity disclosure from microdata, and the work on ℓ-diversity and t-closeness attempt to address attribute disclosure. However, most current work only deal with publishing microdata with a single sensitive attribute (SA), whereas real life scenarios often involve microdata with multiple SAs that may be multi-valued. This paper explores the issue of attribute disclosure in such scenarios. We propose a method called CODIP (Complete Disjoint Projections) that outlines a general solution to deal with the shortcomings in a naïve approach. We also introduce two measures, …
Certificateless Cryptography With Kgc Trust Level 3, Guomin Yang, Chik How Tan
Certificateless Cryptography With Kgc Trust Level 3, Guomin Yang, Chik How Tan
Research Collection School Of Computing and Information Systems
A normal certificateless cryptosystem can only achieve KGC trust level 2 according to the trust hierarchy defined by Girault. Although in the seminal paper introducing certificateless cryptography, Al-Riyami and Paterson introduced a binding technique to lift the KGC trust level of their certificateless schemes to level 3, many subsequent work on certificateless cryptography just focused on the constructions of normal certificateless schemes, and a formal study on the general applicability of the binding technique to these existing schemes is still missing. In this paper, to address the KGC trust level issue, we introduce the notion of Key Dependent Certificateless Cryptography …
On Detection Of Erratic Arguments, Jin Han, Qiang Yan, Robert H. Deng, Debin Gao
On Detection Of Erratic Arguments, Jin Han, Qiang Yan, Robert H. Deng, Debin Gao
Research Collection School Of Computing and Information Systems
Due to the erratic nature, the value of a function argument in one normal program execution could become illegal in another normal execution context. Attacks utilizing such erratic arguments are able to evade detections as fine-grained context information is unavailable in many existing detection schemes. In order to obtain such fine-grained context information, a precise model on the internal program states has to be built, which is impractical especially monitoring a closed source program alone. In this paper, we propose an intrusion detection scheme which builds on two diverse programs providing semantically-close functionality. Our model learns underlying semantic correlation of …
Towards Ground Truthing Observations In Gray-Box Anomaly Detection, Jiang Ming, Haibin Zhang, Debin Gao
Towards Ground Truthing Observations In Gray-Box Anomaly Detection, Jiang Ming, Haibin Zhang, Debin Gao
Research Collection School Of Computing and Information Systems
Anomaly detection has been attracting interests from researchers due to its advantage of being able to detect zero-day exploits. A gray-box anomaly detector first observes benign executions of a computer program and then extracts reliable rules that govern the normal execution of the program. However, such observations from benign executions are not necessarily true evidences supporting the rules learned. For example, the observation that a file descriptor being equal to a socket descriptor should not be considered supporting a rule governing the two values to be the same. Ground truthing such observations is a difficult problem since it is not …
Improved Ordinary Measure And Image Entropy Theory Based Intelligent Copy Detection Method, Dengpan Ye, Longfei Ma, Lina Wang, Robert H. Deng
Improved Ordinary Measure And Image Entropy Theory Based Intelligent Copy Detection Method, Dengpan Ye, Longfei Ma, Lina Wang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Nowadays, more and more multimedia websites appear in social network. It brings some security problems, such as privacy, piracy, disclosure of sensitive contents and so on. Aiming at copyright protection, the copy detection technology of multimedia contents becomes a hot topic. In our previous work, a new computer-based copyright control system used to detect the media has been proposed. Based on this system, this paper proposes an improved media feature matching measure and an entropy based copy detection method. The Levenshtein Distance was used to enhance the matching degree when using for feature matching measure in copy detection. For entropy …
A Generic Framework For Three-Factor Authentication: Preserving Security And Privacy In Distributed Systems, Xinyi Huang, Yang Xiang, Ashley Chonka, Jianying Zhou, Robert H. Deng
A Generic Framework For Three-Factor Authentication: Preserving Security And Privacy In Distributed Systems, Xinyi Huang, Yang Xiang, Ashley Chonka, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we …
General Construction Of Chameleon All-But-One Trapdoor Functions, Shengli Liu, Junzuo Lai, Robert H. Deng
General Construction Of Chameleon All-But-One Trapdoor Functions, Shengli Liu, Junzuo Lai, Robert H. Deng
Research Collection School Of Computing and Information Systems
Lossy trapdoor functions enable black-box construction of public key encryption (PKE) schemes secure against chosen-ciphertext attack [18]. Recently, a more efficient black-box construction of public key encryption was given in [13] with the help of chameleon all-but-one trapdoor functions (ABO-TDFs). In this paper, we propose a black-box construction for transforming any ABO-TDFs into chameleon ABO-TDFs with the help of chameleon hash functions. Instantiating the proposed general black-box construction of chameleon ABO-TDFs, we obtain the first chameleon ABO-TDFs based on the Decisional Diffie-Hellman (DDH) assumption.
Defending Against Cross Site Scripting Attacks, Lwin Khin Shar, Hee Beng Kuan Tan
Defending Against Cross Site Scripting Attacks, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
Researchers have proposed multiple solutions to cross-site scripting, but vulnerabilities continue to exist in many Web applications due to developers' lack of understanding of the problem and their unfamiliarity with current defenses' strengths and limitations.
Fully Secure Cipertext-Policy Hiding Cp-Abe, Junzuo Lai, Robert H. Deng, Yingjiu Li
Fully Secure Cipertext-Policy Hiding Cp-Abe, Junzuo Lai, Robert H. Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
In ciphertext-policy attributed-based encryption (CP-ABE), each ciphertext is labeled by the encryptor with an access structure (also called ciphertext policy) and each private key is associated with a set of attributes. A user should be able to decrypt a ciphertext if and only if his private key attributes satisfy the access structure.The traditional security property of CP-ABE is plaintext privacy, which ciphertexts reveal no information about the underlying plaintext. At ACNS’08, Nishide, Yoneyama and Ohta introduced the notion of ciphertext-policy hiding CP-ABE. In addition to protecting the privacy of plaintexts, ciphertext-policy hiding CP-ABE also protects the description of the access …
Preserving Transparency And Accountability In Optimistic Fair Exchange Of Digital Signatures, Xinyi Huang, Yi Mu, Willy Susilo, Jianying Zhou, Robert H. Deng
Preserving Transparency And Accountability In Optimistic Fair Exchange Of Digital Signatures, Xinyi Huang, Yi Mu, Willy Susilo, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
Optimistic fair exchange (OFE) protocols are useful tools for two participants to fairly exchange items with the aid of a third party who is only involved if needed. A widely accepted requirement is that the third party's involvement in the exchange must be transparent, to protect privacy and avoid bad publicity. At the same time, a dishonest third party would compromise the fairness of the exchange and the third party thus must be responsible for its behaviors. This is achieved in OFE protocols with another property called accountability. It is unfortunate that the accountability has never been formally studied in …
Hierarchical Identity-Based Chameleon Hash And Its Applications, Feng Bao, Robert H. Deng, Xuhua Ding, Junzuo Lai, Yunlei Zhao
Hierarchical Identity-Based Chameleon Hash And Its Applications, Feng Bao, Robert H. Deng, Xuhua Ding, Junzuo Lai, Yunlei Zhao
Research Collection School Of Computing and Information Systems
At ACNS 2008, Canard et al. introduced the notion of trapdoor sanitizable signature (TSS) based on identity-based chameleon hash (IBCH). Trapdoor sanitizable signatures allow the signer of a message to delegate, at any time, the power of sanitization to possibly several entities who can modify predetermined parts of the message and generate a new signature on the sanitized message without interacting with the original signer. In this paper, we introduce the notion of hierarchical identity-based chameleon hash (HIBCH), which is a hierarchical extension of IBCH. We show that HIBCH can be used to construct other cryptographic primitives, including hierarchical trapdoor …
A Solution With Security Concern For Rfid-Based Track And Trace Services In Epcglobal-Enabled Supply Chains, Wei He, Yingjiu Li, Kevin Chiew, Tieyan Li, Eng Wah Lee
A Solution With Security Concern For Rfid-Based Track And Trace Services In Epcglobal-Enabled Supply Chains, Wei He, Yingjiu Li, Kevin Chiew, Tieyan Li, Eng Wah Lee
Research Collection School Of Computing and Information Systems
A supply chain represents the flow of materials, information, and finance as they move through supply chain partners such as manufacturers, suppliers, distributors, retailers, and consumers. The track & trace services in supply chains can help improve supply chain visibility and efficiency, and prevent counterfeiting and stealing of products thus enhance security. Track & trace services in supply chains require identification of items, capture of events as items move through supply chains, and query of events of items. RFID (radio frequency identification) is a technology that allows to identify objects simultaneously in a fully automated manner via radio waves. This …
Heterogeneous Signcryption With Key Privacy, Qiong Huang, Duncan S. Wong, Guomin Yang
Heterogeneous Signcryption With Key Privacy, Qiong Huang, Duncan S. Wong, Guomin Yang
Research Collection School Of Computing and Information Systems
A signcryption scheme allows a sender to produce a ciphertext for a receiver so that both confidentiality and non-repudiation can be ensured. It is built to be more efficient and secure, for example, supporting insider security, when compared with the conventional sign-then-encrypt approach. In this paper, we propose a new notion called heterogeneous signcryption in which the sender has an identity-based secret key while the receiver is holding a certificate-based public key pair. Heterogeneous signcryption is suitable for practical scenarios where an identity-based user, who does not have a personal certificate or a public key, wants to communicate securely with …
Strongly Secure Certificateless Key Exchange Without Pairing, Guomin Yang, Chik How Tan
Strongly Secure Certificateless Key Exchange Without Pairing, Guomin Yang, Chik How Tan
Research Collection School Of Computing and Information Systems
In certificateless cryptography, a user secret key is derived from two partial secrets: one is the identity-based secret key (corresponding to the user identity) generated by a Key Generation Center (KGC), and the other is the user selfgenerated secret key (corresponding to a user self-generated and uncertified public key). Two types of adversaries are considered for certificateless cryptography: a Type-I adversary who can replace the user self-generated public key (in transmission or in a public directory), and a Type-II adversary who is an honest-but-curious KGC. In this paper, we present a formal study on certificateless key exchange (CLKE). We show …
Certificateless Public Key Encryption: A New Generic Construction And Two Pairing-Free Schemes, Guomin Yang, Chik How Tan
Certificateless Public Key Encryption: A New Generic Construction And Two Pairing-Free Schemes, Guomin Yang, Chik How Tan
Research Collection School Of Computing and Information Systems
The certificateless encryption (CLE) scheme proposed by Baek, Safavi-Naini and Susilo is computation-friendly since it does not require any pairing operation. Unfortunately, an error was later discovered in their security proof and so far the provable security of the scheme remains unknown. Recently, Fiore, Gennaro and Smart showed a generic way (referred to as the FGS transformation) to transform identity-based key agreement protocols to certificateless key encapsulation mechanisms (CL-KEMs). As a typical example, they showed that the pairing-free CL-KEM underlying Baek et al.’s CLE can be “generated” by applying their transformation to the Fiore–Gennaro (FG) identity-based key agreement (IB-KA) protocol.In …
Authenticated Key Exchange Under Bad Randomness, Guomin Yang, Shanshan Duan, Duncan S. Wong, Chik How Tan, Huaxiong Wang
Authenticated Key Exchange Under Bad Randomness, Guomin Yang, Shanshan Duan, Duncan S. Wong, Chik How Tan, Huaxiong Wang
Research Collection School Of Computing and Information Systems
We initiate the formal study on authenticated key exchange (AKE) under bad randomness. This could happen when (1) an adversary compromises the randomness source and hence directly controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions due to reset attacks. We construct two formal security models, Reset-1 and Reset-2, to capture these two bad randomness situations respectively, and investigate the security of some widely used AKE protocols in these models by showing that they become insecure when the adversary is able to manipulate the randomness. On the positive side, we propose simple but …
Chameleon All-But-One Tdfs And Their Application To Chosen-Ciphertext Security, Junzuo Lai, Robert H. Deng, Shengli Liu
Chameleon All-But-One Tdfs And Their Application To Chosen-Ciphertext Security, Junzuo Lai, Robert H. Deng, Shengli Liu
Research Collection School Of Computing and Information Systems
In STOC’08, Peikert and Waters introduced a new powerful primitive called lossy trapdoor functions (LTDFs) and a richer abstraction called all-but-one trapdoor functions (ABO-TDFs). They also presented a black-box construction of CCA-secure PKE from an LTDF and an ABO-TDF. An important component of their construction is the use of a strongly unforgeable one-time signature scheme for CCA-security.In this paper, we introduce the notion of chameleon ABO-TDFs, which is a special kind of ABO-TDFs. We give a generic as well as a concrete construction of chameleon ABO-TDFs. Based on an LTDF and a chameleon ABO-TDF, we presented a black-box construction, free …
Secure Mobile Subscription Of Sensor-Encrypted Data, Cheng-Kang Chu, Wen-Tao Zhu, Sherman S. M. Chow, Jianying Zhou, Robert H. Deng
Secure Mobile Subscription Of Sensor-Encrypted Data, Cheng-Kang Chu, Wen-Tao Zhu, Sherman S. M. Chow, Jianying Zhou, Robert H. Deng
Research Collection School Of Computing and Information Systems
In an end-to-end encryption model for a wireless sensor network (WSN), the network control center preloads encryption and decryption keys to the sensor nodes and the subscribers respectively, such that a subscriber can use a mobile device in the deployment field to decrypt the sensed data encrypted by the more resource-constrained sensor nodes. This paper proposes SMS-SED, a provably secure yet practically efficient key assignment system featuring a discrete time-based access control, to better support a business model where the sensors deployer rents the WSN to customers who desires a higher flexibility beyond subscribing to strictly consecutive periods. In SMS-SED, …