Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

PDF

Singapore Management University

2016

Articles 31 - 57 of 57

Full-Text Articles in Information Security

Edit Distance Based Encryption And Its Application, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo, Kaitai Liang Jul 2016

Edit Distance Based Encryption And Its Application, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo, Kaitai Liang

Research Collection School Of Computing and Information Systems

Edit distance, also known as Levenshtein distance, is a very useful tool to measure the similarity between two strings. It has been widely used in many applications such as natural language processing and bioinformatics. In this paper, we introduce a new type of fuzzy public key encryption called Edit Distance-based Encryption (EDE). In EDE, the encryptor can specify an alphabet string and a threshold when encrypting a message, and a decryptor can obtain a decryption key generated from another alphabet string, and the decryption will be successful if and only if the edit distance between the two strings is within …

Go to article

Proxy Signature With Revocation, Shengmin Xu, Guomin Yang, Yi Mu, Shu Ma Jul 2016

Proxy Signature With Revocation, Shengmin Xu, Guomin Yang, Yi Mu, Shu Ma

Research Collection School Of Computing and Information Systems

Proxy signature is a useful cryptographic primitive that allows signing right delegation. In a proxy signature scheme, an original signer can delegate his/her signing right to a proxy signer (or a group of proxy signers) who can then sign documents on behalf of the original signer. In this paper, we investigate the problem of proxy signature with revocation. The revocation of delegated signing right is necessary for a proxy signature scheme when the proxy signer’s key is compromised and/or any misuse of the delegated right is noticed. Although a proxy signature scheme usually specifies a delegation time period, it may …

Go to article

Generic Anonymous Identity-Based Broadcast Encryption With Chosen-Ciphertext Security, Kai He, Jian Weng, Man Ho Au, Yijun Mao, Deng, Robert H. Jul 2016

Generic Anonymous Identity-Based Broadcast Encryption With Chosen-Ciphertext Security, Kai He, Jian Weng, Man Ho Au, Yijun Mao, Deng, Robert H.

Research Collection School Of Computing and Information Systems

In a broadcast encryption system, a broadcaster can encrypt a message to a group of authorized receivers S and each authorized receiver can use his/her own private key to correctly decrypt the broadcast ciphertext, while the users outside S cannot. Identity-based broadcast encryption (IBBE) system is a variant of broadcast encryption system where any string representing the user’s identity (e.g., email address) can be used as his/her public key. IBBE has found many applications in real life, such as pay-TV systems, distribution of copyrighted materials, satellite radio communications. When employing an IBBE system, it is very important to protect the …

Go to article

A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng Jul 2016

A Survey On Future Internet Security Architectures, Wenxiu Ding, Zheng Yan, Robert H. Deng

Research Collection School Of Computing and Information Systems

Current host-centric Internet Protocol (IP) networks are facing unprecedented challenges, such as network attacks and the exhaustion of IP addresses. Motivated by emerging demands for security, mobility, and distributed networking, many research projects have been initiated to design the future Internet from a clean slate. In order to obtain a thorough knowledge of security in future Internet architecture, we review a number of well-known projects, including named data networking, Content Aware Searching Retrieval and sTreaming, MobilityFirst Future Internet Architecture Project (MobilityFirst), eXpressive Internet Architecture, and scalability, control, and isolation on next-generation network. These projects aim to move away from the …

Go to article

Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu Jul 2016

Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu

Research Collection School Of Computing and Information Systems

Nowadays an increasing amount of data stored in the public cloud need to be searched remotely for fast accessing. For the sake of privacy, the remote files are usually encrypted, which makes them difficult to be searched by remote servers. It is also harder to efficiently share encrypted data in the cloud than those in plaintext. In this paper, we develop a searchable encryption framework called Linear Encryption with Keyword Search (LEKS) that can semi-generically convert some existing encryption schemes meeting our Linear Encryption Template (LET) to be searchable without re-encrypting all the data. For allowing easy data sharing, we …

Go to article

One-Round Strong Oblivious Signature-Based Envelope, Rongmao Chen, Yi Mu, Willy Susilo, Guomin Yang, Fuchun Guo, Mingwu Zhang Jul 2016

One-Round Strong Oblivious Signature-Based Envelope, Rongmao Chen, Yi Mu, Willy Susilo, Guomin Yang, Fuchun Guo, Mingwu Zhang

Research Collection School Of Computing and Information Systems

Oblivious Signature-Based Envelope (OSBE) has been widely employed for anonymity-orient and privacy-preserving applications. The conventional OSBE execution relies on a secure communication channel to protect against eavesdroppers. In TCC 2012, Blazy, Pointcheval and Vergnaud proposed a framework of OSBE (BPV-OSBE) without requiring any secure channel by clarifying and enhancing the OSBE security notions. They showed how to generically build an OSBE scheme satisfying the new strong security in the standard model with a common-reference string. Their framework requires 2-round interactions and relies on the smooth projective hash function (SPHF) over special languages, i.e., languages from encryption of signatures. In this …

Go to article

Cdrep: Automatic Repair Of Cryptographic-Misuses In Android Applications, Siqi Ma, David Lo, Teng Li, Robert H. Deng Jun 2016

Cdrep: Automatic Repair Of Cryptographic-Misuses In Android Applications, Siqi Ma, David Lo, Teng Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

Cryptography is increasingly being used in mobile applications to provide various security services; from user authentication, data privacy, to secure communications. However, there are plenty of mistakes that developers could accidentally make when using cryptography in their mobile apps and such mistakes can lead to a false sense of security. Recent research efforts indeed show that a significant portion of mobile apps in both Android and iOS platforms misused cryptographic APIs. In this paper, we present CDRep, a tool for automatically repairing cryptographic misuse defects in Android apps. We classify such defects into seven types and manually assemble the corresponding …

Go to article

Iccdetector: Icc-Based Malware Detection On Android, Xu Ke, Yingjiu Li, Robert H. Deng Jun 2016

Iccdetector: Icc-Based Malware Detection On Android, Xu Ke, Yingjiu Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

Most existing mobile malware detection methods (e.g., Kirin and DroidMat) are designed based on the resources required by malwares (e.g., permissions, application programming interface (API) calls, and system calls). These methods capture the interactions between mobile apps and Android system, but ignore the communications among components within or cross application boundaries. As a consequence, the majority of the existing methods are less effective in identifying many typical malwares, which require a few or no suspicious resources, but leverage on inter-component communication (ICC) mechanism when launching stealthy attacks. To address this challenge, we propose a new malware detection method, named ICCDetector. …

Go to article

Deduplication On Encrypted Big Data In Cloud, Zheng Yan, Wenxiu Ding, Xixun Yu, Haiqi Zhu, Deng, Robert H. Jun 2016

Deduplication On Encrypted Big Data In Cloud, Zheng Yan, Wenxiu Ding, Xixun Yu, Haiqi Zhu, Deng, Robert H.

Research Collection School Of Computing and Information Systems

Cloud computing offers a new way of service provision by re-arranging various resources over the Internet. The most important and popular cloud service is data storage. In order to preserve the privacy of data holders, data are often stored in cloud in an encrypted form. However, encrypted data introduce new challenges for cloud data deduplication, which becomes crucial for big data storage and processing in cloud. Traditional deduplication schemes cannot work on encrypted data. Existing solutions of encrypted data deduplication suffer from security weakness. They cannot flexibly support data access control and revocation. Therefore, few of them can be readily …

Go to article

Adaptable Key-Policy Attribute-Based Encryption With Time Interval, Siqi Ma, Junzuo Lai, Deng, Robert H., Xuhua Ding Jun 2016

Adaptable Key-Policy Attribute-Based Encryption With Time Interval, Siqi Ma, Junzuo Lai, Deng, Robert H., Xuhua Ding

Research Collection School Of Computing and Information Systems

In this paper, we introduce a new cryptographic primitive: adaptable KP-ABE with time interval (KP-TIABE), which is an extension of key-policy attribute-based encryption (KP-ABE). Adaptable KP-TIABE specifies a decryption time interval for every ciphertext such that the ciphertext can only be decrypted within this time interval. To be more flexible, the decryption time interval associated with a ciphertext can be adjusted on demand by a semi-trusted server. We propose a formal model for adaptable KP-TIABE, present a concrete adaptable KP-TIABE scheme and prove its security under the security model.

Go to article

Recipient Revocable Identity-Based Broadcast Encryption: How To Revoke Some Recipients In Ibbe Without Knowledge Of The Plaintext, Willy Susilo, Guomin Yang, Rongmao Chen, Yi Mu, Fuchun Guo, Yang-Wai Chow Jun 2016

Recipient Revocable Identity-Based Broadcast Encryption: How To Revoke Some Recipients In Ibbe Without Knowledge Of The Plaintext, Willy Susilo, Guomin Yang, Rongmao Chen, Yi Mu, Fuchun Guo, Yang-Wai Chow

Research Collection School Of Computing and Information Systems

In this paper, we present the notion of recipient-revocable identity-based broadcast encryption scheme. In this notion, a content provider will produce encrypted content and send them to a third party (which is a broadcaster). This third party will be able to revoke some identities from the ciphertext. We present a security model to capture these requirements, as well as a concrete construction. The ciphertext consists of k + 3 group elements, assuming that the maximum number of revocation identities is k. That is, the ciphertext size is linear in the maximal size of R, where R is the revocation identity …

Go to article

Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad Jun 2016

Mobipot: Understanding Mobile Telephony Threats With Honeycards, Marco Balduzzi, Payas Gupta, Lion Gu, Debin Gao, Mustaque Ahamad

Research Collection School Of Computing and Information Systems

Over the past decade, the number of mobile phones has increased dramatically, overtaking the world population in October 2014. In developing countries like India and China, mobile subscribers outnumber traditional landline users and account for over 90% of the active population. At the same time, convergence of telephony with the Internet with technologies like VoIP makes it possible to reach a large number of telephone users at a low or no cost via voice calls or SMS (short message service) messages. As a consequence, cybercriminals are abusing the telephony channel to launch attacks, e.g., scams that offer fraudulent services and …

Go to article

The Frustrations And Benefits Of Mobile Device Usage In The Home When Co-Present With Family Members, Erick Oduor, Carman Neustaedter, William Odom, Anthony Tang, Niala Moallem, Melanie Tory, Pourang Irani Jun 2016

The Frustrations And Benefits Of Mobile Device Usage In The Home When Co-Present With Family Members, Erick Oduor, Carman Neustaedter, William Odom, Anthony Tang, Niala Moallem, Melanie Tory, Pourang Irani

Research Collection School Of Computing and Information Systems

Mobile devices have begun to raise questions around the potential for overuse when in the presence of family or friends. As such, we conducted a diary and interview study to understand how people use mobile devices in the presence of others at home, and how this shapes their behavior and household dynamics. Results show that family members become frustrated when others do non-urgent activities on their phones in the presence of others. Yet people often guess at what others are doing because of the personal nature of mobile devices. In some cases, people developed strategies to provide a greater sense …

Go to article

Towards Secure Online Distribution Of Multimedia Codestreams, Swee Won Lo May 2016

Towards Secure Online Distribution Of Multimedia Codestreams, Swee Won Lo

Dissertations and Theses Collection (Open Access)

Multimedia codestreams distributed through open and insecure networks are subjected to attacks such as malicious content tampering and unauthorized accesses. This dissertation first addresses the issue of authentication as a mean to integrity - protect multimedia codestreams against malicious tampering. Two cryptographic-based authentication schemes are proposed to authenticate generic scalable video codestreams with a multi-layered structure. The first scheme combines the salient features of hash-chaining and double error correction coding to achieve loss resiliency with low communication overhead and proxy-transparency. The second scheme further improves computation cost by replacing digital signature with a hash-based message authentication code to achieve packet-level …

Go to article

Graph-Aided Directed Testing Of Android Applications For Checking Runtime Privacy Behaviours, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Krishna Balan May 2016

Graph-Aided Directed Testing Of Android Applications For Checking Runtime Privacy Behaviours, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Krishna Balan

Research Collection School Of Computing and Information Systems

While automated testing of mobile applications is very useful for checking run-time behaviours and specifications, its capability in discovering issues in apps is often limited in practice due to long testing time. A common practice is to randomly and exhaustively explore the whole app test space, which takes a lot of time and resource to achieve good coverage and reach targeted parts of the apps. In this paper, we present MAMBA, a directed testing system for checking privacy in Android apps. MAMBA performs path searches of user events in control-flow graphs of callbacks generated from static analysis of app bytecode. …

Go to article

Efficient Verifiable Computation Of Linear And Quadratic Functions Over Encrypted Data, Ngoc Hieu Tran, Hwee Hwa Pang, Robert H. Deng May 2016

Efficient Verifiable Computation Of Linear And Quadratic Functions Over Encrypted Data, Ngoc Hieu Tran, Hwee Hwa Pang, Robert H. Deng

Research Collection School Of Computing and Information Systems

In data outsourcing, a client stores a large amount of data on an untrusted server; subsequently, the client can request the server to compute a function on any subset of the data. This setting naturally leads to two security requirements: confidentiality of input data, and authenticity of computations. Existing approaches that satisfy both requirements simultaneously are built on fully homomorphic encryption, which involves expensive computation on the server and client and hence is impractical. In this paper, we propose two verifiable homomorphic encryption schemes that do not rely on fully homomorphic encryption. The first is a simple and efficient scheme …

Go to article

Leveraging Automated Privacy Checking For Design Of Mobile Privacy Protection Mechanisms, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Balan May 2016

Leveraging Automated Privacy Checking For Design Of Mobile Privacy Protection Mechanisms, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Balan

Research Collection School Of Computing and Information Systems

While mobile platforms rely on developers to follow good practices in privacy design, developers might not always adhere. In addition, it is often difficult for users to understand the privacy behaviour of their applications without some prolonged usage. To aid in these issues, we describe on-going research to improve privacy protection by utilizing techniques that mine privacy information from application binaries as a grey-box (Automated Privacy Checking). The outputs can then be utilized to improve the users' ability to exercise privacy-motivated discretion. We conducted a user study to observe the effects of presenting information on leak-causing triggers within applications in …

Go to article

Anonymous Identity-Based Broadcast Encryption With Chosen-Ciphertext Security, Kai He, Jian Weng, Jia-Nan Liu, Joseph K. Liu, Wei Liu, Deng, Robert H. May 2016

Anonymous Identity-Based Broadcast Encryption With Chosen-Ciphertext Security, Kai He, Jian Weng, Jia-Nan Liu, Joseph K. Liu, Wei Liu, Deng, Robert H.

Research Collection School Of Computing and Information Systems

In this paper, we propose the first identity-based broadcast encryption scheme, which can simultaneously achieves confidentiality and full anonymity against adaptive chosen-ciphertext attacks under a standard assumption. In addition, two further desirable features are also provided: one is fully-collusion resistant which means that even if all users outside of receivers S collude they cannot obtain any information about the plaintext. The other one is stateless which means that the users in the system do not need to update their private keys when the other users join or leave our system. In particular, our scheme is highly efficient, where the public …

Go to article

A Key-Insulated Cp-Abe With Key Exposure Accountability For Secure Data Sharing In The Cloud, Hanshu Hong, Zhixin Sun, Ximeng Liu May 2016

A Key-Insulated Cp-Abe With Key Exposure Accountability For Secure Data Sharing In The Cloud, Hanshu Hong, Zhixin Sun, Ximeng Liu

Research Collection School Of Computing and Information Systems

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). …

Go to article

Stabilized Annotations For Mobile Remote Assistance, Omid Fakourfar, Kevin Ta, Richard Tang, Scott Bateman, Anthony Tang May 2016

Stabilized Annotations For Mobile Remote Assistance, Omid Fakourfar, Kevin Ta, Richard Tang, Scott Bateman, Anthony Tang

Research Collection School Of Computing and Information Systems

Recent mobile technology has provided new opportunities for creating remote assistance systems. However, mobile support systems present a particular challenge: both the camera and display are held by the user, leading to shaky video. When pointing or drawing annotations, this means that the desired target often moves, causing the gesture to lose its intended meaning. To address this problem, we investigate annotation stabilization techniques, which allow annotations to stick to their intended location. We studied two annotation systems, using three different forms of annotations, with both tablets and head-mounted displays. Our analysis suggests that stabilized annotations and head-mounted displays are …

Go to article

Anonymous Proxy Signature With Hierarchical Traceability, Jiannan Wei, Guomin Yang, Yi Mu, Kaitai Liang Apr 2016

Anonymous Proxy Signature With Hierarchical Traceability, Jiannan Wei, Guomin Yang, Yi Mu, Kaitai Liang

Research Collection School Of Computing and Information Systems

Anonymous proxy signatures are very useful in the construction of anonymous credential systems such as anonymous voting and anonymous authentication protocols. As a basic requirement, we should ensure an honest proxy signer is anonymous. However, in order to prevent the proxy signer from abusing the signing right, we should also allow dishonest signers to be traced. In this paper, we present three novel anonymous proxy signature schemes with different levels of (namely, public, internal and original signer) traceability. We define the formal definitions and security models for these three different settings, and prove the security of our proposed schemes under …

Go to article

Dual-Server Public-Key Encryption With Keyword Search For Secure Cloud Storage, Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, Xiaofen Wang Apr 2016

Dual-Server Public-Key Encryption With Keyword Search For Secure Cloud Storage, Rongmao Chen, Yi Mu, Guomin Yang, Fuchun Guo, Xiaofen Wang

Research Collection School Of Computing and Information Systems

Searchable encryption is of increasing interest for protecting the data privacy in secure searchable cloud storage. In this paper, we investigate the security of a well-known cryptographic primitive, namely, public key encryption with keyword search (PEKS) which is very useful in many applications of cloud storage. Unfortunately, it has been shown that the traditional PEKS framework suffers from an inherent insecurity called inside keyword guessing attack (KGA) launched by the malicious server. To address this security vulnerability, we propose a new PEKS framework named dual-server PEKS (DS-PEKS). As another main contribution, we define a new variant of the smooth projective …

Go to article

Cca-Secure Keyed-Fully Homomorphic Encryption, Junzuo Lai, Deng, Robert H., Changshe Ma, Kouichi Sakurai, Jian Weng Mar 2016

Cca-Secure Keyed-Fully Homomorphic Encryption, Junzuo Lai, Deng, Robert H., Changshe Ma, Kouichi Sakurai, Jian Weng

Research Collection School Of Computing and Information Systems

To simultaneously achieve CCA security and homomorphic property for encryption, Emura et al. introduced a new cryptographic primitive named keyed-homomorphic encryption, in which homomorphic ciphertext manipulations can only be performed by someone holding a devoted evaluation key which, by itself, does not enable decryption. A keyed-homomorphic encryption scheme should provide CCA2 security when the evaluation key is unavailable to the adversary and remain CCA1-secure when the evaluation key is exposed. While existing keyed-homomorphic encryption schemes only allow simple computations on encrypted data, our goal is to construct CCA-secure keyed-fully homomorphic encryption (keyed-FHE) capable of evaluating any functions on encrypted data …

Go to article

Strongly Leakage-Resilient Authenticated Key Exchange, Rongmao Chen, Yi Mu, Guomin Yang, Willy Susilo, Fuchun Guo Mar 2016

Strongly Leakage-Resilient Authenticated Key Exchange, Rongmao Chen, Yi Mu, Guomin Yang, Willy Susilo, Fuchun Guo

Research Collection School Of Computing and Information Systems

Authenticated Key Exchange (AKE) protocols have been widely deployed in many real-world applications for securing communication channels. In this paper, we make the following contributions. First, we revisit the security modelling of leakage-resilient AKE protocols, and show that the existing models either impose some unnatural restrictions or do not sufficiently capture leakage attacks in reality. We then introduce a new strong yet meaningful security model, named challenge-dependent leakage-resilient eCK (CLR- eCKCLR- eCK) model, to capture challenge-dependent leakage attacks on both long-term secret key and ephemeral secret key (i.e., randomness). Second, we propose a general framework for constructing one-round CLR- eCKCLR- …

Go to article

One Size Does Not Fit All: A Game-Theoretic Approach For Dynamically And Effectively Screening For Threats, Matthew Brown, Arunesh Sinha, Aaron Schlenker, Milind Tambe Feb 2016

One Size Does Not Fit All: A Game-Theoretic Approach For Dynamically And Effectively Screening For Threats, Matthew Brown, Arunesh Sinha, Aaron Schlenker, Milind Tambe

Research Collection School Of Computing and Information Systems

An effective way of preventing attacks in secure areas is to screen for threats (people, objects) before entry, e.g., screening of airport passengers. However, screening every entity at the same level may be both ineffective and undesirable. The challenge then is to find a dynamic approach for randomized screening, allowing for more effective use of limited screening resources, leading to improved security. We address this challenge with the following contributions: (1) a threat screening game (TSG) model for general screening domains; (2) an NP-hardness proof for computing the optimal strategy of TSGs; (3) a scheme for decomposing TSGs into subgames …

Go to article

Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo Jan 2016

Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions, Tran Viet Xuan Phuong, Guomin Yang, Willy Susilo

Research Collection School Of Computing and Information Systems

We propose two new ciphertext policy attributebased encryption (CP-ABE) schemes where the access policy is defined by AND-gate with wildcard. In the first scheme, we present a new technique that uses only one group element to represent an attribute, while the existing ABE schemes of the same type need to use three different group elements to represent an attribute for the three possible values (namely, positive, negative, and wildcard). Our new technique leads to a new CP-ABE scheme with constant ciphertext size, which, however, cannot hide the access policy used for encryption. The main contribution of this paper is to …

Go to article

Privacy-Preserving And Verifiable Data Aggregation, Ngoc Hieu Tran, Robert H. Deng, Hwee Hwa Pang Jan 2016

Privacy-Preserving And Verifiable Data Aggregation, Ngoc Hieu Tran, Robert H. Deng, Hwee Hwa Pang

Research Collection School Of Computing and Information Systems

There are several recent research studies on privacy-preserving aggregation of time series data, where an aggregator computes an aggregation of multiple users' data without learning each individual's private input value. However, none of the existing schemes allows the aggregation result to be verified for integrity. In this paper, we present a new data aggregation scheme that protects user privacy as well as integrity of the aggregation. Towards this end, we first propose an aggregate signature scheme in a multi-user setting without using bilinear maps. We then extend the aggregate signature scheme into a solution for privacy-preserving and verifiable data aggregation. …

Go to article

First Prev