Open Access. Powered by Scholars. Published by Universities.®
Social and Behavioral Sciences Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 29 of 29
Full-Text Articles in Social and Behavioral Sciences
Public Key Authenticated Encryption With Designated Equality Test And Its Applications In Diagnostic Related Groups, Yuanhao Wang, Qiong Huang, Hongbo Li, Jianye Huang, Guomin Yang, Willy Susilo
Public Key Authenticated Encryption With Designated Equality Test And Its Applications In Diagnostic Related Groups, Yuanhao Wang, Qiong Huang, Hongbo Li, Jianye Huang, Guomin Yang, Willy Susilo
Faculty of Engineering and Information Sciences - Papers: Part B
Due to the massive growth of data and security concerns, data of patients would be encrypted and outsourced to the cloud server for feature matching in various medical scenarios, such as personal health record systems, actuarial judgements and diagnostic related groups. Public key encryption with equality test (PKEET) is a useful utility for encrypted feature matching. Authorized tester could perform data matching on encrypted data without decrypting. Unfortunately, due to the limited terminology in medicine, people within institutions may illegally use data, trying to obtain information through traversal methods. In this paper we propose a new PKEET notion, called public-key …
A Multilayer Secured Messaging Protocol For Rest-Based Services, Idongesit Efaemiode Eteng
A Multilayer Secured Messaging Protocol For Rest-Based Services, Idongesit Efaemiode Eteng
Journal of International Technology and Information Management
The lack of descriptive language and security guidelines poses a big challenge to implementing security in Representational State Transfer (REST) architecture. There is over reliance on Secure Socket Layer/Transport Layer Security (SSL/TLS), which in recent times has proven to be fallible. Some recent attacks against SSL/TLS include: POODLE, BREACH, CRIME, BEAST, FREAK etc. A secure messaging protocol is implemented in this work. The protocol is further compiled into a reusable library which can be called by other REST services. Using Feature Driven Development (FDD) software methodology, a two layer security protocol was developed. The first layer is a well hardened …
A Framework For The Performance Analysis And Tuning Of Virtual Private Networks, Fridrich Shane Perez
A Framework For The Performance Analysis And Tuning Of Virtual Private Networks, Fridrich Shane Perez
Theses and Dissertations
With the rising trend of personal devices like laptops and smartphones being used in businesses and significant enterprises, the concern for preserving security arises. In addition to preserving security measures in outside devices, the network speed and performance capable by these devices need to be balanced with the security aspect to avoid slowing down virtual private network (VPN) activity. Performance tests have been done in the past to evaluate available software, hardware, and network security protocol options that will best benefit an entity according to its specific needs. With a variety of comparable frameworks available currently, it is a matter …
Id-Based Encryption With Equality Test Against Insider Attack, Tong Wu, Sha Ma, Yi Mu, Shengke Zeng
Id-Based Encryption With Equality Test Against Insider Attack, Tong Wu, Sha Ma, Yi Mu, Shengke Zeng
Faculty of Engineering and Information Sciences - Papers: Part B
Testing if two ciphertexts contain the same plaintext is an interesting cryptographic primitive. It is usually referred to as equality test of encrypted data or equality test.
Dynamic Searchable Symmetric Encryption With Physical Deletion And Small Leakage, Peng Xu, Shuai Liang, Wei Wang, Willy Susilo, Qianhong Wu, Hai Jin
Dynamic Searchable Symmetric Encryption With Physical Deletion And Small Leakage, Peng Xu, Shuai Liang, Wei Wang, Willy Susilo, Qianhong Wu, Hai Jin
Faculty of Engineering and Information Sciences - Papers: Part B
Dynamic Searchable Symmetric Encryption (DSSE) allows a client not only to search over ciphertexts as the traditional search- able symmetric encryption does, but also to update these ciphertexts according to requirements, e.g., adding or deleting some ciphertexts. It has been recognized as a fundamental and promising method to build secure cloud storage.
Efficient Subversion Of Symmetric Encryption With Random Initialization Vector, Joon Sang Baek, Ilsun You
Efficient Subversion Of Symmetric Encryption With Random Initialization Vector, Joon Sang Baek, Ilsun You
Faculty of Engineering and Information Sciences - Papers: Part B
This paper presents an efficient subverted symmetric encryption scheme, which outputs a random initialization vector (IV). Compared with the available scheme of the same kind in the literature, our attack provides a saboteur (big brother) with much faster recovery of a key used in a victim's symmetric encryption scheme. Our result implies that care must be taken when a symmetric encryption scheme with a random IV such as randomized CBC is deployed.
Threshold Broadcast Encryption With Keyword Search, Shiwei Zhang, Yi Mu, Guomin Yang
Threshold Broadcast Encryption With Keyword Search, Shiwei Zhang, Yi Mu, Guomin Yang
Faculty of Engineering and Information Sciences - Papers: Part A
Many users store their data in a cloud, which might not be fully trusted, for the purpose of convenient data access and sharing. For efficiently accessing the stored data, keyword search can be performed by the cloud server remotely with a single query from the user. However, the cloud server cannot directly search the data if it is encrypted. One of solutions could be to allow the user to download the encrypted data, in order to carry out a search; however, it might consume huge network bandwidth. To solve this problem, the notion of keyword search on encrypted data (searchable …
Edit Distance Based Encryption And Its Application, Phuong Viet Xuan Tran, Guomin Yang, Willy Susilo, Kaitai Liang
Edit Distance Based Encryption And Its Application, Phuong Viet Xuan Tran, Guomin Yang, Willy Susilo, Kaitai Liang
Faculty of Engineering and Information Sciences - Papers: Part A
Edit distance, also known as Levenshtein distance, is a very useful tool to measure the similarity between two strings. It has been widely used in many applications such as natural language processing and bioinformatics. In this paper, we introduce a new type of fuzzy public key encryption called Edit Distance-based Encryption (EDE). In EDE, the encryptor can specify an alphabet string and a threshold when encrypting a message, and a decryptor can obtain a decryption key generated from another alphabet string, and the decryption will be successful if and only if the edit distance between the two strings is within …
Anonymous Identity-Based Broadcast Encryption With Revocation For File Sharing, Jianchang Lai, Yi Mu, Fuchun Guo, Willy Susilo, Rongmao Chen
Anonymous Identity-Based Broadcast Encryption With Revocation For File Sharing, Jianchang Lai, Yi Mu, Fuchun Guo, Willy Susilo, Rongmao Chen
Faculty of Engineering and Information Sciences - Papers: Part A
Traditionally, a ciphertext from an identity-based broadcast encryption can be distributed to a group of receivers whose identities are included in the ciphertext. Once the ciphertext has been created, it is not possible to remove any intended receivers from it without conducting decryption. In this paper, we consider an interesting question: how to remove target designated receivers from a ciphertext generated by an anonymous identity-based broadcast encryption? The solution to this question is found applicable to file sharing with revocation. In this work, we found an affirmative answer to this question. We construct an anonymous identity-based broadcast encryption, which offers …
Certificate-Based Encryption With Keyword Search Enabling Secure Authorization In Electronic Health Record, Clementine Gritti, Willy Susilo, Thomas Plantard
Certificate-Based Encryption With Keyword Search Enabling Secure Authorization In Electronic Health Record, Clementine Gritti, Willy Susilo, Thomas Plantard
Faculty of Engineering and Information Sciences - Papers: Part B
In an e-Health scenario, we study how the practitioners are authorized when they are requesting access to medical documents containing sensitive information. Consider the following scenario. A clinician wants to access and retrieve a patient's Electronic Health Record (EHR), and this means that the clinician must acquire sufficient access right to access this document. As the EHR is within a collection of many other patients, the clinician would need to specify some requirements (such as a keyword) which match the patient's record, as well as having a valid access right. The complication begins when we do not want the server …
Relations Between Robustness And Rka Security Under Public-Key Encryption, Hui Cui, Yi Mu, Man Ho Au
Relations Between Robustness And Rka Security Under Public-Key Encryption, Hui Cui, Yi Mu, Man Ho Au
Faculty of Engineering and Information Sciences - Papers: Part A
We revisit the notions of robustness introduced by Abdalla, Bellare and Neven (TCC 2010), and related-key attack (RKA) security raised by Bellare, Cash and Miller (ASIACRYPT 2011). In the setting of public-key encryption (PKE), robustness means that it is hard to produce a ciphertext that is valid for two different users, while RKA security means that a PKE scheme is still secure even when an attacker can induce modifications in a decryption key, and subsequently observe the outcome of this PKE scheme under this modified key. In this paper, we explore the relationship between RKA security and various notions of …
Towards Efficient Fully Randomized Message-Locked Encryption, Tao Jiang, Xiaofeng Chen, Qianhong Wu, Jianfeng Ma, Willy Susilo, Wenjing Lou
Towards Efficient Fully Randomized Message-Locked Encryption, Tao Jiang, Xiaofeng Chen, Qianhong Wu, Jianfeng Ma, Willy Susilo, Wenjing Lou
Faculty of Engineering and Information Sciences - Papers: Part A
Cross-user data deduplication will greatly reduce the storage cost of storage service provider. Motivated by secure data deduplication, Abadi et al. extended the work Message-Locked Encryption (MLE) and introduced the primitive of MLE2 with nice security properties. However, their fully randomized scheme (R-MLE2) requires the inefficient equality-testing algorithm to identify all duplicate ciphertexts. Thus, an interesting open problem is how to reduce the overhead of R-MLE2 and propose an efficient construction for R-MLE2. In this paper, we introduce a new primitive called μR-MLE2, which gives a partial positive answer to this open problem. Our main trick is to use the …
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Faculty of Engineering and Information Sciences - Papers: Part A
Nowadays an increasing amount of data stored in the public cloud need to be searched remotely for fast accessing. For the sake of privacy, the remote files are usually encrypted, which makes them difficult to be searched by remote servers. It is also harder to efficiently share encrypted data in the cloud than those in plaintext. In this paper, we develop a searchable encryption framework called Linear Encryption with Keyword Search (LEKS) that can semi-generically convert some existing encryption schemes meeting our Linear Encryption Template (LET) to be searchable without re-encrypting all the data. For allowing easy data sharing, we …
Ciphertext-Policy Attribute Based Encryption Supporting Access Policy Update, Yinhao Jiang, Willy Susilo, Yi Mu, Fuchun Guo
Ciphertext-Policy Attribute Based Encryption Supporting Access Policy Update, Yinhao Jiang, Willy Susilo, Yi Mu, Fuchun Guo
Faculty of Engineering and Information Sciences - Papers: Part A
Attribute-based encryption (ABE) allows one-to-many encryption with static access control. In many occasions, the access control policy must be updated and the original encryptor might be required to re-encrypt the message, which is impractical, since the encryptor might be unavailable. Unfortunately, to date the work in ABE does not consider this issue yet, and hence this hinders the adoption of ABE in practice. In this work, we consider how to efficiently update access policies in Ciphertext-policy Attribute-based Encryption (CP-ABE) systems without re-encryption. We introduce a new notion of CP-ABE supporting access policy update that captures the functionalities of attribute addition …
An Efficient Variant Of Boneh-Gentry-Hamburg's Identity-Based Encryption Without Pairing, Ibrahim Elashry, Yi Mu, Willy Susilo
An Efficient Variant Of Boneh-Gentry-Hamburg's Identity-Based Encryption Without Pairing, Ibrahim Elashry, Yi Mu, Willy Susilo
Faculty of Engineering and Information Sciences - Papers: Part A
No abstract provided.
Privacy-Preserving Encryption Scheme Using Dna Parentage Test, Clementine Gritti, Willy Susilo, Thomas Plantard, Khin Than Win
Privacy-Preserving Encryption Scheme Using Dna Parentage Test, Clementine Gritti, Willy Susilo, Thomas Plantard, Khin Than Win
Faculty of Engineering and Information Sciences - Papers: Part A
Consider the following practical scenario. Amother Alice would like to make her assets accessible only to her descen-dents. In order to do so, she encrypts her secret Swiss bank account with her DNA sequences, and provides this information to her descendents. To simplify the scenario and without losing generality, we assume that Alice has only one son, named Bob. Therefore, Alice provides the ciphertext to her family (this ciphertext can eventually be published), which will later be stored in a secure cloud storage. Later, when Alice is unable to access her assets herself (due to her illness for instance), then …
Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan
Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan
Professor Willy Susilo
We propose a new encryption primitive called Membership Encryption. Let P(G) be a privacy-preserving token on a group attribute/identity G, such that given P(G) it is hard to know the attributes in G. In this membership encryption, if an encryption takes as input an attribute A and the token P(G) , the decryption requires holding the membership A ∈ G, i.e., A belongs to this group attribute. Membership encryption is applicable in constructing membership proof A∈P(G) with privacy preserving on group attribute and the membership. Membership encryption can be also utilized to construct an efficient two-round K-out-of-N oblivious transfer protocol. …
Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang
Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang
Professor Willy Susilo
The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing attack and …
Ppdcp-Abe: Privacy-Preserving Decentralized Ciphertext-Policy Attribute-Based Encryption, Jinguang Han, Willy Susilo, Yi Mu, Jianying Zhou, Man Ho Au
Ppdcp-Abe: Privacy-Preserving Decentralized Ciphertext-Policy Attribute-Based Encryption, Jinguang Han, Willy Susilo, Yi Mu, Jianying Zhou, Man Ho Au
Faculty of Engineering and Information Sciences - Papers: Part A
Cipher-policy attribute-based encryption (CP-ABE) is a more efficient and flexible encryption system as the encryptor can control the access structure when encrypting a message. In this paper, we propose a privacy-preserving decentralized CP-ABE (PPDCP-ABE) scheme where the central authority is not required, namely each authority can work independently without the cooperation to initialize the system. Meanwhile, a user can obtain secret keys from multiple authorities without releasing his global identifier (GID) and attributes to them. This is contrasted to the previous privacy-preserving multi-authority ABE (PPMA-ABE) schemes where a user can obtain secret keys from multiple authorities with them knowing his …
Anonymous Broadcast Encryption With An Untrusted Gateway, Hui Cui, Yi Mu, Man Ho Au
Anonymous Broadcast Encryption With An Untrusted Gateway, Hui Cui, Yi Mu, Man Ho Au
Faculty of Engineering and Information Sciences - Papers: Part A
We propose a verifiable and anonymous broadcast encryption scheme, where an 'untrusted' gateway can verify incoming communication flows to ensure only the intended anonymous receivers in the target domain can receive them. This scenario is interesting while the privacy of receivers should be considered. The difficulty in this setting is how to achieve both confidentiality of the message and anonymity of receivers during the gateway verification. To achieve this goal, we introduce a new notion of encrypted identity search, which allows the gateway blindly verifies the incoming traffic. Our scheme captures security properties: confidentiality and anonymity against dishonest gateway, corrupted …
Efficient Semi-Static Secure Broadcast Encryption Scheme, Jongkil Kim, Willy Susilo, Man Ho Allen Au, Jennifer Seberry
Efficient Semi-Static Secure Broadcast Encryption Scheme, Jongkil Kim, Willy Susilo, Man Ho Allen Au, Jennifer Seberry
Faculty of Engineering and Information Sciences - Papers: Part A
In this paper, we propose a semi-static secure broadcast encryption scheme with constant-sized private keys and ciphertexts. Our result improves the semi-static secure broadcast encryption scheme introduced by Gentry and Waters. Specifically, we reduce the private key and ciphertext size by half. By applying the generic transformation proposed by Gentry and Waters, our scheme also achieves adaptive security. Finally, we present an improved implementation idea which can reduce the ciphertext size in the aforementioned generic transformation.
An Adaptively Cca-Secure Ciphertext-Policy Attribute-Based Proxy Re-Encryption For Cloud Data Sharing, Kaitai Liang, Man Ho Au, Willy Susilo, Duncan Wong, Guomin Yang, Yong Yu
An Adaptively Cca-Secure Ciphertext-Policy Attribute-Based Proxy Re-Encryption For Cloud Data Sharing, Kaitai Liang, Man Ho Au, Willy Susilo, Duncan Wong, Guomin Yang, Yong Yu
Faculty of Engineering and Information Sciences - Papers: Part A
A Ciphertext-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE) employs the PRE technology in the attribute-based en- cryption cryptographic setting, in which the proxy is allowed to convert an encryption under an access policy to another encryption under a new access policy. CP-ABPRE is applicable to many real world applications, such as network data sharing. The existing CP-ABPRE systems, how- ever, leave how to achieve adaptive CCA security as an interesting open problem. This paper, for the rst time, proposes a new CP-ABPRE to tackle the problem by integrating the dual system encryption technology with selective proof technique. The new scheme supports any …
Fully Secure Hidden Vector Encryption Under Standard Assumptions, Jong Hwan Park, Kwangsu Lee, Willy Susilo, Dong Hoon Lee
Fully Secure Hidden Vector Encryption Under Standard Assumptions, Jong Hwan Park, Kwangsu Lee, Willy Susilo, Dong Hoon Lee
Faculty of Engineering and Information Sciences - Papers: Part A
Hidden Vector Encryption (HVE) is a special type of predicate encryption that can support conjunctive equality and range searches on encrypted data. All previous HVE schemes were proven to be either selectively secure or weakly attribute-hiding. In this paper, we first construct a new HVE scheme that is fully secure under standard assumptions. Our HVE scheme, which is based on bilinear maps (pairings), provides efficiency advantages in that it requires O(1)-sized private keys and O(1) pairing computations for decryption, regardless of both the number of conjunctives and the dimension of vectors. To achieve our goal, we develop a novel technique …
Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang
Public Key Encryption With Keyword Search Secure Against Keyword Guessing Attacks Without Random Oracle, Liming Fang, Willy Susilo, Chunpeng Ge, Jiandong Wang
Faculty of Engineering and Information Sciences - Papers: Part A
The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing attack and …
A Ciphertext-Policy Attribute-Based Proxy Re-Encryption With Chosen-Ciphertext Security, Kaitai Liang, Liming Fang, Willy Susilo, Duncan S. Wong
A Ciphertext-Policy Attribute-Based Proxy Re-Encryption With Chosen-Ciphertext Security, Kaitai Liang, Liming Fang, Willy Susilo, Duncan S. Wong
Faculty of Engineering and Information Sciences - Papers: Part A
Cipher text-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE) extends the traditional Proxy Re-Encryption (PRE) by allowing a semi-trusted proxy to transform a cipher text under an access policy to the one with the same plaintext under another access policy (i.e. attribute-based re-encryption). The proxy, however, learns nothing about the underlying plaintext. CP-ABPRE has many real world applications, such as fine-grained access control in cloud storage systems and medical records sharing among different hospitals. Previous CP-ABPRE schemes leave how to be secure against Chosen-Cipher text Attacks (CCA) as an open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle …
Verifiable And Anonymous Encryption In Asymmetric Bilinear Maps, Hui Cui, Yi Mu, Man Ho Au
Verifiable And Anonymous Encryption In Asymmetric Bilinear Maps, Hui Cui, Yi Mu, Man Ho Au
Faculty of Engineering and Information Sciences - Papers: Part A
Consider a practical scenario: an untrusted gate-way is required to verify all the incoming information en-crypted via an encryption scheme, while the sender does not want to reveal any information about the plaintext and the privileged user to the gateway. That is, the gateway distributes the information to a predefined group of users and only the privileged user can open the message. To solve this problem, we need an access control mechanism to allow certain specification of the access control policies while protecting the users' privacy. With this scenario in mind, we propose the notion of verifiable and anonymous encryption …
Public-Key Encryption Resilient To Linear Related-Key Attacks, Hui Cui, Yi Mu, Man Ho Au
Public-Key Encryption Resilient To Linear Related-Key Attacks, Hui Cui, Yi Mu, Man Ho Au
Faculty of Engineering and Information Sciences - Papers: Part A
In this paper, we consider the security of public-key encryption schemes under linear related-key attacks, where an adversary is allowed to tamper the private key stored in a hardware device, and subsequently observe the outcome of a public-key encryption system under this modified private key. Following the existing work done in recent years, we define the security model for related-key attack (RKA) secure public-key encryption schemes as chosen-ciphertext and related-key attack (CC-RKA) security, in which we allow an adversary to issue queries to the decryption oracle on the linear shifts of the private keys. On the basis of the adaptive …
Optical Image Encryption Based On Chaotic Baker Map And Double Random Phase Encoding, Ahmed M. Elshamy, Ahmed N. Z Rashed, Abd El-Naser A. Mohamed, Osama S. Faragalla, Yi Mu, Saleh A. Alshebeili, F E Abd El-Samie
Optical Image Encryption Based On Chaotic Baker Map And Double Random Phase Encoding, Ahmed M. Elshamy, Ahmed N. Z Rashed, Abd El-Naser A. Mohamed, Osama S. Faragalla, Yi Mu, Saleh A. Alshebeili, F E Abd El-Samie
Faculty of Engineering and Information Sciences - Papers: Part A
This paper presents a new technique for optical image encryption based on chaotic Baker map and Double Random Phase Encoding (DRPE). This technique is implemented in two layers to enhance the security level of the classical DRPE. The first layer is a pre-processing layer, which is performed with the chaotic Baker map on the original image. In the second layer, the classical DRPE is utilized. Matlab simulation experiments show that the proposed technique enhances the security level of the DRPE, and at the same time has a better immunity to noise.
Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan
Membership Encryption And Its Applications, Fuchun Guo, Yi Mu, Willy Susilo, Vijay Varadharajan
Faculty of Engineering and Information Sciences - Papers: Part A
We propose a new encryption primitive called Membership Encryption. Let P(G) be a privacy-preserving token on a group attribute/identity G, such that given P(G) it is hard to know the attributes in G. In this membership encryption, if an encryption takes as input an attribute A and the token P(G) , the decryption requires holding the membership A ∈ G, i.e., A belongs to this group attribute. Membership encryption is applicable in constructing membership proof A∈P(G) with privacy preserving on group attribute and the membership. Membership encryption can be also utilized to construct an efficient two-round K-out-of-N oblivious transfer protocol. …