Biblio

Blockchain is a decentralized technology that provides untampered and anonymous security service to users. Without relying on trusted third party, it can establish the value transfer between nodes and reduce the transaction costs. Mature public key cryptosystem and signature scheme are important basis of blockchain security. Currently, most of the public key cryptosystems are based on classic difficult problems such as RSA and ECC. However, the above asymmetric cryptosystems are no longer secure with the development of quantum computing technology. To resist quantum attacks, researchers have proposed encryption schemes based on lattice recently. Although existing schemes have theoretical significance in blockchain, they are not suitable for the practical application due to the large size of key and signature. To tackle the above issues, this paper proposes an anti-quantum signature scheme over ideal lattice in blockchain. First, we transfer the signature scheme from the standard lattice to the ideal lattice, which reduces the size of public key. Afterwards, a novel signature scheme is proposed to reduce both the size of the private and public key significantly. Finally, we theoretically prove the security of our ideal lattice-based signature scheme with a reduction to the hardness assumption of Ideal Small Integer Sulotion problem which can resist quantum attacks. The efficiency analysis demonstrates that our signature scheme can be practically used in blockchain.

The solution of using existing WiFi devices for measurement and maintenance, and establishing a WiFi fingerprint database for precise localization has become a popular method for indoor localization. The traditional WiFi fingerprint privacy protection scheme increases the calculation amount of the client, but cannot completely protect the security of the client and the fingerprint database. In this paper, we make use of WiFi devices to present a Practical Privacy Protection Scheme In WiFi Fingerprint-based Localization PPWFL. In PPWFL, the localization server establishes a pre-partition in the fingerprint database through the E-M clustering algorithm, we divide the entire fingerprint database into several partitions. The server uses WiFi fingerprint entries with partitions as training data and trains a machine learning model. This model can accurately predict the client's partition based on fingerprint entries. The client uses the trained machine learning model to obtain its partition location accurately, picks up WiFi fingerprint entries in its partition, and calculates its geographic location with the localization server through secure multi-party computing. Compared with the traditional solution, our solution only uses the WiFi fingerprint entries in the client's partition rather than the entire fingerprint database. PPWFL can reduce not only unnecessary calculations but also avoid accidental errors (Unexpected errors in fingerprint similarity between non-adjacent locations due to multipath effects of electromagnetic waves during the propagation of complex indoor environments) in fingerprint distance calculation. In particular, due to the use of Secure Multi-Party Computation, most of the calculations are performed in the local offline phase, the client only exchanges data with the localization server during the distance calculation phase. No additional equipment is needed; our solution uses only existing WiFi devices in the building to achieve fast localization based on privacy protection. We prove that PPWFL is secure under the honest but curious attacker. Experiments show that PPWFL achieves efficiency and accuracy than the traditional WiFi fingerprint localization scheme.

Most blockchain-based identity authentication systems focus on using blockchain to establish the public key infrastructure (PKI). It can solve the problem of single point of failure and certificate transparency faced by traditional PKI systems, but there are still some problems such as complex certificate management and complex certificate usage process. In this paper, we propose an identity authentication scheme based on blockchain and identity-based cryptography (IBC). The scheme implements a decentralized private key generator (PKG) by deploying the smart contract in Ethereum blockchain, and uses the IBC signature algorithm and challenge-response protocol during the authentication process. Compared with other blockchain-based identity authentication systems, the scheme not only prevents the single point of failure, but also avoids the complex certificate management, has lower system complexity, and resists impersonation attack, man-in-the-middle attack and replay attack.

Matrix multiplication computation (MMC) is a common scientific and engineering computational task. But such computation involves enormous computing resources for large matrices, which is burdensome for the resource-limited clients. Cloud computing enables computational resource-limited clients to economically outsource such problems to the cloud server. However, outsourcing matrix multiplication to the cloud brings great security concerns and challenges since the matrices and their products often usually contains sensitive information. In a previous work, Lei et al. [1] proposed an algorithm for secure outsourcing MMC by using permutation matrix and the authors argued that it can achieve data privacy. In this paper, we first review the design of Lei's scheme and find a security vulnerability in their algorithm that it reveals the number of zero element in the input matrix to cloud server. Then we present a new verifiable, efficient, and privacy preserving algorithm for outsourcing MMC, which can protect the number privacy of zero elements in original matrices. Our algorithm builds on a series of carefully-designed pseudorandom matrices and well-designed privacy-preserving matrix transformation. Security analysis shows that our algorithm is practically-secure, and offers a higher level of privacy protection than the state-of-the-art algorithm.

In the cloud storage, users lose direct control over their data. How to surely delete data in the cloud becomes a crucial problem for a secure cloud storage system. The existing way to this problem is to encrypt the data before outsourcing and destroy the encryption key when deleting. However, this solution may cause heavy computation overhead for the user-side and the encrypted data remains intact in the cloud after the deletion operation. To solve this challenge problem, we propose a novel method to surely delete data in the cloud storage by overwriting. Different from existing works, our scheme is efficient in the user-side and is able to wipe out the deleted data from the drives of the cloud servers.