Biblio

In an advanced metering infrastructure (AMI), the electric utility collects power consumption data from smart meters to improve energy optimization and provides detailed information on power consumption to electric utility customers. However, AMI is vulnerable to data falsification attacks, which organized adversaries can launch. Such attacks can be detected by analyzing customers' fine-grained power consumption data; however, analyzing customers' private data violates the customers' privacy. Although homomorphic encryption-based schemes have been proposed to tackle the problem, the disadvantage is a long execution time. This paper proposes a new privacy-preserving data falsification detection scheme to shorten the execution time. We adopt elliptic curve cryptography (ECC) based on homomorphic encryption (HE) without revealing customer power consumption data. HE is a form of encryption that permits users to perform computations on the encrypted data without decryption. Through ECC, we can achieve light computation. Our experimental evaluation showed that our proposed scheme successfully achieved 18 times faster than the CKKS scheme, a common HE scheme.

In order to protect user privacy and provide better access control in Internet of Things (IoT) environments, designing an appropriate two-party authentication and key exchange protocol is a prominent challenge. In this paper, we propose a lightweight certificateless non-interactive authentication and key exchange (CNAKE) protocol for mutual authentication between remote users and smart devices. Based on elliptic curves, our lightweight protocol provides high security performance, realizes non-interactive authentication between the two entities, and effectively reduces communication overhead. Under the random oracle model, the proposed protocol is provably secure based on the Computational Diffie-Hellman and Bilinear Diffie-Hellman hardness assumption. Finally, through a series of experiments and comprehensive performance analysis, we demonstrate that our scheme is fast and secure.

Certificateless signcryption mechanism can not only provide security services, such as message integrity, non-repudiation and confidentiality, but also solve the problems of public key certificate management and key escrow. Zhou et al. proposed a certificateless signcryption mechanism without bilinear mapping and gave its security proof under the discrete logarithm problem and the computational Diffie Hellman problem in the random oracle model. However, the analysis show that this scheme has security flaws. That is, attackers can forge legitimate signatures of any messages. Finally, we give the specific attack process.

A deniable authentication (DA) protocol plays a vital role to provide security and privacy of the mobile nodes in a mobile ad hoc network (MANET). In recent years, a number of similar works have been proposed, but most of them experience heavy computational and communication overhead. Further, most of these protocols are not secure against different attacks. To address these concerns, we devised an identity-based deniable authentication (IBDA) protocol with adequate security and efficiency. The proposed IBDA protocol is mainly designed for MANETs, where the mobile devices are resource-limited. The proposed IBDA protocol used the elliptic curve cryptography (ECC) and identity-based cryptosystem (IBC). The security of our IBDA protocol depends on the elliptic curve discrete logarithm (ECDL) problem and bilinear Diffie-Hellman (BDH) problem.

Strong designated verifier signature scheme is a concept in which a user (signer) can issue a digital signature for a special receiver; i.e. signature is produced in such way that only intended verifier can check the validity of produced signature. Of course, this type of signature scheme should be such that no third party is able to validate the signature. In other words, the related designated verifier cannot assign the issued signature to another third party. This article proposes a new ID-based strong designated verifier signature scheme which has provable security in the ROM (Random Oracle Model) and BDH assumption. The proposed scheme satisfies the all security requirements of an ID-based strong designated verifier signature scheme. In addition, we propose some usage scenarios for the proposed schemes in different applications in the Internet of Things and Cloud Computing era.

Named data network (NDN) is one of the most promising information-centric networking architectures, where the core concept is to focus on the named data (or contents) themselves. Users in NDN can easily send a request packet to get the desired content regardless of its address. The routers in NDN have cache functionality to make the users instantly retrieve the desired file. Thus, the user can immediately get the desired file from the nearby nodes instead of the remote host. Nevertheless, NDN is a novel proposal and there are still some open issues to be resolved. In view of previous research, it is a challenge to achieve access control on a specific user and support potential receivers simultaneously. In order to solve it, we present a fine-grained access control mechanism tailored for NDN, supporting data confidentiality, potential receivers, and mobility. Compared to previous works, this is the first to support fine-grained access control and potential receivers. Furthermore, the proposed scheme achieves provable security under the DBDH assumption.

Resource constrained devices such as sensors and RFIDs are utilized in many application areas to sense, store and transmit the sensitive data. This data must be encrypted to achieve confidentiality. The implementation of traditional public key encryption (PKE) techniques by these devices is always challenging as they possess very limited computational resources. Various encryption schemes based on identity-based encryption (IBE) and certificate-less public key encryption (CL-PKE) have been proposed to overcome limitations of PKI. However, many of these schemes involve the computationally expensive exponentiation and bilinear pairing operations on elliptic curve group to encrypt the messages. In this context, we propose a lightweight optimized CL-PKE scheme in which exponentiation and pairing operations are completely eliminated during encryption and only involves computation of cheaper addition and multiplication operations on elliptic curve. Implementation of the proposed scheme confirms its lightweight nature as compared to original CL-PKE scheme.

Delegated Proof-of-Stake (DPoS) is an efficient, decentralized, and flexible consensus framework available in the blockchain industry. However, applying DPoS to the decentralized Internet of Things (IoT) applications is quite challenging due to the nature of IoT systems such as large-scale deployments and huge amount of data. To address the unique challenge for IoT based blockchain applications, we present Roll-DPoS, a randomized delegated proof of stake algorithm. Roll-DPoS inherits all the advantages of the original DPoS consensus framework and further enhances its capability in terms of decentralization as well as extensibility to complex blockchain architectures. A number of modern cryptographic techniques have been utilized to optimize the consensus process with respect to the computational and communication overhead.

The paper deals with the implementation aspects of the bilinear pairing operation over an elliptic curve on constrained devices, such as smart cards, embedded devices, smart meters and similar devices. Although cryptographic constructions, such as group signatures, anonymous credentials or identity-based encryption schemes, often rely on the pairing operation, the implementation of such schemes into practical applications is not straightforward, in fact, it may become very difficult. In this paper, we show that the implementation is difficult not only due to the high computational complexity, but also due to the lack of cryptographic libraries and programming interfaces. In particular, we show how difficult it is to implement pairing-based schemes on constrained devices and show the performance of various libraries on different platforms. Furthermore, we show the performance estimates of fundamental cryptographic constructions, the group signatures. The purpose of this paper is to reduce the gap between the cryptographic designers and developers and give performance results that can be used for the estimation of the implementability and performance of novel, upcoming schemes.

The objective of this paper is to outline the design specification, implementation and evaluation of a proposed accelerated encryption framework which deploys both homomorphic and symmetric-key encryptions to serve the privacy preserving processing; in particular, as a sub-system within the Privacy Preserving Speech Processing framework architecture as part of the PPSP-in-Cloud Platform. Following a preliminary study of GPU efficiency gains optimisations benchmarked for AES implementation we have addressed and resolved the Big Integer processing challenges in parallel implementation of bilinear pairing thus enabling the creation of partially homomorphic encryption schemes which facilitates applications such as speech processing in the encrypted domain on the cloud. This novel implementation has been validated in laboratory tests using a standard speech corpus and can be used for other application domains to support secure computation and privacy preserving big data storage/processing in the cloud.

Big data is the next frontier for modernization, rivalry, and profitability. It is the foundation of all the major trends such as social networks, mobile devices, healthcare, stock markets etc. Big data is efficiently stored in the cloud because of its high-volume, high-speed and high-assortment data resources. An unauthorized user access control is the gravest threat of huge information in the cloud environment because of the remote file storage. Attribute Based Encryption (ABE) is an efficient access control procedure to guarantee end-to-end security for huge information in the cloud. Most often existing ABE working principle is based on bilinear pairing. In this paper, we construct a peculiar ABE for big data in the cloud. Our proposed scheme is based on quadratic residue and attribute union which is based on fundamental arithmetic theorem.