Two-Factor Decryption: A Better Way to Protect Data Security and Privacy

2020 ◽  
Author(s):  
Hui Cui ◽  
Russell Paulet ◽  
Surya Nepal ◽  
Xun Yi ◽  
Butrus Mbimbi
Keyword(s):  
Data Security ◽  
Security And Privacy ◽  
Security Model ◽  
Cryptographic Primitives ◽  
The Public ◽  
Public Keys ◽  
Biometric Characteristic ◽  
Generic Construction ◽  
Cryptographic System ◽  
Biometric Information

Abstract Biometric information is unique to a human, so it would be desirable to use the biometric characteristic as the private key in a cryptographic system to protect data security and privacy. In this paper, we introduce a notion called two-factor decryption (TFD). Informally speaking, a TFD scheme is a variant of the public-key encryption (PKE) scheme. In a TFD scheme, messages are encrypted under public keys as that in a standard PKE scheme, but both private keys (i.e. the first factor) and biometric inputs (i.e. the second factor) are required to decrypt the ciphertexts and obtain the underlying plaintexts. We first describe a framework of TFD, and then define a formal security model for TFD. Thereafter, we present a generic construction on TFD based on the cryptographic primitives of linear sketch and functional encryption (FE) with certain properties and analyse its security. In addition, we give instantiations of TFD by applying concrete FE schemes into the generic construction and show their applications.

scholarly journals Adaptively Secure Efficient (H)IBE over Ideal Lattice with Short Parameters

Entropy ◽  
2020 ◽  
Vol 22 (11) ◽  
pp. 1247
Author(s):  
Yuan Zhang ◽  
Yuan Liu ◽  
Yurong Guo ◽  
Shihui Zheng ◽  
Licheng Wang
Keyword(s):  
Computational Cost ◽  
Security Level ◽  
Chosen Plaintext Attack ◽  
Cryptographic Primitives ◽  
The Public ◽  
The Past ◽  
Ideal Lattices ◽  
Public Keys ◽  
The Standard Model ◽  
Identity Based

Identity-based encryption (IBE), and its hierarchical extension (HIBE), are interesting cryptographic primitives that aim at the implicit authentication on the users’ public keys by using users’ identities directly. During the past several decades, numerous elegant pairing-based (H)IBE schemes were proposed. However, most pairing-related security assumptions suffer from known quantum algorithmic attacks. Therefore, the construction of lattice-based (H)IBE became one of the hot directions in recent years. In the setting of most existing lattice-based (H)IBE schemes, each bit of a user’s identity is always associated with a parameter matrix. This always leads to drastic but unfavorable increases in the sizes of the system public parameters. To overcome this issue, we propose a flexible trade-off mechanism between the size of the public parameters and the involved computational cost using the blocking technique. More specifically, we divide an identity into l′ segments and associate each segment with a matrix, while increasing the lattice modulo slightly for maintaining the same security level. As a result, for the setting of 160-bit identities, we show that the size of the public parameters can be reduced by almost 89.7% (resp. 93.8%) while increasing the computational cost by merely 5.2% (resp. 12.25%) when l′ is a set of 16 (resp. 8). Finally, our IBE scheme is extended to an HIBE scheme, and both of them are proved to achieve the indistinguishability of ciphertexts against adaptively chosen identity and chosen plaintext attack (IND-ID-CPA) in the standard model, assuming that the well-known ring learning with error (RLWE) problem over the involved ideal lattices is intractable, even in the post-quantum era.

An Investigation for Cellular Automata-Based Lightweight Data Security Model Towards Possible Uses in Fog Networks

2021 ◽  
pp. 209-226
Author(s):  
Arnab Mitra ◽  
Sayantan Saha
Keyword(s):  
Internet Of Things ◽  
Cellular Automata ◽  
Data Security ◽  
Low Cost ◽  
Security And Privacy ◽  
Security Model ◽  
Physical Implementation ◽  
Security Models ◽  
Industry Applications ◽  
Computing Capacity

A lightweight data security model is of much importance in view of security and privacy of data in several networks (e.g., fog networks) where available computing units at edge nodes are often constrained with low computing capacity and limited storage/availability of energy. To facilitate lightweight data security at such constrained scenarios, cellular automata (CA)-based lightweight data security model is presented in this chapter to enable low-cost physical implementation. For this reason, a detailed investigation is presented in this chapter to explore the potential capabilities of CA-based scheme towards the design of lightweight data security model. Further, a comparison among several existing lightweight data security models ensure the effectiveness for proposed CA-based lightweight data security model. Thus, application suitability in view of fog networks is explored for the proposed CA-based model which has further potential for easy training of a reservoir of computers towards uses in IoT (internet of things)-based multiple industry applications.

scholarly journals Privacy-preserving FairSwap: Fairness and privacy interplay

2021 ◽  
Vol 2022 (1) ◽  
pp. 417-439
Author(s):  
Sepideh Avizheh ◽  
Preston Haffey ◽  
Reihaneh Safavi-Naini
Keyword(s):  
Dispute Resolution ◽  
Third Parties ◽  
Security And Privacy ◽  
Fair Exchange ◽  
Universal Composability ◽  
Cryptographic Primitives ◽  
The Public ◽  
The Third ◽  
Smart Contract ◽  
And Performance

Abstract Fair exchange protocols are among the most important cryptographic primitives in electronic commerce. A basic fair exchange protocol requires that two parties who want to exchange their digital items either receive what they have been promised, or lose nothing. Privacy of fair exchange requires that no one else (other than the two parties) learns anything about the items. Fairness and privacy have been considered as two distinct properties of an exchange protocol. In this paper, we show that subtle ways of leaking the exchange item to the third parties affect fairness in fair exchange protocols when the item is confidential. Our focus is on Fair-Swap, a recently proposed fair exchange protocol that uses a smart contract for dispute resolution, has proven security in UC (Universal Composability) framework, and provides privacy when both parties are honest. We demonstrate, however, that FairSwap’s dispute resolution protocol leaks information to the public and this leakage provides opportunities for the dishonest parties to influence the protocol’s fairness guarantee. We then propose an efficient privacy-enhanced version of Fair-Swap, prove its security and give an implementation and performance evaluation of our proposed system. Our privacy enhancement uses circuit randomization, and we prove its security and privacy in an extension of universal composability model for non-monolithic adversaries that would be of independent interest.

Valuing Data Security and Privacy Using Cyber Insurance

2015 ◽  
Author(s):  
Anand Shah ◽  
Shishir Dahake ◽  
Sri Hari Haran J
Keyword(s):  
Data Security ◽  
Security And Privacy ◽  
Cyber Insurance

scholarly journals Challenges and techniques in Big data security and privacy: A review

2018 ◽  
Vol 1 (4) ◽  
pp. e13 ◽  
Author(s):  
Rongxin Bao ◽  
Zhikui Chen ◽  
Mohammad S. Obaidat
Keyword(s):  
Big Data ◽  
Data Security ◽  
Security And Privacy

scholarly journals Data Security and Privacy in Cloud Computing

2014 ◽  
Vol 10 (7) ◽  
pp. 190903 ◽  
Author(s):  
Yunchuan Sun ◽  
Junsheng Zhang ◽  
Yongping Xiong ◽  
Guangyu Zhu
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Security And Privacy
Sign in / Sign up

Export Citation Format

Share Document