Project description:Attribute based encryption (ABE) is a good way to achieve flexible and secure access control to data, and attribute revocation is the extension of the attribute-based encryption, and the keyword search is an indispensable part for cloud storage. The combination of both has an important application in the cloud storage. In this paper, we construct a searchable attribute-based encryption scheme with attribute revocation in cloud storage, the keyword search in our scheme is attribute based with access control, when the search succeeds, the cloud server returns the corresponding cipher text to user and the user can decrypt the cipher text definitely. Besides, our scheme supports multiple keywords search, which makes the scheme more practical. Under the assumption of decisional bilinear Diffie-Hellman exponent (q-BDHE) and decisional Diffie-Hellman (DDH) in the selective security model, we prove that our scheme is secure.

Project description:Ciphertext-policy attribute-based encryption (CP-ABE) scheme is a new type of data encryption primitive, which is very suitable for data cloud storage for its fine-grained access control. Keyword-based searchable encryption scheme enables users to quickly find interesting data stored in the cloud server without revealing any information of the searched keywords. In this work, we provide a keyword searchable attribute-based encryption scheme with attribute update for cloud storage, which is a combination of attribute-based encryption scheme and keyword searchable encryption scheme. The new scheme supports the user's attribute update, especially in our new scheme when a user's attribute need to be updated, only the user's secret key related with the attribute need to be updated, while other user's secret key and the ciphertexts related with this attribute need not to be updated with the help of the cloud server. In addition, we outsource the operation with high computation cost to cloud server to reduce the user's computational burden. Moreover, our scheme is proven to be semantic security against chosen ciphertext-policy and chosen plaintext attack in the general bilinear group model. And our scheme is also proven to be semantic security against chosen keyword attack under bilinear Diffie-Hellman (BDH) assumption.

Project description:The dataset is on public relations professionals' views on the security issues related to the adoption of the Internet of Things (IoT) for the activities. The data were generated through the administration of online questionnaire to 100 public relations professionals in Nigeria and were analyzed using the Analysis of Variance (ANOVA).

Project description:Cipher-policy attribute-based encryption (CP-ABE) focus on the problem of access control, and keyword-based searchable encryption scheme focus on the problem of finding the files that the user interested in the cloud storage quickly. To design a searchable and attribute-based encryption scheme is a new challenge. In this paper, we propose an efficiently multi-user searchable attribute-based encryption scheme with attribute revocation and grant for cloud storage. In the new scheme the attribute revocation and grant processes of users are delegated to proxy server. Our scheme supports multi attribute are revoked and granted simultaneously. Moreover, the keyword searchable function is achieved in our proposed scheme. The security of our proposed scheme is reduced to the bilinear Diffie-Hellman (BDH) assumption. Furthermore, the scheme is proven to be secure under the security model of indistinguishability against selective ciphertext-policy and chosen plaintext attack (IND-sCP-CPA). And our scheme is also of semantic security under indistinguishability against chosen keyword attack (IND-CKA) in the random oracle model.

Project description:With the development of outsourcing data services, data security has become an urgent problem that needs to be solved. Attribute-based encryption is a valid solution to data security in cloud storage. There is no existing scheme that can guarantee the privacy of access structures and achieve attribute-based encryption with keyword search and attribute revocation. In this article, we propose a new searchable and revocable multi-data owner attribute-based encryption scheme with a hidden policy in cloud storage. In the new scheme, the same access policy is used in both the keyword index and message encryption. The advantage of keyword index with access policy is that as long as a user's attributes satisfy the access policy, the searched ciphertext can be correctly decrypted. This property improves the accuracy of the search results. The hidden policy is used in both the ciphertext and the keyword index to protect users' privacy. The new scheme contains attribute revocation, which is suitable for the actual situation that a user's attributes maybe changed over time. In the general bilinear group model, the security of the scheme is demonstrated, and the efficiency of the scheme is analyzed.

Project description:One of the significant challenges in the Internet of Things (IoT) is the provisioning of guaranteed security and privacy, considering the fact that IoT devices are resource-limited. Oftentimes, in IoT applications, remote users need to obtain real-time data, with guaranteed security and privacy, from resource-limited network nodes through the public Internet. For this purpose, the users need to establish a secure link with the network nodes. Though the IPv6 over low-power wireless personal area networks (6LoWPAN) adaptation layer standard offers IPv6 compatibility for resource-limited wireless networks, the fundamental 6LoWPAN structure ignores security and privacy characteristics. Thus, there is a pressing need to design a resource-efficient authenticated key exchange (AKE) scheme for ensuring secure communication in 6LoWPAN-based resource-limited networks. This paper proposes a resource-efficient secure remote user authentication scheme for 6LoWPAN-based IoT networks, called SRUA-IoT. SRUA-IoT achieves the authentication of remote users and enables the users and network entities to establish private session keys between themselves for indecipherable communication. To this end, SRUA-IoT uses a secure hash algorithm, exclusive-OR operation, and symmetric encryption primitive. We prove through informal security analysis that SRUA-IoT is secured against a variety of malicious attacks. We also prove the security strength of SRUA-IoT through formal security analysis conducted by employing the random oracle model. Additionally, we prove through Scyther-based validation that SRUA-IoT is resilient against various attacks. Likewise, we demonstrate that SRUA-IoT reduces the computational cost of the nodes and communication overheads of the network.

Project description:The location-based services can provide users with the requested location information. But users also need to disclose their current location to the location-based service provider. Therefore, how to protect user's location privacy is a major concern. In this paper, we propose a heterogeneous deniable authenticated encryption scheme called HDAE for location-based services. The proposed scheme permits a sender in a public key infrastructure environment to transmit a message to a receiver in an identity-based environment. Our design utilizes a hybrid encryption method combing the tag-key encapsulation mechanism (tag-KEM) and the data encapsulation mechanism (DEM), which is well adopted for location-based services applications. We give how to design an HDAE scheme utilizing a heterogeneous deniable authenticated tag-KEM (HDATK) and a DEM. We also construct an HDATK scheme and provide security proof in the random oracle model. Comprehensive analysis shows that our scheme is efficient and secure. In addition, we give an application of the HDAE to a location-based services system.

Project description:Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

Project description:The emerging physical-layer unclonable attribute-aided authentication (PLUA) schemes are capable of outperforming traditional isolated approaches, with the advantage of having reliable fingerprints. However, conventional PLUA methods face new challenges in artificial intelligence of things (AIoT) applications owing to their limited flexibility. These challenges arise from the distributed nature of AIoT devices and the involved information, as well as the requirement for short end-to-end latency. To address these challenges, we propose a security authentication scheme that utilizes intelligent prediction mechanisms to detect spoofing attack. Our approach is based on a dynamic authentication method using long short term memory (LSTM), where the edge computing node observes and predicts the time-varying channel information of access devices to detect clone nodes. Additionally, we introduce a Savitzky-Golay filter-assisted high order cumulant feature extraction model (SGF-HOCM) for preprocessing channel information. By utilizing future channel attributes instead of relying solely on previous channel information, our proposed approach enables authentication decisions. We have conducted extensive experiments in actual industrial environments to validate our prediction-based security strategy, which has achieved an accuracy of 97%.

Project description:Physical unclonable function (PUF), a hardware-efficient approach, has drawn a lot ofattention in the security research community for exploiting the inevitable manufacturing variabilityof integrated circuits (IC) as the unique fingerprint of each IC. However, analog PUF is notrobust and resistant to environmental conditions. In this paper, we propose a digital PUF-basedsecure authentication model using the emergent spin-transfer torque magnetic random-accessmemory (STT-MRAM) PUF (called STT-DPSA for short). STT-DPSA is an original secure identityauthentication architecture for Internet of Things (IoT) devices to devise a computationallylightweight authentication architecture which is not susceptible to environmental conditions.Considering hardware security level or cell area, we alternatively build matrix multiplication orstochastic logic operation for our authentication model. To prove the feasibility of our model, thereliability of our PUF is validated via the working windows between temperature interval (-35 °C,110 °C) and Vdd interval [0.95 V, 1.16 V] and STT-DPSA is implemented with parameters n = 32,i = o = 1024, k = 8, and l = 2 using FPGA design flow. Under this setting of parameters, an attackerneeds to take time complexity O(2256) to compromise STT-DPSA. We also evaluate STT-DPSA usingSynopsys design compiler with TSMC 0.18 um process.