Searchable encryption is of increasing interest for protecting the data privacy in secure searchable cloud storage. In this paper, we investigate security a well-known cryptographic primitive, namely, public key with keyword search (PEKS) which very useful many applications Unfortunately, it has been shown that traditional PEKS framework suffers from an inherent insecurity called inside guessing attack (KGA) launched by malicious server. To address vulnerability, propose new named...

Identity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If KGC is malicious, it can impersonate user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, intended to solve this problem. However, all previously proposed certificateless schemes, assumed malicious starts launching attacks (so-called Type II attacks) only after has generated a master public/secret pair honestly. In paper, we...

Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data in cloud storage. Unfortunately, it inherently subject to the (inside) offline guessing attack (KGA), which against privacy of users. Existing countermeasures dealing this security issue mainly suffer from low efficiency and are impractical real applications. In paper, we provide practical applicable treatment on vulnerability by formalizing new PEKS system named server-aided...

We propose two new ciphertext policy attribute-based encryption (CP-ABE) schemes where the access is defined by AND-gate with wildcard. In first scheme, we present a technique that uses only one group element to represent an attribute, while existing ABE of same type need use three different elements attribute for possible values (namely, positive, negative, and wildcard). Our leads CP-ABE scheme constant size, which, however, cannot hide used encryption. The main contribution this paper...

Deduplication is a popular technique widely used to save storage spaces in the cloud. To achieve secure deduplication of encrypted files, Bellare et al. formalized new cryptographic primitive named message-locked encryption (MLE) Eurocrypt 2013. Although an MLE scheme can be extended obtain for large it requires lot metadata maintained by end user and cloud server. In this paper, we propose approach more efficient (encrypted) files. Our approach, block-level (BL-MLE), file-level...

In this paper, for the first time, we define a general notion proxy re-encryption (PRE), which call deterministic finite automata-based functional PRE (DFA-based FPRE). Meanwhile, propose and concrete DFA-based FPRE system, adapts to our new notion. scheme, message is encrypted in ciphertext associated with an arbitrary length index string, decryptor legitimate if only DFA his/her secret key accepts string. Furthermore, above encryption allowed be transformed another string by semitrusted...

Privacy is supreme in cryptocurrencies since most users do not want to reveal their identities or the transaction amount financial transactions. Nevertheless, achieving privacy blockchain-based remains challenging blockchain by default a public ledger. For instance, Bitcoin provides builtin pseudonymity rather than true anonymity, which can be compromised analyzing Several solutions have been proposed enhance of Bitcoin. Unfortunately, full anonymity always desirable, because malicious are...

Monero provides a high level of anonymity for both users and their transactions. However, many criminal activities might be committed with the protection in cryptocurrency Thus, user accountability (or traceability) is also important transactions, which unfortunately lacking current literature. In this paper, we fill gap by introducing new named Traceable to balance accountability. Our framework relies on tracing authority, but optimistic, that it only involved when investigations certain...

Cloud computing is an emerging paradigm that enables users to store their data in a cloud server enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since service providers (CSPs) are not the same trusted domain as users. To protect privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) provide decryption keys only authorized However, sharing among at fine-grained level still challenging issue,...

Applying consortium blockchain as a trust layer for heterogeneous industrial Internet-of-Things devices is cost-effective. However, with an increase in computing power, some powerful attacks (e.g., the 51% attack) are inevitable and will cause severe consequences. Recent studies also confirm that anonymity immutability of have been abused to facilitate black market trades, etc. To operate controllable IIoT devices, it necessary rewrite history back normal state once chain breached. Ateniese...

The Internet of Things (IoT) is experiencing explosive growth and has gained extensive attention from academia industry in recent years. However, most the existing IoT infrastructures are centralized, which may cause issues unscalability single-point-of-failure. Consequently, decentralized been proposed by taking advantage emerging technology called blockchain. Voting systems widely adopted IoT, for example a leader election wireless sensor networks. Self-tallying voting alternatives to...

A secure roaming protocol allows a user U to visit foreign server V and establish session key in an authenticated way such that authenticates at the same time convinces it is legitimate subscriber of some H, called home U. The conventional approach requires involvement all three parties. In this paper, we propose new which only two parties, V, get involved. We protocols: one provides better efficiency supports anonymity extent comparable provided by current mobile systems; other achieves...

Outsourced storage such as cloud can significantly reduce the burden of data management owners. Despite a long list merits storage, it triggers many security risks at same time. Data integrity, one most burning challenges in secure is fundamental and pivotal element outsourcing services. auditing protocols enable verifier to efficiently check integrity outsourced files without downloading entire file from cloud, which dramatically communication overhead between server verifier. Existing are...

To improve data availability and durability, cloud users would like to store multiple copies of their original files at servers. The multi-copy auditing technique is proposed provide with the assurance that are actually stored in cloud. However, most multi-replica solutions rely on Public Key Infrastructure (PKI), which entails massive overhead certificate computation management. In this article, we propose an efficient dynamic integrity scheme by employing certificateless signatures (named...

As cloud storage has been widely adopted in various applications, how to protect data privacy while allowing efficient search and retrieval a distributed environment remains challenging research problem. Existing searchable encryption schemes are still inadequate on desired functionality security/privacy perspectives. Specifically, supporting multi-keyword under the multi-user setting, hiding pattern access pattern, resisting keyword guessing attacks (KGA) most tasks. In this article, we...

In a cloud data storage system, symmetric key encryption is usually used to encrypt files due its high efficiency. order allow the untrusted/semi-trusted server perform searching over encrypted while maintaining confidentiality, searchable (SSE) has been proposed. typical SSE scheme, users stores on and later can retrieve containing specific keywords. The basic security requirement of that learns no information about or keywords during process. Some schemes also offer additional...

An Internet of Things (IoT) system generally contains thousands heterogeneous devices which often operate in swarms-large, dynamic, and self-organizing networks. Remote attestation is an important cornerstone for the security these IoT swarms, as it ensures software integrity swarm protects them from attacks. However, current schemes suffer single point failure verifier. In this paper, we propose Efficient Secure Distributed Attestation (ESDRA) scheme swarms. We present first many-to-one...