To see the other types of publications on this topic, follow the link: IBE (Identity Based Encryption).
Journal articles on the topic 'IBE (Identity Based Encryption)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'IBE (Identity Based Encryption).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Le, Xuan Lam, Le Nhat Bui, and Viet Cuong Trinh. "An Efficient Wildcarded Identity-Based Encryption Scheme." Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 16, no. 1 (2025): 543–59. https://doi.org/10.58346/jowua.2025.i1.032.
Full textAbstract:
In the Identity-based encryption (IBE) scheme user’s public key is exactly the user’s identity, it thus doesn’t need to use expensive certificates in certified public key cryptography. Hierarchical identity-based encryption (HIBE) is the extension of IBE to overcome the bottleneck problem of the Private Key Generator and to increase the security of the IBE scheme. However, similar to IBE scheme, HIBE scheme still doesn’t support flexible one-to-many encrypting. To deal with this problem, Identity-based encryption with wildcards (WIBE) was introduced by Abdalla et al at ICALP conference in 2006. Since then, many WIBE schemes have been introduced in the literature. In this work, we continue in this line of work to introduce a novel WIBE scheme. Our proposed scheme is an improvement of all existing WIBE schemes in term of efficiency.
2
Tseng, Yi-Fan, Chun-I. Fan, and Chih-Wen Lin. "Provably Secure Ciphertext-Policy Attribute-Based Encryption from Identity-Based Encryption." JUCS - Journal of Universal Computer Science 25, no. (3) (2019): 182–202. https://doi.org/10.3217/jucs-025-03-0182.
Full textAbstract:
Ciphertext-policy attribute-based encryption (CP-ABE) is an access control mechanism where a data provider encrypts a secret message and then sends the ciphertext to the receivers according to the access policy which she/he decides. If the attributes of the receivers match the access policy, then they can decrypt the ciphertext. This paper shows a relation between CP-ABE and identity-based encryption (IBE), and presents a bi-directional conversion between an access structure and identities. By the proposed conversion, the CP-ABE scheme constructed from an IBE scheme will inherit the features, such as constant-size ciphertexts and anonymity, from the IBE scheme, and vice versa. It turns out that the proposed conversion also gives the first CP-ABE achieving access structures with wildcard and constant-size ciphertexts/private keys. Finally, we prove the CCA security for confidentiality and anonymity.
3
Kim, Jongkil. "Backward Compatible Identity-Based Encryption." Sensors 23, no. 9 (2023): 4181. http://dx.doi.org/10.3390/s23094181.
Full textAbstract:
In this paper, we present a new identity-based encryption (IBE) system that is named Backward Compatible Identity-based Encryption (BC-IBE). Our BC-IBE is proposed to solve the problem caused by the out-of-synchronization between users’ private keys and ciphertexts. Encryption systems such as revocable IBE or revocable Attribute-based Encryption (ABE) often require updating private keys to revoke users after a certain time period. However, in those schemes, an updated key can be used to decrypt the ciphertexts created only during the current time period. Once the key is updated and the previous keys are removed, the user, the owner of the updated key, will lose access to the past ciphertexts. In our paper, we propose BC-IBE that supports backward compatibility, to solve this problem. In our proposed system, user’s private keys and ciphertexts can be updated periodically with time tags, and these processes can be used to revoke users who do not receive an updated key as the other revocable encryption does. However, in our proposed system, a private key newly issued to a user is backward compatible. This means that it decrypts not only the ciphertexts at the present time period but also all past ciphertexts. This implies that our proposed scheme guarantees the decryption of all encrypted data even if they are not synchronized. Compared to the existing revocable identity-based encryption system, our proposed BC-IBE has the advantage of simplifying key management and securely delegating ciphertext updates. Our proposed scheme only requires a single backward-compatible private key to decrypt all past ciphertexts created. Moreover, the ciphertext update process in our proposed scheme does not require any special privileges and does not require decryption. This means that this process can be securely delegated to a third-party server, such as a cloud server, and it prevents the potential leakage of secrets. For those reasons, BC-IBE is suitable for a system where users are more dynamic, such as the Internet-of-Things (IoT) network, or a system that regularly updates the data, like cloud data storage. In this paper, we provide the construction of BC-IBE and prove its formal security.
4
Mary, Theresia, Octara Pribadi, and Leony Hoki. "Application of Bounded Collusion for Identity-Based Encryption Using the Identity Based Encryption Algorithm." Journal of Artificial Intelligence and Engineering Applications (JAIEA) 4, no. 3 (2025): 2184–88. https://doi.org/10.59934/jaiea.v4i3.1129.
Full textAbstract:
This research aims to design and develop an identity encryption application using the bounded collusion method with the implementation of the Identity Based Encryption (IBE) algorithm. The method combines IBE, bounded collusion, and key generation based on the user's email. The application was developed using Visual Basic. In its implementation, the application can perform text encryption and decryption while limiting the number of decryptions to a maximum of two times per identity, in accordance with the bounded collusion principle. The testing results show that the application effectively protects user identities by generating unique keys based on email and restricting potential collusion attacks between users. Therefore, the implementation of bounded collusion and IBE is proven to enhance the security of identity-based encryption processes
5
Liu, Peng Tao. "Secure Symmetric Key Fuzzy Identity-Based Encryption." Applied Mechanics and Materials 321-324 (June 2013): 2665–68. http://dx.doi.org/10.4028/www.scientific.net/amm.321-324.2665.
Full textAbstract:
Symmetric key fuzzy Identity-Based Encryption (IBE) is a special type of IBE in secret key model. In this paper we extend the notion to the case of fuzzy Identity-Based Encryption, and give a formal definition of symmetric key fuzzy IBE and its security requirements. Moreover, we propose a construction of symmetric key fuzzy IBE based on the public key fuzzy IBE of Sahai and Waters, and prove its security.
6
Luo, Song, and Ning Hu. "On the Anonymity of Identity-Based Encryption." Journal of Applied Mathematics 2013 (2013): 1–9. http://dx.doi.org/10.1155/2013/217480.
Full textAbstract:
Anonymity of identity-based encryption (IBE) means that given a ciphertext, one cannot distinguish the target identity from a random identity. In this paper, we thoroughly discuss the anonymity of IBE systems. We found that the current definition of anonymity is obscure to describe some IBE systems, such as Gentry IBE system. Furthermore, current definition cannot express the degree of anonymity. So we divide the degree of anonymity into weak anonymity and strong anonymity based on indistinguishability between different games. For weakly anonymous IBE systems, the target identity in a ciphertext cannot be distinguished from a random identity. For strongly anonymous IBE systems, the whole ciphertext cannot be distinguished from a random tuple. We also discuss the type of anonymity and divide it into two types. Type 1 means that a random tuple can be seen as a valid ciphertext, while type 2 cannot. Based on our new definitions, we show that three famous IBE systems, Gentry IBE system, Boyen-Waters IBE system, and Lewko IBE system, have strong but different types of anonymity.
7
Karrothu, Aravind, and Jasmine Norman. "A systematic analysis of identity based encryption (IBE)." International Journal of Knowledge-based and Intelligent Engineering Systems 25, no. 3 (2021): 343–56. http://dx.doi.org/10.3233/kes-210078.
Full textAbstract:
Light-weight cryptography is a major research area due to the minimization of the size of the devices utilized for such services. The associated security threats do increase as their applications are more now. Identity-Based Encryption (IBE) with its wide range of cryptographic schemes and protocols is specifically found suitable for low-end devices that have much resource constraint. This work describes various schemes and protocols in IBE. In this paper an analysis of IBE schemes and the various attacks they are prone to are discussed. The future trends are found to be very promising and challenging.
8
Zuo, Binger, Jiguo Li, Yichen Zhang, and Jian Shen. "Identity-Based Online/Offline Encryption Scheme from LWE." Information 15, no. 9 (2024): 539. http://dx.doi.org/10.3390/info15090539.
Full textAbstract:
With quantum computers, the quantum resistance of cryptographic systems has gradually attracted attention. To overcome the shortcoming of existing identity-based encryption (IBE) schemes in resisting quantum attacks, we introduce an IBE scheme based on learning with errors (LWE). In addition, devices with limited computing power are becoming increasingly common in practice, making it increasingly important to improve the efficiency of online computation of encryption algorithms. The classic solution is to directly improve the efficiency of the Gaussian sampling algorithm, thereby increasing the overall efficiency of the scheme. However, our scheme combines the efficient Gaussian sampling algorithm, G-trapdoor, with online/offline method to further improve the online encryption efficiency of the encryption algorithm. Our scheme completes partial computation before knowing the message and receiver’s identity, and once the message and receiver’s identity are obtained, the online part encryption can be efficiently completed. We construct an identity-based online/offline encryption (IBOOE) scheme from LWE with G-trapdoor, improve the efficiency of online encryption while achieving quantum resistant security. We prove the scheme’s security under the standard model for chosen-plaintext attack (CPA). By comparing with relevant schemes in terms of experiments and analysis, our scheme has improved efficiency by 65% to 80% compared to the classical LWE IBE scheme (increasing with LWE security parameters), and by 60% to 70% compared to the recent IBE scheme from LWE. This greatly improves the efficiency of online computing for low-power encryption devices while ensuring security.
9
Shermina, Latha R, and Sreenithi R. "IDENTITY-BASED ENCRYPTION: A SECURE METHOD FOR DATA PROTECTION." International Journal of Engineering Research and Sustainable Technologies (IJERST) 2, no. 3 (2024): 16–22. https://doi.org/10.63458/ijerst.v2i3.88.
Full textAbstract:
Identity-Based Encryption (IBE) is a fundamental cryptographic technology that provides a powerful answer to the problemsassociated with protecting sensitive information in contemporary digital settings. In contrast to conventional encryptiontechniques, which depend on pre-existing public keys linked to certain entities, IBE uses distinct identifiers, like usernamesor email addresses, as public keys. This method not only makes encrypted communication more flexible and accessible, butit also streamlines the key management procedure. Identity-Based Encryption is covered in detail in this study, which alsoexplores its fundamental ideas, essential elements, and real-world uses. To provide a better understanding of IBE'scryptographic methods, the theoretical underpinnings of the algorithm—including its utilization of bilinear pairings andmathematical constructs—are clarified. In addition, the article investigates IBE's security features, testing its resistance todifferent kinds of intrusions and weaknesses. To illustrate the efficacy and adaptability of IBE in protecting data privacyacross a range of industries, including healthcare, finance, and cloud computing, real-world deployment scenarios and casestudies are given. Furthermore, new developments and trends in IBE studies are examined, providing insight into prospectivedirections for investigation and creativity in the future. For scholars, practitioners, and policymakers looking to use Ident ity-Based Encryption for strong data protection in the digital age, this paper is a great resource.
10
Andal, S., Tasneem Tahera, M. MeghanaMary, G. C. Ranjitha, and N.A Deepak. "IMPLEMENTING CLOUD REVOCATION AUTHORITY WITH IDENTITY BASED ENCRYPTION AND ITS APPLICATIONS." International Journal of Research - Granthaalayah 5, (4) RACSIT (2017): 38–40. https://doi.org/10.5281/zenodo.572292.
Full textAbstract:
Identity-based encryption (IBE) is a public key cryptosystem(encoding and decoding) and eliminates the demands of public key infrastructure(PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, a revocable IBE scheme with a key-update cloud service provider (KU-CSP) was proposed. However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with periodlimited privileges for managing a large number of various cloud services.
11
S., Andal, Tahera Tasneem, Meghana Mary, Ranjitha G. C., and Deepak N.A. "IMPLEMENTING CLOUD REVOCATION AUTHORITY WITH IDENTITY BASED ENCRYPTION AND ITS APPLICATIONS." International Journal of Research -GRANTHAALAYAH 5, no. 4RACSIT (2017): 38–40. http://dx.doi.org/10.29121/granthaalayah.v5.i4racsit.2017.3348.
Full textAbstract:
Identity-based encryption(IBE) is a public key cryptosystem(encoding and decoding) and eliminates the demands of public key infrastructure(PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, a revocable IBE scheme with a key-update cloud service provider (KU-CSP) was proposed.However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally,we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
12
Reddy, P. Raja Sekhar, and K. Ravindranath. "CR-IBE based data sharing and revocation in the cloud." Journal of Discrete Mathematical Sciences and Cryptography 27, no. 2 (2024): 453–64. http://dx.doi.org/10.47974/jdmsc-1901.
Full textAbstract:
Storing information on the cloud lets users access data quickly. Owners send their files to cloud servers to save money and use helpful tools. Keeping shared data online beyond direct control worries more people about privacy and security. Issues with sharing data in the cloud are a major concern. Several methods can protect user privacy and securely share group information. This paper introduces a secure dynamic way for groups to share and take away access to data using identity-based encryption that can change (R-IBE). A new cloud-based method for sharing data with revocable identity-based encryption (CR-IBE) is suggested. It allows stopping user access. The proposed method is compared to existing attribute-based encryption schemes for how long they take to run and decode. Tests show the proposed method provides better protection and privacy.
13
Wang, Hongbing, Peng Zeng, and Kim-Kwang Raymond Choo. "MDMR-IBE: efficient multiple domain multi-receiver identity-based encryption." Security and Communication Networks 7, no. 11 (2013): 1641–51. http://dx.doi.org/10.1002/sec.861.
Full text
14
Wu, Qing. "Fuzzy Techniques in Biometric IBE without Random Oracles." Applied Mechanics and Materials 148-149 (December 2011): 112–15. http://dx.doi.org/10.4028/www.scientific.net/amm.148-149.112.
Full textAbstract:
Using a biometric as an identity has the advantage that identities are unique if the underlying biometric is of a good quality, such as fingerprints, faces, irises. Since biometric measurements are noisy, the existing identity-based encryption systems cannot be used directly to construct IBE scheme. The error-tolerance property of Fuzzy-IBE allows for a private key to decrypt a ciphertext encrypted with a slightly different measurement of the same biometric. Based on this property, a new biometric identity based encryption scheme is proposed. Our scheme is constructed in the standard model and achieves a selective identity security. In addition, the security of our scheme is reduced to decision bilinear Diffie-Hellman(BDH) assumption instead of other strong assumptions.
15
Wang, Yang, Mingqiang Wang, Jingdan Zou, Jin Xu, and Jing Wang. "Provably Secure Identity-Based Encryption and Signature over Cyclotomic Fields." Wireless Communications and Mobile Computing 2019 (October 17, 2019): 1–13. http://dx.doi.org/10.1155/2019/1742386.
Full textAbstract:
Identity-based cryptography is a type of public key cryptography with simple key management procedures. To our knowledge, till now, the existing identity-based cryptography based on NTRU is all over power-of-2 cyclotomic rings. Whether there is provably secure identity-based cryptography over more general fields is still open. In this paper, with the help of the results of collision resistance preimage sampleable functions (CRPSF) over cyclotomic fields, we give concrete constructions of provably secure identity-based encryption schemes (IBE) and identity-based signature schemes (IBS) based on NTRU over any cyclotomic field. Our IBE schemes are provably secure under adaptive chosen-plaintext and adaptive chosen-identity attacks, meanwhile, our IBS schemes are existentially unforgeable against adaptively chosen message and adaptively chosen identity attacks for any probabilistic polynomial time (PPT) adversary in the random oracle model. The securities of both schemes are based on the worst-case approximate shortest independent vectors problem (SIVPγ) over corresponding ideal lattices. The secret key size of our IBE (IBS) scheme is short—only one (two) ring element(s). The ciphertext (signature) is also short—only two (three) ring elements. Meanwhile, as the case of NTRUEncrypt, our IBE scheme could encrypt n bits in each encryption process. These properties may make our schemes have more advantages for some IoT applications over postquantum world in theory.
16
Clear, Michael, and Hitesh Tewari. "Anonymous Homomorphic IBE with Application to Anonymous Aggregation." Cryptography 7, no. 2 (2023): 22. http://dx.doi.org/10.3390/cryptography7020022.
Full textAbstract:
All anonymous identity-based encryption (IBE) schemes that are group homomorphic (to the best of our knowledge) require knowledge of the identity to compute the homomorphic operation. This paper is motivated by this open problem, namely to construct an anonymous group-homomorphic IBE scheme that does not sacrifice anonymity to perform homomorphic operations. Note that even when strong assumptions, such as indistinguishability obfuscation (iO), are permitted, no schemes are known. We succeed in solving this open problem by assuming iO and the hardness of the DBDH problem over rings (specifically, ZN2 for RSA modulus N). We then use the existence of such a scheme to construct an IBE scheme with re-randomizable anonymous encryption keys, which we prove to be IND-ID-RCCA secure. Finally, we use our results to construct identity-based anonymous aggregation protocols.
17
Hu, Ziyuan, Shengli Liu, Kefei Chen, and Joseph Liu. "Revocable Identity-Based Encryption and Server-Aided Revocable IBE from the Computational Diffie-Hellman Assumption." Cryptography 2, no. 4 (2018): 33. http://dx.doi.org/10.3390/cryptography2040033.
Full textAbstract:
An Identity-based encryption (IBE) simplifies key management by taking users’ identities as public keys. However, how to dynamically revoke users in an IBE scheme is not a trivial problem. To solve this problem, IBE scheme with revocation (namely revocable IBE scheme) has been proposed. Apart from those lattice-based IBE, most of the existing schemes are based on decisional assumptions over pairing-groups. In this paper, we propose a revocable IBE scheme based on a weaker assumption, namely Computational Diffie-Hellman (CDH) assumption over non-pairing groups. Our revocable IBE scheme is inspired by the IBE scheme proposed by Döttling and Garg in Crypto2017. Like Döttling and Garg’s IBE scheme, the key authority maintains a complete binary tree where every user is assigned to a leaf node. To adapt such an IBE scheme to a revocable IBE, we update the nodes along the paths of the revoked users in each time slot. Upon this updating, all revoked users are forced to be equipped with new encryption keys but without decryption keys, thus they are unable to perform decryption any more. We prove that our revocable IBE is adaptive IND-ID-CPA secure in the standard model. Our scheme serves as the first revocable IBE scheme from the CDH assumption. Moreover, we extend our scheme to support Decryption Key Exposure Resistance (DKER) and also propose a server-aided revocable IBE to decrease the decryption workload of the receiver. In our schemes, the size of updating key in each time slot is only related to the number of newly revoked users in the past time slot.
18
Balasubramanian, Kannan, and M. Rajakani. "Implementation of Algorithms for Identity Based Encryption and Decryption." International Journal of Cyber Research and Education 1, no. 1 (2019): 52–62. http://dx.doi.org/10.4018/ijcre.2019010106.
Full textAbstract:
Identity-based cryptosystems were introduced to overcome one of the main problems in public key encryption, the generation of public and private keys. In the identity-based cryptosystem, an identifier such as an e-mail address of a user can be used to generate public and private keys by a trusted third party. The trusted third party uses a system-wide master secret to provide private keys to a user. Identity-based cryptosystems can be constructed using the idea of pairings. This article discusses four different identity-based cryptosystems: the Boneh-Franklin scheme, the Cock's scheme, the Authenticated IBE scheme and the Hierarchical IBE scheme. This article also discusses the security notions considered for the identity-based cryptosystem. The security notions considered are: one-wayness, indistinguishability, semantic security and non-malleability. An architecture consisting of a public parameter server and private key generator for the implementation of the identity-based cryptosystems is also discussed.
19
Zhou, Yanwei, Bo Yang, Hongxia Hou, Lina Zhang, Tao Wang, and Mingxiao Hu. "Continuous Leakage-Resilient Identity-Based Encryption with Tight Security." Computer Journal 62, no. 8 (2019): 1092–105. http://dx.doi.org/10.1093/comjnl/bxy144.
Full textAbstract:
Abstract In the actual applications, an adversary can break the security of cryptography scheme through various leakage attacks (e.g. side-channel attacks, cold-boot attacks, etc.), even the continuous leakage attacks. That is, a practical cryptography scheme must maintain its claimed security in the continuous leakage setting. However, the previous constructions on the leakage-resilient identity-based encryption (IBE) scheme could tolerate a leakage that is bounded, and cannot resist the continuous leakage attacks. In order to further achieve the better security, a novel method to build the continuous leakage-resilient IBE scheme with tight security is presented in this paper, and the scheme’s security is proved, in the standard model, based on a stronger security assumption that depends on the number of queries made by the adversary. In addition, our proposal has several advantages over previous such constructions, e.g. shorter public parameters, higher communication efficiency, tight security, etc.
20
Yin, Shao Ping. "Research on the Application of IBE in IEC61850 Substation Automation System." Applied Mechanics and Materials 130-134 (October 2011): 2805–8. http://dx.doi.org/10.4028/www.scientific.net/amm.130-134.2805.
Full textAbstract:
In order to reap the benefits promised by the Smart Grid, communications between the IEDs in IEC 61850 Substation Automation System (SAS) will need to be made much more secure.Traditional security solutions based on Public Key Infrastructure (PKI) are calculation intensive and introduces latency that will be difficult to meet substation environmental and electrical requirements, so they are not well suited for IEC 61850 SAS. Identity based encryption (IBE) schemes, introduced by Shamir in 1984 [5] are based on the idea to use participant’s unique identities as public key and public key directories are unnecessary. Thus, utilizing IBE in IEC 61850 SAS is a reasonable choice. This paper briefly introduces the features of IEC 61850 SAS communication security and IBE and then propose an IBE-based Self Private Key Generated (SPKG) encryption scheme to establish encryption system in IEC 61850 SAS. Advantages of this SPKG Scheme are also discussed in the paper.
21
Mr., Antony Jose, Fathima Lubna Ms., Jashini Siraju Ms., P. V. Rahana, Saliya Manaf A. P. Ms., and Shabna K. A. Ms. "SACT: AN ANONYMOUS COMMUNICATION TECHNIQUE." International Journal of Advances in Engineering & Scientific Research 3, no. 4 (2016): 43–56. https://doi.org/10.5281/zenodo.10774085.
Full textAbstract:
<strong>Abstract: </strong> <strong>Objective- </strong>The aim of this paper is to realize a secure and anonymous communication technique which provides end-to-end encryption and anonymity simultaneously. <strong>Design/Methodology/Approach-</strong> End-to-end encryption and anonymity are considered as important features in privacy preserving communications. A simple combination of Public Key Infrastructure (PKI) and current anonymous communication protocols cannot be used to realize secure and anonymous communication. The anonymity is contradicted by the current PKI because the user is identified by the user’s public key certificate. Moreover, there should be certain authentication mechanisms in communication channels because such channels could incubate criminal communication. To deal with this issue, a secure and anonymous communication protocol which employs Identity-Based Encryption (IBE) and group signature is proposed in this paper. <strong>Findings-</strong> IBE is used for encrypting packets without sacrificing anonymity and Group Signature scheme is used for anonymous user authentication. <strong>Limitations-</strong> In Group Signature scheme, the Group Manager must be a trusted entity as he is capable of breaking the anonymity. <strong>Practical Implications-</strong> Proxy entities are used for communication in the protocol which will conceal the user IP address from the Service Providers (SPs), thereby providing anonymity. The system ensures user privacy and provides better security. <strong>Originality- </strong>This paper contains works related to anonymous communication as literature survey. <strong>Keywords- </strong>Anonymous Authentication<strong>, </strong>Anonymous Communication, Identity-Based Encryption, Group Signature, Secure Channel
22
Adams, Carlisle. "Improving User Privacy in Identity-Based Encryption Environments." Cryptography 6, no. 4 (2022): 55. http://dx.doi.org/10.3390/cryptography6040055.
Full textAbstract:
The promise of identity-based systems is that they maintain the functionality of public key cryptography while eliminating the need for public key certificates. The first efficient identity-based encryption (IBE) scheme was proposed by Boneh and Franklin in 2001; variations have been proposed by many researchers since then. However, a common drawback is the requirement for a private key generator (PKG) that uses its own master private key to compute private keys for end users. Thus, the PKG can potentially decrypt all ciphertext in the environment (regardless of who the intended recipient is), which can have undesirable privacy implications. This has led to limited adoption and deployment of IBE technology. There have been numerous proposals to address this situation (which are often characterized as methods to reduce trust in the PKG). These typically involve threshold mechanisms or separation-of-duty architectures, but unfortunately often rely on non-collusion assumptions that cannot be guaranteed in real-world settings. This paper proposes a separation architecture that instantiates several intermediate CAs (ICAs), rather than one (as in previous work). We employ digital credentials (containing a specially-designed attribute based on bilinear maps) as the blind tokens issued by the ICAs, which allows a user to easily obtain multiple layers of pseudonymization prior to interacting with the PKG. As a result, our proposed architecture does not rely on unrealistic non-collusion assumptions and allows a user to reduce the probability of a privacy breach to an arbitrarily small value.
23
Kumar, Sunil, Gaurav Mittal, and Arvind Yadav. "An efficient ID-based cryptographic encryption based on group ring." Journal of Discrete Mathematical Sciences and Cryptography 27, no. 6 (2024): 1851–66. http://dx.doi.org/10.47974/jdmsc-1871.
Full textAbstract:
For most of the traditional IBEs (identity-based encryptions), security totally relies on the safekeeping of private keys. In case the private key is exposed, all the previously generated ciphertext need to be reissued. Due to increased usage of unprotected devices or mobiles, the key exposure is frequent. Therefore, it is important to mitigate the threat originated due to the key exposure in case of IBE. To deal with this issue, in this paper, we construct a novel IBE based on group ring that also provides forward security. We show that the security of our novel IBE is based on the hardness of discrete logarithm problem in group ring. Moreover, against the chosen plaintext attack, we show that it is semantically secure in random oracle model. Finally, we compare our IBE with several other existing IBEs in terms of execution cost.
24
Zhang, Ya Kun, Jia Yin Tian, Cheng Yang, Yi Chun Zhang, and Fang Tian Hou. "A Novel IBE Based Authentication Scheme for Network Storage." Advanced Materials Research 452-453 (January 2012): 791–95. http://dx.doi.org/10.4028/www.scientific.net/amr.452-453.791.
Full textAbstract:
Public Key Infrastructure (PKI) based or Identity-based Encryption (IBE) based authentication schemes are introduced into network storage systems recently. However, the schemes have unavoidable disadvantages:(1)the exchange of digital certificates are complicated.(2)the public key is long.(3)the transmission of private key is vulnerable. In this paper, we design a network storage authentication scheme using Double-PKG. The theoretical and experimental results show that it can ensure the confidentiality, integrity, availability and non-repudiation during data transmission and storage. Our scheme uses the double authentication infrastructure. And it can effectively protect the key transmission. The data encryption and decryption in experiments are relatively stable, so the overall scheme efficiency has been greatly improved.
25
Wang, Lu. "A Method for Key Updating of IBE with Wildcards." Advanced Materials Research 765-767 (September 2013): 1003–6. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1003.
Full textAbstract:
A variety of identity-based encryption mechanisms are gradually developed since BF-IBE was proposed in 2001. However, since a users public key is fully open and cannot be modified, the key update issue needs to be solved urgently. And at the same time, hierarchical IBE has been proposed to reduce the burden of a single PKG. The paper suggests wildcards and put forward WIBE, which can make one-time encryption for user groups of HIBE. Then WKU is put out based on WIBE, which is a key updating mechanism in the measure of years and manages the expiration date of users keys.
26
Zhandry, Mark. "Secure identity-based encryption in the quantum random oracle model." International Journal of Quantum Information 13, no. 04 (2015): 1550014. http://dx.doi.org/10.1142/s0219749915500148.
Full textAbstract:
We give the first proof of security for an identity-based encryption (IBE) scheme in the quantum random oracle model. This is the first proof of security for any scheme in this model that does not rely on the assumed existence of so-called quantum-secure pseudorandom functions (PRFs). Our techniques are quite general and we use them to obtain security proofs for two random oracle hierarchical IBE schemes and a random oracle signature scheme, all of which have previously resisted quantum security proofs, even assuming quantum-secure PRFs. We also explain how to remove quantum-secure PRFs from prior quantum random oracle model proofs. We accomplish these results by developing new tools for arguing that quantum algorithms cannot distinguish between two oracle distributions. Using a particular class of oracle distributions that we call semi-constant distributions, we argue that the aforementioned cryptosystems are secure against quantum adversaries.
27
Garg, Deepak, Shalli Rani, Norbert Herencsar, Sahil Verma, Marcin Wozniak, and Muhammad Fazal Ijaz. "Hybrid Technique for Cyber-Physical Security in Cloud-Based Smart Industries." Sensors 22, no. 12 (2022): 4630. http://dx.doi.org/10.3390/s22124630.
Full textAbstract:
New technologies and trends in industries have opened up ways for distributed establishment of Cyber-Physical Systems (CPSs) for smart industries. CPSs are largely based upon Internet of Things (IoT) because of data storage on cloud servers which poses many constraints due to the heterogeneous nature of devices involved in communication. Among other challenges, security is the most daunting challenge that contributes, at least in part, to the impeded momentum of the CPS realization. Designers assume that CPSs are themselves protected as they cannot be accessed from external networks. However, these days, CPSs have combined parts of the cyber world and also the physical layer. Therefore, cyber security problems are large for commercial CPSs because the systems move with one another and conjointly with physical surroundings, i.e., Complex Industrial Applications (CIA). Therefore, in this paper, a novel data security algorithm Dynamic Hybrid Secured Encryption Technique (DHSE) is proposed based on the hybrid encryption scheme of Advanced Encryption Standard (AES), Identity-Based Encryption (IBE) and Attribute-Based Encryption (ABE). The proposed algorithm divides the data into three categories, i.e., less sensitive, mid-sensitive and high sensitive. The data is distributed by forming the named-data packets (NDPs) via labelling the names. One can choose the number of rounds depending on the actual size of a key; it is necessary to perform a minimum of 10 rounds for 128-bit keys in DHSE. The average encryption time taken by AES (Advanced Encryption Standard), IBE (Identity-based encryption) and ABE (Attribute-Based Encryption) is 3.25 ms, 2.18 ms and 2.39 ms, respectively. Whereas the average time taken by the DHSE encryption algorithm is 2.07 ms which is very much less when compared to other algorithms. Similarly, the average decryption times taken by AES, IBE and ABE are 1.77 ms, 1.09 ms and 1.20 ms and the average times taken by the DHSE decryption algorithms are 1.07 ms, which is very much less when compared to other algorithms. The analysis shows that the framework is well designed and provides confidentiality of data with minimum encryption and decryption time. Therefore, the proposed approach is well suited for CPS-IoT.
28
Wang, Qihua, Fagen Li, and Huaqun Wang. "An Anonymous Multireceiver with Online/Offline Identity-Based Encryption." Wireless Communications and Mobile Computing 2018 (August 12, 2018): 1–10. http://dx.doi.org/10.1155/2018/5702068.
Full textAbstract:
Anonymous multireceiver encryption scheme can not only protect the privacy of the receiver but also ensure the security of message. However, the computational cost of this scheme is very large. It is not suitable for the sender which has limited resources, such as mobile devices and sensor nodes. In this work, an anonymous multireceiver online/offline identity-based encryption is proposed based on offline/online and identity-based encryption (IBE). In identity-based encryption scheme, the sender can encrypt the message using the unique information of the user (such as identity number or e-mail address) as its public key. The receiver obtains the private key from a central authority. For mobile device with limited resource, the online/offline encryption scheme can reduce the computational cost. Compared to the previous anonymous multireceiver schemes, the proposed scheme can efficiently encrypt message with offline/online method and ensure the anonymity of receivers. The analysis results also show that our scheme is efficient in terms of computational cost by comparing to the previous works.
29
Liu, Shiqi, Yan Shao, Hanbo Luo, and Hong Di. "IBE-Signal: Reshaping Signal into a MITM-Attack-Resistant Protocol." Security and Communication Networks 2022 (July 21, 2022): 1–24. http://dx.doi.org/10.1155/2022/8653453.
Full textAbstract:
The Signal Protocol is one of the most popular privacy protocols today for protecting Internet chats and supports end-to-end encryption. Nevertheless, despite its many advantages, the Signal Protocol is not resistant to Man-In-The-Middle (MITM) attacks because a malicious server can distribute the forged identity-based public keys during the user registration phase. To address this problem, we proposed the IBE-Signal scheme that replaced the Extended Triple Diffie–Hellman (X3DH) key agreement protocol with enhanced Identity-Based Encryption (IBE). Specifically, the adoption of verifiable parameter initialization ensures the authenticity of system parameters. At the same time, the Identity-Based Signature (IBS) enables our scheme to support mutual authentication. Moreover, we proposed a distributed key generation mechanism that served as a risk decentralization to mitigate IBE’s key escrow problem. Besides, the proposed revocable IBE scheme is used for the revocation problem. Notably, the IND-ID-CPA security of the IBE-Signal scheme is proven under the random oracle model. Compared with the existing schemes, our scheme provided new security features of mutual authentication, perfect forward secrecy, post-compromise security, and key revocation. Experiments showed that the computational overhead is lower than that of other schemes when the Cloud Privacy Centers (CPCs) number is less than 8.
30
Zhao, Meng, and Yong Ding. "Dual-Server Identity-Based Encryption with Authorized Equality Test for IoT Data in Clouds." Security and Communication Networks 2022 (October 11, 2022): 1–12. http://dx.doi.org/10.1155/2022/4905763.
Full textAbstract:
The massive amounts of data collected by Internet of things (IoT) devices can be stored in clouds to solve the problem of the low storage capacity of IoT terminals. However, the privacy and security of outsourced IoT data may be compromised on the cloud side. Traditional cryptographic technologies can protect data privacy but require the user to retrieve the data for decryption and further processing, which would bring vast amounts of bandwidth and computation burden to users. This paper proposes a dual-server identity-based encryption scheme supporting authorized ciphertext equality test (DS-IBE-AET), where two noncolluding servers with authorizations from users can collaboratively carry out an equality test on outsourced IoT ciphertexts without decrypting the data. DS-IBE-AET can resist offline keyword guessing attacks confronted by existing encryption schemes with equality test in the single server model. Security analysis demonstrates that the proposed DS-IBE-AET scheme offers unforgeability for private keys of users and servers and confidentiality protection for outsourced IoT data and authentication tokens. The performance analysis indicates the practicality of our DS-IBE-AET construction for securing outsourced IoT data in clouds.
31
Almuflih, Ali Saeed, Khushi Popat, Viral V. Kapdia, Mohamed Rafik Noor Mohamed Qureshi, Naif Almakayeel, and Rabia Emhamed Al Mamlook. "Efficient Key Exchange Using Identity-Based Encryption in Multipath TCP Environment." Applied Sciences 12, no. 15 (2022): 7575. http://dx.doi.org/10.3390/app12157575.
Full textAbstract:
Across the globe, wireless devices with Internet facilities such as smartphones and tablets have become essential assets for communication and entertainment alike for everyday life for millions of people, which increases the network traffic and the demand for low-latency communication networks. The fourth-generation (4G)/long-term evolution (LTE)/ fifth-generation (5G) communication technology offers higher bandwidth and low latency services, but resource utilization and resiliency cannot be achieved, as transmission control protocol (TCP) is the most common choice for most of the state-of-art applications for the transport layer. An extension of TCP—multipath TCP (MPTCP)—offers higher bandwidth, resiliency, and stable connectivity by offering bandwidth aggregation and smooth handover among multiple paths. However, MPTCP uses multiple disjointed paths for communication to offer multiple benefits. A breach in the security of one of the paths may have a negative effect on the overall performance, fault-tolerance, robustness, and quality of service (QoS). In this paper, the research focuses on how MPTCP options such as MP_CAPABLE, ADD_ADDR, etc., can be used to exploit the vulnerabilities to launch various attacks such as session hijacking, traffic diversion, etc., to compromise the availability, confidentiality, and integrity of the data and network. The probable security solutions for securing MPTCP connections are analyzed, and the secure key exchange model for MPTCP (SKEXMTCP) based on identity-based encryption (IBE) is proposed and implemented. The parameters exchanged during the initial handshake are encrypted using IBE to prevent off-path attacks by removing the requirement for key exchange before communication establishment by allowing the use of arbitrary strings as a public key for encryption. The experiments were performed with IBE and an elliptic curve cryptosystem (ECC), which show that IBE performs better, as it does not need to generate keys while applying encryption. The experimental evaluation of SKEXMTCP in terms of security and performance is carried out and compared with existing solutions.
32
Lian, Yuchen, and Ruwei Huang. "KDM Security IBE Based on LWE beyond Affine Functions." Applied Sciences 13, no. 14 (2023): 8259. http://dx.doi.org/10.3390/app13148259.
Full textAbstract:
Key-dependent message (KDM) security identity-based encryption (IBE) schemes aim to solve the security risks caused by the dependency between plaintext and secret keys in traditional IBE schemes. However, current KDM-IBE schemes are only secure with respect to affine functions, which limits their security level when a message is derived from the evaluation of a polynomial function using the secret key. To address this issue, in this study, we propose a novel approach to construct a KDM-IBE scheme with respect to polynomial or even arbitrary functions that achieves maximum security based on the learning with errors (LWE) assumption. Our approach overcomes two major technical barriers to constructing KDM-IBE schemes with respect to polynomial functions. Compared to existing KDM-IBE schemes, our proposed scheme ensures the secrecy of the key-related plaintext, even when it is obtained using arbitrary functions, not just affine functions. Thus, our approach provides a more robust solution to the security risks inherent in traditional IBE schemes.
33
Guo, Sheng Chang, Yi Liu, and Jie Ling. "A Quasi IBE Identity Authentication Scheme in a Cloud Computing Environment." Advanced Materials Research 756-759 (September 2013): 837–40. http://dx.doi.org/10.4028/www.scientific.net/amr.756-759.837.
Full textAbstract:
This paper draws on the principle of identity-based public key encryption (IBE) system algorithm. A suitable Identity authentication scheme for cloud computing environment is proposed. Security analysis of the scheme is given. The proposed scheme using the bidirectional signature between Client and cloud server has solved the safety verification audit, and realized identity authentication in cloud computing. We provide end-to-end authentication instead of trusted third party, which solve the problem of Key Escrow and improve the efficiency of the management of the identity authentication.
34
Ren, Chengdong, Xiaolei Dong, Jiachen Shen, Zhenfu Cao, and Yuanjian Zhou. "CLAP-PRE: Certificateless Autonomous Path Proxy Re-Encryption for Data Sharing in the Cloud." Applied Sciences 12, no. 9 (2022): 4353. http://dx.doi.org/10.3390/app12094353.
Full textAbstract:
In e-health systems, patients encrypt their personal health data for privacy purposes and upload them to the cloud. There exists a need for sharing patient health data with doctors for healing purposes in one’s own preferred order. To achieve this fine-gained access control to delegation paths, some researchers have designed a new proxy re-encryption (PRE) scheme called autonomous path proxy re-encryption (AP-PRE), where the delegator can control the whole delegation path in a multi-hop delegation process. In this paper, we introduce a certificateless autonomous path proxy re-encryption (CLAP-PRE) using multilinear maps, which holds both the properties (i.e., certificateless, autonomous path) of certificateless encryption and autonomous path proxy re-encryption. In the proposed scheme, (a) each user has two public keys (user’s identity and traditional public key) with corresponding private keys, and (b) each ciphertext is first re-encrypted from a public key encryption (PKE) scheme to an identity-based encryption (IBE) scheme and then transformed in the IBE scheme. Our scheme is an IND-CPA secure CLAP-PRE scheme under the k-multilinear decisional Diffie–Hellman (k-MDDH) assumption in the random oracle model.
35
Ren, Chengdong, Xiaolei Dong, Jiachen Shen, Zhenfu Cao, and Yuanjian Zhou. "CLAP-PRE: Certificateless Autonomous Path Proxy Re-Encryption for Data Sharing in the Cloud." Applied Sciences 12, no. 9 (2022): 4353. http://dx.doi.org/10.3390/app12094353.
Full textAbstract:
In e-health systems, patients encrypt their personal health data for privacy purposes and upload them to the cloud. There exists a need for sharing patient health data with doctors for healing purposes in one’s own preferred order. To achieve this fine-gained access control to delegation paths, some researchers have designed a new proxy re-encryption (PRE) scheme called autonomous path proxy re-encryption (AP-PRE), where the delegator can control the whole delegation path in a multi-hop delegation process. In this paper, we introduce a certificateless autonomous path proxy re-encryption (CLAP-PRE) using multilinear maps, which holds both the properties (i.e., certificateless, autonomous path) of certificateless encryption and autonomous path proxy re-encryption. In the proposed scheme, (a) each user has two public keys (user’s identity and traditional public key) with corresponding private keys, and (b) each ciphertext is first re-encrypted from a public key encryption (PKE) scheme to an identity-based encryption (IBE) scheme and then transformed in the IBE scheme. Our scheme is an IND-CPA secure CLAP-PRE scheme under the k-multilinear decisional Diffie–Hellman (k-MDDH) assumption in the random oracle model.
36
TIAN, MIAOMIAO, LIUSHENG HUANG, and WEI YANG. "SECURITY ANALYSIS OF A FUZZY IDENTITY-BASED ENCRYPTION SCHEME." Journal of Circuits, Systems and Computers 23, no. 03 (2014): 1450033. http://dx.doi.org/10.1142/s0218126614500339.
Full textAbstract:
Fuzzy identity-based encryption (FIBE) scheme is a kind of identity-based encryption (IBE) scheme, in which any user's identity is composed by a set of attributes and any ciphertext encrypted under identity ID can be decrypted by using a private key corresponding to identity ID′ if ID′ is close to ID as measured by some metric. Due to the error-tolerance property, FIBE scheme is very useful in real-world applications. However, most FIBE schemes are provable secure only in a weaker security model. In order to eliminate this problem, Ren et al. recently proposed a new FIBE scheme and proved that it is fully chosen-ciphertext secure in the standard model. Unfortunately, in this paper, we will show that their FIBE scheme is even not chosen-plaintext secure.
37
Gupta, Rajeev Kumar, Khalid K. Almuzaini, R. K. Pateriya, Kaushal Shah, Piyush Kumar Shukla, and Reynah Akwafo. "An Improved Secure Key Generation Using Enhanced Identity-Based Encryption for Cloud Computing in Large-Scale 5G." Wireless Communications and Mobile Computing 2022 (March 10, 2022): 1–14. http://dx.doi.org/10.1155/2022/7291250.
Full textAbstract:
The demand of cloud computing and 5G networks has increased in the current scenario due to their attractive features and also the security related to the data over the cloud. In the context of cloud security, there is a number of computationally hard methods available. One of the most popular methods used to secure data over the cloud is the identity-based encryption (IBE). It is an access policy that allows only authorized users to access legible data in order to avoid a malicious attack. IBE comprises of four stages, namely, setup, key generation or extract, encryption, and decryption. Key generation is one of the important and time-consuming phases in which a security key is generated. It is a computational and decisional hard problem for generating unbreakable and nonderivable secure keys. This paper proposes an enhanced identity-based encryption approach where a secure key is generated using part of an identity bit string in order to avoid leakage of users’ identity even if an adversary or attacker decodes the key or encrypted data. Experiment results show that the prosed algorithm takes less time in the encryption and decryption as compared to the competitive approach named efficient selective-ID secure identity-based encryption approach. One of the most important features of the proposed approach is that it hides the user’s identity by using the Lagrange coefficient, which consists of a polynomial interpolation function. The security of the system depends on the hardness of computing the bilinear Diffie-Hellman problem.
38
Gao, Wenhua, Li Yang, Daode Zhang, and Xia Liu. "Quantum Identity-Based Encryption from the Learning with Errors Problem." Cryptography 6, no. 1 (2022): 9. http://dx.doi.org/10.3390/cryptography6010009.
Full textAbstract:
To prevent eavesdropping and tampering, network security protocols take advantage of asymmetric ciphers to establish session-specific shared keys with which further communication is encrypted using symmetric ciphers. Commonly used asymmetric algorithms include public key encryption, key exchange, and identity-based encryption (IBE). However, network security protocols based on classic identity-based encryption schemes do not have perfect forward secrecy. To solve this problem, we construct the first quantum IBE (QIBE) scheme based on the learning with errors (LWE) problem, which is also the first cryptographic scheme that applies the LWE problem to quantum encryption. We prove that our scheme is fully secure under the random oracle model and highlight the following advantages: (1) Network security protocols with our QIBE scheme provide perfect forward secrecy. The ciphertext is transmitted in the form of a quantum state unknown to the adversary and cannot be copied and stored. Thus, in network security protocols based on QIBE construction, the adversary does not have any previous quantum ciphertext to decrypt for obtaining the previous session key, even if the private identity key is threatened. (2) Classic key generation centre (KGC) systems can still be used in the QIBE scheme to generate and distribute private identity keys, reducing the cost when implementing this scheme. The classic KGC systems can be used because the master public and secret keys of our scheme are both in the form of classic bits. Finally, we present quantum circuits to implement this QIBE scheme and analyse its required quantum resources for given numbers of qubits, Hadamard gates, phase gates, T gates, and CNOT (controlled-NOT) gates. One of our main findings is that the quantum resources required by our scheme increase linearly with the number of plaintext bits to be encrypted.
39
Yussoff, Yusnani Mohd, and Habibah Hashim. "Analysis of Trusted Identity Based Encryption (IBE-Trust) Protocol for Wireless Sensor Networks." International Journal of Wireless and Microwave Technologies 1, no. 6 (2011): 52–58. http://dx.doi.org/10.5815/ijwmt.2011.06.08.
Full text
40
Dong, Siyue, Zhen Zhao, Baocang Wang, Wen Gao, and Shanshan Zhang. "SM9 Identity-Based Encryption with Designated-Position Fuzzy Equality Test." Electronics 13, no. 7 (2024): 1256. http://dx.doi.org/10.3390/electronics13071256.
Full textAbstract:
Public key encryption with equality test (PKEET) is a cryptographic primitive that enables a tester to determine whether two ciphertexts encrypted with same or different public keys have been generated from the same message without decryption. Previous studies extended PKEET to public key encryption with designated-position fuzzy equality test (PKE-DFET), enabling testers to verify whether plaintexts corresponding to two ciphertexts are equal while ignoring specific bits at designated positions. In this work, we have filled the research gap in the identity-based encryption (IBE) cryptosystems for this primitive. Furthermore, although our authorization method is the all-or-nothing (AoN) type, it overcomes the shortcomings present in the majority of AoN-type authorization schemes. In our scheme, equality tests can only be performed between a ciphertext and a given plaintext. Specifically, even if a tester acquires multiple AoN-type authorizations, it cannot conduct unpermitted equality tests between users. This significantly reduces the risk of user privacy leaks when handling sensitive information in certain scenarios, while still retaining the flexible and simple characteristics of AoN-type authorizations. We use the Chinese national cryptography standard SM9-IBE algorithm to provide the concrete construction of our scheme, enhancing the usability and security of our scheme, while making deployment more convenient. Finally, we prove that our scheme achieves F-OW-ID-CCA security when the adversary has the trapdoor of the challenge ciphertext, and achieves IND-ID-CCA security when the adversary does not have the trapdoor of the challenge ciphertext.
41
Anupama, T. A., and M. A. Megha. "Keyword Search mechanism Using Multiple Authorities on Encrypted Cloud Data." Journal of Network Security and Data Mining 6, no. 3 (2023): 17–23. https://doi.org/10.5281/zenodo.8195033.
Full textAbstract:
<em>Storage pools, which are hosted by third parties, can be used to store data on the cloud. Cloud data needs an internet connection. But everybody in the globe has access to the cloud data. Security is therefore a major problem for cloud data. Usually, cloud data is encrypted using asymmetric encryption. However, this is insufficient. Because it's possible to steal the private key. It calls for improved security measures. So, for access control, we choose for two-factor data security. IBE (Identity Based Encryption) is how we operate. To encrypt the data in this case, the sender just needs to know who the recipient is. There is no requirement for extra subtleties. The beneficiary can download the encoded information that the shipper shipped off the cloud. The underpinning of our answer is a two-factor information encryption procedure with revocability capacity. The information should be decoded two times by the recipient. Their mystery key is utilized as the primary stage, trailed by an exceptional security gadget like a USB or Bluetooth. To decode the information, two variables are required.</em>
42
Fan, Huifeng, Ruwei Huang, and Fengting Luo. "Efficient Multi-Identity Full Homomorphic Encryption Scheme on Lattice." Applied Sciences 13, no. 10 (2023): 6343. http://dx.doi.org/10.3390/app13106343.
Full textAbstract:
Aiming at the problem that the fully homomorphic encryption scheme based on single identity cannot satisfy the homomorphic operation of ciphertext under different identities, as well as the inefficiency of trapdoor function and the complexity of sampling algorithm, an improved lattice MIBFHE scheme was proposed. Firstly, we combined MP12 trapdoor function with dual LWE algorithm to construct a new IBE scheme under the standard model, and prove that the scheme is IND-sID-CPA security under the selective identity. Secondly, we used the eigenvector method to eliminate the evaluation key, and transform the above efficient IBE scheme into a single identity IBFHE scheme to satisfy the homomorphic operation. Finally, we improved the ciphertext extension method of CM15 and constructed a new Link-mask system that supports the transformation of IBFHE scheme under the standard model, and then, converted the above IBFHE scheme into MIBFHE scheme based on this system. The comparative analysis results showed that the efficiency of this scheme is improved compared with similar schemes in the trapdoor generation and preimage sampling, and the dimension of lattice and ciphertext size are significantly shortened.
43
Ma, Xuecheng, and Dongdai Lin. "Server-aided Revocable IBE with Identity Reuse." Computer Journal 63, no. 4 (2019): 620–32. http://dx.doi.org/10.1093/comjnl/bxz114.
Full textAbstract:
Abstract Efficient key revocation in Identity-based Encryption (IBE) has been a both fundamental and critical problem when deploying an IBE system in practice. Boneh and Franklin proposed the first revocable IBE (RIBE) scheme where the size of key updates is linear in the number of users. Then, Boldyreva, Goyal and Kumar proposed the first scalable RIBE by using the tree-based approach where the size of key updates is $O(r\log (N/r))$ and the size of every user’s long-term secret key is $O(\log N)$ with $N$ being the number of users and $r$ the number of revoked users. Recently, Qin et al. presented the notion of server-aided RIBE where the size of every user’s long-term secret key is $O(1),$ and users do not need to communicate with Key Generator Center (KGC) during every key updates. However, users must change their identities once their secret keys are revoked as they cannot decrypt ciphertexts by using their revoked secret keys. To address the above problem, we formalize the notion of RIBE with identity reuse. In our system model, users can obtain a new secret key called the reuse secret key from KGC when their secret keys are revoked. The decryption key can be derived from the reuse secret key and new key updates while it cannot be derived from the revoked secret key and the new key updates. We present a concrete construction that is secure against adaptive-ID chosen plaintext attacks and decryption key exposure attacks under the $\mathsf{ADDH}1$ and $\mathsf{DDH}2$ assumptions in the standard model. Furthermore, we extend it to server-aided RIBE scheme with identity reuse property that is more suitable for lightweight devices.
44
Wang, Ziwei, Ruwei Huang, and Xiyi Wei. "A Compact Multi-Identity Fully Homomorphic Encryption Scheme Without Fresh Ciphertexts." Applied Sciences 15, no. 1 (2025): 473. https://doi.org/10.3390/app15010473.
Full textAbstract:
The lattice-based multi-identity fully homomorphic encryption scheme combines the quantum security of lattice cryptography with the advantage of identity-based encryption. However, existing schemes face challenges such as large key sizes, inefficient ciphertext expansion processes, and reliance on outdated trapdoor designs, limiting their compactness and practicality. In this study, we propose a novel Compact Multi-Identity Fully Homomorphic Encryption Scheme (WZ-MIBFHE) that eliminates the need for fresh ciphertexts during expansion. First, we construct a compact identity-based encryption scheme by combining the YJW23 trapdoor and ABB10 under the standard model, proving its IND-sID-CPA security. The scheme is then adapted to ensure correctness and security when integrated with the decomposition method for ciphertext expansion. This adaptation also utilizes approximation errors to reduce overall noise. Finally, we expand the modified IBE scheme’s ciphertext using the decomposition method to construct the WZ-MIBFHE scheme. Compared to existing methods, WZ-MIBFHE reduces the lattice dimension to nlogq+logbq, improves public and private key sizes, and significantly lowers ciphertext expansion rates by removing the need for fresh ciphertexts. These improvements enhance both the compactness and efficiency of the scheme, making it a promising solution for multi-identity homomorphic encryption.
45
Alzahrani, Bander, and Shehzad Ashraf Chaudhry. "An Identity-Based Encryption Method for SDN-Enabled Source Routing Systems." Security and Communication Networks 2022 (April 13, 2022): 1–7. http://dx.doi.org/10.1155/2022/1942097.
Full textAbstract:
In this study, we consider endpoints communicating over a software-defined networking (SDN)-based architecture using source routing, i.e., packets are routed through a path selected by the packet sender, and we provide a security solution that enforces the selected path. In particular, our solution allows a sender to select the path that a packet should go through using a constant-size cryptographic construction which is referred to as the authenticator. A recipient can examine an authenticator and verify that the received packet has followed the path selected by the sender. Additionally, any intermediate “programmable” switch can verify whether or not it is included in the path of a packet. Our solution can be used even for paths that include multiple recipients (e.g., multicast paths), as well as multiple parallel paths (e.g., multipath transmissions). We implement our solution by leveraging identity-based encryption (IBE), so it can be used by any sender that knows the identifiers of the links that compose the desired path, i.e., information that the sender usually already knows as part of the source routing protocol. Our solution is realistic since it can be implemented over a variety of platforms with tolerable overhead.
46
Benasser Algehawi, Mohammed, and Azman Samsudin. "A new Identity Based Encryption (IBE) scheme using extended Chebyshev polynomial over finite fields." Physics Letters A 374, no. 46 (2010): 4670–74. http://dx.doi.org/10.1016/j.physleta.2010.09.041.
Full text
47
Kumar, Mahender, and Satish Chand. "ESKI-IBE: Efficient and secure key issuing identity-based encryption with cloud privacy centers." Multimedia Tools and Applications 78, no. 14 (2019): 19753–86. http://dx.doi.org/10.1007/s11042-019-7155-x.
Full text
48
Bai, Qing Hai, Ying Zheng, and Lin Na Zhao. "The Application of IBE Encryption Scheme in Grid Environments." Applied Mechanics and Materials 551 (May 2014): 686–90. http://dx.doi.org/10.4028/www.scientific.net/amm.551.686.
Full textAbstract:
The computing service and security service are separated in current Grid system, but the data transmission of the system has to cross unsafe public channel. This makes the results computing by the Grid system may be stolen or destroyed by artificial or non-artificial factors in transmission process. So the Grid system has secure requirements of confidential communication, data integrity and non-repudiation. For these requirements, this paper puts forward an identity-based encryption scheme and realizes the function of confidentiality, Integrity, Key Update and non-repudiation. To test the security of the proposed scheme, the authors make a detailed analysis in random oracle model and prove the security of the scheme equivalents to the difficulty of the bilinear Diffle-Hellman problem. So our scheme is proved to be correct.
49
Zhang, Bo, Tao Zhang, Zesheng Xi, Ping Chen, Jin Wei, and Yu Liu. "Secure Device-to-Device Communication in IoT: Fuzzy Identity from Wireless Channel State Information for Identity-Based Encryption." Electronics 13, no. 5 (2024): 984. http://dx.doi.org/10.3390/electronics13050984.
Full textAbstract:
With the rapid development of the Internet of Things (IoT), ensuring secure communication between devices has become a crucial challenge. This paper proposes a novel secure communication solution by extracting wireless channel state information (CSI) features from IoT devices to generate a device identity. Due to the instability of the wireless channel, the CSI features are fuzzy and time-varying; thus, we a employ locally sensitive hashing (LSH) algorithm to ensure the stability of the generated identity in a dynamically changing wireless channel environment. Furthermore, zero-knowledge proofs are utilized to guarantee the authenticity and effectiveness of the generated identity. Finally, the identity generated using the aforementioned approach is integrated into an IBE communication scheme, which involves the fuzzy extraction of channel state information from IoT devices, stable identity extraction for fuzzy IoT devices using LSH, and the use of zero-knowledge proofs to ensure the authenticity of the generated identity. This identity is then employed as the identity information in identity-based encryption (IBE), constructing the device’s public key for achieving confidential communication between devices.
50
Liu, Yan Bing, and Wen Jing Ren. "Attribute-Based Authentication Protocol of the Internet of Things." Advanced Materials Research 765-767 (September 2013): 1726–29. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1726.
Full textAbstract:
Security and privacy is always the most important issues by the public in the Internet of Things. The core problems are associated with the diversifying of the Internet towards an Internet of things, and the different requirements to the security level for application. Therefore, this paper is to put forward an authentication model and protocol to cope with the problem. The protocol is adopted with attribute-based encryption to replace the traditional identity-based encryption (IBE), and then make formalization analysis to the security of the protocol by using BAN logic.