Semi-quantum protocol for cardinalities of private setintersection and union based on GHZ states

In modern society, it is necessary to perform some secure computations for private sets between different entities. For instance, two merchants desire to calculate the number of common customers and the total number of users without disclosing their own privacy. In order to solve the referred problem, a semi-quantum protocol for private computation of cardinalities of set based on Greenberger-Horne-Zeilinger (GHZ) states is proposed for the first time in this paper, where all the parties just perform single-particle measurement if necessary. With the assistance of semi-honest third party (TP), two semi-quantum participants can simultaneously obtain intersection cardinality and union cardinality. Furthermore, security analysis shows that the presented protocol can stand against some well-known quantum attacks, such as intercept measure resend attack, entangle measure attack. Compared with the existing quantum protocols of Private Set Intersection Cardinality (PSI-CA) and Private Set Union Cardinality (PSU-CA), the complicated oracle operations and powerful quantum capacities are not required in the proposed protocol. Therefore, it seems more appropriate to implement this protocol with current technology.     

Collusion-Free Rational Secure Sum Protocol

The secure sum protocol is a useful basic protocol of Secure multiparty computation （SMC）. And it has numerous applications. However traditional secure sum protocol can not guarantee the fairness. In addition, most previous protocols can not resist the collusion-attack. This paper proposes a collusion-free rational secure sum protocol in which we combine game theory with the multiparty secure sum protocol. In the setting of rational secure sum protocol, the gain of following the protocol is more than the gain of deviating, and no player of the coalition parties can do better, even if the whole coalition parties cheat. Analysis shows that the protocol can resist the collusion attack with at most n-2 players, and rational players have to abide by the protocols. Unlike previous secure sum algorithms, this paper aims at obtaining complete fairness even though without a majority of honest parties.     

Nearly universal and efficient quantum secure multi-party computation protocol

Universality is an important property in software and hardware design. This paper concentrates on the universality of quantum secure multi-party computation (SMC) protocol. First of all, an in-depth study of universality has been onducted, and then a nearly universal protocol is proposed by using the Greenberger-Horne-Zeilinger (GHZ)-like state and stabilizer formalism. The protocol can resolve the quantum SMC problem which can be deduced as modulo subtraction, and the steps are simple and effective. Secondly, three quantum SMC protocols based on the proposed universal protocol: Quantum private comparison (QPC) protocol, quantum millionaire (QM) protocol, and quantum multi-party summation (QMS) protocol are presented. These protocols are given as examples to explain universality. Thirdly, analyses of the example protocols are shown. Concretely, the correctness, fairness, and efficiency are confirmed. And the proposed universal protocol meets security from the perspective of preventing inside attacks and outside attacks. Finally, the experimental results of the example protocols on the International Business Machines (IBM) quantum platform are consistent with the theoretical results. Our research indicates that our protocol is universal to a certain degree and easy to perform.     

Privacy-preserving Matrix Rank Computation and Its Applications

Matrix rank is an important tool for mathematical analysis, it is hard to compute cooperatively in an insecure distributed network. For the purpose to solve this problem, we put forward a privacy-preserving rank computation protocol for the first time. In this paper, the pro-rata protocol is improved to an optimal complexity of O（m） through comparing the collective information to reduce the round number, it performs better when the disproportional pairs distribute dispersedly or appear at later part of the sequence. Then, we propose a protocol to calculate matrix rank by the help of privacy-preserving technology, this protocol implements securely step by step according to the procedure in linear algebra. The protocol achieves the goal in secure two-party model without leaking other message. After that, their applications in mean square error and square sum error are considered. At last, we analyze all the protocols appeared in this paper to inves-tigate their correctness, complexity and security by means of mathematical induction and cryptographic primitive.     

Fast Two-Output Secure Computation with Optimal Error Probability

Cut-and-choose paradigm makes Yao's protocol for two-party computation secure in malicious model with an error probability.In CRYPTO 2013,based on multi-phase cut-and-choose,Lindell reduced this probability to the optimal value.However,this work can only compute single-output functions with optimal error probability.We transform multi-phase cut-and-choose for singleoutput case into one that can deal with two-output functions,meanwhile maintaining the optimal error probability.Based on this new paradigm,we propose an efficient two-output secure computation protocol.Besides,by utilizing the specific property of the output garbled keys,we solve the authenticity issue of the generator's output with only symmetric cryptographic operations linear in the output length of the generator,which is the most efficient method so far in standard model without Random oracle (Ro).     

Cooperative Privacy Provisioning for Energy Harvesting Based Cognitive Multi-Relay Networks

In order to provide privacy provisioning for the secondary information,we propose an energy harvesting based secure transmission scheme for the cognitive multi-relay networks.In the proposed scheme,two secondary relays harvest energy to power the secondary transmitter and assist the secondary secure transmission without interfere the secondary transmission.Specifically,the proposed secure transmission policy is implemented into two phases.In the first phase,the secondary transmitter transmits the secrecy information and jamming signal through the power split method.After harvesting energy from a fraction of received radio-frequency signals,one secondary relay adopts the amplify-and-forward relay protocol to assist the secondary secure transmission and the other secondary relay just forwards the new designed jamming signal to protect the secondary privacy information and degrade the jamming interference at the secondary receiver.For the proposed scheme,we first analyze the average secrecy rate,the secondary secrecy outage probability,and the ergodic secrecy rate,and derive their closed-form expressions.Following the above results,we optimally allocate the transmission power such that the secrecy rate is maximized under the secrecy outage probability constraint.For the optimization problem,an AI based simulated annealing algorithm is proposed to allocate the transmit power.Numerical results are presented to validate the performance analytical results and show the performance superiority of the proposed scheme in terms of the average secrecy rate.     

Secure Network Coding Based on Lattice Signature

To provide a high-security guaran- tee to network coding and lower the comput- ing complexity induced by signature scheme, we take full advantage of homomorphic prop- erty to build lattice signature schemes and sec- ure network coding algorithms. Firstly, by means of the distance between the message and its sig- nature in a lattice, we propose a Distance-bas- ed Secure Network Coding （DSNC） algorithm and stipulate its security to a new hard problem Fixed Length Vector Problem （FLVP）, which is harder than Shortest Vector Problem （SVP） on lattices. Secondly, considering the bound- ary on the distance between the message and its signature, we further propose an efficient Bo- undary-based Secure Network Coding （BSNC） algorithm to reduce the computing complexity induced by square calculation in DSNC. Sim- ulation results and security analysis show that the proposed signature schemes have stronger unforgeability due to the natural property of lattices than traditional Rivest-Shamir-Adleman （RSA）-based signature scheme. DSNC algo- rithm is more secure and BSNC algorithm greatly reduces the time cost on computation.     

Efficient and Information-Theoretical Secure Verifiable Secret Sharing over Bilinear Groups

Verifiable secret sharing （VSS） is an impor- tant technique which has been used as a basic tool in dis- tributed cryptosystems, secure multi-party computations, as well as safe guarding some confidential information such as cryptographic keys. By now, some secure and efficient non-interactlve VSS schemes for sharing secrets in a fi- nite field have been available. In this paper, we investi- gate verffiably sharing of a secret that is an element of a bilinear group. We present an efficient and information- theoretical secure VSS scheme for sharing such a secret which may be a private key for a pairing based cryptosys- tern. Our performance and security analysis indicates that the newly proposed scheme is more efficient and practical while enjoys the same level of security compared with sim- ilar protocols available. We also demonstrate two typical applications of our proposed VSS scheme. One is the shar- ing of a secret key of Boneh and Franklin＇s identity-based encryption scheme, and the other is the sharing or the dis- tributed generation of a secret key of the leakage resilient bilinear EIGamal encryption scheme.     

Grid authentication from identity-based cryptography without random oracles

As a critical component of grid security, secure and efficient grid authentication needs to be well addressed. However, the most widely accepted and applied grid authentication is based on public key infrastructure （PKI） and X.509 certificates, which make the system have low processing efficiency and poor anti-attack capability. To accommodate the challenge of grid authentication, this article aims at designing a secure and efficient method for grid authentication by employing identity-based cryptography （IBC）. Motivated by a recently proposed secure and efficient identity-based encryption （IBE） scheme without random oracles, an identity-based signature （IBS） scheme is first proposed for the generation of private key during grid authentication. Based on the proposed IBS and the former IBE schemes, the structure of a novel grid authentication model is given, followed by a grid authentication protocol described in detail. According to the theoretical analysis of the model and the protocol, it can be argued that the new system has improved both the security and efficiency of the grid authentication when compared with the traditional PKI-based and some current IBC-based models.     

A novel secure group RFID authentication protocol简

The trend of researching group radio frequency identification devices（RFID） authentication protocol has become increasingly popular in recent years. One of the newest work in this area is from Batina and Lee, they presented a privacy-preserving multi-players grouping-proof protocol based on the elliptic curve cryptography（ECC）, and claimed their protocol have the ability to resist five potential attacks, including compromised tag attack, man-in-the-middle attack, colluding tags attack, etc. In this paper, we first take a counterexample to demonstrate their protocol is vulnerable to compromised tag attack. Then we propose a novel secure RFID authentication protocol, and analyze its security by merging formal analysis, provable security, and mathematical inductive method, so as to solve the weakness of Batina and Lee＇s work. Furthermore, compared with another two classic protocols（secure ownership transfer protocol（SOTP） and secure multiple group ownership transfer protocol（SMGOTP））, the performance analysis show that our protocol provides not only a lower tags＇ communication cost at about 50.0% and 14.3%, but also a lower reader＇s computation cost（approximate 14.5% and 55.1% respectively）, when transferring a large number of tags.     

半诚实模型下安全多方排序问题的研究

安全多方排序问题是百万富翁问题的推广问题,用于n个参与方在不泄漏各方秘密输入的前提下比较出其输入在全体输入中按照一定顺序所处的位置.本文首先提出了半诚实模型下基于同态加密的安全两方排序协议.然后将该协议推广到多方排序的情况,并提出两种提高效率的改进算法.最后本文还提出了基于模糊贴近度的安全多方排序协议,并对这几个协议的安全性和效率做了分析、比较.     

最小值问题的安全多方计算及其应用

安全多方计算是国际密码学界近年来的研究热点.本文主要研究科学计算中最小值问题的安全多方计算,目前尚没有见到关于这个问题的解决方案.本文设计了一种新的编码方法,应用该编码方法和ElGamal乘法同态加密算法,并结合秘密分享以及门限密码体制,在半诚实模型下设计了三个能够抵抗合谋攻击的最小值安全多方计算方案,并应用模拟范例证明了方案的安全性.以最小值解决方案为基础还可以解决最大值安全计算以及并集的安全计算等科学计算问题.效率分析表明所设计的安全计算方案是高效的方案.     

多方隐私集合交集计算技术综述

随着互联网、大数据等新技术的快速发展,越来越多的分布式数据需要多方协作处理,隐私保护技术由此面临更大的挑战。安全多方计算是一种重要的隐私保护技术,可为数据的安全高效共享问题提供解决方案。作为安全多方计算的一个重要分支,隐私集合交集(PSI)计算技术可以在保护参与方的数据隐私性前提下计算两个或多个参与者私有数据集的交集,按照参与方数目可分为两方PSI和多方PSI。随着私人数据共享规模的扩大,多于两个参与方的应用场景越来越常见。多方PSI具有与两方PSI相似的技术基础但又有本质的不同。该文首先讨论了两方PSI的研究进展,其次详细梳理多方PSI技术的发展历程,将多方PSI技术依据应用场景的不同分为传统多方PSI技术以及门限多方PSI技术,并在不同场景下按照协议所采用密码技术和功能进行更细致的划分;对典型多方PSI协议进行分析,并对相关密码技术、敌手模型以及计算与通信复杂度进行对比。最后,给出了多方PSI技术的研究热点和未来发展方向。     

安全向量优势协议及其应用

百万富翁问题是安全多方计算研究的热点问题之一,也是其他安全多方计算协议的基本构成模块.安全向量优势统计问题是百万富翁问题的推广,用于两方在不泄漏自己保密向量信息的前提下统计出满足大于关系的分量的数目.本文基于同态加密算法,通过对保密的数据进行编码,设计了一个计算百万富翁问题的协议,并利用模拟范例对协议进行安全性证明.然后利用这个新的协议作为基本模块,设计了一个向量优势统计协议,通过效率分析显示我们的方案是简单、高效的.最后将向量优势统计协议应用到整除判定问题和点与若干直线关系判定问题.     

Two privacy-preserving protocols for point-curve relation

Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is essential and critical. In this paper, we have solved two problems regarding to how to determine the position relation between points and curves without revealing any private information. Two protocols have been proposed in order to solve the problems in different conditions. In addition, some building blocks have been developed, such as scalar product protocol, so that we can take advantage of them to settle the privacy-preserving computational geometry problems which are a kind of special secure multi-party computation problems. Moreover, oblivious transfer and power series expansion serve as significant parts in our protocols. Analyses and proofs have also been given to argue our conclusion.     

基于椭圆曲线的三方比特承诺

比特承诺是安全多方计算中最重要的基础协议之一,对构建更复杂的多方协议起着重要作用。该文提出了三方比特承诺模型,在该模型中,由两个证明者共同向一个验证者作出承诺。给出了基于椭圆曲线的三方比特承诺方案,经证明,尽管该方案完全基于经典计算环境,但是并不需要对协议参与方的计算能力作任何限制性假设,具有无条件安全性且对信道窃听免疫。该方案同时可以推广到比特串承诺协议。     

基于带宽请求预测和云资源预留的视频移植策略

随着云计算和大数据处理的飞速发展,同态加密和安全多方计算问题引起了广泛关注。分析了ElGamal的同态特性,针对协议设计需要,设计了ElGamal变体加密方案,使其满足加法同态和常数乘法同态。在半诚实模型下,基于这个变体提出了过私有点直线方程同态计算协议,并分析了协议的正确性、安全性、计算和通信复杂性,同时将该协议的应用范围扩展到安全两方线段求交协议等。与解决同类几何问题的协议相比,未采用基于不经意传输和百万富翁协议设计思路,而是基于同态加密体制提出了一种安全两方计算协议,提高了该类协议的执行效率,降低了通信负担。     

基于密钥共享的安全多方计算应用

介绍了安全多方计算的基本概念和基于密钥共享的安全多方计算协议。现有的基于密钥共享的安全多方计算协议,能够计算有限域上的任意函数,但是研究表明,如果一个协议使用广泛,那么必然会牺牲性能上的一些代价。构造了函数f（s1,s2,…,sn）=αs1＋αs2＋…＋αsn的安全多方计算协议,对一般化的基于密钥共享的安全多方计算协议进行剪裁,去掉不相关的部分,并增加可验证性,大大提高了协议效率和实用性。     

多重集的保密计算及应用

安全多方计算是近年来国际密码学界研究的热点问题.多重集作为标准集的推广在实际中有广泛的应用,对于多重集的保密计算问题研究具有重要的意义.本文主要研究两方多重集的交集、并集以及基于阈值和集的保密计算问题.首先针对不同问题设计相应的编码方法,结合Paillier加密方案设计保密计算协议,并应用模拟范例方法严格证明协议的安全性.效率分析和实验验证表明本文所设计的协议是简单高效的.     

Secure Multi-Party Computation without Agreement

It has recently been shown that authenticated Byzantine agreement, in which more than a third of the parties are corrupted, cannot be securely realized under concurrent or parallel (stateless) composition. This result puts into question any usage of authenticated Byzantine agreement in a setting where many executions take place. In particular, this is true for the whole body of work of secure multi-party protocols in the case that a third or more of the parties are corrupted. This is because these protocols strongly rely on the extensive use of a broadcast channel, which is in turn realized using authenticated Byzantine agreement. We remark that it was accepted folklore that the use of a broadcast channel (or authenticated Byzantine agreement) is actually essential for achieving meaningful secure multi-party computation whenever a third or more of the parties are corrupted. In this paper we show that this folklore is false. We present a mild relaxation of the definition of secure computation allowing abort. Our new definition captures all the central security issues of secure computation, including privacy, correctness and independence of inputs. However, the novelty of the definition is in decoupling the issue of agreement from these issues. We then show that this relaxation suffices for achieving secure computation in a point-to-point network. That is, we show that secure multi-party computation for this definition can be achieved for any number of corrupted parties and without a broadcast channel (or trusted pre-processing phase as required for running authenticated Byzantine agreement). Furthermore, this is achieved by just replacing the broadcast channel in known protocols with a very simple and efficient echo-broadcast protocol. An important corollary of our result is the ability to obtain multi-party protocols that remain secure under composition, without assuming a broadcast channel.