Threshold privacy-preserving cloud auditing with multiple uploaders

International Journal of Information Security - Data integrity is a critical security issue in cloud storage. The data integrity checking schemes by a third-party auditor (TPA) have attracted a lot...     

New constructions of OSBE schemes and their applications in oblivious access control

Oblivious signature-based envelope (OSBE) schemes have demonstrated their potential applications in the protection of users privacy and rights. In an OSBE protocol, an encrypted message can only be decrypted by the receiver who holds a valid signature on a public message, while the sender (encrypter) does not know whether the receiver has the signature or not. Our major contributions in this work lie in the following aspects. We improve the notion of OSBE so that a valid credential holder cannot share his/her credential with other users (i.e., all-or-nothing non-transferability). We clarify the relationship between one-round OSBE and identity-based encryption (IBE) and show that one-round OSBE and semantically secure IBE against the adaptively chosen identity attack (IND-ID-CPA) are equivalent, if the signature in the OSBE scheme is existentially unforgeable against adaptively chosen message attacks. We propose an oblivious access control scheme to protect user privacy without the aid of any zero-knowledge proof. Finally, we also highlight some other novel applications of OSBE, such as attributed-based encryption.     

Robust Fault Diagnosis for Quadrotor UAVs Using Adaptive Thau Observer

A robust Fault Diagnosis (FD) scheme for a real quadrotor Unmanned Aerial Vehicle (UAV) is proposed in this paper. Firstly, a novel Adaptive Thau observer (ATO) is developed to estimate the quadrotor system states and build a set of offset residuals to indicate actuators’ faults. Based on these residuals, some rules of Fault Diagnosis (FD) are designed to detect and isolate the faults as well as estimate the fault offset parameters. Secondly, a synthetic robust optimization scheme is presented to improve Fault Estimation (FE) accuracies, three key issues include modeling uncertainties, and magnitude order unbalances as well as noises are addressed. Finally, a typical fault of rotors is simulated and injected into one of four rotors of the quadrotor, and experiments for the FD scheme have been carried out. Unlike former research works on the FD schemes for quadrotors, our proposed FD scheme based on the ATO can not only detect and isolate the failed actuators, but also estimate the fault severities. Regardless of roughness of the real flying data, the FD results still have sufficient FE accuracies.     

Simple Robust PID Tuning for Magnetic Levitation Systems Using Model-free Control and $${{\cal H}_\infty}$$ ℋ ∞ Control Strategies

International Journal of Control, Automation and Systems - This paper proposes two control techniques to provide robust tracking for magnetic levitation systems (MLS): model-free control (MFC) and...     

Securing DSR against wormhole attacks in multirate ad hoc networks

A wormhole attack is one of the hardest problems to detect whereas it can be easily implanted in any type of wireless ad hoc network. A wormhole attack can easily be launched by the attacker without having knowledge of the network or compromising any legitimate nodes. Most existing solutions either require special hardware devices or make strong assumptions in order to detect wormhole attacks which limit the usability of these solutions. In this paper, we present a security enhancement to dynamic source routing (DSR) protocol against wormhole attacks for ad hoc networks which relies on calculation of round trip time (RTT). Our protocol secures DSR against a wormhole attack in ad hoc networks for multirate transmissions. We also consider the processing and queuing delays of each participating node in the calculation of RTTs between neighbors which to date has not been addressed in the existing literature. This work provides two test cases that show that not taking multirate transmission into consideration results in miss identifying a wormhole attack.     

A Provable Secure ID-Based Explicit Authenticated Key Agreement Protocol Without Random Oracles

In this paper, we present an identity-based explicit authenticated key agreement protocol that is provably secure without random oracles. The protocol employs a new method to isolate a session key from key confirmation keys so that there is no direct usage of hash functions in the protocol. The protocol is proved secure without random oracles in a variant of Bellare and Rogaway style model, an exception to current proof method in this style model in the ID-based setting. We believe that this key isolation method is novel and can be further studied for constructing more effcient protocols.     

How to construct identity-based signatures without the key escrow problem

The inherent key escrow problem is one of the main reasons for the slow adoption of identity-based cryptography. The existing solution for mitigating the key escrow problem is by adopting multiple Private Key Generators (PKGs). Recently, there was a proposal that attempted to reduce the trust of the PKG by allowing a malicious PKG to be caught if he reveals the user’s identity-based private key illegally. Nonetheless, the proposal does not consider that the PKG can simply decrypt the ciphertext instead of revealing the private key itself (in the case of identity-based encryption schemes). The aim of this paper is to present an escrow-free identity-based signature (IBS) scheme, in which the malicious PKG will be caught if it releases a signature on behalf of the user but signed by itself. We present a formal model to capture such a scheme and provide a concrete construction.     

Identity-based trapdoor mercurial commitments and applications

In this paper, we first introduce the notion of identity-based trapdoor mercurial commitment which enjoys the advantages of both the identity-based trapdoor commitment and trapdoor mercurial commitment, while using the idea of “Customized Identity”. Inherently, an identity-based trapdoor mercurial commitment is an underlying building block for constructing identity-based (non-interactive) zero-knowledge sets. That is, a prover can commit to a set S in a way that reveals nothing about S and prove to a verifier, in zero-knowledge, statements of the form x∈S and x∉S. Besides, although the (non-interactive) proof is publicly verifiable, it is also bound to the identity of the prover in a way which is recognizable to any verifier.