Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

Towards Privacy-Preserving Cloud Storage: A Blockchain Approach

With the rapid development of cloud computing technology, cloud services have now become a new business model for information services. The cloud server provides the IT resources required by customers in a self-service manner through the network, realizing business expansion and rapid innovation. However, due to the insufficient protection of data privacy, the problem of data privacy leakage in cloud storage is threatening cloud computing. To address the problem, we propose BC-PECK, a data protection scheme based on blockchain and public key searchable encryption. Firstly, all the data is protected by the encryption algorithm. The privacy data is encrypted and stored in a cloud server, while the ciphertext index is established by a public key searchable encryption scheme and stored on the blockchain. Secondly, based on the characteristics of trusted execution of smart contract technology, a control mechanism for data accessing and sharing is given. Data transaction is automatically recorded on the blockchain, which is fairer under the premise of ensuring the privacy and security of the data sharing process. Finally, we analyzed the security and fairness of the current scheme. Through the comparison with similar schemes, we have shown the advantages of the proposed scheme.     

Paillier-Based Fuzzy Multi-Keyword Searchable Encryption Scheme with Order-Preserving

Efficient multi-keyword fuzzy search over encrypted data is a desirable technology for data outsourcing in cloud storage. However, the current searchable encryption solutions still have deficiencies in search efficiency, accuracy and multiple data owner support. In this paper, we propose an encrypted data searching scheme that can support multiple keywords fuzzy search with order preserving (PMS). First, a new spelling correction algorithm-(Possibility-Levenshtein based Spelling Correction) is proposed to correct user input errors, so that fuzzy keywords input can be supported. Second, Paillier encryption is introduced to calculate encrypted relevance score of multiple keywords for order preserving. Then, a queue-based query method is also applied in this scheme to break the linkability between the query keywords and search results and protect the access pattern. Our proposed scheme achieves fuzzy matching without expanding the index table or sacrificing computational efficiency. The theoretical analysis and experiment results show that our scheme is secure, accurate, error-tolerant and very efficient.     

Verifiable Diversity Ranking Search Over Encrypted Outsourced Data

Data outsourcing has become an important application of cloud computing. Driven by the growing security demands of data outsourcing applications, sensitive data have to be encrypted before outsourcing. Therefore, how to properly encrypt data in a way that the encrypted and remotely stored data can still be queried has become a challenging issue. Searchable encryption scheme is proposed to allow users to search over encrypted data. However, most searchable encryption schemes do not consider search result diversification, resulting in information redundancy. In this paper, a verifiable diversity ranking search scheme over encrypted outsourced data is proposed while preserving privacy in cloud computing, which also supports search results verification. The goal is that the ranked documents concerning diversification instead of reading relevant documents that only deliver redundant information. Extensive experiments on real-world dataset validate our analysis and show that our proposed solution is effective for the diversification of documents and verification.     

A Secure Rotation Invariant LBP Feature Computation in Cloud Environment

In the era of big data, outsourcing massive data to a remote cloud server is a promising approach. Outsourcing storage and computation services can reduce storage costs and computational burdens. However, public cloud storage brings about new privacy and security concerns since the cloud servers can be shared by multiple users. Privacy-preserving feature extraction techniques are an effective solution to this issue. Because the Rotation Invariant Local Binary Pattern (RILBP) has been widely used in various image processing fields, we propose a new privacy-preserving outsourcing computation of RILBP over encrypted images in this paper (called PPRILBP). To protect image content, original images are encrypted using block scrambling, pixel circular shift, and pixel diffusion when uploaded to the cloud server. It is proved that RILBP features remain unchanged before and after encryption. Moreover, the server can directly extract RILBP features from encrypted images. Analyses and experiments confirm that the proposed scheme is secure and effective, and outperforms previous secure LBP feature computing methods.     

A Secure Method for Data Storage and Transmission in Sustainable Cloud Computing

Cloud computing is a technology that provides secure storage space for the customer’s massive data and gives them the facility to retrieve and transmit their data efficiently through a secure network in which encryption and decryption algorithms are being deployed. In cloud computation, data processing, storage, and transmission can be done through laptops and mobile devices. Data Storing in cloud facilities is expanding each day and data is the most significant asset of clients. The important concern with the transmission of information to the cloud is security because there is no perceivability of the client’s data. They have to be dependent on cloud service providers for assurance of the platform’s security. Data security and privacy issues reduce the progression of cloud computing and add complexity. Nowadays; most of the data that is stored on cloud servers is in the form of images and photographs, which is a very confidential form of data that requires secured transmission. In this research work, a public key cryptosystem is being implemented to store, retrieve and transmit information in cloud computation through a modified Rivest-Shamir-Adleman (RSA) algorithm for the encryption and decryption of data. The implementation of a modified RSA algorithm results guaranteed the security of data in the cloud environment. To enhance the user data security level, a neural network is used for user authentication and recognition. Moreover; the proposed technique develops the performance of detection as a loss function of the bounding box. The Faster Region-Based Convolutional Neural Network (Faster R-CNN) gets trained on images to identify authorized users with an accuracy of 99.9% on training.     

High Security for De-Duplicated Big Data Using Optimal SIMON Cipher

Cloud computing offers internet location-based affordable, scalable, and independent services. Cloud computing is a promising and a cost-effective approach that supports big data analytics and advanced applications in the event of forced business continuity events, for instance, pandemic situations. To handle massive information, clusters of servers are required to assist the equipment which enables streamlining the widespread quantity of data, with elevated velocity and modified configurations. Data deduplication model enables cloud users to efficiently manage their cloud storage space by getting rid of redundant data stored in the server. Data deduplication also saves network bandwidth. In this paper, a new cloud-based big data security technique utilizing dual encryption is proposed. The clustering model is utilized to analyze the Deduplication process hash function. Multi kernel Fuzzy C means (MKFCM) was used which helps cluster the data stored in cloud, on the basis of confidence data encryption procedure. The confidence finest data is implemented in homomorphic encryption data wherein the Optimal SIMON Cipher (OSC) technique is used. This security process involving dual encryption with the optimization model develops the productivity mechanism. In this paper, the excellence of the technique was confirmed by comparing the proposed technique with other encryption and clustering techniques. The results proved that the proposed technique achieved maximum accuracy and minimum encryption time.     

An Encrypted Image Retrieval Method Based on SimHash in Cloud Computing

With the massive growth of images data and the rise of cloud computing that can provide cheap storage space and convenient access, more and more users store data in cloud server. However, how to quickly query the expected data with privacy-preserving is still a challenging in the encryption image data retrieval. Towards this goal, this paper proposes a ciphertext image retrieval method based on SimHash in cloud computing. Firstly, we extract local feature of images, and then cluster the features by K-means. Based on it, the visual word codebook is introduced to represent feature information of images, which hashes the codebook to the corresponding fingerprint. Finally, the image feature vector is generated by SimHash searchable encryption feature algorithm for similarity retrieval. Extensive experiments on two public datasets validate the effectiveness of our method. Besides, the proposed method outperforms one popular searchable encryption, and the results are competitive to the state-of-the-art.     

Enabling Comparable Search Over Encrypted Data for IoT with Privacy-Preserving

With the rapid development of cloud computing and Internet of Things (IoT) technology, massive data raises and shuttles on the network every day. To ensure the confidentiality and utilization of these data, industries and companies users encrypt their data and store them in an outsourced party. However, simple adoption of encryption scheme makes the original lose its flexibility and utilization. To address these problems, the searchable encryption scheme is proposed. Different from traditional encrypted data search scheme, this paper focuses on providing a solution to search the data from one or more IoT device by comparing their underlying numerical values. We present a multi-client comparable search scheme over encrypted numerical data which supports range queries. This scheme is mainly designed for keeping the confidentiality and searchability of numeric data, it enables authorized clients to fetch the data from different data owners by a generated token. Furthermore, to rich the scheme’s functionality, we exploit the idea of secret sharing to realize cross-domain search which improves the data’s utilization. The proposed scheme has also been proven to be secure through a series of security games. Moreover, we conduct experiments to demonstrate that our scheme is more practical than the existed similar schemes and achieves a balance between functionality and efficiency.     

Reversible Data Hiding in Encrypted Image Based on Block Classification Permutation

Recently, reversible data hiding in encrypted image (RDHEI) has attracted extensive attention, which can be used in secure cloud computing and privacy protection effectively. In this paper, a novel RDHEI scheme based on block classification and permutation is proposed. Content owner first divides original image into non-overlapping blocks and then set a threshold to classify these blocks into smooth and non-smooth blocks respectively. After block classification, content owner utilizes a specific encryption method, including stream cipher encryption and block permutation to protect image content securely. For the encrypted image, data hider embeds additional secret information in the most significant bits (MSB) of the encrypted pixels in smooth blocks and the final marked image can be obtained. At the receiver side, secret data will be extracted correctly with data-hiding key. When receiver only has encryption key, after stream cipher decryption, block scrambling decryption and MSB error prediction with threshold, decrypted image will be achieved. When data hiding key and encryption key are both obtained, receiver can find the smooth and non-smooth blocks correctly and MSB in smooth blocks will be predicted correctly, hence, receiver can recover marked image losslessly. Experimental results demonstrate that our scheme can achieve better rate-distortion performance than some of state-of-the-art schemes.     

Reversible Data Hiding in Encrypted Images Based on Prediction and Adaptive Classification Scrambling

Reversible data hiding in encrypted images (RDH-EI) technology is widely used in cloud storage for image privacy protection. In order to improve the embedding capacity of the RDH-EI algorithm and the security of the encrypted images, we proposed a reversible data hiding algorithm for encrypted images based on prediction and adaptive classification scrambling. First, the prediction error image is obtained by a novel prediction method before encryption. Then, the image pixel values are divided into two categories by the threshold range, which is selected adaptively according to the image content. Multiple high-significant bits of pixels within the threshold range are used for embedding data and pixel values outside the threshold range remain unchanged. The optimal threshold selected adaptively ensures the maximum embedding capacity of the algorithm. Moreover, the security of encrypted images can be improved by the combination of XOR encryption and classification scrambling encryption since the embedded data is independent of the pixel position. Experiment results demonstrate that the proposed method has higher embedding capacity compared with the current state-ofthe-art methods for images with different texture complexity.     

Optical scanning cryptography for secure wireless transmission

We propose a method for secure wireless transmission of encrypted information. By use of an encryption key, an image or document is optically encrypted by optical heterodyne scanning and hence encryption is performed on the fly. We call this technique optical scanning cryptography. The output of the heterodyne encrypted signal is at radio frequency and can be directly sent through an antenna to a secure site for digital storage to be prepared for decryption. In the secure site, an identical optical scanning system to that used for encryption is used, together with a decryption key, to generate an electrical signal. The electrical signal is then processed and sent to a computer to be used for decryption. Utilizing the stored information received from the encryption stage and the electrical information from the secure site, a digital decryption unit performs a decryption algorithm. If the encryption key and the decryption key are matched, the decryption unit will decrypt the image or document faithfully. The overall cryptosystem can perform the incoherent optical processing counterpart of the well-known coherent double-random phase-encoding technique. We present computer simulations of the idea.     

On the Privacy-Preserving Outsourcing Scheme of Reversible Data Hiding over Encrypted Image Data in Cloud Computing

Advanced cloud computing technology provides cost saving and flexibility of services for users. With the explosion of multimedia data, more and more data owners would outsource their personal multimedia data on the cloud. In the meantime, some computationally expensive tasks are also undertaken by cloud servers. However, the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data. Recently, this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data. In this paper, two reversible data hiding schemes are proposed for encrypted image data in cloud computing: reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain. The former is that additional bits are extracted after decryption and the latter is that extracted before decryption. Meanwhile, a combined scheme is also designed. This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing, which not only ensures multimedia data security without relying on the trustworthiness of cloud servers, but also guarantees that reversible data hiding can be operated over encrypted images at the different stages. Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme. The computation cost of the proposed scheme is acceptable and adjusts to different security levels.     

Hill Matrix and Radix-64 Bit Algorithm to Preserve Data Confidentiality

There are many cloud data security techniques and algorithms available that can be used to detect attacks on cloud data, but these techniques and algorithms cannot be used to protect data from an attacker. Cloud cryptography is the best way to transmit data in a secure and reliable format. Various researchers have developed various mechanisms to transfer data securely, which can convert data from readable to unreadable, but these algorithms are not sufficient to provide complete data security. Each algorithm has some data security issues. If some effective data protection techniques are used, the attacker will not be able to decipher the encrypted data, and even if the attacker tries to tamper with the data, the attacker will not have access to the original data. In this paper, various data security techniques are developed, which can be used to protect the data from attackers completely. First, a customized American Standard Code for Information Interchange (ASCII) table is developed. The value of each Index is defined in a customized ASCII table. When an attacker tries to decrypt the data, the attacker always tries to apply the predefined ASCII table on the Ciphertext, which in a way, can be helpful for the attacker to decrypt the data. After that, a radix 64-bit encryption mechanism is used, with the help of which the number of cipher data is doubled from the original data. When the number of cipher values is double the original data, the attacker tries to decrypt each value. Instead of getting the original data, the attacker gets such data that has no relation to the original data. After that, a Hill Matrix algorithm is created, with the help of which a key is generated that is used in the exact plain text for which it is created, and this Key cannot be used in any other plain text. The boundaries of each Hill text work up to that text. The techniques used in this paper are compared with those used in various papers and discussed that how far the current algorithm is better than all other algorithms. Then, the Kasiski test is used to verify the validity of the proposed algorithm and found that, if the proposed algorithm is used for data encryption, so an attacker cannot break the proposed algorithm security using any technique or algorithm.     

Selective and adaptive signal hiding technique for security of JPEG2000

In this article, we proposed a selective partial image encryption scheme of Secure JPEG2000 (JPSEC) for digital cinema or any other JPEG2000‐based applications. It makes a scalable encryption scheme possible on the basis of a trade‐off relationship between the encryption effect and the encryption cost. The encryption scheme was designed to activate during the image compression process, which is between quantization and entropy coding. Three data selection schemes were involved to select the parts of data to be encrypted: subband selection, data bit selection, and random selection of coefficients. The experimental results with over 3000 test images revealed that the PSNRs were between about 9.5 to 7.5 dB when the portion of the encrypted data by this scheme was between 1/4096 and 1/256. As the encryption effect is reasonably high with very low cost, the proposed scheme has high potential to provide secure communications in a variety of wired/wireless scenarios. © 2010 Wiley Periodicals, Inc. Int J Imaging Syst Technol, 20, 277‐284, 2010     

An Efficient Ciphertext-Policy Attribute-Based Encryption Scheme with Policy Update

Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution to the problem for enforcing fine-grained access control over encrypted data in the cloud. However, when applying CP-ABE to data outsourcing scenarios, we have to address the challenging issue of policy updates because access control elements, such as users, attributes, and access rules may change frequently. In this paper, we propose a notion of access policy updatable ciphertext-policy attribute-based encryption (APU-CP-ABE) by combining the idea of ciphertext-policy attribute-based key encapsulation and symmetric proxy re-encryption. When an access policy update occurs, data owner is no longer required to download any data for re-encryption from the cloud, all he needs to do is generate a re-encryption key and produce a new encapsulated symmetric key, and then upload them to the cloud. The cloud server executes re-encryption without decryption. Because the re-encrypted ciphertext is encrypted under a completely new key, users cannot decrypt data even if they keep the old symmetric keys or parts of the previous ciphertext. We present an APU-CP-ABE construction based on Syalim et al.’s [Syalim, Nishide and Sakurai (2017)] improved symmetric proxy re-encryption scheme and Agrawal et al.’s [Agrawal and Chase (2017)] attribute-based message encryption scheme. It requires only 6 bilinear pairing operations for decryption, regardless of the number of attributes involved. This makes our construction particularly attractive when decryption is time-critical.     

Reversible Data Hiding in Classification-Scrambling Encrypted-Image Based on Iterative Recovery

To improve the security and quality of decrypted images, this work proposes a reversible data hiding in encrypted image based on iterative recovery. The encrypted image is firstly generated by the pixel classification scrambling and bit-wise exclusive-OR (XOR), which improves the security of encrypted images. And then, a pixel-type-mark generation method based on block-compression is designed to reduce the extra burden of key management and transfer. At last, an iterative recovery strategy is proposed to optimize the marked decrypted image, which allows the original image to be obtained only using the encryption key. The proposed reversible data hiding scheme in encrypted image is not vulnerable to the ciphertext-only attack due to the fact that the XOR-encrypted pixels are scrambled in the corresponding encrypted image. Experimental results demonstrate that the decrypted images obtained by the proposed method are the same as the original ones, and the maximum embedding rate of proposed method is higher than the previously reported reversible data hiding methods in encrypted image.     

Two Layer Symmetric Cryptography Algorithm for Protecting Data fromAttacks

Many organizations have insisted on protecting the cloud server from the outside, although the risks of attacking the cloud server are mostly from the inside. There are many algorithms designed to protect the cloud server from attacks that have been able to protect the cloud server attacks. Still, the attackers have designed even better mechanisms to break these security algorithms. Cloud cryptography is the best data protection algorithm that exchanges data between authentic users. In this article, one symmetric cryptography algorithm will be designed to secure cloud server data, used to send and receive cloud server data securely. A double encryption algorithm will be implemented to send data in a secure format. First, the XOR function will be applied to plain text, and then salt technique will be used. Finally, a reversing mechanism will be implemented on that data to provide more data security. To decrypt data, the cipher text will be reversed, salt will be removed, and XOR will be implemented. At the end of the paper, the proposed algorithm will be compared with other algorithms, and it will conclude how much better the existing algorithm is than other algorithms.     

Generalised key delegation for hierarchical identity-based encryption

The authors introduce a new primitive called identity-based encryption with wildcard key derivation (WKD-IBE or `wicked IBE?) that enhances the concept of hierarchical identity-based encryption by allowing more general key delegation patterns. A secret key is derived for a vector of identity strings, where entries can be left blank using a wildcard. This key can then be used to derive keys for any pattern that replaces wildcards with concrete identity strings. For example, one may want to allow the university?s head system administrator to derive secret keys (and hence the ability to decrypt) for all departmental sysadmin email addresses sysadmin@*.univ.edu, where _ is a wildcard that can be replaced with any string. The authors provide appropriate security notions and provably secure instantiations with different tradeoffs in terms of ciphertext size and efficiency. The authors also present a generic construction of identity-based broadcast encryption (IBBE) from any WKD-IBE scheme. One of their instantiations yields an IBBE scheme with constant ciphertext size.     

Optical image encryption based on compressive sensing and chaos in the fractional Fourier domain

We propose a novel image encryption algorithm based on compressive sensing (CS) and chaos in the fractional Fourier domain. The original image is dimensionality reduction measured using CS. The measured values are then encrypted using chaotic-based double-random-phase encoding technique in the fractional Fourier transform domain. The measurement matrix and the random-phase masks used in the encryption process are formed from pseudo-random sequences generated by the chaotic map. In this proposed algorithm, the final result is compressed and encrypted. The proposed cryptosystem decreases the volume of data to be transmitted and simplifies the keys for distribution simultaneously. Numerical experiments verify the validity and security of the proposed algorithm.