On the Privacy-Preserving Outsourcing Scheme of Reversible Data Hiding over Encrypted Image Data in Cloud Computing

Advanced cloud computing technology provides cost saving and flexibility of services for users. With the explosion of multimedia data, more and more data owners would outsource their personal multimedia data on the cloud. In the meantime, some computationally expensive tasks are also undertaken by cloud servers. However, the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data. Recently, this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data. In this paper, two reversible data hiding schemes are proposed for encrypted image data in cloud computing: reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain. The former is that additional bits are extracted after decryption and the latter is that extracted before decryption. Meanwhile, a combined scheme is also designed. This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing, which not only ensures multimedia data security without relying on the trustworthiness of cloud servers, but also guarantees that reversible data hiding can be operated over encrypted images at the different stages. Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme. The computation cost of the proposed scheme is acceptable and adjusts to different security levels.     

Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

Reversible Data Hiding in Encrypted Image Based on Block Classification Permutation

Recently, reversible data hiding in encrypted image (RDHEI) has attracted extensive attention, which can be used in secure cloud computing and privacy protection effectively. In this paper, a novel RDHEI scheme based on block classification and permutation is proposed. Content owner first divides original image into non-overlapping blocks and then set a threshold to classify these blocks into smooth and non-smooth blocks respectively. After block classification, content owner utilizes a specific encryption method, including stream cipher encryption and block permutation to protect image content securely. For the encrypted image, data hider embeds additional secret information in the most significant bits (MSB) of the encrypted pixels in smooth blocks and the final marked image can be obtained. At the receiver side, secret data will be extracted correctly with data-hiding key. When receiver only has encryption key, after stream cipher decryption, block scrambling decryption and MSB error prediction with threshold, decrypted image will be achieved. When data hiding key and encryption key are both obtained, receiver can find the smooth and non-smooth blocks correctly and MSB in smooth blocks will be predicted correctly, hence, receiver can recover marked image losslessly. Experimental results demonstrate that our scheme can achieve better rate-distortion performance than some of state-of-the-art schemes.     

Provably secure group key management scheme based on proxy re-encryption with constant public bulletin size and key derivation time

Users share a group key to decrypt encryptions for the group using a group key management scheme. In this paper, we propose a re-encryption-based group key management scheme, which uses a unidirectional proxy re-encryption scheme with special properties to enable group members share the updated group key with minimum storage and computation overhead. In particular, we propose a proxy re-encryption scheme that supports direct re-encryption key derivation using intermediate re-encryption keys. Unlike multi-hop re-encryption, the proposed proxy re-encryption scheme does not involve repeated re-encryption of the message. All the computations are done on the re-encryption key level and only one re-encryption is sufficient for making the group key available to the users. The proposed scheme is the first for group key management based on proxy re-encryption that is secure against collusion. The individual users store just one individual secret key with group key derivation requiring O\((\log N)\) computation steps for a group of N users. Size of the public bulletin maintained to facilitate access to the most recent group key for off-line members is O(N) and remains constant with respect to the number of group updates. The proposed group key management scheme confronts attacks by a non-member and even a collusion attack under standard cryptographic assumptions.     

A Proxy Re-Encryption with Keyword Search Scheme in Cloud Computing

With the widespread use of cloud computing technology, more and more users and enterprises decide to store their data in a cloud server by outsourcing. However, these huge amounts of data may contain personal privacy, business secrets and other sensitive information of the users and enterprises. Thus, at present, how to protect, retrieve, and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment. A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server. In this scheme, the user data are divided into files, file indexes and the keyword corresponding to the files, which are respectively encrypted to store. The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes, but re-encrypt the cipher-text of keywords corresponding to the files. Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack. And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption. Furthermore, the scheme does not need to use any secure channels, making it more effective in the cloud environment.     

Simultaneous transmission for an encrypted image and a double random-phase encryption key

We propose a method to simultaneously transmit double random-phase encryption key and an encrypted image by making use of the fact that an acceptable decryption result can be obtained when only partial data of the encrypted image have been taken in the decryption process. First, the original image data are encoded as an encrypted image by a double random-phase encryption technique. Second, a double random-phase encryption key is encoded as an encoded key by the Rivest-Shamir-Adelman (RSA) public-key encryption algorithm. Then the amplitude of the encrypted image is modulated by the encoded key to form what we call an encoded image. Finally, the encoded image that carries both the encrypted image and the encoded key is delivered to the receiver. Based on such a method, the receiver can have an acceptable result and secure transmission can be guaranteed by the RSA cipher system.     

Optical scanning cryptography for secure wireless transmission

We propose a method for secure wireless transmission of encrypted information. By use of an encryption key, an image or document is optically encrypted by optical heterodyne scanning and hence encryption is performed on the fly. We call this technique optical scanning cryptography. The output of the heterodyne encrypted signal is at radio frequency and can be directly sent through an antenna to a secure site for digital storage to be prepared for decryption. In the secure site, an identical optical scanning system to that used for encryption is used, together with a decryption key, to generate an electrical signal. The electrical signal is then processed and sent to a computer to be used for decryption. Utilizing the stored information received from the encryption stage and the electrical information from the secure site, a digital decryption unit performs a decryption algorithm. If the encryption key and the decryption key are matched, the decryption unit will decrypt the image or document faithfully. The overall cryptosystem can perform the incoherent optical processing counterpart of the well-known coherent double-random phase-encoding technique. We present computer simulations of the idea.     

Towards Privacy-Preserving Cloud Storage: A Blockchain Approach

With the rapid development of cloud computing technology, cloud services have now become a new business model for information services. The cloud server provides the IT resources required by customers in a self-service manner through the network, realizing business expansion and rapid innovation. However, due to the insufficient protection of data privacy, the problem of data privacy leakage in cloud storage is threatening cloud computing. To address the problem, we propose BC-PECK, a data protection scheme based on blockchain and public key searchable encryption. Firstly, all the data is protected by the encryption algorithm. The privacy data is encrypted and stored in a cloud server, while the ciphertext index is established by a public key searchable encryption scheme and stored on the blockchain. Secondly, based on the characteristics of trusted execution of smart contract technology, a control mechanism for data accessing and sharing is given. Data transaction is automatically recorded on the blockchain, which is fairer under the premise of ensuring the privacy and security of the data sharing process. Finally, we analyzed the security and fairness of the current scheme. Through the comparison with similar schemes, we have shown the advantages of the proposed scheme.     

Optical image encryption using password key based on phase retrieval algorithm

A novel optical image encryption system is proposed using password key based on phase retrieval algorithm (PRA). In the encryption process, a shared image is taken as a symmetric key and the plaintext is encoded into the phase-only mask based on the iterative PRA. The linear relationship between the plaintext and ciphertext is broken using the password key, which can resist the known plaintext attack. The symmetric key and the retrieved phase are imported into the input plane and Fourier plane of 4f system during the decryption, respectively, so as to obtain the plaintext on the CCD. Finally, we analyse the key space of the password key, and the results show that the proposed scheme can resist a brute force attack due to the flexibility of the password key.     

An Encrypted Image Retrieval Method Based on SimHash in Cloud Computing

With the massive growth of images data and the rise of cloud computing that can provide cheap storage space and convenient access, more and more users store data in cloud server. However, how to quickly query the expected data with privacy-preserving is still a challenging in the encryption image data retrieval. Towards this goal, this paper proposes a ciphertext image retrieval method based on SimHash in cloud computing. Firstly, we extract local feature of images, and then cluster the features by K-means. Based on it, the visual word codebook is introduced to represent feature information of images, which hashes the codebook to the corresponding fingerprint. Finally, the image feature vector is generated by SimHash searchable encryption feature algorithm for similarity retrieval. Extensive experiments on two public datasets validate the effectiveness of our method. Besides, the proposed method outperforms one popular searchable encryption, and the results are competitive to the state-of-the-art.     

A Multi-Conditional Proxy Broadcast Re-Encryption Scheme for Sensor Networks

In sensor networks, it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys. In order to solve this problem, the present study proposes a scheme called multi-conditional proxy broadcast reencryption (MC-PBRE). The scheme consists of the following roles: the source node, proxy server, and the target node. If the condition is met, the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt. It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group, while the proxy server does not need to store the key or reveal the plaintext. At the same time, the proxy server cannot obtain any valuable information in the ciphertext. This paper formalizes the concept of MC-PBRE and its security model, and proposes a MC-PBRE scheme of ciphertext security. Finally, the scheme security has been proved in the random oracle.     

Chosen-Ciphertext Attack Secure Public-Key Encryption with Keyword Search

As the use of cloud storage for various services increases, the amount of private personal information along with data stored in the cloud storage is also increasing. To remotely use the data stored on the cloud storage, the data to be stored needs to be encrypted for this reason. Since “searchable encryption” is enable to search on the encrypted data without any decryption, it is one of convenient solutions for secure data management. A public key encryption with keyword search (for short, PEKS) is one of searchable encryptions. Abdalla et al. firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the “robust” ANO-CCA secure identity-based encryption(IBE). In this paper, we propose two generic constructions of consistent IND-CCA secure PEKS combining (1) a hierarchical identity based encryption (for short, HIBE) and a signature scheme or (2) a HIBE, an encapsulation, and a message authentication code (for short, MAC) scheme. Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker “ANO-CPA security (resp., IND-CPA security)” of HIBE than “ANO-CCA security (resp., IND-CCA security)” of IBE required in for achieving IND-CCA secure (resp., consistent) PEKS. Finally, we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.     

Practical image encryption and decryption by phase-coding technique for optical security systems

A method of image encryption and decryption is proposed for optical security systems. A phase-coded image to be encrypted together with a random phase pattern is Fourier transformed and the result of the complex-valued data is used as an encrypted pattern. The decryption is simply performed by an inverse-Fourier transform for the addition of the encrypted pattern and the Fourier transform of the random phase. The intensity of the inverse-Fourier transformed image gives the exact result forthe decryption. Further, the binarization of the encrypted pattern is performed for the easiness of the optical and electronic readout of the images, and it also gives rise to the enhancement of the degree of security for the encryption. The binary pattern is optimized by a statistical iteration technique and an excellent decryption image is obtained by the optimization.     

Multiple images encryption method via spiral phase mask rotations under a JTC system

A method of multiple-image encryption via spiral phase mask rotations based on the joint transform correlator encryption system was proposed. Multiple images can be encrypted into one ciphertext through this approach. When decrypted the ciphertext, we have no need to produce too many key masks, only need rotate the key mask to the angle corresponding to the plaintext. The system also has good resistance to occlusion attack and differential attack. Computer simulations initially verified the correctness of this method, and the experimental results also confirmed its validity further.     

A Cryptograph Domain Image Retrieval Method Based on Paillier Homomorphic Block Encryption

With the rapid development of information network, the computing resources and storage capacity of ordinary users cannot meet their needs of data processing. The emergence of cloud computing solves this problem but brings data security problems. How to manage and retrieve ciphertext data effectively becomes a challenging problem. To these problems, a new image retrieval method in ciphertext domain by block image encrypting based on Paillier homomophic cryptosystem is proposed in this paper. This can be described as follows: According to the Paillier encryption technology, the image owner encrypts the original image in blocks, obtains the image in ciphertext domain, then passes it to the third party server. The server calculates the difference histogram of the image in ciphertext domain according to the public key and establishes the index database. The user passes the retrieved image to the server. The server computes the differential histogram of the retrieved image by public key. Then, compares the similarity of it with the histogram in index database and selects larger similarity images in ciphertext and send them to the user. The user obtains the target image with the private key. The experimental results show that the method is feasible and simple.     

A Secure Method for Data Storage and Transmission in Sustainable Cloud Computing

Cloud computing is a technology that provides secure storage space for the customer’s massive data and gives them the facility to retrieve and transmit their data efficiently through a secure network in which encryption and decryption algorithms are being deployed. In cloud computation, data processing, storage, and transmission can be done through laptops and mobile devices. Data Storing in cloud facilities is expanding each day and data is the most significant asset of clients. The important concern with the transmission of information to the cloud is security because there is no perceivability of the client’s data. They have to be dependent on cloud service providers for assurance of the platform’s security. Data security and privacy issues reduce the progression of cloud computing and add complexity. Nowadays; most of the data that is stored on cloud servers is in the form of images and photographs, which is a very confidential form of data that requires secured transmission. In this research work, a public key cryptosystem is being implemented to store, retrieve and transmit information in cloud computation through a modified Rivest-Shamir-Adleman (RSA) algorithm for the encryption and decryption of data. The implementation of a modified RSA algorithm results guaranteed the security of data in the cloud environment. To enhance the user data security level, a neural network is used for user authentication and recognition. Moreover; the proposed technique develops the performance of detection as a loss function of the bounding box. The Faster Region-Based Convolutional Neural Network (Faster R-CNN) gets trained on images to identify authorized users with an accuracy of 99.9% on training.     

Encryption of digital hologram based on phase-shifting interferometry and virtual optics

A new information encryption system is presented, based on phase-shifting interferometry and virtual optics. Three-step phase-shifting interferometry is used to record a digital hologram of the input data and a virtual optical system based on the scaled optical fractional Fourier transform is used for encryption of the recorded digital hologram. In the virtual optical system, the digital hologram to be encrypted is fractional Fourier transformed two times, and a random phase mask is placed at the output plane of the first fractional Fourier transform. Both the encryption and decryption processes are performed digitally. The encrypted data and the keys for decryption can be stored and transmitted in a conventional communication channel. Numerical simulations are presented to verify validity and efficiency.     

Partial decryption attacks in security-mediated certificateless encryption

Certificateless encryption refers to public key encryption with implicit certification. Security-mediated certificateless (SMC) encryption takes one-step further, such that every decryption requires a securitymediator (SEM) to partially decrypt the ciphertext. One major benefit is that instant revocation can be done by simply instructing the SEM to reject any further decryption request. Similar to the conventional chosenciphertext attack, it is reasonable to assume that an adversary can obtain the partial decryption of many ciphertexts. The authors show that the schemes proposed by Yang-Wang-Wang in AINAW 2007, Lo-Hwang-Li in IET Information Security, 1(3) and Yang-Xiong-Su in Computer Applications, 28(11) are insecure against partial decryption attacks, and hence cannot be classified as SMC encryption according to the original Chow? Boyd?Gonzalez Nieto's formulation in PKC 2006.     

Encrypted optical storage with wavelength-key and random phase codes

An encrypted optical memory system that uses a wavelength code as well as input and Fourier-plane random phase codes is proposed. Original data are illuminated by a coherent light source with a specified wavelength and are then encrypted with two random phase codes before being stored holographically in a photorefractive material. Successful decryption requires the use of a readout beam with the same wavelength as that used in the recording, in addition to the correct phase key in the Fourier plane. The wavelength selectivity of the proposed system is evaluated numerically. We show that the number of available wavelength keys depends on the correlation length of the phase key in the Fourier plane. Preliminary experiments of encryption and decryption of optical memory in a LiNbO(3):Fe photorefractive crystal are demonstrated.     

Fractional fourier domain encrypted holographic memory by use of an anamorphic optical system

We propose and demonstrate a fractional Fourier domain encrypted holographic memory using an anamorphic optical system. The encryption is done by use of two statistically independent random-phase codes in the fractional Fourier domain. If the two random-phase codes are statistically independent white sequences, the encrypted data are stationary white noise. We exploit the capability of an optical system to process information in two dimensions by using two different sets of parameters along the two orthogonal axes to encode the data. The fractional Fourier transform parameters along with the random-phase codes constitute the key to the encrypted data. The knowledge of the key is essential to the successful decryption of data. The decoding of the encoded data is done by use of phase conjugation. We present a few experimental results.