Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. The users or service ...providers with the key have exclusive rights on the data. Especially with popular cloud services, control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed,
Homomorphic Encryption
(HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable
Fully Homomorphic Encryption
(FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. Therefore, this survey focuses on HE and FHE schemes. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars for achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes, are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, and extending the state-of-the-art HE, PHE, SWHE, and FHE systems.
In recent years, image encryption has been broadly researched. Since a large proportion of images on Internet are compressed, and JPEG is the most widely adopted standards for image compression, a ...variety of joint image compression and encryption algorithms have been proposed. JPEG image encryption uses signal processing techniques as well as cryptographic techniques in different stages of the JPEG compression process. Based on the location where the encryption is taken place, these algorithms can be generally classified into three major categories: pre-compression encryption algorithms, in-compression encryption algorithms, and post-compression encryption algorithms, which correspond to conduct encryption operations before, during, and after the compression process. From this perspective of classification, the authors give a comprehensive survey on representative image encryption algorithms of each type, and show their properties and limitations. Some of the most recent encryption schemes that achieve protection at various positions of the compression process are selected for comparison, which are two pre-compression encryption algorithms, four in-compression encryption algorithms, and two post-compression encryption algorithms. Possible future research directions on designing joint JPEG compression and encryption schemes are provided in the end, which may facilitate solving application scenario-oriented JPEG security problems with new technologies.
The one-dimensional (2D) chaotic encryption algorithm has good encryption performance. For its properties, such as the excellent complexity, pseudo-randomness, and sensitivity to the initial value of ...the chaotic sequence. However, compared with other methods, its biggest drawback is that the key space is too small. To address these problems, in this study, the authors introduce an improved 2D logistic sine chaotic map (2D-LSMM). A novel image encryption scheme based on dynamic DNA sequences encryption and improved 2D-LSMM is presented. The logistic map is used to control the input of the sine map. And the encoding and operation rules of DNA sequences are determined by 2D-LSMM chaotic sequences. By implementing dynamic DNA sequence encryption, the encryption process becomes more complicated and harder to be attacked. Simulation experimental results and security analysis show that the authors’ encryption scheme not only achieves proper encryption but can also resist different attacks.
We present a privacy-preserving deep learning system in which many learning participants perform neural network-based deep learning over a combined dataset of all, without revealing the participants' ...local data to a central server. To that end, we revisit the previous work by Shokri and Shmatikov (ACM CCS 2015) and show that, with their method, local data information may be leaked to an honest-but-curious server. We then fix that problem by building an enhanced system with the following properties: 1) no information is leaked to the server and 2) accuracy is kept intact, compared with that of the ordinary deep learning system also over the combined dataset. Our system bridges deep learning and cryptography: we utilize asynchronous stochastic gradient descent as applied to neural networks, in combination with additively homomorphic encryption. We show that our usage of encryption adds tolerable overhead to the ordinary deep learning system.
Recent advancements in wireless technology have created an exponential rise in the number of connected devices leading to the internet of things (IoT) revolution. Large amounts of data are captured, ...processed and transmitted through the network by these embedded devices. Security of the transmitted data is a major area of concern in IoT networks. Numerous encryption algorithms have been proposed in these years to ensure security of transmitted data through the IoT network. Tiny encryption algorithm (TEA) is the most attractive among all, with its lower memory utilization and ease of implementation on both hardware and software scales. But one of the major issues of TEA and its numerous developed versions is the usage of the same key through all rounds of encryption, which yields a reduced security evident from the avalanche effect of the algorithm. Also, the encryption and decryption time for text is high, leading to lower efficiency in IoT networks with embedded devices. This paper proposes a novel tiny symmetric encryption algorithm (NTSA) which provides enhanced security for the transfer of text files through the IoT network by introducing additional key confusions dynamically for each round of encryption. Experiments are carried out to analyze the avalanche effect, encryption and decryption time of NTSA in an IoT network including embedded devices. The results show that the proposed NTSA algorithm is much more secure and efficient compared to state-of-the-art existing encryption algorithms.
Due to the massive applications of Internet of Things (IoT) and the prevalence of wearable devices, e-healthcare systems are widely deployed in medical institutions. As a significant carrier of ...medical data, electronic medical record (EMR) is convenient to be stored and retrieved, which greatly simplifies the experience of medical treatment and cuts down the trivial work of paramedics. However, EMRs usually include much sensitive information such as patients' identification numbers or home addresses that may be easily captured by unauthorized doctors and cloud servers. Based on this concern, e-healthcare systems can make use of attribute-based encryption (ABE) to protect private information while achieving fine-grained access control of encrypted EMRs. Whereas, most ABE schemes do not support both policy hiding and keyword search. To address the above issues, we propose an inner product searchable encryption scheme with multi-keyword search (MK-IPSE) based on blockchain to provide full privacy preservation and efficient ciphertext retrieval for EMRs. Inner product encryption (IPE) can not only specify access permissions such that only users with matched attributes can get the target files, but also support access policy hiding. Besides, the proposed scheme combines searchable encryption (SE) and federated blockchain (FB) to implement efficient and stable multi-keyword search. Compared with the existing schemes, MK-IPSE shows better performance on computation and storage. Additionally, security analysis demonstrates that our scheme can resist IND-CKA and collusion attacks.
Summary
With the rapid development of the Internet, resource and knowledge sharing are two major problems experienced due to the presence of many hackers and malicious users. In this paper, an ...efficient and secure access control model has been proposed for the cloud computing environment for resource and knowledge sharing by using attribute‐based encryption (ABE), distributed hash table (DHT) network, and identity‐based timed‐release encryption (IDTRE). Here, at first, data or resources are encrypted by using the attributes of users, and encrypted data are divided into the encapsulated ciphertext and extracted ciphertext. Then, IDTRE algorithm has been used to encrypt the decryption key and combined the ciphertext of the key with the extracted ciphertext for creating the ciphertext shares. At last, the ciphertext shares are distributed into the DHT network, and encapsulated ciphertext are stored on the cloud servers. Both the performance and security analysis show the proficiency of the proposed scheme over the existing schemes in a cloud environment.
In this paper, we introduce a secure storage system named “PRINCESS” and an application, the PRINCESS-based automobile information sharing system that are developed utilizing a special proxy ...re-encryption technology that processed by NICT. Using PRINCESS, the files encrypted in accordance with the confidentiality levels can be shared among appointed users while remaining encrypted, so this system facilitates the potential for new services that require privacy data to be shared securely via cloud technology.