Visible to the public Biblio

Filters: Author is Mu, Yi  [Clear All Filters]
Journal Article
Zhang, Leyou, Liang, Pengfei, Mu, Yi.  2018.  Improving Privacy-Preserving and Security for Decentralized Key-Policy Attributed-Based Encryption. IEEE Access. 6:12736—12745.
Decentralized attribute-based encryption (ABE) is an efficient and flexible multi-authority attribute-based encryption system, since it does not requires the central authority and does not need to cooperate among the authorities for creating public parameters. Unfortunately, recent works show that the reality of the privacy preserving and security in almost well-known decentralized key policy ABE (KP-ABE) schemes are doubtful. How to construct a decentralized KP-ABE with the privacy-preserving and user collusion avoidance is still a challenging problem. Most recently, Y. Rahulamathavam et al. proposed a decentralized KP ABE scheme to try avoiding user collusion and preserving the user's privacy. However, we exploit the vulnerability of their scheme in this paper at first and present a collusion attack on their decentralized KP-ABE scheme. The attack shows the user collusion cannot be avoided. Subsequently, a new privacy-preserving decentralized KP-ABE is proposed. The proposed scheme avoids the linear attacks at present and achieves the user collusion avoidance. We also show that the security of the proposed scheme is reduced to decisional bilinear Diffie-Hellman assumption. Finally, numerical experiments demonstrate the efficiency and validity of the proposed scheme.
Zeng, Ming, Zhang, Kai, Qian, Haifeng, Chen, Xiaofeng, Chen, Jie, Mu, Yi.  2019.  A Searchable Asymmetric Encryption Scheme with Support for Boolean Queries for Cloud Applications. The Computer Journal. 62:563–578.
Cloud computing is a new promising technology paradigm that can provide clients from the whole network with scalable storage resources and on-demand high-quality services. However, security concerns are raised when sensitive data are outsourced. Searchable encryption is a kind of cryptographic primitive that enables clients to selectively retrieve encrypted data, the existing schemes that support for sub-linear boolean queries are only considered in symmetric key setting, which makes a limitation for being widely deployed in many cloud applications. In order to address this issue, we propose a novel searchable asymmetric encryption scheme to support for sub-linear boolean query over encrypted data in a multi-client model that is extracted from an important observation that the outsourced database in cloud is continuously contributed and searched by multiple clients. For the purpose of introducing the scheme, we combine both the ideas of symmetric searchable encryption and public key searchable encryption and then design a novel secure inverted index. Furthermore, a detailed security analysis for our scheme is given under the simulation-based security definition. Finally, we conduct experiments for our construction on a real dataset (Enron) along with a performance analysis to show its practicality.
Conference Paper
Cheng, Shu, Varadharajan, Vijay, Mu, Yi, Susilo, Willy.  2017.  An Efficient and Provably Secure RFID Grouping Proof Protocol. Proceedings of the Australasian Computer Science Week Multiconference. :71:1–71:7.

RFID Grouping proof convinces an offline verifier that multiple tags are simultaneously scanned. Various solutions have been proposed but most of them have security and privacy vulnerabilities. In this paper, we propose an elliptic-curve-based RFID grouping proof protocol. Our protocol is proven secure and narrow-strong private. We also demonstrate that our grouping proof can be batch verified to improve the efficiency for large-scale RFID systems and it is suitable for low-cost RFID tags.

Susilo, Willy, Chen, Rongmao, Guo, Fuchun, Yang, Guomin, Mu, Yi, Chow, Yang-Wai.  2016.  Recipient Revocable Identity-Based Broadcast Encryption: How to Revoke Some Recipients in IBBE Without Knowledge of the Plaintext. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :201–210.
In this paper, we present the notion of recipient-revocable identity-based broadcast encryption scheme. In this notion, a content provider will produce encrypted content and send them to a third party (which is a broadcaster). This third party will be able to revoke some identities from the ciphertext. We present a security model to capture these requirements, as well as a concrete construction. The ciphertext consists of k+3 group elements, assuming that the maximum number of revocation identities is k. That is, the ciphertext size is linear in the maximal size of R, where R is the revocation identity set. However, we say that the additional elements compared to that from an IBBE scheme are only for the revocation but not for decryption. Therefore, the ciphertext sent to the users for decryption will be of constant size (i.e.,3 group elements). Finally, we present the proof of security of our construction.