Visible to the public Biblio

Found 1515 results

Filters: First Letter Of Title is S  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R [S] T U V W X Y Z   [Show ALL]
Long, Yihong, Cheng, Minyang.  2019.  Secret Sharing Based SM2 Digital Signature Generation using Homomorphic Encryption. 2019 15th International Conference on Computational Intelligence and Security (CIS). :252–256.
SM2 is an elliptic curve public key cryptography algorithm released by the State Cryptography Administration of China. It includes digital signature, data encryption and key exchange schemes. To meet specific application requirements, such as to protect the user's private key in software only implementation, and to facilitate secure cloud cryptography computing, secret sharing based SM2 signature generation schemes have been proposed in the literature. In this paper a new such kind of scheme based upon additively homomorphic encryption is proposed. The proposed scheme overcomes the drawback that the existing schemes have and is more secure. It is useful in various application scenarios.
Koga, H., Honjo, S..  2014.  A secret sharing scheme based on a systematic Reed-Solomon code and analysis of its security for a general class of sources. Information Theory (ISIT), 2014 IEEE International Symposium on. :1351-1355.

In this paper we investigate a secret sharing scheme based on a shortened systematic Reed-Solomon code. In the scheme L secrets S1, S2, ..., SLand n shares X1, X2, ..., Xn satisfy certain n - k + L linear equations. Security of such a ramp secret sharing scheme is analyzed in detail. We prove that this scheme realizes a (k; n)-threshold scheme for the case of L = 1 and a ramp (k, L, n)-threshold scheme for the case of 2 ≤ L ≤ k - 1 under a certain assumption on S1, S2, ..., SL.

de Souza, Rick Lopes, Vigil, Martín, Custódio, Ricardo, Caullery, Florian, Moura, Lucia, Panario, Daniel.  2018.  Secret Sharing Schemes with Hidden Sets. 2018 IEEE Symposium on Computers and Communications (ISCC). :00713–00718.
Shamir's Secret Sharing Scheme is well established and widely used. It allows a so-called Dealer to split and share a secret k among n Participants such that at least t shares are needed to reconstruct k, where 0 \textbackslashtextbackslashtextless; t ≤ n. Nothing about the secret can be learned from less than t shares. To split secret k, the Dealer generates a polynomial f, whose independent term is k and the coefficients are randomly selected using a uniform distribution. A share is a pair (x, f(x)) where x is also chosen randomly using a uniform distribution. This scheme is useful, for example, to distribute cryptographic keys among different cloud providers and to create multi-factor authentication. The security of Shamir's Secret Sharing Scheme is usually analyzed using a threat model where the Dealer is trusted to split and share secrets as described above. In this paper, we demonstrate that there exists a different threat model where a malicious Dealer can compute shares such that a subset of less than t shares is allowed to reconstruct the secret. We refer to such subsets as hidden sets. We formally define hidden sets and prove lower bounds on the number of possible hidden sets for polynomials of degree t - 1. Yet, we show how to detect hidden sets given a set of n shares and describe how to create hidden sets while sharing a secret using a modification of Shamir's scheme.
Swami, Shivam, Rakshit, Joydeep, Mohanram, Kartik.  2016.  SECRET: Smartly EnCRypted Energy Efficient Non-volatile Memories. Proceedings of the 53rd Annual Design Automation Conference. :166:1–166:6.

Data persistence in emerging non-volatile memories (NVMs) poses a multitude of security vulnerabilities, motivating main memory encryption for data security. However, practical encryption algorithms demonstrate strong diffusion characteristics that increase cell flips, resulting in increased write energy/latency and reduced lifetime of NVMs. State-of-the-art security solutions have focused on reducing the encryption penalty (increased write energy/latency and reduced memory lifetime) in single-level cell (SLC) NVMs; however, the realization of low encryption penalty solutions for multi-/triple-level cell (MLC/TLC) secure NVMs remains an open area of research. This work synergistically integrates zero-based partial writes with XOR-based energy masking to realize Smartly EnCRypted Energy efficienT, i.e., SECRET MLC/TLC NVMs, without compromising the security of the underlying encryption technique. Our simulations on an MLC (TLC) resistive RAM (RRAM) architecture across SPEC CPU2006 workloads demonstrate that for 6.25% (7.84%) memory overhead, SECRET reduces write energy by 80% (63%), latency by 37% (49%), and improves memory lifetime by 63% (56%) over conventional advanced encryption standard-based (AES-based) counter mode encryption.

Swami, Shivam, Rakshit, Joydeep, Mohanram, Kartik.  2016.  SECRET: Smartly EnCRypted Energy Efficient Non-volatile Memories. Proceedings of the 53rd Annual Design Automation Conference. :166:1–166:6.

Data persistence in emerging non-volatile memories (NVMs) poses a multitude of security vulnerabilities, motivating main memory encryption for data security. However, practical encryption algorithms demonstrate strong diffusion characteristics that increase cell flips, resulting in increased write energy/latency and reduced lifetime of NVMs. State-of-the-art security solutions have focused on reducing the encryption penalty (increased write energy/latency and reduced memory lifetime) in single-level cell (SLC) NVMs; however, the realization of low encryption penalty solutions for multi-/triple-level cell (MLC/TLC) secure NVMs remains an open area of research. This work synergistically integrates zero-based partial writes with XOR-based energy masking to realize Smartly EnCRypted Energy efficienT, i.e., SECRET MLC/TLC NVMs, without compromising the security of the underlying encryption technique. Our simulations on an MLC (TLC) resistive RAM (RRAM) architecture across SPEC CPU2006 workloads demonstrate that for 6.25% (7.84%) memory overhead, SECRET reduces write energy by 80% (63%), latency by 37% (49%), and improves memory lifetime by 63% (56%) over conventional advanced encryption standard-based (AES-based) counter mode encryption.

Qin, Zhan, Yan, Jingbo, Ren, Kui, Chen, Chang Wen, Wang, Cong.  2016.  SecSIFT: Secure Image SIFT Feature Extraction in Cloud Computing. ACM Trans. Multimedia Comput. Commun. Appl.. 12:65:1–65:24.

The image and multimedia data produced by individuals and enterprises is increasing every day. Motivated by the advances in cloud computing, there is a growing need to outsource such computational intensive image feature detection tasks to cloud for its economic computing resources and on-demand ubiquitous access. However, the concerns over the effective protection of private image and multimedia data when outsourcing it to cloud platform become the major barrier that impedes the further implementation of cloud computing techniques over massive amount of image and multimedia data. To address this fundamental challenge, we study the state-of-the-art image feature detection algorithms and focus on Scalar Invariant Feature Transform (SIFT), which is one of the most important local feature detection algorithms and has been broadly employed in different areas, including object recognition, image matching, robotic mapping, and so on. We analyze and model the privacy requirements in outsourcing SIFT computation and propose Secure Scalar Invariant Feature Transform (SecSIFT), a high-performance privacy-preserving SIFT feature detection system. In contrast to previous works, the proposed design is not restricted by the efficiency limitations of current homomorphic encryption scheme. In our design, we decompose and distribute the computation procedures of the original SIFT algorithm to a set of independent, co-operative cloud servers and keep the outsourced computation procedures as simple as possible to avoid utilizing a computationally expensive homomorphic encryption scheme. The proposed SecSIFT enables implementation with practical computation and communication complexity. Extensive experimental results demonstrate that SecSIFT performs comparably to original SIFT on image benchmarks while capable of preserving the privacy in an efficient way.

Talreja, R., Motwani, D..  2017.  SecTrans: Enhacing user privacy on Android Platform. 2017 International Conference on Nascent Technologies in Engineering (ICNTE). :1–4.

Interchange of information through cell phones, Tabs and PDAs (Personal Digital Assistant) is the new trend in the era of digitization. In day-to-day activities, sensitive information through mobile phones is exchanged among the users. This sensitive information can be in the form of text messages, images, location, etc. The research on Android mobile applications was done at the MIT, and found that applications are leaking enormous amount of information to the third party servers. 73 percent of 55 Android applications were detected to leak personal information of the users [8]. Transmission of files securely on Android is a big issue. Therefore it is important to shield the privacy of user data on Android operating system. The main motive of this paper is to protect the privacy of data on Android Platform by allowing transmission of textual data, location, pictures in encrypted format. By doing so, we achieved intimacy and integrity of data.

Hossain, Mahmud, Karim, Yasser, Hasan, Ragib.  2018.  SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in 6LoWPAN. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :307–318.
6LoWPAN is a widely used protocol for communication over IPV6 Low-power Wireless Personal Area Networks. Unfortunately, the 6LoWPAN packet fragmentation mechanism possesses vulnerabilities that adversaries can exploit to perform network attacks. Lack of fragment authentication, payload integrity verification, and sender IP address validation lead to fabrication, duplication, and impersonation attacks. Moreover, adversaries can abuse the poor reassembly buffer management technique of the 6LoWPAN layer to perform buffer exhaustion and selective forwarding attacks. In this paper, we propose SecuPAN - a security scheme for mitigating fragmentation-based network attacks in 6LoWPAN networks and devices. We propose a Message Authentication Code based per-fragment integrity and authenticity verification scheme to defend against fabrication and duplication attacks. We also present a mechanism for computing datagram-tag and IPv6 address cryptographically to mitigate impersonation attacks. Additionally, our reputation-based buffer management scheme protects 6LoWPAN devices from buffer reservation attacks. We provide an extensive security analysis of SecuPAN to demonstrate that SecuPAN is secure against strong adversarial scenarios. We also implemented a prototype of SecuPAN on Contiki enabled IoT devices and provided a performance analysis of our proposed scheme.
Englund, Håkan, Lindskog, Niklas.  2020.  Secure acceleration on cloud-based FPGAs – FPGA enclaves. 2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW). :119—122.
FPGAs are becoming a common sight in cloud environments and new usage paradigms, such as FPGA-as-a-Service, have emerged. This development poses a challenge to traditional FPGA security models, as these are assuming trust between the user and the hardware owner. Currently, the user cannot keep bitstream nor data protected from the hardware owner in an FPGA-as-a-service setting. This paper proposes a security model where the chip manufacturer takes the role of root-of-trust to remedy these security problems. We suggest that the chip manufacturer creates a Public Key Infrastructure (PKI), used for user bitstream protection and data encryption, on each device. The chip manufacturer, rather than the hardware owner, also controls certain security-related peripherals. This allows the user to take control over a predefined part of the programmable logic and set up a protected enclave area. Hence, all user data can be provided in encrypted form and only be revealed inside the enclave area. In addition, our model enables secure and concurrent multi-tenant usage of remote FPGAs. To also consider the needs of the hardware owner, our solution includes bitstream certification and affirming that uploaded bitstreams have been vetted against maliciousness.
Fu, Shaojing, Yu, Yunpeng, Xu, Ming.  2017.  A Secure Algorithm for Outsourcing Matrix Multiplication Computation in the Cloud. Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing. :27–33.
Matrix multiplication computation (MMC) is a common scientific and engineering computational task. But such computation involves enormous computing resources for large matrices, which is burdensome for the resource-limited clients. Cloud computing enables computational resource-limited clients to economically outsource such problems to the cloud server. However, outsourcing matrix multiplication to the cloud brings great security concerns and challenges since the matrices and their products often usually contains sensitive information. In a previous work, Lei et al. [1] proposed an algorithm for secure outsourcing MMC by using permutation matrix and the authors argued that it can achieve data privacy. In this paper, we first review the design of Lei's scheme and find a security vulnerability in their algorithm that it reveals the number of zero element in the input matrix to cloud server. Then we present a new verifiable, efficient, and privacy preserving algorithm for outsourcing MMC, which can protect the number privacy of zero elements in original matrices. Our algorithm builds on a series of carefully-designed pseudorandom matrices and well-designed privacy-preserving matrix transformation. Security analysis shows that our algorithm is practically-secure, and offers a higher level of privacy protection than the state-of-the-art algorithm.
Sasirekha, D., Radha, N..  2017.  Secure and attack aware routing in mobile ad hoc networks against wormhole and sinkhole attacks. 2017 2nd International Conference on Communication and Electronics Systems (ICCES). :505–510.

The inherent characteristics of Mobile Ad hoc network (MANET) such as dynamic topology, limited bandwidth, limited power supply, infrastructure less network make themselves attractive for a wide spectrum of applications and vulnerable to security attacks. Sinkhole attack is the most disruptive routing layer attack. Sinkhole nodes attract all the traffic towards them to setup further active attacks such as Black hole, Gray hole and wormhole attacks. Sinkhole nodes need to be isolated from the MANET as early as possible. In this paper, an effective mechanism is proposed to prevent and detect sinkhole and wormhole attacks in MANET. The proposed work detects and punishes the attacker nodes using different techniques such as node collusion technique, which classifies a node as an attacker node only with the agreement with the neighboring nodes. When the node suspects the existence of attacker or sinkhole node in the path, it joins together with neighboring nodes to determine the sinkhole node. In the prevention of routing attacks, the proposed system introduces a route reserve method; new routes learnt are updated in the routing table of the node only after ensuring that the route does not contain the attacker nodes. The proposed system effectively modifies Ad hoc on demand Distance Vector (AODV) with the ability to detect and prevent the sinkhole and wormhole attack, so the modified protocol is named as Attack Aware Alert (A3AODV). The experiments are carried out in NS2 simulator, and the result shows the efficiency in terms of packet delivery ratio and routing overhead.

L, Nirmala Devi, K, Venkata Subbareddy.  2019.  Secure and Composite Routing Strategy through Clustering In WSN. 2019 2nd International Conference on Innovations in Electronics, Signal Processing and Communication (IESC). :119–123.

Due to openness of the deployed environment and transmission medium, Wireless Sensor Networks (WSNs) suffers from various types of security attacks including Denial of service, Sinkhole, Tampering etc. Securing WSN is achieved a greater research interest and this paper proposes a new secure routing strategy for WSNs based on trust model. In this model, initially the sensor nodes of the network are formulated as clusters. Further a trust evaluation mechanism was accomplished for every sensor node at Cluster Head level to build a secure route for data transmission from sensor node to base station. Here the trust evaluation is carried out only at cluster head and also the cluster head is chosen in such a way the node having rich resources availability. The trust evaluation is a composition of the social trust and data trust. Simulation experiments are conducted over the proposed approach and the performance is measured through the performance metrics such as network lifetime, and Malicious Detection Rate. The obtained performance metrics shows the outstanding performance of proposed approach even in the increased malicious behavior of network.

Ranjana, S. A., Sterlin, C. L. S., Benita, W. V., Sam, B. B..  2017.  Secure and concealment in cluster based framework on vehicular networks. 2017 International Conference on Information Communication and Embedded Systems (ICICES). :1–6.

Vehicular ad hoc network is based on MANET all the vehicle to vehicle and vehicle roadside are connected to the wireless sensor network. In this paper mainly discuss on the security in the VANET in the lightweight cloud environment. Moving vehicle on the roadside connected through the sensor nodes and to provide communication between the vehicles and directly connected to the centralized environment. We propose a new approach to share the information in the VANET networks in secure manner through cloud.

Vegda, Hiral, Modi, Nimesh.  2018.  Secure and Efficient Approach to Prevent Ad Hoc Network Attacks Using Intrusion Detection System. 2018 Second International Conference on Intelligent Computing and Control Systems (ICICCS). :129-133.

In Ad hoc networks the main purpose is communication without infrastructure and there are many implementations already done on that. There is little effort done for security to prevent threats in ad hoc networks (like MANETs). It is already proven that; there is no any centralized mechanism for defence against threats, such as a firewall, an intrusion detection system, or a proxy in ad hoc networks. Ad hoc networks are very convenient due to its features like self-maintenance, self-organizing and providing wireless communication. In Ad hoc networks there is no fixed infrastructure in which every node works like simply a router which stores and forwards packet to final destination. Due to these dynamic topology features, Ad hoc networks are anywhere, anytime. Therefore, it is necessary to make a secure mechanism for the ad hoc components so that with flexibility they have that security also. This paper shows the secure and flexible implementation about to protect any ad hoc networks. This proposed system design is perfect solution to provide security with flexibility by providing a hybrid system which combines ECC and MAES to detect and prevent Ad hoc network attacks using Intrusion detection system. The complete proposed system designed on NS 2.35 software using Ubuntu (Linux) OS.

Al Aziz, Md Momin, Hasan, Mohammad Z., Mohammed, Noman, Alhadidi, Dima.  2016.  Secure and Efficient Multiparty Computation on Genomic Data. Proceedings of the 20th International Database Engineering & Applications Symposium. :278–283.

Large scale biomedical research projects involve analysis of huge amount of genomic data which is owned by different data owners. The collection and storing of genomic data is sometimes beyond the capability of a sole organization. Genomic data sharing is a feasible solution to overcome this problem. These scenarios can be generalized into the problem of aggregating data distributed among multiple databases and owned by different data owners. However, we should guarantee that an adversary cannot learn anything about the data or the individual contribution of each party towards the final output of the computation. In this paper, we propose a practical solution for secure sharing and computation of genomic data. We adopt the Paillier cryptosystem and the order preserving encryption to securely execute the count query and the ranked query. Experimental results demonstrate that the computation time is realistic enough to make our system adoptable in the real world.

Cherneva, V., Trahan, J..  2019.  A Secure and Efficient Parallel-Dependency RFID Grouping-Proof Protocol. 2019 IEEE International Conference on RFID (RFID). :1–8.

In this time of ubiquitous computing and the evolution of the Internet of Things (IoT), the deployment and development of Radio Frequency Identification (RFID) is becoming more extensive. Proving the simultaneous presence of a group of RFID tagged objects is a practical need in many application areas within the IoT domain. Security, privacy, and efficiency are central issues when designing such a grouping-proof protocol. This work is motivated by our serial-dependent and Sundaresan et al.'s grouping-proof protocols. In this paper, we propose a light, improved offline protocol: parallel-dependency grouping-proof protocol (PDGPP). The protocol focuses on security, privacy, and efficiency. PDGPP tackles the challenges of including robust privacy mechanisms and accommodates missing tags. It is scalable and complies with EPC C1G2.

Lu, X., Guan, Z., Zhou, X., Du, X., Wu, L., Guizani, M..  2019.  A Secure and Efficient Renewable Energy Trading Scheme Based on Blockchain in Smart Grid. 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). :1839—1844.
Nowadays, with the diversification and decentralization of energy systems, the energy Internet makes it possible to interconnect distributed energy sources and consumers. In the energy trading market, the traditional centralized model relies entirely on trusted third parties. However, as the number of entities involved in the transactions grows and the forms of transactions diversify, the centralized model gradually exposes problems such as insufficient scalability, High energy consumption, and low processing efficiency. To address these challenges, we propose a secure and efficient energy renewable trading scheme based on blockchain. In our scheme, the electricity market trading model is divided into two levels, which can not only protect the privacy, but also achieve a green computing. In addition, in order to adapt to the relatively weak computing power of the underlying equipment in smart grid, we design a credibility-based equity proof mechanism to greatly improve the system availability. Compared with other similar distributed energy trading schemes, we prove the advantages of our scheme in terms of high operational efficiency and low computational overhead through experimental evaluations. Additionally, we conduct a detailed security analysis to demonstrate that our solution meets the security requirements.
Chen, Binbin, Dong, Xinshu, Bai, Guangdong, Jauhar, Sumeet, Cheng, Yueqiang.  2017.  Secure and Efficient Software-Based Attestation for Industrial Control Devices with ARM Processors. Proceedings of the 33rd Annual Computer Security Applications Conference. :425–436.

For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM platform. We analyze the scheme's security and performance based on the formal framework proposed by Armknecht et al. [7] (with a necessary change to ensure its applicability in practical settings). We also implement memory stride on two models of real-world power grid devices that are widely deployed today, and demonstrate its superior performance.

Zhuang, Yuan, Pang, Qiaoyue, Wei, Min.  2019.  Secure and Fast Multiple Nodes Join Mechanism for IPv6-Based Industrial Wireless Network. 2019 International Conference on Information Networking (ICOIN). :1–6.
More and more industrial devices are expected to connect to the internet seamlessly. IPv6-based industrial wireless network can solve the address resources limitation problem. It is a challenge about how to ensure the wireless node join security after introducing the IPv6. In this paper, we propose a multiple nodes join mechanism, which includes a timeslot allocation method and secure join process for the IPv6 over IEEE 802.15.4e network. The timeslot allocation method is designed in order to configure communication resources in the join process for the new nodes. The test platform is implemented to verify the feasibility of the mechanism. The result shows that the proposed mechanism can reduce the communication cost for multiple nodes join process and improve the efficiency.
Mohammedi, M., Omar, M., Aitabdelmalek, W., Mansouri, A., Bouabdallah, A..  2018.  Secure and Lightweight Biometric-Based Remote Patient Authentication Scheme for Home Healthcare Systems. 2018 International Symposium on Programming and Systems (ISPS). :1-6.

Recently, the home healthcare system has emerged as one of the most useful technology for e-healthcare. Contrary to classical recording methods of patient's medical data, which are, based on paper documents, nowadays all this sensitive data can be managed and forwarded through digital systems. These make possible for both patients and healthcare workers to access medical data or receive remote medical treatment using wireless interfaces whenever and wherever. However, simplifying access to these sensitive and private data can directly put patient's health and life in danger. In this paper, we propose a secure and lightweight biometric-based remote patient authentication scheme using elliptic curve encryption through which two mobile healthcare system communication parties could authenticate each other in public mobile healthcare environments. The security and performance analysis demonstrate that our proposal achieves better security than other concurrent schemes, with lower storage, communication and computation costs.

Huang, Weiqing, Zhang, Qiaoyu, Wei, Dong, Li, Huiyan.  2019.  A Secure and Power-Efficient Constellations for Physical Layer Security. 2019 IEEE International Conference on Smart Internet of Things (SmartIoT). :479—483.
With the development of wireless networks, the security of wireless systems is becoming more and more important. In this paper, a novel double layers constellations is proposed to protect the polarization modulation information from being acquired by the eavesdropper. Based on the double layers constellations, a constellations' optimization algorithm for achieving high power-efficiency is proposed. Based on this algorithm, 4,8,16-order double-layer constellations are designed. We use Monte Carlo simulation to test the security performance and symbol error rate performance of this constellations. The results show that the double layers constellations can effectively ensure communication security and the SER performance has superiority over the classic symmetrical constellations.
Liu, Hongyang, Shen, Feng, Liu, Zhiqiang, Long, Yu, Liu, Zhen, Sun, Shifeng, Tang, Shuyang, Gu, Dawu.  2019.  A Secure and Practical Blockchain Scheme for IoT. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :538–545.
With features such as decentralization, consistency, tamper resistance, non-repudiation, and pseudonym, blockchain technology has the potential to strengthen the Internet of Things (IoT) significantly, thus opening an intriguing research area in the integration of blockchain and IoT. However, most existing blockchain schemes were not dedicated to the IoT ecosystem and hence could not meet the specific requirements of IoT. This paper aims to fix the gap. Inspired by Chainspace, a blockchain platform which could be applicable in IoT, VChain is proposed, a novel blockchain scheme suitable for IoT which is more secure, concrete, and practical compared with Chainspace. Specifically, in VChain, a two-layer BFT-based consensus protocol with HoneyBadger BFT protocol is proposed and a collective signature scheme as building blocks. The designs above allow for supporting faulty-shards-tolerance and asynchronous network model, which could not be sustained in Chainspace, and keeping high efficiency as well. Moreover, the sharding strategy presented in VChain, different from that in RapidChain, which adopts the energy-consuming PoW mechanism for sharding, is environmentfriendly and thus makes VChain fit for IoT well. Last but not least, VChain also inherits the merits of Chainspace to separate the execution and verification of smart contracts for privacy.
Jindal, A. K., Shaik, I., Vasudha, V., Chalamala, S. R., Ma, R., Lodha, S..  2020.  Secure and Privacy Preserving Method for Biometric Template Protection using Fully Homomorphic Encryption. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1127–1134.

The rapid proliferation of biometrics has led to growing concerns about the security and privacy of the biometric data (template). A biometric uniquely identifies an individual and unlike passwords, it cannot be revoked or replaced since it is unique and fixed for every individual. To address this problem, many biometric template protection methods using fully homomorphic encryption have been proposed. But, most of them (i) are computationally expensive and practically infeasible (ii) do not support operations over real valued biometric feature vectors without quantization (iii) do not support packing of real valued feature vectors into a ciphertext (iv) require multi-shot enrollment of users for improved matching performance. To address these limitations, we propose a secure and privacy preserving method for biometric template protection using fully homomorphic encryption. The proposed method is computationally efficient and practically feasible, supports operations over real valued feature vectors without quantization and supports packing of real valued feature vectors into a single ciphertext. In addition, the proposed method enrolls the users using one-shot enrollment. To evaluate the proposed method, we use three face datasets namely LFW, FEI and Georgia tech face dataset. The encrypted face template (for 128 dimensional feature vector) requires 32.8 KB of memory space and it takes 2.83 milliseconds to match a pair of encrypted templates. The proposed method improves the matching performance by 3 % when compared to state-of-the-art, while providing high template security.

Oleshchuk, Vladimir.  2019.  Secure and Privacy Preserving Pattern Matching in Distributed Cloud-based Data Storage. 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). 2:820–823.
Given two strings: pattern p of length m and text t of length n. The string matching problem is to find all (or some) occurrences of the pattern p in the text t. We introduce a new simple data structure, called index arrays, and design fast privacy-preserving matching algorithm for string matching. The motivation behind introducing index arrays is determined by the need for pattern matching on distributed cloud-based datasets with semi-trusted cloud providers. It is intended to use encrypted index arrays both to improve performance and protect confidentiality and privacy of user data.
Huang, Qinlong, Li, Nan, Zhang, Zhicheng, Yang, Yixian.  2019.  Secure and Privacy-Preserving Warning Message Dissemination in Cloud-Assisted Internet of Vehicles. 2019 IEEE Conference on Communications and Network Security (CNS). :1—8.

Cloud-assisted Internet of Vehicles (IoV)which merges the advantages of both cloud computing and Internet of Things that can provide numerous online services, and bring lots of benefits and conveniences to the connected vehicles. However, the security and privacy issues such as confidentiality, access control and driver privacy may prevent it from being widely utilized for message dissemination. Existing attribute-based message encryption schemes still bring high computational cost to the lightweight vehicles. In this paper, we introduce a secure and privacy-preserving dissemination scheme for warning message in cloud-assisted IoV. Firstly, we adopt attribute-based encryption to protect the disseminated warning message, and present a verifiable encryption and decryption outsourcing construction to reduce the computational overhead on vehicles. Secondly, we present a conditional privacy preservation mechanism which utilizes anonymous identity-based signature technique to ensure anonymous vehicle authentication and message integrity checking, and also allows the trusted authority to trace the real identity of malicious vehicle. We further achieve batch verification to improve the authentication efficiency. The analysis indicate that our scheme gains more security properties and reduces the computational overhead on the vehicles.