Lanjun Dang

Effective watermarking scheme in the encrypted domain for buyer-seller watermarking protocol

In most watermarking schemes for copyright protection, a seller usually embeds a watermark in multimedia content to identify a buyer. When an unauthorized copy is found by the seller, the traitors identity can be traced by the embedded watermark. However, it incurs both repudiation issue and framing issue. To solve these problems, some buyer-seller watermarking protocols have been proposed based on watermarking scheme in the encrypted domain. In this paper, an enhanced watermarking scheme is presented. Compared with Solanki et al.s scheme, the enhanced scheme increases effective watermarking capacity, avoids additional overhead and overcomes an inherent flaw that watermarking capacity depends on the probability distribution of input watermark sequence. Based on the security requirements of buyer-seller watermarking protocols, a new watermarking scheme in the encrypted domain with flexible watermarking capacity is proposed. It improves the robustness of watermark sequence against image compressions and enables image tampering detection. Watermark extraction is blind, which employs the same threshold criterion and secret keys as watermark embedding. Experimental results demonstrate that the enhanced watermarking scheme eliminates the drawbacks of Solanki et al.s scheme and that the proposed watermarking scheme in the encrypted domain outperforms Kuribayashi and Tanakas scheme.

Efficient ID-based registration protocol featured with user anonymity in mobile IP networks

A secure and efficient ID-based registration protocol with user anonymity is proposed in this paper for IP-based mobile networks. The protocol minimizes the registration delay through a minimal usage of the identity (ID)-based signature scheme that eliminates expensive pairing operations. User anonymity is achieved via a temporary identity (TID) transmitted by a mobile user, instead of its true identity. Additional replay protection from a Foreign Agent (FA) is included in the registration messages to prevent a possible replay attack. A formal correctness proof of the protocol using Protocol Composition Logic (PCL) is presented. Numerical analysis and computer simulation results demonstrate that the proposed protocol outperforms the existing ones in terms of the registration delay, the registration signaling traffic, and the computational load on a Mobile Node (MN) while improving security. For example, the proposed protocol reduces the registration delay up to 49.3 percent approximately, comparing to Yangs protocol.

DASR: Distributed Anonymous Secure Routing with Good Scalability for Mobile Ad Hoc Networks

Security, anonymity, and scalability are important issues for mobile ad hoc network routing protocols, especially in private-vital practical applications. Although there are several papers on anonymous secure routing in mobile ad hoc networks, few research works can achieve sufficient anonymity and strong security, and at the same time provide good scalability. Therefore, in this paper, we present a new distributed anonymous secure routing protocol with good scalability for mobile ad hoc networks. The proposed protocol addresses the problems of anonymous routing and later anonymous data transmission via a dynamic identity pseudonymity approach based on Incomparable Public Keys. Good scalability is achieved by using Diffie-Hellman key exchange scheme and symmetric key cryptography, instead of public key cryptography. In comparison with other previous anonymous secure routing protocols, the proposed protocol not only has strong security and sufficient anonymity protection, but also provides better scalability.

Mobile ip registration in certificateless public key infrastructure

A secure and efficient mobile IP (MIP) registration protocol using certificateless signature scheme is proposed. The protocol minimises the registration time through minimal usage of an efficient certificateless signature scheme between a foreign agent (FA) and a home agent (HA). Protocol parameters can be kept resynchronised by reusing the initial values in the MIP registration in case the synchronisation between a mobile node (MN) and HA is lost. User anonymity is achieved via a temporary identity transmitted by a mobile user, instead of its true identity. Additional replay protection from the FA is included in the registration messages to prevent a possible replay attack. Numerical results and performance analyses demonstrate that the proposed protocol outperforms the existing ones in terms of the registration time, registration signalling traffic and computational load on an MN while providing improved security. For example, the proposed protocol reduces the registration time up to ∼83% compared with the protocol from Yang.

A Watermarking Scheme in the Encrypted Domain for Watermarking Protocol

In most watermarking schemes for copyright protection, a seller always knows the embedded watermark identifying a buyer. However, it incurs both repudiation issue and framing issue. To solve these problems, many watermarking protocols have been proposed based on watermarking schemes in the encrypted domain. In this paper, we enhance an existing watermarking scheme and discuss public key cryptosystems used in watermarking protocols. Then, a new watermarking scheme in the encrypted domain with flexible watermarking capacity is proposed for watermarking protocol. It improves the robustness of watermarked image against JPEG compression after decryption and enables image tampering detection. The blind watermark extracting employs the same threshold criterion and secret keys as watermark embedding. Experimental results demonstrate that the enhanced scheme reduces computing overload and increases effective watermarking capacity, and that the proposed watermarking scheme in the encrypted domain outperforms a previous scheme.

A two-party privacy preserving set intersection protocol against malicious users in cloud computing

Set intersection is a fundamental operation in data mining and cloud computing. In this paper, a protocol is proposed to determine the intersection between two datasets while preserving the privacy of each set. Malicious participants are considered and the misbehavior of participants is prevented. Our method is based on a combination of commutative encryption and hash-based commitments. Performance evaluation demonstrates the effectiveness of the protocol. Security discussion is given showing that the protocol provides data privacy, secure set intersection and tolerance to participants cheating.

Design of secure watermarking scheme for watermarking protocol

Watermarking technique enables to hide an imperceptible watermark into a multimedia content for copyright protection. However, in most conventional watermarking schemes, the watermark is embedded solely by the seller, and both the seller and the buyer know the watermarked copy, which causes unsettled dispute at the phase of arbitration. To solve this problem, many watermarking protocols have been proposed using watermarking scheme in the encrypted domain. In this paper, we firstly discuss many security aspects in the encrypted domain, and then propose a new method of homomorphism conversion for probabilistic public key cryptosystem with homomorphic property. Based on our previous work, a new secure watermarking scheme for watermarking protocol is presented using a new embedding strategy in the encrypted domain. We employ an El Gamal variant cryptosystem with additive homomorphic property to reduce the computing overload of watermark embedding in the encrypted domain, and RA code to improve the robustness of the watermarked image against many moderate attacks after decryption. Security analysis and experiment demonstrate that the secure watermarking scheme is more suitable for implementing the existing watermarking protocols.

Efficient identity-based authenticated key agreement protocol with provable security for vehicular ad hoc networks

In vehicular ad hoc networks, establishing a secure channel between any two vehicles is fundamental. Authenticated key agreement is a useful mechanism, which can be used to negotiate a shared key for secure data transmission between authentic vehicles in vehicular ad hoc networks. Among the existing identity-based two-party authenticated key agreement protocols without pairings, there are only a few protocols that provide provable security in strong security models such as the extended Canetti–Krawczyk model. This article presents an efficient pairing-free identity-based one-round two-party authenticated key agreement protocol with provable security, which is more suitable for real-time application environments with highly dynamic topology such as vehicular ad hoc networks than the existing identity-based two-party authenticated key agreement protocols. The proposed protocol is proven secure under the passive and active adversaries in the extended Canetti–Krawczyk model based on the Gap Diffie–Hellman assumption. The proposed protocol can capture all essential security attributes including known-session key security, perfect forward secrecy, basic impersonation resistance, key compromise impersonation resistance, unknown key share resistance, no key control, and ephemeral secrets reveal resistance. Compared with the existing identity-based two-party authenticated key agreement protocols, the proposed protocol is superior in terms of computational cost and running time while providing higher security.

An Attack to an Anonymous Certificateless Group Key Agreement Scheme and Its Improvement

In this paper, we demonstrate that Kumar-Tripathi’s anonymous authenticated group key agreement protocol is insufficient in authenticity and unlinkability. Then the scheme is improved based on the Computational Diffie-Hellman (CDH) problem and Divisible Computational Diffie-Hellman (DCDH) problem. Compared with available schemes, the improved scheme satisfies strengthened security with lower computational overhead. The security is proven formally using AVISPA.