Xuan Wang

Fully Secure Ciphertext-Policy Attribute Based Encryption with Security Mediator

Attribute-Based Encryption ABE offers fine-grained decryption policy such that users can do decryption if their attributes satisfy the policy. Such flexibility enables it applicable in various applications in government and business. However, there are two issues that should be solved first before it is deployed in practice, namely user revocation and decryption outsourcing. In this paper, we adopt the slightly modified Lewko et al.s fully-CCA-secure Ciphertext-Policy-ABE CP-ABE combining with Boneh et al.s idea of mediated cryptography to propose a CP-ABE with SEcurity Mediator SEM supporting immediate user revocation. At the same time, by the introduce of SEM, we intendedly outsource most of the computation workload in decryption to SEM side and leave only one exponentiation and one division at user side for decryption. It is proved fully-RCCA-CCA-secure in random oracle model.

Offline/online attribute-based encryption with verifiable outsourced decryption

In this big data era, service providers tend to put the data in a third‐party cloud system. Social networking websites are typical examples. To protect the security and privacy of the data, data should be stored in encrypted form. This brings forth new challenges: how to allow different users to access only the authorized part of the data without decryption of the data. Attribute‐based encryption (ABE) offers fine‐grained access control policy over encrypted data such that users can decrypt successfully only if their attributes satisfy the policy. However, one drawback of ABE is that the computational cost grows linearly with the complexity of ciphertext policy or the number of attributes. The situation becomes worse for mobile devices with limited computing resources. To solve this problem, we adopt the offline/online technique combining with the verifiable outsourced computation technique to propose a new ciphertext‐policy ABE scheme using bilinear groups in prime order, supporting the offline/online key generation and encryption, as well as the verifiable outsourced decryption. As a result, most computations of key generation and encryption can be executed offline, and the majority of computational workload in decryption can be outsourced to third parties. The scheme is selectively chosen‐plaintext attack‐secure in the standard model. We also provide the proof of verifiability on outsourced decryption. The simulation results show that our proposed scheme can effectively reduce the computational cost imposed on resource‐constrained devices. Copyright

Practical attribute-based encryption: Outsourcing decryption, attribute revocation and policy updating

Attribute-Based Encryption (ABE) offers fine-grained access control policy over encrypted data, and thus applicable in cloud storage to provide authorized data privacy. However, there are some issues that should be solved before deploying ABE in practice. Firstly, as the heavy decryption cost grows with the complexity of access policy, an ABE with outsourcing decryption is preferred to relieve users computation cost. Secondly, when users attributes are altered, it is required for ABE supporting attribute revocation to change users access privilege timely and effectively. Thirdly, in the case of access control policy changed by data owner, policy updating requirement must be met in designing ABE. Therefore, a practical ABE scheme is proposed which can solve aforementioned issues simultaneously. In order to support flexible number of attributes, our scheme also achieves large universe and multiple attribute authorities. The security and performance of the proposed scheme are discussed, followed by extensive experiments to demonstrate its effectiveness and practicability.

Outsourced privacy-preserving C4.5 decision tree algorithm over horizontally and vertically partitioned dataset among multiple parties

Many companies want to share data for data-mining tasks. However, privacy and security concerns have become a bottleneck in the data-sharing field. The secure multiparty computation (SMC)-based privacy-preserving data mining has emerged as a solution to this problem. However, there is heavy computation cost at user side in traditional SMC solutions. This study introduces an outsourcing method to reduce the computation cost of the user side. We also preserve the privacy of the shared databy proposing an outsourced privacy-preserving C4.5 algorithm over horizontally and vertically partitioned data for multiple parties based on the outsourced privacy preserving weighted average protocol (OPPWAP) and outsourced secure set intersection protocol (OSSIP). Consequently, we have found that our method can achieve a result same the original C4.5 decision tree algorithm while preserving data privacy. Furthermore, we also implement the proposed protocols and the algorithms. It shows that a sublinear relationship exists between the computational cost of the user side and the number of participating parties.

Scalable graph based non-negative multi-view embedding for image ranking

Abstract Due to the well-known semantic gap, content based image retrieval task is still a challenge problem. The performance of image ranking highly depends on feature representation. In this paper, trying to make a more discriminative feature, we propose a multi-graph based non-negative feature embedding framework for image ranking. In this framework, various image features are embedded into a unified latent space by a learned graph based non-negative multi-view embedding model. In this model, a multi-graph based regularization term, which discovers the intrinsic geometrical and the discriminating structure of the data space, is imposed into the non-negative matrix factorization. The framework learns to find an optimized combination of different Laplacian matrices to approximate the intrinsic manifold automatically. Meanwhile, multiple anchor graphs are utilized to reduce the complexity of computational. Finally, ranking is conducted according to the relevance score inferred by a Markov random field. Extensive experiments prove the effectiveness of proposed method.

Outsourced Privacy-Preserving Random Decision Tree Algorithm Under Multiple Parties for Sensor-Cloud Integration

The emerging trends in cloud computing have facilitated the integration of existing technologies towards achieving new and innovative applications for the betterment of humans. Remote health monitoring, a bi-product of technology integration, assists in minimizing human mortality through continuous health monitoring using low-cost sensors. However, privacy and security concerns have become a bottleneck in this process. The secure multi-party computation (SMC)-based privacy-preserving data mining algorithm has emerged as a solution to this problem. However, traditional cryptography-based PPDM solutions are too inefficient and infeasible for analysis on large-scale datasets for data owners. Previous work on random decision trees (RDTs) shows that it is possible to generate equivalent and accurate models at substantially lower costs. In this paper, we focus on the outsourced privacy-preserving random decision tree (OPPRDT) algorithm for multiple parties. We outsource most of the protocol computation to the cloud and propose secure sub-protocols to protect users’ data privacy. As a result, we show that our method can achieve similar results as the original RDT algorithm while also preserving the privacy of the data. We prove that there is a sub-linear relationship between the computational cost of the user side and the number of participating parties.

Semantic Video Carving Using Perceptual Hashing and Optical Flow

Video files are frequently encountered in digital forensic investigations. However, these files are usually fragmented and are not stored consecutively on physical media. Suspects may logically delete the files and also erase filesystem information. Unlike image carving, limited research has focused on video carving. Current approaches depend on filesystem information or attempt to match every pair of fragments, which is impractical. This chapter proposes a two-stage approach to tackle the problem. The first perceptual grouping stage computes a hash value for each fragment; the Hamming distance between hashes is used to quickly group fragments from the same file. The second precise stitching stage uses optical flow to identify the correct order of fragments in each group. Experiments with the BOSS dataset reveal that the approach is very fast and does not sacrifice accuracy or overall precision.

Generic Construction of Publicly Verifiable Predicate Encryption

There is an increasing trend for data owners to store their data in a third-party cloud server and buy the service from the cloud server to provide information to other users. To ensure confidentiality, the data is usually encrypted. Therefore, an encrypted data searching scheme with privacy preserving is of paramount importance. Predicate encryption (PE) is one of the attractive solutions due to its attribute-hiding merit. However, as cloud is not always trusted, verifying the searched results is also crucial. Firstly, a generic construction of Publicly Verifiable Predicate Encryption (PVPE) scheme is proposed to provide verification for PE. We reduce the security of PVPE to the security of PE. However, from practical point of view, to decrease the communication overhead and computation overhead, an improved PVPE is proposed with the trade-off of a small probability of error.