Yanjiang Yang

Efficient unidirectional proxy re-encryption

Proxy re-encryption (PRE) allows a semi-trusted proxy to convert a ciphertext originally intended for Alice into one encrypting the same plaintext for Bob. The proxy only needs a re-encryption key given by Alice, and cannot learn anything about the plaintext encrypted. This adds flexibility in various applications, such as confidential email, digital right management and distributed storage. In this paper, we study unidirectional PRE, which the re-encryption key only enables delegation in one direction but not the opposite. In PKC 2009, Shao and Cao proposed a unidirectional PRE assuming the random oracle. However, we show that it is vulnerable to chosen-ciphertext attack (CCA). We then propose an efficient unidirectional PRE scheme (without resorting to pairings). We gain high efficiency and CCA-security using the “token-controlled encryption” technique, under the computational Diffie-Hellman assumption, in the random oracle model and a relaxed but reasonable definition.

Private query on encrypted data in multi-user settings

Searchable encryption schemes allow users to perform keyword based searches on an encrypted database. Almost all existing such schemes only consider the scenario where a single user acts as both the data owner and the querier. However, most databases in practice do not just serve one user; instead, they support search and write operations by multiple users. In this paper, we systematically study searchable encryption in a practical multi-user setting. Our results include a set of security notions for multi-user searchable encryption as well as a construction which is provably secure under the newly introduced security notions.

Privacy and ownership preserving of outsourced medical data

The demand for the secondary use of medical data is increasing steadily to allow for the provision of better quality health care. Two important issues pertaining to this sharing of data have to be addressed: one is the privacy protection for individuals referred to in the data; the other is copyright protection over the data. In this paper, we present a unified framework that seamlessly combines techniques of binning and digital watermarking to attain the dual goals of privacy and copyright protection. Our binning method is built upon an earlier approach of generalization and suppression by allowing a broader concept of generalization. To ensure data usefulness, we propose constraining binning by usage metrics that define maximal allowable information loss, and the metrics can be enforced off-line. Our watermarking algorithm watermarks the binned data in a hierarchical manner by leveraging on the very nature of the data. The method is resilient to the generalization attack that is specific to the binned data, as well as other attacks intended to destroy the inserted mark. We prove that watermarking could not adversely interfere with binning, and implemented the framework. Experiments were conducted, and the results show the robustness of the proposed framework.

Efficient online/offline identity-based signature for wireless sensor network

In this paper, we present an online/offline identity-based signature scheme for the wireless sensor network (WSN). We argue that due to significant reduction in costs of computation and storage, our scheme is particularly suitable for the WSN environment with severely constrained resources. One of the interesting features of our scheme is that it provides multi-time usage of the offline storage, which allows the signer to re-use the offline pre-computed information in polynomial time, in contrast to one-time usage in all previous online/offline signature schemes. As evidence of the practicality and feasibility of our scheme to be used in the WSN environment, we provide an actual implementation result of our scheme on the MicaZ platform.

Efficient Conditional Proxy Re-encryption with Chosen-Ciphertext Security

Recently, a variant of proxy re-encryption, named conditional proxy re-encryption (C-PRE), has been introduced. Compared with traditional proxy re-encryption, C-PRE enables the delegator to implement fine-grained delegation of decryption rights, and thus is more useful in many applications. In this paper, based on a careful observation on the existing definitions and security notions for C-PRE, we re-formalize more rigorous definition and security notions for C-PRE. We further propose a more efficient C-PRE scheme, and prove its chosen-ciphertext security under the decisional bilinear Diffie-Hellman (DBDH) assumption in the random oracle model. In addition, we point out that a recent C-PRE scheme fails to achieve the chosen-ciphertext security.

New efficient user identification and key distribution scheme providing enhanced security

Apart from user identification and key distribution, it is very useful for the login process to achieve user anonymity. Recently, Wu and Hsu proposed an efficient user identification scheme with key distribution while preserving user anonymity by extending an earlier work of Lee and Chang. We however find out that the Wu and Hsu scheme has a serious weakness, which can be exploited by the service provider to learn the secret token of the user who requests services from the service provider. We further propose a scheme to overcome this limitation while attaining the same set of objectives as the previous works. Performance analyses have shown that efficiency in terms of both computation and communication is not sacrificed in our scheme.

A practical password-based two-server authentication and key exchange system

Most password-based user authentication systems place total trust on the authentication server where cleartext passwords or easily derived password verification data are stored in a central database. Such systems are, thus, by no means resilient against offline dictionary attacks initiated at the server side. Compromise of the authentication server by either outsiders or insiders subjects all user passwords to exposure and may have serious legal and financial repercussions to an organization. Recently, several multiserver password systems were proposed to circumvent the single point of vulnerability inherent in the single-server architecture. However, these multiserver systems are difficult to deploy and operate in practice since either a user has to communicate simultaneously with multiple servers or the protocols are quite expensive. In this paper, we present a practical password-based user authentication and key exchange system employing a novel two-server architecture. Our system has a number of appealing features. In our system, only a front-end service server engages directly with users while a control server stays behind the scene; therefore, it can be directly applied to strengthen existing single-server password systems. In addition, the system is secure against offline dictionary attacks mounted by either of the two servers

CCA-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles

Up to now, it is still an open question of how to construct a chosen-ciphertext secure unidirectional proxy re-encryption scheme in the adaptive corruption model. To address this problem, we propose a new unidirectional proxy re-encryption scheme, and prove its chosen-ciphertext security in the adaptive corruption model without random oracles. Compared with the best known unidirectional proxy re-encryption scheme proposed by Libert and Vergnaud in PKC’08, our scheme enjoys the advantages of both higher efficiency and stronger security.

Forensic-by-Design Framework for Cyber-Physical Cloud Systems

As businesses continue to offer customers and employees increased access, improved software functionality, and continued improvements in supply chain management opportunities, it raises the risk of cyber-physical attacks on cyber-physical cloud systems (CPCS). In this article, the authors discuss the challenges associated with a CPCS attack and highlight the need for forensic-by-design, prior to presenting their conceptual CPCS forensic-by-design model. The six factors of the framework are discussed, namely, risk management principles and practices, forensic readiness principles and practices, incident handling principles and practices, laws and regulation, CPCS hardware and software requirements, and industry-specific requirements. Future research topics are also identified.

Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Encryption of Cloud Data

Attribute-based encryption has the potential to be deployed in a cloud computing environment to provide scalable and fine-grained data sharing. However, user revocation within ABE deployment remains a challenging issue to overcome, particularly when there is a large number of users. In this work, we introduce an extended proxy-assisted approach, which weakens the trust required of the cloud server. Based on an all-or-nothing principle, our approach is designed to discourage a cloud server from colluding with a third party to hinder the user revocation functionality. We demonstrate the utility of our approach by presenting a construction of the proposed approach, designed to provide efficient cloud data sharing and user revocation. A prototype was then implemented to demonstrate the practicality of our proposed construction.