Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a ...Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.展开更多
Verifiable delay functions(VDFs)and delay encryptions(DEs)are two important primitives in decentralized systems,while existing constructions are mainly based on time-lock puzzles.A disparate framework has been establi...Verifiable delay functions(VDFs)and delay encryptions(DEs)are two important primitives in decentralized systems,while existing constructions are mainly based on time-lock puzzles.A disparate framework has been established by applying isogenies and pairings on elliptic curves.Following this line,we first employ Richelot isogenies and non-degenerate pairings from hyperelliptic curves for a new verifiable delay function,such that no auxiliary proof and interaction are needed for the verification.Then,we demonstrate that our scheme satisfies all security requirements,in particular,our VDF can resist several attacks,including the latest attacks for SIDH.Besides,resorting to the same techniques,a secure delay encryption from hyperelliptic curves is constructed by modifying Boneh and Frankiln's IBE scheme,which shares the identical setup with our VDF scheme.As far as we know,these schemes are the first cryptographic applications from high-genus isogenies apart from basic protocols,i.e.,hash functions and key exchange protocols.展开更多
Secret sharing is a promising technology for information encryption by splitting the secret information into different shares.However,the traditional scheme suffers from information leakage in decryption process since...Secret sharing is a promising technology for information encryption by splitting the secret information into different shares.However,the traditional scheme suffers from information leakage in decryption process since the amount of available information channels is limited.Herein,we propose and demonstrate an optical secret sharing framework based on the multi-dimensional multiplexing liquid crystal(LC)holograms.The LC holograms are used as spatially separated shares to carry secret images.The polarization of the incident light and the distance between different shares are served as secret keys,which can significantly improve the information security and capacity.Besides,the decryption condition is also restricted by the applied external voltage due to the variant diffraction efficiency,which further increases the information security.In implementation,an artificial neural network(ANN)model is developed to carefully design the phase distribution of each LC hologram.With the advantage of high security,high capacity and simple configuration,our optical secret sharing framework has great potentials in optical encryption and dynamic holographic display.展开更多
In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose...In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose a Hadoop based big data secure storage scheme.Firstly,in order to disperse the NameNode service from a single server to multiple servers,we combine HDFS federation and HDFS high-availability mechanisms,and use the Zookeeper distributed coordination mechanism to coordinate each node to achieve dual-channel storage.Then,we improve the ECC encryption algorithm for the encryption of ordinary data,and adopt a homomorphic encryption algorithm to encrypt data that needs to be calculated.To accelerate the encryption,we adopt the dualthread encryption mode.Finally,the HDFS control module is designed to combine the encryption algorithm with the storage model.Experimental results show that the proposed solution solves the problem of a single point of failure of metadata,performs well in terms of metadata reliability,and can realize the fault tolerance of the server.The improved encryption algorithm integrates the dual-channel storage mode,and the encryption storage efficiency improves by 27.6% on average.展开更多
The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have be...The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have been raised over the security and privacy of the tons of traffic and vehicle data.In this regard,Federated Learning(FL)with privacy protection features is considered a highly promising solution.However,in the FL process,the server side may take advantage of its dominant role in model aggregation to steal sensitive information of users,while the client side may also upload malicious data to compromise the training of the global model.Most existing privacy-preserving FL schemes in IoV fail to deal with threats from both of these two sides at the same time.In this paper,we propose a Blockchain based Privacy-preserving Federated Learning scheme named BPFL,which uses blockchain as the underlying distributed framework of FL.We improve the Multi-Krum technology and combine it with the homomorphic encryption to achieve ciphertext-level model aggregation and model filtering,which can enable the verifiability of the local models while achieving privacy-preservation.Additionally,we develop a reputation-based incentive mechanism to encourage users in IoV to actively participate in the federated learning and to practice honesty.The security analysis and performance evaluations are conducted to show that the proposed scheme can meet the security requirements and improve the performance of the FL model.展开更多
In the assessment of car insurance claims,the claim rate for car insurance presents a highly skewed probability distribution,which is typically modeled using Tweedie distribution.The traditional approach to obtaining ...In the assessment of car insurance claims,the claim rate for car insurance presents a highly skewed probability distribution,which is typically modeled using Tweedie distribution.The traditional approach to obtaining the Tweedie regression model involves training on a centralized dataset,when the data is provided by multiple parties,training a privacy-preserving Tweedie regression model without exchanging raw data becomes a challenge.To address this issue,this study introduces a novel vertical federated learning-based Tweedie regression algorithm for multi-party auto insurance rate setting in data silos.The algorithm can keep sensitive data locally and uses privacy-preserving techniques to achieve intersection operations between the two parties holding the data.After determining which entities are shared,the participants train the model locally using the shared entity data to obtain the local generalized linear model intermediate parameters.The homomorphic encryption algorithms are introduced to interact with and update the model intermediate parameters to collaboratively complete the joint training of the car insurance rate-setting model.Performance tests on two publicly available datasets show that the proposed federated Tweedie regression algorithm can effectively generate Tweedie regression models that leverage the value of data fromboth partieswithout exchanging data.The assessment results of the scheme approach those of the Tweedie regressionmodel learned fromcentralized data,and outperformthe Tweedie regressionmodel learned independently by a single party.展开更多
For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and all...For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and allows privacy information to be preserved.Data owners can tightly manage their data with efficient revocation and only grant one-time adaptive access for the fulfillment of the requester.We prove that our protocol is semanticallly secure,blind,and secure against oblivious requesters and malicious file keepers.We also provide security analysis in the context of four typical attacks.展开更多
Blockchain technology has garnered significant attention from global organizations and researchers due to its potential as a solution for centralized system challenges.Concurrently,the Internet of Things(IoT)has revol...Blockchain technology has garnered significant attention from global organizations and researchers due to its potential as a solution for centralized system challenges.Concurrently,the Internet of Things(IoT)has revolutionized the Fourth Industrial Revolution by enabling interconnected devices to offer innovative services,ultimately enhancing human lives.This paper presents a new approach utilizing lightweight blockchain technology,effectively reducing the computational burden typically associated with conventional blockchain systems.By integrating this lightweight blockchain with IoT systems,substantial reductions in implementation time and computational complexity can be achieved.Moreover,the paper proposes the utilization of the Okamoto Uchiyama encryption algorithm,renowned for its homomorphic characteristics,to reinforce the privacy and security of IoT-generated data.The integration of homomorphic encryption and blockchain technology establishes a secure and decentralized platformfor storing and analyzing sensitive data of the supply chain data.This platformfacilitates the development of some business models and empowers decentralized applications to perform computations on encrypted data while maintaining data privacy.The results validate the robust security of the proposed system,comparable to standard blockchain implementations,leveraging the distinctive homomorphic attributes of the Okamoto Uchiyama algorithm and the lightweight blockchain paradigm.展开更多
Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast e...Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.展开更多
While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning me...While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic,we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features,called BERT-based Spatio-Temporal Features Network(BSTFNet).At the packet-level granularity,the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers(BERT)model.At the byte-level granularity,we initially employ the Bidirectional Gated Recurrent Unit(BiGRU)model to extract temporal features from bytes,followed by the utilization of the Text Convolutional Neural Network(TextCNN)model with multi-sized convolution kernels to extract local multi-receptive field spatial features.The fusion of features from both granularities serves as the ultimate multidimensional representation of malicious traffic.Our approach achieves accuracy and F1-score of 99.39%and 99.40%,respectively,on the publicly available USTC-TFC2016 dataset,and effectively reduces sample confusion within the Neris and Virut categories.The experimental results demonstrate that our method has outstanding representation and classification capabilities for encrypted malicious traffic.展开更多
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur...With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.展开更多
In the era of big data,the number of images transmitted over the public channel increases exponentially.As a result,it is crucial to devise the efficient and highly secure encryption method to safeguard the sensitive ...In the era of big data,the number of images transmitted over the public channel increases exponentially.As a result,it is crucial to devise the efficient and highly secure encryption method to safeguard the sensitive image.In this paper,an improved sine map(ISM)possessing a larger chaotic region,more complex chaotic behavior and greater unpredictability is proposed and extensively tested.Drawing upon the strengths of ISM,we introduce a lightweight symmetric image encryption cryptosystem in wavelet domain(WDLIC).The WDLIC employs selective encryption to strike a satisfactory balance between security and speed.Initially,only the low-frequency-low-frequency component is chosen to encrypt utilizing classic permutation and diffusion.Then leveraging the statistical properties in wavelet domain,Gaussianization operation which opens the minds of encrypting image information in wavelet domain is first proposed and employed to all sub-bands.Simulations and theoretical analysis demonstrate the high speed and the remarkable effectiveness of WDLIC.展开更多
Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is desi...Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is designed,and a multiimage encryption(MIE)algorithm with row and column confusion and closed-loop bi-directional diffusion is adopted in the paper.While ensuring secure communication of medical image information,people with different security levels have different levels of decryption keys,and differentiated visual effects can be obtained by using the strong sensitivity of chaotic keys.The highest security level can obtain decrypted images without watermarks,and at the same time,patient information and copyright attribution can be verified by obtaining watermark images.The experimental results show that the scheme is sufficiently secure as an MIE scheme with visualized differences and the encryption and decryption efficiency is significantly improved compared to other works.展开更多
This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-trigger...This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-triggered strategy.Due to the fact that only integers can work in the Pailler cryptosystem,both the real-valued control gain and system state need to be first quantized before encryption.This is dramatically different from the existing quantized control methods,where only the quantization of a single value,e.g.,the control input or the system state,is considered.To handle this issue,static and dynamic quantization policies are presented,which achieve the desired integer conversions and guarantee asymptotic convergence of the quantized system state to the equilibrium.Then,the quantized system state is encrypted and sent to the controller when the triggering condition,specified by a state-based event-triggered strategy,is satisfied.By doing so,not only the security and confidentiality of data transmitted over the communication network are protected,but also the ciphertext expansion phenomenon can be relieved.Additionally,by tactfully designing the quantization sensitivities and triggering error,the proposed event-driven encrypted control framework ensures the asymptotic stability of the overall closedloop system.Finally,a simulation example of the secure motion control for an inverted pendulum cart system is presented to evaluate the effectiveness of the theoretical results.展开更多
Single-pixel imaging(SPI)can transform 2D or 3D image data into 1D light signals,which offers promising prospects for image compression and transmission.However,during data communication these light signals in public ...Single-pixel imaging(SPI)can transform 2D or 3D image data into 1D light signals,which offers promising prospects for image compression and transmission.However,during data communication these light signals in public channels will easily draw the attention of eavesdroppers.Here,we introduce an efficient encryption method for SPI data transmission that uses the 3D Arnold transformation to directly disrupt 1D single-pixel light signals and utilizes the elliptic curve encryption algorithm for key transmission.This encryption scheme immediately employs Hadamard patterns to illuminate the scene and then utilizes the 3D Arnold transformation to permutate the 1D light signal of single-pixel detection.Then the transformation parameters serve as the secret key,while the security of key exchange is guaranteed by an elliptic curve-based key exchange mechanism.Compared with existing encryption schemes,both computer simulations and optical experiments have been conducted to demonstrate that the proposed technique not only enhances the security of encryption but also eliminates the need for complicated pattern scrambling rules.Additionally,this approach solves the problem of secure key transmission,thus ensuring the security of information and the quality of the decrypted images.展开更多
With the escalating flow of information and digital communication,information security has become an increasingly important issue.Traditional cryptographic methods are being threatened by advancing progress in computi...With the escalating flow of information and digital communication,information security has become an increasingly important issue.Traditional cryptographic methods are being threatened by advancing progress in computing,while physical encryption methods are favored as a viable and compelling avenue.Metasurfaces,which are known for their extraordinary ability to manipulate optical parameters at the nanoscale,exhibit significant potential for the revolution of optical devices,making them a highly promising candidate for optical encryption applications.Here,a single-sized metasurface with four independent channels is proposed for conducting steganography and multi-key information encryption.More specifically,plaintext is transformed into a ciphertext image,which is encoded into a metasurface,while the decryption key is discretely integrated into another channel within the same metasurface.Two different keys for steganographic image unveiling are also encoded into the metasurface and can be retrieved with different channels and spatial positions.This distributed multi-key encryption approach can enhance security,while strategically distributing images across distinct spatial zones serves as an additional measure to reduce the risk of information leakage.This minimalist designed metasurface,with its advantages of high information density and robust security,holds promise across applications including portable encryption,high-camouflaged image display,and high-density optical storage.展开更多
With the development of hardware devices and the upgrading of smartphones,a large number of users save privacy-related information in mobile devices,mainly smartphones,which puts forward higher demands on the protecti...With the development of hardware devices and the upgrading of smartphones,a large number of users save privacy-related information in mobile devices,mainly smartphones,which puts forward higher demands on the protection of mobile users’privacy information.At present,mobile user authenticationmethods based on humancomputer interaction have been extensively studied due to their advantages of high precision and non-perception,but there are still shortcomings such as low data collection efficiency,untrustworthy participating nodes,and lack of practicability.To this end,this paper proposes a privacy-enhanced mobile user authentication method with motion sensors,which mainly includes:(1)Construct a smart contract-based private chain and federated learning to improve the data collection efficiency of mobile user authentication,reduce the probability of the model being bypassed by attackers,and reduce the overhead of data centralized processing and the risk of privacy leakage;(2)Use certificateless encryption to realize the authentication of the device to ensure the credibility of the client nodes participating in the calculation;(3)Combine Variational Mode Decomposition(VMD)and Long Short-TermMemory(LSTM)to analyze and model the motion sensor data of mobile devices to improve the accuracy of model certification.The experimental results on the real environment dataset of 1513 people show that themethod proposed in this paper can effectively resist poisoning attacks while ensuring the accuracy and efficiency of mobile user authentication.展开更多
With the rapid development of internet technology,security protection of information has become more and more prominent,especially information encryption.Considering the great advantages of chaotic encryption,we propo...With the rapid development of internet technology,security protection of information has become more and more prominent,especially information encryption.Considering the great advantages of chaotic encryption,we propose a 2D-lag complex logistic map with complex parameters(2D-LCLMCP)and corresponding encryption schemes.Firstly,we present the model of the 2D-LCLMCP and analyze its chaotic properties and system stability through fixed points,Lyapunov exponent,bifurcation diagram,phase diagram,etc.Secondly,a block cipher algorithm based on the 2D-LCLMCP is proposed,the plaintext data is preprocessed using a pseudorandom sequence generated by the 2D-LCLMCP.Based on the generalized Feistel cipher structure,a round function F is constructed using dynamic S-box and DNA encoding rules as the core of the block cipher algorithm.The generalized Feistel cipher structure consists of two F functions,four XOR operations,and one permutation operation per round.The symmetric dynamic round keys that change with the plaintext are generated by the 2D-LCLMCP.Finally,experimental simulation and performance analysis tests are conducted.The results show that the block cipher algorithm has low complexit,good diffusion and a large key space.When the block length is 64 bits,only six rounds of encryption are required to provide sufficient security and robustness against cryptographic attacks.展开更多
A novel self-recoverable mechanoluminescent phosphor Ca_(5)Ga_(6)O_(14)∶Eu^(3+) was developed by the high-tem-perature solid-state reaction method,and its luminescence properties were investigated.Ca_(5)Ga_(6)O_(14)...A novel self-recoverable mechanoluminescent phosphor Ca_(5)Ga_(6)O_(14)∶Eu^(3+) was developed by the high-tem-perature solid-state reaction method,and its luminescence properties were investigated.Ca_(5)Ga_(6)O_(14)∶Eu^(3+)can produce red mechanoluminescence,and importantly,it shows good repeatability.The mechanoluminescence of Ca_(5)Ga_(6)O_(14)∶Eu^(3+) results from the piezoelectric field generated inside the material under stress,rather than the charge carriers stored in the traps,which can be confirmed by the multiple cycles of mechanoluminescence tests and heat treatment tests.The mechanoluminescence color can be turned from red to green by co-doping varied concentrations of Tb^(3+),which may be meaningful for encrypted letter writing.The encryption scheme for secure communication was devised by harnessing mechanoluminescence patterns in diverse shapes and ASCII codes,which shows good encryption performance.The results suggest that the mechanoluminescence phosphor Ca_(5)Ga_(6)O_(14)∶Eu^(3+),Tb^(3+)may be applied to the optical information encryption.展开更多
In the intricate network environment,the secure transmission of medical images faces challenges such as information leakage and malicious tampering,significantly impacting the accuracy of disease diagnoses by medical ...In the intricate network environment,the secure transmission of medical images faces challenges such as information leakage and malicious tampering,significantly impacting the accuracy of disease diagnoses by medical professionals.To address this problem,the authors propose a robust feature watermarking algorithm for encrypted medical images based on multi-stage discrete wavelet transform(DWT),Daisy descriptor,and discrete cosine transform(DCT).The algorithm initially encrypts the original medical image through DWT-DCT and Logistic mapping.Subsequently,a 3-stage DWT transformation is applied to the encrypted medical image,with the centre point of the LL3 sub-band within its low-frequency component serving as the sampling point.The Daisy descriptor matrix for this point is then computed.Finally,a DCT transformation is performed on the Daisy descriptor matrix,and the low-frequency portion is processed using the perceptual hashing algorithm to generate a 32-bit binary feature vector for the medical image.This scheme utilises cryptographic knowledge and zero-watermarking technique to embed watermarks without modifying medical images and can extract the watermark from test images without the original image,which meets the basic re-quirements of medical image watermarking.The embedding and extraction of water-marks are accomplished in a mere 0.160 and 0.411s,respectively,with minimal computational overhead.Simulation results demonstrate the robustness of the algorithm against both conventional attacks and geometric attacks,with a notable performance in resisting rotation attacks.展开更多
基金Supported by the National Natural Science Foundation of China(60603010,60970120)~~
文摘Tag key encapsulation mechanism (Tag-KEM)/data encapsulation mechanism (DEM) is a hybrid framework proposed in 2005. Tag-t(EM is one of its parts by using public-key encryption (PKE) technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM+DEM one.
基金supported by the National Natural Science Foundation of China(No.62272491)the Guangdong Major Project of Basic and Applied Basic Research(2019B030302008)the National R&D Key Program of China under Grant(2022YFB2701500).
文摘Verifiable delay functions(VDFs)and delay encryptions(DEs)are two important primitives in decentralized systems,while existing constructions are mainly based on time-lock puzzles.A disparate framework has been established by applying isogenies and pairings on elliptic curves.Following this line,we first employ Richelot isogenies and non-degenerate pairings from hyperelliptic curves for a new verifiable delay function,such that no auxiliary proof and interaction are needed for the verification.Then,we demonstrate that our scheme satisfies all security requirements,in particular,our VDF can resist several attacks,including the latest attacks for SIDH.Besides,resorting to the same techniques,a secure delay encryption from hyperelliptic curves is constructed by modifying Boneh and Frankiln's IBE scheme,which shares the identical setup with our VDF scheme.As far as we know,these schemes are the first cryptographic applications from high-genus isogenies apart from basic protocols,i.e.,hash functions and key exchange protocols.
基金support from the National Natural Science Foundation of China (No.62005164,62222507,62175101,and 62005166)the Shanghai Natural Science Foundation (23ZR1443700)+3 种基金Shuguang Program of Shanghai Education Development Foundation and Shanghai Municipal Education Commission (23SG41)the Young Elite Scientist Sponsorship Program by CAST (No.20220042)Science and Technology Commission of Shanghai Municipality (Grant No.21DZ1100500)the Shanghai Municipal Science and Technology Major Project,and the Shanghai Frontiers Science Center Program (2021-2025 No.20).
文摘Secret sharing is a promising technology for information encryption by splitting the secret information into different shares.However,the traditional scheme suffers from information leakage in decryption process since the amount of available information channels is limited.Herein,we propose and demonstrate an optical secret sharing framework based on the multi-dimensional multiplexing liquid crystal(LC)holograms.The LC holograms are used as spatially separated shares to carry secret images.The polarization of the incident light and the distance between different shares are served as secret keys,which can significantly improve the information security and capacity.Besides,the decryption condition is also restricted by the applied external voltage due to the variant diffraction efficiency,which further increases the information security.In implementation,an artificial neural network(ANN)model is developed to carefully design the phase distribution of each LC hologram.With the advantage of high security,high capacity and simple configuration,our optical secret sharing framework has great potentials in optical encryption and dynamic holographic display.
文摘In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose a Hadoop based big data secure storage scheme.Firstly,in order to disperse the NameNode service from a single server to multiple servers,we combine HDFS federation and HDFS high-availability mechanisms,and use the Zookeeper distributed coordination mechanism to coordinate each node to achieve dual-channel storage.Then,we improve the ECC encryption algorithm for the encryption of ordinary data,and adopt a homomorphic encryption algorithm to encrypt data that needs to be calculated.To accelerate the encryption,we adopt the dualthread encryption mode.Finally,the HDFS control module is designed to combine the encryption algorithm with the storage model.Experimental results show that the proposed solution solves the problem of a single point of failure of metadata,performs well in terms of metadata reliability,and can realize the fault tolerance of the server.The improved encryption algorithm integrates the dual-channel storage mode,and the encryption storage efficiency improves by 27.6% on average.
基金supported by the National Natural Science Foundation of China under Grant 61972148.
文摘The application of artificial intelligence technology in Internet of Vehicles(lov)has attracted great research interests with the goal of enabling smart transportation and traffic management.Meanwhile,concerns have been raised over the security and privacy of the tons of traffic and vehicle data.In this regard,Federated Learning(FL)with privacy protection features is considered a highly promising solution.However,in the FL process,the server side may take advantage of its dominant role in model aggregation to steal sensitive information of users,while the client side may also upload malicious data to compromise the training of the global model.Most existing privacy-preserving FL schemes in IoV fail to deal with threats from both of these two sides at the same time.In this paper,we propose a Blockchain based Privacy-preserving Federated Learning scheme named BPFL,which uses blockchain as the underlying distributed framework of FL.We improve the Multi-Krum technology and combine it with the homomorphic encryption to achieve ciphertext-level model aggregation and model filtering,which can enable the verifiability of the local models while achieving privacy-preservation.Additionally,we develop a reputation-based incentive mechanism to encourage users in IoV to actively participate in the federated learning and to practice honesty.The security analysis and performance evaluations are conducted to show that the proposed scheme can meet the security requirements and improve the performance of the FL model.
基金This research was funded by the National Natural Science Foundation of China(No.62272124)the National Key Research and Development Program of China(No.2022YFB2701401)+3 种基金Guizhou Province Science and Technology Plan Project(Grant Nos.Qiankehe Paltform Talent[2020]5017)The Research Project of Guizhou University for Talent Introduction(No.[2020]61)the Cultivation Project of Guizhou University(No.[2019]56)the Open Fund of Key Laboratory of Advanced Manufacturing Technology,Ministry of Education(GZUAMT2021KF[01]).
文摘In the assessment of car insurance claims,the claim rate for car insurance presents a highly skewed probability distribution,which is typically modeled using Tweedie distribution.The traditional approach to obtaining the Tweedie regression model involves training on a centralized dataset,when the data is provided by multiple parties,training a privacy-preserving Tweedie regression model without exchanging raw data becomes a challenge.To address this issue,this study introduces a novel vertical federated learning-based Tweedie regression algorithm for multi-party auto insurance rate setting in data silos.The algorithm can keep sensitive data locally and uses privacy-preserving techniques to achieve intersection operations between the two parties holding the data.After determining which entities are shared,the participants train the model locally using the shared entity data to obtain the local generalized linear model intermediate parameters.The homomorphic encryption algorithms are introduced to interact with and update the model intermediate parameters to collaboratively complete the joint training of the car insurance rate-setting model.Performance tests on two publicly available datasets show that the proposed federated Tweedie regression algorithm can effectively generate Tweedie regression models that leverage the value of data fromboth partieswithout exchanging data.The assessment results of the scheme approach those of the Tweedie regressionmodel learned fromcentralized data,and outperformthe Tweedie regressionmodel learned independently by a single party.
基金partially supported by the National Natural Science Foundation of China under grant no.62372245the Foundation of Yunnan Key Laboratory of Blockchain Application Technology under Grant 202105AG070005+1 种基金in part by the Foundation of State Key Laboratory of Public Big Datain part by the Foundation of Key Laboratory of Computational Science and Application of Hainan Province under Grant JSKX202202。
文摘For the goals of security and privacy preservation,we propose a blind batch encryption-and public ledger-based data sharing protocol that allows the integrity of sensitive data to be audited by a public ledger and allows privacy information to be preserved.Data owners can tightly manage their data with efficient revocation and only grant one-time adaptive access for the fulfillment of the requester.We prove that our protocol is semanticallly secure,blind,and secure against oblivious requesters and malicious file keepers.We also provide security analysis in the context of four typical attacks.
文摘Blockchain technology has garnered significant attention from global organizations and researchers due to its potential as a solution for centralized system challenges.Concurrently,the Internet of Things(IoT)has revolutionized the Fourth Industrial Revolution by enabling interconnected devices to offer innovative services,ultimately enhancing human lives.This paper presents a new approach utilizing lightweight blockchain technology,effectively reducing the computational burden typically associated with conventional blockchain systems.By integrating this lightweight blockchain with IoT systems,substantial reductions in implementation time and computational complexity can be achieved.Moreover,the paper proposes the utilization of the Okamoto Uchiyama encryption algorithm,renowned for its homomorphic characteristics,to reinforce the privacy and security of IoT-generated data.The integration of homomorphic encryption and blockchain technology establishes a secure and decentralized platformfor storing and analyzing sensitive data of the supply chain data.This platformfacilitates the development of some business models and empowers decentralized applications to perform computations on encrypted data while maintaining data privacy.The results validate the robust security of the proposed system,comparable to standard blockchain implementations,leveraging the distinctive homomorphic attributes of the Okamoto Uchiyama algorithm and the lightweight blockchain paradigm.
基金supported in part by the National Natural Science Foundation of China Project under Grant 62075147the Suzhou Industry Technological Innovation Projects under Grant SYG202348.
文摘Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.
基金This research was funded by National Natural Science Foundation of China under Grant No.61806171Sichuan University of Science&Engineering Talent Project under Grant No.2021RC15+2 种基金Open Fund Project of Key Laboratory for Non-Destructive Testing and Engineering Computer of Sichuan Province Universities on Bridge Inspection and Engineering under Grant No.2022QYJ06Sichuan University of Science&Engineering Graduate Student Innovation Fund under Grant No.Y2023115The Scientific Research and Innovation Team Program of Sichuan University of Science and Technology under Grant No.SUSE652A006.
文摘While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic,we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features,called BERT-based Spatio-Temporal Features Network(BSTFNet).At the packet-level granularity,the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers(BERT)model.At the byte-level granularity,we initially employ the Bidirectional Gated Recurrent Unit(BiGRU)model to extract temporal features from bytes,followed by the utilization of the Text Convolutional Neural Network(TextCNN)model with multi-sized convolution kernels to extract local multi-receptive field spatial features.The fusion of features from both granularities serves as the ultimate multidimensional representation of malicious traffic.Our approach achieves accuracy and F1-score of 99.39%and 99.40%,respectively,on the publicly available USTC-TFC2016 dataset,and effectively reduces sample confusion within the Neris and Virut categories.The experimental results demonstrate that our method has outstanding representation and classification capabilities for encrypted malicious traffic.
基金supported by National Key Research and Development Project(No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034)。
文摘With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.
基金Project supported by the Key Area Research and Development Program of Guangdong Province,China(Grant No.2022B0701180001)the National Natural Science Foundation of China(Grant No.61801127)+1 种基金the Science Technology Planning Project of Guangdong Province,China(Grant Nos.2019B010140002 and 2020B111110002)the Guangdong–Hong Kong–Macao Joint Innovation Field Project(Grant No.2021A0505080006).
文摘In the era of big data,the number of images transmitted over the public channel increases exponentially.As a result,it is crucial to devise the efficient and highly secure encryption method to safeguard the sensitive image.In this paper,an improved sine map(ISM)possessing a larger chaotic region,more complex chaotic behavior and greater unpredictability is proposed and extensively tested.Drawing upon the strengths of ISM,we introduce a lightweight symmetric image encryption cryptosystem in wavelet domain(WDLIC).The WDLIC employs selective encryption to strike a satisfactory balance between security and speed.Initially,only the low-frequency-low-frequency component is chosen to encrypt utilizing classic permutation and diffusion.Then leveraging the statistical properties in wavelet domain,Gaussianization operation which opens the minds of encrypting image information in wavelet domain is first proposed and employed to all sub-bands.Simulations and theoretical analysis demonstrate the high speed and the remarkable effectiveness of WDLIC.
基金Project supported by the National Natural Science Foundation of China(Grant No.62061014)the Natural Science Foundation of Liaoning province of China(Grant No.2020-MS-274).
文摘Security during remote transmission has been an important concern for researchers in recent years.In this paper,a hierarchical encryption multi-image encryption scheme for people with different security levels is designed,and a multiimage encryption(MIE)algorithm with row and column confusion and closed-loop bi-directional diffusion is adopted in the paper.While ensuring secure communication of medical image information,people with different security levels have different levels of decryption keys,and differentiated visual effects can be obtained by using the strong sensitivity of chaotic keys.The highest security level can obtain decrypted images without watermarks,and at the same time,patient information and copyright attribution can be verified by obtaining watermark images.The experimental results show that the scheme is sufficiently secure as an MIE scheme with visualized differences and the encryption and decryption efficiency is significantly improved compared to other works.
基金the Research Grants Council of Hong Kong(CityU 21208921)the Chow Sang Sang Group Research Fund Sponsored by Chow Sang Sang Holdings International Ltd.
文摘This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-triggered strategy.Due to the fact that only integers can work in the Pailler cryptosystem,both the real-valued control gain and system state need to be first quantized before encryption.This is dramatically different from the existing quantized control methods,where only the quantization of a single value,e.g.,the control input or the system state,is considered.To handle this issue,static and dynamic quantization policies are presented,which achieve the desired integer conversions and guarantee asymptotic convergence of the quantized system state to the equilibrium.Then,the quantized system state is encrypted and sent to the controller when the triggering condition,specified by a state-based event-triggered strategy,is satisfied.By doing so,not only the security and confidentiality of data transmitted over the communication network are protected,but also the ciphertext expansion phenomenon can be relieved.Additionally,by tactfully designing the quantization sensitivities and triggering error,the proposed event-driven encrypted control framework ensures the asymptotic stability of the overall closedloop system.Finally,a simulation example of the secure motion control for an inverted pendulum cart system is presented to evaluate the effectiveness of the theoretical results.
基金Project supported by the National Natural Science Foundation of China(Grant No.62075241).
文摘Single-pixel imaging(SPI)can transform 2D or 3D image data into 1D light signals,which offers promising prospects for image compression and transmission.However,during data communication these light signals in public channels will easily draw the attention of eavesdroppers.Here,we introduce an efficient encryption method for SPI data transmission that uses the 3D Arnold transformation to directly disrupt 1D single-pixel light signals and utilizes the elliptic curve encryption algorithm for key transmission.This encryption scheme immediately employs Hadamard patterns to illuminate the scene and then utilizes the 3D Arnold transformation to permutate the 1D light signal of single-pixel detection.Then the transformation parameters serve as the secret key,while the security of key exchange is guaranteed by an elliptic curve-based key exchange mechanism.Compared with existing encryption schemes,both computer simulations and optical experiments have been conducted to demonstrate that the proposed technique not only enhances the security of encryption but also eliminates the need for complicated pattern scrambling rules.Additionally,this approach solves the problem of secure key transmission,thus ensuring the security of information and the quality of the decrypted images.
基金supported by the National Natural Science Foundation of China(12204359 and 12174292)the China Postdoctoral Science Foundation(2022TQ0243 and 2022M722448)+1 种基金the Natural Science Foundation of Hubei Province(2022CFB641)the Natural Science Foundation of Jiangsu Province(BK20231210).
文摘With the escalating flow of information and digital communication,information security has become an increasingly important issue.Traditional cryptographic methods are being threatened by advancing progress in computing,while physical encryption methods are favored as a viable and compelling avenue.Metasurfaces,which are known for their extraordinary ability to manipulate optical parameters at the nanoscale,exhibit significant potential for the revolution of optical devices,making them a highly promising candidate for optical encryption applications.Here,a single-sized metasurface with four independent channels is proposed for conducting steganography and multi-key information encryption.More specifically,plaintext is transformed into a ciphertext image,which is encoded into a metasurface,while the decryption key is discretely integrated into another channel within the same metasurface.Two different keys for steganographic image unveiling are also encoded into the metasurface and can be retrieved with different channels and spatial positions.This distributed multi-key encryption approach can enhance security,while strategically distributing images across distinct spatial zones serves as an additional measure to reduce the risk of information leakage.This minimalist designed metasurface,with its advantages of high information density and robust security,holds promise across applications including portable encryption,high-camouflaged image display,and high-density optical storage.
基金Wenzhou Key Scientific and Technological Projects(No.ZG2020031)Wenzhou Polytechnic Research Projects(No.WZY2021002)+3 种基金Key R&D Projects in Zhejiang Province(No.2021C01117)Major Program of Natural Science Foundation of Zhejiang Province(LD22F020002)the Cloud Security Key Technology Research Laboratorythe Researchers Supporting Project Number(RSP2023R509),King Saud University,Riyadh,Saudi Arabia.
文摘With the development of hardware devices and the upgrading of smartphones,a large number of users save privacy-related information in mobile devices,mainly smartphones,which puts forward higher demands on the protection of mobile users’privacy information.At present,mobile user authenticationmethods based on humancomputer interaction have been extensively studied due to their advantages of high precision and non-perception,but there are still shortcomings such as low data collection efficiency,untrustworthy participating nodes,and lack of practicability.To this end,this paper proposes a privacy-enhanced mobile user authentication method with motion sensors,which mainly includes:(1)Construct a smart contract-based private chain and federated learning to improve the data collection efficiency of mobile user authentication,reduce the probability of the model being bypassed by attackers,and reduce the overhead of data centralized processing and the risk of privacy leakage;(2)Use certificateless encryption to realize the authentication of the device to ensure the credibility of the client nodes participating in the calculation;(3)Combine Variational Mode Decomposition(VMD)and Long Short-TermMemory(LSTM)to analyze and model the motion sensor data of mobile devices to improve the accuracy of model certification.The experimental results on the real environment dataset of 1513 people show that themethod proposed in this paper can effectively resist poisoning attacks while ensuring the accuracy and efficiency of mobile user authentication.
基金Project supported by the Shandong Province Natural Science Foundation(Grant Nos.ZR2023MF089,R2023QF036,and ZR2021MF073)the Industry-University-Research Collaborative Innovation Fund Project of Qilu University of Technology(Shandong Academy of Sciences)(Grant Nos.2021CXY-13 and 2021CXY-14)+2 种基金the Major Scientific and Technological Innovation Projects of Shandong Province(Grant No.2020CXGC010901)the Talent Research Project of Qilu University of Technology(Shandong Academy of Sciences)(Grant No.2023RCKY054)the Basic Research Projects of Science,Education and Industry Integration Pilot Project of Qilu University of Technology(Shandong Academy of Sciences)(Grant No.2023PX081)。
文摘With the rapid development of internet technology,security protection of information has become more and more prominent,especially information encryption.Considering the great advantages of chaotic encryption,we propose a 2D-lag complex logistic map with complex parameters(2D-LCLMCP)and corresponding encryption schemes.Firstly,we present the model of the 2D-LCLMCP and analyze its chaotic properties and system stability through fixed points,Lyapunov exponent,bifurcation diagram,phase diagram,etc.Secondly,a block cipher algorithm based on the 2D-LCLMCP is proposed,the plaintext data is preprocessed using a pseudorandom sequence generated by the 2D-LCLMCP.Based on the generalized Feistel cipher structure,a round function F is constructed using dynamic S-box and DNA encoding rules as the core of the block cipher algorithm.The generalized Feistel cipher structure consists of two F functions,four XOR operations,and one permutation operation per round.The symmetric dynamic round keys that change with the plaintext are generated by the 2D-LCLMCP.Finally,experimental simulation and performance analysis tests are conducted.The results show that the block cipher algorithm has low complexit,good diffusion and a large key space.When the block length is 64 bits,only six rounds of encryption are required to provide sufficient security and robustness against cryptographic attacks.
文摘A novel self-recoverable mechanoluminescent phosphor Ca_(5)Ga_(6)O_(14)∶Eu^(3+) was developed by the high-tem-perature solid-state reaction method,and its luminescence properties were investigated.Ca_(5)Ga_(6)O_(14)∶Eu^(3+)can produce red mechanoluminescence,and importantly,it shows good repeatability.The mechanoluminescence of Ca_(5)Ga_(6)O_(14)∶Eu^(3+) results from the piezoelectric field generated inside the material under stress,rather than the charge carriers stored in the traps,which can be confirmed by the multiple cycles of mechanoluminescence tests and heat treatment tests.The mechanoluminescence color can be turned from red to green by co-doping varied concentrations of Tb^(3+),which may be meaningful for encrypted letter writing.The encryption scheme for secure communication was devised by harnessing mechanoluminescence patterns in diverse shapes and ASCII codes,which shows good encryption performance.The results suggest that the mechanoluminescence phosphor Ca_(5)Ga_(6)O_(14)∶Eu^(3+),Tb^(3+)may be applied to the optical information encryption.
基金National Natural Science Foundation of China,Grant/Award Numbers:62063004,62350410483Key Research and Development Project of Hainan Province,Grant/Award Number:ZDYF2021SHFZ093Zhejiang Provincial Postdoctoral Science Foundation,Grant/Award Number:ZJ2021028。
文摘In the intricate network environment,the secure transmission of medical images faces challenges such as information leakage and malicious tampering,significantly impacting the accuracy of disease diagnoses by medical professionals.To address this problem,the authors propose a robust feature watermarking algorithm for encrypted medical images based on multi-stage discrete wavelet transform(DWT),Daisy descriptor,and discrete cosine transform(DCT).The algorithm initially encrypts the original medical image through DWT-DCT and Logistic mapping.Subsequently,a 3-stage DWT transformation is applied to the encrypted medical image,with the centre point of the LL3 sub-band within its low-frequency component serving as the sampling point.The Daisy descriptor matrix for this point is then computed.Finally,a DCT transformation is performed on the Daisy descriptor matrix,and the low-frequency portion is processed using the perceptual hashing algorithm to generate a 32-bit binary feature vector for the medical image.This scheme utilises cryptographic knowledge and zero-watermarking technique to embed watermarks without modifying medical images and can extract the watermark from test images without the original image,which meets the basic re-quirements of medical image watermarking.The embedding and extraction of water-marks are accomplished in a mere 0.160 and 0.411s,respectively,with minimal computational overhead.Simulation results demonstrate the robustness of the algorithm against both conventional attacks and geometric attacks,with a notable performance in resisting rotation attacks.