Message-locked Encryption (MLE) is the most common approach used in encrypted deduplication systems. However, the systems based on MLE are vulnerable to frequency analysis attacks, because MLE encrypts the identical plaintexts into the identical ciphertexts, which is deterministic. The state-of-theart defense scheme, which named TED, lacks key verification and uses a single key server to record frequency information. Once the key server is compromised, TED will be vulnerable to brute-force attacks. In addition, TED’s key generation algorithm needs to be designed more exquisitely to strengthen protection, and its security indicator is not comprehensive. We propose SDAF, which supports key verification and enhanced protection against frequency analysis attacks. Based on chameleon hash, SDAF realizes key verification to prevent malicious key servers from generating fake encryption keys. In order to disturb the frequency information, SDAF introduces reservoir sample to generate uniformly distributed encryption keys, and uses multiple key servers, which interact with each other via multi-party PSI and rotate spontaneously to avoid the single point of failure. Moreover, a new indicator Kurtosis is pointed out to evaluate the security against frequency analysis attacks. We implement the prototypes of SDAF. The experiments of the real-world data sets show that, compared with the existing schemes, SDAF can better resist frequency analysis attacks with lower time overheads.

E-voting plays a vital role in guaranteeing and promoting social fairness and democracy. However, traditional e-voting schemes rely on a centralized organization, leading to a crisis of trust in the vote-counting results. In response to this problem, researchers have introduced blockchain to realize decentralized e-voting, but the adoption of blockchain also brings new issues in terms of flexibility, anonymity, and usability. To this end, in this paper, we propose WeVoting, which provides weightbased flexibility with solid anonymity and enhances usability by designing a voter-independent on-chain counting mechanism. Specifically, we use distributed ElGamal homomorphic encryption and zero-knowledge proof to achieve voting anonymity with weight. Besides, WeVoting develops a counter-based counting mechanism to enhance usability compared with those self-tallying schemes. By critically designing an honesty-and-activity-based incentive algorithm, WeVoting can guarantee a correct counting result even in the presence of malicious counters. Our security and performance analyses elaborate that WeVoting achieves high anonymity in weighed voting under the premise of meeting the basic security requirements of e-voting. And meanwhile, its counting mechanism is sufficient for practical demands with reasonable overheads.

Cloud computing has been widely used because of its low price, high reliability, and generality of services. However, considering that cloud computing transactions between users and service providers are usually asynchronous, data privacy involving users and service providers may lead to a crisis of trust, which in turn hinders the expansion of cloud computing applications. In this paper, we propose DPP, a data privacypreserving cloud computing scheme based on homomorphic encryption, which achieves correctness, compatibility, and security. DPP implements data privacy-preserving by introducing homomorphic encryption. To verify the security of DPP, we instantiate DPP based on the Paillier homomorphic encryption scheme and evaluate the performance. The experiment results show that the time-consuming of the key steps in the DPP scheme is reasonable and acceptable.

Fraud detection is an integral part of financial security monitoring tool; however, the traditional fraud detection method cannot detect the existing malicious fraud, and the clouds will produce data revealing that the risk of fraud detection system can not protect the privacy of detected object, so the fraud detection data privacy security becomes a significant problem,Homomorphic encryption as a demonstrable cryptography cloud privacy computing outsourcing scheme can ensure that cloud computing can perform ciphertext polynomial calculation under the dense state data without direct contact with the accurate data of users, so as to ensure data privacy security. Aiming at the data privacy security problems in the process of fraud detection, this paper combined homomorphic encryption and Logistic regression fraud detection technology to study the Logistic regression fraud detection algorithm under homomorphic ciphertext and constructed a cloud privacy fraud detection method based on customer service and cloud computing services. CKKS encryption scheme is used to encrypt the fraud data set and realize the Logistic regression fraud detection algorithm under ciphertext. The experiment proves that the difference between the fraud detection accuracy on ciphertext and plaintext is less than 3\%. Under the condition of ensuring the privacy of sensitive data to be detected, the effect of the fraud detection model is not affected.

Cloud computing performs a significant part in sharing resources and data with other devices via data outsourcing. The data collaboration services, as a potential service given by the cloud service provider (CSP), is to assist the consistency and availability of the shared data amongst users. At the time of sharing resources, it is a complicated process for providing secure writing and access control operations. This study develops a Privacy Preserving Encryption with Optimal Key Generation Technique (PPE-OKGT) for CC environment. The presented PPE-OKGT technique secures the data prior to storing in the cloud sever via encryption process. For accomplishing this, the presented PPE-OKGT technique employs data encryption technology to secure the input data into a hidden format. Besides, in order to improve secrecy, the presented PPE-OKGT technique designs a chaotic search and rescue optimization (CSRO) algorithm for optimal generation of keys. The promising performance of the PPE-OKGT technique can be verified using a set of experimentations. A comprehensive comparison study reported the enhancements of the PPE-OKGT technique over other models.

From financial transactions to digital voting systems, identity management, and asset monitoring, blockchain technology is increasingly being developed for use in a wide range of applications. The problem of security and privacy in the blockchain ecosystem, which is now a hot topic in the blockchain community, is discussed in this study. The survey’s goal was to investigate this issue by considering several sorts of assaults on the blockchain network in relation to the algorithms offered. Following a preliminary literature assessment, it appears that some attention has been paid to the first use case; however the second use case, to the best of my knowledge, deserves more attention when blockchain is used to investigate it. However, due to the subsequent government mandated secrecy around the implementation of DES, and the distrust of the academic community because of this, a movement was spawned that put a premium on individual privacy and decentralized control. This movement brought together the top minds in encryption and spawned the technology we know of as blockchain today. This survey paper also explores the genesis of encryption, its early adoption, and the government meddling which eventually spawned a movement which gave birth to the ideas behind blockchain. It also closes with a demonstration of blockchain technology used in a novel way to refactor the traditional design paradigms of databases.

The incredible speed with which Information Technology (IT) has evolved in recent decades has brought about a major change in people s daily lives and in practically all areas of knowledge. The diversification of means of access using mobile devices, the evolution of technologies such as virtualization, added to a growing demand from users for new systems and services adapted to these new market trends, were the fuel for the emergence of a new paradigm, Cloud Computing. The general objective of this paper is to enable the offer of privacy preservation system provided by third parties through which Cloud Data Storage Services customers can continuously monitor the integrity of their files.

Quantum Computing Security 2022 - Recent advances in quantum computing have highlighted the vulnerabilities in contemporary RSA encryption. Shor’s approach for factoring numbers is becoming more tractable as quantum computing advances. This jeopardizes the security of any cryptographic system that is based on the complexity of factorisation. Many other crypto-systems based on theories like Elliptic Curve Cryptography are also vulnerable. To keep a cryptographic system safe against a quantum adversary, we must develop approaches based on a hard mathematical problem that is not vulnerable to quantum computer attacks, and we must develop Post Quantum Cryptography (PQC). One potential option is the use of lattices in a system called ring Learning with Errors (rLWE). Several techniques for postquantum encryption have been submitted to NIST. This paper studies the different speeds of different lattice-based protocols.

Quantum Computing Security 2022 - With the continuous development of Internet of Things (IoT) technology, information and communication technology is also progressing rapidly, among which quantum computer secrecy communication scheme is a new type of cryptographic lock system. It uses both traditional security software encryption algorithms and classical cryptographic systems to achieve a series of operations such as secret storage, transmission and restoration of data. This paper introduces the principle of quantum key distribution and its applications from the physical level; then analyses its security problems and the corresponding research status and proposes improvement methods and measures; finally, with the goal of "bit-based computing information security", a new type of secure communication scheme is designed.

Quantum Computing Security 2022 - At present, the mature application of computer network and digitized information are increasingly popular, people s ability to crack encryption algorithms, and the traditional key system cannot guarantee the absolute security of the information system. This paper, on the data encryption of big data, data integrity and data disaster backup technology and quantum communication security of quantum key distribution, direct communication and quantum secret security sharing technology, proposed a quantum security computing route model based on the management condition of data authentication center. Based on the route model, this paper studies the image encryption technology of the linear model of quantum security computing from different technical perspectives to ensure the security of image information.

QR Codes 2022 - In order to enhance the security of the watermark and to ensure the stability of the algorithm against attacks and the concealment of the watermark, a NSCT-DWTSVD composite digital watermarking algorithm based on QR code is proposed. First, QR code encoding is conducted on the original watermark image to generate a QR code watermark image. In order to ensure the security of the watermark information, Arnold scrambling and encryption is performed on the QR code watermark information. Second, the original Lena image is carried out NSCT transform. The low frequency part that stores more information are selected for DWT. Then the low-frequency images with strong image resistance are performed SVD. The encrypted watermark information are embedded into the decomposed singular values. Through the experimental verification of the algorithm, the algorithm has strong concealment and strong resistance to conventional attacks on the basis of ensuring the security of watermarking. Especially for the rotation attack and JPEG compression attack, the NC values are above 0.92 and 1, respectively.

Protocol Verification - Symbolic protocol verification generally abstracts probabilities away, considering computations that succeed only with negligible probability, such as guessing random numbers or breaking an encryption scheme, as impossible. This abstraction, sometimes referred to as the perfect cryptography assumption, has shown very useful as it simplifies automation of the analysis. However, probabilities may also appear in the control flow where they are generally not negligible. In this paper we consider a framework for symbolic protocol analysis with a probabilistic choice operator: the probabilistic applied pi calculus. We define and explore the relationships between several behavioral equivalences. In particular we show the need for randomized schedulers and exhibit a counterexample to a result in a previous work that relied on nonrandomized ones. As in other frameworks that mix both non-deterministic and probabilistic choices, schedulers may sometimes be unrealistically powerful. We therefore consider two subclasses of processes that avoid this problem. In particular, when considering purely non-deterministic protocols, as is done in classical symbolic verification, we show that a probabilistic adversary has—maybe surprisingly—a strictly superior distinguishing power for may testing, which, when the number of sessions is bounded, we show to coincide with purely possibilistic similarity.

Protocol Verification - Attribute-based encryption (ABE) is an extension scheme of identity-based encryption and public-key encryption. It can achieve fine-grained access control and one-to-many encryption mode, suitable for practical applications. In addition to mathematical proofs, it is essential to verify its security properties using different protocols. This paper proposes two key exchange protocols to securely exchange the user secret keys in ABE. ProVerif is an automated cryptographic protocol verifier that we have used during protocol verification. We specifically aim to protect the confidentiality of the generated keys. The proposed protocols are formally analysed and their security property has been formally proved.

Privacy Policies - The motive behind this research paper is to outline recently introduced social media encryption policies and the impact that they will have on user privacy. With close to no Data Protection Laws in the country, all social media platforms pose a threat to one’s privacy. The various new privacy policies that have been put in place across different social media platforms, tend to take away the user’s choice on whether they want their data shared with other social media apps or no. Seeing how WhatsApp, Facebook and Instagram are all Facebook owned, any data shared across one platform crosses over with the database of another, regardless of whether you have an account or not, completely taking away from the concept of consensual sharing of data. This paper will further discuss how the nature of encryption in India will significantly affect India’s newly recognised fundamental right, the Right to Privacy. Various policy developments bring in various user violation concerns and that will be the focus of this research paper.

Outsourced Database Security - The growing power of cloud computing prompts data owners to outsource their databases to the cloud. In order to meet the demand of multi-dimensional data processing in big data era, multi-dimensional range queries, especially over cloud platform, have received extensive attention in recent years. However, since the third-party clouds are not fully trusted, it is popular for the data owners to encrypt sensitive data before outsourcing. It promotes the research of encrypted data retrieval. Nevertheless, most existing works suffer from single-dimensional privacy leakage which would severely put the data at risk. Up to now, although a few existing solutions have been proposed to handle the problem of single-dimensional privacy, they are unsuitable in some practical scenarios due to inefficiency, inaccuracy, and lack of support for diverse data. Aiming at these issues, this paper mainly focuses on the secure range query over encrypted data. We first propose an efficient and private range query scheme for encrypted data based on homomorphic encryption, which can effectively protect data privacy. By using the dualserver model as the framework of the system, we not only achieve multi-dimensional privacy-preserving range query but also innovatively realize similarity search based on MinHash over ciphertext domains. Then we perform formal security analysis and evaluate our scheme on real datasets. The result shows that our proposed scheme is efficient and privacy-preserving. Moreover, we apply our scheme to a shopping website. The low latency demonstrates that our proposed scheme is practical.

Outsourced Database Security - Dynamic Spectrum Access (DSA) paradigm enabled through Cognitive Radio (CR) appliances is extremely well suited to solve the spectrum shortage problem. Crowd-sensing has been effectively used for dynamic spectrum access sensing by leveraging the power of the masses. Specifically in the DSA context, crowd-sensing allows end users to query a DSA database which is updated through crowd-sensing workers. Despite recent research proposals that address the privacy and confidentiality concerns of the querying user and crowd-sensing workers, personalized privacy-preserving database updates through crowdsensing workers remains an open problem. To this end we propose a personalized privacy-preserving database update scheme for the crowd-sensing model based on lightweight homomorphic encryption. We provide substantial experiments based on reallife mobility data sets which show that the proposed protocol provides realistic efficiency and security.

Outsourced Database Security - With the rapid development of information technology, it becomes more and more popular for the use of electronic information systems in medical institutions. To protect the confidentiality of private EHRs, attribute-based encryption (ABE) schemes that can provide one-to-many encryption are often used as a solution. At the same time, blockchain technology makes it possible to build distributed databases without relying on trusted third-party institutions. This paper proposes a secure and efficient attribute-based encryption with outsourced decryption scheme based on blockchain, which can realize flexible and fine-grained access control and further improve the security of blockchain data sharing.

Outsourced Database Security - Efficient sequencing methods produce a large amount of genetic data, and make it accessible to researchers. This leads genomics to be considered a legitimate big data field. Hence, outsourcing data to the cloud is necessary as the genomic dataset is large. Data owners encrypt sensitive data before outsourcing to maintain data confidentiality and outsourcing aids data owners in resolving the issue of local storage management. Because genomic data is so enormous, safely and effectively performing researchers’ queries is challenging. In this paper, we propose a method, PRESSGenDB, for securely performing string and substring searches on the encrypted genomic sequences dataset. We leverage searchable symmetric encryption (SSE) and design a new method to handle these queries. In comparison to the state-of-the-art methods, PRESSGenDB supports various types of queries over genomic sequences such as string search and substring searches with and without a given requested start position. Moreover, it supports strings of alphabets as sequences rather than just a binary sequence of 0, 1s. It can search for substrings (patterns) over a whole dataset of genomic sequences rather than just one sequence. Furthermore, by comparing PRESSGenDB’s search complexity analytically with the state-ofthe-art, we show that it outperforms the recent efficient works.

Outsourced Database Security - Verifiable Dynamic Searchable Symmetric Encryption (VDSSE) enables users to securely outsource databases (document sets) to cloud servers and perform searches and updates. The verifiability property prevents users from accepting incorrect search results returned by a malicious server. However, we discover that the community currently only focuses on preventing malicious behavior from the server but ignores incorrect updates from the client, which are very likely to happen since there is no record on the client to check. Indeed most existing VDSSE schemes are not sufficient to tolerate incorrect updates from the client. For instance, deleting a nonexistent keyword-identifier pair can break their correctness and soundness.

Operating Systems Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

Neural Network Security - With the rapid development of computer networks and information technology today, people are more inclined to use network systems to achieve various data exchanges. Alibaba, Tencent and other companies virtual payment has become the mainstream payment method. Due to the globalization and openness of the network, anyone can freely enter and exit, which brings huge hidden dangers to NS(network security). NS has become an important issue that we have to face. Once important information is stolen, it is likely to cause very large losses to individuals and even the society. This article mainly studies the computer NS encryption technology of neural network. First of all, the current situation of computer NS is comprehensively reflected from the two aspects of domestic Internet users and NS penetration rate in recent years. By 2020, the number of Chinese residents using the Internet has reached 1.034 billion, and 77.3\% of Internet users are generally aware of NS. Secondly, it analyzes the effect of NN(neural network) on computer NS encryption technology. The results show that the use of NN in computer encryption technology not only helps to improve security and convenience, but also prevents the secondary transmission of data and prevents related information leakage.

Network Control Systems Security - Machine tool is known as the mother of industry. CNC machine tool is the embodiment of modern automatic control productivity. In the context of the rapid development of the industrial Internet, a large number of equipment and systems are interconnected through the industrial Internet, realizing the flexible adaptation from the supply side to the demand side. As the a typical core system of industrial Internet, CNC system is facing the threat of industrial virus and network attack. The problem of information security is becoming more and more prominent. This paper analyzes the security risks of the existing CNC system from the aspects of terminal security, data security and network security. By comprehensively using the technologies of data encryption, identity authentication, digital signature, access control, secure communication and key management, this paper puts forward a targeted security protection and management scheme, which effectively strengthens the overall security protection ability.

Network Control Systems Security - Plaintext transmission is the major way of communication in the existing security and stability control (SSC) system of power grid. Such type of communication is easy to be invaded, camouflaged and hijacked by a third party, leading to a serious threat to the safe and stable operation of power system. Focusing on the communication security in SSC system, the authors use asymmetric encryption algorithm to encrypt communication messages, to generate random numbers through random noise of electrical quantities, and then use them to generate key pairs needed for encryption, at the same time put forward a set of key management mechanism for engineering application. In addition, the field engineering test is performed to verify that the proposed encryption method and management mechanism can effectively improve the communication in SSC system while ensuring the high-speed and reliable communication.

Network on Chip Security - In recent times, Network-on-Chip (NoC) has become state of the art for communication in Multiprocessor Systemon-Chip due to the existing scalability issues in this area. However, these systems are exposed to security threats such as extraction of secret information. Therefore, the need for secure communication arises in such environments. In this work, we present a communication protocol based on authenticated encryption with recovery mechanisms to establish secure end-to-end communication between the NoC nodes. In addition, a selected key agreement approach required for secure communication is implemented. The security functionality is located in the network adapter of each processing element. If data is tampered with or deleted during transmission, recovery mechanisms ensure that the corrupted data is retransmitted by the network adapter without the need of interference from the processing element. We simulated and implemented the complete system with SystemC TLM using the NoC simulation platform PANACA. Our results show that we can keep a high rate of correctly transmitted information even when attackers infiltrated the NoC system.