Search Results (86)

In recent years, Electronic Medical Record (EMR) sharing has played an indispensable role in optimizing clinical treatment plans, advancing medical research in biomedical science. However, existing EMR management schemes often face security risks and suffer from inefficient search performance. To address these issues, this paper proposes a secure EMR sharing scheme based on blockchain and searchable encryption. This scheme implements a decentralized management system with enhanced security and operational efficiency. Considering the scenario of EMRs requiring confirmation of multiple doctors to improve safety, the proposed solution leverages Shamir’s Secret Sharing to enable multi-party authorization, thereby enhancing privacy protection. Meanwhile, the scheme utilizes Bloom filter and vector operation to achieve efficient data search. The proposed method maintains rigorous EMR protection while improving the search efficiency of EMRs. Experimental results demonstrate that, compared to existing methodologies, the proposed scheme enhances security during EMR sharing processes. It achieves higher efficiency in index generation and trapdoor generation while reducing keyword search time. This scheme provides reliable technical support for the development of intelligent healthcare systems. Full article

Conventional public-key cryptographic systems are increasingly threatened by advances in quantum computing, accelerating the need for robust post-quantum cryptographic solutions. Among these, Falcon, a compact lattice-based digital signature scheme, has emerged as a leading candidate in the NIST post-quantum standardization process due to its efficiency and theoretical security grounded in hard lattice problems. This work introduces Falcon-M, a modified version of the Falcon algorithm that significantly reduces implementation complexity. It does so by replacing Falcon’s intricate trapdoor-based key-generation mechanism with a simplified approach that utilizes randomized polynomial Gaussian sampling and fast Fourier transform (FFT) operations. Falcon-M incorporates SHA-512 hashing and discrete Gaussian sampling to preserve cryptographic soundness and statistical randomness while maintaining the core structure of Falcon’s signing and verification processes. We formally specify the Falcon-M algorithm, provide an updated pseudocode, and offer a comparative analysis with the original Falcon in terms of algorithmic complexity, security assumptions, and implementation overhead. Additionally, we present formal lemmas and theorems to ensure correctness and define theoretical bounds on forgery resistance. Although Falcon-M does not rely on a formal cryptographic trapdoor, we demonstrate that it achieves strong practical security based on assumptions related to the Short Integer Solution (SIS) problem. Falcon-M is thus well-suited for lightweight post-quantum applications, particularly in resource-constrained environments, such as embedded systems and Internet-of-Things (IoT) platforms. Full article

As the Internet of Things (IoT) continues to evolve, the demand for cross-domain collaboration between devices and data sharing has grown significantly. Operations confined to a single trust domain can no longer satisfy this requirement, so cross-domain access to resources is becoming an inevitable trend in the evolution of the IIoT. Due to identity trust issues between different domains, authorized access is required before resources can be shared. However, most existing cross-domain authentication schemes face significant challenges in terms of dynamic membership management, privacy protection, and traceability. These schemes involve complex and inefficient interactions and fail to meet the dynamic and lightweight requirements of the IIoT. To address these issues, we propose a privacy-preserving and traceable cross-domain authentication scheme based on dynamic group signatures that enables efficient authentication. The scheme supports anonymous authentication via succinct proofs and incorporates a trapdoor mechanism to enable group managers to trace and revoke malicious identities. Additionally, our solution supports efficient joining and revoking of members and implements blacklist-based proof of non-membership. We formally prove the security of the proposed scheme. The experimental results demonstrate that the proposed scheme outperforms others in terms of computational cost and revocation overhead. Full article

The blockchain-enabled industrial Internet of Things (IIoT) faces security threats such as quantum computing attacks and privacy disclosure. Targeting these issues, in this study, we design a new lattice-based linkable ring signature (LRS) scheme, which is used to achieve privacy protection for the blockchain-enabled IIoT. Firstly, by using the trapdoor generation algorithm on the lattice and the rejection sampling lemma, we propose a new lattice-based LRS scheme with anti-quantum security and anonymity. Then, we introduce it into blockchain. Through the stealth address and key image technologies, we construct a privacy protection scheme for blockchain in the IIoT, and this LRS scheme protects identity privacy for users through anonymous blockchain. In addition, it also can resist the double spending attack with the linking user’s signature. Lastly, we provide a security analysis, and it is proven that our ring signature scheme satisfies correctness, anonymity, unforgeability and linkability. Compared with other similar schemes, the performance simulation indicates that our scheme’s public key and signature are shorter in size, and its computation overhead and time cost are lower. Consequently, our novel LRS scheme is more secure and practical, which provides privacy protection and anti-quantum security for the blockchain-enabled IIoT. Full article

This article presents the design process for a modern stage trapdoor, which was designed to optimize the work of cultural facilities personnel and increase the attractiveness of future performances and events. Strength calculations for the supporting structure were carried out in the Soldis DESIGNER program, and based on these, a 3D model of the stage trapdoor was designed and placed in the space of the stage chimney. In order to verify and analyze the strength of the structure, the 3D model was prepared for detailed analysis in the Autodesk Inventor program. Tests were carried out for four load cases of the structure for 15 different load values. Information about the maximum value of the deflection arrow and the maximum stress was obtained. Collected data were organized in tables and displayed in line and column charts, based on which conclusions were drawn. These analyses showed a high degree of compliance between calculations from both programs. It was found that in this type of structure, a detailed analysis in 3D CAD programs is not necessary for the proper design of the supporting structure, which allows for simplification of the design process. The designed trapdoor meets all design requirements and can be implemented as a solution to improve the functionality and aesthetics of the stage’s technical equipment. Full article

Blockchain is a decentralized digital ledger that records transactions across a distributed network of computers, enabling secure and transparent operations without requiring trust in a central authority. While initially developed for Bitcoin, blockchain technology now underpins many cryptocurrencies and other applications. It serves as an open trust layer without central reliance and is widely used in cryptocurrencies such as Bitcoin and Ethereum. However, this public and permanent open storage has raised concerns about its potential misuse for illegal trades or the distribution of unwanted content. In EuroS&P 2017, Ateniese et al. introduced the concept of the redactable blockchain, which utilizes the trapdoor collision function provided by chameleon hash to rewrite block contents without causing hashing inconsistencies. Recent research has continued to propose solutions for redactable blockchains, leveraging cryptographic algorithms such as chameleon hash and attribute-based encryption (ABE). Current solutions often employ sophisticated cryptographic schemes, such as ABE, but lack sufficient focus on developing secure and scalable solution for practical use. In this work, we propose the time-verifiable policy-based chameleon hash (TPCH) as a candidate solution for practical redaction to rewrite blockchain contents. Our solution for redactable blockchains enables the verification of whether a redaction was executed at a specific time, thereby offering time-based traceability for dominant algorithms in TPCH. Additionally, it restricts misbehavior or abuse of redaction powers by introducing a new trapdoor finding algorithm, Update, in addition to the adapt algorithm Adapt. We formally introduce TPCH with both black-box and white-box constructions. Our experimental and theoretical analysis demonstrates the feasibility and practicality of the proposed solution. Full article

With the advancement of quantum computing, the utilization of quantum algorithms such as Shor’s algorithm enables the efficient resolution of problems that are intractable in classical computing paradigms, posing a significant threat to traditional signature schemes. Lattice-based cryptography is considered one of the most promising post-quantum cryptographic algorithms due to its computational advantages and potential resistance to quantum attacks. Proxy signature is an authorization mechanism that allows the original signer to delegate the signing power to a proxy. The security of existing proxy signature schemes is mostly based on classical hard problems, which cannot guarantee security under quantum attacks. Therefore, this paper combines lattice-based cryptography with proxy signatures to propose a new lattice-based proxy signature scheme (NLBPS). NLBPS constructs signatures using lattice-based trapdoor sampling algorithms and preimage sampling algorithms. Comparative analysis shows that the proposed scheme has relatively smaller key and signature sizes compared to some existing lattice-based proxy signature schemes, and it also offers a certain improvement in computational efficiency. Full article

With the rapid development of cloud technology, a growing volume of encrypted data is being stored on cloud servers. Public key searchable encryption (PEKS) has emerged as a solution to the challenge of retrieving encrypted data. However, most PEKS schemes are vulnerable to frequency analysis attacks (FAA), which can potentially expose sensitive information. To address this issue, we propose a pairing-free public key searchable encryption scheme that is specifically designed to resist such attacks. Our scheme is built upon the decisional Diffie–Hellman (DDH) assumption, and effectively mitigates the risk of malicious adversaries extracting keyword information through trapdoor search frequencies. The pairing-free nature of our approach not only enhances the security against FAA but also improves the retrieval efficiency compared to traditional PEKS schemes. We formally prove that our scheme satisfies both chosen keyword attack (CKA) security and keyword guessing attack (KGA) security. Additionally, we perform comprehensive theoretical and experimental evaluations to assess the scheme’s efficiency, showcasing its practical applicability in real-world scenarios. Full article

Blockchain technology, characterized by its immutability and decentralization, enables the creation of permanent and tamper-resistant records once data are uploaded, making it widely applicable in scenarios requiring data authenticity and reliability. However, the immutability of on-chain data poses significant security risks, as erroneous or illegal data become difficult to correct or remove once recorded. Editable blockchain technology offers a potential solution for on-chain data modification. Nevertheless, existing approaches face several challenges, including the impact of malicious nodes on the security and efficiency of data modification, excessive centralization in the management of modification rights and trapdoor keys, and cumulative issues in reputation-based traditional node grouping methods. To address these challenges, this study proposes an RE-TNG (Reputation Evaluation-Twice Node Grouping) node selection method and an editable blockchain scheme based on it. The RE-TNG method employs a two-stage grouping process following reputation-based node ranking. The first grouping stage uses a Fibonacci sequence-based rule to mitigate the issue of cumulative reputation values over time. The second grouping stage selects high-reputation nodes within groups to ensure the trustworthiness of selected nodes. Trapdoor keys are collaboratively generated by the high-reputation node group, achieving decentralized trapdoor management. Modification nodes are randomly chosen from the high-reputation group, ensuring both integrity and decentralization in modification authority. Comparative analyses and experimental evaluations against traditional random node selection and grouping methods demonstrate the feasibility of the proposed scheme, showcasing a superior performance in terms of security and modification efficiency. Full article

With the increasing emphasis on safeguarding maritime sovereignty and developing marine resources, the security of underwater acoustic communication has risen to a new level of importance. Given the complex environmental challenges faced by underwater acoustic channels, this paper proposes an NTRU-based key encapsulation scheme designed to ensure secure and reliable underwater data transmission, while maintaining privacy and integrity. In the public–private key pair generation phase, a ring sampling technique is employed to generate a compact NTRU trapdoor, which not only guarantees security but also effectively reduces the communication overhead. During the encapsulation phase, underwater acoustic channel characteristics during communication are introduced as temporary identity information to ensure the confidentiality and reliability of the key encapsulation mechanism. Furthermore, the traditional key encapsulation mechanism is extended by integrating a digital signature process, where the encapsulated ciphertext is signed. The use of digital signature technology verifies the authenticity and integrity of the transmitted data, ensuring that communication data remain secure and unaltered in complex underwater acoustic environments. Finally, we conduct a rigorous correctness analysis and security proofs, demonstrating that the proposed scheme achieves chosen ciphertext security, while meeting the demands of low bandwidth and limited computational capacity in underwater acoustic communication. Full article

The lattice-based multi-identity fully homomorphic encryption scheme combines the quantum security of lattice cryptography with the advantage of identity-based encryption. However, existing schemes face challenges such as large key sizes, inefficient ciphertext expansion processes, and reliance on outdated trapdoor designs, limiting their compactness and practicality. In this study, we propose a novel Compact Multi-Identity Fully Homomorphic Encryption Scheme (WZ-MIBFHE) that eliminates the need for fresh ciphertexts during expansion. First, we construct a compact identity-based encryption scheme by combining the YJW23 trapdoor and ABB10 under the standard model, proving its IND-sID-CPA security. The scheme is then adapted to ensure correctness and security when integrated with the decomposition method for ciphertext expansion. This adaptation also utilizes approximation errors to reduce overall noise. Finally, we expand the modified IBE scheme’s ciphertext using the decomposition method to construct the WZ-MIBFHE scheme. Compared to existing methods, WZ-MIBFHE reduces the lattice dimension to $nlogq+{log}_{b}q$, improves public and private key sizes, and significantly lowers ciphertext expansion rates by removing the need for fresh ciphertexts. These improvements enhance both the compactness and efficiency of the scheme, making it a promising solution for multi-identity homomorphic encryption. Full article

Searchable encryption (SE) allows users to efficiently retrieve data from encrypted cloud data, but most of the existing SE solutions only support precise keyword search. Fuzzy searchable encryption agrees with practical situations well in the cloud environment, as search keywords that are misspelled to some extent can still generate search trapdoors that are as effective as correct keywords. In scenarios where multiple users can search for ciphertext, most fuzzy searchable encryption schemes ignore the security issues associated with malicious cloud services and are inflexible in multi-user scenarios. For example, in medical application scenarios where malicious cloud servers may exist, diverse types of files need to correspond to doctors in the corresponding departments, and there is a lack of fine-grained access control for sharing decryption keys for different types of files. In the application of medical cloud storage, malicious cloud servers may return incorrect ciphertext files. Since diverse types of files need to be guaranteed to be accessible by doctors in the corresponding departments, sharing decryption keys with the corresponding doctors for different types of files is an issue. To solve these problems, a verifiable fuzzy searchable encryption with blockchain-assisted multi-user scenarios is proposed. Locality-sensitive hashing and bloom filters are used to realize multi-keyword fuzzy search, and the bigram segmentation algorithm is optimized for keyword conversion to improve search accuracy. To realize fine-grained access control in multi-user scenarios, ciphertext-policy attribute-based encryption (CP-ABE) is used to distribute the shared keys. In response to the possibility of malicious servers tampering with or falsifying users’ search results, the scheme leverages the blockchain’s technical features of decentralization, non-tamperability, and traceability, and uses smart contracts as a trusted third party to carry out the search work, which not only prevents keyword-guessing attacks within the cloud server, but also solves the verification work of search results. The security analysis leads to the conclusion that the scheme is secure under the adaptively chosen-keyword attack. Full article

The RSA cryptosystem has been a cornerstone of modern public key infrastructure; however, recent advancements in quantum computing and theoretical mathematics pose significant risks to its security. The advent of fully operational quantum computers could enable the execution of Shor’s algorithm, which efficiently factors large integers and undermines the security of RSA and other cryptographic systems reliant on discrete logarithms. While Grover’s algorithm presents a comparatively lesser threat to symmetric encryption, it still accelerates key search processes, creating potential vulnerabilities. In light of these challenges, there has been an intensified focus on developing quantum-resistant cryptography. Current research is exploring cryptographic techniques based on error-correcting codes, lattice structures, and multivariate public key systems, all of which leverage the complexity of NP-hard problems, such as solving multivariate quadratic equations, to ensure security in a post-quantum landscape. This paper reviews the latest advancements in quantum-resistant encryption methods, with particular attention to the development of robust trapdoor functions. It also provides a detailed analysis of prominent multivariate cryptosystems, including the Matsumoto–Imai, Oil and Vinegar, and Polly Cracker schemes, alongside recent progress in lattice-based systems such as Kyber and Crystals-DILITHIUM, which are currently under evaluation by NIST for potential standardization. As the capabilities of quantum computing continue to expand, the need for innovative cryptographic solutions to secure digital communications becomes increasingly critical. Full article

Host rock deformation associated with sill emplacement is used to constrain magma transfer and storage within the upper crust. In contrast to classic models suggesting that the host rock above mafic sills is dominated by elastic bending, recent studies show that bounding faults that limit the uplift area can occur at the peripheries of a mafic sill. However, the accurate dip of this type of fault, named peripheral faults here, is still not well constrained. Their origin is also controversial in some cases. In this study, kinematic modeling and limit analysis are performed to better constrain the structure and mechanical properties of the peripheral faults based on seismic interpretation of a mafic sill from the Tarim Basin, China. The trishear kinematic model successfully reproduces peripheral faulting and associated folding of the host rock by performing a displacement of 58 m on a vertical fault plane with a fault propagation (P) to fault slip (S) ratio of 2.5. The limit analysis also predicts vertical damage at the sill tip by sill inflation. These results suggest that the dip angle of the fault in the case study is 90°, which is more accurate than that from the seismic interpretation with an 88° inward dip. This value may vary in other cases as it depends on the sill geometry (such as diameter and inclination), thickness, depth, and mechanical properties of the host rock. The study supports that peripheral faulting and associated folding can occur at the tips of the mafic sill due to the vertical uplift of the host rock caused by sill inflation. It is also suggested that trishear kinematic modeling and limit analysis are effective methods for studying the geometry of peripheral faults. Full article

With quantum computers, the quantum resistance of cryptographic systems has gradually attracted attention. To overcome the shortcoming of existing identity-based encryption (IBE) schemes in resisting quantum attacks, we introduce an IBE scheme based on learning with errors (LWE). In addition, devices with limited computing power are becoming increasingly common in practice, making it increasingly important to improve the efficiency of online computation of encryption algorithms. The classic solution is to directly improve the efficiency of the Gaussian sampling algorithm, thereby increasing the overall efficiency of the scheme. However, our scheme combines the efficient Gaussian sampling algorithm, $\mathbf{G}$-trapdoor, with online/offline method to further improve the online encryption efficiency of the encryption algorithm. Our scheme completes partial computation before knowing the message and receiver’s identity, and once the message and receiver’s identity are obtained, the online part encryption can be efficiently completed. We construct an identity-based online/offline encryption (IBOOE) scheme from LWE with $\mathbf{G}$-trapdoor, improve the efficiency of online encryption while achieving quantum resistant security. We prove the scheme’s security under the standard model for chosen-plaintext attack (CPA). By comparing with relevant schemes in terms of experiments and analysis, our scheme has improved efficiency by 65% to 80% compared to the classical LWE IBE scheme (increasing with LWE security parameters), and by 60% to 70% compared to the recent IBE scheme from LWE. This greatly improves the efficiency of online computing for low-power encryption devices while ensuring security. Full article