为有效改善多图像加密质量及其对数据传输的安全性,提出一种基于超混沌系统的多权限多图像加密算法.首先,将L幅明文图像分别进行分段线性混沌映射(piece-wise linear chaotic map,PWLCM)的双层交叉耦合操作,并通过异或进行合并得到类噪...为有效改善多图像加密质量及其对数据传输的安全性,提出一种基于超混沌系统的多权限多图像加密算法.首先,将L幅明文图像分别进行分段线性混沌映射(piece-wise linear chaotic map,PWLCM)的双层交叉耦合操作,并通过异或进行合并得到类噪声图像;接着,采用最低有效位嵌入算法将类噪声图像嵌入到第L+1幅明文图像信息中,得到半加密图像;最后,通过结合一维的cubic映射和一维帐篷映射,产生一个二维cubic-帐篷混沌映射(two-dimensional cubic-tent modular map,2D-CTMM),利用其对半加密图像扩散后进行双层阶梯置乱,得到密文图像.实验结果表明:所提方法对明文以及密钥十分敏感,密钥空间大,可以有效抵御统计攻击和差分攻击,并且该算法在保证安全性的前提下,实现了用户多权限解密以及用户部分解密工作.展开更多
To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm...To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm is not static and uniform.For each encryption,this algorithm is adaptively and dynamically selected from the algorithm set in the mobile phone encryption system.From the mobile phone's character,the detail encryption algorithm selection strategy is confirmed based on the user's mobile phone hardware information,personalization information and a pseudo-random number.Secondly,the data is rearranged with a randomly selected start position in the data before being encrypted.The start position's randomness makes the mobile phone data encryption safer.Thirdly,the rearranged data is encrypted by the selected algorithm and generated key.Finally,the analysis shows this method possesses the higher security because the more dynamics and randomness are adaptively added into the encryption process.展开更多
To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption...To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)scheme in the 5G D2D environment is proposed.On the basis of the ciphertext policy attribute-based encryption algorithm,fine-grained access control and secure attribute revocation are realized,and the confidentiality of data is guaranteed.A polynomial function is adopted in the ciphertext generation phase to realize dynamic user management.A random number is used to prevent a collusion attack among the legitimate user equipment(UE),revoked UE,and external network attackers.Finally,on the basis of the Diffie-Hellman problem,the NDA-CP-ABE scheme is formally proved,and the simulation performances are compared with those of similar schemes.The results show that data can be securely shared through a D2D channel with secure attribute revocation,anti-collusion,and dynamic user management.Moreover,compared with similar schemes,the NDA-CP-ABE scheme has higher efficiency in encryption,decryption,and storage.展开更多
Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from t...Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.展开更多
文摘To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm is not static and uniform.For each encryption,this algorithm is adaptively and dynamically selected from the algorithm set in the mobile phone encryption system.From the mobile phone's character,the detail encryption algorithm selection strategy is confirmed based on the user's mobile phone hardware information,personalization information and a pseudo-random number.Secondly,the data is rearranged with a randomly selected start position in the data before being encrypted.The start position's randomness makes the mobile phone data encryption safer.Thirdly,the rearranged data is encrypted by the selected algorithm and generated key.Finally,the analysis shows this method possesses the higher security because the more dynamics and randomness are adaptively added into the encryption process.
基金The National Natural Science Foundation of China(No.61372103)the Natural Science Foundation of Jiangsu Province(No.SBK2020020282)+1 种基金the Program of Key Laboratory of Information Network Security of the Ministry of Public Security(No.C19607)the Program of Key Laboratory of Computer Network Technology of Jiangsu Province.
文摘To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)scheme in the 5G D2D environment is proposed.On the basis of the ciphertext policy attribute-based encryption algorithm,fine-grained access control and secure attribute revocation are realized,and the confidentiality of data is guaranteed.A polynomial function is adopted in the ciphertext generation phase to realize dynamic user management.A random number is used to prevent a collusion attack among the legitimate user equipment(UE),revoked UE,and external network attackers.Finally,on the basis of the Diffie-Hellman problem,the NDA-CP-ABE scheme is formally proved,and the simulation performances are compared with those of similar schemes.The results show that data can be securely shared through a D2D channel with secure attribute revocation,anti-collusion,and dynamic user management.Moreover,compared with similar schemes,the NDA-CP-ABE scheme has higher efficiency in encryption,decryption,and storage.
基金Project partly supported by the Ministry of Higher Education of Malaysia under Grant LRGS/TD/2011/UKM/ICT/02
文摘Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.
