ISSN 1000-1239 CN 11-1777/TP


    Default Latest Most Read
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Journal of Computer Research and Development    2017, 54 (10): 2103-2106.  
    Abstract1020)   HTML10)    PDF (913KB)(690)       Save
    Related Articles | Metrics
    Research Advances on Secure Searchable Encryption
    Dong Xiaolei, Zhou Jun, Cao Zhenfu
    Journal of Computer Research and Development    2017, 54 (10): 2107-2120.   DOI: 10.7544/issn1000-1239.2017.20170627
    Abstract2437)   HTML32)    PDF (2525KB)(1319)       Save
    With the development of big data and cloud computing, the issue of secure search via the technique of searchable encryption has increasingly been the focus of the researchers in cryptography and network security all over the world. In the light of the new theories, new solutions and new techniques of searchable encryption, this paper presents a survey mainly from the following four aspects: the modes, the security, the expressiveness and the efficiency of secure searchable encryption. It discusses the new theories which are essential to secure search for ubiquitous network, including searchable encryption, attribute-based encryption, and applying these cryptographic mechanisms to obtain the generalized solutions to the theoretical problems of secure search in types of new emerging network services. Based on the aforementioned theoretical results, this paper studies the new approaches to construct practical secure search for these network services, comprising the light-weight public-key cryptographic algorithms, reducing the times of applying the light-weight public-key cryptographic algorithms in secure search, and exploiting any public-key cryptographic algorithm only once to obtain new approaches for secure search in the environment of resource-constrained network applications. We also focus on studying how to apply the new theories and approaches to solve the problems associated to secure search in different kinds of networks, including body area network, wireless vehicular ad hoc network, smart grid and so on. It is traditionally required to apply inefficient public-key cryptographic algorithms a number of times to construct secure search protocols. How to manipulate the public-key cryptographic algorithms and make them suitable to be used in resource-constrained networks becomes the key issue. Light-weighting public-key cryptographic algorithms is certainly a convincing way to address it. On the other hand, minimizing the number (once would be ideal) of applying the light-weighted public-key cryptographic algorithms guarantees more efficient and practical solutions and thus is the key problem to address the issue. Finally, we suggest several interesting open research issues and the trend in the future.
    Related Articles | Metrics
    Recent Advances in Lattice-Based Cryptography
    Zhang Pingyuan, Jiang Han, Cai Jie, Wang Chenguang, Zheng Zhihua, Xu Qiuliang
    Journal of Computer Research and Development    2017, 54 (10): 2121-2129.   DOI: 10.7544/issn1000-1239.2017.20170628
    Abstract2159)   HTML12)    PDF (1107KB)(2422)       Save
    Lattice theory was first introduced to cryptography as a cryptanalysis tool to analyze knapsack and RSA cryptosystem. In 1997, Ajtai and Dwork constructed the first lattice cryptography: Ajtai-Dwork; and then in 1998, NTRU is appeared. Since factorization and discrete logarithm based cryptography was the mainstream, lattice-based cryptography has not received enough attention. Until 2009, Gentry constructed the first fully homomorphic encryption, which led to a wide of development of lattice cryptography. In 2015, Peikert made a summary of the development of lattice cryptography in “A decade of lattice cryptography”. Also in 2015, NIST released “Report on post-quantum cryptography”. According to the report, due to the rapid development of quantum computation technology, the existing standard of public key cryptography in quantum computing will be no longer safe. At the same time, NIST has launched a worldwide collection of quantum cryptography algorithms. As a classic quantum-resistant cryptography, lattice-based cryptography is known as the most promising competitor. Therefore, lattice cryptography has attracted much attention in recent years, and a lot of excellent results have been appeared. In this paper, we summarize the main results of lattice cryptography for the past two years, which consist of zero-knowledge proofs, encryption, signature and key exchange; and at last, we outlook the development trend of lattice-based cryptography.
    Related Articles | Metrics
    Survey of Internet of Things Security
    Zhang Yuqing, Zhou Wei, Peng Anni
    Journal of Computer Research and Development    2017, 54 (10): 2130-2143.   DOI: 10.7544/issn1000-1239.2017.20170470
    Abstract4394)   HTML178)    PDF (1747KB)(4437)       Save
    With the development of smart home, intelligent care and smart car, the application fields of IoT are becoming more and more widespread, and its security and privacy receive more attention by researchers. Currently, the related research on the security of the IoT is still in its initial stage, and most of the research results cannot solve the major security problem in the development of the IoT well. In this paper, we firstly introduce the three-layer logic architecture of the IoT, and outline the security problems and research priorities of each level. Then we discuss the security issues such as privacy preserving and intrusion detection, which need special attention in the IoT main application scenarios (smart home, intelligent healthcare, car networking, smart grid, and other industrial infrastructure). Though synthesizing and analyzing the deficiency of existing research and the causes of security problem, we point out five major technical challenges in IoT security. They are privacy protection in data sharing, the equipment security protection under limited resources, more effective intrusion detection and defense systems and method, access control of equipment automation operations and cross-domain authentication of motive device. We finally detail every technical challenge and point out the IoT security research hotspots in future.
    Related Articles | Metrics
    Cited: Baidu(13)
    Survey on Redactable Signatures
    Ma Jinhua, Liu Jianghua, Wu Wei, Huang Xinyi
    Journal of Computer Research and Development    2017, 54 (10): 2144-2152.   DOI: 10.7544/issn1000-1239.2017.20170646
    Abstract1768)   HTML11)    PDF (1353KB)(1286)       Save
    Data security issues have become a serious challenge to national economic, political, defence and cultural security. As a core technology in protecting data security, digital signatures have been widely used for the verification of data integrity and source authenticity. The security definition of conventional digital signatures is existentially unforgeable against adaptive chosen-message attacks. Although it meets the basic security requirement of data authentication, it hampers the reasonable operation of authenticated data which is desirable in many practical applications. As a type of malleable homomorphic signatures for editing, redactable signatures allow the signature holder (redactor) to delete sensitive portions of the signed data and generate a valid signature for the disclosed data without any help from the original signer. It has been a research hotspot in the field of cryptography since it was introduced in 2001. In recent years, many researchers have studied redactable signatures from the aspects of formal security definition, redaction control mechanism, computational cost and communication overhead, and there are lots of research results. However, the rapid development of network technology and its applications are putting forward new challenges to redactable signatures. This paper summarizes and analyses redactable signatures in terms of algorithm definition, security model and representative designs. Furthermore, some existing problems worthy of further study are also discussed.
    Related Articles | Metrics
    Survey on Private Preserving Set Intersection Technology
    Shen Liyan, Chen Xiaojun, Shi Jinqiao, Hu Lanlan
    Journal of Computer Research and Development    2017, 54 (10): 2153-2169.   DOI: 10.7544/issn1000-1239.2017.20170461
    Abstract3153)   HTML39)    PDF (2375KB)(1758)       Save
    The private set intersection (PSI) is a specific application problem that belongs to the field of secure multi-party computation. It not only has important theoretical significance but also has many application scenarios. In the era of big data, the research on this problem is in accord with people’s increasing privacy preserving demands at the same time to enjoy a variety of services. This paper briefly introduces the basic theory of secure multi-party computation, and highlights the two categories of current mainstream research methods of PSI under the framework of secure multi-party computation: the traditional PSI protocols based on the public key encryption mechanism, garbled circuit, oblivious transfer and the outsourced PSI protocols based on the untrusted third party service provider. Besides, we have briefly summarized the characteristic, applicability and complexity of those protocols. At the same time, the application scenarios of privacy preserving set intersection problem are also explained in detail, which further reflects the practical research value of the problem. With the deep research on the PSI problem, researchers have designed a set of private protocols that can quickly complete set intersection of millions of elements in the semi-honest model.
    Related Articles | Metrics
    Survey on Privacy Preserving Techniques for Blockchain Technology
    Zhu Liehuang, Gao Feng, Shen Meng, Li Yandong, Zheng Baokun, Mao Hongliang, Wu Zhen
    Journal of Computer Research and Development    2017, 54 (10): 2170-2186.   DOI: 10.7544/issn1000-1239.2017.20170471
    Abstract8198)   HTML339)    PDF (3265KB)(5372)       Save
    Core features of the blockchain technology are “de-centralization” and “de-trusting”. As a distributed ledger technology, smart contract infrastructure platform and novel distributed computing paradigm, it can effectively build programmable currency, programmable finance and programmable society, which will have a far-reaching impact on the financial and other fields, and drive a new round of technological change and application change. While blockchain technology can improve efficiency, reduce costs and enhance data security, it is still in the face of serious privacy issues which have been widely concerned by researchers. The survey first analyzes the technical characteristics of the blockchain, defines the concept of identity privacy and transaction privacy, points out the advantages and disadvantages of blockchain technology in privacy protection and introduces the attack methods in existing researches, such as transaction tracing technology and account clustering technology. And then we introduce a variety of privacy mechanisms, including malicious nodes detection and restricting access technology for the network layer, transaction mixing technology, encryption technology and limited release technology for the transaction layer, and some defense mechanisms for blockchain applications layer. In the end, we discuss the limitations of the existing technologies and envision future directions on this topic. In addition, the regulatory approach to malicious use of blockchain technology is discussed.
    Related Articles | Metrics
    Cited: Baidu(8)