2019 Vol. 56 No. 10
2019, 56(10): 2033-2048.
DOI: 10.7544/issn1000-1239.2019.20190541
Abstract:
Recommender system is a type of intelligent platform based on massive dataset mining, which can establish recommendation model, predict users’ preferences on unrated items and achieve individualized information service and strategy support by exploiting the techniques of statistic analyzing, machine learning and artificial intelligence, according to the unique profiles of users and the different characteristics of various items, such as users’ interests, historical consumption behaviors, the quality and the prices of items. Unfortunately, the historical dataset, prediction model and recommendation result are closely related to the users’ privacy. How to provide accurate prediction results under the conditions that the users’ privacy is well protected and the correctness of the recommendation result is efficiently verified becomes a challenging issue. The state-of-the-art mainly focused on solving this problem, by using the techniques of data perturbation and public key fully homomorphic encryption (FHE). However, most of them cannot satisfy all the requirements of accuracy, efficiency and types of privacy preserving required by recommender systems. This article elaborates the existing work from the following four aspects, namely the operation mode, formal security model, the generic constructions of lightweight privacy preserving recommender system and the verification, and the accountability of recommendation results; and identifies the unaddressed challenging problems with convincing solutions. For security models, we focus on formalizing the security models with respect to user data privacy, prediction model privacy and recommendation result privacy, under the standard model or universal composable (UC) model. For efficiency, without exploiting public key FHE, we study the generic constructions of efficient privacy preserving recommender system, respectively in the single user, multiple data setting and the multiple user, multiple data setting, by reducing the usage times of public key encryption and decryption (i.e. only once while it is optimized). Last but not least, we also address the generic theoretical issue of efficient correctness verifiability and auditability for recommendation results, by exploiting the technique of batch verification. All the convincing techniques and solutions discussed above would significantly contribute to both the theoretical breakthrough and the practicability for privacy preserving in recommender systems.
Recommender system is a type of intelligent platform based on massive dataset mining, which can establish recommendation model, predict users’ preferences on unrated items and achieve individualized information service and strategy support by exploiting the techniques of statistic analyzing, machine learning and artificial intelligence, according to the unique profiles of users and the different characteristics of various items, such as users’ interests, historical consumption behaviors, the quality and the prices of items. Unfortunately, the historical dataset, prediction model and recommendation result are closely related to the users’ privacy. How to provide accurate prediction results under the conditions that the users’ privacy is well protected and the correctness of the recommendation result is efficiently verified becomes a challenging issue. The state-of-the-art mainly focused on solving this problem, by using the techniques of data perturbation and public key fully homomorphic encryption (FHE). However, most of them cannot satisfy all the requirements of accuracy, efficiency and types of privacy preserving required by recommender systems. This article elaborates the existing work from the following four aspects, namely the operation mode, formal security model, the generic constructions of lightweight privacy preserving recommender system and the verification, and the accountability of recommendation results; and identifies the unaddressed challenging problems with convincing solutions. For security models, we focus on formalizing the security models with respect to user data privacy, prediction model privacy and recommendation result privacy, under the standard model or universal composable (UC) model. For efficiency, without exploiting public key FHE, we study the generic constructions of efficient privacy preserving recommender system, respectively in the single user, multiple data setting and the multiple user, multiple data setting, by reducing the usage times of public key encryption and decryption (i.e. only once while it is optimized). Last but not least, we also address the generic theoretical issue of efficient correctness verifiability and auditability for recommendation results, by exploiting the technique of batch verification. All the convincing techniques and solutions discussed above would significantly contribute to both the theoretical breakthrough and the practicability for privacy preserving in recommender systems.
2019, 56(10): 2049-2070.
DOI: 10.7544/issn1000-1239.2019.20190437
Abstract:
Artificial intelligence has penetrated into every corners of our life and brought humans great convenience. Especially in recent years, with the vigorous development of the deep learning branch in machine learning, there are more and more related applications in our life. Unfortunately, machine learning systems are suffering from many security hazards. Even worse, the popularity of machine learning systems further magnifies these hazards. In order to unveil these security hazards and assist in implementing a robust machine learning system, we conduct a comprehensive investigation of the mainstream deep learning systems. In the beginning of the study, we devise an analytical model for dissecting deep learning systems, and define our survey scope. Our surveyed deep learning systems span across four fields-image classification, audio speech recognition, malware detection, and natural language processing. We distill four types of security hazards and manifest them in multiple dimensions such as complexity, attack success rate, and damage. Furthermore, we survey defensive techniques for deep learning systems as well as their characteristics. Finally, through the observation of these systems, we propose the practical proposals of constructing robust deep learning system.
Artificial intelligence has penetrated into every corners of our life and brought humans great convenience. Especially in recent years, with the vigorous development of the deep learning branch in machine learning, there are more and more related applications in our life. Unfortunately, machine learning systems are suffering from many security hazards. Even worse, the popularity of machine learning systems further magnifies these hazards. In order to unveil these security hazards and assist in implementing a robust machine learning system, we conduct a comprehensive investigation of the mainstream deep learning systems. In the beginning of the study, we devise an analytical model for dissecting deep learning systems, and define our survey scope. Our surveyed deep learning systems span across four fields-image classification, audio speech recognition, malware detection, and natural language processing. We distill four types of security hazards and manifest them in multiple dimensions such as complexity, attack success rate, and damage. Furthermore, we survey defensive techniques for deep learning systems as well as their characteristics. Finally, through the observation of these systems, we propose the practical proposals of constructing robust deep learning system.
2019, 56(10): 2071-2096.
DOI: 10.7544/issn1000-1239.2019.20190540
Abstract:
While machine learning has achieved great success in various domains, the lack of interpretability has limited its widespread applications in real-world tasks, especially security-critical tasks. To overcome this crucial weakness, intensive research on improving the interpretability of machine learning models has emerged, and a plethora of interpretation methods have been proposed to help end users understand its inner working mechanism. However, the research on model interpretation is still in its infancy, and there are a large amount of scientific issues to be resolved. Furthermore, different researchers have different perspectives on solving the interpretation problem and give different definitions for interpretability, and the proposed interpretation methods also have different emphasis. Till now, the research community still lacks a comprehensive understanding of interpretability as well as a scientific guide for the research on model interpretation. In this survey, we review the explanatory problems in machine learning, and make a systematic summary and scientific classification of the existing research works. At the same time, we discuss the potential applications of interpretation related technologies, analyze the relationship between interpretability and the security of interpretable machine learning, and discuss the current research challenges and potential future research directions, aiming at providing necessary help for future researchers to facilitate the research and application of model interpretability.
While machine learning has achieved great success in various domains, the lack of interpretability has limited its widespread applications in real-world tasks, especially security-critical tasks. To overcome this crucial weakness, intensive research on improving the interpretability of machine learning models has emerged, and a plethora of interpretation methods have been proposed to help end users understand its inner working mechanism. However, the research on model interpretation is still in its infancy, and there are a large amount of scientific issues to be resolved. Furthermore, different researchers have different perspectives on solving the interpretation problem and give different definitions for interpretability, and the proposed interpretation methods also have different emphasis. Till now, the research community still lacks a comprehensive understanding of interpretability as well as a scientific guide for the research on model interpretation. In this survey, we review the explanatory problems in machine learning, and make a systematic summary and scientific classification of the existing research works. At the same time, we discuss the potential applications of interpretation related technologies, analyze the relationship between interpretability and the security of interpretable machine learning, and discuss the current research challenges and potential future research directions, aiming at providing necessary help for future researchers to facilitate the research and application of model interpretability.
2019, 56(10): 2097-2111.
DOI: 10.7544/issn1000-1239.2019.20190655
Abstract:
With the increase of security vulnerabilities, it has been a considerable challenge to evaluate and repair vulnerabilities efficiently. However, the current assessment of the availability of vulnerabilities mainly depends on manual methods. How to intelligently and automatically exploit security exploits is a hot research issue in this field. In this paper, the literature on automated exploit generation of security vulnerabilities from 2006 to the present are investigated. We analysize current research progress, point out the development trend of exploit generation research, and summarize the general framework of automated exploit generation of vulnerabilities. We sort out the current research results from the three aspects of information input, vulnerability types and utilization methods, and discuss the effects of the three aspects on the automated exploit generation of vulnerabilities. Then the current shortcomings and challenges of automatic exploit generation of vulnerabilities are analyzed, and the future research trends and directions are also pointed out.
With the increase of security vulnerabilities, it has been a considerable challenge to evaluate and repair vulnerabilities efficiently. However, the current assessment of the availability of vulnerabilities mainly depends on manual methods. How to intelligently and automatically exploit security exploits is a hot research issue in this field. In this paper, the literature on automated exploit generation of security vulnerabilities from 2006 to the present are investigated. We analysize current research progress, point out the development trend of exploit generation research, and summarize the general framework of automated exploit generation of vulnerabilities. We sort out the current research results from the three aspects of information input, vulnerability types and utilization methods, and discuss the effects of the three aspects on the automated exploit generation of vulnerabilities. Then the current shortcomings and challenges of automatic exploit generation of vulnerabilities are analyzed, and the future research trends and directions are also pointed out.
2019, 56(10): 2112-2134.
DOI: 10.7544/issn1000-1239.2019.20190374
Abstract:
How to use artificial intelligence to design high-intensity cryptography and make crypto-graphy design automation is a long-term goal. Chinese scholars combine cryptography with evolutionary computing, independently put forward the concept of evolutionary cryptography and evolutionary computing method for cryptography design based on the idea of biological evolution, to obtain variable gradual cryptography that reduces the magnitude of search space required for attacks. Research shows that evolutionary cryptography has achieved practical results in symmetric cryptography, asymmetric cryptography, side channel attacks, and post-quantum cryptography: more than one hundred good S-boxes (8×8) can be designed in one minute, and some of the cryptography indexes reach the best value. For typical post-quantum cryptography NTRU, evolutionary cryptography attacks are expected to reduce the key search space by 2~3 orders of magnitude. ECC security curve produces a base range that exceeds the curve published by NIST, and new curves have been found in the range of curve published by NIST. Evolution cryptography has some characteristics of artificial intelligence cryptography. Further combining with quantum artificial intelligence, it has not only obtained the best index of quantum computing for deciphering RSA, but also exceeded the theoretical maximum of IBM Q System OneTM with Shor’s algorithm and the maximum scale of Lockheed Martin with quantum annealing to decipher RSA. In addition, the original research on the cryptography design was proposed, and the original research on the cryptography design based on D-Wave 2000Q systems was completed, which is expected to quickly produce a series of suboptimal solutions, achieve the function of one-time one encryption algorithm, enhance the security of cryptography system.
How to use artificial intelligence to design high-intensity cryptography and make crypto-graphy design automation is a long-term goal. Chinese scholars combine cryptography with evolutionary computing, independently put forward the concept of evolutionary cryptography and evolutionary computing method for cryptography design based on the idea of biological evolution, to obtain variable gradual cryptography that reduces the magnitude of search space required for attacks. Research shows that evolutionary cryptography has achieved practical results in symmetric cryptography, asymmetric cryptography, side channel attacks, and post-quantum cryptography: more than one hundred good S-boxes (8×8) can be designed in one minute, and some of the cryptography indexes reach the best value. For typical post-quantum cryptography NTRU, evolutionary cryptography attacks are expected to reduce the key search space by 2~3 orders of magnitude. ECC security curve produces a base range that exceeds the curve published by NIST, and new curves have been found in the range of curve published by NIST. Evolution cryptography has some characteristics of artificial intelligence cryptography. Further combining with quantum artificial intelligence, it has not only obtained the best index of quantum computing for deciphering RSA, but also exceeded the theoretical maximum of IBM Q System OneTM with Shor’s algorithm and the maximum scale of Lockheed Martin with quantum annealing to decipher RSA. In addition, the original research on the cryptography design was proposed, and the original research on the cryptography design based on D-Wave 2000Q systems was completed, which is expected to quickly produce a series of suboptimal solutions, achieve the function of one-time one encryption algorithm, enhance the security of cryptography system.
2019, 56(10): 2135-2150.
DOI: 10.7544/issn1000-1239.2019.20190415
Abstract:
Human society is witnessing a wave of artificial intelligence (AI) driven by deep learning techniques, bringing a technological revolution for human production and life. In some specific fields, AI has achieved or even surpassed human-level performance. However, most previous machine learning theories have not considered the open and even adversarial environments, and the security and privacy issues are gradually rising. Besides of insecure code implementations, biased models, adversarial examples, sensor spoofing can also lead to security risks which are hard to be discovered by traditional security analysis tools. This paper reviews previous works on AI system security and privacy, revealing potential security and privacy risks. Firstly, we introduce a threat model of AI systems, including attack surfaces, attack capabilities and attack goals. Secondly, we analyze security risks and counter measures in terms of four critical components in AI systems: data input (sensor), data preprocessing, machine learning model and output. Finally, we discuss future research trends on the security of AI systems. The aim of this paper is to arise the attention of the computer security society and the AI society on security and privacy of AI systems, and so that they can work together to unlock AI’s potential to build a bright future.
Human society is witnessing a wave of artificial intelligence (AI) driven by deep learning techniques, bringing a technological revolution for human production and life. In some specific fields, AI has achieved or even surpassed human-level performance. However, most previous machine learning theories have not considered the open and even adversarial environments, and the security and privacy issues are gradually rising. Besides of insecure code implementations, biased models, adversarial examples, sensor spoofing can also lead to security risks which are hard to be discovered by traditional security analysis tools. This paper reviews previous works on AI system security and privacy, revealing potential security and privacy risks. Firstly, we introduce a threat model of AI systems, including attack surfaces, attack capabilities and attack goals. Secondly, we analyze security risks and counter measures in terms of four critical components in AI systems: data input (sensor), data preprocessing, machine learning model and output. Finally, we discuss future research trends on the security of AI systems. The aim of this paper is to arise the attention of the computer security society and the AI society on security and privacy of AI systems, and so that they can work together to unlock AI’s potential to build a bright future.
2019, 56(10): 2151-2159.
DOI: 10.7544/issn1000-1239.2019.20190343
Abstract:
The development of artificial intelligence depends on the development of cloud computing, at the same time, the security of artificial intelligence is closely related to the security of large data in the cloud. At Present, the ciphertext policy attribute-based encryption (CP-ABE) scheme is considered to be one of the most effective methods to achieve fine-grained access control of data in cloud. In the CP-ABE scheme, the access policy is often associated with the ciphertext. But sometimes, the access policy itself is also the important sensitive information, and access policies stored in the cloud in the form of clear text will also cause the users’ data revealed. In response to this problem, an efficient improved CP-ABE scheme is presented, which can hide the access policy. It can make both the attribute hiding and the secret sharing be applied to the AND-gate structure at the same time and then according to the composite order bilinear groups. Therefore, the user’s specific attribute value will not be disclosed to any other third party, thus we effectively protect the user’s privacy. In addition, through the experimental verification and data analysis, our scheme not only achieves the hidden of complex access structure,but also makes the ciphertext time shortened and decryption efficiency improved.
The development of artificial intelligence depends on the development of cloud computing, at the same time, the security of artificial intelligence is closely related to the security of large data in the cloud. At Present, the ciphertext policy attribute-based encryption (CP-ABE) scheme is considered to be one of the most effective methods to achieve fine-grained access control of data in cloud. In the CP-ABE scheme, the access policy is often associated with the ciphertext. But sometimes, the access policy itself is also the important sensitive information, and access policies stored in the cloud in the form of clear text will also cause the users’ data revealed. In response to this problem, an efficient improved CP-ABE scheme is presented, which can hide the access policy. It can make both the attribute hiding and the secret sharing be applied to the AND-gate structure at the same time and then according to the composite order bilinear groups. Therefore, the user’s specific attribute value will not be disclosed to any other third party, thus we effectively protect the user’s privacy. In addition, through the experimental verification and data analysis, our scheme not only achieves the hidden of complex access structure,but also makes the ciphertext time shortened and decryption efficiency improved.
2019, 56(10): 2160-2169.
DOI: 10.7544/issn1000-1239.2019.20190323
Abstract:
Attribute-based encryption (ABE) is a new type of public key encryption method that can implement fine-grained access control on data in cloud servers, but the computational overhead of key distribution, data encryption and data decryption processes in attribute-based encryption is too expensive, which causes a large computational burden on the user with limited computing resources. In order to solve this problem, this paper constructs an attribute-based encryption scheme which supports key attribute revocation, outsource key distribution and data decryption work to the cloud server, at the same time, the proposed scheme can verify the correctness of outsourcing computation by using Hash functions; the scheme uses online/offline encryption and transfers lots of computation to the offline, which can effectively protect the privacy of user data, reduce the amount of user computing, and promote the operation efficiency of the solution; in addition, we use the tree access policy to provide more fine-grained access control; and the method of re-encryption realizes fine-grained attribute revocation, revoking a single attribute indirectly by generating a re-encryption key to update attributes and ciphertext; Finally, the user identity is embedded into the key to achieve the user traceability property. The proposed scheme is proved to be indistinguishable against chosen-plaintext attack(IND-CPA) security under the standard model.
Attribute-based encryption (ABE) is a new type of public key encryption method that can implement fine-grained access control on data in cloud servers, but the computational overhead of key distribution, data encryption and data decryption processes in attribute-based encryption is too expensive, which causes a large computational burden on the user with limited computing resources. In order to solve this problem, this paper constructs an attribute-based encryption scheme which supports key attribute revocation, outsource key distribution and data decryption work to the cloud server, at the same time, the proposed scheme can verify the correctness of outsourcing computation by using Hash functions; the scheme uses online/offline encryption and transfers lots of computation to the offline, which can effectively protect the privacy of user data, reduce the amount of user computing, and promote the operation efficiency of the solution; in addition, we use the tree access policy to provide more fine-grained access control; and the method of re-encryption realizes fine-grained attribute revocation, revoking a single attribute indirectly by generating a re-encryption key to update attributes and ciphertext; Finally, the user identity is embedded into the key to achieve the user traceability property. The proposed scheme is proved to be indistinguishable against chosen-plaintext attack(IND-CPA) security under the standard model.
2019, 56(10): 2170-2182.
DOI: 10.7544/issn1000-1239.2019.20190351
Abstract:
Due to the long-term immutability of the ciphertext stored in the cloud, key compromise becomes an important factor affecting the security of stored data. Data re-encryption is an effective way to deal with key leakage, but the corresponding computational overhead and communication overhead of data uploading and downloading increase the burden on users and storage systems. In addition, for data storage based on distributed coding, ciphertext update needs to be performed on the basis of decrypting ciphertext, and the ciphertext merging also increases the communication and computational overhead of the system. Aiming at the above problems, a distributed data encoding storage scheme supporting updatable encryption (DDES-UE) in cloud environment is proposed. By constructing the updatable encryption scheme with key homomorphic pseudo-random functions, the heavy calculation and communication overhead of ciphertext update can be avoided; ciphertext segmentation and improved functional minimum storage regenerated code (FMSR) are used for achieving distributed data storage, which ensures high availability for storage data and direct data update of each storage node. Security proofs and performance analysis show that the proposed scheme can support secure and efficient data recoverability in the case of node corruption and the integrity verification of decrypted data while guaranteeing the security of data storage. Compared with traditional data re-encryption, DDES-UE can avoid the computation and communication overhead for data re-encryption, uploading, downloading, decoding, and ciphertext merging as well, which is of great significance for building secure and efficient cloud storage system with direct data update. In addition, the periodic key update can effectively increase the time cost for an attacker to crack the ciphertext by acquiring the key, which also enhance the active security defense capability of the system.
Due to the long-term immutability of the ciphertext stored in the cloud, key compromise becomes an important factor affecting the security of stored data. Data re-encryption is an effective way to deal with key leakage, but the corresponding computational overhead and communication overhead of data uploading and downloading increase the burden on users and storage systems. In addition, for data storage based on distributed coding, ciphertext update needs to be performed on the basis of decrypting ciphertext, and the ciphertext merging also increases the communication and computational overhead of the system. Aiming at the above problems, a distributed data encoding storage scheme supporting updatable encryption (DDES-UE) in cloud environment is proposed. By constructing the updatable encryption scheme with key homomorphic pseudo-random functions, the heavy calculation and communication overhead of ciphertext update can be avoided; ciphertext segmentation and improved functional minimum storage regenerated code (FMSR) are used for achieving distributed data storage, which ensures high availability for storage data and direct data update of each storage node. Security proofs and performance analysis show that the proposed scheme can support secure and efficient data recoverability in the case of node corruption and the integrity verification of decrypted data while guaranteeing the security of data storage. Compared with traditional data re-encryption, DDES-UE can avoid the computation and communication overhead for data re-encryption, uploading, downloading, decoding, and ciphertext merging as well, which is of great significance for building secure and efficient cloud storage system with direct data update. In addition, the periodic key update can effectively increase the time cost for an attacker to crack the ciphertext by acquiring the key, which also enhance the active security defense capability of the system.
2019, 56(10): 2183-2192.
DOI: 10.7544/issn1000-1239.2019.20190368
Abstract:
Code encryption based on path branch obfuscation of equal condition can make the key be apart from the encrypted program, so this encryption can oppose static and dynamic programming analysis method at the same time, but it can’t be used with branches controlled by other comparative relationships. In this paper, using Lagrange interpolation method to produce input-preprocess function, we not only resolve the uniqueness problem of key which produced by multi-inputs of the branch, but also preserve the security of obfuscation on branch conditions, so the conditional code of multi-inputs branch can be encrypted. Using the method which resolves the uniqueness problem of key, code encryption based on equal condition branch obfuscation can be extended to branch of greater-than and less-than condition branch, and complicate condition branch formed by blending of interval condition and equal condition.
Code encryption based on path branch obfuscation of equal condition can make the key be apart from the encrypted program, so this encryption can oppose static and dynamic programming analysis method at the same time, but it can’t be used with branches controlled by other comparative relationships. In this paper, using Lagrange interpolation method to produce input-preprocess function, we not only resolve the uniqueness problem of key which produced by multi-inputs of the branch, but also preserve the security of obfuscation on branch conditions, so the conditional code of multi-inputs branch can be encrypted. Using the method which resolves the uniqueness problem of key, code encryption based on equal condition branch obfuscation can be extended to branch of greater-than and less-than condition branch, and complicate condition branch formed by blending of interval condition and equal condition.
2019, 56(10): 2193-2206.
DOI: 10.7544/issn1000-1239.2019.20190378
Abstract:
In cloud storage, to protect the data security and privacy of data owners, data encryption is used to provide on-demand data services. Searchable encryption technology is the key method to solve encrypted data access. However, the multi-keywords in search do not distinguish and ignore the correlation between indexes, which will cause long search time and low accuracy. To this end, this paper proposes a multi-keyword searchable encryption algorithm based on semantic extension. Firstly, the dependency syntax is based on to distinguish the importance of multiple keywords for semantic expansion, and generate multiple keyword trapdoors. Secondly, the condensed hierarchical clustering and the keyword balanced binary tree are based on, and the index tree structure of index relevance is constructed. Finally, the pruning parameter and the correlation score threshold are introduced to prune the index tree, and the index-independent subtree is filtered out in the index tree. Theoretical and experimental analysis based on real data sets shows that the proposed algorithm can resist scale analysis attacks and improve search time efficiency and search accuracy.
In cloud storage, to protect the data security and privacy of data owners, data encryption is used to provide on-demand data services. Searchable encryption technology is the key method to solve encrypted data access. However, the multi-keywords in search do not distinguish and ignore the correlation between indexes, which will cause long search time and low accuracy. To this end, this paper proposes a multi-keyword searchable encryption algorithm based on semantic extension. Firstly, the dependency syntax is based on to distinguish the importance of multiple keywords for semantic expansion, and generate multiple keyword trapdoors. Secondly, the condensed hierarchical clustering and the keyword balanced binary tree are based on, and the index tree structure of index relevance is constructed. Finally, the pruning parameter and the correlation score threshold are introduced to prune the index tree, and the index-independent subtree is filtered out in the index tree. Theoretical and experimental analysis based on real data sets shows that the proposed algorithm can resist scale analysis attacks and improve search time efficiency and search accuracy.
2019, 56(10): 2207-2215.
DOI: 10.7544/issn1000-1239.2019.20190390
Abstract:
At present, the trend of information technology development is the artificial intelligence technology based on big data computing. Although it has made enormous contribution in the economic development, big data processing technology which includes cloud computing, fog computing, edge computing and other computing modes also brings a great risk of data security. Cryptographic technology is the kernel of the big data security. Confidentiality, authentication and privacy protection of big data need to solve the following three security problems: firstly, high-speed encryption and decryption of massive data; secondly, the authentication problem of high concurrency and large scale user; thirdly, privacy protection in data mining. The solution of these problems requires the fast implementation of the underlying cryptographic algorithm. Aiming at the logic architecture of big data security application, this paper gives a fast calculation algorithm for the cryptographic standard algorithm SM4-XTS, SM2 and modular exponentiation of large integers. It is verified on the KC705 development board based on Xilinx company, the results of experiment show that our work has certain advancement: 1) The implementation of SM4-XTS fills the blank of this direction in China. 2) SM2 signature has high performance, leading domestic similar products. 3) Modular exponentiation is applied to the productization of homomorphism cryptography, and its performance is ahead of other similar products.
At present, the trend of information technology development is the artificial intelligence technology based on big data computing. Although it has made enormous contribution in the economic development, big data processing technology which includes cloud computing, fog computing, edge computing and other computing modes also brings a great risk of data security. Cryptographic technology is the kernel of the big data security. Confidentiality, authentication and privacy protection of big data need to solve the following three security problems: firstly, high-speed encryption and decryption of massive data; secondly, the authentication problem of high concurrency and large scale user; thirdly, privacy protection in data mining. The solution of these problems requires the fast implementation of the underlying cryptographic algorithm. Aiming at the logic architecture of big data security application, this paper gives a fast calculation algorithm for the cryptographic standard algorithm SM4-XTS, SM2 and modular exponentiation of large integers. It is verified on the KC705 development board based on Xilinx company, the results of experiment show that our work has certain advancement: 1) The implementation of SM4-XTS fills the blank of this direction in China. 2) SM2 signature has high performance, leading domestic similar products. 3) Modular exponentiation is applied to the productization of homomorphism cryptography, and its performance is ahead of other similar products.
2019, 56(10): 2216-2228.
DOI: 10.7544/issn1000-1239.2019.20190406
Abstract:
The lightweight cryptosystem MIBS was proposed at the CANS conference in 2009. It has high efficiency in both hardware implementation and software implementation. MIBS can resist against classical cryptanalysis, such as differential analysis and linear analysis, etc. It is suitable for the resource-limited devices in the Internet of things. This paper proposes new ciphertext-only fault analysis of the MIBS cryptosystem. The attackers can apply a new fault model of Double AND and two novel distinguishers of Parzen-HW and Parzen-HW-MLE to break MIBS. The experiments only require at least 72 fault injections to recover the secret key with a success probability of no less than 99%. The method can further reduce fault injections and time, and effectively improve the attacking efficiency. It shows that the ciphertext-only fault analysis poses a serious threaten to the security of MIBS. The research also provides an important reference for the security analysis of other lightweight cryptosystems.
The lightweight cryptosystem MIBS was proposed at the CANS conference in 2009. It has high efficiency in both hardware implementation and software implementation. MIBS can resist against classical cryptanalysis, such as differential analysis and linear analysis, etc. It is suitable for the resource-limited devices in the Internet of things. This paper proposes new ciphertext-only fault analysis of the MIBS cryptosystem. The attackers can apply a new fault model of Double AND and two novel distinguishers of Parzen-HW and Parzen-HW-MLE to break MIBS. The experiments only require at least 72 fault injections to recover the secret key with a success probability of no less than 99%. The method can further reduce fault injections and time, and effectively improve the attacking efficiency. It shows that the ciphertext-only fault analysis poses a serious threaten to the security of MIBS. The research also provides an important reference for the security analysis of other lightweight cryptosystems.
2019, 56(10): 2229-2242.
DOI: 10.7544/issn1000-1239.2019.20190402
Abstract:
As the next generation of power system, smart grid allows power suppliers to collect data in high-frequency from consumers’ data to support energy consumption regulation, intelligent electricity distribution and energy management. However, fine-grained energy related data also introduces challenges in security and privacy. How to protect consumer privacy has become a key issue in smart grid research. Currently, quantum computing science is developing rapidly.Lattice-based cryptography is one of the most promising families of candidates to the quantum-resistantwork. Concerning about the privacy protection inthe process of uploading real-time data from user meters to cell concentrators in the three-level model of smart grid, in this paper, we use lattice-based linkable ring signature to construct a quantum-resistant smart meter data acquisition scheme to protect user privacy. We choose an advanced short lattice-based ring signature scheme, which is built on the top of one-out-of-many proof with sub-linear size, and we add linkability to it in order to provide anomalous user monitoring and tracking functions for the quantum-resistant privacy preserving system. With a post-quantum signature scheme, our system supports dynamic user to join and revoke, and has better flexibility and practicability. The security proof and performance analysis of the system are carried out to show its effectiveness and feasibility.
As the next generation of power system, smart grid allows power suppliers to collect data in high-frequency from consumers’ data to support energy consumption regulation, intelligent electricity distribution and energy management. However, fine-grained energy related data also introduces challenges in security and privacy. How to protect consumer privacy has become a key issue in smart grid research. Currently, quantum computing science is developing rapidly.Lattice-based cryptography is one of the most promising families of candidates to the quantum-resistantwork. Concerning about the privacy protection inthe process of uploading real-time data from user meters to cell concentrators in the three-level model of smart grid, in this paper, we use lattice-based linkable ring signature to construct a quantum-resistant smart meter data acquisition scheme to protect user privacy. We choose an advanced short lattice-based ring signature scheme, which is built on the top of one-out-of-many proof with sub-linear size, and we add linkability to it in order to provide anomalous user monitoring and tracking functions for the quantum-resistant privacy preserving system. With a post-quantum signature scheme, our system supports dynamic user to join and revoke, and has better flexibility and practicability. The security proof and performance analysis of the system are carried out to show its effectiveness and feasibility.
2019, 56(10): 2243-2249.
DOI: 10.7544/issn1000-1239.2019.20190414
Abstract:
Logistic regression is the important algorithms of machine learning. Traditional training methods require centralized collection of training data which will cause privacy issues. To solve this problem, this paper proposes privacy-preserving logistic regression. This scheme is suitable for dividing data by feature dimension, and the training data is shared between two parties. The two parties conduct collaborative training and learn a shared model. In this scheme, the two parties train the model locally on private data set while exchanging the intermediate calculation results without directly exposing their private data. Additionally, the additively homomorphic scheme can ensure the calculation security which can be performed on the cipher text. During the training process, the participants can only obtain zero knowledge of each other and cannot get any information about model parameters and training data of another participant. At the same time, a privacy protection prediction method is provided to ensure that the model deployment server cannot obtain the private data of the inquirer. After analysis and experimental verification, within the tolerable loss of precision, the scheme is secure against semi-honest participants and provide privacy protection.
Logistic regression is the important algorithms of machine learning. Traditional training methods require centralized collection of training data which will cause privacy issues. To solve this problem, this paper proposes privacy-preserving logistic regression. This scheme is suitable for dividing data by feature dimension, and the training data is shared between two parties. The two parties conduct collaborative training and learn a shared model. In this scheme, the two parties train the model locally on private data set while exchanging the intermediate calculation results without directly exposing their private data. Additionally, the additively homomorphic scheme can ensure the calculation security which can be performed on the cipher text. During the training process, the participants can only obtain zero knowledge of each other and cannot get any information about model parameters and training data of another participant. At the same time, a privacy protection prediction method is provided to ensure that the model deployment server cannot obtain the private data of the inquirer. After analysis and experimental verification, within the tolerable loss of precision, the scheme is secure against semi-honest participants and provide privacy protection.
2019, 56(10): 2250-2261.
DOI: 10.7544/issn1000-1239.2019.20190386
Abstract:
As the opponent of image steganography, the image steganalysis is to detect the secret message in images concealed by steganography algorithms. Recently, state-of-the-art JPEG image steganalysis schemes are changing from complex handcrafted feature-based ones to deep learning-based ones. Although the deep learning steganalysis for detecting JPEG steganography achieves great advancement, there still exists room for improvement. As it is verified that side information could promote the steganography detection accuracy, we seek the method to further improve the accuracy of content-adaptive steganography detection in JPEG domain from the perspective of side information offering for the deep learning steganalysis scheme. The proposed method utilizes convolutional neural networks to generate reference images from the input data. And the reference image is treated as the side information for the deep learning-based JPEG image steganalysis model. The proposed method can be pre-trained or trained together with the steganalysis model. Experimental results on classic content-adaptive steganography algorithms in JPEG domain named J-UNIWARD and JC-UED verifies the proposed method could enhance the detection ability compared with the deep learning steganalysis model without the aid of the proposed method to a certain extent. The proposed method could boost the detection accuracy for deep learning-based JPEG steganalysis model by 6 percentage points at most.
As the opponent of image steganography, the image steganalysis is to detect the secret message in images concealed by steganography algorithms. Recently, state-of-the-art JPEG image steganalysis schemes are changing from complex handcrafted feature-based ones to deep learning-based ones. Although the deep learning steganalysis for detecting JPEG steganography achieves great advancement, there still exists room for improvement. As it is verified that side information could promote the steganography detection accuracy, we seek the method to further improve the accuracy of content-adaptive steganography detection in JPEG domain from the perspective of side information offering for the deep learning steganalysis scheme. The proposed method utilizes convolutional neural networks to generate reference images from the input data. And the reference image is treated as the side information for the deep learning-based JPEG image steganalysis model. The proposed method can be pre-trained or trained together with the steganalysis model. Experimental results on classic content-adaptive steganography algorithms in JPEG domain named J-UNIWARD and JC-UED verifies the proposed method could enhance the detection ability compared with the deep learning steganalysis model without the aid of the proposed method to a certain extent. The proposed method could boost the detection accuracy for deep learning-based JPEG steganalysis model by 6 percentage points at most.
2019, 56(10): 2262-2276.
DOI: 10.7544/issn1000-1239.2019.20190394
Abstract:
With the development and popularization of cloud computing, the security situation of cloud computing environment is getting worse. Cloud forensics is of great significance for safeguarding the cloud computing security. The current cloud forensics technology research is at an early stage, and cloud forensics is faced with problems such as lack of digital evidence integrity, high forensics overhead and low intelligence. Therefore, an intelligent cloud forensics method based on SDS (software defined security) and cloud forensics trend analysis is proposed to mitigate some of these problems. Firstly, a cloud forensics architecture based on software defined security is proposed to realize collaborative real-time forensics between cloud network and cloud computing platform. Secondly, a cloud forensics trend analysis algorithm based on the HMM (hidden Markov model) is proposed to realize intelligent forensics strategy decision-making and forensics resource scheduling in the cloud forensics architecture. The experimental results show that, compared with the separate network forensics method and cloud computing platform forensics method, the forensics capacity of this method increases to 91.6%, and the forensics overhead of this method is in between, achieving a better effect between forensics capability and forensics overhead. This method has some referential significance for cloud service providers to provide cloud forensics service.
With the development and popularization of cloud computing, the security situation of cloud computing environment is getting worse. Cloud forensics is of great significance for safeguarding the cloud computing security. The current cloud forensics technology research is at an early stage, and cloud forensics is faced with problems such as lack of digital evidence integrity, high forensics overhead and low intelligence. Therefore, an intelligent cloud forensics method based on SDS (software defined security) and cloud forensics trend analysis is proposed to mitigate some of these problems. Firstly, a cloud forensics architecture based on software defined security is proposed to realize collaborative real-time forensics between cloud network and cloud computing platform. Secondly, a cloud forensics trend analysis algorithm based on the HMM (hidden Markov model) is proposed to realize intelligent forensics strategy decision-making and forensics resource scheduling in the cloud forensics architecture. The experimental results show that, compared with the separate network forensics method and cloud computing platform forensics method, the forensics capacity of this method increases to 91.6%, and the forensics overhead of this method is in between, achieving a better effect between forensics capability and forensics overhead. This method has some referential significance for cloud service providers to provide cloud forensics service.
2019, 56(10): 2277-2286.
DOI: 10.7544/issn1000-1239.2019.20190314
Abstract:
Real-time map plays an important role in autonomous vehicles (AVs) navigation. Compared with the existing map updating methods, the real-time map updating method is based on crowdsensing has lower cost and higher accuracy. However, in the process of map updating, this method increases the risk of data and user identity leakage. How to ensure the confidentiality of uploaded data and the anonymity of users is a challenge in real-time map updating. This paper proposes a secure and efficient map update scheme for AVs (SEMU). In the SEMU, vehicle users can sign the sensing data and store the encrypted data in the vehicular fog node by using signcryption and proxy re-encryption technology. When the map company wants to access the data, the vehicular fog node sends the encrypted data to the server, and the server re-encrypts the data to the map company. At the same time, server cannot obtain any explicit information about the data. In addition, the aggregate signature technology is applied to reduce the computational overhead. Through the credit management of vehicle users, the reliability of data can be improved. Finally, security analysis shows that the scheme achieves data confidentiality, integrity, reliability, authentication and non-repudiation, and guarantees the anonymity and traceability of users. The simulation results illustrate that the proposed SEMU has the incentive, and it is efficient in terms of computational overhead.
Real-time map plays an important role in autonomous vehicles (AVs) navigation. Compared with the existing map updating methods, the real-time map updating method is based on crowdsensing has lower cost and higher accuracy. However, in the process of map updating, this method increases the risk of data and user identity leakage. How to ensure the confidentiality of uploaded data and the anonymity of users is a challenge in real-time map updating. This paper proposes a secure and efficient map update scheme for AVs (SEMU). In the SEMU, vehicle users can sign the sensing data and store the encrypted data in the vehicular fog node by using signcryption and proxy re-encryption technology. When the map company wants to access the data, the vehicular fog node sends the encrypted data to the server, and the server re-encrypts the data to the map company. At the same time, server cannot obtain any explicit information about the data. In addition, the aggregate signature technology is applied to reduce the computational overhead. Through the credit management of vehicle users, the reliability of data can be improved. Finally, security analysis shows that the scheme achieves data confidentiality, integrity, reliability, authentication and non-repudiation, and guarantees the anonymity and traceability of users. The simulation results illustrate that the proposed SEMU has the incentive, and it is efficient in terms of computational overhead.
2019, 56(10): 2287-2298.
DOI: 10.7544/issn1000-1239.2019.20190416
Abstract:
While Internet of things (IoT) technology has been widely recognized as an essential part in our daily life, it also brings new challenges in terms of privacy and security. In view of the limited resources, large number of connections and strong dynamics of the devices in the Internet of things, the traditional centralized access control technology is not fully applicable, and how to achieve secure and efficient access control authorization in the IoT environment has become an urgent problem to be solved. In this regard, a distributed architecture based on hierarchical blockchain for Internet of Things (DAHB) is proposed, which includes device layer, edge layer and the cloud layer. In this architecture, we combine the advantages of blockchain technology to realize flexible, dynamic and automatic access control for IoT devices based on ABAC model in the domain and across the domain by means of smart contract. At the same time, the credit value and honesty are added to the attribute metric to dynamically evaluate the trust relationship between different domains and devices. The theoretical analysis and experimental results show that this scheme is more effective than the existing schemes in solving the requirements of lightweight, flexibility, fine-grained and security in Internet of things (IoT)access control.
While Internet of things (IoT) technology has been widely recognized as an essential part in our daily life, it also brings new challenges in terms of privacy and security. In view of the limited resources, large number of connections and strong dynamics of the devices in the Internet of things, the traditional centralized access control technology is not fully applicable, and how to achieve secure and efficient access control authorization in the IoT environment has become an urgent problem to be solved. In this regard, a distributed architecture based on hierarchical blockchain for Internet of Things (DAHB) is proposed, which includes device layer, edge layer and the cloud layer. In this architecture, we combine the advantages of blockchain technology to realize flexible, dynamic and automatic access control for IoT devices based on ABAC model in the domain and across the domain by means of smart contract. At the same time, the credit value and honesty are added to the attribute metric to dynamically evaluate the trust relationship between different domains and devices. The theoretical analysis and experimental results show that this scheme is more effective than the existing schemes in solving the requirements of lightweight, flexibility, fine-grained and security in Internet of things (IoT)access control.
