PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter
PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter
PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter
https://textbookfull.com/product/machine-learning-for-cyber-
security-second-international-conference-ml4cs-2019-xi-an-china-
september-19-21-2019-proceedings-xiaofeng-chen/
https://textbookfull.com/product/frontiers-in-cyber-security-
first-international-conference-fcs-2018-chengdu-china-
november-5-7-2018-proceedings-fagen-li/
https://textbookfull.com/product/network-and-system-security-8th-
international-conference-nss-2014-xi-an-china-
october-15-17-2014-proceedings-1st-edition-man-ho-au/
https://textbookfull.com/product/green-pervasive-and-cloud-
computing-15th-international-conference-gpc-2020-xi-an-china-
november-13-15-2020-proceedings-zhiwen-yu/
Dependability in Sensor Cloud and Big Data Systems and
Applications 5th International Conference DependSys
2019 Guangzhou China November 12 15 2019 Proceedings
Guojun Wang
https://textbookfull.com/product/dependability-in-sensor-cloud-
and-big-data-systems-and-applications-5th-international-
conference-dependsys-2019-guangzhou-china-
november-12-15-2019-proceedings-guojun-wang/
https://textbookfull.com/product/software-technology-methods-and-
tools-51st-international-conference-tools-2019-innopolis-russia-
october-15-17-2019-proceedings-manuel-mazzara/
https://textbookfull.com/product/ambient-intelligence-15th-
european-conference-ami-2019-rome-italy-
november-13-15-2019-proceedings-ioannis-chatzigiannakis/
https://textbookfull.com/product/green-pervasive-and-cloud-
computing-gpc-2020-workshops-15th-international-conference-
gpc-2020-xi-an-china-november-13-15-2020-proceedings-jiangtao-
Bazhong Shen
Baocang Wang
Jinguang Han
Yong Yu (Eds.)
Frontiers in Cyber
Security
Second International Conference, FCS 2019
Xi’an, China, November 15–17, 2019
Proceedings
Communications
in Computer and Information Science 1105
Commenced Publication in 2007
Founding and Former Series Editors:
Phoebe Chen, Alfredo Cuzzocrea, Xiaoyong Du, Orhun Kara, Ting Liu,
Krishna M. Sivalingam, Dominik Ślęzak, Takashi Washio, Xiaokang Yang,
and Junsong Yuan
Frontiers in Cyber
Security
Second International Conference, FCS 2019
Xi’an, China, November 15–17, 2019
Proceedings
123
Editors
Bazhong Shen Baocang Wang
Xidian University Xidian University
Xi’an, China Xi’an, China
Jinguang Han Yong Yu
Queen’s University Belfast Shaanxi Normal University
Belfast, UK Xi’an, China
This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd.
The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721,
Singapore
Preface
The Second International Conference on Frontiers in Cyber Security (FCS 2019) was
held in Xi’an, P.R. China, November 15–17, 2019. The conference was organized by
the State Key Laboratory of Integrated Services Networks and Cryptographic Research
Center and Xidian University, and supported by the University of Electronic Science
and Technology of China, Shannxi Normal University, Xuchang University, Xi’an
University of Posts & Telecommunications, and Queen’s University Belfast. In view
of the cyber security situation, a permanent theme for FCS is “Cyber Security,” aiming
to introduce security concepts and technological achievements from the international
forefront in the field of information security, as well as provide insight into the latest
development trends and innovative technology of cyber security. The FCS conference
series provides a good platform for researchers and practitioners to exchange their latest
research achievements and discuss these questions of network security, system
security, cryptography, their applications, etc.
This year we received 67 submissions and withdrew 5 manuscripts. All the
submissions were anonymous and only the Program Committee (PC) chairs knew the
authors’ information. Each submission was allocated to at least three Program
Committee members and each paper received on average 3.55 reviews. The submission
and review process was supported by the EasyChair conference management system.
In the first phase, the PC members individually evaluated the papers and did not know
the review opinions of others. In the second phase, the papers were carefully checked in
an extensive discussion. Finally, the PC decided to accept 20 full papers and 2 short
papers, leading to an overall acceptance rate of 35.5%.
The program included two keynote speeches, given by Prof. Xiaojiang Du (Temple
University, USA) titled “Anomaly Detection for Applied Smart Home IoTs,” and Prof.
Yi Qian (University of Nebraska-Lincoln, USA) titled “Data-driven Network
Intelligence for Cyber Security.”
We would like to thank the PC members and the external reviewers for their careful
reviews and post-review discussions. The review work is very tough and
time-consuming. We also want to deeply thank the members of the Organizing
Committee for their excellent service and help for the organization of this conference.
We are very grateful to the staff at Springer for their help in producing the proceedings.
Finally, and most importantly, we want to thank all the authors who submitted to the
conference and made the event a success.
General Co-chair
Bazhong Shen Xidian University, China
Program Co-chairs
Jinguang Han Queen’s University Belfast, UK
Baocang Wang Xidian University, China
Yong Yu Shaanxi Normal University, China
Public Chair
Xu An Wang Engineering University of CAPF, China
Organizing Chairs
Juntao Gao Xidian University, China
Jie Chen Xidian University, China
Lihua Dong Xidian University, China
Program Committee
Zhenfu Cao East China Normal University, China
Jintai Ding University of Cincinnati, USA
Genyuan Du Xuchang University, China
Christian Esposito University of Salerno, Italy
Giuseppe Fenza University of Salerno, Italy
Massimo Ficco University of Campania Luigi Vanvitelli, Italy
Shaojing Fu National University of Defense Technology, China
Fuchun Guo University of Wollongong, Australia
Rui Guo Xi’an University of Posts and Telecommunications,
China
Debiao He Wuhan University, China
Xinyi Huang Fujian Normal University, China
Qiong Huang South China Agricultural University, China
SK Hafizul Islam Indian Institute of Information Technology Kalyani,
India
Muhammad Khurram Khan King Saud University, Saudi Arabia
Rongxing Lu University of New Brunswick, Canada
Ximeng Liu Singapore Management University, Singapore
viii Organization
Additional Reviewers
Xiaojiang Du
Yi Qian
Jie Wu
Temple University
Bio: Jie Wu is the Director of the Center for Networked Computing and Laura H.
Carnell professor at Temple University. He also serves as the Director of International
Affairs at College of Science and Technology. He served as Chair of Department of
Computer and Information Sciences from the summer of 2009 to the summer of 2016
and Associate Vice Provost for International Affairs from the fall of 2015 to the
summer of 2017. Prior to joining Temple University, he was a program director at the
National Science Foundation and was a distinguished professor at Florida Atlantic
University. His current research interests include mobile computing and wireless net-
works, routing protocols, cloud and green computing, network trust and security, and
social network applications. Dr. Wu regularly publishes in scholarly journals, confer-
ence proceedings, and books. He serves on several editorial boards, including IEEE
Transactions on Mobile Computing, IEEE Transactions on Service Computing, Journal
of Parallel and Distributed Computing, and Journal of Computer Science and Tech-
nology. Dr. Wu was general co-chair for IEEE MASS 2006, IEEE IPDPS 2008,
IEEE ICDCS 2013, ACM MobiHoc 2014, ICPP 2016, and IEEE CNS 2016, as well as
program cochair for IEEE INFOCOM 2011 and CCF CNCC 2013. He was an IEEE
Computer Society Distinguished Visitor, ACM Distinguished Speaker, and chair for
the IEEE Technical Committee on Distributed Processing (TCDP). Dr. Wu is a Fellow
of the AAAS and a Fellow of the IEEE. He is the recipient of the 2011 China Computer
Federation (CCF) Overseas Outstanding Achievement Award.
Contents
Post-quantum Cryptography
Signature
New Key Recovery Attack on the MICKEY Family of Stream Ciphers . . . . . 239
Lin Ding, Dawu Gu, and Lei Wang
Blockchain
1 Introduction
A person’s identity can be identified by certain attributes. This concept was
first introduced by Sahai and Waters [1] in 2005. Since then, the attribute-based
encryption (ABE) scheme, as a new public-key encryption system, has been
widely used in the cloud storage system as it supports fine-grained access control.
In general, according to whether the access structure is related to attributes or
to ciphertext, ABE scheme is divided into two types. One is the key-policy ABE
(KP-ABE) proposed firstly by Goyal et al. [2] and the other is the ciphertext-
policy ABE (CP-ABE) proposed firstly by Bethencourt et al. [3]. In most data
sharing systems, the CP-ABE scheme performs better since the data owner can
define the access structure himself/herself to determine the recipients who can
successfully access the data.
In a single-authority ABE scheme, the central authority (CA) is responsible
for authenticating all users and distributing their private keys. Undoubtedly,
this brings an excessive burden and a potential risk of corruption. Moreover, in
practice, an encryption system often involves multiple different domains, so the
single-authority ABE scheme is no longer applicable. To solve these problems,
Chase [4] put forward a multi-authority ABE (MA-ABE) scheme in 2007. In
this scheme, multiple authorities replace the single authority responsible for
managing attributes and generating private keys for users. But it still needs a
CA to generate public-private key pairs for the multiple authorities. In 2009,
Chase and Chow [5] introduced a privacy-preserving (PP) MA-ABE scheme
to remove CA and hide user GID privacy using a distributed pseudorandom
functions (PRF) and 2-party secure computing (2PC) technique, respectively.
This is the first scheme that takes user privacy into account. In 2015, Qian
et al. [6] constructed a PP-PHR sharing scheme with multi-authority in the
same way. Different from the previous schemes, Lewko and Waters [7] proposed
a decentralized ABE scheme, in which CA is not needed and no cooperation
among multiple authorities. Later, a lot of decentralized KP-ABE schemes [8–
11] and decentralized CP-ABE schemes [12–15] dedicated to protecting user
privacy were proposed.
Since the shared data files usually have the characteristic of multi-level hier-
archy, especially in enterprise and medical domains, it is necessary to construct
an ABE scheme that supports file hierarchy. The idea of hierarchical encryption
was first introduced by Gentry and Silverberg [16], who constructed a hierarchi-
cal identity-based encryption (HIBE) scheme. In 2010, Wang et al. [17] first put
forward a hierarchical attribute-based encryption (HABE) scheme by combining
the HIBE and CP-ABE schemes to support data sharing on cloud servers. Wan
et al. [18] presented a hierarchical attribute-set-based encryption (HASBE) to
achieve inherit flexibility, scalability and fine-grained access control. Wang et al.
[19] proposed an efficient file hierarchy ABE scheme, which integrated layered
access structures into a single one (shown in Fig. 1) and then used the integrated
access structure to encrypt hierarchical files. In this way, the scheme reduced the
burden of ciphertext storage and the computation cost of encryption. However,
there is only one authority here, which is not suitable for the distributed systems.
As people pay more and more attention to privacy protection, some privacy-
preserving HABE schemes [20–22] were proposed. In 2016, Zhang et al. [20]
combined HIBE and anonymous ABE (AABE) schemes to construct a hierar-
chical AABE (HAABE) scheme, which has constant-size private keys and short
public keys. In 2018, Sandhia et al. [21] proposed a file hierarchy hidden CP-
ABE scheme with multi-authority. In this scheme, they defined a novel weighted
access structure, where attributes are assigned weights according to their access
privileges. The data files are arranged hierarchically according to their attribute
weights. Recently, Guo et al. [22] applied the hierarchical ABE scheme to the
PHR system. They extended the scheme [19] to a multi-authority system and
implemented GID hiding in the same way as the scheme [6].
Improving File Hierarchy ABE Scheme with Multi-authority in Cloud 5
However, after a deep analysis, we find that the defined recursive operation
DecryptN ode(CT, SK, (x, y)) = k∈{1,2,··· ,N } e(C(x,y),k , Sk,i ) in the decryption
algorithm of the scheme [22] is incorrect as they only focused on the inerrancy
of the computational process, but ignored the inherent logic relationship. In the
multi-authority ABE scheme, the attributes managed by different authorities are
disjoint, and an attribute is monitored by only one attribute authority. Once the
attribute node
(x, y) is selected, the corresponding k is unique. Therefore, the
existence of k∈{1,2,··· ,N } in the formula is unreasonable. The detailed analysis
is given in Sect. 4.2. Based on this, an improved file hierarchy attribute-based
encryption scheme is proposed.
Contributions. By analyzing Guo’s scheme [22], we argue that the scheme has
a defect in defining
the recursive algorithm DecryptN ode(CT, SKU , (x, y)) as
the existence of k∈{1,2,··· ,N } in the equation is unreasonable. Then we propose
an improving scheme to solve this problem, so that legitimate users can perform
correct decryption calculations. In addition, in our construction, before the user
runs the decryption algorithm, the cloud server executes a pre-decryption oper-
ation, which bears heavy decryption overhead, and then sends the calculation
results and ciphertext to the user. The user only needs to perform a simple cal-
culation to get the corresponding plaintext. Therefore, the user’s computation
cost is reduced.
2 Preliminaries
2.1 Bilinear Maps
Suppose G and GT are two multiplicative cyclic groups with prime order p. Let
g be a generator of group G and e : G × G → GT be a bilinear map, which
satisfies the following properties:
(1) Bilinearity: ∀g, f ∈ G, ∀u, v ∈ Zp , we have e(g u , f v ) = e(g, f )uv .
(2) Non-degeneracy: e(g, g) = 1.
(3) Symmetry: e(g u , f v ) = e(g v , f u ) = e(g, f )uv .
Note that for ∀g, f ∈ G, the operation e(g, f ) on group GT is efficiently
computable.
6 L. Kang and L. Zhang
Table 1. Notations.
Symbol Implication
(xm , ym ) The level node of T (m ∈ [1, l])
num(x,y) The number of children nodes of node (x, y)
k(x,y) The threshold value of node (x, y) (0 < k(x,y) ≤ num(x,y) )
parent(x, y) The parent node of (x, y)
Transport node The node has a child node containing at least one threshold gate
T N C(x, y) A threshold gate set of the children nodes of transport node
(x, y)
att(x, y) The attribute value of the leaf node (x, y)
index(x, y) The number associated with node (x, y)
(1 ≤ index(x, y) ≤ num(x,y) )
TR An access tree T rooted at the node R
T(x,y) The access subtree with (x, y) as the root node
Note that the access levels are arranged in descending order. Namely, (x1 , y1 )
occupies the highest level, while (xl , yl ) occupies the lowest level.
Improving File Hierarchy ABE Scheme with Multi-authority in Cloud 7
1. The data owner defines the access policy and encrypts data file before upload-
ing it to the CSS. In the hierarchy ABE scheme, the owner divides the shared
message into l different files and defines the corresponding l access levels
according to a reasonable rule. It is natural to assume the data owner is
honest.
2. The N authorities manage disjoint attribute sets and are responsible for gen-
erating secret keys for users. Similar to the scheme [5], the colluding author-
ities may aggregate the user’s data to “recover” his attribute set by tracking
the same GID.
3. The cloud storage server (CSS) is assumed to be an honest-but-curious entity
with huge storage space and strong computing power, which provides the
service of storing ciphertext for data owners and provides partial decryption
service for data users. The CSS works normally except that it tries to gather
more ciphertext-related information.
8 L. Kang and L. Zhang
4. The data user can issue secret key queries to the authorities and download
any encrypted data files on the CSS. Users can get corresponding data files
according to their own access level. In addition, all lower level files are also
available to them. In the encryption system, there may exist some dishonest
or even malicious users who attempt to collude with others for illegal access.
map, G and GT are multiplicative cyclic groups with prime order p, g and h are
generators of group G. Let H0 : {0, 1}∗ → Zp and H1 : {0, 1}∗ → GT be two
strong collision-resistant hash functions. A user with global identity GID has
u = H0 (GID).
Authority Setup. Each authority Ak randomly chooses αk , tk,i ∈R Zp and
computes Yk = e(g, g)αk , Tk,i = g tk,i , where tk,i is selected for each attribute
ak,i ∈ Ãk . Each pair of authorities (Ak , Aj ) executes a 2-party key exchange
protocol to share a secret PRF seed [5] sk,j (= sj,k ). Authorities Ak and Aj
randomly select xk , xj ∈ Zp and calculate yk = hxk and yj = hxj respectively.
xk xj
secret key Sk,i = h tk,i . Then, user runs the anonymous key issuing proto-
col in [6] with Ak in N − 1 times to get the key component: for k > j,
kj (u); for k ≤ j, Dkj = g h /P RFkj(u).
Dkj = g αk hrk P RF αk rk
Finally,the user
computes DU = (k,j)∈{1,2,··· ,N }×({1,2,··· ,N }\{k}) Dk,j = g (N −1)αk · h (N −1)rk .
The user’s secret key is SKU = (DU , {Sk,i }k∈[1,N ],ak,i ∈Ãk ).
U
q (0)
2
Cm = g sm , C(x,y),k = Tk,i(x,y) ,
C(x,y),v = ( Yk )q(x,y) (0)+qchildv (0) · H1 (( Yk )q(x,y) (0) )
k∈{1,2,··· ,N } k∈{1,2,··· ,N }
1
The ciphertext is CT = (Cm 2
, Cm , {C(x,y),k }ak,i ∈ÃT , C(x,y),v ), where ak,i =
att(x, y) is the attribute of the leaf node (x, y), ÃT is the attribute set in T .
Decryption. To decrypt the ciphertext, user first defines a recursive algorithm
DecryptN ode(CT, SKU , (x, y)). For the leaf node (x, y), if ak,i ∈ ÃkU ,
DecryptN ode(CT, SKU , (x, y)) = e(C(x,y),k , Sk,i )
k∈{1,2,··· ,N }
10 L. Kang and L. Zhang
q (0)
rk
q(x,y) (0)·
rk
= e(Tk,i(x,y) , h tk,i ) = e(g, h)
k∈{1,2,··· ,N }
k∈{1,2,··· ,N }
z∈S(2,1)
Δ1,S Δ2,S
= (e(g, h)q(2,1) (1)·r1 ) (2,1) · (e(g, h)q(2,1) (2)·r1 ) (2,1)
For the root node A = (1, 1), we use the same method to calculate
i,S (0)
F(1,1) = Fz (1,1)
z∈S(1,1)
Δ1,S Δ2,S
= (e(g, h)q(1,1) (1)·r1 ) (1,1) · (e(g, h)q(1,1) (2)·r2 ) (1,1)
attribute key is Sk,i = h tk,i . However, we find that if we do not change the
2
ciphertext component Cm = gsm , as long as thereis a corrupted authority, the
sm
user can easily get e(g , h xid rk
) = e(g, h)sm ·xid rk , even if his/her attributes
do not meet the access policy. Therefore, the ciphertext component is changed as
Cm2
= g τ sm , where τ ∈ Zp is a secret random number selected by the data owner.
In the decryption stage, CSS provides the user with pre-decryption service, and
undertakes a large amount of decryption calculations. After that, the user can
obtain the corresponding plaintext through a simple calculation.
The specific scheme is constructed as follows:
The Global Setup and Authority Setup are the same as the original scheme,
so we will only give a brief description here.
Global Setup. Take a security parameter λ as input, output the public param-
eters P P = (e, p, g, h, G, GT ).
Authority Setup. Each authority Ak runs this algorithm and gets its public
keys and secret keys:
User computes
DU = Dk,j
(k,j)∈{1,2,··· ,N }×({1,2,··· ,N }\{k})
(N −1) (N −1)
=g αk
·h rk
The user sends DU through a secure channel to the data owner, then the data
τ −1
owner returns DU to the user.
Decryption: This decryption algorithm consists of two phases. The first stage
is CSS-Decryption, and the second stage is User-Decryption.
CSS-Decryption: User sends secret keys SKU to the CSS, which performs the
following partial decryption operations.
If the node (x, y) is a leaf node and ak,i ∈ ÃkU , then computes
DecryptN ode(CT, SK, z) and store the output as Fz . Let S(x,y) be any k(x,y) -
sized set of child nodes. If no such set exists, the function will return ⊥. The
recursive computation is shown as follows:
i,S (0)
F(x,y) = Fz (x,y)
z∈S(x,y)
rk i,S(x,y)
(0)
= (e(g, h)qz (0)xid )
z∈S(x,y)
rk i,S(x,y)
(0)
= (e(g, h)q(x,y) (i)xid )
z∈S(x,y)
= e(g, h)q(x,y) (0)·xid rk
where i = index(z), S(x,y) = {index(z) : z ∈ S(x,y) }.
If user’s attributes satisfy the part or whole T , this algorithm continues to
perform the recursive operations and gets:
Since the xid is kept by the user, the CSS cannot decrypt the original mes-
sage completely. Finally, the cloud server sends the result (Am , Bm ) and the
ciphertext CT to the user for the next decryption calculation.
User-Decryption: User runs this algorithm to get symmetric key
Bm e(g, g)sm αk · e(g, h)sm rk
Fm = 1 = = e(g, g)sm · αk
Proof. Suppose there exists an adversary A who can break our scheme with non-
negligible advantage , then therewill be a simulator B who can break the DBDH
nk −2
assumption with advantage 2 · k∈{1,2,··· ,N } (1 − (p−1) 2 ), where nk represents
Comparing with scheme [22], we make some simple changes in the secret key
component Sk,i and the ciphertext component C12∗ , so the simulation of these
two parts needs to be changed in the security proof. Specifically,
for the attribute
rk xid · rk
Language: English
By STANTON A. COBLENTZ
Copyright 1945
by
The Wings Press
To
F. B. C.
whose eyes
have followed with mine
the flight
of the birds southward
Contents
PART I DRIFTING LEAVES
I The Mountain of Vanished Men
II The Verge of the Precipice
III Welcome To Sobul
IV The Weaving of the Spell
V Yulada
VI Foreshadowings
VII Yasma
VIII The Birds Fly South
IX In the Reddening Woods
X The Ibandru Take Wing