PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter

Frontiers in Cyber Security Second
International Conference FCS 2019 Xi

an China November 15 17 2019
Proceedings Bazhong Shen
Visit to download the full and correct content document:
https://textbookfull.com/product/frontiers-in-cyber-security-second-international-confer
ence-fcs-2019-xi-an-china-november-15-17-2019-proceedings-bazhong-shen/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
Machine Learning for Cyber Security Second

International Conference ML4CS 2019 Xi an China
September 19 21 2019 Proceedings Xiaofeng Chen
https://textbookfull.com/product/machine-learning-for-cyber-
security-second-international-conference-ml4cs-2019-xi-an-china-
september-19-21-2019-proceedings-xiaofeng-chen/
Frontiers in Cyber Security First International

Conference FCS 2018 Chengdu China November 5 7 2018
Proceedings Fagen Li
https://textbookfull.com/product/frontiers-in-cyber-security-
first-international-conference-fcs-2018-chengdu-china-
november-5-7-2018-proceedings-fagen-li/
Network and System Security 8th International

Conference NSS 2014 Xi an China October 15 17 2014
Proceedings 1st Edition Man Ho Au
https://textbookfull.com/product/network-and-system-security-8th-
international-conference-nss-2014-xi-an-china-
october-15-17-2014-proceedings-1st-edition-man-ho-au/
Green Pervasive and Cloud Computing 15th International

Conference GPC 2020 Xi an China November 13 15 2020
Proceedings Zhiwen Yu
https://textbookfull.com/product/green-pervasive-and-cloud-
computing-15th-international-conference-gpc-2020-xi-an-china-
november-13-15-2020-proceedings-zhiwen-yu/
Dependability in Sensor Cloud and Big Data Systems and
Applications 5th International Conference DependSys
2019 Guangzhou China November 12 15 2019 Proceedings
Guojun Wang
https://textbookfull.com/product/dependability-in-sensor-cloud-
and-big-data-systems-and-applications-5th-international-
conference-dependsys-2019-guangzhou-china-
november-12-15-2019-proceedings-guojun-wang/
Software Technology Methods and Tools 51st

International Conference TOOLS 2019 Innopolis Russia
October 15 17 2019 Proceedings Manuel Mazzara
https://textbookfull.com/product/software-technology-methods-and-
tools-51st-international-conference-tools-2019-innopolis-russia-
october-15-17-2019-proceedings-manuel-mazzara/
Technology in Education Pedagogical Innovations 4th

International Conference ICTE 2019 Guangzhou China
March 15 17 2019 Revised Selected Papers Simon K. S.
Cheung
https://textbookfull.com/product/technology-in-education-
pedagogical-innovations-4th-international-conference-
icte-2019-guangzhou-china-march-15-17-2019-revised-selected-
papers-simon-k-s-cheung/
Ambient Intelligence 15th European Conference AmI 2019

Rome Italy November 13 15 2019 Proceedings Ioannis
Chatzigiannakis
https://textbookfull.com/product/ambient-intelligence-15th-
european-conference-ami-2019-rome-italy-
november-13-15-2019-proceedings-ioannis-chatzigiannakis/
Green Pervasive and Cloud Computing GPC 2020 Workshops

15th International Conference GPC 2020 Xi an China
November 13 15 2020 Proceedings Jiangtao Wang
https://textbookfull.com/product/green-pervasive-and-cloud-
computing-gpc-2020-workshops-15th-international-conference-
gpc-2020-xi-an-china-november-13-15-2020-proceedings-jiangtao-
Bazhong Shen
Baocang Wang
Jinguang Han
Yong Yu (Eds.)
Communications in Computer and Information Science 1105
Frontiers in Cyber
Security
Second International Conference, FCS 2019
Xi’an, China, November 15–17, 2019
Proceedings
Communications
in Computer and Information Science 1105
Commenced Publication in 2007
Founding and Former Series Editors:
Phoebe Chen, Alfredo Cuzzocrea, Xiaoyong Du, Orhun Kara, Ting Liu,
Krishna M. Sivalingam, Dominik Ślęzak, Takashi Washio, Xiaokang Yang,
and Junsong Yuan
Editorial Board Members

Simone Diniz Junqueira Barbosa
Pontifical Catholic University of Rio de Janeiro (PUC-Rio),
Rio de Janeiro, Brazil
Joaquim Filipe
Polytechnic Institute of Setúbal, Setúbal, Portugal
Ashish Ghosh
Indian Statistical Institute, Kolkata, India
Igor Kotenko
St. Petersburg Institute for Informatics and Automation of the Russian
Academy of Sciences, St. Petersburg, Russia
Lizhu Zhou
Tsinghua University, Beijing, China
More information about this series at http://www.springer.com/series/7899
Bazhong Shen Baocang Wang
• •
Jinguang Han Yong Yu (Eds.)

•
Frontiers in Cyber
Security
Second International Conference, FCS 2019
Xi’an, China, November 15–17, 2019
Proceedings
123
Editors
Bazhong Shen Baocang Wang
Xidian University Xidian University
Xi’an, China Xi’an, China
Jinguang Han Yong Yu
Queen’s University Belfast Shaanxi Normal University
Belfast, UK Xi’an, China
ISSN 1865-0929 ISSN 1865-0937 (electronic)

Communications in Computer and Information Science
ISBN 978-981-15-0817-2 ISBN 978-981-15-0818-9 (eBook)
https://doi.org/10.1007/978-981-15-0818-9
© Springer Nature Singapore Pte Ltd. 2019
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the
material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now
known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book are
believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors
give a warranty, expressed or implied, with respect to the material contained herein or for any errors or
omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in
published maps and institutional affiliations.
This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd.
The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721,
Singapore
Preface
The Second International Conference on Frontiers in Cyber Security (FCS 2019) was
held in Xi’an, P.R. China, November 15–17, 2019. The conference was organized by
the State Key Laboratory of Integrated Services Networks and Cryptographic Research
Center and Xidian University, and supported by the University of Electronic Science
and Technology of China, Shannxi Normal University, Xuchang University, Xi’an
University of Posts & Telecommunications, and Queen’s University Belfast. In view
of the cyber security situation, a permanent theme for FCS is “Cyber Security,” aiming
to introduce security concepts and technological achievements from the international
forefront in the field of information security, as well as provide insight into the latest
development trends and innovative technology of cyber security. The FCS conference
series provides a good platform for researchers and practitioners to exchange their latest
research achievements and discuss these questions of network security, system
security, cryptography, their applications, etc.
This year we received 67 submissions and withdrew 5 manuscripts. All the
submissions were anonymous and only the Program Committee (PC) chairs knew the
authors’ information. Each submission was allocated to at least three Program
Committee members and each paper received on average 3.55 reviews. The submission
and review process was supported by the EasyChair conference management system.
In the first phase, the PC members individually evaluated the papers and did not know
the review opinions of others. In the second phase, the papers were carefully checked in
an extensive discussion. Finally, the PC decided to accept 20 full papers and 2 short
papers, leading to an overall acceptance rate of 35.5%.
The program included two keynote speeches, given by Prof. Xiaojiang Du (Temple
University, USA) titled “Anomaly Detection for Applied Smart Home IoTs,” and Prof.
Yi Qian (University of Nebraska-Lincoln, USA) titled “Data-driven Network
Intelligence for Cyber Security.”
We would like to thank the PC members and the external reviewers for their careful
reviews and post-review discussions. The review work is very tough and
time-consuming. We also want to deeply thank the members of the Organizing
Committee for their excellent service and help for the organization of this conference.
We are very grateful to the staff at Springer for their help in producing the proceedings.
Finally, and most importantly, we want to thank all the authors who submitted to the
conference and made the event a success.
November 2019 Bazhong Shen

Baocang Wang
Jinguang Han
Yong Yu
Organization
General Co-chair
Bazhong Shen Xidian University, China
Program Co-chairs
Jinguang Han Queen’s University Belfast, UK
Baocang Wang Xidian University, China
Yong Yu Shaanxi Normal University, China
Public Chair
Xu An Wang Engineering University of CAPF, China
Organizing Chairs
Juntao Gao Xidian University, China
Jie Chen Xidian University, China
Lihua Dong Xidian University, China
Program Committee
Zhenfu Cao East China Normal University, China
Jintai Ding University of Cincinnati, USA
Genyuan Du Xuchang University, China
Christian Esposito University of Salerno, Italy
Giuseppe Fenza University of Salerno, Italy
Massimo Ficco University of Campania Luigi Vanvitelli, Italy
Shaojing Fu National University of Defense Technology, China
Fuchun Guo University of Wollongong, Australia
Rui Guo Xi’an University of Posts and Telecommunications,
China
Debiao He Wuhan University, China
Xinyi Huang Fujian Normal University, China
Qiong Huang South China Agricultural University, China
SK Hafizul Islam Indian Institute of Information Technology Kalyani,
India
Muhammad Khurram Khan King Saud University, Saudi Arabia
Rongxing Lu University of New Brunswick, Canada
Ximeng Liu Singapore Management University, Singapore
viii Organization
Yongjian Liao University of Electronic Science and Technology

of China, China
Fagen Li University of Electronic Science and Technology
of China, China
Shujun Li University of Kent, UK
Mingzhe Liu Chengdu University of Technology, China
Yi Mu University of Wollongong, Australia
Jianbing Ni University of Waterloo, Canada
Nadia Nedjah State University of Rio de Janeiro, Brazil
Marek Ogiela AGH University of Science and Technology, Poland
Longjiang Qu National University of Defense Technology, China
Arun Kumar Sangaiah Vellore Institute of Technology, India
Chunhua Su Osaka University, Japan
Willy Susilo University of Wollongong, Australia
Meiqin Wang Shandong University, China
Huaqun Wang Nanjing University of Posts and Telecommunications,
China
Liang Xue University of Waterloo, Canada
Haomiao Yang University of Electronic Science and Technology
of China, China
Dong Zheng Xi’an University of Posts and Telecommunications,
China
Sherali Zeadally University of Kentucky, USA
Zhili Zhang Xuchang University, China
Mingwu Zhang Hubei University of Technology, China
Fangguo Zhang Sun Yat-sen University, China
Lei Zhang East China Normal University, China
Additional Reviewers
Yu Chen Meiyan Xiao

Yuzhao Cui Shaohao Xie
Tong Chen Yu Yu
Qingwen Guo Xu Yang
Jianye Huang S. J. Yang
Burong Kang Zhichao Yang
Chao Lin Yiou Zhao
Shaopeng Liang Yudi Zhang
Hongbo Li Zheng Zhang
Jinhua Ma Zhuoran Zhang
Xinyu Meng Yan Zhang
Ou Ruan Yuexin Zhang
Hua Shen Rui Zhang
Yangtong Tian Huang Zhang
Shixiong Wang
Keynote Speech Abstracts
Anomaly Detection for Applied
Smart Home IoTs
Xiaojiang Du
Temple University, USA
Abstract. With the large-scale deployment of Internet of Things, smart home

has become a popular trend that enables pervasive interactions among home IoT
devices. The emergence of home automation platforms brings more benefits of
inter-operability among heterogeneous devices and automation programs (also
called smart apps). However, as the integration system is tightly coupled with
the physical environment, device anomalies occur for varieties of reasons such
as device malfunctions and spurious commands and may lead to severe
consequences if not handled timely. Prior works utilize data mining approaches
to detect problematic device actions and faulty sensor events but suffer from
high false alarm rate. Our observation is that data mining based approaches miss
a large chunk of information about smart apps and related platform information.
In this work, we propose a semantics-aware anomaly detection system for
applied home automation platforms that models the home automation system’s
normal behaviors from both the smart apps source code and history events logs.
We evaluate our design with a prototype implementation on Samsung
SmartThings platform and test it against 15 anomalous cases of 4 categories.
The results show that our system achieves an average accuracy higher than 96%
on all 15 anomalous cases while having a very low false alarm rate compared to
state-of-art works.
Data-Driven Network Intelligence
for Cyber Security
Yi Qian
Department of Electrical and Computer Engineering,

University of Nebraska-Lincoln
Abstract. Data-driven network intelligence will offer a robust, efficient, and

effective computing system for anomaly detection in cyber security applications.
In this talk, we first summarize the current development and challenges of
network intelligence for anomaly detection. Based on the current development,
we present a data-driven intelligence system for network anomaly detection.
With the support of extended computing, storage, and other resources to the
network edge, fog computing is incorporated into the design of the system. The
proposed system consists of three types of major components: edge enabled
infrastructure, AI engines, and decision platforms. Edge enabled infrastructure
provides efficient and effective computing resources for parallel computing and
data storage. AI engines produce optimal learning models for threat detection,
and enable online machine learning for efficient model update. Decision
platforms offer real-time network monitoring, anomaly detection, and threat
mitigation. We demonstrate that the envisioned data-driven network intelligence
system achieves high detection accuracy and provides robust computational
performance for cyber security.
Cyber Security Defense: From Moving Target
Defense to Cyber Deception
Jie Wu
Temple University
Abstract. Deception technology is an emerging field of cyber security defense.

Products from deception technology can detect, analyze, and defend against
zero-day and advanced attacks. The talk starts with the discussion of some
unique challenges with cyber deception, as compared with some other deception
technology such as in military. We then focus on moving target defense with a
couple of examples and some recent results. Finally, we discuss several future
directions of cyber deception research with a focus on game and theoretical
models.
Bio: Jie Wu is the Director of the Center for Networked Computing and Laura H.
Carnell professor at Temple University. He also serves as the Director of International
Affairs at College of Science and Technology. He served as Chair of Department of
Computer and Information Sciences from the summer of 2009 to the summer of 2016
and Associate Vice Provost for International Affairs from the fall of 2015 to the
summer of 2017. Prior to joining Temple University, he was a program director at the
National Science Foundation and was a distinguished professor at Florida Atlantic
University. His current research interests include mobile computing and wireless net-
works, routing protocols, cloud and green computing, network trust and security, and
social network applications. Dr. Wu regularly publishes in scholarly journals, confer-
ence proceedings, and books. He serves on several editorial boards, including IEEE
Transactions on Mobile Computing, IEEE Transactions on Service Computing, Journal
of Parallel and Distributed Computing, and Journal of Computer Science and Tech-
nology. Dr. Wu was general co-chair for IEEE MASS 2006, IEEE IPDPS 2008,
IEEE ICDCS 2013, ACM MobiHoc 2014, ICPP 2016, and IEEE CNS 2016, as well as
program cochair for IEEE INFOCOM 2011 and CCF CNCC 2013. He was an IEEE
Computer Society Distinguished Visitor, ACM Distinguished Speaker, and chair for
the IEEE Technical Committee on Distributed Processing (TCDP). Dr. Wu is a Fellow
of the AAAS and a Fellow of the IEEE. He is the recipient of the 2011 China Computer
Federation (CCF) Overseas Outstanding Achievement Award.
Contents
Symmetric Key Cryptography
Improving File Hierarchy Attribute-Based Encryption Scheme

with Multi-authority in Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Li Kang and Leyou Zhang
Public Key Cryptography
Anonymous Leakage-Resilient Ciphertext-Policy Attribute-Based

Encryption Supporting Direct Revocation. . . . . . . . . . . . . . . . . . . . . . . . . . 21
Xiaoxu Gao, Leyou Zhang, and Gongcheng Hu
Cryptographic Reverse Firewalls for Identity-Based Encryption. . . . . . . . . . . 36

Yuyang Zhou, Yuanfeng Guan, Zhiwei Zhang, and Fagen Li
Identity-Based Encryption Resilient to Continual Leakage Without

Random Oracles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Yuyan Guo, Mingming Jiang, Shimin Wei, Ming Xie, and Mei Sun
Post-quantum Cryptography
CLIBDA: A Deniable Authentication Scheme for Pervasive

Computing Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Emmanuel Ahene, Yuanfeng Guan, Zhiwei Zhang, and Fagen Li
Leveled Lattice-Based Linearly Homomorphic Signature Scheme

in the Standard Model for Network Coding . . . . . . . . . . . . . . . . . . . . . . . . 84
Fenghe Wang, Shaoquan Shi, and Chunxiao Wang
Symmetric Lattice-Based PAKE from Approximate Smooth Projective

Hash Function and Reconciliation Mechanism . . . . . . . . . . . . . . . . . . . . . . 95
Zilong Wang, Honggang Hu, Mengce Zheng, and Jiehui Nan
Zero-Knowledge Proofs for Improved Lattice-Based Group Signature

Scheme with Verifier-Local Revocation . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Yanhua Zhang, Yifeng Yin, Ximeng Liu, Qikun Zhang, and Huiwen Jia
Post-Quantum Pseudorandom Functions from Mersenne Primes . . . . . . . . . . 128

Jiehui Nan, Mengce Zheng, and Honggang Hu
xvi Contents
Signature
An Efficient Proxy Re-Signature Over Lattices . . . . . . . . . . . . . . . . . . . . . . 145

Mingming Jiang, Jinqiu Hou, Yuyan Guo, Yan Wang, and Shimin Wei
Batch Verification of Linkable Ring Signature in Smart Grid . . . . . . . . . . . . 161

Qiyu Wang, Jie Chen, and Lishuang Zhuang
Hierarchical Identity-Based Signature over Verifiable Random Function. . . . . 177

Juan Ren and Leyou Zhang
Attack and Behavior Detection
Analysis of Ciphertext Policy Hidden Attribute-Based Encryption

and Its Improved Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Gongcheng Hu and Leyou Zhang
Implementing Attacks on the Approximate Greatest Common

Divisor Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Leizhang Wang, Quanbo Qu, Tuoyan Li, and Yange Chen
M4D: A Malware Detection Method Using Multimodal Features . . . . . . . . . 228

Yusheng Dai, Hui Li, Xing Rong, Yahong Li, and Min Zheng
New Key Recovery Attack on the MICKEY Family of Stream Ciphers . . . . . 239
Lin Ding, Dawu Gu, and Lei Wang
Authenticated Key Agreement
A General Construction for Password-Based Authenticated Key

Exchange from Witness PRFs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Jiehui Nan, Mengce Zheng, Zilong Wang, and Honggang Hu
Certificateless Authenticated Key Agreement for Decentralized WBANs . . . . 268

Mwitende Gervais, Liang Sun, Ke Wang, and Fagen Li
Blockchain
A Certificateless Proxy Re-encryption Scheme

for Cloud-Based Blockchain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Nabeil Eltayieb, Liang Sun, Ke Wang, and Fagen Li
A Novel Fair and Verifiable Data Trading Scheme . . . . . . . . . . . . . . . . . . . 308

Haiyong Yu, Juntao Gao, Tong Wu, and Xuelian Li
Public Audit Scheme of Shared Data Based on Blockchain . . . . . . . . . . . . . 327

Junfeng Tian, Xuan Jing, and Ruifang Guo
Contents xvii
System and Network Security
A Hybrid Key Management Scheme for Wireless Sensor Network . . . . . . . . 347

Yanyan Han, Yanru He, Peihe Liu, Xiaoxuan Yan, and Na Li
Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365

Symmetric Key Cryptography
Improving File Hierarchy
Attribute-Based Encryption Scheme
with Multi-authority in Cloud
Li Kang(B) and Leyou Zhang
School of Mathematics and Statistics, Xidian University, Xi’an 710126, China

li [email protected]
Abstract. With the rapid development of cloud computing technol-

ogy, users tend to store their data remotely in the cloud to save stor-
age space and enjoy scalable services. However, the cloud servers are
not entirely trusted. Ciphertext-policy attribute-based encryption (CP-
ABE) is considered as an effective cryptographic approach to prevent
the untrusted cloud severs from leaking private data. Since in some areas
such as medical and business, the shared data has the feature of multi-
level hierarchy, so it makes sense to construct a hierarchy ABE scheme.
Recently, Guo et al. proposed a PHR hierarchy multi-authority CP-ABE
scheme, which implements global identifier (GID) hiding and hierar-
chical access control. Unfortunately, we find that the recursive opera-
tion (DecryptN ode(CT, SK, (x, y))) defined in their scheme during the
decryption phase is doubtable. Based on the analysis, we propose an
improving file hierarchy MA-ABE scheme. The scheme preserves the
security and privacy of the original scheme but reduces the user’s decryp-
tion overhead. In addition, we solve the shortcoming which exists in
Guo’s scheme and the other corresponding schemes.
Keywords: File hierarchy · Attribute-based encryption ·

Multi-authority · Cloud computing
1 Introduction
A person’s identity can be identified by certain attributes. This concept was
first introduced by Sahai and Waters [1] in 2005. Since then, the attribute-based
encryption (ABE) scheme, as a new public-key encryption system, has been
widely used in the cloud storage system as it supports fine-grained access control.
In general, according to whether the access structure is related to attributes or
to ciphertext, ABE scheme is divided into two types. One is the key-policy ABE
(KP-ABE) proposed firstly by Goyal et al. [2] and the other is the ciphertext-
policy ABE (CP-ABE) proposed firstly by Bethencourt et al. [3]. In most data
Supported by the National Cryptography Development Fund under grant

(MMJJ20180209).
c Springer Nature Singapore Pte Ltd. 2019
B. Shen et al. (Eds.): FCS 2019, CCIS 1105, pp. 3–18, 2019.
https://doi.org/10.1007/978-981-15-0818-9_1
4 L. Kang and L. Zhang
sharing systems, the CP-ABE scheme performs better since the data owner can
define the access structure himself/herself to determine the recipients who can
successfully access the data.
In a single-authority ABE scheme, the central authority (CA) is responsible
for authenticating all users and distributing their private keys. Undoubtedly,
this brings an excessive burden and a potential risk of corruption. Moreover, in
practice, an encryption system often involves multiple different domains, so the
single-authority ABE scheme is no longer applicable. To solve these problems,
Chase [4] put forward a multi-authority ABE (MA-ABE) scheme in 2007. In
this scheme, multiple authorities replace the single authority responsible for
managing attributes and generating private keys for users. But it still needs a
CA to generate public-private key pairs for the multiple authorities. In 2009,
Chase and Chow [5] introduced a privacy-preserving (PP) MA-ABE scheme
to remove CA and hide user GID privacy using a distributed pseudorandom
functions (PRF) and 2-party secure computing (2PC) technique, respectively.
This is the first scheme that takes user privacy into account. In 2015, Qian
et al. [6] constructed a PP-PHR sharing scheme with multi-authority in the
same way. Different from the previous schemes, Lewko and Waters [7] proposed
a decentralized ABE scheme, in which CA is not needed and no cooperation
among multiple authorities. Later, a lot of decentralized KP-ABE schemes [8–
11] and decentralized CP-ABE schemes [12–15] dedicated to protecting user
privacy were proposed.
Since the shared data files usually have the characteristic of multi-level hier-
archy, especially in enterprise and medical domains, it is necessary to construct
an ABE scheme that supports file hierarchy. The idea of hierarchical encryption
was first introduced by Gentry and Silverberg [16], who constructed a hierarchi-
cal identity-based encryption (HIBE) scheme. In 2010, Wang et al. [17] first put
forward a hierarchical attribute-based encryption (HABE) scheme by combining
the HIBE and CP-ABE schemes to support data sharing on cloud servers. Wan
et al. [18] presented a hierarchical attribute-set-based encryption (HASBE) to
achieve inherit flexibility, scalability and fine-grained access control. Wang et al.
[19] proposed an efficient file hierarchy ABE scheme, which integrated layered
access structures into a single one (shown in Fig. 1) and then used the integrated
access structure to encrypt hierarchical files. In this way, the scheme reduced the
burden of ciphertext storage and the computation cost of encryption. However,
there is only one authority here, which is not suitable for the distributed systems.
As people pay more and more attention to privacy protection, some privacy-
preserving HABE schemes [20–22] were proposed. In 2016, Zhang et al. [20]
combined HIBE and anonymous ABE (AABE) schemes to construct a hierar-
chical AABE (HAABE) scheme, which has constant-size private keys and short
public keys. In 2018, Sandhia et al. [21] proposed a file hierarchy hidden CP-
ABE scheme with multi-authority. In this scheme, they defined a novel weighted
access structure, where attributes are assigned weights according to their access
privileges. The data files are arranged hierarchically according to their attribute
weights. Recently, Guo et al. [22] applied the hierarchical ABE scheme to the
PHR system. They extended the scheme [19] to a multi-authority system and
implemented GID hiding in the same way as the scheme [6].
Improving File Hierarchy ABE Scheme with Multi-authority in Cloud 5
However, after a deep analysis, we find that the defined recursive operation
DecryptN ode(CT, SK, (x, y)) = k∈{1,2,··· ,N } e(C(x,y),k , Sk,i ) in the decryption
algorithm of the scheme [22] is incorrect as they only focused on the inerrancy
of the computational process, but ignored the inherent logic relationship. In the
multi-authority ABE scheme, the attributes managed by different authorities are
disjoint, and an attribute is monitored by only one attribute authority. Once the
attribute node
(x, y) is selected, the corresponding k is unique. Therefore, the
existence of k∈{1,2,··· ,N } in the formula is unreasonable. The detailed analysis
is given in Sect. 4.2. Based on this, an improved file hierarchy attribute-based
encryption scheme is proposed.
Fig. 1. The integrated access structure
Contributions. By analyzing Guo’s scheme [22], we argue that the scheme has
a defect in defining
the recursive algorithm DecryptN ode(CT, SKU , (x, y)) as
the existence of k∈{1,2,··· ,N } in the equation is unreasonable. Then we propose
an improving scheme to solve this problem, so that legitimate users can perform
correct decryption calculations. In addition, in our construction, before the user
runs the decryption algorithm, the cloud server executes a pre-decryption oper-
ation, which bears heavy decryption overhead, and then sends the calculation
results and ciphertext to the user. The user only needs to perform a simple cal-
culation to get the corresponding plaintext. Therefore, the user’s computation
cost is reduced.
2 Preliminaries
2.1 Bilinear Maps
Suppose G and GT are two multiplicative cyclic groups with prime order p. Let
g be a generator of group G and e : G × G → GT be a bilinear map, which
satisfies the following properties:
(1) Bilinearity: ∀g, f ∈ G, ∀u, v ∈ Zp , we have e(g u , f v ) = e(g, f )uv .
(2) Non-degeneracy: e(g, g) = 1.
(3) Symmetry: e(g u , f v ) = e(g v , f u ) = e(g, f )uv .
Note that for ∀g, f ∈ G, the operation e(g, f ) on group GT is efficiently
computable.
2.2 Decisional Bilinear Diffie-Hellman (DBDH) Assumption

Suppose g is a generator of group G, and a, b, c, z are random numbers selected
in group Zp . The DBDH assumption holds if the advantage of all probabilis-
tic polynomial-time (PPT) algorithm B distinguish the tuple (A, B, C, Z) =
(g a , g b , g c , e(g, g)abc ) from the tuple (A, B, C, Z) = (g a , g b , g c , e(g, g)z ) is negligi-
ble. Define the advantage of algorithm B as
AdvBDBDH = |P r[B(A, B, C, e(g, g)abc ) = 1] − P r[B(A, B, C, e(g, g)z ) = 1]|.
2.3 Access Structure

Let P = {P1 , P2 , · · · , Pn } denote the set of parties. A collection A ⊆ 2P is called
monotonic: if X ∈ A and X ⊆ Y , then Y ∈ A. The (monotone) access structure
is a (monotone) collection A of non-empty subsets of P, namely, A ⊆ 2P \ {∅}.
A set in A is called the authorized set, and the set that is not in A is called the
unauthorized set.
2.4 Hierarchical Access Tree

Define a hierarchical access tree T [19], which has l access levels. Each leaf node
is described as an attribute, and every non-leaf node represents a threshold gate.
We use (x, y) to denote a node of T . The symbols x and y mark the row and
column of node (x, y) in a top-down and left-to-right manner, respectively. Other
symbols used in T are presented in Table 1.
Table 1. Notations.
Symbol Implication
(xm , ym ) The level node of T (m ∈ [1, l])
num(x,y) The number of children nodes of node (x, y)
k(x,y) The threshold value of node (x, y) (0 < k(x,y) ≤ num(x,y) )
parent(x, y) The parent node of (x, y)
Transport node The node has a child node containing at least one threshold gate
T N C(x, y) A threshold gate set of the children nodes of transport node
(x, y)
att(x, y) The attribute value of the leaf node (x, y)
index(x, y) The number associated with node (x, y)
(1 ≤ index(x, y) ≤ num(x,y) )
TR An access tree T rooted at the node R
T(x,y) The access subtree with (x, y) as the root node
Note that the access levels are arranged in descending order. Namely, (x1 , y1 )
occupies the highest level, while (xl , yl ) occupies the lowest level.
Satisfying a hierarchical access tree. We define T(x,y) (S) = 1 if an attribute set

satisfies the access tree T(x,y) . T(x,y) (S) can be calculated recursively as follows.
If (x, y) is a non-leaf node, T(x,y) (S) = 1 when at least k(x,y) children return 1;
if (x, y) is a leaf node, T(x,y) (S) = 1 if and only if att(x, y) ∈ S.
3 System Model and Algorithm Definition
3.1 System Model
Fig. 2. System model
As shown in Fig. 2, there are 4 entities: Data Owner, N Attribute Authorities,

Cloud Storage Service (CSS) and Data User.
1. The data owner defines the access policy and encrypts data file before upload-
ing it to the CSS. In the hierarchy ABE scheme, the owner divides the shared
message into l different files and defines the corresponding l access levels
according to a reasonable rule. It is natural to assume the data owner is
honest.
2. The N authorities manage disjoint attribute sets and are responsible for gen-
erating secret keys for users. Similar to the scheme [5], the colluding author-
ities may aggregate the user’s data to “recover” his attribute set by tracking
the same GID.
3. The cloud storage server (CSS) is assumed to be an honest-but-curious entity
with huge storage space and strong computing power, which provides the
service of storing ciphertext for data owners and provides partial decryption
service for data users. The CSS works normally except that it tries to gather
more ciphertext-related information.
4. The data user can issue secret key queries to the authorities and download
any encrypted data files on the CSS. Users can get corresponding data files
according to their own access level. In addition, all lower level files are also
available to them. In the encryption system, there may exist some dishonest
or even malicious users who attempt to collude with others for illegal access.
3.2 Algorithm Definition

The hierarchy ABE (HABE) scheme consists of the following five algorithms:
Suppose that there are N authorities {A1 , A2 , · · · , AN } in the system, Ãk and
Ũ represent the set of attributes owned by the authority Ak (k = 1, 2, · · · , N )
and the user U , respectively.
Global Setup: This algorithm takes a security parameter λ as input and returns
the system parameters P P .
Authority Setup: Each authority Ak runs this algorithm to generate its public-
secret key pair (P Kk , SKk ).
KeyGen: Each authority Ak executes this algorithm with user U to generate
the user’s secret key. Inputting the system parameters P P , Ak ’s secret key SKk ,
user’s global identifier u and a set of attributes Ũ , this algorithm outputs the
secret key SK U for the user.
Encryption: This algorithm takes as input the system parameters P P , mes-
sage M = (M1 , M2 , · · · , Ml ), Ak ’s public keys P Kk and an access structure T ,
outputs the ciphertext CT .
Decryption: This algorithm divides into two phases.
– CSS-Decryption: This phase is performed by the CSS. On input the system
parameters P P , secret key SK U and the ciphertext CT , if user’s attributes
satisfy the partial or whole T , it returns the corresponding decryption results
to the user.
– User-Decryption: This phase is executed by the user. User takes the ciphertext
CT and the results returned by the CSS as input, runs this algorithm and
gets the final decryption results.
4 Analysis and an Improving Construction

In this section, we first review the scheme of Guo et al. [22], then give a detailed
analysis in Sect. 4.2, and finally put forward an improving scheme.
4.1 Review of Guo’s Scheme

Lagrange coefficient Δi,S for i ∈ Zp and a set, S, of elements in Zp :
Define the
Δi,S (x) = j∈S,j=i x−j
i−j . Suppose that there are N authorities in the system and
each Ak (k = 1, 2, · · · , N ) monitors a set of attributes Ãk = (ak,1 , · · · , ak,nk ).
Global Setup. Take a security parameter λ as input, this algorithm returns the
public parameters P P = (e, p, g, h, G, GT ), where e : G × G → GT is a bilinear
map, G and GT are multiplicative cyclic groups with prime order p, g and h are
generators of group G. Let H0 : {0, 1}∗ → Zp and H1 : {0, 1}∗ → GT be two
strong collision-resistant hash functions. A user with global identity GID has
u = H0 (GID).
Authority Setup. Each authority Ak randomly chooses αk , tk,i ∈R Zp and
computes Yk = e(g, g)αk , Tk,i = g tk,i , where tk,i is selected for each attribute
ak,i ∈ Ãk . Each pair of authorities (Ak , Aj ) executes a 2-party key exchange
protocol to share a secret PRF seed [5] sk,j (= sj,k ). Authorities Ak and Aj
randomly select xk , xj ∈ Zp and calculate yk = hxk and yj = hxj respectively.
xk xj
Then, they define a pseudorandom function: P RFkj (u) = h sk,j +u . Finally, Ak

publishes the public keys P Kk = (yk , Yk , {Tk,i }i∈1,2,··· ,nk ) and keeps the master
secret keys SKk = (αk , {tk,i }i∈1,2,··· ,nk , {sk,j }i∈{1,2,··· ,N }\{k} , xk ).
KeyGen. Let Ũ represent
the attribute set of the user. For each attribute
ak,i ∈ ÃkU (= Ãk Ũ ), Ak picks rk ∈R Zp and calculates the attribute
rk
secret key Sk,i = h tk,i . Then, user runs the anonymous key issuing proto-
col in [6] with Ak in N − 1 times to get the key component: for k > j,
kj (u); for k ≤ j, Dkj = g h /P RFkj(u).
Dkj = g αk hrk P RF αk rk
Finally,the user
computes DU = (k,j)∈{1,2,··· ,N }×({1,2,··· ,N }\{k}) Dk,j = g (N −1)αk · h (N −1)rk .
The user’s secret key is SKU = (DU , {Sk,i }k∈[1,N ],ak,i ∈Ãk ).
U
Encryption. The encryptor first defines a tree access structure T , under

which the data he/she wants to share is encrypted. Suppose that the owner
divides data into l files M = (M1 , M2 , · · · , Ml ) with l access levels and sets
level nodes (xm , ym ) (m ∈ [1, l]) in T . For each node (x, y), owner ran-
domly selects a polynomial q(x,y) of degree d(x,y) = k(x,y) − 1, where k(x,y)
is the threshold value. For the root node R, owner picks s1 ∈R Zp and sets
qR (0) = q(x1 ,y1 ) (0) = s1 . For the node (x, y) ∈ T \R, if it is a leaf node, sets
q(x,y) (0) = q(xm ,ym ) (0) = sm , otherwise sets q(x,y) (0) = qparent(x,y) (index(x, y)).
Let T N C(x, y) = {child1 , child2 , · · · , childv , · · · }. The encryptor computes

1
Cm = Mm Yksm ,
k∈{1,2,··· ,N }
q (0)
2
Cm = g sm , C(x,y),k = Tk,i(x,y) ,

C(x,y),v = ( Yk )q(x,y) (0)+qchildv (0) · H1 (( Yk )q(x,y) (0) )
k∈{1,2,··· ,N } k∈{1,2,··· ,N }
1
The ciphertext is CT = (Cm 2
, Cm , {C(x,y),k }ak,i ∈ÃT , C(x,y),v ), where ak,i =
att(x, y) is the attribute of the leaf node (x, y), ÃT is the attribute set in T .
Decryption. To decrypt the ciphertext, user first defines a recursive algorithm
DecryptN ode(CT, SKU , (x, y)). For the leaf node (x, y), if ak,i ∈ ÃkU ,

DecryptN ode(CT, SKU , (x, y)) = e(C(x,y),k , Sk,i )
k∈{1,2,··· ,N }
q (0)
rk
q(x,y) (0)·

rk
= e(Tk,i(x,y) , h tk,i ) = e(g, h)
k∈{1,2,··· ,N }
If ak,i ∈ ÃkU , output DecryptN ode(CT, SKU , (x, y)) = ⊥.

i,S (0)
For the non-leaf node (x, y), computes F(x,y) = z∈S(x,y) Fz (x,y) =

e(g, h)q(x,y) (0)· rk . Continue to call the recursive algorithm, if the
subtree is
satisfied, Am = DecryptN ode(CT, SKU , (xm , ym )) = e(g, h)sm · rk can be
1
e(C 2 ,D ) N −1
obtained. Then, user calculates Fm = m U
Am = e(g, g)sm · αk .
If Ũ includes the lower authorization nodes, user can recursively cal-
C(x,y),v
culate the values of F(m+1),v , · · · , F(l),v , where F(m+1),v = Fm ·H 1 (Fm )
=

e(g, g)qchildv (0)· αk . That is the values Fm , Fm+1 , · · · , Fl can be obtained.
1
Cm
Finally, the original data file can be restored as Mm = Fm .
4.2 A Defect in Their Scheme
In the Decryption stage, they defined a recursive algorithm Decrypt

N ode(CT, SK, (x, y)). If (x, y) is a leaf node, then:

DecryptN ode(CT, SK, (x, y)) = e(C(x,y),k , Sk,i ) = e(g, h)q(x,y) (0)· rk
k∈{1,2,··· ,N }
However, in most multi-authority systems, N authorities manage disjoint

attribute sets, and an attribute can only come from one authority. For instance,
in a PHR system, the domains involved include hospital, police station, insurance
company, etc. The authorities manage the set of attributes in their field and do
not overlap with each other. Take the user’s ID number as an example, it is only
managed by the police station. Once a leaf node (x, y) (namely, attribute ak,i ) is
selected, the corresponding attribute management authority Ak is unique. There
is no ciphertext component in the form of C(x,y),j , where j ∈ {1, 2, · · · , N }\{k}.
So, it does not make sense to use k∈{1,2,··· ,N } here.

In fact, the purpose of the author to introduce k∈{1,2,··· ,N } here is to ensure

that a common power k∈{1,2,··· ,N } rk (like the dk in scheme [23]) can be
obtained, so that when the recursive algorithm is called, the user can success-
fully recover the secret value sm by using Lagrange interpolation. In the multi-
authority system, all values except q(x,y) (0) must be the same when calculating
DecryptN ode(CT, SK, (x, y)), otherwise the secret value sm can not be recov-
ered. Next, we will give a simple example to illustrate our points.
Without loss of generality, suppose there are only 2 authorities (A1 , A2 ) in
the system. A1 manages attributes {a1,1 , a1,2 }, and A2 monitors attribute {a2,1 }.
In Fig. 3, an access structure T is given and marked. According to Sect. 2.4, we
have A = (1, 1), B = (2, 1), C = (2, 2), D = (3, 1), E = (3, 2), where A is the root
node, B is the threshold node, and C, D and E are leaf nodes.
Fig. 3. Access structure and the marked access structure
For the leaf node D = (3, 1), we have:
a1,1 = att(3, 1), k = 1, C(3,1),2 = ⊥,

r1
q (0)
(3,1)
C(3,1),1 = T1,1 = g t1,1 ·q(3,1) (0) , S1,1 = h t1,1 ,
DecryptN ode(CT, SKU , (3, 1)) = e(C(3,1),1 , S1,1 ) = e(g, h)q(3,1) (0)·r1 .
For the leaf node E = (3, 2), we have:
a1,2 = att(3, 2), k = 1, C(3,2),2 = ⊥,

r1
q (0)
(3,2)
C(3,2),1 = T1,2 = g t1,2 ·q(3,2) (0) , S1,2 = h t1,2 ,
For the leaf node C = (2, 2), we have:
a2,1 = att(2, 2), k = 2, C(2,2),1 = ⊥,

r2
q (0)
(2,2)
C(2,2),2 = T2,1 = g t2,1 ·q(2,2) (0) , S2,1 = h t2,1 ,
For the non-leaf node B = (2, 1), We call the recursive algorithm to compute
i,S (0)
F(2,1) = Fz (2,1)
z∈S(2,1)
Δ1,S Δ2,S
= (e(g, h)q(2,1) (1)·r1 ) (2,1) · (e(g, h)q(2,1) (2)·r1 ) (2,1)
q(2,1) (1)Δ1,S +q(2,1) (2)Δ2,S

= (e(g, h)r1 ) (2,1) (2,1)
= e(g, h)r1 ·q(2,1) (0)

where i = index(z), S(x,y) = {index(z) : z ∈ S(x,y) }, and the value of q(2,1) (0) is
restored by Lagrange interpolation.
For the root node A = (1, 1), we use the same method to calculate
i,S (0)
F(1,1) = Fz (1,1)
z∈S(1,1)
Δ1,S Δ2,S
= (e(g, h)q(1,1) (1)·r1 ) (1,1) · (e(g, h)q(1,1) (2)·r2 ) (1,1)
r1 ·q(1,1) (1)Δ1,S +r2 ·q(1,1) (2)Δ2,S

= e(g, h) (1,1) (1,1)
However, due to r1 = r2 , the formula q(1,1) (1)Δ1,S(1,1)

+ q(1,1) (2)Δ2,S(1,1)
can
not be obtained, thus the secret value q(1,1) (0) assigned at node A can not be
restored. In this case, even if a user is legitimate, he/she cannot successfully
access the data files that he/she could have accessed. It violates the intention of
the data owner to encrypt data files.
In scheme [6], the same recursive operation is defined, where Decrypt
q (0)· rk
N ode(CT, SKU , x) = k∈{1,2,··· ,N } e(Ck,x , Sk,i ) = e(g, h) x . Therefore,
the scheme [6] also has the defect mentioned above.
4.3 Our Construction
Overview. In order to support correct decryption, based on the scheme [22], we

made some improvements. In the KeyGen phase, we let eachauthority Ak sends
hxid rk to other authorities to get the same parameter hxid rk , where xid is a
secret value chosen by the user, and its existence ensures that the CSS cannot get
the real plaintext when performing

the pre-decryption operation. The changed
xid rk
attribute key is Sk,i = h tk,i . However, we find that if we do not change the
2
ciphertext component Cm = gsm , as long as thereis a corrupted authority, the
sm
user can easily get e(g , h xid rk
) = e(g, h)sm ·xid rk , even if his/her attributes
do not meet the access policy. Therefore, the ciphertext component is changed as
Cm2
= g τ sm , where τ ∈ Zp is a secret random number selected by the data owner.
In the decryption stage, CSS provides the user with pre-decryption service, and
undertakes a large amount of decryption calculations. After that, the user can
obtain the corresponding plaintext through a simple calculation.
The specific scheme is constructed as follows:
The Global Setup and Authority Setup are the same as the original scheme,
so we will only give a brief description here.
Global Setup. Take a security parameter λ as input, output the public param-
eters P P = (e, p, g, h, G, GT ).
Authority Setup. Each authority Ak runs this algorithm and gets its public
keys and secret keys:
P Kk = (yk , Yk , {Tk,i }), SKk = (xk , αk , {tk,i }, {sk,j })
where, i ∈ {1, 2, · · · , nk }, j ∈ {1, 2, · · · , N }\{k}.

Encryption: User first selects keys (κ1 , κ2 , · · · , κl ) to encrypt data files

(M1 , M2 , · · · , Ml ) using symmetric encryption algorithm: Cm = Encκm (Mm ),
and then use HABE encryption algorithm to encrypt these symmetric keys as
follows:
q (0)
Cm 1
= κm ( Yk )sm , Cm
2
= g τ sm , C(x,y),k = Tk,i(x,y)
k∈{1,2,··· ,N }

C(x,y),v = ( Yk )q(x,y) (0)+qchildv (0) · H1 (( Yk )q(x,y) (0) )
k∈{1,2,··· ,N } k∈{1,2,··· ,N }
where τ ∈R Zp is selected by encryptor, and τ −1 mod p exists.

KeyGen. The user selects a unique secret random number xid ∈ Zp and sends
hxid to the authorities. Then Ak picks rk ∈R Zp and shares hxid ·rk with other
authorities. To generate

the secret key for user’s attribute ak,i ∈ ÃkU , Ak calcu-
xid rk
lates Sk,i = h tk,i .

The secret key Dkj is same as the original scheme,

Dkj = g αk hrk P RFkj (u), k > j
Dkj = g αk hrk /P RFkj (u), k ≤ j
User computes

DU = Dk,j
(k,j)∈{1,2,··· ,N }×({1,2,··· ,N }\{k})

(N −1) (N −1)
=g αk
·h rk
The user sends DU through a secure channel to the data owner, then the data
τ −1
owner returns DU to the user.
Decryption: This decryption algorithm consists of two phases. The first stage
is CSS-Decryption, and the second stage is User-Decryption.
CSS-Decryption: User sends secret keys SKU to the CSS, which performs the
following partial decryption operations.
If the node (x, y) is a leaf node and ak,i ∈ ÃkU , then computes
DecryptN ode(CT, SKU , (x, y)) = e(C(x,y),k , Sk,i )

xid rk
q
= e(Tk,i(x,y)(0) , h tk,i
)

xid rk
= e(g tk,i q(x,y)(0) , h tk,i

)

q(x,y) (0)·xid rk
= e(g, h)
If ak,i ∈ ÃkU , define DecryptN ode(CT, SKU , (x, y)) = ⊥.

The function DecryptN ode(CT, SKU , (x, y)) executes recursively when (x, y)
is a non-leaf node. For all children nodes z for (x, y), we call the algorithm
DecryptN ode(CT, SK, z) and store the output as Fz . Let S(x,y) be any k(x,y) -
sized set of child nodes. If no such set exists, the function will return ⊥. The
recursive computation is shown as follows:
i,S (0)
F(x,y) = Fz (x,y)
z∈S(x,y)

rk i,S(x,y)
(0)
= (e(g, h)qz (0)xid )
z∈S(x,y)

rk i,S(x,y)
(0)
= (e(g, h)q(x,y) (i)xid )
z∈S(x,y)

= e(g, h)q(x,y) (0)·xid rk

where i = index(z), S(x,y) = {index(z) : z ∈ S(x,y) }.
If user’s attributes satisfy the part or whole T , this algorithm continues to
perform the recursive operations and gets:
Am = DecryptN ode(CT, SKU , (xm , ym ))

= e(g, h)q(xm ,ym ) (0)·xid rk

= e(g, h)sm ·xid rk
Then, CSS computes

−1 1
2
Bm = e(Cm τ
, DU ) N −1 = e(g, g)sm αk
· e(g, h)sm rk
Since the xid is kept by the user, the CSS cannot decrypt the original mes-
sage completely. Finally, the cloud server sends the result (Am , Bm ) and the
ciphertext CT to the user for the next decryption calculation.
User-Decryption: User runs this algorithm to get symmetric key

Bm e(g, g)sm αk · e(g, h)sm rk
Fm = 1 = = e(g, g)sm · αk
(Am ) xid e(g, h)sm · rk

1
Cm κm · ( k∈{1,2,··· ,N } Yk )sm
κm = = , m ∈ [1, l]
Fm e(g, g)sm · αk
The value of F(m+1),v can be obtained in the same way as the original scheme.
Finally, user obtains the file Mm by using the symmetric decryption algorithm
with the key κm .
5 Security and Performance Analysis

5.1 Security Model
The security game is played between adversary A and challenger B as follows:
Initialization. Adversary A provides the challenger B with a list of corrupted

authorities CA (|CA | < N ) and an access structure T ∗ he/she wants to challenge.
Global Setup. B runs this algorithm and returns the system parameters P P
to A.
Authority Setup. For Ak ∈ CA , B runs this algorithm and sends the secret-
public key pair (P Kk , SKk ) to A. For Ak ∈ CA , B only sends the public keys
P Kk to A.
Phase 1. A provides attribute sets Ũ1 , Ũ2 , · · · , Ũq for q secret key queries. The
only restriction is that none of these attribute sets satisfy T ∗ . Then B runs the
KeyGen algorithm and outputs the corresponding secret keys.
Challenge. A submits two messages M0 and M1 with the equal length. Then
B selects a random bit b ∈ {0, 1} and runs the Encryption algorithm to encrypt
the message Mb under the access structure T ∗ . The corresponding ciphertext
CT ∗ is sent to A.
Phase 2. Same as phase 1.
Guess. Finally, A outputs the guess b on b. A wins the game if b = b.
Definition 1. A hierarchy ABE (HABE) scheme is (q, ) secure against the

chosen plaintext attack if all PPT adversaries making q secret key queries have
the negligible advantage in the above game.
5.2 Security Analysis
Theorem 1. Our improving hierarchy CP-ABE scheme is (q, ) semantically

secure in the above security model, if the -DBDH assumption holds, where
nk − 2
≥ · (1 − ).
2 (p − 1)2
k∈{1,2,··· ,N }
Proof. Suppose there exists an adversary A who can break our scheme with non-
negligible advantage , then therewill be a simulator B who can break the DBDH
nk −2
assumption with advantage 2 · k∈{1,2,··· ,N } (1 − (p−1) 2 ), where nk represents
the number of attributes managed by Ak .
Comparing with scheme [22], we make some simple changes in the secret key
component Sk,i and the ciphertext component C12∗ , so the simulation of these
two parts needs to be changed in the security proof. Specifically,

for the attribute
rk xid · rk
key, if ak,i ∈ T ∗ , we replace Sk,i = h ωk,i with

Sk,i = h ωk,i
; if ak,i ∈ T ∗ , we
rk xid · rk
(a+η)ωk,i (a+η)ωk,i
replace Sk,i = h with Sk,i = h . For the ciphertext component,
C12∗ = g c is replaced by C12∗ = g τ c , where τ ∈R Zp is selected by the simulator B.
The security proof of the proposed scheme is similar to that in scheme [22].
Due to space limitations, the complete proof is omitted here.
Another random document with
no related content on Scribd:
The Project Gutenberg eBook of When the birds
fly south
This ebook is for the use of anyone anywhere in the United States
and most other parts of the world at no cost and with almost no
restrictions whatsoever. You may copy it, give it away or re-use it
under the terms of the Project Gutenberg License included with this
ebook or online at www.gutenberg.org. If you are not located in the
United States, you will have to check the laws of the country where
you are located before using this eBook.
Title: When the birds fly south
Author: Stanton A. Coblentz
Release date: September 5, 2023 [eBook #71570]
Language: English
Original publication: New York, NY: The Wings Press, 1945
Credits: Greg Weeks, Mary Meehan and the Online Distributed

Proofreading Team at https://www.pgdp.net (This book was
produced from images made available by the HathiTrust
Digital Library.)
*** START OF THE PROJECT GUTENBERG EBOOK WHEN THE

BIRDS FLY SOUTH ***
When the Birds Fly South
By STANTON A. COBLENTZ
THE WINGS PRESS

Mill Valley, Calif.
New York, N. Y.
First Printing, 1945

Reprinted, 1951
Copyright 1945
by
The Wings Press
TYPOGRAPHY BY JOSEPH A. WENNRICH

Printed in the United States of America
[Transcriber's Note: Extensive research did not uncover any

evidence that the U.S. copyright on this publication was
renewed.]
To
F. B. C.
whose eyes
have followed with mine
the flight
of the birds southward
Contents
PART I DRIFTING LEAVES
I The Mountain of Vanished Men
II The Verge of the Precipice
III Welcome To Sobul
IV The Weaving of the Spell
V Yulada
VI Foreshadowings
VII Yasma
VIII The Birds Fly South
IX In the Reddening Woods
X The Ibandru Take Wing
PART II BLOSSOM AND SEED

XI The Prisoner
XII The Mistress of the Peak
XIII The Birds Fly North
XIV The Warning
XV Crucial Moments
XVI Hamul-Kammesh Ordains
XVII At the Time of the Full Moon
XVIII The Second Flight Begins
XIX The Cycle Is Completed
PART III THE WILL OF YULADA

XX The Second Winter
XXI "The Moleb"
XXII The Turning Point Approaches
XXIII The Last Flight
XXIV The Will of Yulada
I
Drifting Leaves
Chapter I
THE MOUNTAIN OF VANISHED MEN
High among the snow-tipped ranges of Afghanistan, there is a peak
notable for its peculiar rocky crown. Unlike its lordly neighbors, it is
dominated not by crags and glaciers, but by a projection which
seems almost to bear the impress of human hands. From the
southern valley, five thousand feet beneath, the traveler will observe
a gigantic steel-gray figure carved in the image of a woman; and he
will notice that the woman's hands are uplifted in an attitude of
prayer, and that she stands with one foot slanted behind her and one
foot slightly upraised, as though prepared to step into the abyss.
How this lifelike form came to be perched on that desolate eminence
is a mystery to the observer; but he assumes that it is a product of
some prank of nature, for it is far too large to have been made by
man. Yet he must be unimaginative indeed not to be awe-stricken at
thought of the forces which gave that colossus birth.
I, for one, shall never forget my first glimpse of the stone Titan. As a
member of an American geological expedition studying the mountain
strata of Northern India, Afghanistan and Tibet, I had been tramping
for hours through a winding rock-defile in company with nine
scientific colleagues and the native guides. Suddenly, coming out
through a break in the canyon, I looked down into a deep basin
densely mantled in deodar and pine. Beyond this valley, to the north,
a succession of jagged peaks shot skyward, their lower slopes dark-
green with foliage, their upper altitudes bare and brown, and
streaked here and there with white. Almost precisely in their center,
as though in the acknowledged place of honor, one summit loomed
slightly higher and less precipitous than the others, and on its tip the
singular statue-like image.
My first impression was that it was an illusion. Never had I or any of
my companions heard of such a figure; we were hardly less startled
than if we had journeyed to the North Pole, there to gaze at a
skyscraper. Eagerly we questioned our Afghan guides, but at first
their stolid, swarthy faces simulated indifference, though they cast
furtive and even frightened glances at one another. Then, pressed to
speak, they assured us that the stone image was the work of devils;
and finally they stated that the figure had been created by the
"Ibandru," a race of mountain folk with wings like birds and the power
of making themselves invisible.
Naturally, my friends and I laughed at such a naïve superstition. Yet
when I proposed that we climb the mountain and seek the home of
the "Ibandru," our guides repeated their warning that these people
were powerful and evil-minded enchanters. And when, not to be
daunted by fairy tales, I insisted on investigating the mountain top,
the natives betrayed their alarm by their rolling dark eyes and
eloquent gestures, and swore that if we ever began the climb we
should be unable to return. Scores of their countrymen had been
bewitched and lost in seeking the peak, which was known as "The
Mountain of Vanished Men"; and for their own part, they would
sooner wrestle with tigers than lead us up the slopes.
There was no arguing the point—they were beyond reason.
Nevertheless, in the face of common sense, I could not be
contented. From the beginning, that womanlike image had taken
hold of my imagination; and, far from discouraging me, the fears and
protestations of the natives had only whetted my curiosity. Should
opportunity offer, I would scale the mountain and discover for myself
if there was any excuse for that terror which the stone figure aroused
in the Afghans.
The opportunity, unfortunately, was not long in coming. That evening
we pitched camp among the pines at the base of "The Mountain of
Vanished Men." Since the site was ideally located at the brink of a
clear-bubbling rivulet, and since several of us were exhausted from
our strenuous traveling, we decided to remain for a day or two before
continuing toward the northern gorges.
Next morning I urged that, whether with guides or without, several of
the men join me in a climb to the stone image. The ascent, I pointed
out, promised to be easy enough, for the mountain showed a long
even grade that rarely approached the perpendicular; and, in the
absence of undetected glaciers or ravines, there would be nothing to
keep us from the peak. I was even so confident as to assert that,
starting shortly after dawn, we would set foot on the summit and be
back in camp by evening.
Most of my comrades were not convinced. They swore that it would
be foolhardy to entrust ourselves to this unknown wilderness; they
painted in gruesome terms the danger of being lost, and the still
greater danger from wild beasts, rock slides, and crevasses in the
snow and ice; and they scoffed when I vowed that I would go alone if
no one would accompany me.
Yet among our party there was one who, either through lack of
foresight or an insensitiveness to fear, was ready to risk any
hazards. That man, Jasper Damon, was one of those persons with a
passion for getting into trouble,—a sure instinct for upsetting canoes
in deep water, or invading hollow tree trunks infested with
rattlesnakes. All through this expedition he had been my especial
companion; and now, while the others sat by with loud guffaws and
mocking grimaces, he rushed to my rescue. Springing from his seat
just when I most needed an ally, he shook my hand and assured me
that a little jaunt to the top of the mountain was the very thing he
desired.
Even today I do not know why he joined me. Perhaps the figure on
the peak exercised a mysterious compulsion upon him, as upon me;
or perhaps he was merely moved by good fellowship. But, whatever
his motives, he displayed real zest in his preparations. His black
eyes fairly crackled in his long, stubbled face; his lean, lanky figure,
with the spidery legs, bustled about in noisy animation. In less time
than it took me to make the proposal, he had secured food and
firearms and a knapsack containing ropes and climbing equipment;
and, scornful of the warnings of our companions and the oaths and
mutterings of the natives, he started with me on the long ascent
before the sun had lifted its head halfway above the east-ridges.
For more than an hour we plodded along a vague little trail beneath
the dark foliage. Many a day must have passed since the last man
had followed this track; the occasional small five-clawed footprints
showed who the recent passers-by had been. But we were not
depressed by thought of the frightful solitudes, nor by fear of the
unseen creatures occasionally rustling in the brush; and even when
we had literally to dig our way through the thickets, we did not let
discouragement mar our spirits. Although the slopes were
moderately steep, they were not hard to scale; and we felt sure that
early afternoon would see us on the summit.
This hope found support when, before the morning was half over, we
reached a more sparsely timbered area, and shortly afterwards
came out into a region of straggling shrubs. The rocky ribs of the
mountain now stretched bare and gigantic before us, the dismal gray
slopes inclining at an angle of from twenty to fifty degrees. Far
above, perched on a little cone not unlike the tip of a volcano, that
curious statue-like formation loomed encouragingly larger; and a
wisp of cloud dangled playfully about the summit and beckoned us to
be of good cheer and make haste.
But it was not easy to make haste along those unsheltered ridges
under the glaring mid-July sun. More than once, as Damon and I
sweltered upward, we glanced regretfully back at the green valley;
and more than once we observed that the peak, like the fruit of
Tantalus, seemed only to retreat as we toiled to approach it.
The higher we mounted, the less likely did it appear that we could
gain the summit and return by evening. We encountered no
impassable obstacles, and never had to use the climbing tackle; yet
in places we literally had to crawl, relying upon our arms as much as
upon our legs, and consequently were so delayed that when the sun
stood in mid-heaven the peak still beckoned from the remote blue.
Had any trace of our wits remained, we would now have recognized
that we sought the unattainable. But that inscrutable figure above
had woven a charm about us; upward, still upward we trudged,
pausing only for an occasional drink from an icy little stream. Our
eyes were so fascinated by the peak, and by its amazing woman-
shaped crown, that we did not notice signs which could hardly have
escaped us in a more cautious mood. Not until too late did we
observe the increasing murkiness of the atmosphere, the gradual
formation of bands of mist that gathered as if from nowhere, the
merging of those bands into clouds that obscured the further ranges
and approached us with silent and deceptive velocity.
I was just speculating as to the distance still before us, when an
exclamation from Damon startled me back to reality. And suddenly I
was aware of the menace.
The skies were no longer blue, but gray with vapor; the slopes below
us were disappearing in fog, and even the peak was being blotted
from view!
"Back! Let's go back!" I muttered, thoroughly frightened.
Without a word, Damon joined me in frantic retreat.
But we had delayed too long. Before we had returned many hundred
yards, the fog was all about us. Like some evil unearthly thing, it
blocked our pathway with intangible streamers, and reared a gray
wall before us and to every side, and stretched a gray roof just
overhead; and it drew closer, insidiously closer, until we could see
not ten feet beyond, and the wild panorama of the mountains had
given way to a hazy cell the size of a small room.
A cautious man, no doubt, would have proposed remaining where
we were. But neither of us relished the prospect of camping possibly
for twenty-four hours in this solitary spot; and both of us vaguely felt
that, after descending a little, we would come out into the daylight
beneath the clouds. Besides—and this was most unreasonable, and
most unlike me—I was agitated by a dim, superstitious fear, I could
scarcely say what of, as if by some sixth sense I knew of shadowy
horrors that lurked unseen and unheard in the gloom.
Yet we had to advance with the timidity of tight-rope walkers; at any
instant, we might find ourselves dangling at the edge of a precipice.
In the first moments of that unequal contest we had hopelessly lost
our way; we had been unable to follow the trail, since we could not
see far enough to recognize the landmarks; while, as we descended
at random among the rocks, we realized that, even should we
escape from the fog, we might find it far from easy to make our way
back to camp.
I do not know how long we continued groping through the mist. It
may have been half an hour, or an hour; certainly, it seemed the
better part of a day. But as Damon and I picked our path between
the boulders among the enfolding vapors, despair was gradually
settling over us both, and we felt as if some malign spirit had walled
us off from the world.
Even so, I cannot explain how we opened the door for the greatest
horror of all. Perhaps it was only that Damon was displaying his
usual recklessness; perhaps that the fog had driven us in too much
upon ourselves. All I know is that, looking up after an absent-minded
revery, I received a bewildering shock—the mist was hemming me in
almost at arm's length, and Damon was not to be seen!
For a moment I was too dazed to cry out. My mind was filled with the
fantastic ideas that come to a man at such a crisis. Had my
companion stepped over a precipice? Had he been crushed by a
dislodged boulder? Had some prowling beast fallen upon him?
As these questions shot over me, I was startled to hear my name
shouted in a familiar voice. But the words seemed to issue from far
away, and I had only the vaguest idea of their direction.
"Damon! Damon!" I shouted back, in mingled hope and dismay.
"Where are you?"
"Here! Here, Prescott! Here!" came the voice, after a second or two.
But I was still mystified as to the direction.
Yet, in my excitement, I cried, "I'm coming!" and started off on what I
imagined to be the proper course.
At intervals the calling continued. Damon's voice did not seem to
draw nearer, but did not seem to grow more remote; and several
times, by way of desperate experiment, I changed my direction—
which only increased my confusion. Now I would be sure that the
voice cried from my right, and now that it shrilled from my left; at first
I thought that it came from beneath me, but before long I felt that its
source was above.
And as I went fumbling through the fog, anxiety gave way to panicky
impatience, and the slim remnants of my wits deserted me. The
climax came when, after forcing my way through a cluster of jagged
rocks that bruised my arms and legs and tore my clothes, I found
myself at the base of a cliff that shot upward abruptly out of sight.
From somewhere above, I felt sure, I heard Damon's voice calling,
hoarse from overstraining and plaintive with fear. And at the thought
that an unscalable wall divided us, I behaved like a trapped animal;
heedless of the abysses beneath, I started hastily along the base of
the cliff in what I supposed to be Damon's direction.
But again I had miscalculated. When I next heard my friend's voice,
it was much fainter ... growing ghostly faint and remote; and
continued to grow fainter still, until it was no more than a murmur
borne across far distances. And now, when I screamed his name in a
cracked and broken way, the only answer was in the echoes that
reverberated along the mountainside, with thin and hollow notes like
the mockery of fiends.
In despair, I told myself that I had lost track of Damon completely.
But all at once a resounding report broke the stillness of the
mountains. Shocked, I stood as if frozen—and instantly the report
was repeated. Was Damon battling some foe, four-footed or human?
Or was he merely signaling with his revolver?
Then, while I stood quivering there beneath the precipice, the pistol
rang forth again, and again; and the echoes pealed and dinned with
unearthly snarls and rattlings.
So unnerved was I that I did not think of replying with my own
revolver. But, seized with a frenzy to rejoin Damon at all costs, I
started through the fog almost with the madness of a stampeding
steer.
And now at last my recklessness betrayed me. Whether my foot
slipped, or whether I had dared an impossible grade, I do not know;
but with breathless suddenness, I was plunging down a terrifying
slope. To stop myself was beyond my power; with a sprinter's speed
I went racing down the mist-dimmed mountainside. For an instant I
had visions of gigantic spaces beneath me, of prodigious chasms,
jutting rocks—then all things grew blurred, my mind whirled round
and came to a stop ... and the darkness that ensued was for me as
the end of the world.
Chapter II
THE VERGE OF THE PRECIPICE
Hours must have passed while I lay without movement or
consciousness. For when at length I came to a confused awareness
of myself, the scene had changed alarmingly. The fog must still have
been about me; but all that met my eyes was a black blank, an
opaqueness so absolute that for the moment I imagined I had lost
my sight. It was a minute before I dimly recollected what had
happened, and knew that I was somewhere on the mountainside,
and that it was now night.
But it was long before I realized the full horror of my predicament. My
head was feeling dull and dazed; my throat was parched; I was by
turns shivering and burning, and my limbs were all aching and sore. I
was lying sprawled head down on a couch of rock, and a rock-wall to
my left formed my support and pillow; but when I tried to change
position, a staggering pain in my right arm warned me to go slowly,
and I understood that the limb was hanging limp and useless.
It did not occur to me then to wonder what had happened to Damon,
nor how long I should have to remain here, nor how I should escape.
My thoughts were blurred and half delirious, and I think that
unconsciousness came to me again in snatches. More often than not
I was as one in a dream; visions of white peaks beset me continually,
and always on those peaks I saw a gigantic woman with hands
outspread and beatifically smiling face; and that woman seemed at
times to call to me, and at times to mock; and now she would take
me to her in great warm arms, and now would vanish like vapor in
my clasp....
It was after one such nightmare that I opened my eyes and found the
darkness less intense. A pale gray light seeped wanly through the
mist; and in that dreary dawn I came gradually to understand my
own helplessness. While everything above was clouded, the fog had
unrolled from below—and my gaze traveled to panoramas that
bewildered and appalled me. Then, as by degrees the fumes cleared
from my mind, I was able to realize just what had happened—and
shuddered to think what might have happened. I was resting on a
narrow ledge; above me the rocky grade leaned at an angle halfway
to the vertical, and beside me was a blood-spattered boulder. It was
this obstruction that had saved my life—directly at my feet, a
precipice slanted down to the dim depths.
And yet, as I lay there groaning, I wondered if I would not have been
better off to have plunged into the chasm. I was so bruised that I
could hardly move a limb; my legs were too feeble to support me
when I strove to rise; internally I was so shaken that I could not be
certain of my equilibrium; and my right arm, acutely painful, dangled
helplessly at my side. Clearly, escape would be impossible....
And if at first I imagined that there was just a chance of rescue—just
a chance that a searching party from camp would find me—my
hopes gave place to a dull, settled despair as the hours wore
endlessly away. The fog, after lifting for a while, slowly re-formed;
and with its return I felt that my death-sentence had been passed. I
could not now be seen at more than twenty yards—and who could
come near enough to discover me on this detached shelf?
There followed an interval in which I must have sunk into delirium.
Then, after a series of grotesque imaginings or dreams in which I
was always trying to drink from streams that vanished at my touch, I
was roused from a half-conscious lethargy by the sound of voices.
Could it be that I was still dreaming? As eagerly as was now
possible, I stared into the wilderness of crags. The fog had vanished;
but the only moving thing was a great bird circling in the blue.
Cruelly disappointed, I again closed my eyes. But once more I
thought I heard voices calling. This time there could be no doubt—
the sound had been clear-cut, reminding me of men joyously
shouting.
And as that sound was renewed, I opened my eyes again, and
peered searchingly into the abyss. Still all was bare and motionless.
Yet, even as I wondered, I heard those mysterious voices anew,
nearer now than ever; and for the first time I recognized that they
came not from beneath me but from above! Eagerly I gazed up at
the rocky heights—but there was no sign that they had ever been
disturbed by human presence.
I was half convinced that my fever had been playing me tricks, when
a slender little moving shape far above caught my attention. After an
instant, it disappeared behind a ledge, but after another instant
emerged; and close behind it trailed other specks—slowly jogging
specks with upright forms!
In that first dumbfounded moment, I did not ask myself who they
might be. Enough that they were human—and almost within hail!
Quivering uncontrollably, I strove vainly to lift myself to a sitting
posture. Then, with what scanty lung power remained to me, I
attempted to shout; but my dry throat gave forth scarcely a feeble
mumbling, the mere ghost of a voice.
And directly following that first sharp relief, still sharper terror seized
me. Must I remain here unseen? At that thought, I was racked with a
dry crackling laugh, more like a cough than an expression of mirth;
and I lifted my left hand and frantically waved my red-bordered
handkerchief, while cackling and gibbering to myself like an insane
old man.
By bending my neck and straining my eyes, I could still follow the
figures. Had my enfeebled voice permitted, I would have shouted out
curses, would have laden them with all the imprecations of hell,
when they passed directly above and glided on their way around a
bend in the mountain. There were at least half a dozen of them, and
they could not have been from the camp, for they were clad in blue
and red not at all like the khaki we wore; and their voices had some
quality quite unlike anything I had heard before. There even seemed
to be a note of excitement in their calls, a tone of surprise, though of
that I could not be sure.
Some time later I opened my eyes once more, and saw three
turbaned men descending almost within arm's reach.
Whether they had been friends or head-hunting savages, their first
effect upon me would have been the same. In my weakened state, I
was unprepared for the shock; my senses forsook me, and
unconsciousness returned.
But when at length I came to myself, I seemed to be in another
world. The first thing I realized was that I was sitting with head
propped up against the boulder; and at the same time I was aware of
the sound of voices, voices that were pleasant although unfamiliar.
And as I opened my eyes, my surprise increased; not three
strangers but six stood before me, two of them women!
Even in my half-dazed condition, I observed something peculiar
about these persons. A single glance told me that they belonged to
no race I had ever seen or heard of; they were manifestly
mountaineers, yet did not wear the usual Afghan garb. Men and
women alike were attired in stout loose-fitting dark-blue garments of
some material reminding me of canvas, with red stripes and dots,
and bizarre yet not unattractive designs. In person they were clean-
cut and prepossessing; the men tall and well-built, with long full
beards, swarthy countenances and proud flashing black eyes; while
the women were among the most attractive I had ever seen.
So, at least, it seemed to me when the younger, scarcely more than
a child, lifted a small leather flask to my mouth and motioned me to
drink. With an effort, I moistened my lips; then, frantic as a drug
addict deprived of his drug, I swallowed a long draught, draining the
entire contents.
And as, half revived, I lay against the boulder, I observed that the
strangers were all peering at me with curiosity and wonder. But equal
wonder and curiosity, I am sure, stared from my own eyes; while my
glance may have already been too partial to her who had ministered
to my thirst. For I could see how strikingly she differed from her
companions; her complexion was lighter than theirs, and she had an
airy grace and beauty which set her apart.
Peering at her closely, I thought that she might be about sixteen or
seventeen. Her clear white skin had the stainlessness of perfect
health; her hair, which hung in unbound curls and ringlets about her
slender neck, was of a rich auburn; her eyes, in startling contrast to
that auburn, were dark like the eyes of her kindred, and in the deep
brown of the iris live fires glowed and smoldered; her features were
modelled with exquisite daintiness, the forehead of medium height
and rounded like a half moon, the nose small and gracefully pointed,
the gently curving chin tapering to a firm little knob. Her lips, tiny and
thin, had at times a creasing of merriment about the corners that
gave her almost a puckish appearance. Although slimly built and not
much over five feet in height, she did not lack at all in robustness;
she flitted from place to place with great agility; and her rude
unhampering garments fitted her ideally for mountain climbing.
After the exhaustion of our first few minutes together, I was again
close to unconsciousness. But now I felt strong hands lifting me; and
opened my eyes to find two men smiling upon me encouragingly. At
the same time, something pungent and aromatic was thrust between
my lips; the girl was extending a handful of dried herbs, which she
motioned me to consume with a genial dimpling smile that I had no
power to resist.
After swallowing the food, I felt considerably better. Having finished
the entire handful and washed it down with a draught from a second
leather flask, I had revived sufficiently to try to sit up unaided; and
simultaneously I realized how ravenously hungry I was, and felt a
fresh desire to live flaming up within me.
Being eager for a word with my benefactors, I muttered something in
English without thinking exactly what I was saying. But the surprised
answering stares cut me short in sharp realization. What could these
mountain folk know of English?
There was a short, awkward pause; then, after a few words among
themselves, they addressed me in their native tongue. At the first
syllable, I realized that theirs was not the cultivated Persian of the
Afghan court, but rather a variety of Pushtu, the speech in most
common use among the people. From my wanderings of the past
few months and especially from contact with the native guides, I had
gathered a few words of this language, enough to enable me to
recognize its peculiar intonation, although I could express none but
the simplest ideas.
After a second handful of the dried herbs, and another draught of
water, I felt well enough to try to stagger to my feet. But the effort
was too much for me; my limbs threatened to collapse beneath me;
and two of the men had to bolster me up.
But once I had arisen, they would not let me return to my rock-couch.
Grimly they motioned toward the snow-streaked northern peak, as if
to indicate that we must pass beyond it; at the same time, one of
them pointed to the stone image on the summit; while the others, as
if observing a religious rite, extended their arms solemnly and almost
imploringly toward that strange womanly figure.
At the moment, it did not occur to me that their attitude was one of
prayer; but later I was to remember this fact. For the time, my
thoughts took a more personal turn; for when I saw my new
acquaintances preparing to lead me across the mountains, I was
profoundly alarmed. Although still too stunned to take in the full
reality, I knew that I was on the threshold of unpredictable
adventures, and that many a day might pass before I could rejoin my
fellow geologists.
But when the ascent actually began, I was not at all certain that I
should survive. We seemed to be undertaking the impossible; I had,
literally, to be lifted off my feet and carried; my legs were useful only
on the short stretches of comparatively level ground. In the
humiliation of being an invalid, I felt a deep sense of inferiority to
these brawny men that tugged and strained to bear me up the
mountain; while, with increasing admiration, I noted the capable way
in which they carried me along the brink of canyons, or over grades
that I should have had to make on my hands and knees. But greatest
of all was my admiration for the young girl who had offered me the
dried herbs. She seemed agile as a leopard and sure-footed as a
mountain sheep, leaping from boulder to boulder and from crag to
crag with the swiftness and abandon of a joyous wild thing....
Hours—how many I cannot estimate—must have been consumed in
the ascent. Fortunately, I am not a large man, being but five feet six
in height and considerably under the average weight; but, even so, I
proved more than an ordinary burden. Though my rescuers worked
in shifts and each seemed powerful enough to carry me single-
handed, yet before long the exertion began to tell upon them all.
Occasionally, after completing some precipitous ascent, they would
pause to mop their brows and rest; or else their bulging eyes and
panting frames would testify to the ordeal they were undergoing.
Higher and higher we mounted, while they showed no thought of
abandoning their efforts. In joy not unmixed with a half-superstitious
dread, I saw the statuesque figure on the peak slowly approaching;
saw its outlines expand until it seemed but a mile away, clad in a
somber gray and beckoning like some idol superbly carved by a race
of Titans. But while I was asking myself whether we were to climb to
the very foot of this image, I observed that we were following a little
trail which no longer ascended but wound sinuously about the
mountainside. For what seemed time unending we plodded along
this path, while in my weakness I was more than once close to
fainting.
But, as we jogged ahead, the scenery was gradually changing; from
time to time I caught glimpses of far-off snowy peaks and a deep
basin north of "The Mountain of Vanished Men." It was long before
this valley stretched before us in an unbroken panorama; but when I
saw it entire it was enough to make me forget my sufferings.
Certainly, it was unlike any other valley in the world. A colossal cavity
had been scooped out in the heart of the wilderness; on every side
the mountain walls shot downward abruptly for thousands of feet,
forming a circle dominated at all points by jagged and steepled
snow-tipped peaks. Dense woods mantled the lower slopes, and the
valley's entire floor was forested except for relatively small patches
of grass lands. The whole depression might have been five miles
across, or might have been fifteen; but it was deep and round as the
crater of some gigantic extinct volcano; and there seemed to be
scarcely a pass that gave exit or ingress. I particularly noticed how
the shadows, creeping blackly from the western mountain rim as the
afternoon sun declined, shed an uncanny, ghost-like effect; while
remote waterfalls, leaping soundlessly from the high cliffs with
slender streamers of white, served only to enhance the impression of
a spectral and unreal beauty.
It was with sudden joy that I saw my new-found acquaintances turn
toward this valley, and realized that this was the home to which they
were leading me.
Chapter III
WELCOME TO SOBUL
How we accomplished the descent is one of the mysteries that will
always be associated in my mind with the Valley of Sobul. Even for
the unhampered traveler, as I was to learn, the grades were perilous;
but for climbers impeded with the weight of a disabled man, they
must have been well-nigh impossible. Unfortunately, I have little
recollection of what happened on the way down; I believe that I was
half delirious from hunger and pain; I have indistinct memories of
muttering and screaming strange things, and at best I can recall that
we trailed as in a dream along endless spiral paths by the brink of
bottomless chasms.
It was late twilight when I was aroused to a dim awareness of myself.
Evidently our party had halted, for I was lying on the ground; on all
sides of me, unfamiliar voices were chattering. Although still too
listless to care much what happened, I opened my eyes and
observed a crowd of dusky forms moving shadow-like through the
gloom. In their midst, perhaps a hundred paces to my right, a great
golden bonfire was blazing, casting a fantastic wavy illumination as it
glared and crackled; and by its light I thought I could distinguish a
score or more of little cabin-like structures.
In my feverish state of mind, I had the impression that I had been
captured by savages; tales of cannibals and cannibal feasts, in a
nightmarish sequence, streamed across my memory. Perhaps I cried
out in a half-witted way; or perhaps it was merely that I groaned
unconsciously at my wounds, for suddenly I found myself the focus
of attention for the dusky figures; a dozen pairs of eyes were peering
at me curiously. Among them were two which, even in the dimness, I
thought I could recognize: while the multitude were mumbling
unintelligibly, a feminine form bent over me, and a feminine voice
murmured so gently that I was reassured even though I did not
understand the words.
And again I felt myself lifted by strong hands; and, after a minute, I
was borne through a doorway into the vagueness of some rude
dwelling. The room was a small one, I judged; in the sputtering
candlelight it appeared to me that my outspread arms could have
reached halfway across. Yet I took no note of details as the unseen
hands placed me on a mass of some stringy, yielding substance. So
exhausted was I that I quickly lost track of my surroundings in much
needed sleep.
It may have been hours before I awoke, greatly refreshed, yet with a
sensation of terror. All about me was darkness; the silence was
complete. For an instant I had an impression of being back on the
mountain in the fog; then, as recollection came flashing upon me, I
understood that I was safe among friends. But all the rest of that
night I was tormented by dreams of lonely crags and mantling mists;
and when again I awoke it was abruptly and after a nightmare fall
over a precipice whose bottom I never reached....
To my joy, it was once more twilight. By the illumination of an open,
glassless window, I could distinguish the details of the room—and
singular details they were! The walls were of logs, great rough-hewn
pine logs standing erect and parallel, with the bark still clinging;
slenderer logs formed the flat low ceiling; and timbers crudely
smoothed and levelled constituted what passed for a floor. Scattered
masses of straw did duty as a carpet, while straw likewise composed
my couch; and I was lying so low that I could have rolled to the floor
without injury. I noted that the room had neither ornament nor
furniture; that the wide, open fireplace, filled with cold ashes,
seemed almost the only convenience; and that the door, while as
massively built as the walls, was apparently without lock or bolt.
But as the light gradually increased, it was not the room itself that
held my attention, but rather the view from the window. No painting I
had ever observed was so exquisite as that vision of a green and
white eastern mountain, rounded like a great head and aureoled with
rose and silver where the rays of sunrise fought their way fitfully
through serried bands of cloud.
The last faint flush had not yet faded from above the peak when the
cabin door creaked and slowly opened, and I caught a glimpse of
auburn hair, and saw two brown eyes peering in at me curiously. A
strange joy swept over me; and as the fair stranger stood hesitating
like a bashful child in the doorway, my only fear was that she would
be too timid to enter.
But after a minute she overcame her shyness; gently and on tiptoe
she stepped in, closing the door carefully behind her. I observed that
she had not come empty-handed; she carried not only a water-jug
but several odd little straw-colored objects. Approaching slowly, still
with just a hint of hesitation, she murmured pleasantly in the native
tongue; then, having seated herself cross-legged on the floor within
touching distance, she offered me the water, which was crystal-clear
and cool. The eagerness with which I drank sent a happy smile
rippling across her face; and the daintiest of dimples budded on both
her cheeks.
After I had satisfied my thirst, she held out one of the straw-colored
objects invitingly. I found it to be hard and gritty of texture, like some
new kind of wood; but while I was examining it, turning it round and
round like a child with a new toy, my visitor was pointing to her open
lips, and at the same time revolved her gleaming white teeth as
though chewing some invisible food. I would have been dull indeed
not to understand.
A single bite told me that the object was a form of native bread. The
flavor of whole wheat was unmistakable; and, to my famished
senses, it was the flavor of ambrosia. Only by exercising unusual will
power could I refrain from swallowing the loaf almost at a gulp.
My greedy disposal of the food was evidently reward enough for my
hostess, who beamed upon me as if well pleased with herself. I even
thought—and was it but imagination?—that her shy glances were not
purely impersonal. Certainly, there was nothing impersonal in the
stares with which I followed her every motion—or in my
disappointment when after a time the great log door swung inward
again to admit a second caller.
Yet I did my best to greet my new visitor with signs of pleasure; for I
recognized him as one of my rescuers. He entered as silently and
cautiously as though on his best sick-room behavior; and after
peering at me curiously and returning my nod of welcome, he
murmured a few words to the girl, and as silently and cautiously took
his leave.
Thenceforth, I was to receive visitors in a stream. The moments that
day were to be few when three or four natives were not whispering in
a corner of the room. A census of my callers would have been a
census of the village; no one able to stand on his own legs missed
the opportunity to inspect me. Children of all ages and sizes
appeared in groups; gaped at me as if I had been a giraffe in a
menagerie; and were bustled out by their elders, to be followed by
other children, by men in their prime, women with babes in arm, and
tottering grayheads. But most of my hosts showed that they were
moved by warmer motives than curiosity; many bore offerings of
food and drink, fruit and berries, cakes and cereals, bread and
cheese and goats' milk, which they thrust before me with such
generosity that I could consume but a small fraction.
While they swarmed about the cabin, I observed them as closely as
my condition permitted. Their actions and garb made it plain that
they were peasants; all, like yesterday's acquaintances, were
dressed in rude garments of red and blue, with colored turbans and
striped trousers and leggings, the feminine apparel differing from the
masculine chiefly in being more brilliant-hued. And all, men and
women alike, were robustly built and attractive. The majority had
handsome, well modelled faces, with swarthy skins and candid,
expressive eyes, at the sight of which I felt reassured; for here in the
mountains of Afghanistan, among some of the fiercest and most
treacherous tribes on earth, I might easily have fallen into less kindly
hands.
During the day I was visited by two men who took a particular
interest in me. The first, who came early in the morning, was

PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter

Uploaded by

Copyright:

Available Formats

PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

PDF Frontiers in Cyber Security Second International Conference Fcs 2019 Xi An China November 15 17 2019 Proceedings Bazhong Shen Ebook Full Chapter

Uploaded by

Copyright:

Available Formats

Frontiers in Cyber Security Second

International Conference FCS 2019 Xi

Machine Learning for Cyber Security Second

Frontiers in Cyber Security First International

Network and System Security 8th International

Green Pervasive and Cloud Computing 15th International

Software Technology Methods and Tools 51st

Technology in Education Pedagogical Innovations 4th

Ambient Intelligence 15th European Conference AmI 2019

Green Pervasive and Cloud Computing GPC 2020 Workshops

Communications in Computer and Information Science 1105

Editorial Board Members

Jinguang Han Yong Yu (Eds.)

ISSN 1865-0929 ISSN 1865-0937 (electronic)

November 2019 Bazhong Shen

Yongjian Liao University of Electronic Science and Technology

Yu Chen Meiyan Xiao

Temple University, USA

Abstract. With the large-scale deployment of Internet of Things, smart home

Department of Electrical and Computer Engineering,

Abstract. Data-driven network intelligence will offer a robust, efﬁcient, and

Abstract. Deception technology is an emerging ﬁeld of cyber security defense.

Symmetric Key Cryptography

Improving File Hierarchy Attribute-Based Encryption Scheme

Public Key Cryptography

Anonymous Leakage-Resilient Ciphertext-Policy Attribute-Based

Cryptographic Reverse Firewalls for Identity-Based Encryption. . . . . . . . . . . 36

Identity-Based Encryption Resilient to Continual Leakage Without

CLIBDA: A Deniable Authentication Scheme for Pervasive

Leveled Lattice-Based Linearly Homomorphic Signature Scheme

Symmetric Lattice-Based PAKE from Approximate Smooth Projective

Zero-Knowledge Proofs for Improved Lattice-Based Group Signature

Post-Quantum Pseudorandom Functions from Mersenne Primes . . . . . . . . . . 128

An Efficient Proxy Re-Signature Over Lattices . . . . . . . . . . . . . . . . . . . . . . 145

Batch Verification of Linkable Ring Signature in Smart Grid . . . . . . . . . . . . 161

Hierarchical Identity-Based Signature over Verifiable Random Function. . . . . 177

Attack and Behavior Detection

Analysis of Ciphertext Policy Hidden Attribute-Based Encryption

Implementing Attacks on the Approximate Greatest Common

M4D: A Malware Detection Method Using Multimodal Features . . . . . . . . . 228

Authenticated Key Agreement

A General Construction for Password-Based Authenticated Key

Certificateless Authenticated Key Agreement for Decentralized WBANs . . . . 268

A Certificateless Proxy Re-encryption Scheme

A Novel Fair and Verifiable Data Trading Scheme . . . . . . . . . . . . . . . . . . . 308

Public Audit Scheme of Shared Data Based on Blockchain . . . . . . . . . . . . . 327

System and Network Security

A Hybrid Key Management Scheme for Wireless Sensor Network . . . . . . . . 347

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365

Li Kang(B) and Leyou Zhang

School of Mathematics and Statistics, Xidian University, Xi’an 710126, China

Abstract. With the rapid development of cloud computing technol-

Keywords: File hierarchy · Attribute-based encryption ·

Supported by the National Cryptography Development Fund under grant

Fig. 1. The integrated access structure

2.2 Decisional Bilinear Diﬃe-Hellman (DBDH) Assumption

AdvBDBDH = |P r[B(A, B, C, e(g, g)abc ) = 1] − P r[B(A, B, C, e(g, g)z ) = 1]|.

2.3 Access Structure

2.4 Hierarchical Access Tree

If ak,i ∈ ÃkU , output DecryptN ode(CT, SKU , (x, y)) = ⊥.

However, due to r1 = r2 , the formula q(1,1) (1)Δ1,S(1,1)

If ak,i ∈ ÃkU , deﬁne DecryptN ode(CT, SKU , (x, y)) = ⊥.

Deﬁnition 1. A hierarchy ABE (HABE) scheme is (q, ) secure against the

Theorem 1. Our improving hierarchy CP-ABE scheme is (q, ) semantically