Comments on "Dynamic Consensus Committee-Based for Secure Data Sharing With Authorized Multi-Receiver Searchable Encryption"
- URL: http://arxiv.org/abs/2311.08813v1
- Date: Wed, 15 Nov 2023 09:32:55 GMT
- Title: Comments on "Dynamic Consensus Committee-Based for Secure Data Sharing With Authorized Multi-Receiver Searchable Encryption"
- Authors: Zi-Yuan Liu, Raylin Tso,
- Abstract summary: We present a detailed cryptanalysis on DCC-SE.
We discuss the root cause and identify a flaw in the security proof of DCC-SE.
- Score: 2.3403685276995354
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Recently, Yang et al. introduced an efficient searchable encryption scheme titled "Dynamic Consensus Committee-Based for Secure Data Sharing With Authorized Multi-Receiver Searchable Encryption (DCC-SE)," published in IEEE Transactions on Information Forensics and Security (DOI: 10.1109/TIFS.2023.3305183). According to the authors, DCC-SE meets various security requirements, especially the keyword trapdoor indistinguishability against chosen keyword attacks (KT-IND-CKA). In this letter, however, we reveal a significant vulnerability of DCC-SE: any users involved in the system can execute attacks against KT-IND-CKA security. This flaw potentially results in the unintended disclosure of sensitive keyword information related to the documents. We present a detailed cryptanalysis on DCC-SE. In addition, to address this vulnerability, we discuss the root cause and identify a flaw in the security proof of DCC-SE. Subsequently, we provide a solution that effectively addresses this concern without significantly increasing computational overhead.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Misbinding Raw Public Keys to Identities in TLS [1.821556502071398]
This paper examines the security of TLS when using Raw Public Key (RPK) authentication.
This mode has not been as extensively studied as X.509 certificates and Pre-Shared Keys (PSK)
We develop a formal model of TLS RPK using applied pi calculus and the ProVerif verification tool, revealing that the RPK mode is susceptible to identity misbinding attacks.
arXiv Detail & Related papers (2024-11-14T19:28:09Z) - Multi-Layered Security System: Integrating Quantum Key Distribution with Classical Cryptography to Enhance Steganographic Security [0.0]
We present a novel cryptographic system that integrates Quantum Key Distribution (QKD) with classical encryption techniques.
Our approach leverages the E91 QKD protocol to generate a shared secret key between communicating parties.
This key is then hashed using the Secure Hash Algorithm (SHA) to provide a fixedlength, high-entropy key.
arXiv Detail & Related papers (2024-08-13T15:20:29Z) - Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss.
We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query.
We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
arXiv Detail & Related papers (2024-04-10T08:11:12Z) - The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server.
This paper studies a new and practical security risk to DSSE, namely, secret key compromise.
We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
arXiv Detail & Related papers (2024-03-22T09:21:47Z) - Systematic Literature Review of EM-SCA Attacks on Encryption [0.1433758865948252]
Side-channel attacks (SCAs) pose a significant threat to cryptographic integrity, compromising device keys.
EM-SCA gathers information by monitoring EM radiation, capable of retrieving encryption keys and detecting malicious activity.
This study evaluates EM-SCA's impact on encryption across scenarios and explores its role in digital forensics and law enforcement.
arXiv Detail & Related papers (2024-02-15T15:53:46Z) - Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC)
We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
arXiv Detail & Related papers (2024-02-13T12:12:39Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Uncloneable Decryptors from Quantum Copy-Protection [0.38073142980733]
We show that CPA secure uncloneable bit decryptors could be instantiated from a copy protection scheme.
We then show how to strengthen the CPA security of uncloneable decryptors to CCA2 security using strong EUF-CMA secure digital signatures.
arXiv Detail & Related papers (2022-03-11T11:47:04Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.