Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Purchase individual online access for 1 year to this journal.
Price: EUR 410.00Impact Factor 2024: 0.4
Fundamenta Informaticae is an international journal publishing original research results in all areas of theoretical computer science. Papers are encouraged contributing:
- solutions by mathematical methods of problems emerging in computer science
- solutions of mathematical problems inspired by computer science.
Topics of interest include (but are not restricted to): theory of computing, complexity theory, algorithms and data structures, computational aspects of combinatorics and graph theory, programming language theory, theoretical aspects of programming languages, computer-aided verification, computer science logic, database theory, logic programming, automated deduction, formal languages and automata theory, concurrency and distributed computing, cryptography and security, theoretical issues in artificial intelligence, machine learning, pattern recognition, algorithmic game theory, bioinformatics and computational biology, quantum computing, probabilistic methods, & algebraic and categorical methods.
Authors: Xhafa, Fatos | Cao, Zhenfu
Article Type: Other
DOI: 10.3233/FI-2018-1614
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. v-viii, 2018
Authors: Zhang, Mingwu
Article Type: Research Article
Abstract: In order to provide a flexible access control in a secure manner in open networks, Attribute-Based Encryption (ABE) implements a fine-grained decentralized access control that is based on properties or attributes a user/node owns, which has paid more attention to the applications in large-scale and dynamic networks such as Mesh network, Wireless Body Area Networks (WBAN), and Internet of Things etc . However, as the openness and exposure in such networks, an attacker (e.g., virus, eavesdropper or sniffer) can blow the concrete implementation of cryptosystems, for example side channel attacks, and then obtains some sensitive and secret states …in the system by monitoring pseudo-random numbers , internal results and secret keys and thus breaks the provable security of the systems. In this paper, in order to tolerate the possible key leakage , we model a fine-grained attribute revocable attribute-based encryption, namely ADR-lrABE , and then give the concrete construction, security analysis and resilient-leakage performance. The scheme tolerates the key of matching the challenge ciphertext to be partially revealed (i.e., key leakage resilience ), and it provides a update mechanism to tolerate continual leakage that allows the attacker gains the leakage beyond the bound in the lifetime of the system (i.e., continual leakage tolerance ). Also, it supports the properties of attribute direct revocation that the revocation procedure does not affect any other user’s secret key. That is, the proposed scheme is proven to be semantically secure even the decryption key is partially leaked to the attacker. We analyze the leakage-resilient performance of our scheme, and indicate that the scheme achieves approximate (82 + o (1)) fraction of the bits of a decryption key being leaked. We also provide a mechanism to transform the scheme into a prime-order group. To the best of our knowledge, our schemes are the first ABE that support attribute direct revocation mechanism in the presence of key leakage in noise channel or memory leakage environments. Show more
Keywords: Attribute-based encryption, Leakage resilience, Attribute revocation, Key refresh, Leakage rate, Side-channel attack
DOI: 10.3233/FI-2018-1615
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 1-27, 2018
Authors: Li, Jing | Wang, Licheng | Niu, Xinxin | Gu, Lize | Qu, Zhiguo
Article Type: Research Article
Abstract: In this paper, we propose the notion of Star-Topological encryption that enables some clients confidentially talking to a server but without revealing their identities to others. Then, an encryption scheme is constructed to achieve this cryptosystem based on non-abelian groups. The proposal realizes identity-based encryption and identity authenticity, simultaneously. In this encryption system, both the encryptions and decryptions of two sides of the communications are relying on secret key. Therefore, the encryption/decryption algorithms employ the idea of symmetric key cryptosystem. Meanwhile, the client’s decryption key is generated by taking client’s identity and server’s master secret key as input. Therefore, our …encryption scheme can be viewed as an identity-based encryption in Symmetric Key Cryptosystem. Furthermore, the security of the scheme is based on the intractability of factorization search problem over non-abelian algebraic structures. A matrix group over group ring is suggested and an algorithm of computing the inverse of an invertible group ring element is given. Finally, we discuss that our cryptosystem is secure against determinant attacks and quantum attacks. Show more
Keywords: Star-Topological Encryption, Factorization Search Problem, Group Ring Matrix
DOI: 10.3233/FI-2018-1616
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 29-46, 2018
Authors: Wang, Licheng | Li, Jing | Gu, Lize | Yan, Jianhua | Qu, Zhiguo
Article Type: Research Article
Abstract: Proxy re-encryption (PRE) enables a semi-trusted proxy to transfer Alice’s secrets into Bob’s secrets but without seeing the secrets. This functionality is very interesting for making balance between the information confidentiality and the mutual accessibility in various scenarios such as public cloud storage systems. During the past decades, many smart PRE schemes were built based on intractability assumptions such as integer factorization problems (IFP) and discrete logarithm problems (DLP). However, Shor’s efficient quantum algorithms for IFP and DLP stand great threats towards the security baseline of these schemes. Enlightened by Gu et al.’s recent work on resisting known quantum attacks, …we propose an efficient PRE scheme based on the intractability of the (semi)group factorization problems in this paper. The security of the proposed scheme is analyzed according to some heuristic attacks. Moreover, a special instantiation technique is present in detail, and some illustrations are provided for manifesting the effectiveness and efficiency of the proposed methodology. Show more
Keywords: Proxy re-encryption, quantum attack resistant, group factorization, non-commutative cryptography
DOI: 10.3233/FI-2018-1617
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 47-62, 2018
Authors: Wei, Lifei | Zhang, Kai | Zhang, Lei | Huang, Dongmei
Article Type: Research Article
Abstract: Homomorphic encryption always allows the linear arithmetic operations performed over the ciphertext and then returns equaling results as if the operations are taken over the original plaintext, which is always used for data aggregation in wireless sensor networks to keep the confidentiality of the data and cut down the transmission overhead of the ciphertext. In the marine sensor networks, sensors collect the multiple data such as temperature, salinity, pressure, and chlorophyll concentration in the ocean using a single hardware unit for further statistical analysis such as computing the mean and the variance and making regression analysis. However, directly using the …homomorphic encryption cannot perform well in marine sensor data forwarding since the data need to turn to satellites or vessels as relays and be forwarded in multi-hop way. The data are not expected to be decrypted until arriving the final destinations. To tackle these issues, we design a secure data forwarding protocol based on the Paillier homomorphic encryption and multi-use proxy re-encryption. We also evaluate the computational overhead in term of the delay in the transmission and operation in various test beds. The experiment results show that the additional computational overhead brought by cryptographic operations could be minor and it has the merit of providing fixed data size passing through the multi-hop transmission. Show more
Keywords: Secure transmission, Proxy re-encryption, Paillier encryption, Marine sensors networks, Statistical analysis
DOI: 10.3233/FI-2018-1618
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 63-78, 2018
Authors: Jeyabalu, Mahalakshmi | Krishnamoorthy, Kuppusamy
Article Type: Research Article
Abstract: Cloud Computing, a type of interpersonal computing offers services on demand. There arise numerous vulnerabilities and threats that jeopardize the authentication of the cloud services. Security services remain prevalent despite of standard policies offered by service providers, especially on public cloud. An encryption service is one of the conventional way to protect the plain data, by converting it into inarticulate form. This paper brings an interesting application service that provides security as a service to the users. This innovative service works based on a symmetric key encryption scheme. Encryption keys in the cryptographic process reveal the quality of encryption. Multiple …keys are involved in this proposed encryption process, among them, one interesting key generation is from hybridization of improved cipher block chaining encryption operation and another from nature inspired genetic algorithm. Motivation for designing this hybrid algorithm is to minimize the execution time and storage space capacity. The experimental analysis is performed for multimedia files, including plain text, images. Performance of the proposed encryption algorithm is analyzed using various metrics that reveals the quality and strength of the algorithm in spite of various attacks. Evaluation reports state that this application service relics potential for authenticating multimedia files with better satisfaction while out-sourced as application in cloud computing environment. Show more
Keywords: Security-as-a-service, Improved encryption algorithm, Genetic Algorithm, Multimedia files, Outsourcing, Public Cloud, local optimization, symmetric key encryption
DOI: 10.3233/FI-2018-1619
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 79-109, 2018
Authors: Li, Jiguo | Yuan, Hong | Zhang, Yichen
Article Type: Research Article
Abstract: In order to satisfy application in resource constrained environment, aggregate signature schemes have been widely investigated. Recently, He et al. pointed out that certificateless aggregate signature (CLAS) scheme proposed by Xiong et al. was insecure against the Type II adversary and presented an possible improvement. In this article, we show that their improved scheme is not secure against a malicious-but-passive KGC attack. We analyze attack reason and propose an improved certificateless aggregate signature scheme. Based on the CDH difficult problem assumption, the proposed CLAS scheme is existentially unforgeable against adaptive chosen-message attacks in the random oracle model.
Keywords: Certificateless signature, Aggregate signature, Cryptanalysis, Malicious KGC attack
DOI: 10.3233/FI-2018-1620
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 111-123, 2018
Authors: Wei, Yuechuan | Rong, Yisheng | Fan, Cunyang
Article Type: Research Article
Abstract: Lightweight block cipher is usually used in “Internet of Thing” to protect confidentiality as well as to authentication. LBlock is a lightweight block cipher designed for tiny computing devices, such as RFID tags and sensor network nodes. The cipher algorithm iterates a Feistel structure with SP type round function by 32 rounds. Its block size is 64 bits and key size is 80 bits. The designers show that LBlock is resistant against most classical attacks, such as differential and linear cryptanalysis. This paper proposed differential fault analysis on LBlock based on different depth of fault model, the theoretical analysis demonstrates …that LBlock is vulnerable to deep differential fault attack due to its Feistel structure and diffusion layer. By injecting faults in the 27th round to the 29th round, a differential fault analysis on LBlock based on a nibble-oriented random fault model is presented. The experiment shows that 4.3 faults on average could recover a round key. For reveal the whole key information, 13.3 faults on average are needed. This indicates that cryptographic devices supporting LBlock should be carefully protected. Show more
Keywords: Block cipher, DFA, LBlock, Attack mode
DOI: 10.3233/FI-2018-1621
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 125-139, 2018
Authors: Zhang, Huajun | Cao, Zhenfu | Dong, Xiaolei | Shen, Jiachen
Article Type: Research Article
Abstract: For disaster recovery, we store backups of a file in several positions far away from each other. If we delegate this task to an untrusted cloud service provider, a verification method is desired. In this paper, we construct a generic transformation from “proof of retrievability” to “proof of multicopy”. We present this work in two stages. In the first stage, we propose a generic protocol of “proof of file position” based on an arbitrary secure “proof of retrievability” protocol. In the second stage, we propose a “proof of multicopy” protocol based on our “proof of file position” protocol. Both of …our protocols are provably secure. Show more
Keywords: proof of retrievability, proof of file position, proof of multicopy
DOI: 10.3233/FI-2018-1622
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 141-151, 2018
Authors: Zhang, Miao | Wang, Chenyu | Wang, Jiteng | Tian, Si | Li, Yanwei
Article Type: Research Article
Abstract: ZigBee networks, with their characteristics of high availability, low power consumption and cost-effective devices, are perfectly appropriate to construct Wireless Sensor Networks (WSNs). Also, the natures of WSN listed above bring significant benefits over traditional communication networks used in smart home systems. A smart home system is meant to improve the quality of life through offering various automated, interactive and comfortable services, such as sensing and communicating the family member’s health information with their doctors, or remotely controlling the appliances via cellular phones, emails etc. These critical services make the security of personal privacy and the authority of control commands …vital issues in Smart Home environments. While the smart home system suffer from many attacks, the security of the smart home system become an important and hard problem. And the authentication is the first parclose to the security of the system. However, according to our analysis, most system fail to achieve the authentication between the user and the device, Which leading to the compromise of the whole system. In this paper, we analyze the authentication challenges between the user the device in WSNs and in smart home Systems. To thoroughly detect, defense and foresee the authentication vulnerabilities existing in smart home networks, we proposed a security evaluation technique based on attack graph generation. We discuss the distinction between the attack graphs deployed in traditional networks and in smart home networks. Furthermore, we apply this technique into an experiment, and the results prove its practicality. And we then suggest a widely used protocol to the smart home authentication system. Show more
Keywords: Smart Home, Wireless Sensor Networks, security, attack graph
DOI: 10.3233/FI-2018-1623
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 153-165, 2018
Authors: Chen, Yuling | Lei, Min | Ren, Wei | Ren, Yi | Qu, Zhiguo
Article Type: Research Article
Abstract: Cloud computing paradigm is becoming very popular these days. However, it does not include wireless sensors and mobile phones which are needed to enable new emerging applications such as remote home medical monitoring. Therefore, a combined Cloud-Internet of Things (IoT) paradigm provides scalable on-demand data storage and resilient computation power at the cloud side as well as anytime, anywhere health data monitoring at the IoT side. As both the privacy of personal medical data and flexible data access should be provided,attackers exploit diverse social engineering and technology attacks ways, access to personal privacy information stored in the home medical monitoring …cloud, with more and more social engineering attacks.Therefore, the data in the Cloud are always encrypted and access control must be operated upon encrypted data together with being fine-grained to support diverse accessibility. Since a plain combination of encryption before access control is not robust and flexible, we propose a scheme referred to as RoFa, with tailored design. The scheme is introduced in a step-by-step manner. The basic scheme (BaS) makes use of cipher-policy attributes based encryption to empower robustness and flexibility. We further propose an advanced scheme (AdS) to improve the computation efficiency by taking the advantages of proxy-reencryption. AdS can greatly decrease the computation overhead on hospital servers due to operation migration. We finally propose an enhanced scheme (EnS) to protect integrity by using aggregate signature. RoFa describes a general framework to solve the secure requirements, and leaves the flexibility of concrete constructions intentionally. We finally compare the robustness and the flexibility of the proposed schemes by performance analysis. Show more
Keywords: Access Control, Cloud Computing, Internet of Things, Fine Grained, Robust and Flexible Security
DOI: 10.3233/FI-2018-1624
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 167-184, 2018
Authors: Zhang, Jindan | Wang, Baocang
Article Type: Research Article
Abstract: Recently how to audit cloud storage correctly and securely is a very hot research topic for cloud storage. At Infocom 2015, Chen et al. proposed a novel secure cloud storage audit protocol based on distributed string equality checking, which is a very interesting result. In this paper, we give some improvements to their protocol to strengthen its security. In particular, we show that if the data owners reuse pseudorandom function on the same order number of file block when uploading file block’s tag to the cloud, the protocol maybe not secure any more. We also show that there can exist …many (mi , ci ) pairs which will result in the same inner product sum ∑ i = 1 n m i ⋅ c i , while mi denotes the file block, ci denotes the challenge value, and n denotes the number of blocks. We emphasis here that the flaw maybe does not lie in the traditional security model of cloud storage auditing protocol, but we think it is actually a serious drawback for current secure cloud storage audit protocols. We emphasis these two flaws can also exist in some famous cloud auditing protocols such as PDP and POR. Finally, we give an improvement to their protocol, and thus also give a way to strengthen the famous PDP and POR protocols. Show more
Keywords: Cloud storage auditing, security analysis, inner product
DOI: 10.3233/FI-2018-1625
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 185-199, 2018
Authors: Wei, Fushan | Zhang, Ruijie | Ma, Chuangui
Article Type: Research Article
Abstract: Two-factor authenticated key exchange (TFAKE) protocols are critical tools for ensuring identity authentication and secure data transmission for cloud computing. Until now, numerous TFAKE protocols based on smart cards and passwords are proposed under this circumstance. Unfortunately, most of them are found insecure against various attacks. Researchers focus on cryptanalysis of these protocols and then fixing the loopholes. Little attention has been paid to design rationales and formal security models of these protocols. In this paper, we summarize the security requirements and put forward a formal security model for TFAKE protocols for cloud computing. We then present an efficient TFAKE …protocol without using expensive asymmetric cryptology mechanisms to achieve high efficiency. Our protocol can be proven secure in the random oracle model and achieves user anonymity. Compared with other TFAKE protocols, our protocol is more efficient and enjoys provable security. Show more
Keywords: two-factor authenticated key exchange, password, smart card, provable security, cloud computing
DOI: 10.3233/FI-2018-1626
Citation: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 201-220, 2018
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl