Wang and Guo (Nonlinear Dyn 76(4): 1943-1950 proposed a new image alternate encryption algorithm based on chaotic map. The image alternate encryption can be conceptually treated as a block cipher where a round function which provides both confusion and diffusion is applied on a plain image iteratively. After performing the round function for T iterations, the processed image is denoted as the encrypted image. We analyse the security of Wang and Guo image encryption scheme, especially from cryptographic point of view, in line with the designers' approach in their security analyses. Negatively, we show that the image encryption scheme is vulnerable to an impossible differential attack (a type of chosen plaintext attack) and a divide-and-conquer attack when a large all black image is encrypted. This paper serves as another important security result showing that any future design of image encryption schemes based on chaotic map should be evaluated through systematic cryptanalytic approaches which include impossible differential attack. To the best of our knowledge, this is the first impossible differential attack applied on an image encryption algorithm.
BackgroundWith the rapid development of cloud computing and mobile networking technologies, users tend to access their stored data from the remote cloud storage with mobile devices. The main advantage of cloud storage is its ubiquitous user accessibility and also its virtually unlimited data storage capabilities. Despite such benefits provided by the cloud, the major challenge that remains is the concern over the confidentiality and privacy of data while adopting the cloud storage services [1]. For instance, unencrypted user data stored at the remote cloud server can be vulnerable to external attacks initiated by unauthorized outsiders and internal attacks initiated by the untrustworthy cloud service providers (CSPs) [2]. There are several reports that confirm data breaches related to cloud servers, due to malicious attack, theft or internal errors [3]. This raises concern for many users/ AbstractEnsuring the cloud data security is a major concern for corporate cloud subscribers and in some cases for the private cloud users. Confidentiality of the stored data can be managed by encrypting the data at the client side before outsourcing it to the remote cloud storage server. However, once the data is encrypted, it will limit server's capability for keyword search since the data is encrypted and server simply cannot make a plaintext keyword search on encrypted data. But again we need the keyword search functionality for efficient retrieval of data. To maintain user's data confidentiality, the keyword search functionality should be able to perform over encrypted cloud data and additionally it should not leak any information about the searched keyword or the retrieved document. This is known as privacy preserving keyword search. This paper aims to study privacy preserving keyword search over encrypted cloud data. Also, we present our implementation of a privacy preserving data storage and retrieval system in cloud computing. For our implementation, we have chosen one of the symmetric key primitives due to its efficiency in mobile environments. The implemented scheme enables a user to store data securely in the cloud by encrypting it before outsourcing and also provides user capability to search over the encrypted data without revealing any information about the data or the query. Salam et al. Hum. Cent. Comput. Inf. Sci. (2015) et al. Hum. Cent. Comput. Inf. Sci. (2015) 5:19 organizations as the outsourced data might contain very sensitive personal organization/ information. RESEARCHPage 2 of 16 SalamSeveral researches have addressed the issue of ensuring confidentiality and privacy of cloud data without compromising the user functionality. Here, confidentiality refers to the secrecy of the stored data so that only the client can read the contents of the stored data. To solve the problem of confidentiality, data encryption schemes can come in handy to provide the users with some control over the secrecy of their stored data. This has been adopted by many recent researches which allow users to encrypt their data...
Within modern internet infrastructure including networks that are ubiquitous, there is often a need for delegatable communication between nodes without compromising the confidentiality of information. In practice, this should be enforced while allowing some basic functionality for intermediate delegated nodes such as searching through encrypted content. This can be achieved using a Public key encryption with keyword search (PEKS) scheme, first proposed by Boneh et al., which enables to search publicly encrypted messages for keywords without revealing any information about the message. The issue of PEKS schemes being vulnerable to keyword guessing attacks (KGAs) was first shown by Byun et al., and two of the most recent PEKS schemes, i.e., due to
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations鈥揷itations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright 漏 2024 scite LLC. All rights reserved.
Made with 馃挋 for researchers
Part of the Research Solutions Family.