Privacy-Preserving and Secure Cryptographic Schemes for Wireless Applications Open Access
Downloadable ContentDownload PDF
With the development of wireless technologies, the wireless applications have gained tremendous attention. Due to the features of wireless networks, security and privacy issues are crucial in almost wireless applications. How to protect the user's data security and privacy to meet the requirement of certain wireless applications? It is a big challenge problem. In this dissertation, we focus on protecting data security and privacy in wireless applications by cryptographic mechanisms.The first work develops a Signcryption scheme called CP_ABSC based on Ciphertext-Policy Attribute Based Encryption (CP_ABE) to secure the multicast communications in smart grids that require access control, data encryption, and authentication to ensure message integrity and confidentiality. CP_ABSC provides algorithms for key management, signcryption, and designcryption. It can be used to signcrypt a message based on the access rights specified by the message itself. A user can designcrypt a ciphertext if and only if it possesses the attributes required by the access structure of the data. Thus CP\_ABSC effectively defines a multicast group based on the access rights of the data specified by the data itself, which differs significantly from the traditional Internet based multicast where the destination group is predetermined and must be known by the data source. CP_ABSC provides collusion attack resistance, message authentication, forgery prevention, and confidentiality. It can be easily applied in smart grids to secure the instructions/commands broadcast from a utility company to multiple smart meters (push-based multicast) and the data retrieved from a smart meter to multiple destinations (pull-based multicast). Compared to CP_ABE, CP_ABSC combines encryption with signature at a lower computational cost for signcryption and a slightly higher cost in designcryption for signature verification. We also consider the adoption of attribute-based signature (ABS), and conclude that CP_ABSC has a much lower computational cost than ABS. The second work propose a privacy preservation and billing scheme termed PPDIR based on delayed information release. PPDIR relies on a novel group signature mechanism and the asymmetric Rabin cryptosystem to protect the privacy of the clients and their requests, to achieve accountability and non-repudiation, and to shift the computational complexity to the server side. It adopts a secret token for anonymity and the token is updated for each client at the beginning of each billing period and securely released only to the server at the end of the billing period. Such a strategy can prevent the server from linking a client's requests made at different billing periods. It also prevents any adversary from linking any request to any client. Note that the server is able to figure out all requests made by a client within a billing period after receiving the delayed token, which is unavoidable for billing purpose. We prove the security properties of the group signature scheme, and analyze the security strength of PPDIR. Our study indicates that PPDIR can achieve privacy-preservation, confidentiality, non-repudiation, accountability, and other security objectives. We also evaluate the performance of our scheme in terms of communication and computational overheads. Our third work focuses on security and privacy issues in mobile big data applications, which require the computation of dot-product of two vectors. For examples, the dot-product of an individual's genome data collected by a body area network and the gene biomarkers of a health center can help detect diseases in m-Health, and that of the interests of two persons can facilitate profile matching in mobile social networks. Nevertheless, mobile big data typically contain sensitive personal information and are more accessible to the general public as they are collected by mobile devices carried by human beings. Therefore exposing the inputs of dot-product computation discloses sensitive information about the two participants, leading to severe privacy violations. In this dissertation, we tackle the problem of private dot-product computation targeting mobile big data applications in which secure channels are hardly established, and the computational efficiency is highly desirable. We first propose two basic schemes and then present the corresponding advanced versions to improve computational efficiency and enhance the privacy-protection strength. Furthermore, we theoretically prove that our proposed schemes can simultaneously achieve privacy-preservation, non-repudiation, and accountability. Our numerical results verify the performance of the proposed schemes in terms of communication and computational overheads.