The prosperous Internet communication technologies have led to e-commerce in mobile computing and made Web of Things become popular. Electronic payment is the most important part of e-commerce, so many electronic payment schemes have been proposed. However, most of proposed schemes cannot give change. Based on proxy blind signatures, an e-cash payment system is proposed in this paper to solve this problem. This system can not only provide change divisibility through Web of Things, but also provide anonymity, verifiability, unforgeability and double-spending owner track.

A global content delivery plays an important role in the current Internet. Information-Centric Networking (ICN) is a future internet architecture which attempts to redesign the Internet with a focus on the content delivery. However, it has the potential performance degradation in the global content delivery. In this paper, we propose an ICN performance enhancing proxy (ICN-PEP) to mitigate this performance degradation. The key idea is to prefetch Data packets and to serve them to the consumer with the shorter round trip time. By utilizing ICN features, it can be developed as an offline and state-less proxy which has an advantage of scalability. We evaluate the performance of ICN-PEP in both simulation and experiment on global testbed and show that ICN-PEP improves the performance of global content delivery.

To prevent proxy-test taking among examinees in unsynchronized e-Testing, a previous work proposed an online handwriting authentication. That method was limited to applied for end of each answer. For free response tests that needed to authenticate throughout the answer, we used the Bayesian prior information to examine a sequential handwriting authentication procedure. The evaluation results indicate that the accuracy of this procedure is higher than the previous method in examinees authentication during mathematics exam with referring the Chinese character.

Homomorphic encryption (HE) is useful to analyze encrypted data without decrypting it. However, by using ordinary HE, a user who can decrypt a ciphertext that is generated by executing homomorphic operations, can also decrypt ciphertexts on which homomorphic evaluations have not been performed, since homomorphic operations cannot be executed among ciphertexts which are encrypted under different public keys. To resolve the above problem, we introduce a new cryptographic primitive called Homomorphic Proxy Re-Encryption (HPRE) combining the “key-switching” property of Proxy Re-Encryption (PRE) and the homomorphic property of HE. In our HPRE, original ciphertexts (which have not been re-encrypted) guarantee CCA2 security (and in particular satisfy non-malleability). On the other hand, re-encrypted ciphertexts only guarantee CPA security, so that homomorphic operations can be performed on them. We define the functional/security requirements of HPRE, and then propose a specific construction supporting the group operation (over the target group in bilinear groups) based on the PRE scheme by Libert and Vergnaud (PKC 2008) and the CCA secure public key encryption scheme by Lai et al. (CT-RSA 2010), and prove its security in the standard model. Additionally, we show two extensions of our HPRE scheme for the group operation: an HPRE scheme for addition and an HPRE scheme for degree-2 polynomials (in which the number of degree-2 terms is constant), by using the technique of the recent work by Catalano and Fiore (ACMCCS 2015).

This work is conducted to solve the current problem in the attribute-based keyword search (ABKS) scheme about how to securely and efficiently delegate the search rights to other users when the authorized user is not online. We first combine proxy re-encryption (PRE) with the ABKS technology and propose a scheme called attribute-based keyword search with proxy re-encryption (PABKS). The scheme not only realizes the functions of data search and fine-grained access control, but also supports search function sharing. In addition, we randomly blind the user's private key to the server, which ensures the confidentiality and security of the private key. Then, we also prove that the scheme is selective access structure and chosen keyword attack (IND-sAS-CKA) secured in the random oracle model. A performance analysis and security proof show that the proposed scheme can achieve efficient and secure data search in the cloud.

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on cloud storage systems. In ABE, to revoke users' attributes, it is necessary to make them unable to decrypt ciphertexts. Some CP-ABE schemes for efficient attribute revocation have been proposed. However, they have not been given a formal security proof against a revoked user, that is, whether they satisfy forward secrecy has not been shown or they just do not achieve fine-grained access control of shared data. We propose an attribute revocable attribute-based encryption with the forward secrecy for fine-grained access control of shared data. The proposed scheme can use both “AND” and “OR” policy and is IND-CPA secure under the Decisional Parallel Bilinear Diffie-Hellman Exponent assumption in the standard model.

Revocation is one of the major problems for access control systems. Especially, the revocation cost for the data outsourced in the third party environment such as cloud storage systems. The revocation in the cloud-based access control typically deals with the cryptographic operations that introduce costly overheads for key re-generation, file re-encryption, and key re-distribution. Also, the communication for retrieving files for re-encryption and loading them back to the cloud is another non-trivial cost for data owners. In this paper, we propose a Very Lightweight Proxy Re-Encryption (VL-PRE) scheme to efficiently support attribute-based revocation and policy update in the collaborative data sharing in cloud computing environment. To this end, we propose three-phase VL-PRE protocol including re-encryption key generation, re-encryption key update, and re-encryption key renewal for supporting the optimized attribute revocation and policy update. Finally, we conduct the experiments to evaluate the performance of our VL-PRE and show that it exhibits less computation cost with higher scalability in comparison with existing PRE schemes.

In this letter, we propose a novel garbage collection technique for index structures based on flash memory systems, called Proxy Block-based Garbage Collection (PBGC). Many index structures have been proposed for flash memory systems. They exploit buffers and logs to resolve the update propagation problem, one of the a main cause of performance degradation of the index structures. However, these studies overlooked the fact that not only the record operation but also garbage collection induces the update propagation problem. The proposal, PBGC, exploits a proxy block and a block mapping table to solve the update propagation problem, which is caused by the changes in the page and block caused by garbage collection. Experiments show that PBGC decreased the execution time of garbage collection by up to 39%, compared with previous garbage collection techniques.

Designing secure revocable storage systems for a large number of users in a cloud-based environment is important. Cloud storage systems should allow its users to dynamically join and leave the storage service. Further, the rights of the users to access the data should be changed accordingly. Recently, Liang et al. proposed a cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation and delegation of decryption rights. Moreover, to reduce the size of the key update token, they employed a public key broadcast encryption system as a building block. In this paper, we show that the CR-IB-PRE scheme with the reduced key update token size is not secure against collusion attacks.

In this paper, Proxy Mobile IPv6 (PMIPv6), which is a network-based mobility management protocol, is adapted to the OpenFlow architecture. Mobility-related signaling is generally performed by network entities on behalf of a mobile node, but in standard PMIPv6, the control and data packets are delivered and processed over the same network entities, which prevents the separation of the control and the data planes. In addition, IP tunneling inherent to PMIPv6 imposes excessive overhead for the network entities. In order to adapt PMIPv6 to the OpenFlow architecture, the mobility management function is separated from the PMIPv6 components, and components are reconstructed to take advantage of the offerings of the OpenFlow architecture. The components configure the flow table of the switches located in a path, which comprise the OpenFlow controller. Mobility-related signaling can then be performed at the dedicated secure channel, and all of the data packets can be sent normally in accordance with the flow table of the OpenFlow switches. Consequently, the proposed scheme eliminates IP tunneling when user traffic is forwarded and separates the data and the control planes. The performance analysis revealed that the proposed scheme can outperform PMIPv6 in terms of the signaling cost, packet delivery cost, and handover latency.

A proxy signature scheme allows an entity to delegate his signing capabilities to another. Many schemes have been provided for use in numerous applications such as distributed computing, grid computing, and mobile communications. In 2003, Boldyreva et al. introduced the first formal security model of proxy signatures and also proposed a generic construction secure in their model. However, an adversary can arbitrarily alter the warrants of the proxy signatures because the warrants are not explicitly considered in their model. To solve this problem, Huang et al. provided an enhanced security model of proxy signatures in 2005. Some proxy signatures secure in this security model have been proposed but there is no generic construction yet. In this paper, we redefine and improve the Huang et al.'s security model in terms of multi-user and then provide a new generic construction of proxy signatures secure against our enhanced security model based on ID-based signatures. Moreover, we can make a lattice-based proxy signature scheme in the standard model from our result.

In a proxy re-signatures (PRS) scheme, a semi-trusted proxy is given some information which allows it to translate a user i's signature on a message m into another user j's signature on the same message m. However, the proxy cannot, on it own, compute signatures for either i or j. This notion introduced by Blaze et a. at EUROCRYPT 1998, and then revisited by Ateniese and Hohenberger at CCS 2005. The existence of multi-use unidirectional PRS scheme is an open problem left by AH05. Whereafter, at CCS 2008, Libert and Vergnaud constructed the first multi-use unidirectional PRS scheme. However, there is a major drawback in the LV08 scheme that the size of the signatures is linear in the number of translations. Hence, Libert and Vergnaud said that a more challenging task would be to find out implementations of such primitives where the size of signatures and the verification cost do not grow linearly with the number of translations. In this work we resolve this task by constructing a such PRS scheme in the standard model by using indistinguishability obfuscation. A shortcoming of our construction is that the security is selective but not full.

Presently, many identity-based proxy signature (IBPS) schemes have been proposed, but most of them require high computational costs and the proposed security model for IBPS is not enough complete. To overcome this weakness, Gu et al. recently proposed a framework and a detailed security model for IBPS. They also proposed an efficient IBPS scheme and proved the unforgeability of their scheme in the standard model. However, in this letter, we demonstrate that Gu et al.'s scheme fails to satisfy the property of unforgeability because it can not resist the following attacks: after getting a private key, an adversary behaving as a malicious signer can forge a private key on any identity without the help of the private key generator (PKG); after getting a delegation, an adversary behaving as a malicious proxy signer can forge a proxy signing key on any delegation without the agreement of the original signer; after getting a signature, an adversary behaving as a malicious user can forge a signature on any identity without the private key or forge a proxy signature on any warrant without the proxy signing key.

In a proxy re-encryption (PRE) scheme, a delegator gives a re-encryption key to a semi-trusted proxy, then the proxy can transform the delegator's ciphertexts into one that can be decrypted by a delegatee who is appointed by the delegator. The proxy cannot, however, learn anything about the encrypted messages. At CCS 2007, Canetti and Hohenberger left an interesting open problem of how to design a PRE scheme that is simultaneously unidirectional and multi-hop. This is a rather interesting problem since in some applications we may need this feature, such as in the scenario of email forwarding, a delegatee wants forward his emails that received from the delegator to another delegatee. In this work we design an unidirectional and multi-hop PRE scheme by using multilinear maps. A shortcoming of our scheme is that its security relies on some rather strong assumptions in the setting of multilinear groups.

We propose two unidirectional proxy re-encryption schemes from the LWE assumptions. The schemes enjoy key privacy defined by Ateniese, Benson, and Hohenberger (CT-RSA 2009), that is, a delegator and a delegatee of a re-encryption key are anonymous.

The Internet Engineering Task Force (IETF) has been actively standardizing distributed mobility management (DMM) schemes with multiple Mobility Anchors (MAs). Yet, all existing schemes have limitations that preclude the efficient distribution of mobile data traffic, including single point failure problems, heavy tunneling overheads between MAs, and a restrictive traffic distribution for external nodes in a mobility domain. Therefore, this paper proposes an efficient mobility management scheme with a virtual Local Mobility Anchor (vLMA). While the vLMA is designed assuming multiple replicated LMAs for a PMIPv6 domain, it acts virtually as a single LMA for the internal and external nodes in the PMIPv6 domain. Furthermore, the vLMA distributes mobile data traffic using replicated LMAs, and routes packets via a replicated LMA on the optimal routing path. Performance evaluations confirm that the proposed scheme can distribute mobile data traffic more efficiently and reduce the end-to-end packet delay than the Distributed Local Mobility Anchor (DLMA) and the Proxy Mobile IPv6 (PMIPv6).

This study proposes an integrated technology based on Proxy Mobile IPv6, which is a network-based protocol with mobility support, and a mobile content delivery network (CDN) that provides efficient content delivery management. The proposed architecture offers several benefits, such as the conservation of network resources because of reduced total traffic between hops and a reduced hop count.

Proxy Mobile IPv6 (PMIPv6) is a network-based localized mobility management protocol that is independent of global mobility management protocols. In a single local mobility domain, the mobile node (MN) is not involved in any IP mobility-related signaling, but when the MN moves into another local mobility domain, the MN must change its PMIPv6 home address. In this case, host-based mobility signaling is activated, and PMIPv6's network-based mobility cannot be retained. Additionally, if the MN does not support global mobility, it cannot maintain its communication sessions with its correspondent node. In this paper, we propose a solution for network-based global mobility support in PMIPv6 networks, which allows the MN to maintain active communication sessions without mobility protocol stacks when the MN moves into another local mobility domain. In the proposed mechanism, the MN remains unaware of its movement when it moves to another local mobility domain, and it is forced to use only its MIPv6 home address for all its communication. Thus, the MN is not involved in any IP mobility-related signaling, despite its movement. The proposed protocol provides for global mobility while retaining the advantages of the network-based localized mobility in the Proxy Mobile IPv6 protocol. In this paper, we propose a solution for global mobility support in PMIPv6 networks by which the MAG (Mobile Access Gateway) can maintain the MN's communication sessions during inter-domain handover. In the proposed mechanism, the MN remains unaware of its movement when it moves to another local mobility domain, and it is forced to use only its MIPv6 home address for all its communication. Thus, the MN is not involved in any IP mobility-related signaling, despite its movement. We evaluate and compare network performance between our proposed solution and PMIPv6 and the main host-based mobility protocol. We evaluate and compare handover delays, and packet loss cost of the two protocols.

Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.

PMIPv6 is the IETF standard for a network-based localized mobility management protocol. In PMIPv6, MNs are topologically anchored at an LMA, which forwards all data for registered MNs. However, since all data packets destined for MNs always traverse the MNs' LMA, the end-to-end packet delay is increased. Therefore, this paper proposes an RO scheme in single and multiple LMA environments. For efficient RO possibility detection, an IPv6 RO extension header and initial RO procedure are proposed. Plus, an effective post-handover RO procedure is presented, along with a packet forwarding scheme to avoid the race condition problem during an RO operation. A Performance evaluation confirms that the proposed scheme can significantly reduce the end-to-end delay, signaling overhead, and RO latency when compared with existing RO schemes.