Nuggets tagged encryption - [remove filter]

July 14, 2016 (1 year, 1 month ago)

The SensorCloud Protocol: Securely Outsourcing Sensor Data to the Cloud

When securing the outsourcing of sensor data to the cloud, the representation of the sensor data and the choice of security measures applied to it are key. This paper presents the SensorCloud protocol, which enables the representation of sensor data and actuator commands using JSON, as well as the encoding of the object security mechanisms applied to a given sensor data item. It utilizes mechanisms that have been or currently are in the process of being standardized at the IETF to aid its wide applicability.

June 2, 2015 (2 years, 2 months ago)

Lightweight Practical Private One-Way Anonymous Messaging,

This paper (a sample of which is available online) might be sub-titled "Ed Snowdens dream technology". The authors propose a one-way message routing scheme that guarantees message privacy, and sender anonymity, through the use of homomorphic encryption (a form of encryption that allows computations to be carried out on ciphertext, generating an encrypted result which, when decrypted, matches the result of operations performed on the plaintext.) The scheme uses intermediate relays and a real-world prototype built on HTML5 has been tested and deployed on a public cloud environment and run in a mobile web browser with no configuration at the network level. Practical applications potentially include whistle-blower protection, anonymous surveys and microblogging,

Nov. 19, 2014 (2 years, 9 months ago)

Nothing is for Free: Security in Searching Shared & Encrypted Data

Most existing searchable encryption schemes allow a user to outsource their encrypted data, and a concomitant search capability, to the cloud. These schemes are not secure and scalable in cases where users outsource their encrypted data to a cloud server but selectively authorize other parties to search it. In these cases the cloud server may collude with some malicious users, to leak data and/or search patterns. This paper presents a multi-party searchable encryption (MPSE) scheme which protects against a range of server-user collusion possibilities.

June 26, 2014 (3 years, 1 month ago)

Researchers crack supposedly impregnable encryption algorithm in two hours

Much commercial cryptography uses the mathematical functions of discrete logarithms (example?). The security of these algorithms rests on the assumption that the mathematical functions are impossible to solve. Recently, this assumption has come under strain. First a researcher solved the first of three parts of the ‘puzzle’ that could lead to the solution of discrete logarithms. The next two phases have also been attacked and simplified for certain special case of discrete logarithm. Existing applications are still considered strong however the researchers used this progress to attack a family of discrete logarithm algorithms proposed for the next generation of internet encryption. The simplifications they could derive meant that the decryption problem could be processed in just 2 hours, effectively rendering the new algorithm broken. The clear lesson is banking on the long term security of specific algorithms is increasingly uncertain.