A method for performing a fuzzy search in encrypted data includes receiving an encrypted search token corresponding to a search keyword with an untrusted server computing device and generating inner product values based on a function-hiding inner product encryption operation of the encrypted query vectors encrypted node vectors in an encrypted tree stored in the memory of the untrusted server computing device. The method further includes transmitting, with the untrusted server computing device, the encrypted keyword stored in the leaf node to a client computing device in response to the first inner product value exceeding a first predetermined similarity threshold corresponding to a similarity of the first query vector to the leaf node vector, the fuzzy search not revealing plaintext contents for any of a keyword stored in the leaf node, the search keyword, or a fuzziness parameter.
A searchable symmetric encryption (SSE) system and method of processing inverted index is provided. The SSE system includes genKey, buildSecurelndex, genToken, and search operations. A compress X is integrated into at least one of the buildSecurelndex and search operations. The compress then X takes each entry of an encrypted index, compresses entry of the encrypted index into a compressed entry, and then processes the compressed entry with a function. The function comprises a linked list function and an array function. The search operation decompresses the processed entry and output the decompressed entry. The SSE comprises a client device and a server. The genKey, buildSecurelndex, and genToken operations are integrated into the client device and the search operation is integrated into the server.
A method for searching encrypted data includes identifying, with a client, a plurality of values within a predetermined search range in a search index stored within a memory of the client, each value in the plurality of values being present in a plaintext representation of at least one encrypted file in a plurality of encrypted files stored in a server. The method further includes generating and transmitting at least one search query to the server through a data network, and receiving, with the client, at least one response from the server through the data network, the response including the encrypted keyword corresponding to the value in the plurality of values and an identifier of at least one file in the plurality of encrypted files stored on the server that includes the value.
A method of shared key generation between three nodes through a shared communication medium includes performing, with a processor in a first node communicatively connected to a second node and a third node through a shared communication medium, a one-way function using a first shared key between the first node and the second node stored in a memory of the node and a predetermined counter as inputs to generate a first plurality of pseudo-random bits. The method includes generating, with the processor and a transceiver in the first node, a second shared key between the first node and the third node by transmitting each bit in the first plurality of pseudo-random bits to the third node through the shared communication medium simultaneously to transmission of random bits from the third node to the first node.
Fan, Xinxin
Zhou, Junwen
Wang, Teng
Zheng, Jie
Li, Xingguo
ZIF-8 shows complete opposite particle size effects on the adsorption kinetics for two different adsorbates. Smaller ZIF-8 particles favor fast I3− uptake in aqueous solution while larger, less defective ZIF-8 particles exhibit faster adsorption kinetics for gaseous H2, which suggests different adsorption mechanisms for the two adsorbates.
A method for shared key generation with authentication in a gateway node includes generating, generating a first set of pseudo-random data corresponding to expected transmissions from a first node that communicates with a second node through a shared communication medium, identifying, with the gateway node, bits transmitted from the second node based on a signals received by the gateway node corresponding to simultaneous transmissions from the first node and the second node, identifying, with the gateway node, expected bit values for the bits from the second node based on a combination of shared secret data stored in a memory of the gateway node with another set of random or pseudo-random data generated by the second node, and authenticating the second node in response to the plurality of bits transmitted from the second node matching the plurality of expected bit values.
A DSSE architecture network enables multi-user such as data owners and data users to conduct privacy-preserving search on the encrypted PHIs stored in a cloud network and verify the correctness and completeness of retrieved search results simultaneously is provided. The data owners and data users may be patients, HSPs, or combination thereof. An IoT gateway aggregates periodically collected data into a single PHI file, extract keywords, build an encrypted index, and encrypt the PHI files before the encrypted index and PHI files are transmitted to a cloud network periodically for storage thus enable the DSSE architecture network to achieve a sub-linear search efficiency and forward privacy by maintaining an increasing counter for each keyword at the IoT gateway. Since the PHI files are always transmitted and added/stored into the cloud storage over the cloud network, file deletion, file modification is eliminated. The cloud network therefore does not need to learn whether the newly stored PHI files contain specific keywords. Any number of HSPs such as data users provides healthcare services for the patient by searching, querying, and/or retrieving user's encrypted PHIs incrementally stored on the cloud network in a privacy and verifiable manner. The patient delegated verifiability is derived from a combination of a Bloom filter and aggregate message authentication code.
There is disclosed an apparatus and method for generating a keystream with ideal two-level autocorrelation, which can be efficiently implemented in both software and hardware on mobile devices requiring high security protection and in resource limited smart devices such as RFID chips. In one embodiment, a 16-bit Welch-Gong (WG) transformation is used as the filtering function, which is applied to 16-bit input values generated from a linear feedback shift register. In another embodiment, an 8-bit WG transformation is used which is applied to 8-bit input values generated from a linear feedback shift register.