Zhengping Jin

Mingyu Yu, Haonan Miao, Zhengping Jin et al.

With the advancement of information hiding techniques, generation-based coverless steganography has emerged as an alternative to traditional methods, leveraging generative models to transform secret information into stego-objects rather than embedding it within the redundancy of the cover. However, existing generation-based approaches require pseudo-keys that must be shared between communication parties, leading to high overhead of frequent key exchanges and security risks due to their tight coupling with the secret information. This paper proposes a DDIM-driven coverless steganography scheme that utilizes a real-key mechanism, improving the key management. By integrating reversible data hiding (RDH) and chaotic encryption into generation model, the proposed method eliminates excessive key exchanges and reduces the correlation between the key and the secret information. Furthermore, it requires only a single key negotiation for multiple communication, which lowers overhead. Experimental results demonstrate that the proposed scheme resists substitution attacks, enhancing the security of covert communication.

Ziqing Guo, Hua Zhang, Xin Zhang et al.

With the rapid development of the Internet of things (IoT), more and more IoT devices are connected and communicate frequently. In this background, the traditional centralized security architecture of IoT will be limited in terms of data storage space, data reliability, scalability, operating costs and liability judgment. In this paper, we propose an new key information storage framework based on a small distributed database generated by blockchain technology and cloud storage. Specifically, all encrypted key communication data will be upload to public could server for enough storage, but the abstracts of these data (called "communication logs") will be recorded in "IoT ledger" (i.e., an distributed database) that maintained by all IoT devices according to the blockchain generation approach, which could solve the problem of data reliability, scalability and liability judgment. Besides, in order to efficiently search communication logs and not reveal any sensitive information of communication data, we design the secure search scheme for our "IoT ledger", which exploits the Asymmetric Scalar-product Preserving Encryption (ASPE) approach to guarantee the data security, and exploits the 2-layers index which is tailor-made for blockchain database to improve the search efficiency. Security analysis and experiments on synthetic dataset show that our schemes are secure and efficient.

Haiyan Sun, Qiaoyan Wen, Hua Zhang et al.

Recently, two certificateless three-party authenticated key agreement protocols were proposed, and both protocols were claimed they can meet the desirable security properties including forward security, key compromise impersonation resistance and so on. Through cryptanalysis, we show that one neither meets forward security and key compromise impersonation resistance nor resists an attack by an adversary who knows all users' secret values, and the other cannot resist key compromise impersonation attack. Finally, we propose improved protocols to make up two original protocols' security weaknesses, respectively. Further security analysis shows that our improved protocols can remove such security weaknesses.