Chun-I Fan

• Ph.D.
• Distinguished Professor at National Sun Yat-sen University

Attribute-based encryption (ABE) is an advanced encryption technology where the privacy of receivers is protected by a set of attributes. An encryptor can ensure that only the receivers who match the restrictions on predefined attribute values associated with the ciphertext can decrypt the ciphertext. However, maintaining the correctness of all use...

[**A correction has been shown in SUPPLEMENTARY RESOURCES**] According to related research, energy consumption can be effectively reduced by using energy management information of smart grids. In smart grid architecture, electricity suppliers can monitor, predicate, and control energy generation/consumption in real time. Users can know the current...

It is necessary to authenticate users who attempt to access resources in Wireless Local Area Networks (WLANs). Extensible Authentication Protocol (EAP) is an authentication framework widely used in WLANs. Authentication mechanisms built on EAP are called EAP methods. The requirements for EAP methods in WLAN authentication have been defined in RFC 4...

Many security mechanisms for mobile communications have been introduced in the literature. Among these mechanisms, authentication plays a quite important role in the entire mobile network system and acts as the first defense against attackers since it ensures the correctness of the identities of distributed communication entities before they engage...

A three-factor authentication scheme combines biometrics with passwords and smart cards to provide high-security remote authentication. Most existing schemes, however, rely on smart cards to verify biometric characteristics. The advantage of this approach is that the user's biometric data is not shared with remote server. But the disadvantage is th...

The Industrial Internet of Things (IIoT) is widely used in smart factories, enabling smart manufacturing and improving productivity. Although the application of IIoT has significantly altered a number of industries, increased connectivity has also given rise to security concerns. For example, information is collected from different domains in smart...

This research introduces PISTON, a novel protocol designed to enhance the security, efficiency, and performance of Internet of Vehicles (IoV) networks. PISTON integrates advanced authentication mechanisms utilizing Physically Unclonable Functions (PUFs) and multifactor authentication with dynamic challenges and zero-knowledge proof-based authentica...

The development of cloud services in recent years has mushroomed, for example, Google Drive, Amazon AWS, Microsoft Azure. Merchants can easily use cloud services to open their online shops in a few seconds. Users can easily and quickly connect to the cloud in their own portable devices, and access their personal information effortlessly. Because us...

Cyber-physical social systems (CPSS) have developed significantly in the last decade as a result of their effective computing and communication capabilities. Security and safety concerns, yet continue to be the biggest obstacle to the wider acceptance of CPSS in spite of all technological developments. In this work, we investigate the problem of se...

To protect the privacy of cloud data, encryption before uploading provides a solution. However, searching for target data in ciphertext takes effort. Therefore, searchable encryption has become an important research topic. On the other hand, since the advancement of quantum computers will lead to the crisis of cracking traditional encryption algori...

For many industrial applications, the smart card is a necessary safety component in user authentication. Smart cards provided to the users are used in open and public places, making them susceptible to physical and cloning attacks. Thus, the opponent can break the authentication process without the smart card if the information is exposed. In addit...

In ID-based encryption, the public key of each user is set to be his identity, which greatly reduces the overheads of certificate management. Besides, in some scenarios, encrypting a secret message for different receivers is required. Hence, many multi-receiver ID-based encryption schemes have been proposed. Some of them also provide anonymity to p...

Data privacy has become a growing concern with advances in machine learning. Federated learning (FL) is a type of machine learning invented by Google in 2016. In FL, the main aim is to train a high-accuracy global model by aggregating the local models uploaded by participants, and all data in the process are kept locally. However, compromises to se...

As Internet of Things (IoT) thriving over the whole world, more and more IoT devices and IoT-based protocols have been designed and proposed in order to meet people’s needs. Among those protocols, message queueing telemetry transport (MQTT) is one of the most emerging and promising protocol, which provides many-to-many message transmission based on...

Nowadays, it is convenient for people to store their data on clouds. To protect the privacy, people tend to encrypt their data before uploading them to clouds. Due to the widespread use of cloud services, public key searchable encryption is necessary for users to search the encrypted files efficiently and correctly. However, the existing public key...

With the advancement of the Internet of Things, the LoRa Alliance produced the Long-Range Wide-Area Network (LoRaWAN) Specification, allowing end-devices to transit through a gateway and join the LoRa network after completing a join procedure. When an end-device joins the LoRaWAN network, it must send a join request message to the network server an...

Attribute-based encryption is useful for one-to-many encrypted message sending. However, most attribute-based encryption schemes authorize and issue attributes to users by a single authority. Such a scenario conflicts with practical requirements and may cause the key-escrow problem. Hence, decentralization of authority is a critical issue in attrib...

Outsourcing Industrial-IoT (IIoT) data on the cloud extends the diversity of data analysis for decision making with minimized costs in communications and storage. However, it is adverse to the confidentiality of IIoT-data from the owner as access control of data is performed by honest-but-curious platforms. Although encryption strategy guarantees d...

Multireceiver identity-based encryption is a cryptographic primitive, which allows a sender to encrypt a message for multiple receivers efficiently and securely. In some applications, the receivers may not want their identities to be revealed. Motivated by this issue, in 2010, Fan et al. first proposed the concept of anonymous multireceiver identit...

Named Data Networking (NDN) is a transmutational construction for the Future Internet equipped toward approaching the Internet’s numerous problems, including content security, content caching, and administration complexity. Security policy in the NDN is based on the digital signatures appended to all the transmitted packets in the NDN. However, a d...

With 5G Network Slicing, the 5G telecommunication operators can achieve the goal of supporting users with a variety of different services and can also create a slice with certain unique characteristics. For example: Enhanced Mobile Broadband slicing, Ultra-reliable and Low Latency Communications slicing, etc. However, the traditional authentication...

The fifth-generation mobile network (5G) integrates various application services in a heterogeneous network environment. Compared to the traditional networks, 5G is not just an extension of the 4th generation, which contains three important properties, enhanced mobile broadband (eMBB), massive machine type communications (mMTC), and ultra-reliable...

This book constitutes revised selected papers of the 8th International Symposium on Security in Computing and Communications, SSCC 2020, held in Chennai, India, in October 2020. Due to the COVID-19 pandemic the conference was held online. The 13 revised full papers and 8 revised short papers presented were carefully reviewed and selected from 42...

As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the ke...

Location-based services have become increasingly more pervasive in the context of Internet of Vehicles. Nowadays, vehicles can transfer their locations to the server for route planning, attractions searching, location sharing, etc. However, the data that are transmitted over the public channel may be tracked/tampered by the attacker. Therefore, loc...

Signcryption is one of the recent public key paradigms that satisfies both the requirement of authenticity and confidentiality of messages between parties. However, most of all the existing schemes use secure channel communication while distributing the partial-private-keys to the users in the network. However, it is not always efficient to establi...

The Internet of Things (IoT) is revolutionizing our modern lives by introducing active connection between smart devices. However, IoT devices are repeatedly exhibiting many security flaws, which will inevitably lead to eavesdropping and impersonation attacks. Thus, providing a proper security in IoT becomes a prime focus for the researchers. In cry...

Due to the higher density of mobile devices is expected, the fifth generation (5G) mobile networks introduce small cell networks (SCNs) to prevent exhausting radio resources. SCNs improve radio spectrum utilization by deploying more base stations (BSs) in the networks. Even though, authenticated key exchange (AKE) is still essential to ensure entit...

Recently, Fan et al. proposed the File Transfer Protocol Based on Re-Encryption for Named Data Network (FTP-NDN) in order to reduce the cost that affects simultaneous access of same video services. The authors designed an elegant network architecture to deal with secure file transmission to the unknown potential customers. The technique is shown to...

In 2010, Fan et al. first introduced the concept of anonymous multi-receiver identity-based encryption (AMRIBE). They used the concept of Fujisaki–Okamoto transformation (F.O. transformation) to support their proof in random oracle models. Recently, many works on this topic have been proposed. Most of them adopted Fujisaki–Okamoto transformation to...

In order to overcome the key escrow problem, Al- Riyami and Paterson introduced the concept of certificateless public key cryptography (CL-PKC) in 2003. CL-PKC requires neither public key certification nor the key escrow problem. After that, CL-PKC has been widely applied. In 1991, Girault defined three security levels of the key generation center...

Lattice is widely used in cryptography since it has potential for defending quantum attacks. One of the significant problems in such cryptography is the shortest vector problem (SVP). This problem is to find the non-zero shortest vector in lattice. The SVP is an NP-hard problem under randomized reductions proven by Ajtai, and many cryptosystems are...

Smart grids have become a future trend due to the development of technology and increased energy demand and consumption. In smart grids, a user’s electricity consumption is recorded by their smart meters, and the smart meters submit the data to the operation center in each time unit for monitoring. The operation center analyzes the data it receives...

Cloud computing is increasingly popular today. Cloud services such as data-outsourcing services provide a growing number of users access to cloud storage for large quantities of data, and enterprises are turning to cloud storage for cost-effective remote backup. In 2011, DEPSKY shows and overcomes four limitations hinder the effectiveness of cloud...

This paper studies the feasibility of privacy-preserving data mining in epidemiological study. As for the data-mining algorithm, we focus on a linear multiple regression that can be used to identify the most significant factors among many possible variables, such as the history of many diseases. We try to identify the linear model to quantify the m...

Named Data Network (NDN) is one of the most promising Information-Centric Networking (ICN) architectures, where the core concept is to focus on the named data (or contents) themselves. Users in NDN can easily send a request packet to get the desired content regardless of its address. The routers in NDN have cache functionality to make the users ins...

After Chaum introduced the concept of anonymous credential systems, a number of similar systems have been proposed; however, these systems use zero-knowledge protocols to authenticate users resulting in inefficient authentication in the possession of credential proving stage. In order to overcome this drawback of anonymous credential systems, we us...

This article describes how after the concept of anonymous credential systems was introduced in 1985, a number of similar systems have been proposed. However, these systems use zero-knowledge protocols to authenticate users, resulting in inefficient authentication during the stage of proving credential possession. To overcome this drawback, this art...

Authentication has been adopted in many areas, but most of these authentication schemes are built using traditional cryptographic primitives. It is widely believed that such primitives are not resistant to quantum algorithms. To deal with those quantum attacks, lattice-based cryptography was introduced by Ajtai in 1996. To the best of our knowledge...

Due to the expectedly higher density of mobile devices and exhaust of radio resources, the fifth generation (5G) mobile networks introduce small cell concept in the radio access technologies, so-called Small Cell Networks (SCNs), to improve radio spectrum utilization. However, this increases the chance of handover due to smaller coverage of a micro...

With the fast progress of the Internet and communication technologies, the digital communication is increasingly based on the architecture of TCP/IP. Nevertheless, in TCP/IP's architecture, there are limitations such as data uncertainty and flow overloading. In response to this, a novel architecture has been proposed, which is known as the named da...

Local user access is important to machine-to-machine (M2M) communication because it possesses unique advantages over remote access in that it offers instant services, provides reliable connection, and offloads the traffic of M2M access networks. Local access control is also essential for authorized users to access M2M devices. In this paper, we pro...

Call for Postdoc Position@NSYSU

Attribute-based encryption is a very powerful primitive in public-key cryptography. It can be adopted in many applications, such as cloud storage, etc. To further protect the privacy of users, anonymity has been considered as an important property in an attribute-based encryption. In an anonymous attribute-based encryption, the access structure of...

Recently, lots of works on power consumption data aggregation have been proposed for the privacy-preservation of users against the operation center in smart grids. This is the user-based data aggregation, which accumulates the power consumption data of a group of users for every time unit. On the other hand, the accumulation of a user’s data in a g...

Due to users’ network flow requirement and usage amount nowadays, TCP/IP networks may face various problems. For one, users of video services may access simultaneously the same content, which leads to the host incurring extra costs. Second, although nearby nodes may have the file that a user wants to access, the user cannot directly verify the file...

The real-time electricity consumption data can be used in value-added service such as big data analysis, meanwhile the single user's privacy needs to be protected. How to balance the data utility and the privacy preservation is a vital issue, where the privacy-preserving data aggregation could be a feasible solution. Most of the existing data aggre...

Multi-receiver encryption allows a sender to choose a set of authorized receivers and send them a message securely and efficiently. Only one ciphertext corresponding to the message is generated regardless of the number of receivers. Thus it is practical and useful for video conferencing systems, pay-per-view channels, distance education, and so for...

Cloud storage service is getting popular nowadays. It can help users synchronize their files stored in various devices and allows them to share their files with others. However, it has been indicated that the privacy of the stored files is not protected well in cloud service. Recently, many solutions have been proposed in literature, but most of th...

Homomorphic encryption is a form of encryption that allows computations to be carried out on ciphertext and generate an encrypted result which, when decrypted, matches the result of operations performed on the plaintexts. The feature of homomorphic encryption is used in modern communication system architectures and cryptosystems. In view of the pre...

These proceedings contain papers selected for presentation at the 5th International Symposium on Security in Computing and Communications (SSCC’17). SSCC aims to provide the most relevant opportunity to bring together researchers and practitioners from both academia and industry to exchange their knowledge and discuss their research findings. The s...

In the recent years, Searchable Symmetric Encryption (SSE) has become one of the hottest topic in cloud-computing area because of its availability and flexibility, and there are a series of SSE schemes were proposed. The adversary considered in these schemes is either honest-but-curious or malicious. However, in the real world, there also exists su...

Among the applications of the internet and cloud computing, online social network (OSN) is a very popular service. Since a lot of personal information is stored on the OSN platform, privacy protection on such an application has become a critical issue. Apart from this, OSN platforms need advertisement revenue to enable continued operations. However...

In IoT environments, the user may have many devices to connect each other and share the data. Also, the device will not have the powerful computation and storage ability. Many studies have focused on the lightweight authentication between the cloud server and the client in this environment. They can use the cloud server to help sensors or proxies t...

Predicate encryption is a cryptographic primitive that provides fine-grained control over access to encrypted data. It is often used for encrypted data search in a cloud storage environment. In this paper, we propose an enabled/disabled predicate encryption scheme, which is the first work that provides timed-release services and data self-destructi...

Wireless body area network (WBAN) plays an important part in mobile healthcare. WBAN can be imagined as a small wireless local area network around our body. In WBAN, there exist three roles: sensors, gateway, and healthcare center. However, the communication distance between sensors and gateway is only 1-2 meters. If the gateway is lost or leaves t...

Smart mobile phones are widely popularized and advanced mobile communication services are provided increasingly often, such that ubiquitous computing environments will soon be a reality. However, there are many security threats to mobile networks and their impact on security is more serious than that in wireline networks owing to the features of wi...

A micropayment scheme provides a secure and efficient solution for electronic payment environments that require frequent transactions with nominal fees. It is particularly suitable for mobile applications in which a customer is charged for either time spent or data volume transferred. Most proposed micropayment schemes are based on “PayWord” by Riv...

With the rapid development of e-commerce and mobile commerce, fair exchange has become an important and issue worthy of further discussion. Additionally, owing to rising awareness of privacy preservation, anonymity and fairness have become the required attributes for a fair exchange platform. In such an application, users expect the exchange proces...

In a multi-receiver encryption system, a sender chooses a set of authorized receivers and sends them a message securely and efficiently, as the message is well encrypted and only one ciphertext corresponding to the message is generated no matter how many receivers the sender has chosen. It can be applied to video conferencing systems, pay-per-view...

Due to the rapid growth of computer networks and service providing servers, many network environments have been becoming multi-server architecture and various multiserver authentication protocols have been proposed. In such an environment, a user can obtain different network services from multiple network servers without repeating registration to e...

Social Network Service provides varieties of services such as Facebook, Tiwtter, Wikipedia, Dropbox, and google Drive. While using these services, the providers need to be fully trusted since these providers will know all of the uploaded information/ data. Lots of encryption methods have been provided to solve the problem in recent years. In this m...

In a collaborative workflow platform, when a group leader receives a document which requires cooperators’ support, she/he assigns the task to the cooperators. Each cooperator can modify the document in real-time and view the other cooperators’ modifications simultaneously. A worth-discussing problem in such environment is how to find the specific c...

As information technology improves, the Internet is involved in every area in our daily life. When the mobile devices and cloud computing technology start to play important parts of our life, they have become more susceptible to attacks. In recent years, phishing and malicious websites have increasingly become serious problems in the field of netwo...

Cloud computing has been developed rapidly in recent years, and offers novel concepts and innovations in computer use. The applications of cloud computing are that people can put their data on cloud and also can designate a proxy to help them to execute a number of tasks in certain situations. The proxy re-encryption which is a cryptographic primit...

Cloud storage is a remote storage service, where users can upload and download their data anytime and anywhere. However, it raises issues regarding privacy and data confidentiality because all the data are stored in the cloud storage. This is a subject of concern for users, and it affects their willingness to use cloud storage services. On the othe...

In IoT/Cloud environments, to provide an efficient and flexible payment service is very important since the client/device may not have a large storage and computation capability to finish the payment process. In these environments, any thin client/device may issue a service request to the cloud. For the fast progress of smartphone systems, a smartp...

Recently, Fan et al. proposed an arbitrary-state attribute-based encryption with dynamic membership. However, we found that their scheme may be flawed. In this note we will show an improved scheme to fix the flaw.

A symmetric dynamic authentication and key exchange system and a method thereof are provided. A client and a server obtain initial authentication information at the same time, the client generates first one-time temporary authentication information, a conference key and a standby identity identifier according to the initial authentication informati...

Certificateless cryptography is a well-known system to avoid the key escrow problem of identity-based cryptography. Since it was introduced by Al-Riyami and Paterson in 2003, plenty of schemes and security models had been presented and discussed. Particularly, certificateless signature (CLS) is the most lightened to attract research attention. In t...

In IOT environments, the device joining of a service group is flexible and quick and a device usually does not has a powerful computation and storage capacity. In this paper, in order to provide a secure service framework in the IOT environments, we propose an efficient authentication and service key agreement scheme. Our proposed scheme can satisf...

In order to simplify key management, two-party and three-party key agreement schemes based on user identities have been proposed recently. Multiparty (including more than three parties) key agreement protocols, which also are called conference key schemes, can be applied to distributed systems and wireless environments, such as ad hoc networks, for...

With the rapid development of electronic commerce, digital credentials are used with increasing frequency. Today users employing digital credentials not only complete the identity authentication process and obtain service, but also attach importance to their anonymity with the concept of privacy protection that is being rapidly developed. For this...

Vehicular ad hoc networks (VANETs) are advanced instances of mobile ad hoc networks with the aim of enhancing the safety and efficiency of road traffic. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. Traffic accident notifications) to other vehicles and remind drivers to change their routes immediately or slow down...

In the Internet or cloud computing environments, service providers provide more and more content services. Users can use these convenient content services in daily life. The major data of the user are maintained by the service providers except that some personal privacy data are stored at the client device. An attacker may try to invade the systems...

Electronic cash (e-cash) is definitely one of the most popular research topics in the e-commerce field. It is very important that e-cash be able to hold the anonymity and accuracy in order to preserve the privacy and rights of customers.There are two types of e-cash in general, which are online e-cash and offline e-cash. Both systems have their own...