Yu Zhan’s research while affiliated with Xidian University and other places

Secure Multi-party Computation (MPC) is a highly active research field, with Private Set Intersection (PSI) being a classic subtopic within it. However, simple intersection computation is insufficient for many real-world scenarios, leading to the development of various PSI variant protocols. In this context, we propose a cloud-based multi-party private set intersection with union protocol, denoted as MPSI-U. This protocol securely computes the intersection of the designated party's set with the union of the sets of all other parties, which can be applied to scenarios such as contact tracing. MPSI-U leverages cloud servers to alleviate the computational burden placed on users, while guaranteeing privacy and security simultaneously for all involved parties with the threshold BGN cryptographic system. Furthermore, a comprehensive formal security analysis of the protocol was conducted under the semi-honest model to prove its resilience against potential security threats. Based on our performance analysis, MPSI-U exhibits favorable characteristics in terms of communication and computation overhead. This enhances the versatility of MPSI-U, rendering it a valuable solution that can be widely applied across various domains and scenarios.

In the last decade, E-voting has received great attention due to its advantages in efficiency and accuracy. Fan et al. presented a novel E-voting system named HSE-Voting by utilizing homomorphic signcryption. The HSE-Voting system was claimed to gain a provable security goal under the standard proof. In this paper, we illustrate that their scheme may suffer from some potential security issues. On the one hand, the voting information could be recovered by the authentication center (AC). On the other hand, any malicious voter could disrupt the voting system undetected by locally modifying his ballot. In order to increase the resilience of the voting system to risks, an improvement of the HSE-Voting system is developed. Our improved system fixes the above security weaknesses but increases the computation cost on the AC side by a small amount. In addition, the proposed scheme satisfies voter anonymity, ballot privacy, and verifiability of election results.

Ateniese et al. (PKC 2011) introduced the concept of size-hiding private set intersection (SHI-PSI) and proposed a construction for two parties. The SHI-PSI protocol protects the privacy of input set content and better guarantees the privacy of the client set size. However, more practical protocols in multi-party scenarios have remained a research gap. In this paper, we propose a secure and feasible protocol named size-hiding multi-party private set intersection. Based on the Bloom filter, threshold homomorphic encryption and marking technique, the proposed protocol supports the private set intersection among multiple participants. Meanwhile, the set size privacy of the designated participant is preserved. The proposed protocol is proved to be secure against semi-honest participants under the decisional composite residuosity assumption. Finally, the efficiency of our protocol is illustrated through both performance analyses and comparisons of related work.

The collection of users’ near-real-time electricity consumption data brings advantages to the operation of smart grids, while raising some security and privacy issues. Multiple privacy preserving data aggregation schemes have been proposed to address these problems. However, most schemes only focus on the aggregation of electricity consumption data without considering the data availability. In addition, although a data aggregation scheme that supports function queries on encrypted data has also been developed, its efficiency is insufficient. In this paper, we first propose an EC-ElGamal encryption algorithm with a double trapdoor decryption mechanism. Through employing the proposed algorithm and the elliptic curve Schnorr signature scheme, an efficient data aggregation scheme supporting privacy protection and function query is proposed for smart grids. This solution allows the control center and users to initiate various function queries on encrypted data. In order to lighten the calculation burden of the control center, we propose another cryptosystem named ElGamal-OU to improve the decryption efficiency, which also supports two independent decryption methods. Finally, the security analysis and performance comparison with related work show that our schemes have advantages in terms of computational, communication and storage overhead.

Nowadays, tremendous information technology industries resort to cloud servers to store data with an outsourcing approach to extend their storage and computation power. This, however, also leads to privacy and security issues of unprotected data against curious cloud servers. The most common solution currently is to encrypt the data before uploading it. The problem is that encrypted data is out of control and users also cannot transfer the searching job to cloud serves anymore. Specifically, the order preserving encryption (OPE) provides an efficient solution to the order of plaintexts. Existing OPE schemes focus on single-dimensional data, and fail to effectively process multi-dimensional data. In this paper, we propose a multi-dimensional data order preserving encryption scheme MDOPE allowing fine-grained multi-dimensional range queries. Our scheme constructs query indexes for each dimension of the data based on the order preserving encryption network. In particular, the proposed scheme ensures that no external entity, including the cloud server, can obtain additional information other than the order of ciphertexts during the whole query process.

Based on the ElGamal cryptosystem, Bae et al. (J. Netw. Comput. Appl., vol. 59, pp. 333–344, 2016) proposed a new homomorphic encryption algorithm to reduce the network traffic and data processing time brought by their data communication and aggregation scheme. However, there is no security analysis of this encryption algorithm in their scheme. In this paper, we analyze the security of their proposed encryption algorithm and prove that it is not secure.

Privacy protection during collaborative distributed association rule mining is an important research, which has been widely used in market prediction, medical research and other fields. In medical research, Domadiya et al. (Sadhana 43(8):127, 2018) focused on mining association rules from horizontally distributed healthcare data to diagnose heart disease. They claimed they proposed a more effective privacy-preserving distributed association rule mining (PPDARM) scheme. However, a serious security scrutiny of the scheme is performed, and we find it vulnerable to protect the support of the itemsets from any electronic health record (EHR) system, which is the most important parameter Domadiya et al. tried to protect. In this paper, we first present the cryptanalysis of the PPDARM scheme proposed by Domadiya et al. as well as some revised performance analyses. Then a new PPDARM scheme with less interactions is proposed to avert the shortcomings of Domadiya et al., using the homomorphic properties of the distributed Paillier cryptosystem to accomplish the cooperative computation. Our scheme allows the directed authority (miner) to obtain the final results rather than all cooperative EHR systems, in case of semi-honest but pseudo EHR systems. Moreover, security analysis and performance evaluation demonstrate our proposal is efficient and feasible.

Blockchain, as a potentially revolutionary technology, has been used in cryptocurrency to record transactions chronologically among multiple parties. Due to the fast development of the blockchain and its de-centralization, blockchain technology has been applied in broader scenarios, such as smart factories, supply chains, and smart cities. Consensus protocol plays a vital role in the blockchain, which addresses the issue of reaching consensus on transaction results among involved participants. Nevertheless, with the complexity of the network environment and growing amount of network users, the advance of blockchain is gradually restricted by the efficiency, security and reliability of consensus protocols. In this paper, we propose a delegated randomization Byzantine fault tolerance consensus protocol named DRBFT based on Practical Byzantine Fault Tolerance(PBFT) to enhance the efficiency and reliability of the consensus procedure. Specifically, a random selection algorithm called RS is developed to cooperate with the voting mechanism, which can effectively reduce the number of nodes participating in the consensus process. Our proposed scheme is characterized by the unpredictability, randomicity and impartiality, which accelerate the system to reach consensus on the premise of ensuring the system activity. Furthermore, the feasibility of our proposed scheme is also proved by both theoretical analysis and experimental evaluations.