1 Attribute vector $v$ -> $g^v$ Policy vector $x$ -> $rx$, where $r\leftarrow Z_p$ Verify $g^{v\cdot rx}=g^0$ System Model Requester is semi-honest, which means that they honestly perform protocol but may attempt to learn the privacy of other users. Worker may claim the honest CS doesn’t return correct matching tasks. 想要申请自己不满足任务需求的任务，栽赃服务器返回了错误的结果； keyword; collude Server：为了节省算力返回错误的匹配结果;篡改密文 public verifiable outsourced ABE: Worker 拒绝任务后可通过proof验证 Server进行了正确匹配； Verifiability: 对于Worker是否满足Requester制定的访问策略，可将双方的属性向量（任务访问策略向量）秘密共享or使用同态commitment： 对向量$v=(v_0,v_1,v_2)$: Authority授权密钥时声称向量对应位置的commitment。如$AU_0$计算$Com(v_0)=g^{v_0}h^{r_0}$，最后将$Coms=(Com(v_0), Com(v_1), Com(v_2))$发送到区块链存储。 对向量$x(x_0,x_1,x_2)$: 利用Two-party secret sharing，首先Requester对$x$进行两方的加法秘密共享$x_0 = x_0^1+x_0^2$… 验证：$Com(v_0,r_0)^{x_0^1}\cdot Com(v_0,r_0)^{x_0^2}=Com(v_0\cdot x_0,r_0\cdot x_0)$ $\prod \limits_{i=0}^2 Com(v_i x_i)=Com(0)$ 忽略了随机数r ，$Com(v_0,r_0)^{x_0^1}\cdot Com(v_0,r_0)^{x_0^2}=Com(v_0\cdot x_0,r_0\cdot x_0)$ $\prod \limits_{i=0}^2 Com(v_i x_i)=g^{v\cdot x}h^{\sum \limits_{i=0}^n r_i\cdot x_i}=g^0\cdot h^{{\sum \limits_{i=0}^n r_i\cdot x_i}}$ 对于Worker是否满足Requester制定的访问策略，可将双方的属性向量（任务访问策略向量）秘密共享or使用同态commitment： ...

Sanitizable Access Control System for Secure Cloud Storage Against Malicious Data Publishers 1 这篇文章考虑加密者（Data Owner,DO）恶意的情况时，如何保证数据的隐私性。 我们首先要清楚恶意的DO会做什么事情： 嵌入错误的访问策略让无权限的用户解密； 将密钥泄露给无权限的用户； 对以上的1，增加一个可信的Sanitizer在密文上执行check操作，检查是否嵌入了正确的访问策略，其实相当于执行了一遍ABE的解密操作，将与访问策略$M$关联的密文组件与随机选择的属性集合$S\in M$对应的密钥（这个密钥并不是authority生成，而是sanitizer按照密钥形式仿造的，仅为了验证）配对,通过验证则为正确的密文，此时的密文解密需要恢复出$e(g,g)^{\alpha s}$； 通过上述访问策略验证后，还需考虑DO直接将加密密钥泄露给无权限的用户。可信的sanitizer重新生成一个密文(访问策略秘密值为$s\prime$)，然后将两个密文聚合在一起，此时的密文解密需要恢复出$e(g,g)^{\alpha (s+s’)}$； 问题： 对以上的1，随机选择的属性集合$S$满足访问策略是否可以确定密文就正确：例如DO声称访问策略为M=“A”，但是在加密时使用错误的访问策略$M’$=“A or B”，在check时随机选择的属性集合为${ A }$，也可以通过验证，但是此时携带有属性B的私钥的用户也可以解密。并未解决第一个问题。 泄漏访问策略，不具备匿名性 Sanitizable Cross-System Authorization for Secure Communication in Intelligent Connected Vehicle 2 对IBE的密文，可以解决第一个问题 A Sanitizable Access Control With Policy-Protection for Vehicular Social Networks 3 访问策略是AND-Gate，可以解决第一个问题 Verifiable Outsourced Attribute-Based Encryption Scheme for Cloud-Assisted Mobile E-health System 4 将外包加密与这个场景结合，服务器需要将访问策略嵌入密文，sanitizer检测服务器输出的密文是否正确，这个应用场景比上面那个更贴切生活一些。 check密文时仍然存在和第一篇一样的问题 访问策略的泄漏 Secure and Fine-Grained Flow Control for Subscription-Based Data Services Access control encryption based on KP-ABE. ...

Keyword-based matching Proxy-Free Privacy-Preserving Task Matching with Efficient Revocation in Crowdsourcing 1 这篇文章提出了一个无需代理重加密的基于关键字的任务匹配模型，支持用户撤销。作者公布代码。 基本模型是经典的基于可搜索加密的关键字匹配模型，之后加入了 Server-Local Revocation (SLR)，实现用户撤销的思想很简单：服务器维护一个撤销用户列表 Revocation List (RL)，当有用户离开系统时，将该用户的相关信息存入RL实现撤销，在每次执行匹配算法时，服务器会先验证改用户是否在RL在，如果在RL中，则此次搜索终止，如不在RL中，说明此次搜索合法，进行匹配操作。 之后为了减少RL的存储开销，作者提出了Global Revocation (GR)，为密钥、密文、搜索陷门加入了版本号（version number），系统周期性地执行$ReKeyGen$算法，清空RL，重新生成公钥、主私钥和密文更新密钥（用来更新之前版本的密文），并为worker分发新的密钥。 优点：撤销机制简单 缺点：每次匹配均需进行两次pairing操作以检查用户权限；在 GR 中，密钥机构需要周期性地上线执行$ReKeyGen$算法，即使是在RL为空时？（作者没有考虑这一点）。 思考：学习到了撤销机制的实现方法：维护撤销用户列表和版本号。 📝 Note: 写文章思路：先写出一个基础方案，之后进行扩展，本文在基础匹配方案上扩展了用户撤销机制。先写SLR，然后针对 SLR 中RL的存储开销问题，提出GR，让系统定期清空RL，引入版本号。 ABE Attribute-Based Encryption with Publicly Verifiable Outsourced Decryption Transform算法输出的不是ElGamal形式的密文，而是把中间计算过程中的配对值输出。 验证者通过 sampling technique 随机选择pairing results进行验证。 Achieving public verification by combining sampling technique and game theory. Multi-Keyword Searchable and Verifiable Attribute-Based Encryption Over Cloud Data 只支持合取的关键字查询；需要公布一个关键字集合之间的映射；使用签名验证密文的complete； 是否可以做多关键字的检索 without bilinear pairing ? ...

Implication The implication is important in mathematics. $\phi$ implies $\psi$ is denoted as $\phi\implies\psi$, that means the truth of $\psi$ follows from the truth of $\phi$. And $\phi$ is called antecedent and $\psi$ is consequent. The truth table of $\phi\implies\psi$ as follows: $\phi$ $\psi$ $\phi\implies\psi$ T T T T F F F T T F F T The T denotes the truth and F denotes the false. A true conclusion from a true assumption, so the first row is true. If that implication is true, that means $\psi$ would have to be T if $\phi$ is T. So we cannot have $\phi$ is T and $\psi$ is F if $\phi\implies\psi$ is T. Hence $\phi\implies\psi$ must be F. We can look at “$\phi$ does not imply $\psi$” ($\phi\nRightarrow\psi$) that is even through $\phi$ is T, $\psi$ is nevertheless F. So $\phi\nRightarrow\psi$ is T if and only if $\phi$ is T and $\psi$ is F. In all other circumstances, $\phi\nRightarrow\psi$ is F, which means $\phi\implies\psi$ is T. So, the third and fourth rows are T. 📝 Note: The implication involves causality. For example, “$\sqrt{2}$ is irrational” does not imply “$1+1=2$”, because this two statements has no relationship, they are independent of each other. ...

Introduction or Related Work A long line of constructions 1, 2 operates by … There is no way to … Our scheme resorts to (technique) as … to … (implement some functions) … by harnessing the power of (technology). The starting point of this paper is that while the recent solutions consider and solve the bare-bones … problem in its simplest form, there are several desirable features that they fail to achieve. This makes … inherently vulnerable to … attacks, …, which bridges together the recent advancements of blockchain and cryptographic techniques. 强调重要性 it is of paramount importance to 技术赋能 … is a new way of viewing … which opens up a much larger world of possibilities for …. The enhanced functionality and flexibility provided by … is very appealing for many practical applications. 因果 due to in order to owing to attribute to ascribe to 缩写 w.r.t. : with reference to / with respect to / with regards to. i.e.: a shortening of the Latin expression id est, which translates to “that is” e.g.: for example Wlog.: Without loss of generality ...

When I run the git push command, I get the error: 1 2 3 $ git push origin main kex_exchange identification: Connection closed by remote host connection closed by 20.205.243.166 port 22 Next, I checked the ssh key I found the following output: 1 2 3 $ ssh -T github.com kex_exchange identification: Connection closed by remote host connection closed by 20.205.243.166 port 22 I tried many solutions including changing the port to 443, turning off the VPN, and regenerating the ssh key, none of which worked. ...