{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,8,23]],"date-time":"2024-08-23T00:40:01Z","timestamp":1724373601533},"reference-count":25,"publisher":"Oxford University Press (OUP)","issue":"4","license":[{"start":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:00:00Z","timestamp":1594080000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/journals\/pages\/open_access\/funder_policies\/chorus\/standard_publication_model"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,4,19]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Biometric information is unique to a human, so it would be desirable to use the biometric characteristic as the private key in a cryptographic system to protect data security and privacy. In this paper, we introduce a notion called two-factor decryption (TFD). Informally speaking, a TFD scheme is a variant of the public-key encryption (PKE) scheme. In a TFD scheme, messages are encrypted under public keys as that in a standard PKE scheme, but both private keys (i.e. the first factor) and biometric inputs (i.e. the second factor) are required to decrypt the ciphertexts and obtain the underlying plaintexts. We first describe a framework of TFD, and then define a formal security model for TFD. Thereafter, we present a generic construction on TFD based on the cryptographic primitives of linear sketch and functional encryption (FE) with certain properties and analyse its security. In addition, we give instantiations of TFD by applying concrete FE schemes into the generic construction and show their applications.<\/jats:p>","DOI":"10.1093\/comjnl\/bxaa080","type":"journal-article","created":{"date-parts":[[2020,6,5]],"date-time":"2020-06-05T11:10:35Z","timestamp":1591355435000},"page":"550-563","source":"Crossref","is-referenced-by-count":2,"title":["Two-Factor Decryption: A Better Way to Protect Data Security and Privacy"],"prefix":"10.1093","volume":"64","author":[{"given":"Hui","family":"Cui","sequence":"first","affiliation":[{"name":"Discipline of Information Technology, Mathematics and Statistics, Murdoch University, Perth, WA 6150, Australia"},{"name":"Data61, CSIRO, Melbourne, VIC 3008, Australia"}]},{"given":"Russell","family":"Paulet","sequence":"additional","affiliation":[{"name":"School of Science, RMIT University, Melbourne, VIC 3000, Australia"}]},{"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Melbourne, VIC 3008, Australia"}]},{"given":"Xun","family":"Yi","sequence":"additional","affiliation":[{"name":"School of Science, RMIT University, Melbourne, VIC 3000, Australia"}]},{"given":"Butrus","family":"Mbimbi","sequence":"additional","affiliation":[{"name":"Discipline of Information Technology, Mathematics and Statistics, Murdoch University, Perth, WA 6150, Australia"}]}],"member":"286","published-online":{"date-parts":[[2020,7,7]]},"reference":[{"key":"2021041913135110200_ref1","volume-title":"Google 2-step verification","author":"Google","year":"2019"},{"key":"2021041913135110200_ref2","volume-title":"Microsoft authenticator","author":"Microsoft","year":"2019"},{"key":"2021041913135110200_ref3","volume-title":"Authy","author":"Authy","year":"2019"},{"key":"2021041913135110200_ref4","first-page":"1","article-title":"MIME security with pretty good privacy (PGP)","volume":"2015","author":"Elkins","year":"1996","journal-title":"RFC"},{"key":"2021041913135110200_ref5","first-page":"207","article-title":"Verified Correctness and Security of Openssl HMAC","volume-title":"24th USENIX Security Symposium, USENIX Security 15","author":"Beringer","year":"2015"},{"key":"2021041913135110200_ref6","first-page":"1","article-title":"Ten risks of PKI: what you\u2019re not being told about public key infrastructure","volume":"16","author":"Ellison","year":"2000","journal-title":"Comput. Secur. J."},{"key":"2021041913135110200_ref7","first-page":"219","article-title":"Fusion of Face and Iris Biometrics","volume-title":"Handbook of Iris Recognition","author":"Connaughton","year":"2007"},{"key":"2021041913135110200_ref8","first-page":"105","article-title":"A Signature Scheme With a Fuzzy Private Key","volume-title":"Applied Cryptography and Network Security\u201413th Int. Conf., ACNS 2015","author":"Takahashi","year":"2015"},{"key":"2021041913135110200_ref9","doi-asserted-by":"crossref","first-page":"457","DOI":"10.1007\/11426639_27","article-title":"Fuzzy Identity-Based Encryption","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2005, 24th Annual Int. Conf. Theory and Applications of Cryptographic Techniques","author":"Sahai","year":"2005"},{"key":"2021041913135110200_ref10","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1137\/060651380","article-title":"Fuzzy extractors: how to generate strong keys from biometrics and other noisy data","volume":"38","author":"Dodis","year":"2008","journal-title":"SIAM J. Comput."},{"key":"2021041913135110200_ref11","first-page":"400","article-title":"Fuzzy Public-Key Encryption Based on Biometric Data","volume-title":"Provable Security\u201411th Int. Conf., ProvSec 2017","author":"Cui","year":"2017"},{"key":"2021041913135110200_ref12","first-page":"97","article-title":"Fuzzy Signatures: Relaxing Requirements and a New Construction","volume-title":"Applied Cryptography and Network Security\u201414th Int. Conf., ACNS 2016","author":"Matsuda","year":"2016"},{"key":"2021041913135110200_ref13","first-page":"253","article-title":"Functional Encryption: Definitions and Challenges","volume-title":"Theory of Cryptography\u20148th Theory of Cryptography Conference, TCC 2011","author":"Boneh","year":"2011"},{"key":"2021041913135110200_ref14","doi-asserted-by":"crossref","first-page":"213","DOI":"10.1007\/3-540-44647-8_13","article-title":"Identity-Based Encryption From the Weil Pairing","volume-title":"Advances in Cryptology\u2014CRYPTO 2001, 21st Annual Int. Cryptology Conf.","author":"Boneh","year":"2001"},{"key":"2021041913135110200_ref15","doi-asserted-by":"crossref","first-page":"469","DOI":"10.1109\/TIT.1985.1057074","article-title":"A public key cryptosystem and a signature scheme based on discrete logarithms","volume":"31","author":"Gamal","year":"1985","journal-title":"IEEE Trans. Information Theory"},{"key":"2021041913135110200_ref16","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1007\/978-3-540-28628-8_3","article-title":"Short Group Signatures","volume-title":"Advances in Cryptology\u2014CRYPTO 2004, 24th Annual Int. Cryptology Conf.","author":"Boneh","year":"2004"},{"key":"2021041913135110200_ref17","first-page":"82","article-title":"Reusable Cryptographic Fuzzy Extractors","volume-title":"Proc. 11th ACM Conf. Computer and Communications Security, CCS 2004","author":"Boyen","year":"2004"},{"key":"2021041913135110200_ref18","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","article-title":"Lower Bounds for Discrete Logarithms and Related Problems","volume-title":"Advances in Cryptology\u2014EUROCRYPT \u201997, Int. Conf. Theory and Application of Cryptographic Techniques","author":"Shoup","year":"1997"},{"key":"2021041913135110200_ref19","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1007\/11426639_7","article-title":"Efficient Identity-Based Encryption Without Random Oracles","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2005, 24th Annual Int. Conf. Theory and Applications of Cryptographic Techniques","author":"Waters","year":"2005"},{"key":"2021041913135110200_ref20","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1007\/978-3-642-19379-8_4","article-title":"Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization","volume-title":"Public Key Cryptography\u2014PKC 2011\u201414th Int. Conf. Practice and Theory in Public Key Cryptography","author":"Waters","year":"2011"},{"key":"2021041913135110200_ref21","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1016\/j.ins.2019.12.025","article-title":"Key regeneration-free ciphertext-policy attribute-based encryption and its application","volume":"517","author":"Cui","year":"2020","journal-title":"Inf. Sci."},{"key":"2021041913135110200_ref22","doi-asserted-by":"crossref","first-page":"570","DOI":"10.1007\/978-3-319-45741-3_29","article-title":"Server-Aided Revocable Attribute-Based Encryption","volume-title":"Computer Security\u2014ESORICS 2016\u201421st European Symposium on Research in Computer Security","author":"Cui","year":"2016"},{"key":"2021041913135110200_ref23","doi-asserted-by":"crossref","first-page":"660","DOI":"10.1016\/j.ins.2016.07.010","article-title":"Escrow free attribute-based signature with self-revealability","volume":"367\u2013368","author":"Cui","year":"2016","journal-title":"Inf. Sci."},{"key":"2021041913135110200_ref24","first-page":"409","article-title":"Recovering Attacks Against Linear Sketch in Fuzzy Signature Schemes of ACNS 2015 and 2016","volume-title":"Information Security Practice and Experience\u201413th International Conference, ISPEC 2017, Melbourne, VIC, Australia","author":"Yasuda","year":"2017"},{"key":"2021041913135110200_ref25","first-page":"278","article-title":"Attribute-Based Encryption Supporting Direct\/Indirect Revocation Modes","volume-title":"Cryptography and Coding, 12th IMA Int. Conf., Cryptography and Coding 2009","author":"Attrapadung","year":"2009"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/comjnl\/article-pdf\/64\/4\/550\/37161784\/bxaa080.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"http:\/\/academic.oup.com\/comjnl\/article-pdf\/64\/4\/550\/37161784\/bxaa080.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,20]],"date-time":"2021-04-20T03:14:21Z","timestamp":1618888461000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/64\/4\/550\/5868155"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,7,7]]},"references-count":25,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2020,7,7]]},"published-print":{"date-parts":[[2021,4,19]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxaa080","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2021,4]]},"published":{"date-parts":[[2020,7,7]]}}}