Dynamic Searchable Symmetric Encryption (DSSE) serves as an important cryptographic tool in cloud-based applications, with which a client can delegate secure keyword searches to a semi-honest cloud server over a constantly updated encrypted database. A practical DSSE scheme must achieve three fundamental properties: security, efficiency, and robustness. Forward and backward security is a popular notion that significantly restricts the information leakage of DSSE. Search performance is one of the most important efficiency metrics to measure whether a DSSE scheme can be applied to large-scale databases. Robustness plays a crucial role in correctly processing irrational update queries in DSSE, such as inserting duplicate or removing non-existent entries. In this work, we extend forward and Type-II-backward security definitions to incorporate robustness and present , the first DSSE scheme that simultaneously achieves forward and Type-II-backward security, non-interactive search, and robustness. achieves the same search complexity as (NDSS’21), the only DSSE scheme with equivalent security as and non-interactive search. But is not robust. Finally, we empirically evaluate using real-world data, comparing it against existing DSSE schemes that offer non-interactive search, forward and Type-II-backward security, or robustness. Experimental outcomes demonstrate that achieves competitive or better search efficiency than previous works, especially when the network connection is unstable and slow.
Selfish mining poses a serious threat to PoW(Proof of Work)-based cryptocurrencies. It undermines the incentive mechanism on which cryptocurrencies are based and enables attackers to obtain more rewards than they deserve. However, existing selfish attack schemes are either easily detectable or limited in their effectiveness: the former results in high and obvious forking rates, while the latter sacrifices revenue for covertness. In this paper, we propose a hybrid selfish mining attack, in which attackers covertly earn more with an optimised mining strategy (i.e., intelligently determining the number of blocks to be released in the private chain). Theoretical analysis and simulation results based on the MDP (Markov decision process) stochastic model show that the hybrid selfish mining attack reduces the forking rate considerably (e.g., 14.45%) with only a small loss of revenue (e.g., 4.2%). Additionally, we conduct comprehensive experiments on the implementation costs and actual rewards of the hybrid selfish mining attack. The results demonstrate its effectiveness across almost all PoW-based cryptocurrencies. Finally, we argue that the hybrid selfish mining attack may be mitigated by new consensus mechanisms (e.g., Proof of Stake) or standard countermeasures.
Federated learning (FL) has emerged as a privacy-preserving paradigm for distributed learning on mobile devices. Despite its widespread adoption, FL remains vulnerable to two major threats: untrusted clients launching Byzantine attacks to hinder convergence, and malicious aggregators manipulating results by excluding or biasing updates. While prior studies have made initial attempts to address these risks, fundamental limitations remain: 1) a narrow focus on either Byzantine attacks or verifiable aggregation, failing to provide comprehensive protection, 2) reliance on unrealistic assumptions, such as knowledge of adversary numbers, semi-honest clients, or server access to clean data, 3) excessive computational overhead, limiting real-world applicability and deployment on resource-constrained devices. To address these issues, we propose BVFL, a lightweight batch verifiable aggregation framework that tackles threats from both malicious clients and the aggregator. First, we introduce a zero-knowledge-based adaptive defense with random sampling techniques to mitigate Byzantine attacks efficiently without introducing additional assumptions. Second, unlike conventional verifiable aggregation protocols that verify commitments at the element level, we design PolyAgg, an efficient protocol enabling batch verification at the polynomial level via polynomial additive-homomorphic commitment, reducing computational overhead. Security analyses and experiments across diverse datasets, models, adversary fractions, and data heterogeneity demonstrate that our BVFL framework robustly defends against Byzantine attacks while achieving up to 9x faster performance than state-of-the-art methods.
Multi-image steganography is one of the important branches in protecting information. However, the steganographic or hiding capacity is greatly limited by the visual security. In this paper, we propose a new strategy named maximum energy block to identify the optimal hiding region of cover carrier, where multiple secret images can be hidden while causing an extremely minimal change of visual perception. This concept is enlightened by the fact that the human visual system is not sensitive to the grayscale variation in the areas of high energy and the edges or textures of complex. To furtherly minimize the visual impact of secret image on cover carrier and greatly extend the available steganographic space, a cover carrier of color video and the discrete wavelet transform are adopted. Thereby, one can screen out the high-frequency component of the highest energy block in video frames as the best-of-breed area for steganography, such that greatly increasing the difficulties of forensic. Meanwhile, multiple secret images are also compressed using 2D compressive sensing and then embedded into specified channels of different video frames based on a SHA256-based mapping, respectively. This operation can not only reduce the amount of hiding data and improve the steganographic capacity, but also bring about more safety and higher visual security. The secret images can be extracted and reconstructed accurately in the inverse process using correct keys. Experimental results verify the effectiveness of our method.