Showing total 229 results

1. Low complexity smart grid security protocol based on elliptic curve cryptography, biometrics and hamming distance.

Author

Mutlaq, Keyan Abdul-Aziz, Nyangaresi, Vincent Omollo, Omar, Mohd Adib, Abduljabbar, Zaid Ameen, Abduljaleel, Iman Qays, Ma, Junchao, and Al Sibahee, Mustafa A.

Subjects

HAMMING distance, POWER supply quality, CRYPTOGRAPHY, ELLIPTIC curve cryptography, SMART cards, INFORMATION & communication technologies, ELECTRIC power distribution grids

Abstract

The incorporation of information and communication technologies in the power grids has greatly enhanced efficiency in the management of demand-responses. In addition, smart grids have seen considerable minimization in energy consumption and enhancement in power supply quality. However, the transmission of control and consumption information over open public communication channels renders the transmitted messages vulnerable to numerous security and privacy violations. Although many authentication and key agreement protocols have been developed to counter these issues, the achievement of ideal security and privacy levels at optimal performance still remains an uphill task. In this paper, we leverage on Hamming distance, elliptic curve cryptography, smart cards and biometrics to develop an authentication protocol. It is formally analyzed using the Burrows-Abadi-Needham (BAN) logic, which shows strong mutual authentication and session key negotiation. Its semantic security analysis demonstrates its robustness under all the assumptions of the Dolev-Yao (DY) and Canetti- Krawczyk (CK) threat models. From the performance perspective, it is shown to incur communication, storage and computation complexities compared with other related state of the art protocols. [ABSTRACT FROM AUTHOR]

Published

2024

2. Open source software security vulnerability detection based on dynamic behavior features.

Author

Li, Yuancheng, Ma, Longqiang, Shen, Liang, Lv, Junfeng, and Zhang, Pan

Subjects

OPEN source software, FEATURE extraction, SOURCE code, INVESTMENT analysis, SOFTWARE engineering, COMPUTER software

Abstract

Open source software has been widely used in various industries due to its openness and flexibility, but it also brings potential security problems. Therefore, security analysis is required before using open source software. The current mainstream open source software vulnerability analysis technology is based on source code, and there are problems such as false positives, false negatives and restatements. In order to solve the problems, based on the further study of behavior feature extraction and vulnerability detection technology, a method of using dynamic behavior features to detect open source software vulnerabilities is proposed. Firstly, the relationship between open source software vulnerability and API call sequence is studied. Then, the behavioral risk vulnerability database of open source software is proposed as a support for vulnerability detection. In addition, the CNN-IndRNN classification model is constructed by improving the Independently Recurrent Neural Net-work (IndRNN) algorithm and applies to open source software security vulnerability detection. The experimental results verify the effectiveness of the proposed open source software security vulnerability detection method based on dynamic behavior features. [ABSTRACT FROM AUTHOR]

Published

2019

3. Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016.

Author

Teruya, Tadanori

Subjects

ELLIPTIC curves, CRYPTOGRAPHY, PROBLEM solving, FINITE fields, COMPUTER operating systems

Abstract

Wang et al. proposed a method for obtaining elliptic curves with embedding degree 1 for securing critical infrastructures, and presented several elliptic curves generated by their method with torsion points of 160 bits and 189 bits orders. They also presented some experimental results and claimed that their implementation of an elliptic curve generated with their method is faster than an implementation for embedded devices presented by Bertoni et al. In this paper, we point out that the security and efficiency claims given by Wang et al. are flawed. Specifically, we show that it is possible to solve finite field discrete logarithm problems defined over their elliptic curves in practice. On the elliptic curves with torsion points of 160 bits orders generated by Wang et al., their instances of finite field discrete logarithm problems are solved in around 4 hours by using a standard desktop PC. On the torsion points of 189 bits orders, their instances are solved in around 10 days by using two standard desktop PCs. The hardness of the finite field discrete logarithm problems is one of the most important bases of security; therefore, their elliptic curves should not be used for cryptographic purposes. [ABSTRACT FROM AUTHOR]

Published

2019

4. A novel method for linguistic steganography by English translation using attention mechanism and probability distribution theory.

Author

Lin, YiQing and Wang, ZhongHua

Subjects

PROBABILITY theory, ENGLISH language, MACHINE translating, CRYPTOGRAPHY, TRANSLATING & interpreting, MACHINE performance

Abstract

To enhance our ability to model long-range semantical dependencies, we introduce a novel approach for linguistic steganography through English translation. This method leverages attention mechanisms and probability distribution theory, known as NMT-stega (Neural Machine Translation-steganography). Specifically, to optimize translation accuracy and make full use of valuable source text information, we employ an attention-based NMT model as our translation technique. To address potential issues related to the degradation of text quality due to secret information embedding, we have devised a dynamic word pick policy based on probability variance. This policy adaptively constructs an alternative set and dynamically adjusts embedding capacity at each time step, guided by variance thresholds. Additionally, we have incorporated prior knowledge into the model by introducing a hyper-parameter that balances the contributions of the source and target text when predicting the embedded words. Extensive ablation experiments and comparative analyses, conducted on a large-scale Chinese-English corpus, validate the effectiveness of the proposed method across several critical aspects, including embedding rate, text quality, anti-steganography, and semantical distance. Notably, our numerical results demonstrate that the NMT-stega method outperforms alternative approaches in anti-steganography tasks, achieving the highest scores in two steganalysis models, NFZ-WDA (with score of 53) and LS-CNN (with score of 56.4). This underscores the superiority of NMT-stega in the anti-steganography attack task. Furthermore, even when generating longer sentences, with average lengths reaching 47 words, our method maintains strong semantical relationships, as evidenced by a semantic distance of 87.916. Moreover, we evaluate the proposed method using two metrics, Bilingual Evaluation Understudy and Perplexity, and achieve impressive scores of 42.103 and 23.592, respectively, highlighting its exceptional performance in the machine translation task. [ABSTRACT FROM AUTHOR]

Published

2024

5. Self-recovery reversible image watermarking algorithm.

Author

Zhang, Zhengwei, Sun, He, Gao, Shangbing, and Jin, Shenghua

Subjects

DIGITAL watermarking, DATA encryption, WATERMARKS, ALGORITHMS, DIGITAL images

Abstract

The integrity of image content is essential, although most watermarking algorithms can achieve image authentication but not automatically repair damaged areas or restore the original image. In this paper, a self-recovery reversible image watermarking algorithm is proposed to recover the tampered areas effectively. First of all, the original image is divided into homogeneous blocks and non-homogeneous blocks through multi-scale decomposition, and the feature information of each block is calculated as the recovery watermark. Then, the original image is divided into 4×4 non-overlapping blocks classified into smooth blocks and texture blocks according to image textures. Finally, the recovery watermark generated by homogeneous blocks and error-correcting codes is embedded into the corresponding smooth block by mapping; watermark information generated by non-homogeneous blocks and error-correcting codes is embedded into the corresponding non-embedded smooth block and the texture block via mapping. The correlation attack is detected by invariant moments when the watermarked image is attacked. To determine whether a sub-block has been tampered with, its feature is calculated and the recovery watermark is extracted from the corresponding block. If the image has been tampered with, it can be recovered. The experimental results show that the proposed algorithm can effectively recover the tampered areas with high accuracy and high quality. The algorithm is characterized by sound visual quality and excellent image restoration. [ABSTRACT FROM AUTHOR]

Published

2018

6. On the security of consumer wearable devices in the Internet of Things.

Author

Tahir, Hasan, Tahir, Ruhma, and McDonald-Maier, Klaus

Subjects

WEARABLE technology, INTERNET security, INTERNET of things, COMPUTER input-output equipment, EMERGING markets

Abstract

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands. [ABSTRACT FROM AUTHOR]

Published

2018

7. Protection of Location Privacy Based on Distributed Collaborative Recommendations.

Author

Wang, Peng, Yang, Jing, and Zhang, Jian-Pei

Subjects

COMMUNICATION, BOTTLENECKS (Manufacturing), CENTROID, CRYPTOGRAPHY, LOCATION-based services

Abstract

In the existing centralized location services system structure, the server is easily attracted and be the communication bottleneck. It caused the disclosure of users’ location. For this, we presented a new distributed collaborative recommendation strategy that is based on the distributed system. In this strategy, each node establishes profiles of their own location information. When requests for location services appear, the user can obtain the corresponding location services according to the recommendation of the neighboring users’ location information profiles. If no suitable recommended location service results are obtained, then the user can send a service request to the server according to the construction of a k-anonymous data set with a centroid position of the neighbors. In this strategy, we designed a new model of distributed collaborative recommendation location service based on the users’ location information profiles and used generalization and encryption to ensure the safety of the user’s location information privacy. Finally, we used the real location data set to make theoretical and experimental analysis. And the results show that the strategy proposed in this paper is capable of reducing the frequency of access to the location server, providing better location services and protecting better the user’s location privacy. [ABSTRACT FROM AUTHOR]

Published

2016

8. Cryptanalysis and improvement of an elliptic curve based signcryption scheme for firewalls.

Author

Zia, Malik and Ali, Rashid

Subjects

COMPUTER network security, FIREWALLS (Computer security), DATA security, COMPUTER security, CRYPTOGRAPHY

Abstract

In network security, firewall is a security system that observes and controls the network traffic based on some predefined rules. A firewall sets up a barrier between internal network and another outside unsecured network, such as the Internet. A number of signcryption schemes for firewall are proposed over the years, many of them are proved to have security flaws. In this paper, an elliptic curve based signcryption scheme for firewalls is analyzed. It is observed that the scheme is not secure and has many security flaws. Anyone who knows the public parameters, can modify the message without the knowledge of sender and receiver. The claimed security attributes of non-repudiation, unforgeability, integrity and authentication are compromised. After successful cryptanalysis of this scheme, we proposed a modified version of the scheme. [ABSTRACT FROM AUTHOR]

Published

2018

9. Design of a BIST implemented AES crypto-processor ASIC.

Author

Ali, Md. Liakot, Rahman, Md. Shazzatur, and Hossain, Fakir Sharif

Subjects

APPLICATION-specific integrated circuits, ADVANCED Encryption Standard, ELECTRONIC design automation, COMPUTER software security, ALGORITHMS, CRYPTOGRAPHY

Abstract

This paper presents the design of a Built-in-self-Test (BIST) implemented Advanced Encryption Standard (AES) cryptoprocessor Application Specific Integrated Circuit (ASIC). AES has been proved as the strongest symmetric encryption algorithm declared by USA Govt. and it outperforms all other existing cryptographic algorithms. Its hardware implementation offers much higher speed and physical security than that of its software implementation. Due to this reason, a number of AES cryptoprocessor ASIC have been presented in the literature, but the problem of testability in the complex AES chip is not addressed yet. This research introduces a solution to the problem for the AES cryptoprocessor ASIC implementing mixed-mode BIST technique, a hybrid of pseudo-random and deterministic techniques. The BIST implemented ASIC is designed using IEEE industry standard Hardware Description Language(HDL). It has been simulated using Electronic Design Automation (EDA)tools for verification and validation using the input-output data from the National Institute of Standard and Technology (NIST) of the USA Govt. The simulation results show that the design is working as per desired functionalities in different modes of operation of the ASIC. The current research is compared with those of other researchers, and it shows that it is unique in terms of BIST implementation into the ASIC chip. [ABSTRACT FROM AUTHOR]

Published

2021

10. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy.

Author

Qiu, Shuming, Xu, Guoai, Ahmad, Haseeb, and Guo, Yanhui

Subjects

SESSION Initiation Protocol (Computer network protocol), BIOMETRIC identification, MULTIMEDIA communications, CRYPTOGRAPHY, COMPUTER security

Abstract

The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure. [ABSTRACT FROM AUTHOR]

Published

2018

11. Obfuscating encrypted threshold signature algorithm and its applications in cloud computing.

Author

Li, Yahong, Wei, Jianzhou, Wu, Bin, Wang, Chunli, Wang, Caifen, Zhang, Yulei, and Yang, Xiaodong

Subjects

CLOUD computing, ALGORITHMS, CRYPTOGRAPHY

Abstract

Current cloud computing causes serious restrictions to safeguarding users' data privacy. Since users' sensitive data is submitted in unencrypted forms to remote machines possessed and operated by untrusted service providers, users' sensitive data may be leaked by service providers. Program obfuscation shows the unique advantages that it can provide for cloud computing. In this paper, we construct an encrypted threshold signature functionality, which can outsource the threshold signing rights of users to cloud server securely by applying obfuscation, while revealing no more sensitive information. The obfuscator is proven to satisfy the average case virtual black box property and existentially unforgeable under the decisional linear (DLIN) assumption and computational Diffie-Hellman (CDH) assumption in the standard model. Moreover, we implement our scheme using the Java pairing-based cryptography library on a laptop. [ABSTRACT FROM AUTHOR]

Published

2021

12. Analytical cryptanalysis upon N = p2q utilizing Jochemsz-May strategy.

Author

Adenan, Nurul Nur Hanisah, Kamel Ariffin, Muhammad Rezal, Yunos, Faridah, Sapar, Siti Hasana, and Asbullah, Muhammad Asyraf

Subjects

FACTORIZATION, INTEGERS, POLYNOMIALS, CRYPTOGRAPHY

Abstract

This paper presents a cryptanalytic approach on the variants of the RSA which utilizes the modulus N = p2q where p and q are balanced large primes. Suppose e∈Z+ satisfying gcd(e, ϕ(N)) = 1 where ϕ(N) = p(p − 1)(q − 1) and d < Nδ be its multiplicative inverse. From ed − kϕ(N) = 1, by utilizing the extended strategy of Jochemsz and May, our attack works when the primes share a known amount of Least Significant Bits(LSBs). This is achievable since we obtain the small roots of our specially constructed integer polynomial which leads to the factorization of N. More specifically we show that N can be factored when the bound δ<119−294+18γ. Our attack enhances the bound of some former attacks upon N = p2q. [ABSTRACT FROM AUTHOR]

Published

2021

13. Reversible data hiding techniques with high message embedding capacity in images.

Author

Aziz, Furqan, Ahmad, Taeeb, Malik, Abdul Haseeb, Uddin, M. Irfan, Ahmad, Shafiq, and Sharaf, Mohamed

Subjects

CRYPTOGRAPHY, IMAGE, PIXELS, HISTOGRAMS, DATA, POPULARITY

Abstract

Reversible Data Hiding (RDH) techniques have gained popularity over the last two decades, where data is embedded in an image in such a way that the original image can be restored. Earlier works on RDH was based on the Image Histogram Modification that uses the peak point to embed data in the image. More recent works focus on the Difference Image Histogram Modification that exploits the fact that the neighbouring pixels of an image are highly correlated and therefore the difference of image makes more space to embed large amount of data. In this paper we propose a framework to increase the embedding capacity of reversible data hiding techniques that use a difference of image to embed data. The main idea is that, instead of taking the difference of the neighboring pixels, we rearrange the columns (or rows) of the image in a way that enhances the smooth regions of an image. Any difference based technique to embed data can then be used in the transformed image. The proposed method is applied on different types of images including textures, patterns and publicly available images. Experimental results demonstrate that the proposed method not only increases the message embedding capacity of a given image by more than 50% but also the visual quality of the marked image containing the message is more than the visual quality obtained by existing state-of-the-art reversible data hiding technique. The proposed technique is also verified by Pixel Difference Histogram (PDH) Stegoanalysis and results demonstrate that marked images generated by proposed method is undetectable by PDH analysis. [ABSTRACT FROM AUTHOR]

Published

2020

14. An efficient and adaptive data-hiding scheme based on secure random matrix.

Author

Zhang, Mingwu, Zhang, Shaochen, and Harn, Lein

Subjects

RANDOM matrices, SIGNAL-to-noise ratio, IMAGE encryption, DIGITAL images, COMPUTER security

Abstract

There is a vivid research on securely deliver a secret message by using a data hiding technique in digital images. However, most existing solutions of data-hiding need to encrypt secret data first, and embed the encrypt message into cover image, which is not promising any security once the embedding algorithm is leaked. In this paper, an efficient and adaptive data hiding scheme is presented which is based on a new reference matrix named secure reference matrix. The scheme is flexible enough to meet different data hiding capacities and image quality as needed, and we allow the reference matrix to be more secure since it is randomly generated each time and make it much harder for being attack with exhaustive manner by extending the possible solution. We give the detail protocol for our scheme and provide the practical test and performance analysis. Experimental results show that our scheme has a better flexibility and efficiency in embedding process, and the average value of Peak Signal to Noise Ratio (PSNR) for the stego-images which are generated by our scheme have a higher visual quality for different embedding capacities, and our scheme is more efficient compared with related work. [ABSTRACT FROM AUTHOR]

Published

2019

15. Constructing Pairing-Friendly Elliptic Curves under Embedding Degree 1 for Securing Critical Infrastructures.

Author

Wang, Maocai, Dai, Guangming, Choo, Kim-Kwang Raymond, Jayaraman, Prem Prakash, and Ranjan, Rajiv

Subjects

ELLIPTIC curves, EMBEDDING theorems, ALGEBRAIC geometry, CRYPTOGRAPHY, INFORMATION technology, NATIONAL security, ALGORITHMS

Abstract

Information confidentiality is an essential requirement for cyber security in critical infrastructure. Identity-based cryptography, an increasingly popular branch of cryptography, is widely used to protect the information confidentiality in the critical infrastructure sector due to the ability to directly compute the user’s public key based on the user’s identity. However, computational requirements complicate the practical application of Identity-based cryptography. In order to improve the efficiency of identity-based cryptography, this paper presents an effective method to construct pairing-friendly elliptic curves with low hamming weight 4 under embedding degree 1. Based on the analysis of the Complex Multiplication(CM) method, the soundness of our method to calculate the characteristic of the finite field is proved. And then, three relative algorithms to construct pairing-friendly elliptic curve are put forward. 10 elliptic curves with low hamming weight 4 under 160 bits are presented to demonstrate the utility of our approach. Finally, the evaluation also indicates that it is more efficient to compute Tate pairing with our curves, than that of Bertoni et al. [ABSTRACT FROM AUTHOR]

Published

2016

16. CP-ABE Based Privacy-Preserving User Profile Matching in Mobile Social Networks.

Author

Cui, Weirong, Du, Chenglie, and Chen, Jinchao

Subjects

ONLINE social networks, DATA privacy, DATA encryption, COMPUTER security, CRYPTOGRAPHY

Abstract

Privacy-preserving profile matching, a challenging task in mobile social networks, is getting more attention in recent years. In this paper, we propose a novel scheme that is based on ciphertext-policy attribute-based encryption to tackle this problem. In our scheme, a user can submit a preference-profile and search for users with matching-profile in decentralized mobile social networks. In this process, no participant’s profile and the submitted preference-profile is exposed. Meanwhile, a secure communication channel can be established between the pair of successfully matched users. In contrast to existing related schemes which are mainly based on the secure multi-party computation, our scheme can provide verifiability (both the initiator and any unmatched user cannot cheat each other to pretend to be matched), and requires few interactions among users. We provide thorough security analysis and performance evaluation on our scheme, and show its advantages in terms of security, efficiency and usability over state-of-the-art schemes. [ABSTRACT FROM AUTHOR]

Published

2016

17. LiPISC: A Lightweight and Flexible Method for Privacy-Aware Intersection Set Computation.

Author

Ren, Wei, Huang, Shiyong, Ren, Yi, and Choo, Kim-Kwang Raymond

Subjects

COMPUTER science, DATA security, INTERSECTION theory, APPROXIMATION theory, MATHEMATICAL models

Abstract

Privacy-aware intersection set computation (PISC) can be modeled as secure multi-party computation. The basic idea is to compute the intersection of input sets without leaking privacy. Furthermore, PISC should be sufficiently flexible to recommend approximate intersection items. In this paper, we reveal two previously unpublished attacks against PISC, which can be used to reveal and link one input set to another input set, resulting in privacy leakage. We coin these as Set Linkage Attack and Set Reveal Attack. We then present a lightweight and flexible PISC scheme (LiPISC) and prove its security (including against Set Linkage Attack and Set Reveal Attack). [ABSTRACT FROM AUTHOR]

Published

2016

18. A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network.

Author

Lai, Yan-Ming, Cheng, Pu-Jen, Lee, Cheng-Chi, and Ku, Chia-Yi

Subjects

WIRELESS mesh networks, ROAMING (Telecommunication), INTERNET access, COMPUTER network security, TAMPER-proof packaging, SCALABILITY

Abstract

Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.’s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.’s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client’s privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay. [ABSTRACT FROM AUTHOR]

Published

2016

19. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

Author

Reddy, Alavalapati Goutham, Das, Ashok Kumar, Odelu, Vanga, and Yoo, Kee-Young

Subjects

BIOMETRIC identification, ELLIPTIC curve cryptography, COMPUTER network protocols, COMPUTER access control, SYNCHRONIZATION

Abstract

Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. [ABSTRACT FROM AUTHOR]

Published

2016

20. Complex Generalized Synchronization and Parameter Identification of Nonidentical Nonlinear Complex Systems.

Author

Wang, Shibing, Wang, Xingyuan, and Han, Bo

Subjects

PARAMETER identification, CHAOS synchronization, LYAPUNOV stability, MEMRISTORS, FEASIBILITY studies

Abstract

In this paper, generalized synchronization (GS) is extended from real space to complex space, resulting in a new synchronization scheme, complex generalized synchronization (CGS). Based on Lyapunov stability theory, an adaptive controller and parameter update laws are designed to realize CGS and parameter identification of two nonidentical chaotic (hyperchaotic) complex systems with respect to a given complex map vector. This scheme is applied to synchronize a memristor-based hyperchaotic complex Lü system and a memristor-based chaotic complex Lorenz system, a chaotic complex Chen system and a memristor-based chaotic complex Lorenz system, as well as a memristor-based hyperchaotic complex Lü system and a chaotic complex Lü system with fully unknown parameters. The corresponding numerical simulations illustrate the feasibility and effectiveness of the proposed scheme. [ABSTRACT FROM AUTHOR]

Published

2016

21. FOPBIE: Multi-image cipher based on the random walk of fleet of pawns on the large hypothetical chessboard and chaotic system.

Author

Akram, Muhammad, Ali, Shahzad, Alqahtani, Jarallah, Iqbal, Nadeem, Alqahtani, Ali, and Ikram, Atif

Subjects

IMAGE encryption, BLOCK ciphers, RANDOM walks, RANDOM number generators, CIPHERS, CRYPTOGRAPHY, RANDOM numbers, ENTROPY (Information theory), VEHICLE routing problem

Abstract

In the last two decades or so, a large number of image ciphers have been written. The majority of these ciphers encrypt only one image at a time. Few image ciphers were written which could encrypt multiple images in one session. The current era needs speedy multiple image ciphers to address its varied needs in different settings. Motivated by this dictation, the current study has ventured to write a multi-image cipher based on the fleet of pawns walking in the large hypothetical chessboard. This walk of pawns on the chessboard has been ingeniously linked with transferring the pixels from the plain image to the scrambled image. The confusion effects have been realized through the XOR operation between the scrambled image and the key image. The plaintext sensitivity has been incorporated by embedding the SHA-384 hash codes of the given large combined plain image. Moreover, the Henon map has been employed to spawn the streams of random numbers. Besides, Blum Blum Shub random number generator has been used to further cement the security of the proposed cipher. We got a computational time of 0.2278 seconds and an encryption throughput of 5.5782 MBit/seconds by using the four images with a size of 256×256. Apart from that, the information entropy gained is 7.9993. Lastly, the cipher has been subjected to an array of validation metrics to demonstrate its aversion to the myriad threats from the cryptanalysis savvy. We contend that the proposed work has great potential for some real-world applications. [ABSTRACT FROM AUTHOR]

Published

2024

22. Secure two-party computation of solid triangle area and tetrahedral volume based on cloud platform.

Author

Zhang, Jing, Li, Lixiang, Tang, Yongli, Luo, Shoushan, Yang, Yixian, and Xin, Yang

Subjects

SOLID geometry, EUCLIDEAN distance, EUCLIDEAN geometry, CLOUD computing, TRIANGLES, TETRAHEDRAL molecules

Abstract

With the emergence and widespread application of cloud computing, the use of cloud platforms to solve the problem of secure multi-party computation has emerged as a new research direction. The traditional computation of a solid geometry is performed through mutual interactions between two parties, which is not suitable in an untrusted cloud computing environment. In this paper, we first design a basic protocol for a secure Euclidean distance calculation that is suitable for cloud platforms and can serve as a building block for other protocols on cloud platforms. Using the solution of the Euclidean distance problem as such a building block, we provide a new method that converts the problems of calculating solid triangular areas and solid tetrahedral volumes into the calculation of distances and determinants in three-dimensional space. Then, we discuss solid point-line distance calculations, which extent the idea of the spatial geometry security problem. We present protocols for the above problems and prove that the proposed protocols can resist conspiracy among users and the untrusted cloud platform so that they can effectively ensure the privacy of the users. We also analyze the performances of these solutions. The analysis results show that our scheme is more versatile. [ABSTRACT FROM AUTHOR]

Published

2019

23. PPCD: Privacy-preserving clinical decision with cloud support.

Author

Ma, Hui, Guo, Xuyang, Ping, Yuan, Wang, Baocang, Yang, Yuehua, Zhang, Zhili, and Zhou, Jingxian

Subjects

DECISION support systems, INVESTMENT analysis, MACHINE learning, MULTILAYER perceptrons, CLOUD computing, PHYSICAL sciences

Abstract

With the prosperity of machine learning and cloud computing, meaningful information can be mined from mass electronic medical data which help physicians make proper disease diagnosis for patients. However, using medical data and disease information of patients frequently raise privacy concerns. In this paper, based on single-layer perceptron, we propose a scheme of privacy-preserving clinical decision with cloud support (PPCD), which securely conducts disease model training and prediction for the patient. Each party learns nothing about the other’s private information. In PPCD, a lightweight secure multiplication is presented and introduced to improve the model training. Security analysis and experimental results on real data confirm the high accuracy of disease prediction achieved by the proposed PPCD without the risk of privacy disclosure. [ABSTRACT FROM AUTHOR]

Published

2019

24. High capacity reversible data hiding with interpolation and adaptive embedding.

Author

Wahed, Md. Abdul and Nyeem, Hussain

Subjects

REVERSIBLE data hiding (Computer science), INTERPOLATION, DIGITAL image processing, BIG data, VERTEBRATES, LABOR economics

Abstract

A new Interpolation based Reversible Data Hiding (IRDH) scheme is reported in this paper. For different applications of an IRDH scheme to the digital image, video, multimedia, big-data and biological data, the embedding capacity requirement usually varies. Disregarding this important consideration, existing IRDH schemes do not offer a better embedding rate-distortion performance for varying size payloads. To attain this varying capacity requirement with our proposed adaptive embedding, we formulate a capacity control parameter and propose to utilize it to determine a minimum set of embeddable bits in a pixel. Additionally, we use a logical (or bit-wise) correlation between the embeddable pixel and estimated versions of an embedded pixel. Thereby, while a higher range between an upper and lower limit of the embedding capacity is maintained, a given capacity requirement within that limit is also attained with a better-embedded image quality. Computational modeling of all new processes of the scheme is presented, and performance of the scheme is evaluated with a set of popular test-images. Experimental results of our proposed scheme compared to the prominent IRDH schemes have recorded a significantly better-embedding rate-distortion performance. [ABSTRACT FROM AUTHOR]

Published

2019

25. An efficient heterogeneous signcryption for smart grid.

Author

Jin, Chunhua, Chen, Guanhua, Yu, Changhui, Shan, Jinsong, Zhao, Jianyang, and Jin, Ying

Subjects

SMART power grids, SMART meters, PUBLIC key cryptography, INFORMATION & communication technologies, DATA transmission systems

Abstract

A smart grid, considered the next-generation type of power grid, combines a traditional power grid with information and communication technologies to effectively facilitate power generation and ensure transmission security and reliability in real-time. Only authorized consumers should be able to access the smart grid because the information gathered by smart meters includes users’ private information. However, smart grid security is still a challenge. Motivated by this challenge, in this paper, we propose a heterogeneous signcryption (HSC) scheme for secure communication between smart meters and the utility. We demonstrate that this scheme is indistinguishable against adaptive chosen-ciphertext attacks (IND-CCA2), existentially unforgeable against adaptive chosen-message attacks (EUF-CMA) and ciphertext-anonymous against adaptive chosen ciphertext attacks (ANON-CCA2) under the computational Diffie-Hellman (CDH) problem in the random oracle model. Our scheme simultaneously achieves confidentiality, integrity, authentication, non-repudiation and ciphertext anonymity in a single logical step. It supports heterogeneous systems, allowing a meter in an identity-based cryptography (IBC) environment to transmit electrical usage data to a utility in a public key infrastructure (PKI) environment. Compared with other existing related schemes, our scheme has the lowest communication overhead and energy consumption for the smart grid. Based on these features, our scheme is highly suitable for secure power transmissions in a smart grid. [ABSTRACT FROM AUTHOR]

Published

2018

26. A secure heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems.

Author

Lin, Han-Yu

Subjects

COMPUTERS in medicine, CLOUD computing, PUBLIC key infrastructure (Computer security), INFORMATION resources management, TELEMEDICINE

Abstract

Heterogeneous mobile authentication is a crucial technique to securely retrieve the resource of e-healthcare cloud servers which are commonly implemented in a public key Infrastructure (PKI). Conventionally, a mobile data user can utilize a self-chosen password along with a portable device to request the access privilege of clouds. However, to validate the membership of users, a cloud server usually has to make use of a password table, which not only increases the burden of management, but also raises the possibility of information leakage. In this paper, we propose a secure heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems. In our system structure, an e-healthcare cloud server of traditional PKIs does not have to store a password table. A legitimate data user only possesses a security token hardware and keeps an offline updatable password without using any private key. Our scheme is classified into the category of dynamic ID authentication techniques, since a data user is able to preserve his/her anonymity during authentication processes. We formally prove that the proposed mechanism fulfills the essential authenticated key exchange (AKE) security and owns lower computational costs. To further ensure the practical application security, an automatic security validation tool called AVISPA is also adopted to analyze possible attacks and pitfalls of our designed protocol. [ABSTRACT FROM AUTHOR]

Published

2018

27. A short certificateless aggregate signature against coalition attacks.

Author

Yang, Xiaodong, Wang, Jinli, Ma, Tingchun, Li, Yutong, and Wang, Caifen

Subjects

CRYPTOSYSTEMS, ORACLE software, INFORMATION science, COMPUTER security, COMPUTER science

Abstract

Certificateless aggregate signature (CLAS) is a crucial cryptosystem. It can not only compress multiple signatures into a short signature, but also ensure the validity of each signature participating in the aggregation by verifying the validity of an resulting aggregate signature. Therefore, a secure and efficient CLAS scheme is very useful for resource-constrained environments because it greatly reduces the overall length of the signature and the verifier’s computational overhead. Cheng et al. presented an efficient CLAS scheme and proved its security in the random oracle model. However, we find that their scheme has security flaws. In this paper, we demonstrate that Cheng et al.’s CLAS scheme is vulnerable to coalition attacks from internal signers. To overcome these attacks, we present an improved CLAS scheme and prove that it is existentially unforgeable under the computational Diffie-Hellman assumption. In addition, our CLAS scheme can not only resist coalition attacks but also generate a very short aggregate signature. The performance analysis results show that our improved CLAS scheme is lower than the related CLAS schemes in terms of communication overhead and computation cost. [ABSTRACT FROM AUTHOR]

Published

2018

28. A novel image encryption scheme based on quantum dynamical spinning and rotations.

Author

Khan, Majid and Waseem, Hafiz Muhammad

Subjects

IMAGE encryption, QUANTUM theory, CRYPTOGRAPHY, INTERNET security, DATA encryption

Abstract

Quantum information processing made a tremendous and remarkable impact on number of classical mechanic’s problems. The impact does not only stop at classical mechanics but also the cyber security paradigm. Quantum information and cryptography are two classes of quantum information processing which use the idea of qubits instead of bits as in classical information security. The idea of fast computations with multiple complexity level is becoming more realistic in the age of quantum information due to quantum parallelism where a single quantum computer does allow to compute hundreds of classical computers with less efforts and more accuracy. The evolution of quantum information processing replaces a number of classical mechanic’s aspects in computational and cyber security sciences. Our aim here is to introduce concepts of applied quantum dynamics in cryptography, which leads to an evolution of quantum cryptography. Quantum cryptography is one of the most astonishing solicitations of quantum information theory. To measure the quantum state of any system is not possible without disturbing that system. The facts of quantum mechanics on traditional cryptosystems lead to a new protocol and achieving maximum remarkable security for systems. The scope of this paper is to design an innovative encryption scheme for digital data based on quantum spinning and rotation operators. [ABSTRACT FROM AUTHOR]

Published

2018

29. The Trusted Server: A secure computational environment for privacy compliant evaluations on plain personal data.

Author

von Bomhard, Nikolaus, Ahlborn, Bernd, Mason, Catherine, and Mansmann, Ulrich

Subjects

PERSONALLY identifiable information, INFORMATION storage & retrieval systems, SYSTEM administrators, DATA quality, CRYPTOGRAPHY

Abstract

A growing framework of legal and ethical requirements limit scientific and commercial evaluation of personal data. Typically, pseudonymization, encryption, or methods of distributed computing try to protect individual privacy. However, computational infrastructures still depend on human system administrators. This introduces severe security risks and has strong impact on privacy: system administrators have unlimited access to the computers that they manage including encryption keys and pseudonymization-tables. Distributed computing and data obfuscation technologies reduce but do not eliminate the risk of privacy leakage by administrators. They produce higher implementation effort and possible data quality degradation. This paper proposes the Trusted Server as an alternative approach that provides a sealed and inaccessible computational environment in a cryptographically strict sense. During operation or by direct physical access to storage media, data stored and processed inside the Trusted Server can by no means be read, manipulated or leaked, other than by brute-force. Thus, secure and privacy-compliant data processing or evaluation of plain person-related data becomes possible even from multiple sources, which want their data kept mutually secret. [ABSTRACT FROM AUTHOR]

Published

2018

30. Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems.

Author

Xie, Qi, Hu, Bin, Dong, Na, and Wong, Duncan S.

Subjects

TELEMEDICINE, MEDICAL informatics, COMPUTERS in medicine, COMPUTER networks, CRYPTOSYSTEMS

Abstract

Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS. [ABSTRACT FROM AUTHOR]

Published

2014

31. Critical Analysis of the Bennett–Riedel Attack on Secure Cryptographic Key Distributions via the Kirchhoff-Law–Johnson-Noise Scheme.

Author

Kish, Laszlo B., Abbott, Derek, and Granqvist, Claes G.

Subjects

CRITICAL analysis, CRYPTOGRAPHY, KIRCHHOFF'S current law, THERMAL noise, ENERGY dissipation, STATISTICAL errors, THERMODYNAMICS

Abstract

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law–Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged. [ABSTRACT FROM AUTHOR]

Published

2013

32. Evolutionary dynamics of cryptocurrency transaction networks: An empirical study.

Author

Liang, Jiaqi, Li, Linjing, and Zeng, Daniel

Subjects

EVOLUTIONARY theories, CRYPTOCURRENCIES, BLOCKCHAINS, COEFFICIENTS (Statistics), POWER law (Mathematics)

Abstract

Cryptocurrency is a well-developed blockchain technology application that is currently a heated topic throughout the world. The public availability of transaction histories offers an opportunity to analyze and compare different cryptocurrencies. In this paper, we present a dynamic network analysis of three representative blockchain-based cryptocurrencies: Bitcoin, Ethereum, and Namecoin. By analyzing the accumulated network growth, we find that, unlike most other networks, these cryptocurrency networks do not always densify over time, and they are changing all the time with relatively low node and edge repetition ratios. Therefore, we then construct separate networks on a monthly basis, trace the changes of typical network characteristics (including degree distribution, degree assortativity, clustering coefficient, and the largest connected component) over time, and compare the three. We find that the degree distribution of these monthly transaction networks cannot be well fitted by the famous power-law distribution, at the same time, different currency still has different network properties, e.g., both Bitcoin and Ethereum networks are heavy-tailed with disassortative mixing, however, only the former can be treated as a small world. These network properties reflect the evolutionary characteristics and competitive power of these three cryptocurrencies and provide a foundation for future research. [ABSTRACT FROM AUTHOR]

Published

2018

33. Walking along the road with anonymous users in similar attributes.

Author

Bian, Xingchao, Zhang, Lei, Yu, Lili, and Zhang, Binli

Subjects

WALKING, ANONYMOUS persons, QUALITY (Philosophy), APPLIED mathematics, COMPUTER architecture

Abstract

Recently, the ubiquitousness of smartphones and tablet computers have changed the style of people’s daily life. With this tendency, location based service (LBS) has become one of the prosperous types of service along with the wireless and positioning technology development. However, as the LBS server needs precise location information about the user to provide service result, the procedure of LBS may reveal location privacy, especially when a user is utilizing continuous query along the road. In continuous query, attributes of the user are released inadvertently with per-query, and the information can be collected by an adversary as background knowledge to correlate the location trajectory and infer the personal privacy. Although, a user can employ a central server (CS) to provide privacy preservation for his location, the trustfulness of CS still is without testified and it is usually considered as an un-trusted entity. Thus, in this paper, the trustfulness of CS is verified by a game tree, and then with the result we propose a hash based attribute anonymous scheme (short for HBAA) to obfuscate the attributes released in each query along the road. With the help of HBAA, the CS has no opportunity to get any information about the user who sends his query for generalization service. Furthermore, as the set of attributes is transmitted into a fixed length of hash value, the processing time that spent in attribute generalization is stripped down and the performance of executive efficiency is improved. At last, security analysis and simulation experiment are proposed, and then results of security proving as well as simulation experiments further reflect the superiority of our proposed scheme. [ABSTRACT FROM AUTHOR]

Published

2018

34. System steganalysis with automatic fingerprint extraction.

Author

Cervantes, Alejandro, Sloan, Tom, Hernandez-Castro, Julio, and Isasi, Pedro

Subjects

HUMAN fingerprints, DATA extraction, CRYPTOGRAPHY, NAIVE Bayes classification, INFORMATION technology

Abstract

This paper tries to tackle the modern challenge of practical steganalysis over large data by presenting a novel approach whose aim is to perform with perfect accuracy and in a completely automatic manner. The objective is to detect changes introduced by the steganographic process in those data objects, including signatures related to the tools being used. Our approach achieves this by first extracting reliable regularities by analyzing pairs of modified and unmodified data objects; then, combines these findings by creating general patterns present on data used for training. Finally, we construct a Naive Bayes model that is used to perform classification, and operates on attributes extracted using the aforementioned patterns. This technique has been be applied for different steganographic tools that operate in media files of several types. We are able to replicate or improve on a number or previously published results, but more importantly, we in addition present new steganalytic findings over a number of popular tools that had no previous known attacks. [ABSTRACT FROM AUTHOR]

Published

2018

35. Unbounded and revocable hierarchical identity-based encryption with adaptive security, decryption key exposure resistant, and short public parameters.

Author

Xing, Qianqian, Wang, Baosheng, Wang, Xiaofeng, and Tao, Jing

Subjects

CRYPTOSYSTEMS, DATA encryption, THEORY of knowledge, COMPUTER simulation, PROBABILITY theory

Abstract

Revocation functionality and hierarchy key delegation are two necessary and crucial requirements to identity-based cryptosystems. Revocable hierarchical identity-based encryption (RHIBE) has attracted a lot of attention in recent years, many RHIBE schemes have been proposed but shown to be either insecure or bounded where they have to fix the maximum hierarchical depth of RHIBE at setup. In this paper, we propose a new unbounded RHIBE scheme with decryption key exposure resilience and with short public system parameters, and prove our RHIBE scheme to be adaptively secure. Our system model is scalable inherently to accommodate more levels of user adaptively with no adding workload or restarting the system. By carefully designing the hybrid games, we overcome the subtle obstacle in applying the dual system encryption methodology for the unbounded and revocable HIBE. To the best of our knowledge, this is the first construction of adaptively secure unbounded RHIBE scheme. [ABSTRACT FROM AUTHOR]

Published

2018

36. Anonymity-preserving Reputation Management System for health sector.

Author

Jabeen, Farhana, Hamid, Zara, Abdul, Wadood, Ghouzali, Sanaa, Khan, Abid, Malik, Saif Ur Rehman, Shaukat Khan, Mansoor, and Nawaz, Sarfraz

Subjects

MEDICAL quality control, CONTEXT-aware computing, PATIENT satisfaction, PATIENT compliance, MEDICAL personnel, COMPUTER network protocols

Abstract

In health sector, trust is considered important because it indirectly influences the quality of health care through patient satisfaction, adherence and the continuity of its relationship with health care professionals and the promotion of accurate and timely diagnoses. One of the important requirements of TRSs in the health sector is rating secrecy, which mandates that the identification information about the service consumer should be kept secret to prevent any privacy violation. Anonymity and trust are two imperative objectives, and no significant explicit efforts have been made to achieve both of them at the same time. In this paper, we present a framework for solving the problem of reconciling trust with anonymity in the health sector. Our solution comprises Anonymous Reputation Management (ARM) protocol and Context-aware Trustworthiness Assessment (CTA) protocol. ARM protocol ensures that only those service consumers who received a service from a specific service provider provide a recommendation score anonymously with in the specified time limit. The CTA protocol computes the reputation of a user as a service provider and as a recommender. To determine the correctness of the proposed ARM protocol, formal modelling and verification are performed using High Level Petri Nets (HLPN) and Z3 Solver. Our simulation results verify the accuracy of the proposed context-aware trust assessment scheme. [ABSTRACT FROM AUTHOR]

Published

2018

37. A novel encryption scheme for high-contrast image data in the Fresnelet domain.

Author

Bibi, Nargis, Farwa, Shabieh, Muhammad, Nazeer, Jahngir, Adnan, and Usman, Muhammad

Subjects

FRESNEL lenses, IMAGE encryption, COMPUTATIONAL complexity, MATHEMATICAL analysis, GALOIS theory

Abstract

In this paper, a unique and more distinctive encryption algorithm is proposed. This is based on the complexity of highly nonlinear S box in Flesnelet domain. The nonlinear pattern is transformed further to enhance the confusion in the dummy data using Fresnelet technique. The security level of the encrypted image boosts using the algebra of Galois field in Fresnelet domain. At first level, the Fresnelet transform is used to propagate the given information with desired wavelength at specified distance. It decomposes given secret data into four complex subbands. These complex sub-bands are separated into two components of real subband data and imaginary subband data. At second level, the net subband data, produced at the first level, is deteriorated to non-linear diffused pattern using the unique S-box defined on the Galois field . In the diffusion process, the permuted image is substituted via dynamic algebraic S-box substitution. We prove through various analysis techniques that the proposed scheme enhances the cipher security level, extensively. [ABSTRACT FROM AUTHOR]

Published

2018

38. Revocable identity-based proxy re-signature against signing key exposure.

Author

Yang, Xiaodong, Chen, Chunlin, Ma, Tingchun, Wang, Jinli, and Wang, Caifen

Subjects

INFORMATION storage & retrieval systems, CRYPTOGRAPHY, CLOUD computing, DATA privacy, COMPUTATIONAL complexity, APPLIED mathematics

Abstract

Identity-based proxy re-signature (IDPRS) is a novel cryptographic primitive that allows a semi-trusted proxy to convert a signature under one identity into another signature under another identity on the same message by using a re-signature key. Due to this transformation function, IDPRS is very useful in constructing privacy-preserving schemes for various information systems. Key revocation functionality is important in practical IDPRS for managing users dynamically; however, the existing IDPRS schemes do not provide revocation mechanisms that allow the removal of misbehaving or compromised users from the system. In this paper, we first introduce a notion called revocable identity-based proxy re-signature (RIDPRS) to achieve the revocation functionality. We provide a formal definition of RIDPRS as well as its security model. Then, we present a concrete RIDPRS scheme that can resist signing key exposure and prove that the proposed scheme is existentially unforgeable against adaptive chosen identity and message attacks in the standard model. To further improve the performance of signature verification in RIDPRS, we introduce a notion called server-aided revocable identity-based proxy re-signature (SA-RIDPRS). Moreover, we extend the proposed RIDPRS scheme to the SA-RIDPRS scheme and prove that this extended scheme is secure against adaptive chosen message and collusion attacks. The analysis results show that our two schemes remain efficient in terms of computational complexity when implementing user revocation procedures. In particular, in the SA-RIDPRS scheme, the verifier needs to perform only a bilinear pairing and four exponentiation operations to verify the validity of the signature. Compared with other IDPRS schemes in the standard model, our SA-RIDPRS scheme greatly reduces the computation overhead of verification. [ABSTRACT FROM AUTHOR]

Published

2018

39. Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments.

Author

Yang, Li and Zheng, Zhiming

Subjects

CRYPTOGRAPHY, BIOMETRIC identification, CLIENT/SERVER computing, FALSE personation, PHISHING

Abstract

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks. [ABSTRACT FROM AUTHOR]

Published

2018

40. An improved anonymous authentication scheme for roaming in ubiquitous networks.

Author

Lee, Hakjun, Lee, Donghoon, Moon, Jongho, Jung, Jaewook, Kang, Dongwoo, Kim, Hyoungshick, and Won, Dongho

Subjects

SIGNALING (Psychology), INFORMATION services, COMMUNICATION of technical information, DIGITAL sociology, UBIQUITOUS computing

Abstract

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. [ABSTRACT FROM AUTHOR]

Published

2018

41. Compact FPGA hardware architecture for public key encryption in embedded devices.

Author

Rodríguez-Flores, Luis, Morales-Sandoval, Miguel, Cumplido, René, Feregrino-Uribe, Claudia, and Algredo-Badillo, Ignacio

Subjects

FIELD programmable gate arrays, INTERNET of things, GATE array circuits, COMPUTER networks, SMART devices

Abstract

Security is a crucial requirement in the envisioned applications of the Internet of Things (IoT), where most of the underlying computing platforms are embedded systems with reduced computing capabilities and energy constraints. In this paper we present the design and evaluation of a scalable low-area FPGA hardware architecture that serves as a building block to accelerate the costly operations of exponentiation and multiplication in , commonly required in security protocols relying on public key encryption, such as in key agreement, authentication and digital signature. The proposed design can process operands of different size using the same datapath, which exhibits a significant reduction in area without loss of efficiency if compared to representative state of the art designs. For example, our design uses 96% less standard logic than a similar design optimized for performance, and 46% less resources than other design optimized for area. Even using fewer area resources, our design still performs better than its embedded software counterparts (190x and 697x). [ABSTRACT FROM AUTHOR]

Published

2018

42. A digital memories based user authentication scheme with privacy preservation.

Author

Liu, JunLiang, Lyu, Qiuyun, Wang, Qiuhua, and Yu, Xiangxiang

Subjects

DATA privacy, INFORMATION theory, INTERNET of things, DATA encryption, COGNITIVE psychology, SOCIAL engineering (Fraud), COMPUTER access control

Abstract

The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key), which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users’ privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results. [ABSTRACT FROM AUTHOR]

Published

2017

43. A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments.

Author

Guo, Hua, Wang, Pei, Zhang, Xiyong, Huang, Yuanfei, and Ma, Fangchao

Subjects

BIOMETRY, COMPUTER access control, COMPUTER security, SMART cards, CRYPTOGRAPHY

Abstract

In order to improve the security in remote authentication systems, numerous biometric-based authentication schemes using smart cards have been proposed. Recently, Moon et al. presented an authentication scheme to remedy the flaws of Lu et al.’s scheme, and claimed that their improved protocol supports the required security properties. Unfortunately, we found that Moon et al.’s scheme still has weaknesses. In this paper, we show that Moon et al.’s scheme is vulnerable to insider attack, server spoofing attack, user impersonation attack and guessing attack. Furthermore, we propose a robust anonymous multi-server authentication scheme using public key encryption to remove the aforementioned problems. From the subsequent formal and informal security analysis, we demonstrate that our proposed scheme provides strong mutual authentication and satisfies the desirable security requirements. The functional and performance analysis shows that the improved scheme has the best secure functionality and is computational efficient. [ABSTRACT FROM AUTHOR]

Published

2017

44. Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

Author

Alagarsamy, Sumithra and Rajagopalan, S. P.

Subjects

PUBLIC key infrastructure (Computer security), CIPHERS, MOBILE communication systems, INTERNET of things, ACCESS control

Abstract

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network. [ABSTRACT FROM AUTHOR]

Published

2017

45. Exchanging registered users' submitting reviews towards trajectory privacy preservation for review services in Location-Based Social Networks.

Author

Wang, Yunfeng, Li, Mingzhen, Xin, Yang, Yang, Guangcan, Tang, Qifeng, Zhu, Hongliang, Yang, Yixian, and Chen, Yuling

Subjects

LOCATION-based services, SOCIAL networks, SOCIAL services, PRIVACY, CRYPTOGRAPHY, VIRTUAL communities

Abstract

In Location-Based Social Networks (LBSNs), registered users submit their reviews for visited point-of-interests (POIs) to the system providers (SPs). The SPs anonymously publish submitted reviews to build reputations for POIs. Unfortunately, the user profile and trajectory contained in reviews can be easily obtained by adversaries who SPs has compromised with. Even worse, existing techniques, such as cryptography and generalization, etc., are infeasible due to the necessity of public publication of reviews and the facticity of reviews. Inspired by pseudonym techniques, we propose an approach to exchanging reviews before users submit reviews to SPs. In our approach, we introduce two attacks, namely review-based location correlation attack (RLCA) and semantic-based long-term statistical attack (SLSA). RLCA can be exploited to link the real user by reconstructing the trajectory, and SLSA can be launched to establish a connection between locations and users through the difference of semantic frequency. To resist RLCA, we design a method named User Selection to Resist RLCA (USR-RLCA) to exchange reviews. We propose a metric to measure the correlation between a user and a trajectory. Based on the metric, USR-RLCA can select reviews resisting RLCA to exchange by suppressing the number of locations on each reconstructed trajectory below the correlation. However, USR-RLCA fails to resist SLSA because of ignoring the essential semantics. Hence, we design an enhanced USR-RLCA named User Selection to Resist SLSA (USR-SLSA). We first propose a metric to measure the indistinguishability of locations concerning the difference of semantic frequency in a long term. Then, USR-SLSA can select reviews resisting SLSA to exchange by allowing two reviews whose indistinguishability is below the probability difference after the exchange to be exchanged. Evaluation results verify the effectiveness of our approach in terms of privacy and utility. [ABSTRACT FROM AUTHOR]

Published

2021

46. Searchable attribute-based encryption scheme with attribute revocation in cloud storage.

Author

Wang, Shangping, Zhao, Duqiao, and Zhang, Yaling

Subjects

DATA encryption, ATTRIBUTE (Grammar), CIPHER & telegraph codes, CLOUD computing, SCHEME programming language

Abstract

Attribute based encryption (ABE) is a good way to achieve flexible and secure access control to data, and attribute revocation is the extension of the attribute-based encryption, and the keyword search is an indispensable part for cloud storage. The combination of both has an important application in the cloud storage. In this paper, we construct a searchable attribute-based encryption scheme with attribute revocation in cloud storage, the keyword search in our scheme is attribute based with access control, when the search succeeds, the cloud server returns the corresponding cipher text to user and the user can decrypt the cipher text definitely. Besides, our scheme supports multiple keywords search, which makes the scheme more practical. Under the assumption of decisional bilinear Diffie-Hellman exponent (q-BDHE) and decisional Diffie-Hellman (DDH) in the selective security model, we prove that our scheme is secure. [ABSTRACT FROM AUTHOR]

Published

2017

47. Provably secure identity-based identification and signature schemes from code assumptions.

Author

Song, Bo and Zhao, Yiming

Subjects

COMPUTER security, CRYPTOGRAPHY, DIGITAL signatures, IDENTIFICATION, CYBERTERRORISM

Abstract

Code-based cryptography is one of few alternatives supposed to be secure in a post-quantum world. Meanwhile, identity-based identification and signature (IBI/IBS) schemes are two of the most fundamental cryptographic primitives, so several code-based IBI/IBS schemes have been proposed. However, with increasingly profound researches on coding theory, the security reduction and efficiency of such schemes have been invalidated and challenged. In this paper, we construct provably secure IBI/IBS schemes from code assumptions against impersonation under active and concurrent attacks through a provably secure code-based signature technique proposed by Preetha, Vasant and Rangan (PVR signature), and a security enhancement Or-proof technique. We also present the parallel-PVR technique to decrease parameter values while maintaining the standard security level. Compared to other code-based IBI/IBS schemes, our schemes achieve not only preferable public parameter size, private key size, communication cost and signature length due to better parameter choices, but also provably secure. [ABSTRACT FROM AUTHOR]

Published

2017

48. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

Author

Kang, Dongwoo, Jung, Jaewook, Lee, Donghoon, Kim, Hyoungshick, and Won, Dongho

Subjects

INTERNET protocol version 6, CRYPTOGRAPHY, COMPUTER passwords, ANONYMITY, INFORMATION science

Abstract

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key. [ABSTRACT FROM AUTHOR]

Published

2017

49. : Oblivious similarity based searching for encrypted data outsourced to an untrusted domain.

Author

Pervez, Zeeshan, Ahmad, Mahmood, Khattak, Asad Masood, Ramzan, Naeem, and Khan, Wajahat Ali

Subjects

DATA encryption, MAGNETIC domain, FERROMAGNETIC materials, CLOUD storage, DATA protection, COMPUTATIONAL complexity

Abstract

Public cloud storage services are becoming prevalent and myriad data sharing, archiving and collaborative services have emerged which harness the pay-as-you-go business model of public cloud. To ensure privacy and confidentiality often encrypted data is outsourced to such services, which further complicates the process of accessing relevant data by using search queries. Search over encrypted data schemes solve this problem by exploiting cryptographic primitives and secure indexing to identify outsourced data that satisfy the search criteria. Almost all of these schemes rely on exact matching between the encrypted data and search criteria. A few schemes which extend the notion of exact matching to similarity based search, lack realism as those schemes rely on trusted third parties or due to increase storage and computational complexity. In this paper we propose Oblivious Similarity based Search () for encrypted data. It enables authorized users to model their own encrypted search queries which are resilient to typographical errors. Unlike conventional methodologies, ranks the search results by using similarity measure offering a better search experience than exact matching. It utilizes encrypted bloom filter and probabilistic homomorphic encryption to enable authorized users to access relevant data without revealing results of search query evaluation process to the untrusted cloud service provider. Encrypted bloom filter based search enables to reduce search space to potentially relevant encrypted data avoiding unnecessary computation on public cloud. The efficacy of is evaluated on Google App Engine for various bloom filter lengths on different cloud configurations. [ABSTRACT FROM AUTHOR]

Published

2017

50. Does Internet voting make elections less social? Group voting patterns in Estonian e-voting log files (2013–2015).

Author

Unt, Taavi, Solvak, Mihkel, and Vassil, Kristjan

Subjects

INTERNET voting, DEMOCRACY, ELECTIONS & society, SOCIOLOGY

Abstract

Remote Internet voting places the control and secrecy of the immediate voting environment on the shoulder of the individual voter but it also turns voting into yet another on-line activity thus endangering the well-known social nature of voting and possibly reducing the crucial sense of civic duty that is important for a healthy democracy. There is however a complete lack of evidence to what degree this actually materializes once electronic voting is introduced. This paper uses individual level log data on Internet voting in Estonian elections between 2013–2015 to inspect if Internet voting retains the social nature of the voting act. We do so by examining if Internet voting in groups takes place and what implications it has for voting speed. We find strong evidence of e-voting in pairs. Same aged male-female pairs seem to be voting in close proximity to each other, consistent with spouses or partners voting together. Also, female-female and female-male pairs with large age differences seem to be voting together, consistent with a parent voting with an adult aged offspring. With regards to voting speed we see the second vote in a vote pair being considerably faster than the first vote, again indicating a shared voting act. We end with a discussion of how the onset of electronic voting does not make elections less social, but does make vote secrecy more a choice rather than a requirement. [ABSTRACT FROM AUTHOR]

Published

2017