Search results

Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But, IoT is mostly affected with severe security challenges due to the potential vulnerabilities happened through the multiple connectivity of sensors, devices and system. In order to handle the security challenges, literature presents a handful of security protocols for IoT. The purpose of this paper is to present a threat profiling and elliptic curve cryptography (ECC)-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and authorization centre (AC) performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Finally, DPWSim is utilized for simulation of IoT and verification of proposed protocol to show that the protocol is secure against passive and active attacks.

In this work, the authors have presented a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and AC performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks.

DPWSim is utilized for simulation of IoT and verification of the proposed protocol to show that this protocol is secure against passive and active attacks. Also, attack analysis is carried out to prove the robustness of the proposed protocol against the password guessing attack, impersonation attack, server spoofing attack, stolen verifier attack and reply attack.

This paper presents a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs.

Several chaotic system-based encryption techniques have been presented in recent years to protect digital images using cryptography. The challenges of key distribution and administration make symmetric encryption difficult. The purpose of this paper is to address these concerns, the novel hybrid partial differential elliptical Rubik’s cube algorithm is developed in this study as an asymmetric image encryption approach. This novel algorithm generates a random weighted matrix, and uses the masking method on image pixels with Rubik’s cube principle. Security analysis has been conducted, it enhances and increases the reliability of the proposed algorithm against a variety of attacks including statistical and differential attacks.

In this light, a differential elliptical model is designed with two phases for image encryption and decryption. A modified image is achieved by rotating and mixing intensities of rows and columns with a masking matrix derived from the key generation technique using a unique approach based on the elliptic curve and Rubik’s cube principle.

To evaluate the security level, the proposed algorithm is tested with statistical and differential attacks on a different set of test images with peak signal-to-noise ratio, unified average changed intensity and number of pixel change rate performance metrics. These results proved that the proposed image encryption method is completely reliable and enhances image security during transmission.

The elliptic curve–based encryption is hard to break by hackers and adding a Rubik’s cube principle makes it even more complex and nearly impossible to decode. The proposed method provides reduced key size.

The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever.

A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications.

To address this issue, this paper presents a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a and SRP-5), an authenticated key agreement protocol, with a user-provided password at run-time.

By exploiting the Java Card cryptographic application programming interfaces (APIs) and minor adaptations to the protocol, which do not affect the security, the authors were able to implement this scheme on Java Cards with reasonable computation time.

This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative Mutual Identity Establishment (CMIE) scheme which adopts the elliptical curve cryptography (ECC), to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as denial-of-service (DoS) and replay attack.

This paper provides a comparative analysis of the existing protocols that address the security issues in the FI and also provides a CMIE scheme, by adopting the ECC and digital signature verification mechanism, to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as DoS and replay attack. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI. Further, the algorithm is evaluated against Automated Validation of Internet Security Protocols and Application (AVISPA) tool to verify the security solutions that the CMIE scheme has claimed to address to have been effectively achieved in reality.

The algorithm is evaluated against AVISPA tool to verify the security solutions that the CMIE scheme has claimed to address and proved to have been effectively achieved in reality. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI.

Considering the Internet of Things (IoT) scenario, another important aspect that is the device-to-location (D2L) aspect has not been considered in this protocol. Major focus of the protocol is centered around the device-to-device (D2D) and device-to-server (D2S) scenarios. Also, IoT basically works upon a confluence of hundreds for protocols that support the achievement of various factors in the IoT, for example Data Distribution Service, Message Queue Telemetry Transport, Extensible Messaging and Presence Protocol, Constrained Application Protocol (CoAP) and so on. Interoperability of the proposed CMIE algorithm with the existing protocols has to be considered to establish a complete model that fits the FI. Further, each request for mutual authentication requires a querying of the database and a computation at each of the participating entities side for verification which could take considerable amount of time. However, for applications that require firm authentication for maintaining and ensuring secure interactions between entities prior to access control and initiation of actual transfer of sensitive information, the negligible difference in computation time can be ignored for the greater benefit that comes with stronger security. Other factors such as quality of service (QoS) (i.e. flexibility of data delivery, resource usage and timing), key management and distribution also need to be considered. However, the user still has the responsibility to choose the required protocol that suits one’s application and serves the purpose.

The originality of the work lies in adopting the ECC and digital signature verification mechanism to develop a new scheme that ensures mutual authentication between participating entities in the FI based upon certain user information such as identities. ECC provides efficiency in terms of key size generated and security against main-in-middle attack. The proposed scheme provides secured interactions between devices/entities in the FI.

Security of wireless body area network communication is highly important as it directly impacts human life. This paper aims to focus on battlefield application area of WBAN for implementing security where data must be protected against various possible attacks before delivering over a public network.

Providing a strong security system is still a research challenge due to low computational power of used sensors for protecting transmission data. In this paper, the authors have proposed an optimized security solution for multithreaded wireless body area network (MWBAN) using trust-based distributed group key management technique to overcome the drawbacks of existing elliptical curve cryptography-homomorphism (ECC-Homomorphism) scheme as well as coded cooperative data exchange group key management (CCDE_GKM) scheme.

The proposed optimized security solution is implemented for a particular deployment strategy and test runs are conducted. It is found that when number of attack nodes increased to 25, compared to ECC–Homomorphism and CCDE_GKM for the proposed trust-based distributed group key management technique there is an improvement in performance parameters such as throughput is dropped to only 10.11 Kbps, average delay is just 3.4 s, energy consumption is maximum 29 joules, packet loss is only 12.3 per cent, 90.9 per cent truly can detect attack, only 8.9 per cent false attack detection and 84 per cent true negative detection.

Medical care can be provided to human beings with much ease and flexibility via remote monitoring. The user can be at any place, can do his/her everyday work while remotely being monitored of their health parameters and secured transmission of their data to the health-care center for medical service in need.

This paper presents an optimized security solution for MWBAN using trust-based distributed group key management technique where bilinear pairing theory is used as major cryptographic base. Optimal key is selected based on trust value and also attack nodes are detected based on trust value to control participation in communication.

To enhance security and privacy of e‐cash systems that apply revocable anonymity by presenting a statistical attack that reveals the hidden ID and suitable protection means against this kind of attack.

The feasibility of a statistical attack that reveals the ID of user of e‐cash schemes with revocable anonymity is shown. To avoid such attacks the application of modulo operations while constructing e‐cash coins is proposed. Measurement results are used to back up the suitability of this approach.

Revocable anonymity systems can successfully be attacked. Applying modulo operations can prevent such attacks.

The recommendations given in this paper should be applied whenever an e‐cash scheme or similar system with revocable anonymity is designed. Otherwise the promised feature may be compromised very easily.

The paper identifies a formerly unknown attack against systems with revocable identities, and presents a mathematical solution to protect such systems against the attack presented.

In the field of cryptography, authentication, secrecy and identification can be accomplished by use of secret keys for any computer-based system. The need to acquire certificates endorsed through CA to substantiate users for the barter of encoded communications is one of the most significant constraints for the extensive recognition of PKC, as the technique takes too much time and susceptible to error. PKC’s certificate and key management operating costs are reduced with IBC. IBE is a crucial primeval in IBC. The thought behind presenting the IBE scheme was to diminish the complexity of certificate and key management, but it also gives rise to key escrow and key revocation problem, which provides access to unauthorised users for the encrypted information.

This paper aims to compare the result of IIBES with the existing system and to provide security analysis for the same and the proposed system can be used for the security in federated learning.

Furthermore, it can be implemented using other encryption/decryption algorithms like elliptic curve cryptography (ECC) to compare the execution efficiency. The proposed system can be used for the security in federated learning.

As a result, a novel enhanced IBE scheme: IIBES is suggested and implemented in JAVA programming language using RSA algorithm, which eradicates the key escrow problem through eliminating the need for a KGC and key revocation problem by sing sub-KGC (SKGC) and a shared secret with nonce. IIBES also provides authentication through IBS as well as it can be used for securing the data in federated learning.

Cloud computing plays a significant role in the initialization of secure communication between users. The advanced technology directs to offer several services, such as platform, resources, and accessing the network. Furthermore, cloud computing is a broader technology of communication convergence. In cloud computing architecture, data security and authentication are the main significant concerns.

The purpose of this study is to design and develop authentication and data security model in cloud computing. This method includes six various units, such as cloud server, data owner, cloud user, inspection authority, attribute authority, and central certified authority. The developed privacy preservation method includes several stages, namely setup phase, key generation phase, authentication phase and data sharing phase. Initially, the setup phase is performed through the owner, where the input is security attributes, whereas the system master key and the public parameter are produced in the key generation stage. After that, the authentication process is performed to identify the security controls of the information system. Finally, the data is decrypted in the data sharing phase for sharing data and for achieving data privacy for confidential data. Additionally, dynamic splicing is utilized, and the security functions, such as hashing, Elliptic Curve Cryptography (ECC), Data Encryption Standard-3 (3DES), interpolation, polynomial kernel, and XOR are employed for providing security to sensitive data.

The effectiveness of the developed privacy preservation method is estimated based on other approaches and displayed efficient outcomes with better privacy factor and detection rate of 0.83 and 0.65, and time is highly reduced by 2815ms using the Cleveland dataset.

This paper presents the privacy preservation technique for initiating authenticated encrypted access in clouds, which is designed for mutual authentication of requester and data owner in the system.

Humanitarian logistics is an essential element of disaster management and it presents many challenges due to the unique disaster relief environment. The paper describes the main features and challenges of humanitarian logistics and the potential role of technology. Radio frequency identification (RFID) technology has been increasingly considered to improve the efficiency of supply chain management. Security is an important requirement for disaster management. The purpose of this paper is to propose and describe the application of secure RFID technology to improve the management and security of relief supply chains.

The paper describes the challenges of disaster of supply chains and how secure RFID can address them in the overall framework of disaster management.

The paper describes the efficiency of the crypotgraphic algorithm used in the design of the secure RFID, the system architecture and the deployment workflow.

The establishment of a logistics tracking framework based on secure RFID has the potential to greatly increase the effectiveness of future emergency crises response operations.

The originality of the paper is to present the application of secure RFID to the context of disaster management, where the security of supply chains is often not addressed.

The purpose of this paper is to investigate the latest research related to secure routing protocols in Wireless Sensor Network (WSN) and propose a new approach that can achieve a higher security level compared to the existing one. One of the main security issues in WSNs is the security of routing protocols. A typical WSN consists of a large number of small size, low-power, low-cost sensor devices. These devices are very resource-constrained and usually use cheap short-range radios to communicate with each other in an ad hoc fashion thus, achieving security in these networks is a big challenge, which is open for research.

The route updates and data messages of the protocol are authenticated using Edwards-curves Digital Signature Algorithm (EdDSA). Routing protocols play an essential role in WSNs, they ensure the delivery of the sensed data from the remote sensor nodes to back-end systems via a data sink. Routing protocols depend on route updates received from neighboring nodes to determine the best path to the sink. Manipulating these updates by inserting rouge nodes in the network that advertise false updates can lead to a catastrophic impact on the compromised WSN performance.

As a result, a new secure energy-aware routing protocol (SEARP) is proposed, which uses security enhanced clustering algorithm and EdDSA to authenticate route advertisements and messages. A secure clustering algorithm is also used as part of the proposed protocol to conserve energy, prolong network lifetime and counteract wormhole attacks.

In this paper, a SEARP is proposed to address network layer security attacks in WSNs. A secure clustering algorithm is also used as part of the proposed protocol to conserve energy, prolong network lifetime and counteract wormhole attacks. A simulation has been carried out using Sensoria Simulator and the performance evaluation has been discussed.