Search results

The data protection is always a vital problem in the network era. High-speed cryptographic chip is an important part to ensure data security in information interaction. This paper aims to provide a new peripheral component interconnect express (PCIe) encryption card solution with high performance, high integration and low cost.

This work proposes a System on Chip architecture scheme of high-speed cryptographic chip for PCIe encryption card. It integrated CPU, direct memory access, the national and international cipher algorithm (data encryption standard/3 data encryption standard, Rivest–Shamir–Adleman, HASH, SM1, SM2, SM3, SM4, SM7), PCIe and other communication interfaces with advanced extensible interface-advanced high-performance bus three-level bus architecture.

This paper presents a high-speed cryptographic chip that integrates several high-speed parallel processing algorithm units. The test results of post-silicon sample shows that the high-speed cryptographic chip can achieve Gbps-level speed. That means only one single chip can fully meet the requirements of cryptographic operation performance for most cryptographic applications.

The typical application in this work is PCIe encryption card. Besides server’s applications, it can also be applied in terminal products such as high-definition video encryption, security gateway, secure routing, cloud terminal devices and industrial real-time monitoring system, which require high performance on data encryption.

It can be well applied on many other fields such as power, banking, insurance, transportation and e-commerce.

Compared with the current strategy of high-speed encryption card, which mostly uses hardware field-programmable gate arrays or several low-speed algorithm chips through parallel processing in one printed circuit board, this work has provided a new PCIe encryption card solution with high performance, high integration and low cost only in one chip.

The purpose of this paper is to consider the secure publishing of XML documents, where a single copy of an XML document is disseminated and a stated role‐based access control policy (RBACP) is enforced via selective encryption. It describes a more efficient solution over previously proposed approaches, in which both policy specification and key generation are performed once, at the schema‐level. In lieu of the commonly used super‐encryption technique, in which nodes residing in the intersection of multiple roles are encrypted with multiple keys, it describes a new approach called multi‐encryption that guarantees each node is encrypted at most once.

This paper describes two alternative algorithms for key generation and single‐pass algorithms for multi‐encrypting and decrypting a document. The solution typically results in a smaller number of keys being distributed to each user.

The paper proves the correctness of the presented algorithms, and provides experimental results indicating the superiority of multi‐encryption over super‐encryption, in terms of encryption and decryption time requirements. It also demonstrates the scalability of the approach as the size of the input document and complexity of the schema‐level RBACP are increased.

An extension of this work involves designing and implementing re‐usability of keyrings when a schema or ACP is modified. In addition, more flexible solutions for handling cycles in schema graphs are possible. The current solution encounters difficulty when schema graphs are particularly deep and broad.

The experimental results indicate that the proposed approach is scalable, and is applicable to scenarios in which XML documents conforming to a common schema are to be securely published.

This paper contributes to the efficient implementation of secure XML publication systems.

Cloud computing is becoming increasingly popular as it facilitates convenient, ubiquitous, on-demand network access to a shared pool of configurable computing resources and applications that can be quickly retrieved and released. Despite its numerous merits, it faces setbacks in data security and privacy. Data encryption is one of the most popular solutions for data security in the cloud. Various encryption algorithms have been implemented to address security concerns. These algorithms have been reviewed along with the Jumbling Salting algorithm and its applications. The framework for using Jumbling Salting to encrypt text files in the cloud environment (CloudJS) has been thoroughly studied and improvised. The purpose of this paper is to implement the CloudJS algorithm, to discuss its performance and compare the obtained results with existing cloud encryption schemes.

The paper uses six research questions to analyze the performance of CloudJS algorithm in the cloud environment. The research questions are about measuring encryption time and throughput, decryption time and throughput, the ratio of cipher to the plain text of CloudJS algorithm with respect to other Cloud algorithms like AES and DES. For this purpose, the algorithm has been implemented using dockers-containers in the Linux environment.

It was found that CloudJS performs well in terms of encryption time, decryption time and throughput. It is marginally better than AES and undoubtedly better than DES in these parameters. The performance of the algorithm is not affected by a number of CPU cores, RAM size and Line size of text files. It performs decently well in all scenarios and all resultant values fall in the desired range.

CloudJS can be tested with cloud simulation platforms (CloudSim) and cloud service providers (AWS, Google Cloud). It can also be tested with other file types. In the future, CloudJS algorithm can also be implemented in images and other files.

To the best of the knowledge, this is the first attempt to implement and analysis of a custom encryption algorithm (CloudJS) in the cloud environment using dockers-containers.

The purpose of this study is to provide context for understanding why encryption is important and provide some examples of applications designed to make it easier than ever to control who has access to the information transmitted by the technology used.

This paper provides an overview of the topic.

It is important for libraries to take an active role in understanding the encryption technology being provided to their patrons and used by their staff. It can be easily assumed that information held by these technologies is secure in ways that it is not.

Information that is transmitted online is almost always done so in a way that can be easily intercepted. The easiest way to keep it secure is not to avoid having it be intercepted, but to encrypt it so that it is unintelligible when it is intercepted.

This paper introduces an audio encryption algorithm based on permutation of audio samples using discrete modified Henon map followed by substitution operation with keystream generated from the modified Lorenz-Hyperchaotic system. In this work, the audio file is initially compressed by Fast Walsh Hadamard Transform (FWHT) for removing the residual intelligibility in the transform domain. The resulting file is then encrypted in two phases. In the first phase permutation operation is carried out using modified discrete Henon map to weaken the correlation between adjacent samples. In the second phase it utilizes modified-Lorenz hyperchaotic system for substitution operation to fill the silent periods within the speech conversation. Dynamic keystream generation mechanism is also introduced to enhance the correlation between plaintext and encrypted text. Various quality metrics analysis such as correlation, signal to noise ratio (SNR), differential attacks, spectral entropy, histogram analysis, keyspace and key sensitivity are carried out to evaluate the quality of the proposed algorithm. The simulation results and numerical analyses demonstrate that the proposed algorithm has excellent security performance and robust against various cryptographic attacks.

This study aims to provide a secured data aggregation with reduced energy consumption in WSN. Data aggregation is the process of reducing communication overhead in wireless sensor networks (WSNs). Presently, securing data aggregation is an important research issue in WSNs due to two facts: sensor nodes deployed in the sensitive and open environment are easily targeted by adversaries, and the leakage of aggregated data causes damage in the networks, and these data cannot be retrieved in a short span of time. Most of the traditional cryptographic algorithms provide security for data aggregation, but they do not reduce energy consumption.

Nowadays, the homomorphic cryptosystem is used widely to provide security with low energy consumption, as the aggregation is performed on the ciphertext without decryption at the cluster head. In the present paper, the Paillier additive homomorphic cryptosystem and Boneh et al.’s aggregate signature method are used to encrypt and to verify aggregate data at the base station.

The combination of the two algorithms reduces computation time and energy consumption when compared with the state-of-the-art techniques.

The secured data aggregation is useful in health-related applications, military applications, etc.

The new combination of encryption and signature methods provides confidentiality and integrity. In addition, it consumes less computation time and energy consumption than existing methods.

Biometric authentication, which requires storage of biometric templates and/or encryption keys, raises a matter of serious concern, since the compromise of templates or keys necessarily compromises the information secured by those keys. To address such concerns, efforts based on dynamic key generation directly from the biometrics have recently emerged. However, previous methods often have quite unacceptable authentication performance and/or small key spaces and therefore are not viable in practice. The purpose of this paper is to propose a novel method which can reliably generate long keys while requires storage of neither biometric templates nor encryption keys.

This proposition is achieved by devising the use of fingerprint orientation fields for key generation. Additionally, the keys produced are not permanently linked to the orientation fields, hence, allowing them to be replaced in the event of key compromise.

The evaluation demonstrates that the proposed method for dynamic key generation can offer both good reliability and security in practice, and outperforms other related methods.

In this paper, the authors propose a novel method which can reliably generate long keys while requires storage of neither biometric templates nor encryption keys. This is achieved by devising the use of fingerprint orientation fields for key generation. Additionally, the keys produced are not permanently linked to the orientation fields, hence, allowing them to be replaced in the event of key compromise.

First, the authors analyze the key problems faced by the protection of digital library readers' data privacy and behavior privacy. Second, the authors introduce the characteristics of all kinds of existing approaches to privacy protection and their application limitations in the protection of readers' data privacy and behavior privacy. Lastly, the authors compare the advantages and disadvantages of each kind of existing approaches in terms of security, efficiency, accuracy and practicality and analyze the challenges faced by the protection of digital library reader privacy.

In this paper, the authors review a number of research achievements relevant to privacy protection and analyze and evaluate the application limitations of them in the reader privacy protection of a digital library, consequently, establishing the constraints that an ideal approach to library reader privacy protection should meet, so as to provide references for the follow-up research of the problem.

As a result, the authors conclude that an ideal approach to reader privacy protection should be able to comprehensively improve the security of all kinds of readers' privacy information on the untrusted server-side as a whole, under the premise of not changing the architecture, efficiency, accuracy and practicality of a digital library system.

Along with the rapid development of new network technologies, such as cloud computing, the server-side of a digital library is becoming more and more untrustworthy, thereby, posing a serious threat to the privacy of library readers. In fact, the problem of reader privacy has become one of the important obstacles to the further development and application of digital libraries.

Digitizing of the electrical power grid promotes the advantages of efficient energy management alongside the possibilities of major vulnerabilities. A typical inadequacy that needs critical attention to ensure the seamless operation of the smart grid system remains in the data transmission between consumer premises smart devices and the utility centres. Many researches aim at establishing security protocols to ensure secure and efficient energy management resulting in perfect demand–supply balance.

In this paper, the authentication of the smart meter data has been proposed with enhanced Rivest–Shamir–Adleman (RSA) key encryption using an efficient way of generating large prime numbers. The trapdoor one-way function applied in the RSA algorithm makes it almost impossible for the reverse engineering attempts of cracking the key pair.

The algorithm for generating prime numbers has been tested both with the convention method and with the enhanced method of including a low-level primality test with a first few hundred primes. The combination of low-level and high-level primality tests shows an improvement in execution time of the algorithm.

There is a considerable improvement in the time complexities when using the combination method. This efficient generation of prime numbers can be successfully applied to the smart meter systems, thereby increasing the strength and speed of the key encryption.

Security is becoming an increasingly more important concern both at the desktop level and at the network level. This article discusses several approaches to authenticating individuals through the use of biometric devices. While libraries might not implement such devices, they may appear in the near future of desktop computing, particularly for access to institutional computers or for access to sensitive information. Other approaches to computer security focus on protecting the contents of electronic transmissions and verification of individual users. After a brief overview of encryption technologies, the article examines public‐key cryptography which is getting a lot of attention in the business world in what is called public key infrastructure. It also examines other efforts, such as IBM’s Cryptolope, the Secure Sockets Layer of Web browsers, and Digital Certificates and Signatures. Secure electronic transmissions are an important condition for conducting business on the Net. These business transactions are not limited to purchase orders, invoices, and contracts. This could become an important tool for information vendors and publishers to control access to the electronic resources they license. As license negotiators and contract administrators, librarians need to be aware of what is happening in these new technologies and the impact that will have on their operations.