Search results

This paper attempts to construct a public‐key coding system using grey generation and braid group.

The identification (ID) codes of both sides for communication are public for everyone and considered as public keys. Starting from the ID code of both sides of communication, the temporary secret key of communication can be obtained by the grey 1‐AGO algorithm first. Then the new formal common secret key can be obtained by using the element exchangeability of the braid group during the exchanging process of the temporary secret key between two sides of communication. The paper presents an exchange protocol of secret key based on grey data generation and braid group. It also constructs a cipher communication system by using Hash function based on the exchange protocol of secret key last.

The exchange protocol of secret key and the system of cipher communication which are proposed in this paper make use of the difficult problem of resolving disper se logarithm from generated code to ID code and the conjugate problem which is not ever resolved in braid group, which can ensure the security of the algorithm theoretically.

The main steps of the exchange protocol and cipher communication system in this paper can be achieved through a computer program. They can be used in many communication processes on the internet.

The paper succeeds in realising both secret key generation and exchanging protocol of communication by using grey systems theory and braid group properties.

In this paper, we present Dynamic Re‐keying with Key Hopping (DRKH) encryption protocol that uses RC4 encryption technique to ensure a strong security level with the advantage of low execution cost compared to other IEEE 802.11 security schemes. Low computational complexity makes DRKH suitable for solar‐ and battery‐powered handheld devices such as nodes in Solar ESS (Extended Service Set) and wireless sensor networks. Our design goal is to eventually integrate DRKH with different emerging wireless technologies. However, in this paper, we will focus on the integration of DRKH with 802.11 standard since it is the most widely deployed wireless technology. The results and analysis show that DRKH overcomes all the security threats with Wired Equivalent Privacy (WEP) protocol while consuming a much lower power than WEP, Wi‐Fi Protected Access (WPA) 1.0 and WPA 2.0.

This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative Mutual Identity Establishment (CMIE) scheme which adopts the elliptical curve cryptography (ECC), to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as denial-of-service (DoS) and replay attack.

This paper provides a comparative analysis of the existing protocols that address the security issues in the FI and also provides a CMIE scheme, by adopting the ECC and digital signature verification mechanism, to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as DoS and replay attack. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI. Further, the algorithm is evaluated against Automated Validation of Internet Security Protocols and Application (AVISPA) tool to verify the security solutions that the CMIE scheme has claimed to address to have been effectively achieved in reality.

The algorithm is evaluated against AVISPA tool to verify the security solutions that the CMIE scheme has claimed to address and proved to have been effectively achieved in reality. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI.

Considering the Internet of Things (IoT) scenario, another important aspect that is the device-to-location (D2L) aspect has not been considered in this protocol. Major focus of the protocol is centered around the device-to-device (D2D) and device-to-server (D2S) scenarios. Also, IoT basically works upon a confluence of hundreds for protocols that support the achievement of various factors in the IoT, for example Data Distribution Service, Message Queue Telemetry Transport, Extensible Messaging and Presence Protocol, Constrained Application Protocol (CoAP) and so on. Interoperability of the proposed CMIE algorithm with the existing protocols has to be considered to establish a complete model that fits the FI. Further, each request for mutual authentication requires a querying of the database and a computation at each of the participating entities side for verification which could take considerable amount of time. However, for applications that require firm authentication for maintaining and ensuring secure interactions between entities prior to access control and initiation of actual transfer of sensitive information, the negligible difference in computation time can be ignored for the greater benefit that comes with stronger security. Other factors such as quality of service (QoS) (i.e. flexibility of data delivery, resource usage and timing), key management and distribution also need to be considered. However, the user still has the responsibility to choose the required protocol that suits one’s application and serves the purpose.

The originality of the work lies in adopting the ECC and digital signature verification mechanism to develop a new scheme that ensures mutual authentication between participating entities in the FI based upon certain user information such as identities. ECC provides efficiency in terms of key size generated and security against main-in-middle attack. The proposed scheme provides secured interactions between devices/entities in the FI.

In the past few years, HB-like protocols have gained much attention in the field of lightweight authentication protocols due to their efficient functioning and large potential applications in low-cost radio frequency identification tags, which are on the other side spreading so fast. However, most published HB protocols are vulnerable to man-in-the-middle attacks such as GRS or OOV attacks. The purpose of this research is to investigate security issues pertaining to HB-like protocols with an aim of improving their security and efficiency.

In this paper, a new and secure variant of HB family protocols named HB-MP* is proposed and designed, using the techniques of random rotation. The security of the proposed protocol is proven using formal proofs. Also, a prototype of the protocol is implemented to check its applicability, test the security in implementation and to compare its performance with the most related protocol.

The HB-MP* protocol is found secure against passive and active adversaries and is implementable within the tight resource constraints of today’s EPC-type RFID tags. Accordingly, the HB-MP* protocol provides higher security than previous HB-like protocols without sacrificing performance.

This paper proposes a new HB variant called HB-MP* that tries to be immune against the pre-mentioned attacks and at the same time keeping the simple structure. It will use only lightweight operations to randomize the rotation of the secret.

In traditional commerce, an auction is known as a mechanism of determining the value of a commodity that does not have a fixed price. Auctions are exciting and an increasing number of transactions are performed through e‐auctions. But most current auctions cannot address all the important security requirements. Usually, auction systems force bidders and sellers to trust the auctioneer and, on the other hand, do not provide anonymity for bidders and sellers. This paper aims to solve these problems by presenting an efficient anonymous secure auction schema (ASAS) without a fully trustworthy auctioneer.

The paper analyzes security properties and the complexity of previous works in auction security and then proposes a new ASAS that is more secure and efficient than previous works. Finally, security properties and the complexity of the new schema and previous works are compared with one another.

The proposed auction protocol does not force bidders and sellers to trust the auctioneer. In addition, it provides anonymity for both of them. Owing to these newly added features and high degree of security of ASAS, it is suggested that its use in high‐value auctions should require tighter security.

The paper proposes a new schema for electronic auctions that is secure and efficient and, in addition, does not force bidders and sellers to trust the auctioneer.

As a value‐added service to deliver important data over the internet with guaranteed receipt for each successful delivery, certified email has been discussed for years and a number of research papers appeared in the literature. This paper aims to present two optimized multi‐party certified email protocols.

Reviews two existing email protocols and provides a modified version to overcome their security flaws and weaknesses. Extends the two‐party protocol to a multi‐party scenario.

Both of the protocols have three major features. A sender could notify multiple recipients of the same information while only those recipients who acknowledged are able to get the information. Both the sender and the recipients can end a protocol run at any time without breach of fairness. The exchange protocols are optimized, each of which has only three steps, and the trusted third party will not be involved unless an exception (e.g. a network failure or a party's misbehavior) occurs.

Provides a focus on a value‐added service – certified email.

Draws its topicality and relevance from the fact that not only is the Internet widely publicized in all the media but also there are many stories regarding problems with its security. Provides a primer on the history, terminology, tools and common uses of the Internet. Identifies the most prevalent threats to security posed by using the Internet and discusses some of the traditional and emerging approaches to ensuring the security and integrity of data on the Internet.

This chapter reviews the underlying technologies of cryptoassets, including fundamental cryptographic primitives used in distributed ledger technologies and permissionless blockchain technologies and their consensus protocols such as proof-of-work and proof-of-stake. It discusses the pros and cons of existing approaches to improve blockchain scalability and considers the requirements for security and decentralization. The chapter also examines the following techniques: layer 1 tuning, layer 1 sharding, and layer 2 solutions. It concludes with an overview of technologies to swap cryptoassets off-chain, technical requirements for cross-chain transactions, and reviews cross-chain atomic swap implementation using hashed time lock contracts.

Riding on the wave of intelligent transportation systems, the vehicular ad hoc network (VANET) is becoming a popular research topic. VANET is designed to build an environment where the vehicles can exchange information about the traffic conditions or vehicle situation to help the vehicles avoid traffic accidents or traffic jams. In order to keep the privacy of vehicles, the vehicles must be anonymous and the routing must be untraceable while still being able to be verified as legal entities. The paper aims to discuss these issues.

The exchanged messages must be authenticated to be genuine and verified that they were sent by a legal vehicle. The vehicles also can mutually trust and communicate confidentially. In VANETs, road-side units (RSUs) are installed to help the vehicles to obtain message authentication or communicate confidentially. However, the coverage of RSUs is limited due to the high cost of wide area installation. Therefore the vehicles must be able to obtain message authentication by themselves – without an RSU.

The authors take the concept of random key pre-distribution used in wireless sensor networks, modify it into a random secret pre-distribution, and integrate it with identity-based cryptography to make anonymous message authentication and private communication easier and safer. The authors construct a two-tier structure. The tier 1, trust authority, assigns n anonymous identities and embeds n secrets into these identities to be the private secret keys for the tier 2, registered vehicles. At any time, the vehicles can randomly choose one of n anonymous identities to obtain message authentication or communicate confidentially with other vehicles.

The processes of building neighbor set, setting pairing value, and message authenticating are proposed in this paper. The proposed method can protect against the attacks of compromising, masquerading, forging, and replying, and can also achieve the security requirements of VANET in message authentication, confidential communication, anonymity, and un-traceability. The performance of the proposed method is superior to the related works.

Modern e‐health systems incorporate different healthcare providers in one system and provide an electronic platform to share medical information efficiently. In cross‐context communications between healthcare providers, the same information can be interpreted as different types or values, so that one patient will be issued different identifiers by different healthcare providers. This paper aims to provide a solution to ensure interoperability so that multiple healthcare providers will be able to collaborate in one e‐health system.

This paper primarily focuses on how different healthcare providers, instead of the patients, are able to interact and share information on a common e‐health platform.

In the course of the work, it was found that previous e‐health solutions mainly have a limited view of patient information, where a user‐centric approach for identity management is usually restricted to a single healthcare provider. Interoperability in an e‐health system becomes more problematic when more actors collaborate, and hence linkability from one context to another should not be straightforward. However, some form of linkability, such as the possibility to follow up a patient's medical treatment, is desirable in the e‐health sector, even when it needs to cross different contexts. Therefore, the authors have designed an identity management mechanism to ensure semantic interoperability when data is exchanged among different authorized healthcare providers.

The paper points out that the next generation of e‐health will move towards federated e‐health and will require user‐centricity and transparency properties so that patients are able to specify and verify the disclosure of their medical information.

This paper proposes a new service for cross‐context identity management in e‐health systems, improving interoperability between agencies when context‐specific information is transferred from one healthcare provider to another. How the proposed cross‐context identity management service can be integrated in an e‐health system is explained with a use case scenario.