Search results
1 – 10 of 90Anita Philips, Jayakumar Jayaraj, Josh F.T. and Venkateshkumar P.
Digitizing of the electrical power grid promotes the advantages of efficient energy management alongside the possibilities of major vulnerabilities. A typical inadequacy that…
Abstract
Purpose
Digitizing of the electrical power grid promotes the advantages of efficient energy management alongside the possibilities of major vulnerabilities. A typical inadequacy that needs critical attention to ensure the seamless operation of the smart grid system remains in the data transmission between consumer premises smart devices and the utility centres. Many researches aim at establishing security protocols to ensure secure and efficient energy management resulting in perfect demand–supply balance.
Design/methodology/approach
In this paper, the authentication of the smart meter data has been proposed with enhanced Rivest–Shamir–Adleman (RSA) key encryption using an efficient way of generating large prime numbers. The trapdoor one-way function applied in the RSA algorithm makes it almost impossible for the reverse engineering attempts of cracking the key pair.
Findings
The algorithm for generating prime numbers has been tested both with the convention method and with the enhanced method of including a low-level primality test with a first few hundred primes. The combination of low-level and high-level primality tests shows an improvement in execution time of the algorithm.
Originality/value
There is a considerable improvement in the time complexities when using the combination method. This efficient generation of prime numbers can be successfully applied to the smart meter systems, thereby increasing the strength and speed of the key encryption.
Details
Keywords
Daniel Kraft, Marc Bechler, Hans‐Joachim Hof, Frank Pählke and Lars Wolf
Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes…
Abstract
Purpose
Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority are hard to deploy in ad hoc networking environments. This paper aims to investigate these issues.
Design/methodology/approach
In order to overcome these issues, the paper proposes and evaluates a security concept based on a distributed certification facility. Thereby, a network is divided into clusters with one special head node each. These cluster head nodes perform administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a network‐signed certificate after their authenticity has been warranted by some other members. Access to resources and services within the ad hoc network is controlled using authorization certificates.
Findings
The feasibility of this concept was verified by simulations. Three different models for node mobility were used in order to include realistic scenarios as well as to make the results comparable to other work. The simulation results include an evaluation of the log‐on times, availability, and communication overhead.
Originality/value
The paper introduces a cluster‐based architecture to realize a distributed public key infrastructure that is highly adapted to the characteristics of ad hoc networks.
Details
Keywords
Francisco A. Pujol, Higinio Mora, José Luis Sánchez and Antonio Jimeno
Cryptography has become an essential feature for many current technological applications. Cryptographic methods are usually divided into private‐key (or symmetric) and public‐key…
Abstract
Purpose
Cryptography has become an essential feature for many current technological applications. Cryptographic methods are usually divided into private‐key (or symmetric) and public‐key (or asymmetric) algorithms. The purpose of this paper is to propose a client/server architecture to efficiently authenticate users by means of their fingerprint biometric feature. To do this, the personal data of each user are acquired at the client and, afterwards, they are conveniently encrypted using a combination of up‐to‐date symmetric and asymmetric cryptographic algorithms.
Design/methodology/approach
First the main issues related to public‐key and private‐key cryptography, including well‐known algorithms, such as data encryption standard and Rijndael methods are reviewed. After that, a proposal for the implementation of a client/server architecture to authenticate users by means of fingerprint features is proposed.
Findings
The results of the experiments show that such architecture is optimal for being applied in real authentication systems, provides high‐security standards and can be applied to any practical biometric system.
Originality/value
Biometrics has become an attractive alternative to password‐based systems: using a password is insecure, as they can easily be forgotten or stolen. Fingerprints are the most widely used biometric feature. This paper uses recent fingerprint identification algorithms together with the most advanced cryptographic methods recommended nowadays. This way, the system utilizes state‐of‐the‐art techniques that are also introduced in many practical systems; that is the reason why it will be flexible enough to integrate, any forthcoming needs of cryptographic systems.
Details
Keywords
Chen Kuilin, Feng Xi, Fu Yingchun, Liu Liang, Feng Wennan, Jiang Minggang, Hu Yi and Tang Xiaoke
The data protection is always a vital problem in the network era. High-speed cryptographic chip is an important part to ensure data security in information interaction. This paper…
Abstract
Purpose
The data protection is always a vital problem in the network era. High-speed cryptographic chip is an important part to ensure data security in information interaction. This paper aims to provide a new peripheral component interconnect express (PCIe) encryption card solution with high performance, high integration and low cost.
Design/methodology/approach
This work proposes a System on Chip architecture scheme of high-speed cryptographic chip for PCIe encryption card. It integrated CPU, direct memory access, the national and international cipher algorithm (data encryption standard/3 data encryption standard, Rivest–Shamir–Adleman, HASH, SM1, SM2, SM3, SM4, SM7), PCIe and other communication interfaces with advanced extensible interface-advanced high-performance bus three-level bus architecture.
Findings
This paper presents a high-speed cryptographic chip that integrates several high-speed parallel processing algorithm units. The test results of post-silicon sample shows that the high-speed cryptographic chip can achieve Gbps-level speed. That means only one single chip can fully meet the requirements of cryptographic operation performance for most cryptographic applications.
Practical implications
The typical application in this work is PCIe encryption card. Besides server’s applications, it can also be applied in terminal products such as high-definition video encryption, security gateway, secure routing, cloud terminal devices and industrial real-time monitoring system, which require high performance on data encryption.
Social implications
It can be well applied on many other fields such as power, banking, insurance, transportation and e-commerce.
Originality/value
Compared with the current strategy of high-speed encryption card, which mostly uses hardware field-programmable gate arrays or several low-speed algorithm chips through parallel processing in one printed circuit board, this work has provided a new PCIe encryption card solution with high performance, high integration and low cost only in one chip.
Details
Keywords
Anil Kumar Budati, Ganesh Snv, Kumar Cherukupalli, Anil Kumar P. and Venkata Krishna Moorthy T.
The privacy of the information is a major challenge in the communication process. In the present modern generation, the cryptography plays a vital role in providing security for…
Abstract
Purpose
The privacy of the information is a major challenge in the communication process. In the present modern generation, the cryptography plays a vital role in providing security for data, such as text, images and video while transmitting from source to destination through internet or intranet. The Rivest-Shamir-Adleman (RSA) is an asymmetric key cryptographic system, where the security of the method works on the strength of the key.
Design/methodology/approach
In an asymmetric key crypto system, a pair of keys is generated one public key for encryption and one private key for decryption. The major challenge of implementing the RSA is the power function which becomes tedious and time consuming as the exponential value increases. The Chinese remainder theorem proves to be the best for data encryption when it comes to execution time of the algorithm. The proposed novel RSA algorithm with lookup table (LUT) is an extension to the Chinese remainder algorithm, which works better for image and video in terms of time complexity.
Findings
This paper presents a LUT approach for implementing the RSA with a minimal processing time. The proposed algorithm was compared with the standard algorithms like, Chinese remainder theorem, binary approach and squared multiplication approach. As the size of the exponent value increases, the proposed method shows better performance compared to other standard methods.
Originality/value
This paper presents a LUT approach for implementing the RSA with a minimal processing time. The proposed algorithm was compared with the standard algorithms like, Chinese remainder theorem, binary approach and squared multiplication approach. As the size of the exponent value increases, the proposed method shows better performance compared to other standard methods.
Details
Keywords
To devise a biometric‐based mechanism for enhancing security of private keys used in cryptographic applications.
Abstract
Purpose
To devise a biometric‐based mechanism for enhancing security of private keys used in cryptographic applications.
Design/methodology/approach
To enhance security of a private key, we propose a scheme that regenerates a user's private key by taking a genuine user's password, fingerprint and a valid smart card. Our scheme uses features extracted from fingerprint along with public key cryptography, cryptographic hash functions and Shamir secret sharing scheme in a novel way to achieve our desired objectives.
Findings
Despite changes in the fingerprint pattern each time it is presented, our scheme is sufficiently robust to regenerate a constant private key. As compared to conventional methods of storing a private key merely by password‐based encryption, our scheme offers more security as it requires a genuine user's password, fingerprint and a valid smart card. Key lengths up to 1024‐bit or even higher can be regenerated making the scheme compatible with the current security requirements of public key cryptosystems.
Research limitations/implications
Minutia points used for image alignment can be incorporated in the key regeneration algorithm for stronger user authentication. In this case, some alternative technique will be required for image alignment.
Practical implications
The robustness of our scheme depicts its use in practical systems where there are variations in fingerprint patterns because of sensor noise and alignment issues.
Originality/value
In this paper, we have demonstrated a novel idea of regenerating the private key of a user by using fingerprint, password and a smart card. The basic aim is to provide more security to key storage as compared to traditional methods that uses password‐based encryption for secure storage of private keys.
Details
Keywords
Michael Hölzl, Endalkachew Asnake, Rene Mayrhofer and Michael Roland
The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile…
Abstract
Purpose
The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever.
Design/methodology/approach
A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications.
Findings
To address this issue, this paper presents a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a and SRP-5), an authenticated key agreement protocol, with a user-provided password at run-time.
Originality/value
By exploiting the Java Card cryptographic application programming interfaces (APIs) and minor adaptations to the protocol, which do not affect the security, the authors were able to implement this scheme on Java Cards with reasonable computation time.
Details
Keywords
Cryptography and related terminology is defined. The design and operation of an encryption algorithm is examined in detail, using the example of DES (Data Encryption Standard)…
Abstract
Cryptography and related terminology is defined. The design and operation of an encryption algorithm is examined in detail, using the example of DES (Data Encryption Standard). Public key cryptosystems based on the Diffie‐Hellman and RSA (Rivest, Shamir and Adleman) models are described and their revolutionary nature made clear. The necessity for trusted public keys with RSA is explained. Applications in records management are given in sections on storage and transmission. The latter type further breaks down into mail and file transfer/EDI (Electronic Data Interchange) areas of use. Some novel applications are proposed (for example a virtual records centre). A conclusion argues that although the law has yet to catch up with developments in cryptography, when it does cryptography will be central to electronic file management.
Highlights the common security pitfalls in cryptographic design. States that even strong encryption algorithms can be circumvented by bypassing the algorithms altogether and…
Abstract
Highlights the common security pitfalls in cryptographic design. States that even strong encryption algorithms can be circumvented by bypassing the algorithms altogether and exploiting errors in the design, implementation, or installation. Examines attacks against passwords, hardware, trust models, failure recovery systems and users. Discusses the importance of attack detection in addition to attack prevention. Concludes that eventually, every system may be successfully attacked so it is essential to limit the damage that can be done and to capture evidence in the form of an audit trail for later use in a prosecution.
Details
Keywords
Schubert Foo, Peng Chor Leong, Siu Cheung Hui and Shigong Liu
The study outlines a number of security requirements that are typical of a host of Web‐based applications using a case study of a real life online Web‐based customer support…
Abstract
The study outlines a number of security requirements that are typical of a host of Web‐based applications using a case study of a real life online Web‐based customer support system. It subsequently proposes a security solution that employs a combination of Web server security measures and cryptographic techniques. The Web server security measures include the formulation and implementation of a policy for server physical security, configuration control, users’ access control and regular Web server log checks. Login passwords, in conjunction with public key cryptographic techniques and random nonces, are used to achieve user authentication, provide a safeguard against replay attacks, and prevent non‐repudiatory usage of system by users. These techniques, together with the use of session keys, will allow data integrity and confidentiality of the customer support system to be enforced. Furthermore, a number of security guidelines have been observed in the implementation of the relevant software to ensure further safety of the system.
Details