Abstract: In this paper, we present a design methodology of lightweight register transfer level (RTL) hardware threat implemented based on a MAX II FPGA platform. The dynamic power consumed by the toggling of the various bit of registers as well as the dynamic power consumed per unit of logic circuits were analyzed. The hardware threat was designed taking advantage of the differences in dynamic power consumed per unit of logic circuits to hide the transfer information. The experiment result shows that the register hardware threat was successfully implemented by using different dynamic power consumed per unit of logic circuits to hide the key information of DES encryption module. It needs more than 100000 sample curves to reduce the background noise by comparing the sample space when it completely meets the time alignment requirement. In additional, an external trigger signal is playing a very important role to detect the hardware threat in this experiment.
Abstract: This paper presented a video watermarking algorithm based on wavelet chaotic neural network. First, to enhance binary image’s security, the algorithm encrypted it with double chaotic based on Arnold and Logistic map, Then, the host video was divided into some equal frames and distilled the key frame through chaotic sequence which generated by Logistic. Meanwhile, we distilled the low frequency coefficients of luminance component and self-adaptively embedded the processed image watermark into the low frequency coefficients of the wavelet transformed luminance component with the wavelet neural network. The experimental result suggested that the presented algorithm has better invisibility and robustness against noise, Gaussian filter, rotation, frame loss and other attacks.
Abstract: With the development of cloud computing, more and more users start to utilize the cloud storage service. However, there exist some issues: 1) cloud server steals the shared data, 2) sharers collude with the cloud server to steal the shared data, 3) cloud server tampers the shared data, 4) sharers and key generation center (KGC) conspire to steal the shared data. In this paper, we use advanced encryption standard (AES), hash algorithms, and accountable key-policy attribute-based encryption without key escrow (WOKE-AKP-ABE) to build a security cloud storage scheme. Moreover, the data are encrypted to protect the privacy. We use hash algorithms to prevent the cloud server from tampering the data uploaded to the cloud. Analysis results show that this scheme can resist conspired attacks.
Abstract: As we know, number of Internet users are increasing drastically. Now, people are using different online services provided by banks, colleges/schools, hospitals, online utility, bill payment and online shopping sites. To access online services, text-based authentication system is in use. The text-based authentication scheme faces some drawbacks with usability and security issues that bring troubles to users. The core element of computational trust is identity. The aim of the paper is to make the system more compliable for the imposters and more reliable for the users, by using the graphical authentication approach. In this paper, we are using the more powerful tool of encoding the options in graphical QR format and also there will be the acknowledgment which will send to the user’s mobile for final verification. The main methodology depends upon the encryption option and final verification by confirming a set of pass phrase on the legal users, the outcome of the result is very powerful as it only gives the result at once when the process is successfully done. All processes are cross linked serially as the output of the 1st process, is the input of the 2nd and so on. The system is a combination of recognition and pure recall based technique. Presented scheme is useful for devices like PDAs, iPod, phone etc. which are more handy and convenient to use than traditional desktop computer systems.
Abstract: Like a closed-circuit television (CCTV), video surveillance system is widely placed for gathering video from unspecified people to prevent crime, surveillance, or many other purposes. However, abuse of CCTV brings about concerns of personal privacy invasions. In this paper, we propose an encryption method to protect personal privacy system in H.264 compressed video bitstream with encrypting only regions of interest (ROI). There is no need to change the existing video surveillance system. In addition, encrypting ROI in compressed video bitstream is a challenging work due to spatial and temporal drift errors. For this reason, we propose a novel drift mitigation method when ROI is encrypted. The proposed method was implemented by using JM reference software based on the H.264 compressed videos, and experimental results show the verification of our proposed methods and its effectiveness.
Abstract: Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.
Abstract: In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.
Abstract: Mobile technology is very popular nowadays and it provides a digital world where users can experience many value-added services. Service Providers are also eager to offer diverse value-added services to users such as digital identity, mobile financial services and so on. In this context, the security of data storage in smartphones and the security of communication between the smartphone and service provider are critical for the success of these services. In order to provide the required security functions, the SIM card is one acceptable alternative. Since SIM cards include a Secure Element, they are able to store sensitive data, create cryptographically secure keys, encrypt and decrypt data. In this paper, we design and implement a SIM and a smartphone framework that uses a SIM card for secure key generation, key storage, data encryption, data decryption and digital signing for mobile financial services. Our frameworks show that the SIM card can be used as a controlled Secure Element to provide required security functions for popular e-services such as mobile financial services.
Abstract: In this paper, an encryption algorithm is proposed for real-time image encryption. The scheme employs a dual chaotic generator based on a three dimensional (3D) discrete Lorenz attractor. Encryption is achieved using non-autonomous modulation where the data is injected into the dynamics of the master chaotic generator. The second generator is used to permute the dynamics of the master generator using the same approach. Since the data stream can be regarded as a random source, the resulting permutations of the generator dynamics greatly increase the security of the transmitted signal. In addition, a technique is proposed to mitigate the error propagation due to the finite precision arithmetic of digital hardware. In particular, truncation and rounding errors are eliminated by employing an integer representation of the data which can easily be implemented. The simple hardware architecture of the algorithm makes it suitable for secure real-time applications.
Abstract: A digital signature is an electronic signature form used by an original signer to sign a specific document. When the original signer is not in his office or when he/she travels outside, he/she delegates his signing capability to a proxy signer and then the proxy signer generates a signing message on behalf of the original signer. The two parties must be able to authenticate one another and agree on a secret encryption key, in order to communicate securely over an unreliable public network. Authenticated key agreement protocols have an important role in building a secure communications network between the two parties. In this paper, we present a secure proxy signature scheme over an efficient and secure authenticated key agreement protocol based on factoring and discrete logarithm problem.
Abstract: Proxy signature scheme permits an original signer to delegate his/her signing capability to a proxy signer, and then the proxy signer generates a signing message on behalf of the original signer. The two parties must be able to authenticate one another and agree on a secret encryption key, in order to communicate securely over an unreliable public network. Authenticated key agreement protocols have an important role in building secure communications network between the two parties. In this paper, we present a secure proxy signature scheme over an efficient and secure authenticated key agreement protocol based on the discrete logarithm problem.
Abstract: A modified two dimensional (2D) logistic map based on cross feedback control is proposed. This 2D map exhibits more random chaotic dynamical properties than the classic one dimensional (1D) logistic map in the statistical characteristics analysis. So it is utilized as the pseudo-random (PN) sequence generator, where the obtained real-valued PN sequence is quantized at first, then applied to radio frequency identification (RFID) communication system in this paper. This system is experimentally validated on a cortex-M0 development board, which shows the effectiveness in key generation, the size of key space and security. At last, further cryptanalysis is studied through the test suite in the National Institute of Standards and Technology (NIST).
Abstract: Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.
Abstract: Connected vehicles are equipped with wireless sensors
that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure
(V2I) communication. These vehicles will in the near future
provide road safety, improve transport efficiency, and reduce traffic
congestion. One of the challenges for connected vehicles is how
to ensure that information sent across the network is secure. If
security of the network is not guaranteed, several attacks can occur,
thereby compromising the robustness, reliability, and efficiency of
the network. This paper discusses existing security mechanisms and
unique properties of connected vehicles. The methodology employed
in this work is exploratory. The paper reviews existing security
solutions for connected vehicles. More concretely, it discusses
various cryptographic mechanisms available, and suggests areas
of improvement. The study proposes a combination of symmetric
key encryption and public key cryptography to improve security.
The study further proposes message aggregation as a technique to
overcome message redundancy. This paper offers a comprehensive
overview of connected vehicles technology, its applications, its
security mechanisms, open challenges, and potential areas of future
research.
Abstract: Un-keyed SIM cards do not contain the required security infrastructure to provide end-to-end encryption with Service Providers. Hence, new, emerging, or smart services those require end-to-end encryption between SIM card and a Service Provider is impossible. SIMSec key exchange protocol creates symmetric keys between SIM card and Service Provider. After a successful protocol execution, SIM card and Service Provider creates the symmetric keys and can perform end-to-end data encryption when required. In this paper, our aim is to analyze the SIMSec protocol’s security. According to the results, SIM card and Service Provider can generate keys securely using SIMSec protocol.
Abstract: Information security plays a major role in uplifting the standard of secured communications via global media. In this paper, we have suggested a technique of encryption followed by insertion before transmission. Here, we have implemented two different concepts to carry out the above-specified tasks. We have used a two-point crossover technique of the genetic algorithm to facilitate the encryption process. For each of the uniquely identified rows of pixels, different mathematical methodologies are applied for several conditions checking, in order to figure out all the parent pixels on which we perform the crossover operation. This is done by selecting two crossover points within the pixels thereby producing the newly encrypted child pixels, and hence the encrypted cover image. In the next lap, the first and second order derivative operators are evaluated to increase the security and robustness. The last lap further ensures reapplication of the crossover procedure to form the final stego-image. The complexity of this system as a whole is huge, thereby dissuading the third party interferences. Also, the embedding capacity is very high. Therefore, a larger amount of secret image information can be hidden. The imperceptible vision of the obtained stego-image clearly proves the proficiency of this approach.
Abstract: The McEliece cryptosystem is an asymmetric type of
cryptography based on error correction code. The classical McEliece
used irreducible binary Goppa code which considered unbreakable
until now especially with parameter [1024, 524, and 101], but it is
suffering from large public key matrix which leads to be difficult to
be used practically. In this work Irreducible and Separable Goppa
codes have been introduced. The Irreducible and Separable Goppa
codes used are with flexible parameters and dynamic error vectors. A
Comparison between Separable and Irreducible Goppa code in
McEliece Cryptosystem has been done. For encryption stage, to get
better result for comparison, two types of testing have been chosen;
in the first one the random message is constant while the parameters
of Goppa code have been changed. But for the second test, the
parameters of Goppa code are constant (m=8 and t=10) while the
random message have been changed. The results show that the time
needed to calculate parity check matrix in separable are higher than
the one for irreducible McEliece cryptosystem, which is considered
expected results due to calculate extra parity check matrix in
decryption process for g2(z) in separable type, and the time needed to
execute error locator in decryption stage in separable type is better
than the time needed to calculate it in irreducible type. The proposed
implementation has been done by Visual studio C#.
Abstract: The legality of some countries or agencies’ acts to spy
on personal phone calls of the public became a hot topic to many
social groups’ talks. It is believed that this act is considered an
invasion to someone’s privacy. Such act may be justified if it is
singling out specific cases but to spy without limits is very
unacceptable. This paper discusses the needs for not only a simple
and light weight technique to secure mobile voice calls but also a
technique that is independent from any encryption standard or library.
It then presents and tests one encrypting algorithm that is based of
Frequency scrambling technique to show fair and delay-free process
that can be used to protect phone calls from such spying acts.
Abstract: Nowadays, cloud environments are becoming a need for companies, this new technology gives the opportunities to access to the data anywhere and anytime. It also provides an optimized and secured access to the resources and gives more security for the data which is stored in the platform. However, some companies do not trust Cloud providers, they think that providers can access and modify some confidential data such as bank accounts. Many works have been done in this context, they conclude that encryption methods realized by providers ensure the confidentiality, but, they forgot that Cloud providers can decrypt the confidential resources. The best solution here is to apply some operations on the data before sending them to the provider Cloud in the objective to make them unreadable. The principal idea is to allow user how it can protect his data with his own methods. In this paper, we are going to demonstrate our approach and prove that is more efficient in term of execution time than some existing methods. This work aims at enhancing the quality of service of providers and ensuring the trust of the customers.
Abstract: One of the crucial parameters of digital cryptographic
systems is the selection of the keys used and their distribution. The
randomness of the keys has a strong impact on the system’s security
strength being difficult to be predicted, guessed, reproduced, or
discovered by a cryptanalyst. Therefore, adequate key randomness
generation is still sought for the benefit of stronger cryptosystems.
This paper suggests an algorithm designed to generate and test
pseudo random number sequences intended for cryptographic
applications. This algorithm is based on mathematically manipulating
a publically agreed upon information between sender and receiver
over a public channel. This information is used as a seed for
performing some mathematical functions in order to generate a
sequence of pseudorandom numbers that will be used for
encryption/decryption purposes. This manipulation involves
permutations and substitutions that fulfill Shannon’s principle of
“confusion and diffusion”. ASCII code characters were utilized in the
generation process instead of using bit strings initially, which adds
more flexibility in testing different seed values. Finally, the obtained
results would indicate sound difficulty of guessing keys by attackers.