Abstract: To promote Industry 4.0 and Society 5.0 and so on, it is important to connect and share data so that every member can trust it. Blockchain (BC) technology is currently attracting attention as the most advanced tool and has been used in the financial field and so on. However, the data collaboration using BC has not progressed sufficiently among companies on the supply chain of the manufacturing industry that handle sensitive data such as product quality, manufacturing conditions, etc. There are two main reasons why data utilization is not sufficiently advanced in the industrial supply chain. The first reason is that manufacturing information is top secret and a source for companies to generate profits. It is difficult to disclose data even between companies with transactions in the supply chain. Blockchain mechanism such as Bitcoin using Public Key Infrastructure (PKI) requires plaintext to be shared between companies in order to verify the identity of the company that sent the data. Another reason is that the merits (scenarios) of collaboration data between companies are not specifically specified in the industrial supply chain. For these problems, this paper proposes a Business to Business (B2B) collaboration system using homomorphic encryption and BC technique. Using the proposed system, each company on the supply chain can exchange confidential information on encrypted data and utilize the data for their own business. In addition, this paper considers a scenario focusing on quality data, which was difficult to collaborate because it is top-secret. In this scenario, we show an implementation scheme and a benefit of concrete data collaboration by proposing a comparison protocol that can grasp the change in quality while hiding the numerical value of quality data.
Abstract: Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.
Abstract: When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI).
Abstract: Connected vehicles are equipped with wireless sensors
that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure
(V2I) communication. These vehicles will in the near future
provide road safety, improve transport efficiency, and reduce traffic
congestion. One of the challenges for connected vehicles is how
to ensure that information sent across the network is secure. If
security of the network is not guaranteed, several attacks can occur,
thereby compromising the robustness, reliability, and efficiency of
the network. This paper discusses existing security mechanisms and
unique properties of connected vehicles. The methodology employed
in this work is exploratory. The paper reviews existing security
solutions for connected vehicles. More concretely, it discusses
various cryptographic mechanisms available, and suggests areas
of improvement. The study proposes a combination of symmetric
key encryption and public key cryptography to improve security.
The study further proposes message aggregation as a technique to
overcome message redundancy. This paper offers a comprehensive
overview of connected vehicles technology, its applications, its
security mechanisms, open challenges, and potential areas of future
research.
Abstract: Vehicular Ad hoc NETwork (VANET) is a kind of Mobile Ad hoc NETwork (MANET). It allows the vehicles to communicate with one another as well as with nearby Road Side Units (RSU) and Regional Trusted Authorities (RTA). Vehicles communicate through On-Board Units (OBU) in which privacy has to be assured which will avoid the misuse of private data. A secure authentication framework for VANETs is proposed in which Public Key Cryptography (PKC) based adaptive pseudonym scheme is used to generate self-generated pseudonyms. Self-generated pseudonyms are used instead of real IDs for privacy preservation and non-repudiation. The ID-Based Signature (IBS) and ID-Based Online/Offline Signature (IBOOS) schemes are used for authentication. IBS is used to authenticate between vehicle and RSU whereas IBOOS provides authentication among vehicles. Security attacks like impersonation attack in the network are resolved and the attacking nodes are rejected from the network, thereby ensuring secure communication among the vehicles in the network. Simulation results shows that the proposed system provides better authentication in VANET environment.
Abstract: The McEliece cryptosystem is an asymmetric type of
cryptography based on error correction code. The classical McEliece
used irreducible binary Goppa code which considered unbreakable
until now especially with parameter [1024, 524, and 101], but it is
suffering from large public key matrix which leads to be difficult to
be used practically. In this work Irreducible and Separable Goppa
codes have been introduced. The Irreducible and Separable Goppa
codes used are with flexible parameters and dynamic error vectors. A
Comparison between Separable and Irreducible Goppa code in
McEliece Cryptosystem has been done. For encryption stage, to get
better result for comparison, two types of testing have been chosen;
in the first one the random message is constant while the parameters
of Goppa code have been changed. But for the second test, the
parameters of Goppa code are constant (m=8 and t=10) while the
random message have been changed. The results show that the time
needed to calculate parity check matrix in separable are higher than
the one for irreducible McEliece cryptosystem, which is considered
expected results due to calculate extra parity check matrix in
decryption process for g2(z) in separable type, and the time needed to
execute error locator in decryption stage in separable type is better
than the time needed to calculate it in irreducible type. The proposed
implementation has been done by Visual studio C#.
Abstract: In this paper a Public Key Cryptosystem is proposed
using the number theoretic transforms (NTT) over a ring of integer
modulo a composite number. The key agreement is similar to
ElGamal public key algorithm. The security of the system is based on
solution of multivariate linear congruence equations and discrete
logarithm problem. In the proposed cryptosystem only fixed numbers
of multiplications are carried out (constant complexity) and hence the
encryption and decryption can be done easily. At the same time, it is
very difficult to attack the cryptosystem, since the cipher text is a
sequence of integers which are interrelated. The system provides
authentication also. Using Mathematica version 5.0 the proposed
algorithm is justified with a numerical example.
Abstract: The growth of open networks created the interest to
commercialise it. The establishment of an electronic business
mechanism must be accompanied by a digital – electronic payment
system to transfer the value of transactions. Financial organizations
are requested to offer a secure e-payment synthesis with equivalent
level of security served in conventional paper-based payment
transactions. PKI, which is functioning as a chain of trust in security
architecture, can enable security services of cryptography to epayments,
in order to take advantage of the wider base either of
customer or of trading partners and the reduction of cost transaction
achieved by the use of Internet channels. The paper addresses the
possibilities and the implementation suggestions of PKI in relevance
to electronic payments by suggesting a framework that should be
followed.
Abstract: Because of the great advance in multimedia
technology, digital multimedia is vulnerable to malicious
manipulations. In this paper, a public key self-recovery block-based
video authentication technique is proposed which can not only
precisely localize the alteration detection but also recover the missing
data with high reliability. In the proposed block-based technique,
multiple description coding MDC is used to generate two codes (two
descriptions) for each block. Although one block code (one
description) is enough to rebuild the altered block, the altered block
is rebuilt with better quality by the two block descriptions. So using
MDC increases the ratability of recovering data. A block signature is
computed using a cryptographic hash function and a doubly linked
chain is utilized to embed the block signature copies and the block
descriptions into the LSBs of distant blocks and the block itself. The
doubly linked chain scheme gives the proposed technique the
capability to thwart vector quantization attacks. In our proposed
technique , anyone can check the authenticity of a given video using
the public key. The experimental results show that the proposed
technique is reliable for detecting, localizing and recovering the
alterations.
Abstract: This paper presents a smart-card applet that is able to
verify X.509 certificates and to use the public key contained in the
certificate for verifying digital signatures that have been created
using the corresponding private key, e.g. for the purpose of authenticating
the certificate owner against the card. The approach has been
implemented as an operating prototype on Java cards.
Abstract: The goal of steganography is to avoid drawing
suspicion to the transmission of a hidden message. If suspicion is
raised, steganography may fail. The success of steganography
depends on the secrecy of the action. If steganography is detected,
the system will fail but data security depends on the robustness of the
applied algorithm. In this paper, we propose a novel plausible
deniability scheme in steganography by using a diversionary message
and encrypt it with a DES-based algorithm. Then, we compress the
secret message and encrypt it by the receiver-s public key along with
the stego key and embed both messages in a carrier using an
embedding algorithm. It will be demonstrated how this method can
support plausible deniability and is robust against steganalysis.
Abstract: In this paper the development of a software to
encrypt messages with asymmetric cryptography is presented. In
particular, is used the RSA (Rivest, Shamir and Adleman) algorithm
to encrypt alphanumeric information. The software allows to
generate different public keys from two prime numbers provided by
the user, the user must then select a public-key to generate the
corresponding private-key. To encrypt the information, the user must
provide the public-key of the recipient as well as the message to be
encrypted. The generated ciphertext can be sent through an insecure
channel, so that would be very difficult to be interpreted by an
intruder or attacker. At the end of the communication, the recipient
can decrypt the original message if provide his/her public-key and
his/her corresponding private-key.
Abstract: SIP (Session Initiation Protocol), using HTML based
call control messaging which is quite simple and efficient, is being
replaced for VoIP networks recently. As for authentication and
authorization purposes there are many approaches and considerations
for securing SIP to eliminate forgery on the integrity of SIP
messages. On the other hand Elliptic Curve Cryptography has
significant advantages like smaller key sizes, faster computations on
behalf of other Public Key Cryptography (PKC) systems that obtain
data transmission more secure and efficient. In this work a new
approach is proposed for secure SIP authentication by using a public
key exchange mechanism using ECC. Total execution times and
memory requirements of proposed scheme have been improved in
comparison with non-elliptic approaches by adopting elliptic-based
key exchange mechanism.
Abstract: Vehicular communications play a substantial role in providing safety in transportation by means of safety message exchange. Researchers have proposed several solutions for securing safety messages. Protocols based on a fixed key infrastructure are more efficient in implementation and maintain stronger security in comparison with dynamic structures. These protocols utilize zone partitioning to establish distinct key infrastructure under Certificate Authority (CA) supervision in different regions. Secure anonymous broadcasting (SAB) is one of these protocols that preserves most of security aspects but it has some deficiencies in practice. A very important issue is region change of a vehicle for its mobility. Changing regions leads to change of CA and necessity of having new key set to resume communication. In this paper, we propose solutions for informing vehicles about region change to obtain new key set before entering next region. This hinders attackers- intrusion, packet loss and lessons time delay. We also make key request messages secure by confirming old CA-s public key to the message, hence stronger security for safety message broadcasting is attained.
Abstract: The study investigated the practices of organisations in Gulf Cooperation Council (GCC) countries with regards to G2C egovernment maturity. It reveals that e-government G2C initiatives in the surveyed countries in particular, and arguably around the world in general, are progressing slowly because of the lack of a trusted and secure medium to authenticate the identities of online users. The authors conclude that national ID schemes will play a major role in helping governments reap the benefits of e-government if the three advanced technologies of smart card, biometrics and public key infrastructure (PKI) are utilised to provide a reliable and trusted authentication medium for e-government services.
Abstract: In this paper, we design an integration security system
that provides authentication service, authorization service, and
management service of security data and a unified interface for the
management service. The interface is originated from XKMS protocol
and is used to manage security data such as XACML policies, SAML
assertions and other authentication security data including public keys.
The system includes security services such as authentication,
authorization and delegation of authentication by employing SAML
and XACML based on security data such as authentication data,
attributes information, assertions and polices managed with the
interface in the system. It also has SAML producer that issues
assertions related on the result of the authentication and the
authorization services.
Abstract: Deniable authentication is a new protocol which not only enables a receiver to identify the source of a received message but also prevents a third party from identifying the source of the message. The proposed protocol in this paper makes use of bilinear pairings over elliptic curves, as well as the Diffie-Hellman key exchange protocol. Besides the security properties shared with previous authentication protocols, the proposed protocol provides the same level of security with smaller public key sizes.
Abstract: Since 1984 many schemes have been proposed for
digital signature protocol, among them those that based on discrete
log and factorizations. However a new identification scheme based
on iterated function (IFS) systems are proposed and proved to be
more efficient. In this study the proposed identification scheme is
transformed into a digital signature scheme by using a one way hash
function. It is a generalization of the GQ signature schemes. The
attractor of the IFS is used to obtain public key from a private one,
and in the encryption and decryption of a hash function. Our aim is
to provide techniques and tools which may be useful towards
developing cryptographic protocols. Comparisons between the
proposed scheme and fractal digital signature scheme based on RSA
setting, as well as, with the conventional Guillou-Quisquater
signature, and RSA signature schemes is performed to prove that, the
proposed scheme is efficient and with high performance.
Abstract: In this paper, RSA encryption algorithm and its hardware
implementation in Xilinx-s Virtex Field Programmable Gate
Arrays (FPGA) is analyzed. The issues of scalability, flexible performance,
and silicon efficiency for the hardware acceleration of
public key crypto systems are being explored in the present work.
Using techniques based on the interleaved math for exponentiation,
the proposed RSA calculation architecture is compared to existing
FPGA-based solutions for speed, FPGA utilization, and scalability.
The paper covers the RSA encryption algorithm, interleaved multiplication,
Miller Rabin algorithm for primality test, extended Euclidean
math, basic FPGA technology, and the implementation details of
the proposed RSA calculation architecture. Performance of several
alternative hardware architectures is discussed and compared. Finally,
conclusion is drawn, highlighting the advantages of a fully flexible
& parameterized design.
Abstract: Key management represents a major and the most
sensitive part of cryptographic systems. It includes key generation,
key distribution, key storage, and key deletion. It is also considered
the hardest part of cryptography. Designing secure cryptographic
algorithms is hard, and keeping the keys secret is much harder.
Cryptanalysts usually attack both symmetric and public key
cryptosystems through their key management. We introduce a
protocol to exchange cipher keys over insecure communication
channel. This protocol is based on public key cryptosystem,
especially elliptic curve cryptosystem. Meanwhile, it tests the cipher
keys and selects only the good keys and rejects the weak one.