Special Issue "Cybersecurity and Cryptography"

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information and Communications Technology".

Deadline for manuscript submissions: closed (31 August 2015)

Special Issue Editors

Guest Editor
Prof. Dr. Qiong Huang

College of Informatics, South China Agricultural University, Guangzhou, China
Website | E-Mail
Phone: +86 20 85280320-601
Interests: Cryptography; Information Security; Cloud Security
Guest Editor
Dr. Guomin Yang

The School of Computing and Information Technology, University of Wollongong, Wollongong NSW 2522, Australia
Website | E-Mail
Phone: +61 2 4221 3872
Interests: Authentication and Key Exchange; Public key cryptography; Cloud security; Privacy-preserving technology

Special Issue Information

Dear Colleagues,

Nowadays in the cyber world, massive amounts of data are being collected, transmitted, and stored by different organisations and individuals. As an important asset, data must be well protected in storage and during transmission. Data security becomes a crucial factor to the success of new information technologies and infrastructures, such as Cloud Computing and Big Data. Cryptography plays a central role in protecting the data. This Special Issue aims to foster the dissemination of state-of-the-art research in the area of Cybersecurity and Cryptography.

The scope of this Special Issue includes, but is not limited to:

  • Authentication and access control
  • Applied cryptography
  • Communications security
  • Cloud and big data security
  • Database security
  • Distributed system security
  • E-mail security
  • Key distribution and management
  • Mobile security
  • Privacy-enhancing technologies
  • Web security

Prof. Dr. Qiong Huang
Dr. Guomin Yang
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 350 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.


Keywords

  • data security
  • network security
  • cloud security
  • cryptography

Published Papers (8 papers)

View options order results:
result details:
Displaying articles 1-8
Export citation of selected articles as:

Editorial

Jump to: Research, Review

Open AccessEditorial A Summary of the Special Issue “Cybersecurity and Cryptography”
Information 2015, 6(4), 833-835; doi:10.3390/info6040833
Received: 23 November 2015 / Revised: 4 December 2015 / Accepted: 4 December 2015 / Published: 8 December 2015
PDF Full-text (609 KB) | HTML Full-text | XML Full-text
Abstract
Nowadays in the cyber world, massive amounts of data are being collected, transmitted, and stored by different organizations and individuals.[...] Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)

Research

Jump to: Editorial, Review

Open AccessArticle Cable Capacitance Attack against the KLJN Secure Key Exchange
Information 2015, 6(4), 719-732; doi:10.3390/info6040719
Received: 11 August 2015 / Revised: 21 October 2015 / Accepted: 26 October 2015 / Published: 30 October 2015
Cited by 3 | PDF Full-text (1341 KB) | HTML Full-text | XML Full-text
Abstract
The security of the Kirchhoff-law-Johnson-(like)-noise (KLJN) key exchange system is based on the fluctuation-dissipation theorem of classical statistical physics. Similarly to quantum key distribution, in practical situations, due to the non-idealities of the building elements, there is a small information leak, which can
[...] Read more.
The security of the Kirchhoff-law-Johnson-(like)-noise (KLJN) key exchange system is based on the fluctuation-dissipation theorem of classical statistical physics. Similarly to quantum key distribution, in practical situations, due to the non-idealities of the building elements, there is a small information leak, which can be mitigated by privacy amplification or other techniques so that unconditional (information-theoretic) security is preserved. In this paper, the industrial cable and circuit simulator LTSPICE is used to validate the information leak due to one of the non-idealities in KLJN, the parasitic (cable) capacitance. Simulation results show that privacy amplification and/or capacitor killer (capacitance compensation) arrangements can effectively eliminate the leak. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Open AccessArticle Batch Attribute-Based Encryption for Secure Clouds
Information 2015, 6(4), 704-718; doi:10.3390/info6040704
Received: 31 July 2015 / Revised: 27 September 2015 / Accepted: 26 October 2015 / Published: 29 October 2015
Cited by 2 | PDF Full-text (332 KB) | HTML Full-text | XML Full-text
Abstract
Cloud storage is widely used by organizations due to its advantage of allowing universal access with low cost. Attribute-based encryption (ABE) is a kind of public key encryption suitable for cloud storage. The secret key of each user and the ciphertext are associated
[...] Read more.
Cloud storage is widely used by organizations due to its advantage of allowing universal access with low cost. Attribute-based encryption (ABE) is a kind of public key encryption suitable for cloud storage. The secret key of each user and the ciphertext are associated with an access policy and an attribute set, respectively; in addition to holding a secret key, one can decrypt a ciphertext only if the associated attributes match the predetermined access policy, which allows one to enforce fine-grained access control on outsourced files. One issue in existing ABE schemes is that they are designed for the users of a single organization. When one wants to share the data with the users of different organizations, the owner needs to encrypt the messages to the receivers of one organization and then repeats this process for another organization. This situation is deteriorated with more and more mobile devices using cloud services, as the ABE encryption process is time consuming and may exhaust the power supplies of the mobile devices quickly. In this paper, we propose a batch attribute-based encryption (BABE) approach to address this problem in a provably-secure way. With our approach, the data owner can outsource data in batches to the users of different organizations simultaneously. The data owner is allowed to decide the receiving organizations and the attributes required for decryption. Theoretical and experimental analyses show that our approach is more efficient than traditional encryption implementations in computation and communication. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Open AccessArticle Analysis of Two-Worm Interaction Model in Heterogeneous M2M Network
Information 2015, 6(4), 613-632; doi:10.3390/info6040613
Received: 30 July 2015 / Accepted: 6 October 2015 / Published: 10 October 2015
Cited by 1 | PDF Full-text (830 KB) | HTML Full-text | XML Full-text
Abstract
With the rapid development of M2M (Machine-to-Machine) networks, the damages caused by malicious worms are getting more and more serious. By considering the influences of the network heterogeneity on worm spreading, we are the first to study the complex interaction dynamics between benign
[...] Read more.
With the rapid development of M2M (Machine-to-Machine) networks, the damages caused by malicious worms are getting more and more serious. By considering the influences of the network heterogeneity on worm spreading, we are the first to study the complex interaction dynamics between benign worms and malicious worms in heterogeneous M2M network. We analyze and compare three worm propagation models based on different immunization schemes. By investigating the local stability of the worm-free equilibrium, we obtain the basic reproduction number R0 . Besides, by using suitable Lyapunov functions, we prove that the worm-free equilibrium is globally asymptotically stable if R0 ≤ 1 , otherwise unstable. The dynamics of worm models is completely determined by R0 . In the absence of birth, death and users’ treatment, we obtain the final size formula of worms. This study shows that the nodes with higher node degree are more susceptible to be infected than those with lower node degree. In addition, the effects of various immunization schemes are studied. Numerical simulations verify our theoretical results. The research results are meaningful for us to further understand the spread of worms in heterogeneous M2M network, and enact effectual control tactics. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Open AccessArticle A Backward Unlinkable Secret Handshake Scheme with Revocation Support in the Standard Model
Information 2015, 6(4), 576-591; doi:10.3390/info6040576
Received: 28 July 2015 / Revised: 31 August 2015 / Accepted: 21 September 2015 / Published: 7 October 2015
Cited by 1 | PDF Full-text (362 KB) | HTML Full-text | XML Full-text
Abstract
Secret handshake schemes have been proposed to achieve private mutual authentications, which allow the members of a certain organization to anonymously authenticate each other without exposing their affiliations. In this paper, a backward unlinkable secret handshake scheme with revocation support (BU-RSH) is constructed.
[...] Read more.
Secret handshake schemes have been proposed to achieve private mutual authentications, which allow the members of a certain organization to anonymously authenticate each other without exposing their affiliations. In this paper, a backward unlinkable secret handshake scheme with revocation support (BU-RSH) is constructed. For a full-fledged secret handshake scheme, it is indispensable to furnish it with practical functionality, such as unlinkability, revocation and traceability. The revocation is achieved in the BU-RSH scheme, as well as the unlinkability and the traceability. Moreover, the anonymity of revoked members is improved, so that the past transcripts of revoked members remain private, i.e., backward unlinkability. In particular, the BU-RSH scheme is provably secure in the standard model by assuming the intractability of the `-hidden strong Diffie-Hellman problem and the subgroup decision problem. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Open AccessArticle Influences of Removable Devices on the Anti-Threat Model: Dynamic Analysis and Control Strategies
Information 2015, 6(3), 536-549; doi:10.3390/info6030536
Received: 22 May 2015 / Accepted: 20 August 2015 / Published: 24 August 2015
Cited by 2 | PDF Full-text (937 KB) | HTML Full-text | XML Full-text
Abstract
With the rapid development of M2M wireless network, damages caused by malicious worms are getting more and more serious. The main goal of this paper is to explore the influences of removable devices on the interaction dynamics between malicious worms and benign worms
[...] Read more.
With the rapid development of M2M wireless network, damages caused by malicious worms are getting more and more serious. The main goal of this paper is to explore the influences of removable devices on the interaction dynamics between malicious worms and benign worms by using a mathematical model. The model takes two important network environment factors into consideration: benign worms and the influences of removable devices. Besides, the model’s basic reproduction number is obtained, along with the correct control conditions of the local and global asymptotical stability of the worm-free equilibrium. Simulation results show that the effectiveness of our proposed model in terms of reflecting the influences of removable devices on the interaction dynamics of an anti-treat model. Based on numerical analyses and simulations, effective methods are proposed to contain the propagation of malicious worms by using anti-worms. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Open AccessArticle Efficiency and Privacy Enhancement for a Track and Trace System of RFID-Based Supply Chains
Information 2015, 6(2), 258-274; doi:10.3390/info6020258
Received: 2 April 2015 / Revised: 3 June 2015 / Accepted: 4 June 2015 / Published: 11 June 2015
Cited by 2 | PDF Full-text (741 KB) | HTML Full-text | XML Full-text
Abstract
One of the major applications of Radio Frequency Identification (RFID) technology is in supply chain management as it promises to provide real-time visibility based on the function of track and trace. However, such an RFID-based track and trace system raises new security and
[...] Read more.
One of the major applications of Radio Frequency Identification (RFID) technology is in supply chain management as it promises to provide real-time visibility based on the function of track and trace. However, such an RFID-based track and trace system raises new security and privacy challenges due to the restricted resource of tags. In this paper, we refine three privacy related models (i.e., the privacy, path unlinkability, and tag unlinkability) of RFID-based track and trace systems, and clarify the relations among these privacy models. Specifically, we have proven that privacy is equivalent to path unlinkability and tag unlinkability implies privacy. Our results simplify the privacy concept and protocol design for RFID-based track and trace systems. Furthermore, we propose an efficient track and trace scheme, Tracker+, which allows for authentic and private identification of RFID-tagged objects in supply chains. In the Tracker+, no computational ability is required for tags, but only a few bytes of storage (such as EPC Class 1 Gen 2 tags) are needed to store the tag state. Indeed, Tracker+ reduces the memory requirements for each tag by one group element compared to the Tracker presented in other literature. Moreover, Tracker+ provides privacy against supply chain inside attacks. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)

Review

Jump to: Editorial, Research

Open AccessReview The Role of Malware in Reported Cyber Espionage: A Review of the Impact and Mechanism
Information 2015, 6(2), 183-211; doi:10.3390/info6020183
Received: 9 April 2015 / Revised: 4 May 2015 / Accepted: 7 May 2015 / Published: 18 May 2015
Cited by 3 | PDF Full-text (180 KB) | HTML Full-text | XML Full-text
Abstract
The recent emergence of the targeted use of malware in cyber espionage versus industry requires a systematic review for better understanding of its impact and mechanism. This paper proposes a basic taxonomy to document major cyber espionage incidents, describing and comparing their impacts
[...] Read more.
The recent emergence of the targeted use of malware in cyber espionage versus industry requires a systematic review for better understanding of its impact and mechanism. This paper proposes a basic taxonomy to document major cyber espionage incidents, describing and comparing their impacts (geographic or political targets, origins and motivations) and their mechanisms (dropper, propagation, types of operating systems and infection rates). This taxonomy provides information on recent cyber espionage attacks that can aid in defense against cyber espionage by providing both scholars and experts a solid foundation of knowledge about the topic. The classification also provides a systematic way to document known and future attacks to facilitate research activities. Geopolitical and international relations researchers can focus on the impacts, and malware and security experts can focus on the mechanisms. We identify several dominant patterns (e.g., the prevalent use of remote access Trojan and social engineering). This article concludes that the research and professional community should collaborate to build an open data set to facilitate the geopolitical and/or technical analysis and synthesis of the role of malware in cyber espionage. Full article
(This article belongs to the Special Issue Cybersecurity and Cryptography)
Figures

Back to Top