Search Results (6)

Nowadays, the evolution and growth of machine learning (ML) algorithms and the Internet of Things (IoT) are enabling new applications. Smart weapons and people detection systems are examples. Firstly, this work takes advantage of an efficient, scalable, and distributed system, named SmartFog, which identifies people with weapons by leveraging edge, fog, and cloud computing paradigms. Nevertheless, security vulnerabilities during data transmission are not addressed. Thus, this work bridges this gap by proposing a secure data transmission system integrating a lightweight security scheme named GS3. Therefore, the main novelty is the evaluation of the GS3 proposal in a real environment. In the first fog sublayer, GS3 leads to a 14% increase in execution time with respect to no secure data transmission, but AES results in a 34.5% longer execution time. GS3 achieves a 70% reduction in decipher time and a 55% reduction in cipher time compared to the AES algorithm. Furthermore, an energy consumption analysis shows that GS3 consumes 31% less power than AES. The security analysis confirms that GS3 detects tampering, replaying, forwarding, and forgery attacks. Moreover, GS3 has a key space of $2^{544}$ permutations, slightly larger than those of Chacha20 and Salsa20, with a faster solution than these methods. In addition, GS3 exhibits strength against differential cryptoanalysis. This mechanism is a compelling choice for energy-constrained environments and for securing event data transmissions with a short validity period. Moreover, GS3 maintains full architectural transparency with the underlying armed detection system. Full article

Cloud computing has revolutionized the digital era by providing a more efficient, scalable, and cost-effective infrastructure. Secure systems that encrypt and protect data before it is transmitted over a network and stored in the cloud benefit the entire transmission process. Transmission data can be encrypted and protected with a secure dynamic substitution box (S-box). In this paper, we propose the QuantumGS-box, which is a dynamic S-box for high-speed cloud-based storage encryption generated by bit shuffling with a genetic algorithm and a quantum random number generator (QRNG). The proposed work generates the S-box optimized values in a dynamic way, and an experimental evaluation of the proposed S-box method has been conducted using several cryptographic criteria, including bit independence criteria, speed, non-linearity, differential and linear approximation probabilities, strict avalanche criteria and balanced output. The results demonstrate that the QuantumGS-box can enhance robustness, is resilient to differential and provide improved linear cryptoanalysis compared to other research works while assuring non-linearity. The characteristics of the proposed S-box are compared with other state of the art S-boxes to validate its performance. These characteristics indicate that the QuantumGS-box is a promising candidate for cloud-based storage encryption applications. Full article

Cryptography is the study and practice of secure communication with digital data and focuses on confidentiality, integrity, and authentication. Random number generators (RNGs) generate random numbers to enhance security. Even though the cryptographic algorithms are public and their strength depends on the keys, cryptoanalysis of encrypted ciphers can significantly contribute to the unveiling of the cipher’s key. Therefore, to ensure high data security over a network, researchers need to improve the randomness of keys as they develop cryptosystems. Quantum particles have a leading edge in advancing RNG technology as they can provide true randomness, unlike pseudo-random numbers generators (PRNGs). In order to increase the level of the security of cryptographic systems based on random numbers, this survey focuses on three objectives: Cryptosystems with related cryptographic attacks, RNG-based cryptosystems, and the design of quantum random number generators (QRNGs). This survey aims to provide researchers with information about the importance of RNG-based ciphers and various research techniques for QRNGs that can incorporate quantum-based true randomness in cryptosystems. Full article

The latest quantum computers have the ability to solve incredibly complex classical cryptography equations particularly to decode the secret encrypted keys and making the network vulnerable to hacking. They can solve complex mathematical problems almost instantaneously compared to the billions of years of computation needed by traditional computing machines. Researchers advocate the development of novel strategies to include data encryption in the post-quantum era. Lattices have been widely used in cryptography, somewhat peculiarly, and these algorithms have been used in both; (a) cryptoanalysis by using lattice approximation to break cryptosystems; and (b) cryptography by using computationally hard lattice problems (non-deterministic polynomial time hardness) to construct stable cryptographic functions. Most of the dominant features of lattice-based cryptography (LBC), which holds it ahead in the post-quantum league, include resistance to quantum attack vectors, high concurrent performance, parallelism, security under worst-case intractability assumptions, and solutions to long-standing open problems in cryptography. While these methods offer possible security for classical cryptosytems in theory and experimentation, their implementation in energy-restricted Internet-of-Things (IoT) devices requires careful study of regular lattice-based implantation and its simplification in lightweight lattice-based cryptography (LW-LBC). This streamlined post-quantum algorithm is ideal for levelled IoT device security. The key aim of this survey was to provide the scientific community with comprehensive information on elementary mathematical facts, as well as to address real-time implementation, hardware architecture, open problems, attack vectors, and the significance for the IoT networks. Full article

Nowadays, data security is becoming an emerging and challenging issue due to the growth in web-connected devices and significant data generation from information and communication technology (ICT) platforms. Many existing types of research from industries and academic fields have presented their methodologies for supporting defense against security threats. However, these existing approaches have failed to deal with security challenges in next-generation ICT systems due to the changing behaviors of security threats and zero-day attacks, including advanced persistent threat (APT), ransomware, and supply chain attacks. The symmetry-adapted machine-learning approach can support an effective way to deal with the dynamic nature of security attacks by the extraction and analysis of data to identify hidden patterns of data. It offers the identification of unknown and new attack patterns by extracting hidden data patterns in next-generation ICT systems. Therefore, we accepted twelve articles for this Special Issue that explore the deployment of symmetry-adapted machine learning for information security in various application areas. These areas include malware classification, intrusion detection systems, image watermarking, color image watermarking, battlefield target aggregation behavior recognition models, Internet Protocol (IP) cameras, Internet of Things (IoT) security, service function chains, indoor positioning systems, and cryptoanalysis. Full article

The LoRaWAN is one of the new low-power wide-area network (LPWAN) standards applied to Internet of Things (IoT) technology. The key features of LPWAN are its low power consumption and long-range coverage. The LoRaWAN 1.1 specification includes a basic security scheme. However, this scheme could be further improved in the aspect of key management. In this paper, LoRaWAN 1.1 security is reviewed, and enhanced LoRaWAN security with a root key update scheme is proposed. The root key update will make cryptoanalysis of security keys in LoRaWAN more difficult. The analysis and simulation show that the proposed root key update scheme requires fewer computing resources compared with other key derivation schemes, including the scheme used in the LoRaWAN session key update. The results also show the key generated in the proposed scheme has a high degree of randomness, which is a basic requirement for a security key. Full article