Search Results (12)

In the past few decades, the transmission of data over an unsecure channel has resulted in an increased rate of hacking. The requirement to make multimedia data more secure is increasing day by day. Numerous algorithms have been developed to improve efficiency and robustness in the encryption process. In this article, a novel and secure image encryption algorithm is presented. It is based on a modified chaotic logistic map (CLM) that provides the advantage of taking less computational time to encrypt an input image. The encryption algorithm is based on Shannon’s idea of using a substitution–permutation and one-time pad network to achieve ideal secrecy. The CLM is used for substitution and permutation to improve randomness and increase dependency on the encryption key. Various statistical tests are conducted, such as keyspace analysis, complexity analysis, sensitivity analysis, strict avalanche criteria (SAC), histogram analysis, entropy analysis, mean of absolute deviation (MAD) analysis, correlation analysis, contrast analysis and homogeneity, to give a comparative analysis of the proposed algorithm and verify its security. As a result of various statistical tests, it is evident that the proposed algorithm is more efficient and robust as compared to previous ones. Full article

Security is currently the main boundary for cloud-based administrations. It is not adequate to just consolidate the cloud by adding a couple of additional controls or component answers for your current organization security programming. Businesses must utilize both virtual and physical information center security frameworks to keep them secure. The objective is to defend it from dangers that may jeopardize the secrecy, judgment, or openness of mental property or commerce data resources. These are the fundamental central focuses of all assigned attacks, and in this way, they require a high degree of security. Hundreds to thousands of physical and virtual servers are partitioned up into information centers agreeing to sort applications, information classification zones, and other criteria. To protect applications, frameworks, information, and clients, information center security takes on the workload over physical information centers and multi-cloud situations. It also applies to open cloud data centers. All server ranches ought to protect their applications and data from a rising number of refined threats and around-the-world ambushes. Each organization is at risk of assault, and numerous organizations have been compromised without being mindful of it. An evaluation of your resources and business necessities is important to improve a spotless way to deal with your way of life and cloud security technique. To deal with a strong mixture of multi-cloud wellbeing program, you should lay out perceivability and control. You can consolidate incredible controls, organize responsibility dispersion, and lay out fantastic gambles on the board with the assistance of safety items and experts. Full article

As excellent tools for aiding communication, an intelligent reflecting surface (IRS) and an unmanned aerial vehicle (UAV) can extend the coverage area, remove the blind area, and achieve a dramatic rate improvement. In this paper, we improve the secrecy rate (SR) performance of directional modulation (DM) networks using an IRS and UAV in combination. To fully explore the benefits of the IRS and UAV, two efficient methods are proposed to enhance the SR performance. The first approach computes the confidential message (CM) beamforming vector by maximizing the SR, and the signal-to-leakage-noise ratio (SLNR) method is used to optimize the IRS phase shift matrix (PSM), which is called Max-SR-SLNR. To reduce the computational complexity, the CM, artificial noise (AN) beamforming, and IRS phase shift design are independently designed in the following method. The CM beamforming vector is constructed based on the maximum ratio transmission (MRT) criteria along the channel from Alice-to-IRS, the AN beamforming vector is designed by null-space projection (NSP) on the remaining two channels, and the PSM of the IRS is directly given by the phase alignment (PA) method. This method is called the MRT-NSP-PA. The simulation results show that the SR performance of the Max-SR-SLNR method outperforms the MRT-NSP-PA method in the cases of small-scale and medium-scale IRSs, and the latter approaches the former in performance as the IRS tends to a larger scale. Full article

Integration of information communication technology via the Internet of Things devices and sensors can enable an efficient power service for utility providers to consumers in advanced metering infrastructure. Authentication and cryptographic mechanisms protect identity, data security and privacy from unauthorised interception for smart meters to servers. In the last couple of years, many key agreement protocols have been prescribed and deployed to fix those issues. Unfortunately, the deployed protocols did not work inside the same protocols, specifically parameter detection and recognition for session key generation, as they entail high computation time and communication bits overheads. Furthermore, the absence of forward secrecy and user anonymity affects the authentication. Therefore, we have proposed a lightweight identity-based key agreement (LIKA) utilising the Diffie–Hellman cryptography with a trusted authority. It seeks to cover both the security and performance criteria with equal weight. The protocol is evaluated by the Canetti and Krawczyk adversarial model, Avispa and cryptographic analysis released the session keys that were not considered as an adversary during mutual authentication. Moreover, as compared to related work, the proposed protocol took the least amount of time (5.319 ms and 1056 bits) for the entire process of session key generation. Furthermore, comparative analysis has shown that the LIKA adequately encompasses computation, communication, and security assessments. Consequently, it is more convenient for practical implementation for a smart grid. Full article

The recently emerging multi-portfolio selection problem lacks a proper framework to ensure that client privacy and database secrecy remain intact. Since privacy is of major concern these days, in this paper, we propose a variant of Beetle Antennae Search (BAS) known as Distributed Beetle Antennae Search (DBAS) to optimize multi-portfolio selection problems without violating the privacy of individual portfolios. DBAS is a swarm-based optimization algorithm that solely shares the gradients of portfolios among the swarm without sharing private data or portfolio stock information. DBAS is a hybrid framework, and it inherits the swarm-like nature of the Particle Swarm Optimization (PSO) algorithm with the BAS updating criteria. It ensures a robust and fast optimization of the multi-portfolio selection problem whilst keeping the privacy and secrecy of each portfolio intact. Since multi-portfolio selection problems are a recent direction for the field, no work has been done concerning the privacy of the database nor the privacy of stock information of individual portfolios. To test the robustness of DBAS, simulations were conducted consisting of four categories of multi-portfolio problems, where in each category, three portfolios were selected. To achieve this, 200 days worth of real-world stock data were utilized from 25 NASDAQ stock companies. The simulation results prove that DBAS not only ensures portfolio privacy but is also efficient and robust in selecting optimal portfolios. Full article

The invention of electronic mail (e-mail) has made communication through the Internet easier than before. However, because the fundamental functions of the Internet are built on opensource technologies, it is critical to keep all transmitted e-mail secure and secret. Most current e-mail protocols only allow recipients to check their e-mail after the recipients are authenticated by the e-mail server. Unfortunately, the subsequent e-mail transmission from the server to the recipient remains unprotected in the clear form without encryption. Sometimes, this is not allowed, especially in consideration of issues such as confidentiality and integrity. In this paper, we propose a secure and practical e-mail protocol with perfect forward secrecy, as well as a high security level, in which the session keys used to encrypt the last e-mail will not be disclosed even if the long-term secret key is compromised for any possible reason. Thus, the proposed scheme benefits from the following advantages: (1) providing mutual authentication to remove the threat of not only impersonation attacks, but also spam; (2) guaranteeing confidentiality and integrity while providing the service of perfect forward secrecy; (3) simplifying key management by avoiding the expense of public key infrastructure involvement; and (4) achieving lower computational cost while meeting security criteria compared to the related works. The security analysis and the discussion demonstrate that the proposed scheme works well. Full article

To meet password selection criteria of a server, a user occasionally needs to provide multiple choices of password candidates to an on-line password meter, but such user-chosen candidates tend to be derived from the user’s previous passwords—the meter may have a high chance to acquire information about a user’s passwords employed for various purposes. A third party password metering service may worsen this threat. In this paper, we first explore a new on-line password meter concept that does not necessitate the exposure of user’s passwords for evaluating user-chosen password candidates in the server side. Our basic idea is straightforward; to adapt fully homomorphic encryption (FHE) schemes to build such a system but its performance achievement is greatly challenging. Optimization techniques are necessary for performance achievement in practice. We employ various performance enhancement techniques and implement the NIST (National Institute of Standards and Technology) metering method as seminal work in this field. Our experiment results demonstrate that the running time of the proposed meter is around 60 s in a conventional desktop server, expecting better performance in high-end hardware, with an FHE scheme in HElib library where parameters support at least 80-bit security. We believe the proposed method can be further explored and used for a password metering in case that password secrecy is very important—the user’s password candidates should not be exposed to the meter and also an internal mechanism of password metering should not be disclosed to users and any other third parties. Full article

Wireless Healthcare Sensor Network (WHSN) is a benchmarking technology deployed to levitate the quality of lives for the patients and doctors. WHSN systems must fit IEEE 802.15.6 standard for specific application criteria, unlike some standard criteria that are difficult to meet. Therefore, many security models were suggested to enhance the security of the WHSN and promote system performance. Yu and Park proposed a three-factor authentication scheme based on the smart card, biometric, and password, and their scheme can be easily employed in three-tier WHSN architecture. Furthermore, they claimed that their scheme can withstand guessing attack and provide anonymity, although, after cryptanalysis, we found that their scheme lacks both. Accordingly, we suggested a three-factor authentication scheme with better system confusion due to multiplex parametric features, hash function, and higher key size to increase the security and achieve anonymity for the connected nodes. Moreover, the scheme included initialization, authentication, re-authentication, secure node addition, user revocation, and secure data transmission via blockchain technology. The formal analysis of the scheme was conducted by BAN logic (Burrows Abadi Nadeem) and the simulation was carried out by Tamarin prover to validate that the proposed scheme is resistant to replay, session hijacking, and guessing attacks, plus it provides anonymity, perfect forward secrecy, and authentication along with the key agreement. Full article

Recently, connected vehicles (CV) are becoming a promising research area leading to the concept of CV as a Service (CVaaS). With the increase of connected vehicles and an exponential growth in the field of online cab booking services, new requirements such as secure, seamless and robust information exchange among vehicles of vehicular networks are emerging. In this context, the original concept of vehicular networks is being transformed into a new concept known as connected and autonomous vehicles. Autonomous vehicular use yields a better experience and helps in reducing congestion by allowing current information to be obtained by the vehicles instantly. However, malicious users in the internet of vehicles may mislead the whole communication where intruders may compromise smart devices with the purpose of executing a malicious ploy. In order to prevent these issues, a blockchain technique is considered the best technique that provides secrecy and protection to the control system in real time conditions. In this paper, the issue of security in smart sensors of connected vehicles that can be compromised by expert intruders is addressed by proposing a blockchain framework. This study has further identified and validated the proposed mechanism based on various security criteria, such as fake requests of the user, compromise of smart devices, probabilistic authentication scenarios and alteration in stored user’s ratings. The results have been analyzed against some existing approach and validated with improved simulated results that offer 79% success rate over the above-mentioned issues. Full article

In this paper, an underlay cooperative cognitive network using a non-orthogonal multiple access (UCCN-NOMA) system is investigated, in which the intermediate multiple relays help to decode and forward two signals $x_1$ and $x_2$ from a source node to two users D₁ and D₂, respectively, under wiretapping of an eavesdropper (E). We study the best relay selection strategies by three types of relay selection criteria: the first and second best relay selection is based on the maximum channel gain of the links R ${}_i$ -D ${}_1$ , R ${}_i$ -D₂, respectively; the third one is to ensure a minimum value of the channel gains from the R ${}_i$ -E link. We analyze and evaluate the secrecy performances of the transmissions $x_1$ and $x_2$ from the source node to the destination nodes D₁, D₂, respectively, in the proposed UCCN-NOMA system in terms of the secrecy outage probabilities (SOPs) over Rayleigh fading channels. Simulation and analysis results are presented as follows. The results of the (sum) secrecy outage probability show that proposed scheme can realize the maximal diversity gain. The security of the system is very good when eavesdropper node E is far from the source and cooperative relay. Finally, the theoretical analyses are verified by performing Monte Carlo simulations. Full article

We consider an authentication process that makes use of biometric data or the output of a physical unclonable function (PUF), respectively, from an information theoretical point of view. We analyse different definitions of achievability for the authentication model. For the secrecy of the key generated for authentication, these definitions differ in their requirements. In the first work on PUF based authentication, weak secrecy has been used and the corresponding capacity regions have been characterized. The disadvantages of weak secrecy are well known. The ultimate performance criteria for the key are perfect secrecy together with uniform distribution of the key. We derive the corresponding capacity region. We show that, for perfect secrecy and uniform distribution of the key, we can achieve the same rates as for weak secrecy together with a weaker requirement on the distribution of the key. In the classical works on PUF based authentication, it is assumed that the source statistics are known perfectly. This requirement is rarely met in applications. That is why the model is generalized to a compound model, taking into account source uncertainty. We also derive the capacity region for the compound model requiring perfect secrecy. Additionally, we consider results for secure storage using a biometric or PUF source that follow directly from the results for authentication. We also generalize known results for this problem by weakening the assumption concerning the distribution of the data that shall be stored. This allows us to combine source compression and secure storage. Full article

The secrecy capacity of an extended communication model of wiretap channelII is determined. In this channel model, the source message is encoded into a digital sequence of length N and transmitted to the legitimate receiver through a discrete memoryless channel (DMC). There exists an eavesdropper who is able to observe arbitrary $\mu =N\alpha$ digital symbols from the transmitter through a second DMC, where $0\le \alpha \le 1$ is a constant real number. A pair of an encoder and a decoder is designed to let the receiver be able to recover the source message with a vanishing decoding error probability and keep the eavesdropper ignorant of the message. This communication model includes a variety of wiretap channels as special cases. The coding scheme is based on that designed by Ozarow and Wyner for the classic wiretap channel II. Full article