Biblio
Cipher Text Policy Attribute Based Encryption which is a form of Public Key Encryption has become a renowned approach as a Data access control scheme for data security and confidentiality. It not only provides the flexibility and scalability in the access control mechanisms but also enhances security by fuzzy fined-grained access control. However, schemes are there which for more security increases the key size which ultimately leads to high encryption and decryption time. Also, there is no provision for handling the middle man attacks during data transfer. In this paper, a light-weight and more scalable encryption mechanism is provided which not only uses fewer resources for encoding and decoding but also improves the security along with faster encryption and decryption time. Moreover, this scheme provides an efficient key sharing mechanism for providing secure transfer to avoid any man-in-the-middle attacks. Also, due to fuzzy policies inclusion, chances are there to get approximation of user attributes available which makes the process fast and reliable and improves the performance of legitimate users.
The existing research on the Internet of Things(IoT) security mainly focuses on attack and defense on a single protocol layer. Increasing and ubiquitous use of loT also makes it vulnerable to many attacks. An attacker try to performs the intelligent, brutal and stealthy attack that can reduce the risk of being detected. In these kinds of attacks, the attackers not only restrict themselves to a single layer of protocol stack but they also try to decrease the network performance and throughput by a simultaneous and coordinated attack on different layers. A new class of attacks, termed as cross-layer attack became prominent due to lack of interaction between MAC, routing and upper layers. These attacks achieve the better effect with reduced cost. Research has been done on cross-layer attacks in other domains like Cognitive Radio Network(CRN), Wireless Sensor Networks(WSN) and ad-hoc networks. However, our proposed scheme of cross-layer attack in IoT is the first paper to the best of our knowledge. In this paper, we have proposed Rank Manipulation and Drop Delay(RMDD) cross-layer attack in loT, we have investigated how small intensity attack on Routing protocol for low power lossy networks (RPL) degrades the overall application throughput. We have exploited the Rank system of the RPL protocol to implement the attacks. Rank is given to each node in the graph, and it shows its position in the network. If the rank could be manipulated in some manner, then the network topology can be modified. Simulation results demonstrate that the proposed attacks degrade network performance very much in terms of the throughput, latency, and connectivity.
In this paper, we initiate the study of garbled protocols - a generalization of Yao's garbled circuits construction to distributed protocols. More specifically, in a garbled protocol construction, each party can independently generate a garbled protocol component along with pairs of input labels. Additionally, it generates an encoding of its input. The evaluation procedure takes as input the set of all garbled protocol components and the labels corresponding to the input encodings of all parties and outputs the entire transcript of the distributed protocol. We provide constructions for garbling arbitrary protocols based on standard computational assumptions on bilinear maps (in the common random string model). Next, using garbled protocols we obtain a general compiler that compresses any arbitrary round multiparty secure computation protocol into a two-round UC secure protocol. Previously, two-round multiparty secure computation protocols were only known assuming witness encryption or learning-with errors. Benefiting from our generic approach we also obtain protocols (i) for the setting of random access machines (RAM programs) while keeping communication and computational costs proportional to running times, while (ii) making only a black-box use of the underlying group, eliminating the need for any expensive non-black-box group operations. Our results are obtained by a simple but powerful extension of the non-interactive zero-knowledge proof system of Groth, Ostrovsky and Sahai [Journal of ACM, 2012].