Biblio

Physical unclonable functions (PUFs) are used to create unique device identifiers from their inherent fabrication variability. Unstable readings and variation of the PUF response over time are key issues that limit the applicability of PUFs in real-world systems. In this project, we developed a fuzzy extractor (FE) to generate robust cryptographic keys from ReRAM-based PUFs. We tested the efficiency of the proposed FE using BCH and Polar error correction codes. We use ReRAM-based PUFs operating in pre-forming range to generate binary cryptographic keys at ultra-low power with an objective of tamper sensitivity. We investigate the performance of the proposed FE with real data using the reading of the resistance of pre-formed ReRAM cells under various noise conditions. The results show a bit error rate (BER) in the range of 10−5 for the Polar-codes based method when 10% of the ReRAM cell array is erroneous at Signal to Noise Ratio (SNR) of 20dB.This error rate is achieved by using helper data length of 512 bits for a 256 bit cryptographic key. Our method uses a 2:1 ratio for helper data and key, much lower than the majority of previously reported methods. This property makes our method more robust against helper data attacks.

Current cryptographic solutions used in information technologies today like Transport Layer Security utilize algorithms with underlying computationally difficult problems to solve. With the ongoing research and development of quantum computers, these same computationally difficult problems become solvable within reasonable (polynomial) time. The emergence of large-scale quantum computers would put the integrity and confidentiality of today’s data in jeopardy. It then becomes urgent to develop, implement, and test a new suite of cybersecurity measures against attacks from a quantum computer. This paper explores, understands, and evaluates this new category of cryptosystems as well as the many tradeoffs among them. All the algorithms submitted to the National Institute of Standards and Technology (NIST) for standardization can be categorized into three major categories, each relating to the new underlying hard problem: namely error code correcting, algebraic lattices (including ring learning with errors), and supersingular isogenies. These new mathematical hard problems have shown to be resistant to the same type of quantum attack. Utilizing hardware clock cycle registers, the work sets up the benchmarks of the four Round 3 NIST algorithms in two environments: cloud computing and embedded system. As expected, there are many tradeoffs and advantages in each algorithm for applications. Saber and Kyber are exceedingly fast but have larger ciphertext size for transmission over a wire. McEliece key size and key generation are the largest drawbacks but having the smallest ciphertext size and only slightly decreased performance allow a use case where key reuse is prioritized. NTRU finds a middle ground in these tradeoffs, being better than McEliece performance wise and better than Kyber and Saber in ciphertext size allows for a use case of highly varied environments, which need to value speed and ciphertext size equally. Going forward, the benchmarking system developed could be applied to digital signature, another vital aspect to a cryptosystem.

To develop the next generation of Internet of Things, Edge devices and systems which leverage progress in enabling technologies such as 5G, distributed computing and artificial intelligence (AI), several requirements need to be developed and put in place to make the devices smarter. A major requirement for all the above applications is the long-term security and trust computing infrastructure. Trusted Computing requires the introduction inside of the platform of a Trusted Platform Module (TPM). Traditionally, a TPM was a discrete and dedicated module plugged into the platform to give TPM capabilities. Recently, processors manufacturers started integrating trusted computing features into their processors. A significant drawback of this approach is the need for a permanent modification of the processor microarchitecture. In this context, we suggest an analysis and a design of a software-only TPM for RISC-V processors based on seL4 microkernel and OP-TEE.

The Internet of Drones (IoD) is a distributed network control system that mainly manages unmanned aerial vehicle access to controlled airspace and provides navigation between so-called nodes. Securing the transmission of real-time information from the nodes in these applications is essential. The limited drone nodes, data storage, computing and communication capabilities necessitate the need to design an effective and secure authentication scheme. Recently, research has proposed remote user authentication and the key agreement on IoD and claimed that their schemes satisfied all security issues in these networks. However, we found that their schemes may lead to losing access to the drone system due to the corruption of using a key management system and make the system completely unusable. To solve this drawback, we propose a lightweight and anonymous two-factor authentication scheme for drones. The proposed scheme is based on an asymmetric cryptographic method to provide a secure system and is more suitable than the other existing schemes by securing real-time information. Moreover, the comparison shows that the proposed scheme minimized the complexity of communication and computation costs.

In this paper, we propose a zero-distortion blind reversible robust scheme for watermarking relational databases called PKMark. Data owner can declare the copyright of the databases or pursue the infringement by extracting the water-mark information embedded in the database. PKMark is mainly based on the primary key attribute of the tuple. So it does not depend on the type of the attribute, and can provide high-precision numerical attributes. PKMark uses RSA encryption on the watermark before embedding the watermark to ensure the security of the watermark information. Then we use RSA to sign the watermark cipher text so that the owner can verify the ownership of the watermark without disclosing the watermark. The watermark embedding and extraction are based on the hash value of the primary key, so the scheme has blindness and reversibility. In other words, the user can obtain the watermark information or restore the original database without comparing it to the original database. Our scheme also has almost excellent robustness against addition attacks, deletion attacks and alteration attacks. In addition, PKMark is resistant to additive attacks, allowing different users to embed multiple watermarks without interfering with each other, and it can indicate the sequence of watermark embedding so as to indicate the original copyright owner of the database. This watermarking scheme also allows data owners to detect whether the data has been tampered with.

Recommender systems help people in finding a particular item based on their preference from a wide range of products in online shopping rapidly. One of the most popular models of recommendation systems is the Collaborative Filtering Recommendation System (CFRS) that recommend the top-K items to active user based on peer grouping user ratings. The implementation of CFRS is easy and it can easily be attacked by fake users and affect the recommendation. Fake users create a fake profile to attack the RS and change the output of it. Different attack types with different features and attacking methods exist in which decrease the accuracy. It is important to detect fake users, remove their rating from rating matrix and recognize the items has been attacked. In the recent years, many algorithms have been proposed to detect the attackers but first, researchers have to inject the attack type into their dataset and then evaluate their proposed approach. The purpose of this article is to develop a tool to inject the different attack types to datasets. Proposed tool constructs a new dataset containing the fake users therefore researchers can use it for evaluating their proposed attack detection methods. Researchers could choose the attack type and the size of attack with a user interface of our proposed tool easily.

A threat of eavesdropping display screen image of information device is caused by unintended EM leakage emanation. QR bar-code is capable of error correction, and its information is possibly read from a damaged screen image from EM leakage. A new design of QR bar-code proposed in this paper uses selected colors in consideration of correlation between the EM wave leakage and display color. Proposed design of QR bar-code keeps error correction of displayed image, and makes it difficult to read information on the eavesdropped image.

Distribution of keys in classical cryptography is one of the most significant affairs to deal with. The computational hardness is the fundamental basis of the security of these keys. However, in the era of quantum computing, quantum computers can break down these keys with their substantially more computation capability than normal computers. For instance, a quantum computer can easily break down RSA or ECC in polynomial time. In order to make the keys quantum resistant, Quantum Key Distribution (QKD) is developed to enforce security of the classical cryptographic keys from the attack of quantum computers. By using quantum mechanics, QKD can reinforce the durability of the keys of classical cryptography, which were practically unbreakable during the pre-quantum era. Thus, an extensive study is required to understand the importance of QKD to make the classical cryptographic key distributions secure against both classical and quantum computers. Therefore, in this paper, we discuss trends and limitations of key management protocols in classical cryptography, and demonstrates a relative study of different QKD protocols. In addition, we highlight the security implementation aspects of QKD, which lead to the solution of threats occurring in a quantum computing scenario, such that the cryptographic keys can be quantum resistant.

The advancements in quantum computing and quantum cryptology have recently started to gain momentum and transformation of usable quantum technologies from dream to reality has begun to look viable. This has created an immediate requirement to comprehend quantum attacks and their cryptographic implications, which is a prerequisite obligation to design cryptographic systems resistant to current and futuristic projected quantum and conventional attacks. In this context, this paper reviews the prevalent quantum concepts and analyses their envisaged impact on various aspects of modern-day communication and information security technologies. Moreover, the paper also presents six open-problems and two conjectures, which are formulated to define prerequisite technological obligations for fully comprehending the futuristic quantum threats to contemporary communication security technologies and information assets processed through these systems. Furthermore, the paper also presents some important concepts in the form of questions and discusses some recent trends adapted in cryptographic designs to thwart quantum attacks.

This paper presents the time complexity estimates for the methods of points exponentiation, which are basic for encrypting information flows in computer systems. As a result of numerical experiments, it is determined that the method of doubling-addition-subtraction has the lowest complexity. Mathematical models for determining the execution time of each considered algorithm for points exponentiation on elliptic curves were developed, which allowed to conduct in-depth analysis of their performance and resistance to special attacks, in particular timing analysis attack. The dependences of the cryptographic operations execution time on the key length and the sustainability of each method on the Hamming weight are investigated. It is proved that under certain conditions the highest sustainability of the system is achieved by the doubling-addition-subtraction algorithm. This allows to justify the choice of algorithm and its parameters for the implementation of cryptographic information security, which is resistant to special attacks.

Pairings on elliptic curves are exploited for pairing-based cryptography, e.g., ID-based encryption and group signature authentication. For secure cryptography, it is important to choose the curves that have resistance to a special variant of the tower number field sieve (TNFS) that is an attack for the finite fields. However, for the pairings on several curves with embedding degree \$k=\10,11,13,14\\$ resistant to the special TNFS, efficient algorithms for computing the final exponentiation constructed by the lattice-based method have not been provided. For these curves, the authors present efficient algorithms with the calculation costs in this manuscript.

This paper presents a randomized Montgomery Powering Ladder Modular Exponentiation (RMPLME) scheme for side channel attacks (SCA) resistant Rivest-Shamir-Adleman (RSA) and its leakage resilience analysis. This method randomizes the computation time of square-and-multiply operations for each exponent bit of the Montgomery Powering Ladder (MPL) based RSA exponentiation using various radices (Radix – 2, 22, and 24) based Montgomery Modular multipliers (MMM) randomly. The randomized computations of RMPLME generates non-uniform timing channels information and power traces thus protecting against SCA. In this work, we have developed and implemented a) an unmasked right-to-left Montgomery Modular Exponentiation (R-L MME), b) MPL exponentiation and c) the proposed RMPLME schemes for RSA decryption. All the three realizations have been assessed for side channel leakage using Welch’s t-test and analyzed for secured realizations based on degree of side channel information leakage. RMPLME scheme shows the least side-channel leakage and resilient against SPA, DPA, C-Safe Error, CPA and Timing Attacks.

Considering the influence of load, This paper proposes a robust analysis method of cyber-physical power system based on the evolution of adjacency matrix. This method uses the load matrix to detect whether the system has overload failure, utilizes the reachable matrix to detect whether the system has unconnected failure, and uses the dependency matrix to reveal the cascading failure mechanism in the system. Finally, analyze the robustness of the cyber-physical power system. The IEEE30 standard node system is taken as an example for simulation experiment, and introduced the connectivity index and the load loss ratio as evaluation indexes. The robustness of the system is evaluated and analyzed by comparing the variation curves of connectivity index and load loss ratio under different tolerance coefficients. The results show that the proposed method is feasible, reduces the complexity of graph-based attack methods, and easy to research and analyze.

The cryptology science has gradually gained importance with our digitalized lives. Ensuring the security of data transmitted, processed and stored across digital channels is a major challenge. One of the frequently used components in cryptographic algorithms to ensure security is substitution-box structures. Random selection-based substitution-box structures have become increasingly important lately, especially because of their advantages to prevent side channel attacks. However, the low nonlinearity value of these designs is a problem. In this study, a dataset consisting of twenty different substitution-box structures have been publicly presented to the researchers. The fact that the proposed dataset has high nonlinearity values will allow it to be used in many practical applications in the future studies. The proposed dataset provides a contribution to the literature as it can be used both as an input dataset for the new post-processing algorithm and as a countermeasure to prevent the success of side-channel analyzes.

The rapid development of blockchain application technology promotes continuous exploration in the field of computer application science. Although it is still in the initial stage of development, the technical features of blockchain technology such as decentralization, identity verification, tamper resistance, data integrity, and security are regarded as excellent solutions to today's computer security technical problems. In this paper, we will analyze and compare blockchain data storage and cloud data processing technologies, focusing on the concept and technology of blockchain distributed data storage technology, and analyze and summarize the key issues. The results of this paper will provide a useful reference for the application and research of blockchain technology in cloud storage security.

The cloud storage system is a very big boon for the organizations and individuals who are all in the need of storage space to accommodate huge volume of digital data. The cloud storage space can handle various types of digital data like text, image, video and audio. Since the storage space can be shared among different users, it is possible to have duplicate copies of data in the storage space. An efficient mechanism is required to identify the digital data uniquely in order to check the duplicity. There are various ways by which the digital data can be identified. One among such technique is hash-based identification. Using cryptographic hashing algorithms, every data can be uniquely identified. The unique property of hashing algorithm helps to identify the data uniquely. In this research work, we are going to discuss the advantage of using cryptographic hashing algorithm for digital data identification and the comparison of various hashing algorithms.

The prevalence of Internet of Things (IoT) allows heterogeneous and lightweight smart devices to collaboratively provide services with or without human intervention. With an ever-increasing presence of IoT-based smart applications and their ubiquitous visibility from the Internet, user data generated by highly connected smart IoT devices also incur more concerns on security and privacy. While a lot of efforts are reported to develop lightweight information assurance approaches that are affordable to resource-constrained IoT devices, there is not sufficient attention paid from the aspect of security solutions against hardware-oriented attacks, i.e. side channel attacks. In this paper, a COTS (commercial off-the-shelf) based Randomized Switched-Mode Voltage Regulation System (RSMVRS) is proposed to prevent power analysis based side channel attacks (P-SCA) on bare metal IoT edge device. The RSMVRS is implemented to direct power to IoT edge devices. The power is supplied to the target device by randomly activating power stages with random time delays. Therefore, the cryptography algorithm executing on the IoT device will not correlate to a predictable power profile, if an adversary performs a SCA by measuring the power traces. The RSMVRS leverages COTS components and experimental study has verified the correctness and effectiveness of the proposed solution.

Post-quantum digital signature is a critical primitive of computer security in the era of quantum hegemony. As a finalist of the post-quantum cryptography standardization process, the theoretical security of the CRYSTALS-Dilithium (Dilithium) signature scheme has been quantified to withstand classical and quantum cryptanalysis. However, there is an inherent power side-channel information leakage in its implementation instance due to the physical characteristics of hardware.This work proposes an efficient non-profiled Correlation Power Analysis (CPA) strategy on Dilithium to recover the secret key by targeting the underlying polynomial multiplication arithmetic. We first develop a conservative scheme with a reduced key guess space, which can extract a secret key coefficient with a 99.99% confidence using 157 power traces of the reference Dilithium implementation. However, this scheme suffers from the computational overhead caused by the large modulus in Dilithium signature. To further accelerate the CPA run-time, we propose a fast two-stage scheme that selects a smaller search space and then resolves false positives. We finally construct a hybrid scheme that combines the advantages of both schemes. Real-world experiment on the power measurement data shows that our hybrid scheme improves the attack’s execution time by 7.77×.

The impending threat of large-scale quantum computers to classical RSA and ECC-based public-key cryptographic schemes prompted NIST to initiate a global level standardization process for post-quantum cryptography. This process which started in 2017 with 69 submissions is currently in its third and final round with seven main candidates and eight alternate candidates, out of which seven (7) out of the fifteen (15) candidates are schemes based on hard problems over structured lattices, known as lattice-based cryptographic schemes. Among the various parameters such as theoretical post-quantum (PQ) security guarantees, implementation cost and performance, resistance against physical attacks such as Side-Channel Analysis (SCA) and Fault Injection Analysis (FIA) has also emerged as an important criterion for standardization in the final round [1]. This is especially relevant for adoption of PQC in embedded devices, which are most likely used in environments where an attacker can have unimpeded physical access to the device.

Fake news, frequently making use of tampered photos, has currently emerged as a global epidemic, mainly due to the widespread use of social media as a present alternative to traditional news outlets. This development is often due to the swiftly declining price of advanced cameras and phones, which prompts the simple making of computerized pictures. The accessibility and usability of picture-altering softwares make picture-altering or controlling processes significantly simple, regardless of whether it is for the blameless or malicious plan. Various investigations have been utilized around to distinguish this sort of controlled media to deal with this issue. This paper proposes an efficient technique of copy-move forgery detection using the deep learning method. Two deep learning models such as Buster Net and VGG with FPN are used here to detect copy move forgery in digital images. The two models' performance is evaluated using the CoMoFoD dataset. The experimental result shows that VGG with FPN outperforms the Buster Net model for detecting forgery in images with an accuracy of 99.8% whereas the accuracy for the Buster Net model is 96.9%.

The transmission and storage process for the power data in an intelligent grid has problems such as a single point of failure in the central node, low data credibility, and malicious manipulation or data theft. The characteristics of decentralization and tamper-proofing of blockchain and its distributed storage architecture can effectively solve malicious manipulation and the single point of failure. However, there are few safe and reliable data transmission methods for the significant number and various identities of users and the complex node types in the power blockchain. Thus, this paper proposes a collaborative control scheme between on-chain and off-chain power data based on the distributed oracle technology. By building a trusted on-chain transmission mechanism based on distributed oracles, the scheme solves the credibility problem of massive data transmission and interactive power data between smart contracts and off-chain physical devices safely and effectively. Analysis and discussion show that the proposed scheme can realize the collaborative control between on-chain and off-chain data efficiently, safely, and reliably.

While a huge number of IoT devices are connecting to the cyber physical systems, the demand for security of these devices are increasing. Due to the demand, world-wide competition for lightweight cryptography oriented towards small devices have been held. Although tamper resistance against illegal attacks were evaluated in the competition, there is no evaluation for embedded malicious circuits such as hardware Trojan.To achieve security evaluation for embedded malicious circuits, this study proposes an implementation method of hardware Trojan for Elephant which is one of the finalists in the competition. And also, the implementation overhead of hardware Trojans and the security risk of hardware Trojan are evaluated.

The limited spectrum resources need to provide safe and efficient spectrum service for the intensive users. Malicious spectrum work nodes will affect the normal operation of the entire system. Using the blockchain model, consensus algorithm Praft based on optimized Raft is to solve the consensus problem in Byzantine environment. Message digital signatures give the spectrum node some fault tolerance and tamper resistance. Spectrum sharing among spectrum nodes is carried out in combination with game theory. The existing game theoretical algorithm does not consider the influence of spectrum occupancy of primary users and cognitive users on primary users' utility and enthusiasm at the same time. We elicits a reinforcement factor and analyzes the effect of the reinforcement factor on strategy performance. This scheme optimizes the previous strategy so that the profits of spectrum nodes are improved and a good Nash equilibrium is shown, while Praft solves the Byzantine problem left by Raft.

As the number of Internet of things devices increases, there is a growing importance of securely managing and storing the secret and private keys in these devices. Public-key cryptosystems or symmetric encryption algorithms both use special keys that need to be kept secret from other peers in the network. Additionally, ensuring the integrity of the installed application firmware of these devices is another security problem. In this study, private key storage methods are explained in general. Also, ESP32-S2 device is used for experimental case study for its robust built-in trusted platform module. Secure boot and flash encryption functionalities of ESP32-S2 device, which offers a solution to these security problems, are explained and tested in detail.

This paper reviews the video watermarking schemes resistance against tampering attacks. There are several transform methods which are used for Video Watermarking including Discrete Fourier Transform (DFT), Discrete Cosine Transform (DCT), Discrete wavelet transform (DWT) and are discussed and compared in this paper. The results are presented in a table with a summary of their advantages.