Biblio
Through the internet and local networks, IoT devices exchange data. Most of the IoT devices are low-power devices, meaning that they are designed to use less electric power. To secure data transmission, it is required to encrypt the messages. Encryption and decryption of messages are computationally expensive activities, thus require considerable amount of processing and memory power which is not affordable to low-power IoT devices. Therefore, not all secure transmission protocols are low-power IoT devices friendly. This study proposes a secure data transmission protocol for low-power IoT devices. The design inherits some features in Kerberos and onetime password concepts. The protocol is designed for devices which are connected to each other, as in a fully connected network topology. The protocol uses symmetric key cryptography under the assumption of that the device specific keys are never being transmitted over the network. It resists DoS, message replay and Man-of-the-middle attacks while facilitating the key security concepts such as Authenticity, Confidentiality and Integrity. The designed protocol uses less number of encryption/decryption cycles and maintain session based strong authentication to facilitate secure data transmission among nodes.
Biometric authentication has been extremely popular in large scale industries. The face biometric has been used widely in various applications. Handling large numbers of face images is a challenging task in authentication of biometric system. It requires large amount of secure storage, where the registered user information can be stored. Maintaining centralized data centers to store the information requires high investment and maintenance cost, therefore there is a need for deployment of cloud services. However as there is no guaranty of the security in the cloud, user needs to implement an additional or extra layer of security before storing facial data of all registered users. In this work a unique cloud based biometric authentication system is developed using Microsoft cognitive face API. Because most of the cloud based biometric techniques are scalable it is paramount to implement a security technique which can handle the scalability. Any users can use this system for single enterprise application base over the entire enterprise application. In this work the identification number which is text information associated with each biometric image is protected by AES algorithm. The proposed technique also works under distributed system in order to have wider accessibility. The system is also being extended to validate the registered user with an image of aadhar card. An accuracy of 96% is achieved with 100 registered users face images and aadhar card images. Earlier research carried out for the development of biometric system either suffers from development of distributed system are security aspects to handle multiple biometric information such as facial image and aadhar card image.
Use of digital token - which certifies the bearer's rights to some kind of products or services - is quite common nowadays for its convenience, ease of use and cost-effectiveness. Many of such digital tokens, however, are produced with software alone, making them vulnerable to forgery, including alteration and duplication. For a more secure safeguard for both token owner's right and service provider's accountability, digital tokens should be tamper-resistant as much as possible in order for them to withstand physical attacks as well. In this paper, we present a rights management system that leverages tamper-resistant digital tokens created by hardware-software collaboration in our eTRON architecture. The system features the complete life cycle of a digital token from generation to storage and redemption. Additionally, it provides a secure mechanism for transfer of rights in a peer-to-peer manner over the Internet. The proposed system specifies protocols for permissible manipulation on digital tokens, and subsequently provides a set of APIs for seamless application development. Access privileges to the tokens are strictly defined and state-of-the-art asymmetric cryptography is used for ensuring their confidentiality. Apart from the digital tokens being physically tamper-resistant, the protocols involved in the system are proven to be secure against attacks. Furthermore, an authentication mechanism is implemented that invariably precedes any operation involving the digital token in question. The proposed system presents clear security gains compared to existing systems that do not take tamper-resistance into account, and schemes that use symmetric key cryptography.
In recent years, more and more multimedia data are generated and transmitted in various fields. So, many encryption methods for multimedia content have been put forward to satisfy various applications. However, there are still some open issues. Each encryption method has its advantages and drawbacks. Our main goal is expected to provide a solution for multimedia encryption which satisfies the target application constraints and performs metrics of the encryption algorithm. The Advanced Encryption Standard (AES) is the most popular algorithm used in symmetric key cryptography. Furthermore, chaotic encryption is a new research direction of cryptography which is characterized by high initial-value sensitivity and good randomness. In this paper we propose a hybrid video cryptosystem which combines two encryption techniques. The proposed cryptosystem realizes the video encryption through the chaos and AES in CTR mode. Experimental results and security analysis demonstrate that this cryptosystem is highly efficient and a robust system for video encryption.