Biblio

Wireless Sensor networks can be composed of smart buildings, smart homes, smart grids, and smart mobility, and they can even interconnect all these fields into a large-scale smart city network. Software-Defined Networking is an ideal technology to realize Internet-of-Things (IoT) Network and WSN network requirements and to efficiently enhance the security of these networks. Software defines Networking (SDN) is used to support IoT and WSN related networking elements, additional security concerns rise, due to the elevated vulnerability of such deployments to specific types of attacks and the necessity of inter-cloud communication any IoT application would require. This work is a study of different security mechanisms available in SDN for IoT and WSN network secure communication. This work also formulates the problems when existing methods are implemented with different networks parameters.

Aim: Data is secured in the cloud using Elliptic Curve Cryptography (ECC) compared with Advanced Encryption Standard (AES) with improved time efficiency. Materials and Methods: Encryption and decryption time is performed with files stored in the cloud. Protecting data with improved time efficiency is carried out using ECC where the number of samples (\textbackslashmathrmN=6) and AES (\textbackslashmathrmN=6), obtained using the G-power value of 80%. Results: Mean time of ECC is 0.1683 and RSA is 0.7517. Significant value for the proposed system is 0.643 (\textbackslashmathrmp \textgreater 0.05). Conclusion: Within the limit of study, ECC performs faster in less consumption time when compared to AES.

This project is an extension of ongoing research on Fully Homomorphic Encryption - Arithmetic Circuit Homomorphic Encryption. This paper focus on the implementation of pairing algorithm Supersingular Isogeny Diffie Hellman Key Exchange into Arithmetic Circuit Homomorphic Encryption as well as comparison and analyse with Elliptic Curve Diffie Hellman. Next, the paper will discuss on the latencies incurred due to pairing sessions between machines, key generations, key sizes, CPU usage and overall latency for the two respective key exchange methods to be compared against each other.

Based on the analysis of existing wireless sensor networks(WSNs) security vulnerability, combining the characteristics of high encryption efficiency of the symmetric encryption algorithm and high encryption intensity of asymmetric encryption algorithm, a hybrid encryption algorithm based on wireless sensor networks is proposed. Firstly, by grouping plaintext messages, this algorithm uses advanced encryption standard (AES) of symmetric encryption algorithm and elliptic curve encryption (ECC) of asymmetric encryption algorithm to encrypt plaintext blocks, then uses data compression technology to get cipher blocks, and finally connects MAC address and AES key encrypted by ECC to form a complete ciphertext message. Through the description and implementation of the algorithm, the results show that the algorithm can reduce the encryption time, decryption time and total running time complexity without losing security.

This project enhances the security in which Ad Hoc On-Demand Distance Vector (AODV) routing protocol for MANETs with the game theoretical approach. This is achieved by using public key and private key for encryption and decryption processes. Proactive and reactive method is implemented in the proposed system. Reactive method is done in identification process but in proactive method is used to identify the nodes and also block the hackers node, then change the direction of data transmission to good nodes. This application can be used in military, research, confidential and emergency circumferences.

Cloud Computing is the most promising paradigm in recent times. It offers a cost-efficient service to individual and industries. However, outsourcing sensitive data to entrusted Cloud servers presents a brake to Cloud migration. Consequently, improving the security of data access is the most critical task. As an efficient cryptographic technique, Ciphertext Policy Attribute Based Encryption(CP-ABE) develops and implements fine-grained, flexible and scalable access control model. However, existing CP-ABE based approaches suffer from some limitations namely revocation, data owner overhead and computational cost. In this paper, we propose a sliced revocable solution resolving the aforementioned issues abbreviated RS-CPABE. We applied splitting algorithm. We execute symmetric encryption with Advanced Encryption Standard (AES)in large data size and asymmetric encryption with CP-ABE in constant key length. We re-encrypt in case of revocation one single slice. To prove the proposed model, we expose security and performance evaluation.

Today the frequency of technological transformations is very high. In order to cope up with these, there is a demand for fast processing and secured algorithms should be proposed for data exchange. In this paper, Advanced Encryption Standard (AES) is modified using DNA cryptography for fast processing and dynamic S-boxes are introduced to develop an attack resistant algorithm. This is strengthened by combining symmetric and asymmetric algorithms. Diffie-Hellman key exchange is used for AES key generation and also for secret number generation used for creation of dynamic S-boxes. The proposed algorithm is fast in computation and can resist cryptographic attacks like linear and differential cryptanalysis attacks.

This is an extension of an ongoing research project on Fully Homomorphic Encryption. Arithmetic Circuit Homomorphic Encryption (ACHE) [1] was implemented based on (TFHE) Fast Fully Homomorphic Encryption over the Torus. Just like many Homomorphic Encryption methods, ACHE does not integrate with any authentication method. Thus, this was an issue that this paper attempts to resolve. This paper will focus on the implementation method of integrating RFC7664 [2] into ACHE. Next, the paper will further discuss latency incurred due to key generation, the latency of transmission of public and private keys. Last but not least, the paper will also discuss the key size generated and its significance.

Information or data is a very crucial resource. Hence securing the information becomes a critical task. Transfer and Communication mediums via which we send this information do not provide data security natively. Therefore, methods for data security have to be devised to protect the information from third party and unauthorized users. Information hiding strategies like steganography provide techniques for data encryption so that the unauthorized users cannot read it. This work is aimed at creating a novel method of Augmented Reality Steganography (ARSteg). ARSteg uses cloud for image and key storage that does not alter any attributes of an image such as size and colour scheme. Unlike, traditional algorithms such as Least Significant Bit (LSB) which changes the attributes of images, our approach uses well established encryption algorithm such as Advanced Encryption Standard (AES) for encryption and decryption. This system is further secured by many alternative means such as honey potting, tracking and heuristic intrusion detection that ensure that the transmitted messages are completely secure and no intrusions are allowed. The intrusions are prevented by detecting them immediately and neutralizing them.

In today's world web applications have become an instant means for information broadcasting. At present, man has become so dependent on web applications that everything done through electronic means like e-banking, e-shopping, online payment of bills etc. Due to an unauthorized admittance might threat customer's or user's confidentiality, integrity and authority. SQL injection considered as most Spartan dangerous coercions to the databases of web applications. current scenario databases are highly susceptible to SQL Injection[4] . SQL Injection is one of the most popular and dangerous hacking or cracking technique . In this work authors projected a novel approach to mitigate SQL Injection Attacks in a database. We have illustrated a technique or method prevent SQLIA by incorporating a hybrid encryption in form of Advanced Encryption Standard (AES) and Elliptical Curve Cryptography (ECC) [5]. In this research paper integrated approach of encryption method is followed to prevent the databases of the web applications against SQL Injection Attack. Incidentally if an invader gains access to the database, then it can cause severe damage and ends up with retrieves data or information. So to prevent these type of attacks a combined approach is projected , Advanced Encryption Standard (AES) at login phase to prevent the unauthorized access to databases and on the other hand Elliptical Curve Cryptography (ECC) to encode the database so that without the key no one can access the database information [3]. This research paper illustrates the technique to prevent SQL Injection Attack.

Cloud computing is a rapid growing advanced technology which is Internet based, providing various ways for storage, resource sharing, and various features. It has brought a new way to securely store and share information and data with multiple users and groups. The cloud environment deals with many problems, and one of the most important problems in recent days is the security issues. Sharing the data in a group, in cloud conditions has turned into a blazing theme in up and coming decades. Thus the blasting interest in cloud computing, ways and measures to accomplish secure and effective information and data sharing in the cloud is a flourishing point to be engaged. In this way, the venture centers around empowering information sharing and capacity for a similar gathering inside the cloud with high security and intensity. Therefore, Honey Encryption and Advanced Encryption Standard is used for providing security for the data shared within the group by the crew members in cloud environment. In addition, an access key is provided by the Group Manager to enable access to the documents and files stored in cloud by the users for specific time period.

The economic progress of the Internet of Things (IoT) is phenomenal. Applications range from checking the alignment of some components during a manufacturing process, monitoring of transportation and pedestrian levels to enhance driving and walking path, remotely observing terminally ill patients by means of medical devices such as implanted devices and infusion pumps, and so on. To provide security, encrypting the data becomes an indispensable requirement, and symmetric encryptions algorithms are becoming a crucial implementation in the resource constrained environments. Typical symmetric encryption algorithms like Advanced Encryption Standard (AES) showcases an assumption that end points of communications are secured and that the encryption key being securely stored. However, devices might be physically unprotected, and attackers may have access to the memory while the data is still encrypted. It is essential to reserve the key in such a way that an attacker finds it hard to extract it. At present, techniques like White-Box cryptography has been utilized in these circumstances. But it has been reported that applying White-Box cryptography in IoT devices have resulted in other security issues like the adversary having access to the intermediate values, and the practical implementations leading to Code lifting attacks and differential attacks. In this paper, a solution is presented to overcome these problems by demonstrating the need of White-Box Cryptography to enhance the security by utilizing the cipher block chaining (CBC) mode.

In this paper, development of cyber communication package in the application of grid connected solar system has been presented. Here, implemented communication methodology supports communication process with reduced latency, high security arrangement with various degrees of freedom. Faithful transferring of various electrical data for the purpose of measurement, monitoring and controlling actions depend on the bidirectional communication strategy. Thus, real-time communication of data through cyber network has been emphasized in this paper. The C\# language based coding is done to develop the communication program. The notable features of proposed communication process are reduction of latency during data exchange by usage of advanced encryption standard (AES) algorithm, tightening of cyber security arrangement by implementing secured socket layer (SSL) and Rivest, Shamir and Adleman (RSA) algorithms. Various real-time experiments using internet connected computers have been done to verify the usability of the proposed communication concept along with its notable features in the application.

Energy efficiency and security is a critical requirement for computing at edge nodes. Unrolled architectures for lightweight cryptographic algorithms have been shown to be energy-efficient, providing higher performance while meeting resource constraints. Hardware implementations of unrolled datapaths have also been shown to be resistant to side channel analysis (SCA) attacks due to a reduction in signal-to-noise ratio (SNR) and an increased complexity in the leakage model. This paper demonstrates optimal leakage models and an improved CFA attack which makes it feasible to extract first-order side-channel leakages from combinational logic in the initial rounds of unrolled datapaths. Several leakage models, targeting initial rounds, are explored and 1-bit hamming weight (HW) based leakage model is shown to be an optimal choice. Additionally, multi-band narrow bandpass filtering techniques in conjunction with correlation frequency analysis (CFA) is demonstrated to improve SNR by up to 4×, attributed to the removal of the misalignment effect in combinational logics and signal isolation. The improved CFA attack is performed on side channel signatures acquired for 7-round unrolled SIMON datapaths, implemented on Sakura-G (XILINX spartan 6, 45nm) based FPGA platform and a 24× reduction in minimum-traces-to-disclose (MTD) for revealing 80% of the key bits is demonstrated with respect to conventional time domain correlation power analysis (CPA). Finally, the proposed method is successfully applied to a fully-unrolled datapath for PRINCE and a parallel round-based datapath for Advanced Encryption Standard (AES) algorithm to demonstrate its general applicability.

SCADA systems are being constantly migrated to modern information and communication technologies (ICT) -based systems named cyber-physical systems. Unfortunately, this allows attackers to execute exploitation techniques into these architectures. In addition, ransomware insertion is nowadays the most popular attacking vector because it denies the availability of critical files and systems until attackers receive the demanded ransom. In this paper, it is analysed the risk impact of ransomware insertion into SCADA systems and it is suggested countermeasures addressed to the protection of SCADA systems and its components to reduce the impact of ransomware insertion.

This work describes a three-times (\$3$\backslash$times\$) improvement to the performance of secure computation of AES over a network of three parties with an honest majority. The throughput that is achieved is even better than that of computing AES in some scenarios of local (non-private) computation. The performance improvement is achieved through an optimization of the generic secure protocol, and, more importantly, through an optimization of the description of the AES function to support more efficient secure computation, and an optimization of the protocol to the underlying architecture. This demonstrates that the development process of efficient secure computation must include adapting the description of the computed function to be tailored to the protocol, and adapting the implementation of the protocol to the architecture. This work focuses on the secure computation of AES since it has been widely investigated as a de-facto standard performance benchmark for secure computation, and is also important by itself for many applications. Furthermore, parts of the improvements are general and not specific to AES, and can be applied to secure computation of arbitrary functions.

In recent years, many users have uploaded data to the cloud for easy storage and sharing with other users. At the same time, security and privacy concerns for the data are growing. Attribute-based encryption (ABE) enables both data security and access control by defining users with attributes so that only those users who have matching attributes can decrypt them. For real-world applications of ABE, revocation of users or their attributes is necessary so that revoked users can no longer decrypt the data. In actual implementations, ABE is used in hybrid with a symmetric encryption scheme such as the advanced encryption standard (AES) where data is encrypted with AES and the AES key is encrypted with ABE. The hybrid encryption scheme requires re-encryption of the data upon revocation to ensure that the revoked users can no longer decrypt that data. To re-encrypt the data, the data owner (DO) must download the data from the cloud, then decrypt, encrypt, and upload the data back to the cloud, resulting in both huge communication costs and computational burden on the DO depending on the size of the data to be re-encrypted. In this paper, we propose an attribute-based proxy re-encryption method in which data can be re-encrypted in the cloud without downloading any data by adopting both ABE and Syalim's encryption scheme. Our proposed scheme reduces the communication cost between the DO and cloud storage. Experimental results show that the proposed method reduces the communication cost by as much as one quarter compared to that of the trivial solution.

Digital signatures now become a crucial requirement in communication and digital messaging. Digital messaging is information that is very vulnerable to be manipulated by irresponsible people. Digital signatures seek to maintain the two security aspects that cryptography aims, such as integrity and non-repudiation. This research aims to applied MAC address with AES-128 and SHA-2 256 bit for digital signature. The use of MAC address in AES-128 could improve the security of the digital signature because of its uniqueness in every computer which could randomize the traditional processes of AES. SHA-2 256-bit will provides real unique randomized strings with reasonable speed. As result the proposed digital signature able to implement and work perfectly in many platforms.

We introduce $μ$DTNSec, the first fully-implemented security layer for Delay/Disruption-Tolerant Networks (DTN) on microcontrollers. It provides protection against eavesdropping and Man-in-the-Middle attacks that are especially easy in these networks. Following the Store-Carry-Forward principle of DTNs, an attacker can simply place itself on the route between source and destination. Our design consists of asymmetric encryption and signatures with Elliptic Curve Cryptography and hardware-backed symmetric encryption with the Advanced Encryption Standard. $μ$DTNSec has been fully implemented as an extension to $μ$DTN on Contiki OS and is based on the Bundle Protocol specification. Our performance evaluation shows that the choice of the curve (secp128r1, secp192r1, secp256r1) dominates the influence of the payload size. We also provide energy measurements for all operations to show the feasibility of our security layer on energy-constrained devices.

In many-core systems, the processing elements are interconnected using Networks-on-Chip. An example of on-chip network is SoCIN, a low-cost interconnect architecture whose original design did not take into account security aspects. This network is vulnerable to eavesdropping and spoofing attacks, what limits its use in systems that require security. This work addresses this issue and aims to ensure the security properties of confidentiality and authenticity of SoCIN-based systems. For this, we propose the use of security mechanisms based on symmetric encryption at the network level using the AES (Advanced Encryption Standard) model. A reference multi-core platform was implemented and prototyped in programmable logic aiming at performing experiments to evaluate the implemented mechanisms. Results demonstrate the effectiveness of the proposed solution in protecting the system against the target attacks. The impact on the network performance is acceptable and the silicon overhead is equivalent to other solutions found in the literature.

Our project, NFC Unlock, implements a secure multifactor authentication system for computers using Near Field Communication technology. The application is written in C\# with pGina. It implements an NFC authentication which replaces the standard Windows credentials to allow the use of an NFC tag and a passcode to authenticate the user. Unlike the most prevalent multifactor authentication methods, NFC authentication does not require a user wait for an SMS code to type into the computer. A user enters a passcode and scans the NFC tag to log in. In order to prevent the data from being hacked, the system encrypts the NFC tag ID and the passcode with Advanced Encryption Standard. Users can easily register an NFC tag and link it to their computer account. The program also has several extra features including text alerts, record keeping of all login and login attempts, and a user-friendly configuration menu. Initial tests show that the NFC-based multifactor authentication system has the advantage of improved security with a simplified login process.

Cloud computing has become a widely used computing paradigm providing on-demand computing and storage capabilities based on pay-as-you-go model. Recently, many organizations, especially in the field of big data, have been adopting the cloud model to perform data analytics through leasing powerful Virtual Machines (VMs). VMs can be attractive targets to attackers as well as untrusted cloud providers who aim to get unauthorized access to the business critical-data. The obvious security solution is to perform data analytics on encrypted data through the use of cryptographic keys as that of the Advanced Encryption Standard (AES). However, it is very easy to obtain AES cryptographic keys from the VM's Random Access Memory (RAM). In this paper, we present a novel key-scattering (KS) approach to protect the cryptographic keys while encrypting/decrypting data. Our solution is highly portable and interoperable. Thus, it could be integrated within today's existing cloud architecture without the need for further modifications. The feasibility of the approach has been proven by implementing a functioning prototype. The evaluation results show that our approach is substantially more resilient to brute force attacks and key extraction tools than the standard AES algorithm, with acceptable execution time.

In recent years, more and more multimedia data are generated and transmitted in various fields. So, many encryption methods for multimedia content have been put forward to satisfy various applications. However, there are still some open issues. Each encryption method has its advantages and drawbacks. Our main goal is expected to provide a solution for multimedia encryption which satisfies the target application constraints and performs metrics of the encryption algorithm. The Advanced Encryption Standard (AES) is the most popular algorithm used in symmetric key cryptography. Furthermore, chaotic encryption is a new research direction of cryptography which is characterized by high initial-value sensitivity and good randomness. In this paper we propose a hybrid video cryptosystem which combines two encryption techniques. The proposed cryptosystem realizes the video encryption through the chaos and AES in CTR mode. Experimental results and security analysis demonstrate that this cryptosystem is highly efficient and a robust system for video encryption.

The keys generated by (symmetric or asymmetric) have been still compromised by attackers. Cryptography algorithms need extra efforts to enhance the security of keys that are transferring between parities. Also, using cryptography algorithms increase time consumption and overhead cost through communication. Encryption is very important issue for protecting information from stealing. Unfortunately encryption can achieve confidentiality not integrity. Covert channel allows two parties to indirectly send information, where the main drawbacks of covert channel are detectability and the security of pre-agreement knowledge. In this paper, i merge between encryption, authentication and convert channel to achieve un-detectability covert channel. This channel guarantee integrity and confidentiality of covert data and sending data dynamically. I propose and implement un-detectability a covert channel using AES (Advanced Encryption Standard) algorithm and HMAC (Hashed Message Authentication Code). Where this channel is un-detectability with integrity and confidentiality agreement process between the sender and the receiver. Instead of sending fake key directly through channel, encryption and HMAC function used to hide fake key. After that investigations techniques for improving un-detectability of channel is proposed.

A group of wireless nodes forming a dynamic wireless network without any infrastructure is a MANET. As network is becoming an important technology for commercial and military based distributed applications, implementation of security over MANET has proved to be mandatory, as such networks are more vulnerable to attacks. When dealing with data transfer between the nodes in MANET, confidentiality and message integrity are the two important factors that need to be focused carefully. This paper proposes the implementation of a security algorithm over data transfer in Optimized Link State Routing protocol providing Trust Management in MANET by implementing confidentiality through Digital Signatures and Message Integrity through 256-bit strong AES cryptographic techniques using Openssl.