Biblio

Rapid development of wireless technologies has driven the evolution of smart grid application. In smart grid, authentication plays an important role for secure communication between smart meter and service provider. Hence, the design of secure authenticated key agreement schemes has received significant attention from researchers. In these schemes, a trusted third party directly participates in key agreement process. Although, this third party is assumed as trusted, however we cannot reject the possibility that being a third party, it can also be malicious. In the existing works, either the established session key is revealed to the agents of a trusted third party, or a trusted third party agent can impersonate the smart meter and establish a valid session key with the service provider, which is likely to cause security vulnerabilities. Therefore, there is a need to design a secure authentication scheme so that only the deserving entities involved in the communication can establish and know the session key. This paper proposes a new secure authenticated key agreement scheme for smart grid considering the fact that the third party can also be malicious. The security of the proposed scheme has been thoroughly evaluated using an adversary model. Correctness of the scheme has been analyzed using the broadly accepted Burrows-Abadi-Needham (BAN) Logic. In addition, the formal security verification of the proposed scheme has been performed using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool. Results of this simulation confirm that the proposed scheme is safe. Detailed security analysis shows the robustness of the scheme against various known attacks. Moreover, the comparative performance study of the proposed scheme with other relevant schemes is presented to demonstrate its practicality.

Today, Internet of Things (IoT) devices mostly operate in enclosed, proprietary environments. To unfold the full potential of IoT applications, a unifying and permissionless environment is crucial. All IoT devices, even unknown to each other, would be able to trade services and assets across various domains. In order to realize those applications, uniquely resolvable identities are essential. However, quantifiable trust in identities and their authentication are not trivially provided in such an environment due to the absence of a trusted authority. This research presents a new identity and trust framework for IoT devices, based on Distributed Ledger Technology (DLT). IoT devices assign identities to themselves, which are managed publicly and decentralized on the DLT's network as Self Sovereign Identities (SSI). In addition to the Identity Management System (IdMS), the framework provides a Web of Trust (WoT) approach to enable automatic trust rating of arbitrary identities. For the framework we used the IOTA Tangle to access and store data, achieving high scalability and low computational overhead. To demonstrate the feasibility of our framework, we provide a proof-of-concept implementation and evaluate the set objectives for real world applicability as well as the vulnerability against common threats in IdMSs and WoTs.

Ciphertext-policy Attributes-based Encryption (CP-ABE) is an encouraging cryptographic mechanism. It behaves an access control mechanism for data security. A ciphertext and secret key of user are dependent upon attributes. As a nature of CP-ABE, the data owner defines access policy before encrypting plaintext by his right. Therefore, CP-ABE is suitable in a real environment. In CP-ABE, the revocation issue is demanding since each attribute is shared by many users. A policy-based revolutionary CP-ABE scheme is proposed in this paper. In the proposed scheme, revocation takes place in policy level because a policy consists of threshold attributes and each policy is identified as a unique identity number. Policy revocation means that the data owner updates his policy identity number for ciphertext whenever any attribute is changed in his policy. To be a flexible updating policy control, four types of updating policy levels are identified for the data owner. Authorized user gets a secret key from a trusted authority (TA). TA updates the secret key according to the policy updating level done by the data owner. This paper tests personal health records (PHRs) and analyzes execution times among conventional CP-ABE, other enhanced CP-ABE and the proposed scheme.

Database outsourcing introduces a new paradigm, called Database as a Service (DBaaS). Database Service Providers (DSPs) have the ability to host outsourced databases and provide efficient facilities for their users. However, the data and the execution of database queries are under the control of the DSP, which is not always a trusted authority. Therefore, our problem is to ensure the outsourced database security. To address this problem, we propose a Secure scheme to provide Confidentiality and Integrity of Query results for Cloud Databases (SCIQ-CD). The performance analysis shows that our proposed scheme is secure and efficient for practical deployment.

A Network consists of many nodes among which there may be a presence of misbehavior nodes. Delay Tolerant Network (DTN) is a network where the disconnections occur frequently. Store, carry and forward method is followed in DTN. The serious threat against routing in DTN is the selfish behavior. The main intention of selfish node is to save its own energy. Detecting the selfish node in DTN is very difficult. In this paper, a probabilistic misbehavior detection scheme called MAXTRUST has been proposed. Trusted Authority (TA) has been introduced in order to detect the behavior of the nodes periodically based on the task, forwarding history and contact history evidence. After collecting all the evidences from the nodes, the TA would check the inspection node about its behavior. The actions such as punishment or compensation would be given to that particular node based on its behavior. The TA performs probabilistic checking, in order to ensure security at a reduced cost. To further improve the efficiency, dynamic probabilistic inspection has been demonstrated using game theory analysis. The simulation results show the effectiveness and efficiency of the MAXTRUST scheme.

Cloud computing belongs to distributed network technology for computing and storage capabilities purpose. It is a kind of cost-effective technology dedicated to information technology. Using the Internet, the accessibility and retrieving of cloud data have become much more accessible. The service providers can expand the storage space in a cloud environment. Security is well-thought-out to be the essential attribute in a distributed system. Cryptography can be described as a method of securing the data from attackers and eavesdroppers. Third Party Auditor is responsible for the authentication of secret files in cloud system on behalf of the data owner. The data auditability technique allows the user to make the data integrity check using a third party. Cloud computing offers unlimited data space for storage to its users and also serves sharing of data and planned use of heterogeneous resources in distributed systems. This paper describes privacy-preserving enabled public auditing method using cryptographic techniques for low-performance based end devices.

As the cornerstone of the future intelligent transportation system, vehicular ad hoc networks (VANETs) have attracted intensive attention from the academic and industrial research communities in recent years. For widespread deployment of VANETs, security and privacy issues must be addressed properly. In this paper, we introduce the notion of pseudonym-based cryptography, and present a provable secure pseudonym-based cryptosystems with a trusted authority that includes a pseudonym-based multi-receiver encryption scheme, a pseudonym-based signature scheme, and a pseudonym-based key establishment protocol. We then propose a secure and efficient data access scheme for VANETs based on cooperative caching technology and our proposed pseudonym-based cryptosystems. On the one hand, the efficiency of data access are greatly improved by allowing the sharing and coordination of cached data among multiple vehicles. On the other hand, anonymity of the vehicles, data confidentiality, integrity and non-repudiation are guaranteed by employing our proposed pseudonym-based cryptosystems. Simulation results have shown that our proposed pseudonym-based cryptosystems are suitable to the VANETs environment.