Biblio

The Internet of Vehicles (IoV) has a tremendous prospect for numerous vehicular applications. IoV enables vehicles to transmit data to improve roadway safety and efficiency. Data security is essential for increasing the security and privacy of vehicle and roadway infrastructures in IoV systems. Several researchers proposed numerous solutions to address security and privacy issues in IoV systems. However, these issues are not proper solutions that lack data authentication and verification protocols. In this paper, a blockchain-enabled automated data management system for vehicles has been proposed and demonstrated. This work enables automated data verification and authentication using smart contracts. Certified organizations can only access vehicle data uploaded by the vehicle user to the Interplanetary File System (IPFS) server through that vehicle user’s consent. The proposed system increases the security of vehicles and data. Vehicle privacy is also maintained here by increasing data privacy.

Internet of Vehicles consists of a three-layer architecture of electric vehicles, charging piles, and a grid dispatch management control center. Therefore, V2G presents multi-level, multi-agent and frequent information interaction, which requires a highly secure and lightweight identity authentication method. Based on the characteristics of Internet of Vehicles, this paper designs a multi-subject information interaction and one-way hash chain authentication method, it includes one-way hash chain and key distribution update strategy. The operation experiment of multiple electric vehicles and charging piles shows that the algorithm proposed in this paper can meet the V2G ID authentication requirements of Internet of Vehicles, and has the advantages of lightweight and low consumption. It is of great significance to improve the security protection level of Internet of Vehicles V2G.

As one of the effective methods to enhance traffic safety and improve traffic efficiency, the Internet of vehicles has attracted wide attention from all walks of life. V2X secure communication, as one of the research hotspots of the Internet of vehicles, also has many security and privacy problems. Attackers can use these vulnerabilities to obtain vehicle identity information and location information, and can also attack vehicles through camouflage.Therefore, the identity authentication process in vehicle network communication must be effectively protected. The anonymous identity authentication scheme based on moving target defense proposed in this paper not only ensures the authenticity and integrity of information sources, but also avoids the disclosure of vehicle identity information.

A multi-designated receiver authentication code (MDRA-code) with information-theoretic security is proposed as an extension of the traditional multi-receiver authentication code. The purpose of the MDRA-code is to securely transmit a message via a broadcast channel from a single sender to an arbitrary subset of multiple receivers that have been designated by the sender, and only the receivers in the subset (i.e., not all receivers) should accept the message if an adversary is absent. This paper proposes a model and security formalization of MDRA-codes, and provides constructions of MDRA-codes.

Web services are growing demand with fundamental advancements and have given more space to researchers for improving security of all real world applications. Accessing and get authenticated in many applications on web services, user discloses their password and other privacy data to the server for authentication purposes. These shared information should be maintained by the server with high security, otherwise it can be used for illegal purposes for any authentication breach. Protecting the applications from various attacks is more important. Comparing the security threats, insider attacks are most challenging to identify due to the fact that they use the authentication of legitimate users and their privileges to access the application and may cause serious threat to the application. Insider attacks has been studied in previous researchers with different security measures, however there is no much strong work proposed. Various security protocols were proposed for defending insider attackers. The proposed work focused on insider attack protection through Elgamal cryptography technique. The proposed work is much effective on insider attacks and also defends against various attacks. The proposed protocol is better than existing works. The key computation cost and communication cost is relatively low in this proposed work. The proposed work authenticates the application by parallel process of two way authentication mechanism through Elgamal algorithm.

The 5G research community is increasingly leveraging the innovative features offered by Information Centric Networking (ICN). However, ICN’s fundamental features, such as in-network caching, make access control enforcement more challenging in an ICN-based 5G deployment. To address this shortcoming, we propose a Blockchain-based Decentralized Authentication Protocol (BDAP) which enables efficient and secure mobile user authentication in an ICN-based 5G network. We show that BDAP is robust against a variety of attacks to which mobile networks and blockchains are particularly vulnerable. Moreover, a preliminary performance analysis suggests that BDAP can reduce the authentication delay compared to the standard 5G authentication protocols.

Machine tool is known as the mother of industry. CNC machine tool is the embodiment of modern automatic control productivity. In the context of the rapid development of the industrial Internet, a large number of equipment and systems are interconnected through the industrial Internet, realizing the flexible adaptation from the supply side to the demand side. As the a typical core system of industrial Internet, CNC system is facing the threat of industrial virus and network attack. The problem of information security is becoming more and more prominent. This paper analyzes the security risks of the existing CNC system from the aspects of terminal security, data security and network security. By comprehensively using the technologies of data encryption, identity authentication, digital signature, access control, secure communication and key management, this paper puts forward a targeted security protection and management scheme, which effectively strengthens the overall security protection ability.

To decrease the IoT attack surface and provide protection against security threats such as introduction of fake IoT nodes and identity theft, IoT requires scalable device identity and authentication management. This work proposes a blockchain-based identity management approach with consensus authentication as a scalable solution for IoT device authentication management. The proposed approach relies on having a blockchain secure tamper proof ledger and a novel lightweight consensus-based identity authentication. The results show that the proposed decentralised authentication system is scalable as we increase number of nodes.

Many cyber-related untoward incidents and multiple instances of a data breach of system are being reported. User identity and its usage for valid entry to system depend upon successful authentication. Researchers have explored many threats and vulnerabilities in a centralized system. It has initiated concept of a decentralized way to overcome them. In this work, we have explored application of Self-Sovereign Identity and Verifiable Credentials using decentralized identifiers over cloud.

Digital identity management system is the securi-ty infrastructure of computer and internet applications. However, currently, most of the digital identity management systems are faced with problems such as the difficulty of cross-domain authentication and interoperation, the lack of credibility of identity authentication, the weakness of the security of identity data. Although the advantages of block-chain technology have attached the attentions of experts and scholars in the field of digital identity management and many digital identity management systems based on block-chain have been built, the systems still can't completely solve the problems mentioned above. Therefore, in this pa-per, an effective digital identity management system model is proposed which combines technologies of self-sovereign identity and oracle with blockchain so as to pave a way in solving the problems mentioned above and constructing a secure and reliable digital identity management system.

As an emerging technology, IoT is rapidly revolutionizing the global communication network with billions of new devices deployed and connected with each other. Many of these devices collect and transfer a large amount of sensitive or mission critical data, making security a top priority. Compared to traditional Internet, IoT networks often operate in open and harsh environment, and may experience frequent delays, traffic loss and attacks; Meanwhile, IoT devices are often severally constrained in computational power, storage space, network bandwidth, and power supply, which prevent them from deploying traditional security schemes. Authentication is an important security mechanism that can be used to identify devices or users. Due to resource constrains of IoT networks, it is highly desirable for the authentication scheme to be lightweight while also being highly effective. In this paper, we developed and evaluated a hash-chain-based multi-node mutual authentication algorithm. Nodes on a network all share a common secret key and broadcast to other nodes in range. Each node may also add to the hash chain and rebroadcast, which will be used to authenticate all nodes in the network. This algorithm has a linear running time and complexity of O(n), a significant improvement from the O(nˆ2) running time and complexity of the traditional pairwise multi-node mutual authentication.

To verify the integrity and confidentiality of data communicated through the web is a very big issue worldwide because every person wants very fast computing and secure electronic data communication via the web. The authentication of electronic data is done by hashing algorithms. Presently researchers are using one-time padding to convert variable-length input messages into a block of fixed length and also using constant initial values that are constant for any input message. So this reason we are proposing the autonomous initial value proposed secure hash algorithm-256 (AIVPSHA256) and we are enhancing the performance of the hash function by designing and compuiting its experimental results in python 3.9.5 programming language.

Cloud computing is preferred because of its numerous improvements, such as data security, low maintenance cost, unlimited storage capacity and consistent backups. However, legitimate users take advantage of cloud storage services for storing a considerable amount of sensitive data. After storing data on the cloud, data users pass on control over data to cloud administrators. Although for assuring data security, sensitive information needs to be encrypted before deploying it on the cloud server. In traditional searchable encryption, encrypted data can be searched using keywords on a cloud server without knowing data details, and users can retrieve certain specific files of interest after authentication. However, the results are only related to the exact matching keyword searches. This drawback affects system usability and efficiency, due to which existing encryption methods are unsuitable in cloud computing. To avoid the above problems, this study includes as follows: Firstly, we analyze all fuzzy keyword search techniques that are wildcard based, gram based and trie-traverse. Secondly, we briefly describe certificateless cryptography and suggest a certificateless searchable encryption scheme. Finally, this study gives easy access to developing a fuzzy keyword searchable system for a new researcher to combine the above two points. It provides easy access and efficient search results.

Identity based digital signature is an important research topic of public key cryptography, which can effectively guarantee the authentication, integrity and unforgeability of data. In this paper, a new fuzzy multi-identity based signature scheme is proposed. It is proved that the scheme is existentially unforgeable against adaptively chosen message attack, and the security of the signature scheme can be reduced to CDH assumption. The storage cost and the communication overhead are small, therefore the new fuzzy multi-identity based signature (FMIBS) scheme can be implemented efficiently.

The security and privacy of the network in Internet of Things (IoT) systems are becoming more critical as we are more dependent on smart systems. Considering that packets are exchanged between the end user and the sensing devices, it is then important to ensure the security, privacy, and integrity of the transmitted data by designing a secure and a lightweight authentication protocol for IoT systems. In this article, in order to improve the authentication and the encryption in IoT systems, we present a novel method of authentication and encryption based on elliptic curve cryptography (ECC) using random numbers generated by fuzzy logic. We evaluate our novel key generation method by using standard randomness tests, such as: frequency test, frequency test with mono block, run test, discrete Fourier transform (DFT) test, and advanced DFT test. Our results show superior performance compared to existing ECC based on shift registers. In addition, we apply some attack algorithms, such as Pollard’s \textbackslashrho and Baby-step Giant-step, to evaluate the vulnerability of the proposed scheme.

Password-based authentication system has been praised for its user-friendly, cost-effective, and easily deployable features. It is arguably the most commonly used security mechanism for various resources, services, and applications. On the other hand, it has well-known security flaws, including vulnerability to guessing attacks. Present state-of-the-art approaches have high overheads, as well as difficulties and unreliability during training, resulting in a poor user experience and a high false positive rate. As a result, a lightweight authentication compromise detection model that can make accurate detection with a low false positive rate is required.In this paper we propose – LOG-OFF – a behavior-based authentication compromise detection model. LOG-OFF is a lightweight model that can be deployed efficiently in practice because it does not include a labeled dataset. Based on the assumption that the behavioral pattern of a specific user does not suddenly change, we study the real-world authentication traffic data. The dataset contains more than 4 million records. We use two features to model the user behaviors, i.e., consecutive failures and login time, and develop a novel approach. LOG-OFF learns from the historical user behaviors to construct user profiles and makes probabilistic predictions of future login attempts for authentication compromise detection. LOG-OFF has a low false positive rate and latency, making it suitable for real-world deployment. In addition, it can also evolve with time and make more accurate detection as more data is being collected.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Security authentication can effectively solve the problem of access to Low Earth Orbit (LEO) satellites. However, the existing solutions still harbor some problems in the computational complexity of satellite authentication, flexible networking, resistance to brute force attacks and other aspects. So, a security authentication scheme for LEO satellites that integrates spatial channel characteristics is designed within the software defined network architecture. In this scheme, the spatial channel characteristics are introduced to the subsequent lightweight encryption algorithm to achieve effective defense against brute force attacks. According to security analysis and simulation results, the scheme can effectively reduce the computational overhead while protecting against replay attacks, brute force attacks, DOS attacks, and other known attacks.

Security troubles of restricted sources communications are vital. Existing safety answers aren't sufficient for restricted sources gadgets in phrases of Power Area and Ef-ficiency‘. Elliptic curves cryptosystem (ECC) is area efficent for restricted sources gadgets extra than different uneven cryp-to systems because it gives a better safety degree with equal key sizes compared to different present techniques. In this paper, we studied a lightweight hybrid encryption technique that makes use of set of rules primarily based totally on AES for the Plain text encription and Elliptic Curve Diffie-Hellman (ECDH) protocol for Key encryption. The simplicity of AES implementation makes it light weight and the complexity of ECDH make it secure. The design is simulated using Spyder Tool, Modelsim and Implemented using Xilinx Vivado the effects display that the proposed lightweight Model offers a customary security degree with decreased computing capacity. we proposed a key authentication system for enhanced security along with an Idea to implement the project with multimedia input on FPGA

The rapid development of technology, makes it easier for everyone to exchange information and knowledge. Exchange information via the internet is threatened with security. Security issues, especially the issue of the confidentiality of information content and its authenticity, are vital things that must protect. Peculiarly for agencies that often hold activities that provide certificates in digital form to participants. Digital certificates are digital files conventionally used as proof of participation or a sign of appreciation owned by someone. We need a security technology for certificates as a source of information known as cryptography. This study aims to validate and authenticate digital certificates with digital signatures using SHA-256, DSA, and 3DES. The use of the SHA-256 hash function is in line with the DSA method and the implementation of 3DES which uses 2 private keys so that the security of digital certificate files can be increased. The pixel changes that appear in the MSE calculation have the lowest value of 7.4510 and the highest value of 165.0561 when the file is manipulated, it answers the security of the proposed method is maintained because the only valid file is the original file.

The paper presents the concept of the association of digital signature technology with the currently trending blockchain technology for providing a mechanism which would detect any dubious data and store it in a place where it could be secure for the long term. The features of blockchain technology perfectly complement the requirements of the educational fields of today's world. The growing trend of digital certificate usage makes it easier for a dubious certificate to existing, among the others hampering the integrity of professional life. Association of hash key and a time stamp with a digital document would ensure that a third person does not corrupt the following certificate. The blockchain ensures that after verification, nobody else misuses the data uploaded and keeps it safe for a long time. The information from the blockchain can be retrieved at any moment by the user using the unique id associated with every user.

This is the time of internet, and we are communicating our confidential data over internet in daily life. So, it is necessary to check the authenticity in communication to stop non-repudiation, of the sender. We are using the digital signature for stopping the non-repudiation. There are many versions of digital signature are available in the market. But in every algorithm, we are sending the original message and the digest message to the receiver. Hence, there is no security applied on the original message. In this paper we are proposed an algorithm which can secure the original and its integrity. In this paper we are using the RSA algorithm as the encryption and decryption algorithm, and SHA256 algorithm for making the hash.

As the demand for effective information protection grows, security has become the primary concern in protecting such data from attackers. Cryptography is one of the methods for safeguarding such information. It is a method of storing and distributing data in a specific format that can only be read and processed by the intended recipient. It offers a variety of security services like integrity, authentication, confidentiality and non-repudiation, Malicious. Confidentiality service is required for preventing disclosure of information to unauthorized parties. In this paper, there are no ideal hash functions that dwell in digital signature concepts is proved.

A digital signature is a type of asymmetric cryptography that is used to ensure that the recipient receives the actual received message from the intended sender. Problems that often arise conventionally when requiring letter approval from the authorized official, and the letter concerned is very important and urgent, often the process of giving the signature is hampered because the official concerned is not in place. With these obstacles, the letter that should be distributed immediately becomes hampered and takes a long time in terms of signing the letter. The purpose of this study is to overcome eavesdropping and data exchange in sending data using Digital Signature as authentication of data authenticity and minimizing fake signatures on letters that are not made and authorized by relevant officials based on digital signatures stored in the database. This research implements the Rivest Shamir Adleman method. (RSA) as outlined in an application to provide authorization or online signature with Digital Signature. The results of the study The application of the Rivest Shamir Adleman (RSA) algorithm can run on applications with the Digital Signature method based on ISO 9126 testing by expert examiners, and the questionnaire distributed to users and application operators obtained good results from an average value of 79.81 based on the scale table ISO 9126 conversion, the next recommendation for encryption does not use MD5 but uses Bcrypt secure database to make it stronger.

Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyber-connected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.