Biblio

Network security is a general idea to ensure information transmission over PC and portable systems. Elliptic curve cryptosystems are nowadays widely used in public communication channels for network security. Their security relies upon the complexity of clarifying the elliptic curve discrete alogarithm issue. But, there are several general attacks in them. Elliptic bend number juggling is actualized over complex fields to enhance the security of elliptic curve cryptosystems. This paper starts with the qualities of elliptic curve cryptosystems and their security administrations. At that point we talk about limited field number-crunching and its properties, prime field number-crunching, twofold field math and complex number-crunching, and elliptic bend number-crunching over prime field and parallel field. This paper proposes how to execute the unpredictable number of math under prime field and double field utilizing java BigInteger class. also, we actualize elliptic bend math and elliptic bend cryptosystems utilizing complex numbers over prime field and double field and talk about our trials that got from the usage.

The Internet of Things (IoT) is connecting the world in a way humanity has never seen before. With applications in healthcare, agricultural, transportation, and more, IoT devices help in bridging the gap between the physical and the virtual worlds. These devices usually carry sensitive data which requires security and protection in transit and rest. However, the limited power and energy consumption make it harder and more challenging to implementing security protocols, especially Public-Key Cryptosystems (PKC). In this paper, we present a hardware/software co-design for Elliptic-Curve Cryptography (ECC) PKC suitable for lightweight devices. We present the implementation results for our design on an edge node to be used for indoor localization in a healthcare facilities.

Withgrowing times and technology, and the data related to it is increasing on daily basis and so is the daunting task to manage it. The present solution to this problem i.e our present databases, are not the long-term solutions. These data volumes need to be stored safely and retrieved safely to use. This paper presents an overview of security issues for big data. Big Data encompasses data configuration, distribution and analysis of the data that overcome the drawbacks of traditional data processing technology. Big data manages, stores and acquires data in a speedy and cost-effective manner with the help of tools, technologies and frameworks.

In this work, we will present a new hybrid cryptography method based on two hard problems: 1- The problem of the discrete logarithm on an elliptic curve defined on a finite local ring. 2- The closest vector problem in lattice and the conjugate problem on square matrices. At first, we will make the exchange of keys to the Diffie-Hellman. The encryption of a message is done with a bad basis of a lattice.

Public key cryptography plays a vital role in many information and communication systems for secure data transaction, authentication, identification, digital signature, and key management purpose. Elliptic curve cryptography (ECC) is a widely used public key cryptographic algorithm. In this paper, we propose a hardware-software codesign implementation of the ECC cipher. The algorithm is modelled in C language. Compute-intensive components are identified for their efficient hardware implementations. In the implementation, residue number system (RNS) with projective coordinates are utilized for performing the required arithmetic operations. To manage the hardware-software codeign in an integrated fashion Xilinx platform studio tool and Virtex-5 xc5vfx70t device based platform is utilized. An application of the implementation is demonstrated for encryption of text and its respective decryption over prime fields. The design is useful for providing an adequate level of security for IoTs.

Elliptical curve cryptography (ECC) is being used more and more in public key cryptosystems. Its main advantage is that, at a given security level, key sizes are much smaller compared to classical asymmetric cryptosystems like RSA. Smaller keys imply less power consumption, less cryptographic computation and require less memory. Besides performance, security is another major problem in embedded devices. Cryptosystems, like ECC, that are considered mathematically secure, are not necessarily considered safe when implemented in practice. An attacker can monitor these interactions in order to mount attacks called fault attacks. A number of countermeasures have been developed to protect Montgomery Scalar Multiplication algorithm against fault attacks. In this work, we proposed an efficient countermeasure premised on duplication scheme and the scrambling technique for Montgomery Scalar Multiplication algorithm against fault attacks. Our approach is simple and easy to hardware implementation. In addition, we perform injection-based error simulations and demonstrate that the error coverage is about 99.996%.

The article explores the question of the effective implementation of arithmetic operations with points of an elliptic curve given over a prime field. Given that the basic arithmetic operations with points of an elliptic curve are the operations of adding points and doubling points, we study the question of implementing the arithmetic operations of adding and doubling points in various coordinate systems using the weighted number system and using the Residue Number System (RNS). We have shown that using the fourmodule RNS allows you to get an average gain for the operation of adding points of the elliptic curve of 8.67% and for the operation of doubling the points of the elliptic curve of 8.32% compared to the implementation using the operation of modular multiplication with special moduli from NIST FIPS 186.

In last few years, Proxy Re-Encryption has been used for forwarding the encrypted message to the user, these users are the one who has not been a part of encryption. In the past several scheme were developed in order to provide the efficient and secure proxy re-encryption. However, these methodology mainly focused on features like maximum key privacy, minimal trust proxy and others. In such cases the efficiency and security was mainly ignored. Hence, in order to provide the efficient and secure proxy re-encryption, we proposed an algorithm named as MLBC (Modified Lattice Based Cryptography) is proposed. Our method is based on the PKE (Public Key Encryption) and it provides more efficiency when compared to the other cryptography technique. Later in order to evaluate the algorithm simulation is done based on several parameter such as encryption time, proxy key generation time, Re-encryption time and Total computation time. Later, it is compared with the existing algorithm and the plotted graph clearly shows that our algorithm outperforms the existing algorithm.

We consider a one-time digital signature scheme recently proposed by Persichetti and show that a successful key recovery attack can be mounted with limited complexity. The attack we propose exploits a single signature intercepted by the attacker, and relies on a statistical analysis performed over such a signature, followed by information set decoding. We assess the attack complexity and show that a full recovery of the secret key can be performed with a work factor that is far below the claimed security level. The efficiency of the attack is motivated by the sparsity of the signature, which leads to a significant information leakage about the secret key.

SM2 is an elliptic curve public key cryptography algorithm released by the State Cryptography Administration of China. It includes digital signature, data encryption and key exchange schemes. To meet specific application requirements, such as to protect the user's private key in software only implementation, and to facilitate secure cloud cryptography computing, secret sharing based SM2 signature generation schemes have been proposed in the literature. In this paper a new such kind of scheme based upon additively homomorphic encryption is proposed. The proposed scheme overcomes the drawback that the existing schemes have and is more secure. It is useful in various application scenarios.

The paper deals with the design and principles of functioning of code-based schemes for formation and verification of electronic digital signature. Comparative studies of the effectiveness of the known CFS scheme and the proposed scheme have been carried out, as well as their possibilities, disadvantages and prospects for use in the post-quantum period.

A strong designated verifier signature (SDVS) scheme only permits an intended verifier to validate the signature by employing his/her private key. Meanwhile, for the sake of signer anonymity, the designated verifier is also able to generate a computationally indistinguishable transcript, which prevents the designated verifier from arbitrarily transferring his conviction to any third party. To extend the applications of conventional SDVS schemes, in this paper, we propose a group-oriented strong designated verifier signature (GO-SDVS) scheme from bilinear pairings. In particular, our scheme allows a group of signers to cooperatively generate a signature for a designated verifier. A significant property of our mechanism is constant-size signatures, i.e., the signature length remains constant when the number of involved signers increases. We also prove that the proposed GO-SDVS scheme is secure against adaptive chosen-message attacks in the random oracle model and fulfills the essential properties of signer ambiguity and non-transferability.

Considering the security of message exchange between service robot and cloud, we propose to authenticate the message integrity based on RSA algorithm and digital signature. In the process of message transmission, RSA algorithm is used to encrypt message for service robot and decrypt message for cloud. The digital signature algorithm is used to authenticate the source of the message. The results of experiment have proved that the proposed scheme can guarantee the security of message transmission.

This is an extension of an ongoing research project on Fully Homomorphic Encryption. Arithmetic Circuit Homomorphic Encryption (ACHE) [1] was implemented based on (TFHE) Fast Fully Homomorphic Encryption over the Torus. Just like many Homomorphic Encryption methods, ACHE does not integrate with any authentication method. Thus, this was an issue that this paper attempts to resolve. This paper will focus on the implementation method of integrating RFC7664 [2] into ACHE. Next, the paper will further discuss latency incurred due to key generation, the latency of transmission of public and private keys. Last but not least, the paper will also discuss the key size generated and its significance.

A semi-quantum key distribution (SQKD) protocol allows two users A and B to establish a shared secret key that is secure against an all-powerful adversary E even when one of the users (e.g., B) is semi-quantum or classical in nature while the other is fully-quantum. A mediated SQKD protocol allows two semi-quantum users to establish a key with the help of an adversarial quantum server. We introduce the concept of a multi-mediated SQKD protocol where two (or more) adversarial quantum servers are used. We construct a new protocol in this model and show how it can withstand high levels of quantum noise, though at a cost to efficiency. We perform an information theoretic security analysis and, along the way, prove a general security result applicable to arbitrary MM-SQKD protocols. Finally, a comparison is made to previous (S)QKD protocols.

This paper investigates the problem of generating two secret keys (SKs) simultaneously over a five-terminal system with terminals labelled as 1, 2, 3, 4 and 5. Each of terminal 2 and terminal 3 wishes to generate an SK with terminal 1 over a public channel wiretapped by a passive eavesdropper. Terminal 4 and terminal 5 respectively act as a trusted helper and an untrusted helper to assist the SK generation. All the terminals observe correlated source sequences from discrete memoryless sources (DMS) and can exchange information over a public channel with no rate constraint that the eavesdropper has access to. Based on the considered model, key capacity region is fully characterized and a source coding scheme that can achieve the capacity region is provided. Furthermore, expression for key leakage rate is obtained to analyze the security performance of the two generated keys.

Security is one of the most important needs in network communication. Cryptography is a science which involves two techniques encryption and decryption and it basically enables to send sensitive and confidential data over the unsecure network. The basic idea of cryptography is concealing of the data from unauthenticated users as they can misuse the data. In this paper we use auto associative neural network concept of soft computing in combination with encryption technique to send data securely on communication network.

A database is an organized collection of data. Though a number of techniques, such as encryption and electronic signatures, are currently available for the protection of data when transmitted across sites. Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks. In this paper, we create 6 types of method for more secure ways to store and retrieve database information that is both convenient and efficient. Confidentiality, integrity, and availability, also known as the CIA triad, is a model designed to guide policies for information security within the database. There are many cryptography techniques available among them, ECC is one of the most powerful techniques. A user wants to the data stores or request, the user needs to authenticate. When a user who is authenticated, he will get key from a key generator and then he must be data encrypt or decrypt within the database. Every keys store in a key generator and retrieve from the key generator. We use 256 bits of AES encryption for rows level encryption, columns level encryption, and elements level encryption for the database. Next two method is encrypted AES 256 bits random key by using 521 bits of ECC encryption and signature for rows level encryption and column level encryption. Last method is most secure method in this paper, which method is element level encryption with AES and ECC encryption for confidentiality and ECC signature use for every element within the database for integrity. As well as encrypting data at rest, it's also important to ensure confidential data are encrypted in motion over our network to protect against database signature security. The advantages of elements level are difficult for attack because the attacker gets a key that is lose only one element. The disadvantages need to thousands or millions of keys to manage.

In today's world web applications have become an instant means for information broadcasting. At present, man has become so dependent on web applications that everything done through electronic means like e-banking, e-shopping, online payment of bills etc. Due to an unauthorized admittance might threat customer's or user's confidentiality, integrity and authority. SQL injection considered as most Spartan dangerous coercions to the databases of web applications. current scenario databases are highly susceptible to SQL Injection[4] . SQL Injection is one of the most popular and dangerous hacking or cracking technique . In this work authors projected a novel approach to mitigate SQL Injection Attacks in a database. We have illustrated a technique or method prevent SQLIA by incorporating a hybrid encryption in form of Advanced Encryption Standard (AES) and Elliptical Curve Cryptography (ECC) [5]. In this research paper integrated approach of encryption method is followed to prevent the databases of the web applications against SQL Injection Attack. Incidentally if an invader gains access to the database, then it can cause severe damage and ends up with retrieves data or information. So to prevent these type of attacks a combined approach is projected , Advanced Encryption Standard (AES) at login phase to prevent the unauthorized access to databases and on the other hand Elliptical Curve Cryptography (ECC) to encode the database so that without the key no one can access the database information [3]. This research paper illustrates the technique to prevent SQL Injection Attack.

Authentication is the fundamental security service used in almost all remote applications. All such sensitive applications over an open network need authentication mechanism that should be delivered in a trusted way. In this paper, we design an RSA based authentication system for smart IoT environment over the air network using state-of-the-art industry standards. Our system provide security services including X.509 certificate, RSA based Public Key Infrastructure (PKI), challenge/response protocols with the help of proxy induced security service provider. We describe an innovative system model, protocol design, system architecture and evaluation against known threats. Also the implemented solution designed as an add on service for multiple other sensitive applications (smart city apps, cyber physical systems etc.) which needs the support of X.509 certificate based on hard tokens to populate other security services including confidentiality, integrity, non-repudiation, privacy and anonymity of the identities. The proposed scheme is evaluated against known vulnerabilities and given detail comparisons with popular known authentication schemes. The result shows that our proposed scheme mitigate all the known security risks and provide highest level assurance to smart gadgets.

Public key infrastructures (PKIs) are one of the main building blocks for securing communications over the Internet. Currently, PKIs are under the control of centralized authorities, which is problematic as evidenced by numerous incidents where they have been compromised. The distributed, fault tolerant log of transactions provided by blockchains and more recently, smart contract platforms, constitutes a powerful tool for the decentralization of PKIs. To verify the validity of identity records, blockchain-based identity systems store on chain either all identity records, or, a small (or even constant) sized amount of data for verifying identity records stored off chain. However, as most of these systems have never been implemented, there is little information regarding the practical implications of each design's tradeoffs. In this work, we first implement and evaluate the only provably secure, smart contract based PKI of Patsonakis et al. on top of Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves the security properties of Patsonakis et al. and, as illustrated through our evaluation, is the only version with constant-sized state that can be deployed on the live chain of Ethereum. Furthermore, we compare these two systems with the simple approach of most prior works, e.g., the Ethereum Name Service, where all identity records are stored on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which would be useful to be considered for any smart contract platform like Ethereum so that it reaches its full potential to support arbitrary distributed applications.

Public Key Infrastructure (PKI) has been popularized in many scenarios such as e-government applications, enterprises, etc. Due to the construction of PKI system of various regions and departments, there formed a lot of isolated PKI management domains, cross-domain authentication has become a problem that cannot ignored, which also has some traditional solutions such as cross-authentication, trust list, etc. However, some issues still exist, which hinder the popularity of unified trust services. For example, lack of unified cross domain standard, the update period of Certificate Revocation List (CRL) is too long, which affects the security of cross-domain authentication. In this paper, we proposed a trust transferring model by using blockchain consensus instead of traditional trusted third party for e-government applications. We exploit how to solve the unified trust service problem of PKI at the national level through consensus and transfer some CA management functions to the blockchain. And we prove the scheme's feasibility from engineering perspective. Besides, the scheme has enough scalability to satisfy trust transfer requirements of multiple PKI systems. Meanwhile, the security and efficiency are also guaranteed compared with traditional solutions.

Nowadays mobile devices have become the majority terminals used by people for social activities so that carrying business data and private information in them have become normal. Accordingly, the risk of data related cyber attacks has become one of the most critical security concerns. The main purpose of this work is to mitigate the risk of data breaches and damages caused by malware and the lost of mobile devices. In this paper, we propose an encrypted QR code based optical challenge-response authentication by mobile devices for mounting concealed file systems. The concealed file system is basically invisible to the users unless being successfully mounted. The proposed authentication scheme practically applies cryptography and QR code technologies to challenge-response scheme in order to secure the concealed file system. The key contribution of this work is to clarify a possibility of a mounting authentication scheme involving two mobile devices using a special optical communication way (QR code exchanges) which can be realizable without involving any network accesses. We implemented a prototype system and based on the preliminary feature evaluations results we confirmed that encrypted QR code based optical challenge-response is possible between a laptop and a smart phone and it can be applied to authentication for mounting concealed file systems.

The applications of Radio Frequency Identification (RFID) technology has been rapidly developed to be used in different fields that require automatic identification of objects and managing information. The advantage of employing RFID systems is to facilitate automatic identification of objects from distance without any interaction with tagged objects and without using a line of sight as compared with barcode. However, security and privacy constitute a challenge to RFID system as RFID systems use the wireless communication. Many researchers have introduced elliptical curve cryptographic (ECC) solutions to the security and privacy in RFID system as an ideal cryptosystem to be implemented with RFID technology. However, most of these solutions do not have provide adequate protection. Moreover, in terms of integrity and confidentiality level, most of these authentication protocols still vulnerable to some of security and privacy attacks. Based on these facts, this paper proposes a mutual authentication protocol that aims at enhancing an existing RFID authentication protocol that suffers from tracking attack and man-in-the-middle attack (MITM). The enhancement is accomplished by improving the security and privacy level against MITM, tracking attack and other related attacks. The proposed protocol is dependent on use the elliptical curve version of Schnorr identification protocol in combination with Keccak hash function. This combination leads to enhance the confidentiality and integrity level of the RFID authentication system and increase the privacy protection.

The security problem of RFID system is a great potential security hazard in its application. Due to the limitation of hardware conditions, traditional public key cryptography can not be directly used in security mechanism. Compared with the traditional RSA public key cryptography, the elliptic curve cryptography has the advantages of shorter key, faster processing speed and smaller storage space, which is very suitable for use in the RFID system.