The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to secur...The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.展开更多
As an important application of intelligent transportation system,Internet of Vehicles(IoV)provides great convenience for users.Users can obtain real-time traffic conditions through the IoV’s services,plan users’trav...As an important application of intelligent transportation system,Internet of Vehicles(IoV)provides great convenience for users.Users can obtain real-time traffic conditions through the IoV’s services,plan users’travel routes,and improve travel efficiency.However,in the IoV system,there are always malicious vehicle nodes publishing false information.Therefore,it is essential to ensure the legitimacy of the source.In addition,during the peak period of vehicle travel,the vehicle releases a large number of messages,and IoV authentication efficiency is prone to performance bottlenecks.Most existing authentication schemes have the problem of low authentication efficiency in the scenario.To address the above problems,this paper designs a novel reliable anonymous authentication scheme in IoV for Rush-hour Traffic.Here,our scheme uses blockchain and elliptic curve cryptography(ECC)to design authentication algorithms for message authentication between vehicles and roadside units(RSU).Additionally,we introduce the idea of edge computing into the scheme,RSU will select themost suitable vehicle as the edge computing node for message authentication.In addition,we used the ProVerif tool for Internet security protocols and applications to test its security,ensuring that it is secure under different network attacks.In the simulation experiment,we compare our scheme with other existing works.Our scheme has a significant improvement in computational overhead,authentication efficiency and packet loss rate,and is suitable for traffic scenarios with large message volume.展开更多
In this paper, we focus on Elliptic Curve Cryptography based approach for Secure Multiparty Computation (SMC) problem. Widespread proliferation of data and the growth of communication technologies have enabled collabo...In this paper, we focus on Elliptic Curve Cryptography based approach for Secure Multiparty Computation (SMC) problem. Widespread proliferation of data and the growth of communication technologies have enabled collaborative computations among parties in distributed scenario. Preserving privacy of data owned by parties is crucial in such scenarios. Classical approach to SMC is to perform computation using Trusted Third Party (TTP). However, in practical scenario, TTPs are hard to achieve and it is imperative to eliminate TTP in SMC. In addition, existing solutions proposed for SMC use classical homomorphic encryption schemes such as RSA and Paillier. Due to the higher cost incurred by such cryptosystems, the resultant SMC protocols are not scalable. We propose Elliptic Curve Cryptography (ECC) based approach for SMC that is scalable in terms of computational and communication cost and avoids TTP. In literature, there do exist various ECC based homomorphic schemes and it is imperative to investigate and analyze these schemes in order to select the suitable for a given application. In this paper, we empirically analyze various ECC based homomorphic encryption schemes based on performance metrics such as computational cost and communication cost. We recommend an efficient algorithm amongst several selected ones, that offers security with lesser overheads and can be applied in any application demanding privacy.展开更多
The tremendous development of cloud computing with related technol-ogies is an unexpected one.However,centralized cloud storage faces few chal-lenges such as latency,storage,and packet drop in the network.Cloud storag...The tremendous development of cloud computing with related technol-ogies is an unexpected one.However,centralized cloud storage faces few chal-lenges such as latency,storage,and packet drop in the network.Cloud storage gets more attention due to its huge data storage and ensures the security of secret information.Most of the developments in cloud storage have been positive except better cost model and effectiveness,but still data leakage in security are billion-dollar questions to consumers.Traditional data security techniques are usually based on cryptographic methods,but these approaches may not be able to with-stand an attack from the cloud server's interior.So,we suggest a model called multi-layer storage(MLS)based on security using elliptical curve cryptography(ECC).The suggested model focuses on the significance of cloud storage along with data protection and removing duplicates at the initial level.Based on divide and combine methodologies,the data are divided into three parts.Here,thefirst two portions of data are stored in the local system and fog nodes to secure the data using the encoding and decoding technique.The other part of the encrypted data is saved in the cloud.The viability of our model has been tested by research in terms of safety measures and test evaluation,and it is truly a powerful comple-ment to existing methods in cloud storage.展开更多
The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the br...The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.展开更多
Distributed cryptographic computing system plays an important role since cryptographic computing is extremely computation sensitive. However, no general cryptographic computing system is available. Grid technology can...Distributed cryptographic computing system plays an important role since cryptographic computing is extremely computation sensitive. However, no general cryptographic computing system is available. Grid technology can give an efficient computational support for cryptographic applications. Therefore, a general-purpose grid-based distributed computing system called DCCS is put forward in this paper. The architecture of DCCS is simply described at first. The policy of task division adapted in DCCS is then presented. The method to manage subtask is further discussed in detail. Furthermore, the building and execution process of a computing job is revealed. Finally, the details of DCCS implementation under Globus Toolkit 4 are illustrated.展开更多
With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA)....With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.展开更多
Numerous advancements in the Information Technology (IT) require the proper security policy for the data storage and transfer among the cloud. With the increase in size of the data, the time required to handle the hug...Numerous advancements in the Information Technology (IT) require the proper security policy for the data storage and transfer among the cloud. With the increase in size of the data, the time required to handle the huge-size data is more. An assurance of security in cloud computing suffers various issues. The evolution of cryptographic approaches addresses these limitations and provides the solution to the data preserving. There are two issues in security assurance such as geographical distribution and the multi-tenancy of the cloud server. This paper surveys about the various cryptographic techniques with their key sizes, time required for key/signature generation and verification constraints. The survey discusses the architecture for secure data transmissions among the devices, challenges raised during the transmission and attacks. This paper presents the brief review of major cryptographic techniques such as Rivest, Shamir Adleman (RSA), Dffie Hellman and the Elliptic Curve Cryptography (ECC) associated key sizes. This paper investigates the general impact of digital signature generation techniques on cloud security with the advantages and disadvantages. The results and discussion section existing in this paper investigate the time consumption for key/signature generation and verification with the key size variations effectively. The initialization of random prime numbers and the key computation based on the points on the elliptic curve assures the high-security compared to the existing schemes with the minimum time consumption and sizes in cloud-based applications.展开更多
In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and ...In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.展开更多
Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations ...Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.展开更多
The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure ...The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure domains like oil and gas supply,intelligent transportation,power grids,and autonomous agriculture,it is essential to guarantee the confidentiality,integrity,and authenticity of data collected and exchanged.However,the limited resources coupled with the heterogeneity of IoT devices make it inefficient or sometimes infeasible to achieve secure data transmission using traditional cryptographic techniques.Consequently,designing a lightweight secure data transmission scheme is becoming essential.In this article,we propose lightweight secure data transmission(LSDT)scheme for IoT environments.LSDT consists of three phases and utilizes an effective combination of symmetric keys and the Elliptic Curve Menezes-Qu-Vanstone asymmetric key agreement protocol.We design the simulation environment and experiments to evaluate the performance of the LSDT scheme in terms of communication and computation costs.Security and performance analysis indicates that the LSDT scheme is secure,suitable for IoT applications,and performs better in comparison to other related security schemes.展开更多
Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in ...Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in quantum computing technology,the security of conventional key-based SSL/TLS protocols faces vulnerabilities.In this paper,we propose a scheme by integrating the quantum key into the SSL/TLS framework.Furthermore,the application of post-quantum algorithms is used to enhance and complement the existing encryption suites.Experimental results show that the proposed SSL/TLS communication system based on quantum keys exhibits high performance in latency and throughput.Moreover,the proposed system showcases good resilience against quantum attacks.展开更多
文摘The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.
基金funded by Guangxi Natural Science Foundation General Project—Research on Visual Positioning and Navigation Robot Based on Deep Learning,Project Number:2023GXNSFAA026025.
文摘As an important application of intelligent transportation system,Internet of Vehicles(IoV)provides great convenience for users.Users can obtain real-time traffic conditions through the IoV’s services,plan users’travel routes,and improve travel efficiency.However,in the IoV system,there are always malicious vehicle nodes publishing false information.Therefore,it is essential to ensure the legitimacy of the source.In addition,during the peak period of vehicle travel,the vehicle releases a large number of messages,and IoV authentication efficiency is prone to performance bottlenecks.Most existing authentication schemes have the problem of low authentication efficiency in the scenario.To address the above problems,this paper designs a novel reliable anonymous authentication scheme in IoV for Rush-hour Traffic.Here,our scheme uses blockchain and elliptic curve cryptography(ECC)to design authentication algorithms for message authentication between vehicles and roadside units(RSU).Additionally,we introduce the idea of edge computing into the scheme,RSU will select themost suitable vehicle as the edge computing node for message authentication.In addition,we used the ProVerif tool for Internet security protocols and applications to test its security,ensuring that it is secure under different network attacks.In the simulation experiment,we compare our scheme with other existing works.Our scheme has a significant improvement in computational overhead,authentication efficiency and packet loss rate,and is suitable for traffic scenarios with large message volume.
文摘In this paper, we focus on Elliptic Curve Cryptography based approach for Secure Multiparty Computation (SMC) problem. Widespread proliferation of data and the growth of communication technologies have enabled collaborative computations among parties in distributed scenario. Preserving privacy of data owned by parties is crucial in such scenarios. Classical approach to SMC is to perform computation using Trusted Third Party (TTP). However, in practical scenario, TTPs are hard to achieve and it is imperative to eliminate TTP in SMC. In addition, existing solutions proposed for SMC use classical homomorphic encryption schemes such as RSA and Paillier. Due to the higher cost incurred by such cryptosystems, the resultant SMC protocols are not scalable. We propose Elliptic Curve Cryptography (ECC) based approach for SMC that is scalable in terms of computational and communication cost and avoids TTP. In literature, there do exist various ECC based homomorphic schemes and it is imperative to investigate and analyze these schemes in order to select the suitable for a given application. In this paper, we empirically analyze various ECC based homomorphic encryption schemes based on performance metrics such as computational cost and communication cost. We recommend an efficient algorithm amongst several selected ones, that offers security with lesser overheads and can be applied in any application demanding privacy.
文摘The tremendous development of cloud computing with related technol-ogies is an unexpected one.However,centralized cloud storage faces few chal-lenges such as latency,storage,and packet drop in the network.Cloud storage gets more attention due to its huge data storage and ensures the security of secret information.Most of the developments in cloud storage have been positive except better cost model and effectiveness,but still data leakage in security are billion-dollar questions to consumers.Traditional data security techniques are usually based on cryptographic methods,but these approaches may not be able to with-stand an attack from the cloud server's interior.So,we suggest a model called multi-layer storage(MLS)based on security using elliptical curve cryptography(ECC).The suggested model focuses on the significance of cloud storage along with data protection and removing duplicates at the initial level.Based on divide and combine methodologies,the data are divided into three parts.Here,thefirst two portions of data are stored in the local system and fog nodes to secure the data using the encoding and decoding technique.The other part of the encrypted data is saved in the cloud.The viability of our model has been tested by research in terms of safety measures and test evaluation,and it is truly a powerful comple-ment to existing methods in cloud storage.
文摘The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.
基金Supported by the National Basic Research Program of China (973 Program 2004CB318004), the National Natural Science Foundation of China (NSFC90204016) and the National High Technology Research and Development Program of China (2003AA144030)
文摘Distributed cryptographic computing system plays an important role since cryptographic computing is extremely computation sensitive. However, no general cryptographic computing system is available. Grid technology can give an efficient computational support for cryptographic applications. Therefore, a general-purpose grid-based distributed computing system called DCCS is put forward in this paper. The architecture of DCCS is simply described at first. The policy of task division adapted in DCCS is then presented. The method to manage subtask is further discussed in detail. Furthermore, the building and execution process of a computing job is revealed. Finally, the details of DCCS implementation under Globus Toolkit 4 are illustrated.
文摘With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.
文摘Numerous advancements in the Information Technology (IT) require the proper security policy for the data storage and transfer among the cloud. With the increase in size of the data, the time required to handle the huge-size data is more. An assurance of security in cloud computing suffers various issues. The evolution of cryptographic approaches addresses these limitations and provides the solution to the data preserving. There are two issues in security assurance such as geographical distribution and the multi-tenancy of the cloud server. This paper surveys about the various cryptographic techniques with their key sizes, time required for key/signature generation and verification constraints. The survey discusses the architecture for secure data transmissions among the devices, challenges raised during the transmission and attacks. This paper presents the brief review of major cryptographic techniques such as Rivest, Shamir Adleman (RSA), Dffie Hellman and the Elliptic Curve Cryptography (ECC) associated key sizes. This paper investigates the general impact of digital signature generation techniques on cloud security with the advantages and disadvantages. The results and discussion section existing in this paper investigate the time consumption for key/signature generation and verification with the key size variations effectively. The initialization of random prime numbers and the key computation based on the points on the elliptic curve assures the high-security compared to the existing schemes with the minimum time consumption and sizes in cloud-based applications.
基金Supported by 863 Project of China (No.2006AA01Z224)
文摘In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.
文摘Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.
基金support of the Interdisciplinary Research Center for Intelligent Secure Systems(IRC-ISS)Internal Fund Grant#INSS2202.
文摘The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure domains like oil and gas supply,intelligent transportation,power grids,and autonomous agriculture,it is essential to guarantee the confidentiality,integrity,and authenticity of data collected and exchanged.However,the limited resources coupled with the heterogeneity of IoT devices make it inefficient or sometimes infeasible to achieve secure data transmission using traditional cryptographic techniques.Consequently,designing a lightweight secure data transmission scheme is becoming essential.In this article,we propose lightweight secure data transmission(LSDT)scheme for IoT environments.LSDT consists of three phases and utilizes an effective combination of symmetric keys and the Elliptic Curve Menezes-Qu-Vanstone asymmetric key agreement protocol.We design the simulation environment and experiments to evaluate the performance of the LSDT scheme in terms of communication and computation costs.Security and performance analysis indicates that the LSDT scheme is secure,suitable for IoT applications,and performs better in comparison to other related security schemes.
基金supported by ZTE IndustryUniversityInstitute Cooperation Funds under Grant No.HCCN20221029003.
文摘Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in quantum computing technology,the security of conventional key-based SSL/TLS protocols faces vulnerabilities.In this paper,we propose a scheme by integrating the quantum key into the SSL/TLS framework.Furthermore,the application of post-quantum algorithms is used to enhance and complement the existing encryption suites.Experimental results show that the proposed SSL/TLS communication system based on quantum keys exhibits high performance in latency and throughput.Moreover,the proposed system showcases good resilience against quantum attacks.