Current Issue : October - December Volume : 2019 Issue Number : 4 Articles : 5 Articles
The Traditional Authenticated Encryption (AE) scheme is a single-user cryptographic\nmechanism which only enables one designated verifier to authenticate the ciphertext. Although\nseveral group-oriented AE variants have also been proposed to eliminate such a limitation, they\nrequire shared verification. This motivated us to think of a scenario of three-party communication\nenvironments where each party runs independent processes without cooperation. In this paper,\nwe realize a novel three-party AE (abbreviated to TPAE) scheme in which two designated verifiers\ncan solely decrypt the same ciphertext and then inspect the validity of embedded signature.\nAdditionally, we also show that our TPAE construction is computationally secure using the\nwell-defined IND-CCA2 and the EF-CMA adversary games in the proof model of random oracles.\nThe comparison results will demonstrate the computational efficiency of our mechanism....
Cryptography and Steganography are two prominent techniques to obtain\nsecure communication over the shared media like the Internet. Steganography\nis slightly ahead of cryptography because of its stealthy characteristics. In\nthis paper, a new method has been proposed which combines cryptography\nand steganography to ensure even more secure communication. The Advanced\nEncryption Standard (AES) in spatial domain of the carrier/cover\nimage and Least Significant Bit (LSB) replacement in the transformed domain\nof the same image has been used after performing a Discrete Cosine Transform\n(DCT) on the pixels. An additional layer of security has been introduced\nby applying XOR operation on the AES encrypted message with the pixel\nvalues of the carrier image. The Peak Signal to Noise Ratio (PSNR) of the\nproposed algorithm is better than most of the similar algorithms. With better\nPSNR, the proposed method depicts a three layer of security of the information\nand error free decryption....
Information security is important for the Internet of Things (IoT), the security of front-end\ninformation is especially critical. With this consideration, the integrity and authenticity of sensed\ninformation directly impacts the results of back-end big data and cloud computing. The front\nend of the IoT faces many security threats. In these security threats, internal attacks cannot be\ndefended by traditional security schemes, such as encryption/decryption, authentication, and so\non. Our contribution in this paper is that a Dirichlet Distribution-based Trust Management Scheme\n(DDTMS) in IoT is proposed to defend against the internal attacks. The novelty of our scheme can be\nsummed up in two aspects. The first aspect considers the actual physical channel to extend the node\nbehaviors from success and failure to success, failure, and uncertainty, meanwhile, the corresponding\nbehaviors are weighted by using , in order to limit the measurement of each behavior\nby custom. In the second aspect, we introduce a third-party recommendation to calculate the trust\nvalue more acurrately. The simulated results demonstrate that DDTMS is better than the other two\nreputation models (Beta distribution and Gaussian distribution),and can more accurately describe the\nreputation changes to detect the malicious node quickly....
Currently, energy resource exhaustion attacks targeted on modern autonomously working\nmobile devices are becoming more and more important. The underdevelopment of specialized\ndefenses against energy exhaustion attacks as well as their often hidden nature for the owner of\nthe target device determine a necessity of an integrated approach to modeling and evaluation of\nthis class of attacks and various types of intruders. The paper analyzes conditions of applicability\nof energy resource exhaustion attacks performed by various classes of intruders, models them on\nphysical implementations of devices for two application areas, and calculates their performance\nindicators. Application areas are a TCP/IP network of end-user mobile devices and a self-organizing\nmesh network designed for operational management and emergency response....
This paper presents the attack tree modeling technique of quantifying cyber-\nattacks on a hypothetical school network system. Attack trees are constructed\nby decomposing the path in the network system where attacks are\nplausible. Considered for the network system are two possible network attack\npaths. One network path represents an attack through the Internet, and the\nother represents an attack through the Wireless Access Points (WAPs) in the\nschool network. The probabilities of success of the events, that is, 1) the attack\npayoff, and 2) the commitment of the attacker to infiltrate the network\nare estimated for the leaf nodes. These are used to calculate the Returns on\nAttacks (ROAs) at the Root Nodes. For Phase I, the â??As Isâ? network, the ROA\nvalues for both attack paths, are higher than 7 (8.00 and 9.35 respectively),\nwhich are high values and unacceptable operationally. In Phase II, countermeasures\nare implemented, and the two attack trees reevaluated. The probabilities\nof success of the events, the attack payoff and the commitment of the\nattacker are then re-estimated. Also, the Returns on Attacks (ROAs) for the\nRoot Nodes are re-assessed after executing the countermeasures. For one attack\ntree, the ROA value of the Root Node was reduced to 4.83 from 8.0,\nwhile, for the other attack tree, the ROA value of the Root Node changed to\n3.30 from 9.35. ROA values of 4.83 and 3.30 are acceptable as they fall within\nthe medium value range. The efficacy of this method whereby, attack trees are\ndeployed to mitigate computer network risks, as well as using it to assess the\nvulnerability of computer networks is quantitatively substantiated....
Loading....