As privacy-enhancing authentications without any TTP (Trusted Third Party), blacklistable anonymous credential systems with reputation have been proposed. However, the previous systems have the efficiency problem: The authentication data size is or , where L is the reputation list, and K is the size of a window indicating the most recent K authentications of the user. Therefore, the previous systems

The idea of aggregate signcryption was first proposed by Selvi. The aggregation process reduces the communication overhead and hence, it is efficient in low-bandwidth communication networks such as wireless sensor networks and vehicular ad-hoc network VANET. The goal of this study is to propose a secure provably identity based aggregate signcryption scheme ID-ASC without pairings over the elliptic

In this study, the authors introduce new Montgomery and Edwards form elliptic curves targeted at the 256-bit security level. To this end, they work with three primes, namely , and . While has been considered earlier in the literature, and are new. They define a pair of birationally equivalent Montgomery and Edwards form curves over all the three primes. Efficient 64-bit assembly implementations targeted

The PRISM made the research of cryptography against subversion attacks flourish these years. In a subversion attack, surveillants can compromise the security of users’ systems by subverting implementations of cryptographic algorithms. While the scenario of a single-surveillant has been researched by several works, the multi-surveillant setting attracted less consideration. The authors have initialised

In the mid-sixties, Rothaus introduced the notion of bent function and later presented a secondary construction of bent functions (building new bent functions from already defined ones), called Rothaus’ construction. In Zhang et al. 2017 (‘Constructing bent functions outside the Maiorana–Mcfarland class using a general form of Rothaus,’ IEEE Transactions on Information Theory , 2017, vol. 63, no. 8

Nowadays, the necessity of electronic information increases rapidly. As a consequence, often, that information needs to be shared among mutually distrustful parties. In this area, private set intersection (PSI) and its variants play an important role when the participants wish to do secret operations on their input sets. Unlike the most modern public key cryptosystems relying on number theoretic problems

This study proposes a secure and privacy-preserving protocol for outsourcing health data processing operations during the emergency in the mobile healthcare network. The proposed protocol provides a practical solution to utilise smartphone resources at both remote and nearby for processing the overwhelming personal health information (PHI) of a user in healthcare emergency opportunistically and securely

Security vulnerabilities in web traffic can directly lead to data leak. Preventing these data leaks to a large extent has become an important problem to solve. Besides, the accurate detection and prevention of abnormal changes in web traffic is of great importance. In this study, a hybrid approach, called C-NSA, based on the negative selection algorithm (NSA) and clonal selection algorithm (CSA) of

Socialbots are intelligent software that controls all behaviour of fake accounts in an online social network. Since they are armed with detection evasion techniques, it is valuable to be able to determine the effectiveness of these techniques. In this study, an analytical model is developed to estimate a lower bound for the cost of automatic establishment of a socialbot network. Moreover, by considering

Delegation is a technique that allows a subject receiving a delegation (the delegatee) to act on behalf of the delegating subject (the delegator). Although the existing Key Aggregate Searchable Encryption (KASE) schemes support delegation of search rights over any set of ciphertexts using a key of constant-size, two critical issues still should be considered. Firstly, an adversary can intercept the

Identity-based cryptography (IBC) is considered as a promising mechanism in the Internet of Things and ad-hoc networks, providing lightweight authentication and powerful access control. However, it suffers from two inherent problems, i.e. key escrow and the requirement of a secure channel, which are not always good properties in many realistic scenarios. Thus, an efficient key issuing protocol in a

The authors analyse the security threats caused by personal wireless local area network (WLAN) sharing, propose schemes under two different conditions, and evaluate the performance of their schemes. WLAN is a widely used low-cost wireless networking technology. Most personal WLANs use the Wi-Fi-protected access II (WPA2)-personal to ensure robust security. Exposing the passphrase of WLAN is the only

In this study, an oblivious 3D mesh watermarking scheme is represented utilising local curvature estimation and statistical characteristics of 3D mesh to provide robustness as well as retaining the imperceptibility of the 3D model. The proposed method estimates the local curvature of 3D model by finding the difference between the average normal and the surface normal of all the faces in a 1-ring neighbourhood

In this study, I consider privacy against hypothesis testing adversaries within a non-stochastic framework. He developed a theory of non-stochastic hypothesis testing by borrowing the notion of uncertain variables from non-stochastic information theory. I define tests as binary-valued mappings on uncertain variables and proved a fundamental bound on the best performance of the tests in non-stochastic

Tight security is an important requirement of practical cryptographic schemes. Compared with loosely-secure schemes, tightly-secure schemes allow shorter security parameters hence are more efficient. In CRYPTO 2018, Gjøsteen and Jager proposed a tightly-secure authenticated key exchange (AKE) protocol. They used ‘commitment trick’ to construct a tight security reduction for their protocol. However

Data sharing across multiple different entities is on-demand to upgrade an enterprise's performance. However, some malicious entity can reveal this data to an unauthorised third party that may result in heavy loss to the enterprises in terms of finance, reputation, and long-term stability. This study presents a novel model GUIM-SMD for the identification of the guilty entity which is responsible for

A verifiable multi-secret sharing (VMSS) scheme allows distributors to share multiple secrets simultaneously and can detect fraud by both distributors and participants. After analysing the security of the VMSS schemes proposed by Dehkordi and Mashhadi in 2015, the authors point out that they could not detect the fraudulent behaviour of the dealer. By using the non-homogeneous linear recursion and linear

This study revisits the side-channel security of the elliptic curve cryptography (ECC) scalar multiplication implemented with Montgomery ladder. Focusing on a specific implementation that does not use the y -coordinate for point addition (ECADD) and point doubling (ECDBL), the authors show that Montgomery ladder on Weierstrass curves is vulnerable to a chosen base-point attack. Unlike the normal implementation

Recently, lattice signatures based on the Fiat-Shamir framework have seen a lot of improvements which are efficient in practice. The security of these signature schemes depends mainly on the hardness of solving short integer solutions (SIS) and/or learning with errors problem in the random oracle model. The authors propose an alternative lattice-based signature scheme on the Fiat-Shamir framework over

LBlock is a lightweight block cipher with Feistel-SP structure proposed by Wu and Zhang in Applied Cryptography and Network Security 2011, and a modified version LBlock-s is used later in the design of the lightweight authenticated encryption cipher LAC, one of the CAESAR candidates. The best known integral attack on LBlock is presented by Zhang and Wu which can attack 23-round LBlock based on a 16-round

Distributed sensors are mainly used environment monitoring systems to monitor volcanic eruption, weather disaster, storm, tornadoes, hurricane, earthquake, and tsunami. The routing path of these networks is frequently affected by the presence of malicious and faulty nodes. The authors propose a secure, load-balanced routing (SLBR) protocol using wireless sensor networks for disaster management. The

Poly1305 is a polynomial hash function designed by Bernstein in 2005. Presently, it is part of several major platforms, including the Transport Layer Security protocol. Vectorised implementation of Poly1305 was proposed by Goll and Gueron in 2015. The authors provide some simple algorithmic improvements to the Goll–Gueron vectorisation strategy. Implementation of the modified strategy on modern Intel

The popularity of Android prompts cyber-criminals to create malicious apps that can compromise security and confidentiality of the mobile systems. Analysing the permissions requested by an app is one of the methods to detect if it is malware or not. However, taking all the permissions available in the Android system into account can result in a model with increased complexity. To tackle this, a malware

With the fast increase in airspace density and high-safety requirements on aviation, automatic dependent surveillance-broadcast (ADS-B) is regarded as the primary method in the next generation air traffic surveillance. The ADS-B data is broadcast with the plain text without sufficient security measures, which results in various attack patterns emerging. However, in terms of constrictions with laws

Recently emerged distributed computation outsourcing environments (e.g. volunteer computing, crowdsourcing, cloud computing, and pooled mining in cryptocurrencies) provide many new opportunities and challenges. One important new challenge in these environments is assuring the correctness and validity of the computation output when computation nodes have motivation for lazy, malicious, or hoarding behaviour

A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs is reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This study

The integral cryptanalysis is a powerful cryptanalytic technique for the security evaluation of block cipher. However, when using the MILP-aided division property to search the integral distinguishers, many candidates of initial division properties need to be tested, so that the computations are unbearable in practice. This study takes advantage of the division property propagation of S-box to improve

The cryptographic algorithm has been gradually improved in design, but its implementations are vulnerable to side-channel analysis (SCA). Generally speaking, adding a mask to the primitive is the best way to counteract SCA. In the high-order mask, the key to affecting performance and security lies in the multiplication design. Based on the research of the advanced encryption standard (AES) algorithm

The stream cipher SNOW 3G is the core of the 3G Partnership Project (3GPP) for implementing a confidentiality algorithm and data integrity algorithm. In this study, the authors analyse the initialisation stage based on the chosen IV differential attacks on the reduced-round SNOW 3G and SNOW . Firstly, they show a distinguisher for 12-round SNOW 3G and 255 distinguishers for 13-round SNOW , respectively

The authors use the mixed-integer linear programming (MILP) technique for the automatic search for differential characteristics of LEA and HIGHT ciphers. They show that the MILP model of the differential property of modular addition with one constant input can be represented with a much lesser number of linear inequalities compared to the general case. Benefiting from this model for HIGHT block cipher

In this study, the authors take advantage of feeding the SMT solver by extra information provided through middle state cube characteristics to introduce a new method which they call SMT-based cube attack, and apply it to improve the success of the solver in attacking reduced-round versions of Simeck32/64 lightweight block cipher. The key idea is to search for and utilise all found middle state characteristics

Internet of Things (IoT) gains popularity in recent times due to its flexibility, usability, diverse applicability and ease of deployment. However, the issues related to security are less explored. The IoT devices are light weight in nature and have low computation power, low battery life and low memory. As incorporating security features are resource expensive, IoT devices are often found to be less

With the advances in wireless communication and Internet of things, wireless body area networks (WBANs) have attracted more and more attention because of the potential in improving the quality of health care services. With the help of WBANs, the user can access the patient's life-critical data generated by miniaturised medical sensors, and remote health care monitoring services are provided. Since

Wireless mesh networks (WMNs) upraised as superior technology offering all aspects of services as compared to conventional networks. Due to the absence of centralised authority, WMNs suffers from both external and internal attacks, which decrease the overall performance of WMNs. In this study, the authors proposed an efficient handoff authentication protocol with privacy preservation of nonce and transfer

In recent years, the security of online social networks (OSNs) has become an issue of widespread concern. Searching and detecting compromised accounts in OSNs is crucial for ensuring the security of OSN platforms. In this study, the authors proposed a new method of detecting compromised accounts based on a supervised analytical hierarchy process (SAHP). First, they considered the expression habits

In the previous study, authors proved that inversion of enhanced matrix power function (MPF), introduced as conjectured one-way function, is a nondeterministic polynomial time (NP)-complete problem. Furthermore, a key agreement protocol (KAP), the security of which relies on the inversion of this function, was previously proposed. The problem is that the application of MPF can yield weak keys under

Malware and malicious code do not only incur considerable costs and losses but impact negatively the reputation of the targeted organisations. Malware developers, hackers, and information security specialists are continuously improving their strategies to defeat each other. Unfortunately, there is no one-size-fits-all solution to detect and eradicate any malware. This situation is aggravated more by

Cube attacks are an important type of key recovery attacks against nonlinear feedback shift register (NFSR)-based cryptosystems. The key step in cube attacks closely related to key recovery is recovering superpolies. However, in the previous cube attacks including original, division property based and correlation cube attacks, the algebraic normal form of superpolies could hardly be shown to be exact

The identity-based signature (IBS) scheme is one of the most promising secure and widely used cryptographic primitives for electronic commerce applications. For example, ID-based signing in a multi-party setting, without ever revealing any private and secret information, has received considerable interest in distributed applications such as a global manufacturer. However, there is no practical solution

Low-rate denial of service (LDoS) attack is a special DoS attack type of wireless sensor network (WSN). Routing protocol is the critical component of the WSN. Routing flood attack is a novel LDoS attack pattern in WSN. However, the attack is difficult to be detected by traditional intrusion detection algorithm. A novel LDoS attack detection method based on big data and signal analysis is proposed.

Scan chain is an architectural solution to facilitate in-field tests and debugging of digital chips, however, it is also known as a source of security problems, e.g. scan-based attacks in the chips. The authors conduct a comprehensive gate-level security analysis on crypto-chips, which are equipped with a scan chain, and then propose a set of protection mechanisms to immune vulnerable nets of the chips

The publish/subscribe (P/S) service on Advanced Metering Infrastructure (AMI) servers of smart grid need to deal with huge amount of data, which may lead to data burst on AMI servers and serious server crash. Moreover, for protecting data security, sensitive data must be encrypted before being published. It obstacles traditional data utilisation based on plaintext P/S service. Thus, enabling an encrypted

Protean signatures (PSs), recently introduced by Krenn et al. (CANS ‘18), allow a semi-trusted third party (the sanitiser), to modify a signed message in a controlled way: the signer can define the message parts to be arbitrarily editable by the sanitiser, as well as message parts which can be redacted (but not altered otherwise) by the sanitiser. Thus, PSs generalise both redactable signatures (RSs)

With the increasing concern on the preservation of personal privacy, privacy-preserving data mining has become a hot topic in recent years. Spectral clustering is one of the most widely used clustering algorithm for exploratory data analysis and usually has to deal with sensitive data sets. How to conduct privacy-preserving spectral clustering is an urgent problem to be solved. In this study, the authors

One of the main challenges of centralised social networks is having a central provider that stores the data which imposes some limitations to preserve the privacy of users’ data. However, one of the decentralised architectures is peer-to-peer network that every user takes the responsibility of storing and managing his/her data. Although the privacy of data is increased in these networks, authorised

This note is a corrigendum for the paper ‘Public-key encryption indistinguishable under plaintext-checkable attacks’, IET Information Security (2016), 10(6): 288, http://dx.doi.org/10.1049/iet-ifs.2015.0500.

Logic vulnerabilities are largely dependent on the expected functions of web applications. Their appearance depends on both application logic and related security policy which may change based on modifications in business requirements. Accordingly, there are no specific and common patterns for logic vulnerabilities moreover, a security policy is required for their detection. In this study, a vulnerability

Hamming quasi-cyclic (HQC) cryptosystem, proposed by Aguilar Melchor et al. , is a code-based key encapsulation mechanism (KEM) submitted for the NIST standardisation process of post-quantum cryptography (PQC). Under the assumption that the s -decision quasi-cyclic syndrome decoding ( s -DQCSD) problem is hard for s = 2 and 3, HQC, viewed as a public-key encryption scheme, is proven to be indistinguishability

In the last decade, location information became easily obtainable using off-the-shelf mobile devices. This gave a momentum to developing Location Based Services (LBSs) such as location proximity detection, which can be used to find friends or taxis nearby. LBSs can, however, be easily misused to track users, which draws attention to the need of protecting privacy of these users. In this work, we address

Proxy re-encryption (PRE) is a promising cryptographic structure for pervasive data sharing in cloud-based social networks, which enables a semi-trusted proxy to convert a ciphertext for Alice into a ciphertext for Bob without seeing the corresponding plaintext. Since the proxy is semi-trust, a PRE scheme which can resist the collusion attack will be of great practical value. Jiang et al. in 2015 and

The modulus switching technique has been used in some cryptographic applications as well as in cryptanalysis. For cryptanalysis against the learning with errors (LWE) problem and the learning with rounding (LWR) problem, it seems that one does not know whether the technique is really useful or not. This work supplies a complete view of the impact of this technique on the decoding attack, the dual attack

Public-key cryptosystems built on quasi-cyclic (QC) low-density parity-check and moderate-density parity-check codes are promising candidates for post-quantum cryptography, since they are characterised by compact keys and high algorithmic efficiency. The main issue with this kind of system is represented by the fact that, since the decoding procedure is probabilistic, it may leak information about

We introduce a cryptographic primitive named threshold trapdoor functions (TTDFs), from which we give generic constructions of threshold and revocation encryptions under adaptive corruption model. Then, we show TTDF can be instantiated under the decisional Diffie-Hellman (DDH) assumption and the learning with errors (LWE) assumption. By combining the instantiations of TTDF with the generic constructions

To improve the security and efficiency of remote attestation (RA) for embedded systems, this study proposes mutual authentication-based RA scheme for embedded systems. Especially, the authors design an RA framework based on authentication agents and measurement agents, which combines the mutually anonymous identity authentication scheme with the platform integrity attestation. During the identity authentication

Fingerprint image quality assessment is important because the good performance of the minutiae-based matching algorithm is heavily dependent on fingerprint images with high quality. Many efforts have been made in existing methods, but most methods either use full fingerprint images or use local areas and involve subjective judgments. Unlike previous methods, the proposed method considers both local

Multivariate public key cryptography is one of the main candidates for post-quantum cryptography. Rainbow, an improved (multi-layer) version of unbalanced oil and vinegar (UOV), is one of the most famous multivariate signature schemes that is a promising candidate for NIST standardisation. At INDOCRYPT 2017, Beullens and Preneel introduced a new variant LUOV of UOV. Their idea is to generate a UOV

Monetary loss due to software piracy nowadays reaches millions. In 2017, the commercial value for this concept rose to $46.3 billion. A way to mitigate this problem from the technological point of view is the use of software protection techniques, especially the obfuscation and diversification of code, highlighting the control obfuscation. There are many proposals connected with obfuscating control

Nowadays, computers and the Internet have become an inseparable part of our life. We accomplish a wide range of our daily tasks through the Internet. A massive number of malwares have been designed annually to infiltrate computers and other electronic devices that endanger their security strikingly. Hence, developing a method that is capable of proactively detect and prevent malware is a perpetual

The relevance of the related-key model is usually controversial. However, in some cases, related-key properties have already been used to reduce the effective key length of the cipher in the single-key model. Hence, research into this direction can be helpful to bridge the gap between theory and practice aspects of the related-key model. Motivated by this challenge, the authors develop a new framework

With the development of cloud computing technology, more and more scientific workflows are delivered to cloud platforms to complete. However, there are many threats in clouds due to the multi-tenant coexistence. In order to protect scientific workflows in clouds, the authors propose an intrusion tolerant scientific workflow system. In this system, the task executors containing multiple virtual machines