-
Efficient blacklistable anonymous credential system with reputation using a pairing-based accumulator IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Toru Nakanishi; Takeshi Kanatani
As privacy-enhancing authentications without any TTP (Trusted Third Party), blacklistable anonymous credential systems with reputation have been proposed. However, the previous systems have the efficiency problem: The authentication data size is or , where L is the reputation list, and K is the size of a window indicating the most recent K authentications of the user. Therefore, the previous systems
-
Pairing free identity based aggregate signcryption scheme IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Eman Abouelkheir; Shamia El-sherbiny
The idea of aggregate signcryption was first proposed by Selvi. The aggregation process reduces the communication overhead and hence, it is efficient in low-bandwidth communication networks such as wireless sensor networks and vehicular ad-hoc network VANET. The goal of this study is to propose a secure provably identity based aggregate signcryption scheme ID-ASC without pairings over the elliptic
-
Efficient elliptic curve Diffie-Hellman computation at the 256-bit security level IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Kaushik Nath; Palash Sarkar
In this study, the authors introduce new Montgomery and Edwards form elliptic curves targeted at the 256-bit security level. To this end, they work with three primes, namely , and . While has been considered earlier in the literature, and are new. They define a pair of birationally equivalent Montgomery and Edwards form curves over all the three primes. Efficient 64-bit assembly implementations targeted
-
More realistic analysis of mass surveillance – security in multi-surveillant settings IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Geng Li; Jianwei Liu; Zongyang Zhang
The PRISM made the research of cryptography against subversion attacks flourish these years. In a subversion attack, surveillants can compromise the security of users’ systems by subverting implementations of cryptographic algorithms. While the scenario of a single-surveillant has been researched by several works, the multi-surveillant setting attracted less consideration. The authors have initialised
-
Further study on constructing bent functions outside the completed Maiorana–McFarland class IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Shishi Liu; Fengrong Zhang; Enes Pasalic; Shixiong Xia; Zepeng Zhuo
In the mid-sixties, Rothaus introduced the notion of bent function and later presented a secondary construction of bent functions (building new bent functions from already defined ones), called Rothaus’ construction. In Zhang et al. 2017 (‘Constructing bent functions outside the Maiorana–Mcfarland class using a general form of Rothaus,’ IEEE Transactions on Information Theory , 2017, vol. 63, no. 8
-
Post-quantum protocol for computing set intersection cardinality with linear complexity IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Sumit Kumar Debnath; Pantelimon Stănică; Tanmay Choudhury; Nibedita Kundu
Nowadays, the necessity of electronic information increases rapidly. As a consequence, often, that information needs to be shared among mutually distrustful parties. In this area, private set intersection (PSI) and its variants play an important role when the participants wish to do secret operations on their input sets. Unlike the most modern public key cryptosystems relying on number theoretic problems
-
SPCOR: a secure and privacy-preserving protocol for mobile-healthcare emergency to reap computing opportunities at remote and nearby IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Sona Alex; Deepthi P Pattathil; Dhanaraj Kakkanattu Jagalchandran
This study proposes a secure and privacy-preserving protocol for outsourcing health data processing operations during the emergency in the mobile healthcare network. The proposed protocol provides a practical solution to utilise smartphone resources at both remote and nearby for processing the overwhelming personal health information (PHI) of a user in healthcare emergency opportunistically and securely
-
C-NSA: a hybrid approach based on artificial immune algorithms for anomaly detection in web traffic IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Emre Dandıl
Security vulnerabilities in web traffic can directly lead to data leak. Preventing these data leaks to a large extent has become an important problem to solve. Besides, the accurate detection and prevention of abnormal changes in web traffic is of great importance. In this study, a hybrid approach, called C-NSA, based on the negative selection algorithm (NSA) and clonal selection algorithm (CSA) of
-
Economic feasibility study for stealthy socialbot network establishment IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Samaneh Hosseini Moghaddam; Maghsoud Abbaspour
Socialbots are intelligent software that controls all behaviour of fake accounts in an online social network. Since they are armed with detection evasion techniques, it is valuable to be able to determine the effectiveness of these techniques. In this study, an analytical model is developed to estimate a lower bound for the cost of automatic establishment of a socialbot network. Moreover, by considering
-
P2 KASE A2—privacy-preserving key aggregate searchable encryption supporting authentication and access control on multi-delegation IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Mukti Padhya; Devesh C. Jinwala
Delegation is a technique that allows a subject receiving a delegation (the delegatee) to act on behalf of the delegating subject (the delegator). Although the existing Key Aggregate Searchable Encryption (KASE) schemes support delegation of search rights over any set of ciphertexts using a key of constant-size, two critical issues still should be considered. Firstly, an adversary can intercept the
-
Multi-party key generation protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Qi Feng; Debiao He; Huaqun Wang; Ding Wang; Xinyi Huang
Identity-based cryptography (IBC) is considered as a promising mechanism in the Internet of Things and ad-hoc networks, providing lightweight authentication and powerful access control. However, it suffers from two inherent problems, i.e. key escrow and the requirement of a secure channel, which are not always good properties in many realistic scenarios. Thus, an efficient key issuing protocol in a
-
Achieving secure and convenient WLAN sharing in personal IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Zhicheng Yan; Chao Yang; Wei You; Jingjing Guo; Junwei Zhang; Yu Zheng; Jianfeng Ma
The authors analyse the security threats caused by personal wireless local area network (WLAN) sharing, propose schemes under two different conditions, and evaluate the performance of their schemes. WLAN is a widely used low-cost wireless networking technology. Most personal WLANs use the Wi-Fi-protected access II (WPA2)-personal to ensure robust security. Exposing the passphrase of WLAN is the only
-
Statistical watermarking approach for 3D mesh using local curvature estimation IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Neha Sharma; Jeebananda Panda
In this study, an oblivious 3D mesh watermarking scheme is represented utilising local curvature estimation and statistical characteristics of 3D mesh to provide robustness as well as retaining the imperceptibility of the 3D model. The proposed method estimates the local curvature of 3D model by finding the difference between the average normal and the surface normal of all the faces in a 1-ring neighbourhood
-
Non-stochastic hypothesis testing for privacy IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Farhad Farokhi
In this study, I consider privacy against hypothesis testing adversaries within a non-stochastic framework. He developed a theory of non-stochastic hypothesis testing by borrowing the notion of uncertain variables from non-stochastic information theory. I define tests as binary-valued mappings on uncertain variables and proved a fundamental bound on the best performance of the tests in non-stochastic
-
Tightly-secure two-pass authenticated key exchange protocol using twin Diffie–Hellman problem IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Runzhi Zeng; Libin Wang
Tight security is an important requirement of practical cryptographic schemes. Compared with loosely-secure schemes, tightly-secure schemes allow shorter security parameters hence are more efficient. In CRYPTO 2018, Gjøsteen and Jager proposed a tightly-secure authenticated key exchange (AKE) protocol. They used ‘commitment trick’ to construct a tight security reduction for their protocol. However
-
GUIM-SMD: guilty user identification model using summation matrix-based distribution IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Ishu Gupta; Ashutosh Kumar Singh
Data sharing across multiple different entities is on-demand to upgrade an enterprise's performance. However, some malicious entity can reveal this data to an unauthorised third party that may result in heavy loss to the enterprises in terms of finance, reputation, and long-term stability. This study presents a novel model GUIM-SMD for the identification of the guilty entity which is responsible for
-
New dynamic and verifiable multi-secret sharing schemes based on LFSR public key cryptosystem IET Inf. Secur. (IF 1.068) Pub Date : 2020-10-15 Jing Yang; Fang-Wei Fu
A verifiable multi-secret sharing (VMSS) scheme allows distributors to share multiple secrets simultaneously and can detect fraud by both distributors and participants. After analysing the security of the VMSS schemes proposed by Dehkordi and Mashhadi in 2015, the authors point out that they could not detect the fraudulent behaviour of the dealer. By using the non-homogeneous linear recursion and linear
-
Chosen base-point side-channel attack on Montgomery ladder with x-only coordinate: with application to secp256k1 IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Congming Wei; Jiazhe Chen; An Wang; Beibei Wang; Hongsong Shi; Xiaoyun Wang
This study revisits the side-channel security of the elliptic curve cryptography (ECC) scalar multiplication implemented with Montgomery ladder. Focusing on a specific implementation that does not use the y -coordinate for point addition (ECADD) and point doubling (ECDBL), the authors show that Montgomery ladder on Weierstrass curves is vulnerable to a chosen base-point attack. Unlike the normal implementation
-
Lattice signatures using NTRU on the hardness of worst-case ideal lattice problems IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Dipayan Das; Vishal Saraswat; Kajla Basu
Recently, lattice signatures based on the Fiat-Shamir framework have seen a lot of improvements which are efficient in practice. The security of these signature schemes depends mainly on the hardness of solving short integer solutions (SIS) and/or learning with errors problem in the random oracle model. The authors propose an alternative lattice-based signature scheme on the Fiat-Shamir framework over
-
Improved integral attacks on 24-round LBlock and LBlock-s IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Yaxin Cui; Hong Xu; Wenfeng Qi
LBlock is a lightweight block cipher with Feistel-SP structure proposed by Wu and Zhang in Applied Cryptography and Network Security 2011, and a modified version LBlock-s is used later in the design of the lightweight authenticated encryption cipher LAC, one of the CAESAR candidates. The best known integral attack on LBlock is presented by Zhang and Wu which can attack 23-round LBlock based on a 16-round
-
Secure and load-balanced routing protocol in wireless sensor network or disaster management IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Uthirapathy Palani; Gopal Amuthavalli; Vaithiyanathan Alamelumangai
Distributed sensors are mainly used environment monitoring systems to monitor volcanic eruption, weather disaster, storm, tornadoes, hurricane, earthquake, and tsunami. The routing path of these networks is frequently affected by the presence of malicious and faulty nodes. The authors propose a secure, load-balanced routing (SLBR) protocol using wireless sensor networks for disaster management. The
-
Improved SIMD implementation of Poly1305 IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Sreyosi Bhattacharyya; Palash Sarkar
Poly1305 is a polynomial hash function designed by Bernstein in 2005. Presently, it is part of several major platforms, including the Transport Layer Security protocol. Vectorised implementation of Poly1305 was proposed by Goll and Gueron in 2015. The authors provide some simple algorithmic improvements to the Goll–Gueron vectorisation strategy. Implementation of the modified strategy on modern Intel
-
Improved real-time permission based malware detection and clustering approach using model independent pruning IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Janani Thiyagarajan; A. Akash; Brindha Murugan
The popularity of Android prompts cyber-criminals to create malicious apps that can compromise security and confidentiality of the mobile systems. Analysing the permissions requested by an app is one of the methods to detect if it is malware or not. However, taking all the permissions available in the Android system into account can result in a model with increased complexity. To tackle this, a malware
-
Threat model and construction strategy on ADS-B attack data IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Tengyao Li; Buhong Wang; Fute Shang; Jiwei Tian; Kunrui Cao
With the fast increase in airspace density and high-safety requirements on aviation, automatic dependent surveillance-broadcast (ADS-B) is regarded as the primary method in the next generation air traffic surveillance. The ADS-B data is broadcast with the plain text without sufficient security measures, which results in various attack patterns emerging. However, in terms of constrictions with laws
-
Computation integrity assurance for emerging distributed computation outsourcing environments, the case of block withholding attack on Bitcoin pools IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Alireza Toroghi Haghighat; Mehdi Shajari
Recently emerged distributed computation outsourcing environments (e.g. volunteer computing, crowdsourcing, cloud computing, and pooled mining in cryptocurrencies) provide many new opportunities and challenges. One important new challenge in these environments is assuring the correctness and validity of the computation output when computation nodes have motivation for lazy, malicious, or hoarding behaviour
-
Robust security framework with bit-flipping attack and timing attack for key derivation functions IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Wen Wen Koh; Chai Wen Chuah
A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs is reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This study
-
Integral cryptanalysis on two block ciphers Pyjamask and uBlock IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Wenqiang Tian; Bin Hu
The integral cryptanalysis is a powerful cryptanalytic technique for the security evaluation of block cipher. However, when using the MILP-aided division property to search the integral distinguishers, many candidates of initial division properties need to be tested, so that the computations are unbearable in practice. This study takes advantage of the division property propagation of S-box to improve
-
Research on a high-order AES mask anti-power attack IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Yu Ou; Lang Li
The cryptographic algorithm has been gradually improved in design, but its implementations are vulnerable to side-channel analysis (SCA). Generally speaking, adding a mask to the primitive is the best way to counteract SCA. In the high-order mask, the key to affecting performance and security lies in the multiplication design. Based on the research of the advanced encryption standard (AES) algorithm
-
Differential attacks on reduced-round SNOW 3G and SNOW 3G⊕ IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Sudong Ma; Jie Guan
The stream cipher SNOW 3G is the core of the 3G Partnership Project (3GPP) for implementing a confidentiality algorithm and data integrity algorithm. In this study, the authors analyse the initialisation stage based on the chosen IV differential attacks on the reduced-round SNOW 3G and SNOW . Firstly, they show a distinguisher for 12-round SNOW 3G and 255 distinguishers for 13-round SNOW , respectively
-
MILP-based automatic differential search for LEA and HIGHT block ciphers IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Elnaz Bagherzadeh; Zahra Ahmadian
The authors use the mixed-integer linear programming (MILP) technique for the automatic search for differential characteristics of LEA and HIGHT ciphers. They show that the MILP model of the differential property of modular addition with one constant input can be represented with a much lesser number of linear inequalities compared to the general case. Benefiting from this model for HIGHT block cipher
-
SMT-based cube attack on round-reduced Simeck32/64 IET Inf. Secur. (IF 1.068) Pub Date : 2020-08-25 Mojtaba Zaheri; Babak Sadeghiyan
In this study, the authors take advantage of feeding the SMT solver by extra information provided through middle state cube characteristics to introduce a new method which they call SMT-based cube attack, and apply it to improve the success of the solver in attacking reduced-round versions of Simeck32/64 lightweight block cipher. The key idea is to search for and utilise all found middle state characteristics
-
IoT security vulnerabilities and predictive signal jamming attack analysis in LoRaWAN IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Max Ingham; Jims Marchang; Deepayan Bhowmik
Internet of Things (IoT) gains popularity in recent times due to its flexibility, usability, diverse applicability and ease of deployment. However, the issues related to security are less explored. The IoT devices are light weight in nature and have low computation power, low battery life and low memory. As incorporating security features are resource expensive, IoT devices are often found to be less
-
Lightweight and privacy-preserving authentication scheme with the resilience of desynchronisation attacks for WBANs IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Mengxia Shuai; Ling Xiong; Changhui Wang; Nenghai Yu
With the advances in wireless communication and Internet of things, wireless body area networks (WBANs) have attracted more and more attention because of the potential in improving the quality of health care services. With the help of WBANs, the user can access the patient's life-critical data generated by miniaturised medical sensors, and remote health care monitoring services are provided. Since
-
Privacy preservation with RTT-based detection for wireless mesh networks IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Amit Kumar Roy; Ajoy Kumar Khan
Wireless mesh networks (WMNs) upraised as superior technology offering all aspects of services as compared to conventional networks. Due to the absence of centralised authority, WMNs suffers from both external and internal attacks, which decrease the overall performance of WMNs. In this study, the authors proposed an efficient handoff authentication protocol with privacy preservation of nonce and transfer
-
Detection of compromised accounts for online social networks based on a supervised analytical hierarchy process IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Xiujuan Wang; Haoyang Tang; Kangfeng Zheng; Yuanrui Tao
In recent years, the security of online social networks (OSNs) has become an issue of widespread concern. Searching and detecting compromised accounts in OSNs is crucial for ensuring the security of OSN platforms. In this study, the authors proposed a new method of detecting compromised accounts based on a supervised analytical hierarchy process (SAHP). First, they considered the expression habits
-
Security analysis of KAP based on enhanced MPF IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Eligijus Sakalauskas; Aleksejus Mihalkovich; Arnas Uselis
In the previous study, authors proved that inversion of enhanced matrix power function (MPF), introduced as conjectured one-way function, is a nondeterministic polynomial time (NP)-complete problem. Furthermore, a key agreement protocol (KAP), the security of which relies on the inversion of this function, was previously proposed. The problem is that the application of MPF can yield weak keys under
-
Malware classification using compact image features and multiclass support vector machines IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Lahouari Ghouti; Muhammad Imam
Malware and malicious code do not only incur considerable costs and losses but impact negatively the reputation of the targeted organisations. Malware developers, hackers, and information security specialists are continuously improving their strategies to defeat each other. Unfortunately, there is no one-size-fits-all solution to detect and eradicate any malware. This situation is aggravated more by
-
Algebraic method to recover superpolies in cube attacks IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Chen-Dong Ye; Tian Tian
Cube attacks are an important type of key recovery attacks against nonlinear feedback shift register (NFSR)-based cryptosystems. The key step in cube attacks closely related to key recovery is recovering superpolies. However, in the previous cube attacks including original, division property based and correlation cube attacks, the algebraic normal form of superpolies could hardly be shown to be exact
-
Distributed signing protocol for IEEE P1363-compliant identity-based signature scheme IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Qi Feng; Debiao He; Zhe Liu; Ding Wang; Kim-Kwang Raymond Choo
The identity-based signature (IBS) scheme is one of the most promising secure and widely used cryptographic primitives for electronic commerce applications. For example, ID-based signing in a multi-party setting, without ever revealing any private and secret information, has received considerable interest in distributed applications such as a global manufacturer. However, there is no practical solution
-
Novel LDoS attack detection by Spark-assisted correlation analysis approach in wireless sensor network IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Chen Hongsong; Meng Caixia; Fu Zhongchuan; Chao-Hsien Lee
Low-rate denial of service (LDoS) attack is a special DoS attack type of wireless sensor network (WSN). Routing protocol is the critical component of the WSN. Routing flood attack is a novel LDoS attack pattern in WSN. However, the attack is difficult to be detected by traditional intrusion detection algorithm. A novel LDoS attack detection method based on big data and signal analysis is proposed.
-
Scan-based attack tolerance with minimum testability loss: a gate-level approach IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Mohammad Taherifard; Mahdi Fazeli; Ahmad Patooghy
Scan chain is an architectural solution to facilitate in-field tests and debugging of digital chips, however, it is also known as a source of security problems, e.g. scan-based attacks in the chips. The authors conduct a comprehensive gate-level security analysis on crypto-chips, which are equipped with a scan chain, and then propose a set of protection mechanisms to immune vulnerable nets of the chips
-
Cloud-assisted secure and conjunctive publish/subscribe service in smart grids IET Inf. Secur. (IF 1.068) Pub Date : 2020-06-22 Jinguo Li; Mi Wen; Kai Zhang
The publish/subscribe (P/S) service on Advanced Metering Infrastructure (AMI) servers of smart grid need to deal with huge amount of data, which may lead to data burst on AMI servers and serious server crash. Moreover, for protecting data security, sensitive data must be encrypted before being published. It obstacles traditional data utilisation based on plaintext P/S service. Thus, enabling an encrypted
-
Fully Invisible Protean Signatures Schemes IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Stephan Krenn; Henrich C. Pöhls; Kai Samelin; Daniel Slamanig
Protean signatures (PSs), recently introduced by Krenn et al. (CANS ‘18), allow a semi-trusted third party (the sanitiser), to modify a signed message in a controlled way: the signer can define the message parts to be arbitrarily editable by the sanitiser, as well as message parts which can be redacted (but not altered otherwise) by the sanitiser. Thus, PSs generalise both redactable signatures (RSs)
-
Privacy-preserving Constrained Spectral Clustering Algorithm for Large-scale Data Sets IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Ji Li; Jianghong Wei; Mao Ye; Wenfen Liu; Xuexian Hu
With the increasing concern on the preservation of personal privacy, privacy-preserving data mining has become a hot topic in recent years. Spectral clustering is one of the most widely used clustering algorithm for exploratory data analysis and usually has to deal with sensitive data sets. How to conduct privacy-preserving spectral clustering is an urgent problem to be solved. In this study, the authors
-
Data Availability Improvement in Peer-to-Peer Online Social Networks IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Fariba Khazaei Koohpar; Afsaneh Fatemi; Fatemeh Raji
One of the main challenges of centralised social networks is having a central provider that stores the data which imposes some limitations to preserve the privacy of users’ data. However, one of the decentralised architectures is peer-to-peer network that every user takes the responsibility of storing and managing his/her data. Although the privacy of data is increased in these networks, authorised
-
Corrigendum: Public-key encryption indistinguishable under plaintext-checkable attacks IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Michel Abdalla; Fabrice Benhamouda; David Pointcheval
This note is a corrigendum for the paper ‘Public-key encryption indistinguishable under plaintext-checkable attacks’, IET Information Security (2016), 10(6): 288, http://dx.doi.org/10.1049/iet-ifs.2015.0500.
-
ANOVUL: Detection of Logic Vulnerabilities in Annotated Programs via Data and Control Flow Analysis IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Mahmoud Ghorbanzadeh; Hamid Reza Shahriari
Logic vulnerabilities are largely dependent on the expected functions of web applications. Their appearance depends on both application logic and related security policy which may change based on modifications in business requirements. Accordingly, there are no specific and common patterns for logic vulnerabilities moreover, a security policy is required for their detection. In this study, a vulnerability
-
Breaking the Hardness Assumption and IND-CPA Security of HQC Submitted to NISTPQC Project IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Zhen Liu; Yanbin Pan; Tianyuan Xie
Hamming quasi-cyclic (HQC) cryptosystem, proposed by Aguilar Melchor et al. , is a code-based key encapsulation mechanism (KEM) submitted for the NIST standardisation process of post-quantum cryptography (PQC). Under the assumption that the s -decision quasi-cyclic syndrome decoding ( s -DQCSD) problem is hard for s = 2 and 3, HQC, viewed as a public-key encryption scheme, is proven to be indistinguishability
-
Faster Privacy-Preserving Location Proximity Schemes for Circles and Polygons IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Kimmo Järvinen; Ágnes Kiss; Thomas Schneider; Oleksandr Tkachenko; Zheng Yang
In the last decade, location information became easily obtainable using off-the-shelf mobile devices. This gave a momentum to developing Location Based Services (LBSs) such as location proximity detection, which can be used to find friends or taxis nearby. LBSs can, however, be easily misused to track users, which draws attention to the need of protecting privacy of these users. In this work, we address
-
Improved Collusion-Resistant Unidirectional Proxy Re-Encryption Scheme from Lattice IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Xuyang Wang; Aiqun Hu; Hao Fang
Proxy re-encryption (PRE) is a promising cryptographic structure for pervasive data sharing in cloud-based social networks, which enables a semi-trusted proxy to convert a ciphertext for Alice into a ciphertext for Bob without seeing the corresponding plaintext. Since the proxy is semi-trust, a PRE scheme which can resist the collusion attack will be of great practical value. Jiang et al. in 2015 and
-
The Impact of the Modulus Switching Technique on Some Attacks against Learning Problem IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Huy Quoc Le; Pradeep Kumar Mishra; Satoshi Nakamura; Koha Kinjo; Dung Hoang Duong; Masaya Yasuda
The modulus switching technique has been used in some cryptographic applications as well as in cryptanalysis. For cryptanalysis against the learning with errors (LWE) problem and the learning with rounding (LWR) problem, it seems that one does not know whether the technique is really useful or not. This work supplies a complete view of the impact of this technique on the decoding attack, the dual attack
-
Complexity of statistical attacks on QC-LDPC code-based cryptosystems IET Inf. Secur. (IF 1.068) Pub Date : 2020-05-01 Paolo Santini; Marco Baldi; Franco Chiaraluce
Public-key cryptosystems built on quasi-cyclic (QC) low-density parity-check and moderate-density parity-check codes are promising candidates for post-quantum cryptography, since they are characterised by compact keys and high algorithmic efficiency. The main issue with this kind of system is represented by the fact that, since the decoding procedure is probabilistic, it may leak information about
-
Threshold Trapdoor Functions and Their Applications IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Binbin Tu; Yu Chen; Xueli Wang
We introduce a cryptographic primitive named threshold trapdoor functions (TTDFs), from which we give generic constructions of threshold and revocation encryptions under adaptive corruption model. Then, we show TTDF can be instantiated under the decisional Diffie-Hellman (DDH) assumption and the learning with errors (LWE) assumption. By combining the instantiations of TTDF with the generic constructions
-
A Mutual Authentication Based Remote Attestation Scheme for Embedded Systems IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Ziwang Wang; Yi Zhuang; Qingxun Xia
To improve the security and efficiency of remote attestation (RA) for embedded systems, this study proposes mutual authentication-based RA scheme for embedded systems. Especially, the authors design an RA framework based on authentication agents and measurement agents, which combines the mutually anonymous identity authentication scheme with the platform integrity attestation. During the identity authentication
-
Fingerprint image quality assessment based on BP neural network with hierarchical clustering IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Jun Liu; Jia Yan; Dexiang Deng; Ruijue Zhang
Fingerprint image quality assessment is important because the good performance of the minutiae-based matching algorithm is heavily dependent on fingerprint images with high quality. Many efforts have been made in existing methods, but most methods either use full fingerprint images or use local areas and involve subjective judgments. Unlike previous methods, the proposed method considers both local
-
Choosing Subfields for LUOV and Lifting Fields for Rainbow IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Dung Hoang Duong; Le Van Luyen; Ha Thanh Nguyen Tran
Multivariate public key cryptography is one of the main candidates for post-quantum cryptography. Rainbow, an improved (multi-layer) version of unbalanced oil and vinegar (UOV), is one of the most famous multivariate signature schemes that is a promising candidate for NIST standardisation. At INDOCRYPT 2017, Beullens and Preneel introduced a new variant LUOV of UOV. Their idea is to generate a UOV
-
Call graph obfuscation and diversification: an approach IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Miguel Rodríguez-Veliz; Yulier Nuñez-Musa; Roberto Sepúlveda-Lima
Monetary loss due to software piracy nowadays reaches millions. In 2017, the commercial value for this concept rose to $46.3 billion. A way to mitigate this problem from the technological point of view is the use of software protection techniques, especially the obfuscation and diversification of code, highlighting the control obfuscation. There are many proposals connected with obfuscating control
-
Parallel-CNN Network for Malware Detection IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Nazanin Bakhshinejad; Ali Hamzeh
Nowadays, computers and the Internet have become an inseparable part of our life. We accomplish a wide range of our daily tasks through the Internet. A massive number of malwares have been designed annually to infiltrate computers and other electronic devices that endanger their security strikingly. Hence, developing a method that is capable of proactively detect and prevent malware is a perpetual
-
A Framework for Faster Key Search Using Related-key Higher-order Differential Properties: Applications to Agrasta IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Christoph Dobraunig; Farokhlagha Moazami; Christian Rechberger; Hadi Soleimany
The relevance of the related-key model is usually controversial. However, in some cases, related-key properties have already been used to reduce the effective key length of the cipher in the single-key model. Hence, research into this direction can be helpful to bridge the gap between theory and practice aspects of the related-key model. Motivated by this challenge, the authors develop a new framework
-
Protecting Scientific Workflows in Clouds with an Intrusion Tolerant System IET Inf. Secur. (IF 1.068) Pub Date : 2020-03-01 Yawen Wang; Yunfei Guo; Zehua Guo; Wenyan Liu; Chao Yang
With the development of cloud computing technology, more and more scientific workflows are delivered to cloud platforms to complete. However, there are many threats in clouds due to the multi-tenant coexistence. In order to protect scientific workflows in clouds, the authors propose an intrusion tolerant scientific workflow system. In this system, the task executors containing multiple virtual machines
Contents have been reproduced by permission of the publishers.