از نرم افزار winrar برای باز کردن فایل های فشرده استفاده می شود. برای دانلود آن بر روی لینک زیر کلیک کنید
Automatic Security Analysis of EPCBC against Differential Attacks
تحلیل خودکار امنیتی EPCBC علیه حملات افتراقی-2017
It is necessary for us to evaluate immunity against differential attacks when designing secure block ciphers. Finding the lower bound of active S-boxes is an effective method. Based on MILP, we use an improved method to analyze EPCBC. EPCBC is an ultra-lightweight block cipher. The block size of EPCBC is 48-bit/96-bit and the key size of EPCBC is 96-bit key. EPCBC is fit for EPC encryption. The efficiency of EPCBC results in a huge market application. Hence, it is necessary for us to evaluate the security of EPCBC. In this paper, we show that 32 rounds are secure enough for resisting the differential attacks.
Keywords: Block Cipher | S-bP structures | Active S-box | MILP | EPCBC | Electronic Product Code
Packet key-based security system for the next generation LTE networks
سیستم امنیتی مبتنی بر کلید بسته برای شبکه های LTE نسل بعدی-2017
This paper proposes the end-to-end security scheme with packet key mechanism to perform ciphering of user traffic between two UEs attached to the different LTE networks. In LTE system, each UE derives its master key after a mutual authentication is performed between the UE and its local LTE network. In this paper, two end-to-end UEs use their own master keys to generate real-time packet keys where different packet keys are applied to encrypt packet stream data on a packet basis. Because the life cycle of the packet key is same as a packet period, the proposed security scheme significantly improves the security strength for end-to-end LTE users. As a result, this paper contributes to suggest the security scheme with packet key mechanism that can provide high level of security as well as end-to-end security for the global LTE UEs.© 2017 The Authors. Published by Elsevier B.V.Peer-review under responsibility of the Conference Program Chairs.
Keywords: End-to-End LTE users | End-to-End security management | Packet key | Post-LTE security | Real-time encryption
Multilevel classification of security concerns in cloud computing
طبقه بندی چندسطحی نگرانی های امنیتی در محاسبات ابری-2017
Received 11 May 2015; revised 11 March 2016; accepted 20 March 2016 Available online 8 April 2016 Abstract Threats jeopardize some basic securityrequirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider. 2016 King Saud University. Production and hosting by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
KEYWORDS :Cloud computing | Security | Virtualization | SaaS | PaaS | IaaS
A Survey on HTTPS Implementation by Android Apps: Issues and Countermeasures
یک بررسی در پیاده سازی HTTPS توسط برنامه های Android: مسائل و اقدامات مقابله با آن-2017
Received 5 July 2016; revised 5 October 2016; accepted 31 October 2016 Available online 11 November 2016 University of Cincinnati, United States KEYWORDS :HTTPS;Android;Mobile security;TLS/SSL;Mobile development Abstract As more and more sensitive data is transferred from mobile applications across unsecured channels, it seems imperative that transport layer encryption should be used in any nontrivial instance. Yet, research indicates that many Android developers do not use HTTPS or violate rules which protect user data from man-in-the-middle attacks. This paper seeks to find a root cause of the disparities between theoretical HTTPS usage and in-the-wild implementation of the protocol by looking into Android applications, online resources, and papers published by HTTPS and Android security researchers. From these resources, we extract a set of barrier categories that exist in the path of proper TLS use. These barriers not only include improper developer practices, but also server misconfiguration, lacking documentation, flaws in libraries, the fundamentally complexTLS PKI system, and a lack of consumer understanding of the importance of HTTPS. Following this discussion, we compile a set of potential solutions and patches to better secure Android HTTPS and the TLS/SSL protocol in general. We conclude our survey with gaps in current understanding of the environment and suggestions for further research. 2016 The Authors. Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CCBY-NC-NDlicense (http://creativecommons.org/licenses/by-nc-nd/4.0/).
KEYWORDS: HTTPS | Android | Mobile security | TLS/SSL | Mobile development
نظارت جمعی و گزینه های سیاست فن آوری: بهبود امنیت ارتباطات خصوصی
سال انتشار: 2017 - تعداد صفحات فایل pdf انگلیسی: 7 - تعداد صفحات فایل doc فارسی: 26
افشاگری های اسنودن در سال 2013 شعله بحث شدید در مشروعیت و وسعت عملیات جاسوسی که ناظر بر اینترنت و ارتباطات از راه دور در سراسر جهان بود را شعله ور کرد. حمله مداوم به حوزه خصوصی افراد در سراسر جهان توسط دولت ها و شرکت ها موضوعی است که بطور کافی با استفاده از اقدامات فنی و سازمانی فعلی صورت گرفته است. این مقاله استدلال می کند که به منظور حفظ اینترنت حیاتی و فعال، زیرساخت های اساسی آن باید بطور قابل توجهی تقویت شود. ما تعدادی گزینه های فنی و سیاسی، که به بهبود امنیت در اینترنت کمک می کند،پیشنهاد می کنیم. بر بحث پیرامون رمزگذاری و ناشناخته ، و همچنین در سیاست های مقابله با آسیب پذیری های نرم افزار و سخت افزار و ضعف معماری اینترنت تمرکز دارد.
کلید واژه ها: نظارت | سیاست | رمزگذاری | حریم خصوصی
|مقاله ترجمه شده|
Fully Enhanced Homomorphic Encryption algorithm of MORE approach for real world applications
الگوریتم رمزگذاری Homomorphic به طور کامل پیشرفته از رویکرد MORE برای برنامه های دنیای واقعی-2017
Article history:Available online 21 February 2017Keywords:Fully Homomorphic Encryption scheme MOREDynamic diffusion and permutation primitivesSecurity analysisThe design of a Homomorphic Encryption (HE) algorithm that allows computation over the encrypted data is required in real world modern applications to preserve the privacy. Such applications include Cloud Computing, shared storage, processing resources, etc. The existing solutions are not practical for real world applications. Asymmetric approaches suffer from high computation overhead, while symmet- ric approaches suffer from low immunity against attacks such as chosen and known plaintext attack. In this paper, we consider symmetric approaches and we focus on Matrix Operation for Randomization and Encryption (MORE) approach to build a new algorithm overcoming the drawbacks of MORE. The pro- posed algorithm is explained in details and evaluated. The security performance results show that the proposed approach can prevent the strong attacks without degradation of the system performances in term of latency and energy consumption.© 2017 Elsevier Ltd. All rights reserved.1.
Keywords: Fully Homomorphic Encryption scheme | MORE | Dynamic diffusion and permutation | primitives | Security analysis
Naor–Yung paradigm with shared randomness and applications
نمونه Naor–Yung با غیر مترقبه بودن و برنامه های کاربردی مشترک-2017
Article history:Received 18 September 2016Received in revised form 17 May 2017 Accepted 21 June 2017Available online xxxx Communicated by G. PersianoKeywords:Public-key cryptography KDM securityLeakage Subset SumThe Naor–Yung paradigm  allows to generically boost security under chosen-plaintext attacks (CPA) to security against chosen-ciphertext attacks (CCA) for public-key encryption (PKE) schemes. The main idea is to encrypt the plaintext twice (under independent public keys), and to append a non-interactive zero-knowledge (NIZK) proof that the two ciphertexts indeed encrypt the same message. Later work by Camenisch, Chandran, and Shoup  and Naor and Segev [28,30] established that the very same technique can also be used in the settings of key-dependent message (KDM) and key-leakage attacks (respectively).In this paper we study the conditions under which the two cipher texts in the Naor–Yung construction can share the same random coins. We ﬁnd that this is possible, provided that the underlying PKE scheme meets an additional simple property. The motivation for re-using the same random coins is that this allows to design much more eﬃcient NIZK proofs. We showcase such an improvement in the random oracle model, under standard complexity assumptions including Decisional Diﬃe–Hellman, Quadratic Residuosity, and Subset Sum. The length of the resulting cipher texts is reduced by 50%, yielding truly eﬃcient PKE schemes achieving CCA security under KDM and key-leakage attacks.As an additional contribution, we design the ﬁrst PKE scheme whose CPA security under KDM attacks can be directly reduced to (low-density instances of) the Subset Sum assumption. Our PKE scheme supports key-dependent messages computed via any aﬃne function of the secret key. 2017 Elsevier B.V. All rights reserved.
Keywords:Public-key cryptography | KDM security | Leakage | Subset Sum
DC programming and DCA for enhancing physical layer security via cooperative jamming
برنامه ریزی DC و DCA برای افزایش امنیت لایه فیزیکی از طریق پارازیت تعاونی-2017
Article history:Received 30 September 2015Revised 10 August 2016Accepted 7 November 2016Available online 18 November 2016Keywords:Physical layer security Cooperative jamming Resource allocationDC programming and DCAThe explosive development of computational tools these days is threatening security of cryptographic algorithms, which are regarded as primary traditional methods for ensuring information security. The physical layer security approach is introduced as a method for both improving conﬁdentiality of the se- cret key distribution in cryptography and enabling the data transmission without relaying on higher-layer encryption. In this paper, the cooperative jamming paradigm - one of the techniques used in the phys- ical layer is studied and the resulting power allocation problem with the aim of maximizing the sum of secrecy rates subject to power constraints is formulated as a nonconvex optimization problem. The objective function is a so-called DC (Difference of Convex functions) function, and some constraints are coupling. We propose a new DC formulation and develop an eﬃcient DCA (DC Algorithm) to deal with this nonconvex program. The DCA introduces the elegant concept of approximating the original non- convex program by a sequence of convex ones: at each iteration of DCA requires solution of a convex subproblem. The main advantage of the proposed approach is that it leads to strongly convex quadratic subproblems with separate variables in the objective function, which can be tackled by both distributed and centralized methods. One of the major contributions of the paper is to develop a highly eﬃcient distributed algorithm to solve the convex subproblem. We adopt the dual decomposition method that results in computing iteratively the projection of points onto a very simple structural set which can be determined by an inexpensive procedure. The numerical results show the eﬃciency and the superiority of the new DCA based algorithm compared with existing approaches.© 2016 Elsevier Ltd. All rights reserved.
Keywords: Physical layer security | Cooperative jamming | Resource allocation | DC programming and DCA
A framework for critical security factors that influence the decision of cloud adoption by Saudi government agencies
یک چارچوب برای عوامل امنیتی بحرانی که بر تصمیم تصویب ابر توسط سازمان های دولتی سعودی تأثیر می گذارد-2017
Cloud computing technologies can play an essential role in public organisations and com- panies while it reduces the cost of using information technology services. It allows users to access the service anytime and anywhere, with paying for what they use. In developing countries, such as Saudi Arabia, the cloud computing is still not extensively adopted, com- pared to countries in the west. In order to encourage the adoption of cloud services, it is considerable to understand an important and particular complications regarding to cloud computing is the potential and perceived security risks and benefits posed by implement- ing such technology.This paper investigates the critical security factors that influence the decision to adopt cloud computing by Saudi government agencies. A framework was proposed for three cat- egories, Social Factors category, Cloud Security Risks Category and Perceived Cloud Security Benefits that includes well-known cloud security features. The framework factors were identified by critically reviewing studies found in the literature together with factors from the industrial standards within the context of Saudi Arabia. An experiment study was con- ducted in five government agencies in Saudi Arabia by interview and questionnaire with experts in order to improve and confirm the framework. All the factors in the proposed framework were found to be statistically significant. An additional factor identified was Failure of client side encryption. Moreover, they suggested including this factor as a poten- tial risk under Security Risk Factors Category. The initial framework was updated based on the expert reviews and questionnaires. The results were analysed via one-sample t-test with the data integrity analysed via Cronbach’s alpha. The outcome indicated the majority of cloud security adoption framework categories were statistically significant. Potential future study directions and contributions are discussed.Crown Copyright © 2017 Published by Elsevier Ltd. All rights reserved.
Keywords:Saudi government agencies | Cloud adoption | Cloud security risks | Cloud security benefits
ECG encryption and identification based security solution on the Zynq SoC for connected health systems
رمزگذاری ECG و شناسایی بر اساس راه حل امنیتی در Zynq SoC برای سیستم های بهداشتی متصل-2017
Article history:Received 10 May 2016 Received in revised form 12 November 2016Accepted 12 December 2016Available online 23 December 2016Keywords:Advanced encryption standard (AES)Electrocardiogram (ECG) encryption and identificationField programmable gate array (FPGA) Zynq7 system on chip (SoC)Connected health is a technology that associates medical devices, security devices and communication technologies. It enables patients to be monitored and treated remotely from their home. Patients’ data and medical records within a connected health system should be securely stored and transmitted for further analysis and diagnosis. This paper presents a set of security solutions that can be deployed in a connected health environment, which includes the advanced encryption standard (AES) algorithm and electrocardiogram (ECG) identification system. Efficient System-on-Chip (SoC) implementations for the proposed algorithms have been carried out on the Xilinx ZC702 prototyping board. The Achieved hardware implementation results have shown that the proposed AES and ECG identification based system met the real-time requirements and outperformed existing field programmable gate array (FPGA)-based systems in different key performance metrics such as processing time, hardware resources and power consumption. The proposed systems can process an ECG sample in 10.71 ms and uses only 30% of the available hardware resources with a power consumption of 107 mW.© 2016 Elsevier Inc. All rights reserved.
Keywords:Advanced encryption standard (AES) | Electrocardiogram (ECG) encryption andidentification | Field programmable gate array (FPGA) | Zynq7 system on chip (SoC)