An efficient Lightweight integrated Blockchain (ELIB) model for IoT security and privacy
مدل کارآمد سبک یکپارچه بلاکچین (ELIB) برای امنیت اینترنت اشیا و حفظ حریم خصوصی-2019
Presently, BlockChain (BC) gained significant interest because of its undeniable nature and related advantages of security and privacy, BC has the power to resolve the limitations of Internet of Things (IoT) such as data protection and privacy. At the same time, BC has high computation complexity, restricted scalability, high bandwidth overhead and latency that is unsuitable to IoT. In this paper, efficient Lightweight integrated Blockchain (ELIB) model is developed to meet necessitates of IoT. The presented model is deployed in a smart home environment as an important illustration to verify its applicability in various IoT scenarios. The resource constrained resources in a smart home takes the advantages from a centralized manager which generates shared keys to transmit data, process every incoming and outgoing requests. The presented ELIB model generates an overlay network where highly equipped resources can merges to a public BC which verifies dedicated security and privacy. A set of three optimizations are carried out in the presented ELIB model include lightweight consensus algorithm, certificateless (CC) cryptography and Distributed Throughput Management (DTM) scheme. A detailed simulation takes place under different scenarios in terms of processing time, energy usage and overhead. The ELIB attains a total of 50% saving in processing time on comparing to baseline method with the minimum energy consumption of 0.07mJ. The obtained experimental outcome indicated that the ELIB shows maximum performance under several evaluation parameters.
Keywords: IoT | Blockchain | Security | Privacy | Certificateless cryptography
On addressing RFID/NFC-based relay attacks: An overview
در مورد آدرس دهی حملات رله مبتنی بر RFID / NFC: یک مرور کلی-2019
Relay attacks generally occur between two entities that communicate with each other through wireless means. When a relay attack between a honest prover and a honest verifier occurs, an adversary tricks the prover and verifier into believing that they are indeed communicating with each other. Such attacks are rather difficult to identify and prevent since a passive adversary does not modify any of the communicated messages between prover and verifier. RFID/NFC-based applications are particularly vulnerable to such attacks. We provide an overview of RFID-based relay attacks and evaluate various streams of research that have attempted to address these attacks. Specifically, we consider distance-bounding techniques and the use of artificial or natural ambient conditions, with specific emphasis on the latter.
Keywords: RFID | Relay attack | Cryptography | Ambient conditions
A balanced power analysis attack resilient adiabatic logic using single charge sharing transistor
تجزیه و تحلیل قدرت متعادل حمله منطق بی دررو انعطاف پذیر با استفاده از تک ترانزیستور به اشتراک گذاری شارژ-2019
The existing Power Analysis Attacks (PAA) resilient adiabatic logic designs exhibit variations in current peaks, have asymmetric structures and suffer from Non-Adiabatic Losses (NAL) during the evaluation phase of the power-clock. However, asymmetric structure and variations in current peaks make the circuit susceptible to PAA. In this paper, we present a novel PAA resilient adiabatic logic which has a symmetric structure, completely removes NAL from the evaluation phase of the power-clock and exhibits minimal variations in current peaks for gates as well as in an 8-bit Montgomery multiplier. The proposed logic has been compared with three existing secure adiabatic logic designs for operating frequencies ranging from 1 MHz to 100 MHz and power-clock scaling ranging from 1.8 V to 0.6 V. Simulation results of the gates show that our proposed logic exhibits the lowest Normalized Energy Deviation (NED) and Normalized Standard Deviation (NSD) at the frequencies mentioned above. In addition, all the 2-input gates using proposed logic dissipate average energy within 0.3% of each other and thus, lowest value of standard deviation at all the simulated frequencies. The simulation results for the 8-bit Montgomery multiplier show that proposed logic exhibits the least value of NED and NSD at all the simulated frequencies and under power-supply scaling.
Keywords: Cryptography | Charge-sharing | Current consumption | Quasi-adiabatic logic | Power analysis attack | Secure
Kernel-based template attacks of cryptographic circuits using static power
حملات الگوی مبتنی بر هسته از مدارهای رمزنگاری شده با استفاده از توان استاتیک-2019
Side-channel attacks using static power have been shown to be successful against cryptographic circuits in different environments. This class of attacks exploits the power leakage when the circuit is in a static state, during which the power leakage is expected to be a fixed value. Due to the low signal-to-noise ratio of static power, usually more traces are needed for a static power attack to reach the same success rate as a dynamic power attack. The probabilistic distribution pattern of static power varies significantly in different devices, which further poses challenges to the accurate modeling of static power. In this paper we propose non-parametric template attacks which use a kernel methodology to improve the accuracy of modeling static power consumption. The proposed template attacks are tested using transistor-level simulations of circuits designed with a 45-nm standard cell library. Our test results show that our approach improves the success rate of template attacks using static power in cases where the distribution of static power consumption cannot be accurately modeled by Gaussian models.
Keywords: Cryptographic circuits | Block ciphers | Side-channel attacks | Power analysis attacks | Static power | Template attacks
A security oriented transient-noise simulation methodology: Evaluation of intrinsic physical noise of cryptographic designs
روش شبیه سازی نویز گذرا امنیت گرا: ارزیابی صدای فیزیکی ذاتی طرح های رمزنگاری-2019
Noise in digital circuits has always been minimized to achieve high signal integrity, robust operation and of course high performance. However, for cryptographic applications, increased noise can in fact be beneficial. It can be used effectively to reduce the (cryptographic) Signal-to-Noise (SNR) ratio and to make it harder for an adversary to extract useful information (e.g., secret keys) from the side channel leakage data. A natural question concerns the extent to which intrinsic (internal) noise is required to improve security. In this manuscript, we explore this question and further introduce a methodology to exploit the intrinsic physical noise (i.e., flicker- and thermal-noise) at the secure circuit level. We additionally demonstrate how the values obtained from our methodology translate into relevant cryptographic metrics. Our simulations show that the calculated cryptographic noise values are in close agreement with the noise levels extracted from noisy distributions using transient noise analysis. We finally evaluate (with the proposed methodology) several meaningful parameters which affect the internal noise (and their security extent) such as transistors-sizing and voltage-supply changes.
ردپای سخت افزاری S-box در رمزنگاری های بلوک متقارن سبک برای سیستم های امنیتی اطلاعات IoT و CPS
Hardware footprints of S-box in lightweight symmetric block ciphers for IoT and CPS information security systems-2019
The hardware footprint for S-box specification in lightweight block cipher as appropriate to IoT and CPS information security systems is presented in this paper. The S-box Boolean function in the lightweight block cipher is defined using the Reed-Muller structure. A Rule Based–Common Sub-structure Sharing Optimization (RB-CSSO) algorithm has been proposed towards improving the performance efficiency of Reed-Muller structure. This novel hybrid RB-CSSO optimization mechanism first transforms the direct Positive Polarity Reed Muller (PPRM) S-box representation into Mixed Polarity Reed-Muller (MPRM) S-box architecture using local rule based transformation. Secondly, the Common Sub Term (CST) and Common Sub-expression (CSE) merging/elimination are employed over the resulting MPRM structure. The combined rule-based transformation and the common sub-function sharing demonstrate an overall reduction in area, delay and power of the Reed-Muller S-box structure. Both the theoretical analysis and the experimental verification demonstrate reduction in area and delay of S-box. Post synthesis results based on ASIC standard cell based implementations have been used to analyze area, delay and power values across Process, Voltage and Temperature (PVT) corners for a wide range of operating conditions. Extensive comparisons between direct PPRM and optimized MPRM implementations have been carried out. The post layout simulations of S-box structures realized show the advantages of lower area-delay product, power-area product and power-delay product. This work thus authenticates the application of proposed structure for lightweight, resource constrained security systems. Industry standard full suite of Cadence® tools have been employed in the simulations using 65 nm TCBN65GPLUS standard cells of TSMC technology library.
Keywords: Lightweight cryptography | Symmetric block ciphers | Substitution box | Reed-muller structure
FPGA implementation of dynamically reconfigurable IoT security module using algorithm hopping
پیاده سازی FPGA ماژول امنیتی IoT به صورت پویا قابل تنظیم با استفاده از الگوریتم جابجایی-2019
Internet of Things (IoT) is a promising technology that is continuously spreading around the world leading to many challenges facing cryptographic designers who are trying to fulfill the security standards of IoT constrained devices. In this work, a new design is proposed that adds a new dimension of security by using the concept of frequency hopping to generate a pseudo-random pattern for switching between 5 lightweight cryptographic ciphers: AEGIS, ASCON, COLM, Deoxys and OCB that are participating in the Competition for Authenticated Encryption, Security, Applicability, and Robustness (CAESAR). The proposed design exploits the advantages of Dynamic Partial Reconfiguration (DPR) technology in Field Programmable Gate Arrays (FPGAs) to switch between the 5 ciphers using Internal Configuration Access Port controller (AXI-HWICAP) providing a decrease of 58% and 80% in area utilization and power consumption respectively. The design is synthesized using Xilinx Vivado 2015.2 and mounted on Zynq evaluation board (XC7Z020LG484-1).
Keywords: CAESAR | FPGA | DPR | Cryptography | Hopping | AEAD | IoT
A Cryptographic Ensemble for secure third party data analysis: Collaborative data clustering without data owner participation
یک گروه رمزنگاری برای تجزیه و تحلیل داده های شخص ثالث امن: خوشه بندی داده های مشارکتی بدون مشارکت صاحب داده-2019
This paper introduces the twin concepts Cryptographic Ensembles and Global Encrypted Distance Matrices (GEDMs), designed to provide a solution to outsourced secure collaborative data clustering. The cryptographic ensemble comprises: Homomorphic Encryption (HE) to preserve raw data privacy, while supporting data analytics; and Multi-User Order Preserving Encryption (MUOPE) to preserve the privacy of the GEDM. Clustering can therefore be conducted over encrypted datasets without requiring decryption or the involvement of data owners once encryption has taken place, all with no loss of accuracy. The GEDM concept is applicable to large scale collaborative data mining applications that feature horizontal data partitioning. In the paper DBSCAN clustering is adopted for illustrative and evaluation purposes. The results demonstrate that the proposed solution is both efficient and accurate while maintaining data privacy.
Keywords: Data mining as a service | Privacy preserving data mining | Security | Data outsourcing
Protection of bio medical iris image using watermarking and cryptography with WPT
محافظت از تصویر عنبیه بیولوژیکی پزشکی با استفاده از علامت گذاری و رمزنگاری با WPT-2019
The emerging technologies in this present world is real time biometrics which recognized a specific person in a reliable manner through their distinct biological features. The most reliable biometric identification is an iris identification. The collection of iris images can be stored in the database which is hacked by the intruders. In order to prevent these databases with watermark text, a novel hybrid method is proposed which is a combination of Wavelet Packet Transform (WPT) and cryptography. This paper presents WPT for segmenting the iris image and finding the minimum energy band where the watermark text is embedded. The watermark text is the personal information of the owner of iris. Once the watermarking is done, the cryptographic key is used to encrypt the watermarked image. This way, both the image and the watermark text are prevented in an efficient manner. The quality measures of watermarked image have been analyzed and compared with other existing techniques. The proposed technique has been analyzed with blurring, salt and pepper, JPEG, cropping, Gaussian noise, rotate, speckle noise, filter, gamma, intensity and histogram equalization noises having PSNR value increased by 3.3%, 3.6%, 4.1%, 5.3%, 7.7%, 6.1%, 11.9%, 7.7%, 14.4%, 10.7% and 10.2% respectively which effectively increased the quality of image.
Keywords: Wavelet Packet Transform (WPT) | Watermarking | Cryptography | Peak Signal to Noise Ratio (PSNR) | Mean Square Error (MSE) | Normalized Cross Correlation (NCC)
An enhancement of EAACK using P2P ACK and RSA public key cryptography
افزایش EAACK با استفاده از رمزنگاری کلید عمومی P2P ACK و RSA-2019
MANET – Mobile Adhoc Network is a self-configuring network that connected by the number of mobile nodes with wireless links and it has no fixed infrastructure. In this, each single node can operates as both a transmitter and receiver. It has been exploited in various applications such as disaster stuck areas, military, emergency revival etc. Nevertheless, the open intermediate and broad distribution of nodes in MANET can cause a vulnerable to different malicious attacks and MANET that can operate consistently even in the being there of inside packet drop attackers can be really challenging. Therefore, we need to develop Intrusion Detection System to detect the misbehavior nodes during the packet delivery with acknowledgement for the protection of MANET. In this paper, EAACK (Enhanced Adaptive Acknowledgment) is developed with Enhanced Interior Gateway Routing Protocol (EIGRP) hybrid protocol which consists of P2P ACK and RSA algorithm. At present, the network overhead is caused by the digital signature algorithm if more misbehavior nodes are presented on network. Hence, this proposed system is applied with EIGRP to reduce the network overhead caused by digital signatures in EAACK, and P2P (peer-peer) ACK and RSA (named after Ron Rivest, Adi Shamir and Len Adleman) provides more security to the network. S-ACK (Selective Acknowledgements) cannot differentiate the particular node is malicious node. Therefore, this proposed system introduces the P2P ACK to detect the misbehavior node efficiently. Here, RSA can encrypt the session key that creates the key more secure to improve the security level and P2P ACK use this encrypted key for the acknowledgement. In the P2P ACK, keys are generated by the RSA and distributed for signing and verifying the acknowledgement packets in advance. This proposed P2P ACK is used to enhance the detection of misbehavior nodes. The performance of this proposed method can improve the security level and reduce the routing overhead through the secured acknowledgement.
Keywords: MANET | EAACK | Routing overhead | Security level | RSA | P2P ACK | Intrusion detection systems | Misbehaving nodes detec