با سلام خدمت کاربران در صورتی که با خطای سیستم پرداخت بانکی مواجه شدید از طریق کارت به کارت (6037997535328901 بانک ملی ناصر خنجری ) مقاله خود را دریافت کنید (تا مشکل رفع گردد).
ردیف | عنوان | نوع |
---|---|---|
1 |
Advanced digital signatures for preserving privacy and trust management in hierarchical heterogeneous IoT: Taxonomy, capabilities, and objectives
امضای دیجیتالی پیشرفته برای حفظ حریم خصوصی و مدیریت اعتماد در اینترنت اشیا ناهمگون سلسله مراتبی: طبقه بندی، قابلیت ها و اهداف-2022 Internet of Things (IoT) systems in different areas, such as manufacturing, transportation, and
healthcare, are the convergence of several technologies. There are many concerns about security
and privacy drawbacks in IoT systems. Apart from confidentiality supported by encryption
primitives, authenticity and non-repudiation are of utmost importance. IoT entities generally
use conventional digital signature schemes to achieve imperative goals. However, there are
some state-of-the-art digital signatures with more functionalities, IoT-friendly properties, and
privacy-preserving features.
This survey paper aims to accelerate the adoption of advanced digital signatures. We bridge the gap between the advanced theoretical digital signatures recently designed in cryptographic oriented papers and the applied IoT systems. It aids researchers in achieving more security, privacy as well as some unique functionality aspects. First, we illustrate the benefits of the hierarchical and heterogeneous IoT architecture supporting the end-edge-fog-cloud continuum accompanying blockchain technology. Second, our survey delves into five state-of-the-art digital signatures, including randomizable, keyless, double-authentication-prevention, sanitizable, and redactable schemes, that are aligned with entities in IoT systems. We provide an outline, taxonomy, comparison table, and diverse IoT-based use cases for each of them. Then, the integration of primitives and the relationship diagrams give guidelines to help select the appropriate advanced digital signatures and highlights how researchers can use them with different IoT entities for preserving privacy and management of trust. keywords: امضای دیجیتالی | حفظ حریم خصوصی اینترنت اشیا | بلاک چین | محاسبات ابری | Digital signature | IoT Privacy-preserving | Blockchain | Cloud computing |
مقاله انگلیسی |
2 |
An enhancement of EAACK using P2P ACK and RSA public key cryptography
افزایش EAACK با استفاده از رمزنگاری کلید عمومی P2P ACK و RSA-2019 MANET – Mobile Adhoc Network is a self-configuring network that connected by the number of mobile
nodes with wireless links and it has no fixed infrastructure. In this, each single node can operates as both
a transmitter and receiver. It has been exploited in various applications such as disaster stuck areas, military,
emergency revival etc. Nevertheless, the open intermediate and broad distribution of nodes in
MANET can cause a vulnerable to different malicious attacks and MANET that can operate consistently
even in the being there of inside packet drop attackers can be really challenging. Therefore, we need
to develop Intrusion Detection System to detect the misbehavior nodes during the packet delivery with
acknowledgement for the protection of MANET. In this paper, EAACK (Enhanced Adaptive
Acknowledgment) is developed with Enhanced Interior Gateway Routing Protocol (EIGRP) hybrid protocol
which consists of P2P ACK and RSA algorithm. At present, the network overhead is caused by the digital
signature algorithm if more misbehavior nodes are presented on network. Hence, this proposed
system is applied with EIGRP to reduce the network overhead caused by digital signatures in EAACK,
and P2P (peer-peer) ACK and RSA (named after Ron Rivest, Adi Shamir and Len Adleman) provides more
security to the network. S-ACK (Selective Acknowledgements) cannot differentiate the particular node is
malicious node. Therefore, this proposed system introduces the P2P ACK to detect the misbehavior node
efficiently. Here, RSA can encrypt the session key that creates the key more secure to improve the security
level and P2P ACK use this encrypted key for the acknowledgement. In the P2P ACK, keys are generated by
the RSA and distributed for signing and verifying the acknowledgement packets in advance. This proposed
P2P ACK is used to enhance the detection of misbehavior nodes. The performance of this proposed
method can improve the security level and reduce the routing overhead through the secured
acknowledgement. Keywords: MANET | EAACK | Routing overhead | Security level | RSA | P2P ACK | Intrusion detection systems | Misbehaving nodes detec |
مقاله انگلیسی |
3 |
Tightly secure signature schemes from the LWE and subset sum assumptions
طرح های امضایی کاملاً امن از مفروضات LWE و زیر مجموعه-2019 In this paper, we study how to construct tightlysecure signature scheme against adaptive chosen message attacks in the multi-user setting (i.e., tightly euf-m-cmasecure signature) from the learning with errors (LWE) assumptions. More precisely, we propose a modular framework of euf-m-cmasecure signature from a weak partial one-time signature (POS) scheme that is secure only against random message attacks in the multi-user setting (i.e., euf-m-rmasecure) and possesses imperfect correctness. By instantiating the weak POS with the LWE assumption, we obtain the first LWE-based tightlyeuf-m-cmasecure signature scheme in the multi-user setting. Moreover, we also present an instantiation of the weak POS based on the Subset Sum (SS) assumption, and again we obtain the first almost tightlyeuf-cmasecure signature scheme from the SS assumption in the single-user setting. All our security reductions are tight and without random oracles. Keywords: Digital signature | Tight security | Lattice-based cryptography | LWE | Subset Sum |
مقاله انگلیسی |
4 |
An improved certificateless aggregate signature scheme without bilinear pairings for vehicular ad hoc networks
یک طرح امضایی جمع دارایی دارای قابلیت اطمینان بدون جفت شدن دوقطبی برای شبکه های ادهاک وسایل نقلیه-2019 Certificateless aggregate signature (CL-AS) is a digital signature technique used to achieve improved per- formance in resource-constrained environments like vehicular ad hoc networks (VANETs) by eliminating the certificate issue in the traditional public key cryptography (PKC), addressing the key escrow problem in identity-based PKC, and utilizing the efficiency benefits of aggregate signature. Recently, an efficient CL- AS scheme for VANETs was proposed which the authors claimed to be existentially secure against forgery attacks in the random oracle model. In this paper, the scheme was analyzed and found to be insecure under existing security model. Consequently, we propose a new efficient certificateless aggregate signa- ture scheme for VANETs applications based on elliptic curve cryptography. The proposed scheme does not only meet the privacy and security requirements for VANETs, but supports batch verification, auton- omy, and conditional privacy preservation. In addition, the proposed scheme is provably secure against existential forgery on adaptive chosen message attack in the random oracle model based on the hardness assumption of the elliptic curve discrete logarithm problem. Extensive efficiency analysis demonstrates that the performance of the proposed scheme exceeds those of the recent related schemes in terms of computation cost and communication overhead. Keywords: Certificateless aggregate signature | Vehicular ad hoc networks (VANETs) | Random oracle | Elliptic curve cryptography | Conditional privacy | Batch verification |
مقاله انگلیسی |
5 |
Usable security for QR code
امنیت قابل استفاده برای کد QR-2019 QR codes are widely used in various settings such as consumer advertising, commercial tracking, tick- eting and marketing. People tend to scan QR codes and trust their content, but there exists no standard mechanism for providing authenticity and confidentiality of the code content. Attacks such as the redirec- tion to a malicious website or the infection of a smartphone with a malware are realistic and feasible in practice. In this paper, we present the first systematic study of usable state-of-the-art cryptographic prim- itives inside QR codes. We select standard, popular cryptographic schemes and we compare them based on performance, size and security. We conduct tests that show how different usability factors impact on the QR code scanning performance and we evaluate the usability/security trade-offof the considered cryptographic schemes. Interestingly, we find out that in some cases security breaks usability and we provide recommendations for the choice of secure and usable cryptographic schemes. Keywords: QR Codes | Usable security | Cryptography | Digital signature | HMAC |
مقاله انگلیسی |
6 |
امنیت قابل استفاده برای کد QR
سال انتشار: 2019 - تعداد صفحات فایل pdf انگلیسی: 9 - تعداد صفحات فایل doc فارسی: 35 کد QR به طور گستردهای در زمینههای مختلفی مثل تبلیغات مصرفکننده، ردیابی تجاری، بازاریابی به کار میرود. افراد تمایل دارند کد QR را بررسی کرده و به محتوای آنها اعتماد کنند، اما هیچ مکانیزم استانداردی برای تامین اعتبار و قابلیت اعتماد محتوای کد وجود ندارد. حملاتی مانند تغییر مسیر به یک وب سایت مخرب یا سرایت یک گوشی هوشمند با بدافزار در عمل واقعبینانه و عملی هستند. در این مقاله، ما اولین مطالعه اصولی از اصول رمزنگاری در کد QR را ارایه میکنیم. ما طرحهای رمزگذاری عمومی و محبوب را انتخاب میکنیم و آنها را براساس عملکرد، اندازه و امنیت مقایسه میکنیم. ما این آزمایشها را انجام میدهیم که نشان میدهند چگونه عوامل مختلف بر قابلیت استفاده عملکرد اسکن کد QR تاثیر میگذارد و ما قابلیت استفاده / امنیت را در طرحهای رمزنگاری مورد بررسی مورد ارزیابی قرار میدهیم. به طور شگفتانگیز، ما متوجه میشویم که در برخی موارد، امنیت، قابلیت استفاده را تجزیه میکند و توصیههایی برای انتخاب طرحهای رمزنگاری امن و قابلاستفاده در اختیار ما قرار میدهد.
کلیدواژه ها: کد QR | تدابیر شدید امنیتی | رمزنگاری | امضای دیجیتال | HMAC |
مقاله ترجمه شده |
7 |
Long-term verification of signatures based on a blockchain
تأیید طولانی مدت امضاها بر اساس بلاکچین-2019 Digitally signed documents must remain stored for many years. In this paper, a scheme that would allow maintaining signature validity without the necessity to use timestamps from trusted third parties is proposed. According to the scheme, after inserting data into a blockchain, a user can store a signed document in his storage without the need to per- form any maintenance actions in the future. The Round-based Blockchain Time-stamping Scheme is proposed that is scalable, i.e., it requires embedding a constant number of bytes into a blockchain independent from a number of input documents. The scheme allows to prove that a document existed not only before a certain date, but after a certain date as well. Moreover, the purpose of the scheme is to meet non-repudiation requirements for digitally signed documents. The scheme allows verifying signature validity using a chain model and under some conditions using a modified shell model. Keywords: Digital signature | Signature verification | Validity model | Blockchain | Timestamp |
مقاله انگلیسی |
8 |
Design and leakage assessment of side channel attack resistant binary edwards Elliptic Curve digital signature algorithm architectures
طراحی و ارزیابی نشت کانالهای جانبی معماری الگوریتم امضای دیجیتالی edwards Elliptic منحنی مقاوم در برابر حمله کانال-2019 Considering that Elliptic Curve Digital Signature Algorithm (ECDSA) implementations need to be efficient, flexible and Side Channel Attack (SCA) resistant, in this paper, a design approach and architecture for ECDSA and the underlined scalar multiplication operation is proposed for GF (2 k ), satisfying the above three directives. To achieve that, in the paper, Binary Edwards Curves (BECs) are adopted as an alter- native to traditional Weierstrass Elliptic Curves (ECs) for GF (2 k ) since they offer intrinsic SCA resistance against simple attacks due to their uniformity, operation regularity and completeness. To achieve high performance and flexibility, we propose a hardware/software ECDSA codesign approach where scalar mul- tiplication is implemented in hardware and integrated in the ECDSA functionality through appropriate drivers of an ECDSA software stack. To increase BEC scalar multiplier performance and introduce SCA resistance we adopt and expand a parallelism design strategy/methodology where GF (2 k ) operations of a scalar multiplier round for both point operations performed in this round are reordered and assigned into parallelism layer in order to be executed concurrently. Within this strategy we include hardware and software based SCA countermeasures that rely on masking/randomization and hiding. While scalar randomization is realized by the ECDSA software stack in an easy way, in order to achieve resistance us- ing hardware means, we propose and introduce in every scalar multiplier round, within the parallelism layers, projective coordinates randomization of all the round’s output points. So, in our approach, con- sidering that with the proposed parallelism plan in every scalar multiplier round BEC point operations are performed in parallel and that the round’s output points are randomized with a different number in each round, we manage to achieve maximum SCA resistance. To validate this resistance, we introduce and realize a leakage assessment process on BEC scalar multipliers for the first time in research literature. This process is based on real measurements collected from a controlled SAKURA X environment with a GF (2 233 ) based scalar multiplier implementation. Using Welch’s t -test we investigate possible information leakage of the multiplier’s input point and scalar and after an extended analysis we find trivial leakage. Finally, we validate the ECDSA architecture and its scalar multiplier efficiency by implementing it on a Zynq 70 0 0 series FPGA Avnet Zedboard and collecting very promising, well balanced, results on speed and hardware resources in comparison with other works. Keywords: VLSI Design | Side channel attacks | Elliptic Curve cryptography | Hardware security |
مقاله انگلیسی |
9 |
طرح امضای بدون گواهی امن عاری از جفتشدگی و قابلاعتماد
سال انتشار: 2018 - تعداد صفحات فایل pdf انگلیسی: 18 - تعداد صفحات فایل doc فارسی: 37 طرح امضاء بدون گواهی (CLS) یک روش رمزنگاری قابلتوجه برای حل مسئله امان سپاری کلیدی در رمزنگاری مبتنی بر هویت (IBC) است. در CLS، کلید خصوصی بهطورکلی توسط مرکز تولید کلید (KGC) و امضاء کننده محاسبه میشود که تضمین میکند که هیچ KGC انتقامی، امضای واقعی را جعل نمیکند. بهتازگی تعدادی از طرحهای CLS با استفاده از جفت سازی دوخطی ارائه شدهاند و ایمنی آنها را با استفاده از مدل امنیتی استاندارد نشان میدهد. بهخوبی مشخص شده است که یکی از این عملیات جفت سازی نیاز به هزینههای محاسباتی بسیار بیشتری نسبت به سایر عملیات رمزنگاری دارد. در این مقاله، ما یک طرح CLS جدید با استفاده از رمزنگاری منحنی بیضوی (ECC) پیشنهاد میکنیم که نیازی به عمل جفت سازی دوخطی ندارد. طرح CLS ما به صورت رسمی مورد تجزیهوتحلیل قرار گرفته است و ثابت شده است بر اساس عدم قطعیت یك مسئله لگاریتم گسسته منحنی بیضوی (ECDLP) تحت مدل اوراکل تصادفی در برابر حملات نوع I و نوع II امن است. ارزیابی عملکرد نشان میدهد که طرح CLS پیشنهادی از سایر طرحهای CLS رقابتی بهتر است.
واژههای کليدی: امضاي ديجيتال | منحني بيضوی | رمزنگاري بدون گواهي | مدل اوراکل تصادفي | امنيت قابلاعتماد. |
مقاله ترجمه شده |
10 |
Quantum digital signature for the access control of sensitive data in the big data era
امضای دیجیتال کوانتومی برای کنترل دسترسی به اطلاعات حساس در دوران داده بزرگ-2018 In our paper we focus on the application of quantum digital signature in the access control of sensitive
data such as those data appears in areas like healthcare in order to protect users personal information.
There are three parties in our protocol: the signer, the arbitrator and the receiver. Different from most
existing protocols developed in arbitrated quantum signature, in which the arbitrator is either assumed
to be honest or dishonest, in our protocol we assume the arbitrator is partially honest in the sense that the
arbitrator is honest-but-curious. The quantum protocol we propose in this paper have various advantages
over existing protocols of the same purpose. The technology we proposed can guarantee the unconditional
secure, and it is implementable by the current technology, so the method we proposed can guarantee the
security of user’ personal information in the big data era.
Keywords: Quantum ، Signature ، Access control ، Healthcare |
مقاله انگلیسی |