Key predistribution scheme using finite fields and reed muller codes

Resource constraint sensors of a Wireless Sensor Network (WSN) cannot afford the use of costly encryption techniques like public key while dealing with sensitive data. So symmetric key encryption techniques are preferred where it is essential to have the same cryptographic key between communicating parties. To this end, keys are preloaded into the nodes before deployment and are to be established once they get deployed in the target area. This entire process is called key predistribution. In this paper we propose one such scheme using unique factorization of polynomials over Finite Fields. To the best of our knowledge such an elegant use of Algebra is being done for the first time in WSN literature. The best part of the scheme is large number of node support with very small and uniform key ring per node. However the resiliency is not good. For this reason we use a special technique based on Reed Muller codes proposed recently by Sarkar, Saha and Chowdhury in 2010. The combined scheme has good resiliency with huge node support using very less keys per node.

In support of hydrocarbon exploration and discovery using clouds

Seismic data gathered from the Hydrocarbon Exploration and Discovery Operation is essential to identify possible hydrocarbon existence in a geologically surveyed area. However, the discovery operation takes a long time to be completed and computational processing of the acquired data is often delayed. Hydrocarbon exploration may end up needlessly covering an area without any hydrocarbon traces due to lack of immediate feedback from geophysical experts. This feedback can only be given when the acquired seismic data is computationally processed, analysed and interpreted. In response, we propose a comprehensive model to facilitate Hydrocarbon Exploration and Discovery Operation using encryption, decryption, satellite transmission and clouds. The model details the logical design of Seismic Data Processing (SDP) that exploits clouds and the ability for geophysical experts to provide on-line decisions on how to progress the hydrocarbon exploration operation at a remote location. Initial feasibility assessment was carried out to support our model. The SDP, data encryption and encryption for the assessment were carried out on a private cloud. The assessment shows that the overall process of hydrocarbon exploration from data acquisition, satellite data transmission through to SDP could be executed in a short time and at low costs.

A serverless ultra-lightweight secure search protocol for EPC Class-1 Gen-2 UHF RFID tags

Radio Frequency Identification (RFID) is a technology that enables the non-contact, automatic and unique identification of objects using radio waves. Its use for commercial applications has recently become attractive with RFID technology seen as the replacement for the optical barcode system that is currently in widespread use. RFID has many advantages over the traditional barcode and these advantages have the potential to significantly increase the efficiency of decentralised business environments such as logistics and supply chain management. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. In order to ensure the privacy and security of the tags, the search has to be conducted in a secure fashion. To our knowledge not much work has been done in this secure search area of RFID. The limited work that has been done does not comply with the EPC Class-1 Gen-2 standards since most of them use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a serverless ultra-lightweight secure search protocol that does not use the expensive hash functions or any complex encryption schemes but achieves compliance with EPC Class-1 Gen-2 standards while meeting the required security requirements. Our protocol is based on XOR encryption and random numbers - operations that are easily implemented on low-cost RFID tags. Our protocol also provides additional protection using a blind-factor to prevent tracking attacks. Since our protocol is EPC Class-1 Gen-2 compliant it makes it possible to implement it on low-cost passive RFID tags.

A secure search protocol based on Quadratic Residues for EPC Class-1 Gen-2 UHF RFID tags

Radio Frequency Identification (RFID) is a technological revolution that is expected to soon replace barcode systems. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. This task is quite common where RFID systems play a vital role. To our knowledge not much work has been done in this secure search area of RFID. Also, most of the existing work do not comply with the C1G2 standards. Our work aims to fill that gap by proposing a protocol based on Quadratic Residues property that does not use the expensive hash functions or any complex encryption schemes but achieves total compliance with industry standards while meeting the security requirements.

Microsoft and Amazon : a comparison of approaches to cloud security

Research has shown that data security has always been an important aspect of quality of service for data service providers; but cloud computing poses new and challenging security threats. The most common security concerns for users of cloud storage are data confidentiality, integrity and availability. Microsoft has considered these concerns and responded with the Azure virtual private storage based on Searchable Encryption. Amazon has also responded to these security issues with its Amazon Web Services. In this paper, we investigate and compare in depth the features of Microsoft Azure and Amazon Web Services deemed to provide security with a particular focus on confidentiality, integrity and availability of data.

Developing an empirical algorithm for protecting text-based CAPTCHAs against segmentation attacks

In this paper, we aim to provide an effective and efficient method to generate text-based Captchas which are resilient against segmentation attack. Different to the popular industry practice of using very simple color schemes, we advocate to use multiple colors in our Captchas. We adopt the idea of brush and canvas when coloring our Captchas. Furthermore, we choose to use simple accumulating functions to achieve diffusion on painted colors and DES encryption to achieve a good level of confusion on the brush pattern. To facilitate ordinary users and developers, we propose an empirical algorithm with support of Taguchi method to guarantee the quality of the chosen color schemes. Our proposed methodology has at least three advantages — 1) the settings of color schemes can be fully customized by the user or developer; 2) the quality of selected colors have desirable statistical features that are ensured by Taguchi method; 3) the algorithm can be fully automated into computer programs. Moreover, our included examples and experiments prove the practicality and validity of our algorithm.

Nonnegative Matrix Factorization Applied to Nonlinear Speech and Image Cryptosystems

Nonnegative matrix factorization (NMF) is widely used in signal separation and image compression. Motivated by its successful applications, we propose a new cryptosystem based on NMF, where the nonlinear mixing (NLM) model with a strong noise is introduced for encryption and NMF is used for decryption. The security of the cryptosystem relies on following two facts: 1) the constructed multivariable nonlinear function is not invertible; 2) the process of NMF is unilateral, if the inverse matrix of the constructed linear mixing matrix is not nonnegative. Comparing with Lin's method (2006) that is a theoretical scheme using one-time padding in the cryptosystem, our cipher can be used repeatedly for the practical request, i.e., multitme padding is used in our cryptosystem. Also, there is no restriction on statistical characteristics of the ciphers and the plaintexts. Thus, more signals can be processed (successfully encrypted and decrypted), no matter they are correlative, sparse, or Gaussian. Furthermore, instead of the number of zero-crossing-based method that is often unstable in encryption and decryption, an improved method based on the kurtosis of the signals is introduced to solve permutation ambiguities in waveform reconstruction. Simulations are given to illustrate security and availability of our cryptosystem.

Offline grouping proof protocol for RFID systems

Several grouping proof protocols have been proposed over the years but they are either found to be vulnerable to certain attacks or do not comply with EPC Class-1 Gen-2 (C1G2) standard because they use hash functions or other complex encryption schemes. Also, synchronization of keys, forward security, proving simultaneity, creating dependence, detecting illegitimate tags, eliminating unwanted tag processing and denial-of-proof (DoP) attacks have not been fully addressed by many. Our protocol addresses these important gaps and is based on Quadratic Residues property where the tags are only required to use XOR, 128-bit Pseudo Random Number Generators (PRNG) and Modulo (MOD) operations which can be easily implemented on low-cost passive tags and hence achieves EPC C1G2 compliance.

RFID tags : grouping proof with forward security

Several grouping proof protocols have been proposed over the years but they are either found to be vulnerable to certain attacks or do not comply with EPC Class-1 Gen-2 (C1G2) standard because they use hash functions or other complex encryption schemes. Among other requirements, synchronization of keys, forward security, dependence, detecting illegitimate tags, eliminating unwanted tag processing and denial-of-proof (DoP) attacks have not been fully addressed by many. Our protocol addresses these important gaps and is based on simple XOR encryption and 128-bit Pseudo Random Number Generators (PRNG), operations that are easily implemented on low-cost passive tags and hence achieves EPC C1G2 compliance.

Secure ownership transfer in multi-tag/multi-owner passive RFID systems

In this paper we propose a secure ownership transfer protocol for a multi-tag and multi-owner RFID environment. Most of the existing work in this area do not comply with the EPC Global Class-1 Gen-2 (C1G2) standard since they use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a protocol based on simple XOR and 128-bit Pseudo Random Number Generators (PRNG), operations that can be easily implemented on low-cost passive RFID tags. The protocol thus achieves EPC C1G2 compliance while meeting the security requirements. Also, our protocol provides additional protection using a blind-factor to prevent tracking attacks.

Certificate-based signature : security model and efficient construction

In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.

Certificate-based signatures: New definitions and a generic construction from certificateless signatures

Certificate-based encryption was introduced in Eurocrypt’03 to solve the certificate management problem in public key encryption. Recently, this idea has been extended to certificate-based signatures. To date, several new schemes and security models of certificate-based signatures have been proposed. In this paper, we first introduce a new security model of certificate-based signatures. Our model is not only more elaborated when compared with the existing ones, but also defines several new types of adversaries in certificate-based signatures. We then investigate the relationship between certificate-based signatures and certificateless signatures, by proposing a generic construction of certificate-based signatures from certificateless signatures. Our generic construction is secure (in the random oracle model) under the security model defined in this paper, assuming the underlying certificateless signatures satisfying certain security notions.