发布求助
文献互助 智能选刊 最新文献

2023 7th International Conference on Cryptography, Security and Privacy (CSP)最新文献

筛选
英文 中文
Design and Implementation of a Data Stream Anonymization Core on FPGA 基于FPGA的数据流匿名化核心设计与实现
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00025
Bilal Moussa, Kabalan Chaccour, Mohamad Mroue, Rachid Bouyekhf
{"title":"Design and Implementation of a Data Stream Anonymization Core on FPGA","authors":"Bilal Moussa, Kabalan Chaccour, Mohamad Mroue, Rachid Bouyekhf","doi":"10.1109/CSP58884.2023.00025","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00025","url":null,"abstract":"Data privacy has become the center of attention to many researchers and engineers. With high speed data transmission, data privacy can be at risk. Data stream anonymization is a fairly new and effective technique that is being currently investigated. It aims to protect data from third-party attackers. A user must keep in mind that when applying anonymization on a dataset, there will be a tradeoff between data utility and the risk of data identification. I n this paper, w e propose various anonymization cores that can be used to hide the sensitive parts of the data. The hardware implementation on FPGA of these cores is also discussed. Each implementation takes into consideration the trade-off between the throughput and the power consumption in addition to the application type and specifications. The first architecture treats a simple application where two anonymization techniques are used (i.e. Perturbation and character masking). The second implementation requires more complex anonymization techniques and extends K-anonymity criteria and L-diversity for more sensitive applications where data identification is crucial. Results are compared with existing work implementations and many improvements are applied in terms of resource utilization and throughput.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121804471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Inference Rules for Determined Decisions in Policy-Based ABAC Enforcement Systems 基于策略的ABAC执行系统中确定决策的推理规则
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00027
Bach-Hue Pham, Toan-Thinh Truong, Minh Tran
{"title":"Inference Rules for Determined Decisions in Policy-Based ABAC Enforcement Systems","authors":"Bach-Hue Pham, Toan-Thinh Truong, Minh Tran","doi":"10.1109/CSP58884.2023.00027","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00027","url":null,"abstract":"Attribute-based access control (ABAC) model manages access to resources by policies. Incoming requests must satisfy some policy to be permitted to execute. Polices and requests are based on attributes, which are basic elements for constructing four components of each one, including Subject, Environment, Resource and Action. In XACML standard, for a given request the response can be one of the following values: Permit, Deny, Not Applicable and Indeterminate. The two last values are not decisive, bring no value to the requesters. We focus on the requests received Not Applicable in this article. Modifying the polices individually or rewriting the request by reducing the resource from the original one are solutions of existing studies. We theoretically introduce inference rules, which are applied to the policy set for computing the closure of it to evaluate whether the request is responded with firmed decision of permit or deny. Our proposals guide the security administrators in building the policy set satisfying an important property called completeness - the ability to be able to give determined responses to all the possible legal requests in the real world. In addition, we find out other necessary properties of the policy set and suggest the algorithms for ensuring some of them.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120943703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Hill Cipher Modifications and Dynamic Cryptosystem Design 希尔密码修改与动态密码系统设计
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00036
MengZe Hong, Wing Loon Chee
{"title":"Hill Cipher Modifications and Dynamic Cryptosystem Design","authors":"MengZe Hong, Wing Loon Chee","doi":"10.1109/CSP58884.2023.00036","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00036","url":null,"abstract":"This paper proposes a highly scalable dynamic cryptosystem, Modified Affine Hill Cipher (AHC-M), which effectively addresses the known vulnerabilities of the classical Hill Cipher and provides an innovative design approach to the development of modern cryptography. By analyzing the existing Hill Cipher variations, the key concepts and design principles, such as non-linear encryption, dynamic key expansion, non-square matrix algebra and dynamic cryptosystem are investigated in detail. Building on these concepts, two practical modifications are proposed that can significantly improve computational complexity and enhance security. We also propose a cryptanalysis technique by extending the chosen-plaintext attack, which can be applied to break the Affine Hill Cipher and serves as a motivation towards the proposed cryptosystem. Lastly, these concepts are generalized as the starting point for further research.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132529587","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
White-Box PRNG: A Secure Pseudo-Random Number Generator under the White-Box Attack Model 白盒PRNG:白盒攻击模型下的安全伪随机数生成器
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00020
Weijie Deng
{"title":"White-Box PRNG: A Secure Pseudo-Random Number Generator under the White-Box Attack Model","authors":"Weijie Deng","doi":"10.1109/CSP58884.2023.00020","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00020","url":null,"abstract":"The random number generator (RNG) plays a crucial role in modern cryptography. While true RNG (TRNG) is available, pseudo RNG (PRNG) is often preferred due to its better compatibility. However, PRNGs have long been vulnerable to the leakage of internal states, which compromises their properties of resilience, forward security, and backward security. Furthermore, this threat will become more prevalent as adversaries gain full control of the PRNG. Inspired by white-box cryptography, we aim to provide a definition of white-box PRNG that protects against the leakage of internal states. Additionally, we bind the white-box PRNG with a specific application to resist code-lifting attacks. We implement the white-box PRNG based on various types of white-box SM4 ciphers and measure their storage overhead and random number generation speed. Meanwhile, we evaluate the randomness of the generated numbers using randomness test standards, including NIST SP 800-90B and GM/T 0005–2021, and compare the testing results to the output of Linux entropy pool and OpenSSL.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116893469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Secure Search over Multi-key Homomorphically Encrypted Data 多密钥同态加密数据的安全搜索
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00031
B. Ganesh, Paolo Palmieri
{"title":"Secure Search over Multi-key Homomorphically Encrypted Data","authors":"B. Ganesh, Paolo Palmieri","doi":"10.1109/CSP58884.2023.00031","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00031","url":null,"abstract":"Homomorphic Encryption (HE) is a very attractive solution to ensure privacy when outsourcing confidential data to the cloud, as it enables computation on the data without de-cryption. However HE starts to lose effectiveness when scaled to multiple parties. In this paper, we propose the first multi-key HE search and computation framework. To achieve an efficient set-up for multi-party search and compute, we explore the different approaches to multi-key HE and secure search schemes to reduce rounds of communication. We propose a novel framework to search homomorphically encrypted data outsourced to a semi-honest server and shared with multiple parties dynamically using proxy re-encryption schemes. Our framework performs search with linear search complexity with just one round of communication between the two parties. The protocol provides multi-hop ca-pabilities that enable further computations on the search results.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128467070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Authenticated Identity-Based Encryption Scheme with Equality Test for Cloud-Based Social Network 基于云端社交网络的身份验证加密方案及等式检验
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00012
Jiaojiao Du, Sha Ma, Tian Yang, Qiong Huang
{"title":"Authenticated Identity-Based Encryption Scheme with Equality Test for Cloud-Based Social Network","authors":"Jiaojiao Du, Sha Ma, Tian Yang, Qiong Huang","doi":"10.1109/CSP58884.2023.00012","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00012","url":null,"abstract":"Enabling registered users to match friends with the same interest, location, etc. is the most fundamental service provided by social network. With expanding openness of social network, the amount of data is growing exponentially. Cloud computing is then introduced into social network to mitigate the issue of storing and analyzing a substantial amount of data. How to realize user matching while protecting users' privacy remains a key challenge in cloud-based social network. As a cryptography tool, identity-based encryption with equality test (IBEET) can be used to match users with the same interest, location, etc. without decrypting the corresponding ciphertexts, therefore, it can well meet the key challenge in cloud-based social network. In this article, we propose an authenticated identity-based encryption with equality test (A-IBEET) scheme based on the observation that the cloud server may recover users' private information from the ciphertexts through offline message recovery attack (OMRA). Our scheme provides stronger security guarantee for social network users by resisting against OMRA in single-server setting. It could better protect users' privacy without sacrificing efficiency compared with related works.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116205526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Quantum Key Distribution and Security Studies 量子密钥分发与安全性研究
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00033
Jianzhou Mao, Guobin Xu, Eric Sakk, Shuangbao Paul Wang
{"title":"Quantum Key Distribution and Security Studies","authors":"Jianzhou Mao, Guobin Xu, Eric Sakk, Shuangbao Paul Wang","doi":"10.1109/CSP58884.2023.00033","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00033","url":null,"abstract":"The current development of quantum computing threatens the security of conventional encryption algorithms such as RSA. In recent years, Quantum Key Distribution (QKD) has introduced to the world of information security a viable method that is anticipated to provide security protection against the threat of quantum computing. In this paper, we investigate the protocols of the QKD system. Next, we focus on an experimental study of quantum key distribution. A physical QKD system is leveraged to assist us in further investigating quantum key distribution processes. In our study, an eavesdropper was evaluated to analyze the impact on the QKD processes. In the experimental study results, the difference in key generation, exchange, and error rates between normal and attack scenarios can be observed.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134550363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Case Study of Internet Banking Security of Banks Operated in Bangladesh 孟加拉银行网上银行安全个案研究
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00019
S. M. M. Rahman, Md. Golam, Rabiul Alam
{"title":"A Case Study of Internet Banking Security of Banks Operated in Bangladesh","authors":"S. M. M. Rahman, Md. Golam, Rabiul Alam","doi":"10.1109/CSP58884.2023.00019","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00019","url":null,"abstract":"Now a day, Internet Banking is a popular service for the customer of the Banks. As a convenient way of doing banking more and more customers are registering for the internet banking. The banks also getting benefits of providing services to the customer round the clock without any manual involvement of the banker. As all the services done through an automated process, the security features should be implemented properly to protect the customers for any fraudulent transactions. The system should be available round the clock and transactions should be monitors as well as the systems should also monitored for any abnormal behavior of transactions and the system. The hacker group continuously try to penetrate the system and if become successful, the bank and customer both will bear loss. for banks, if the hackers cannot be protected, the bank may go out of business. This study intends to find out the issues of different internet banking site of Bangladeshi banks and recommend the best practices for the banks to be followed to do banking business securely. This will also secure the economy of the Country as a whole, as the banking system is the key to the Financial system of a country.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115471949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
NIC Fingerprint-Based Switch Access Control Technology 基于网卡指纹的交换机接入控制技术
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00022
Kaiwen Sheng, Aiqun Hu, Sheng Li
{"title":"NIC Fingerprint-Based Switch Access Control Technology","authors":"Kaiwen Sheng, Aiqun Hu, Sheng Li","doi":"10.1109/CSP58884.2023.00022","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00022","url":null,"abstract":"Almost all existing access control systems authenticate end users based on their digital characteristics, such as MAC addresses. Since digital features are easily forged, these access control systems cannot secure the network well. In this paper, we propose an access control technology based on Ethernet network interface controller (NIC) fingerprint, a physical characteristic, to achieve identity authentication. At the switch side, the physical layer signals from the terminal NIC are collected, and the fingerprint of the NIC is extracted from the physical layer signals using the least mean square error (LMS) adaptive filter. On the basis of MAC address authentication, the proxy mechanism of Remote Authentication Dial In User Service (RADIUS) protocol is adopted to add the NIC fingerprint in the password field of the RADIUS request message, which enables the authentication server to perform two-factor authentication based on the NIC fingerprint and MAC address. The experimental results showed that the recognition accuracy for 75 NICs is 96.6%. In this paper, an access control system was built using a switch, a signal collector, a proxy server and an authentication server to realize that the terminal user was allowed to access the network only when both the NIC fingerprint and the MAC address were legal, which verified the feasibility of the scheme.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124535961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Multi-Strategy Adversarial Attack Method for Deep Learning Based Malware Detectors 基于深度学习的恶意软件检测器多策略对抗攻击方法
2023 7th International Conference on Cryptography, Security and Privacy (CSP) Pub Date : 2023-04-01 DOI: 10.1109/CSP58884.2023.00018
Wang Yang, Fan Yin
{"title":"A Multi-Strategy Adversarial Attack Method for Deep Learning Based Malware Detectors","authors":"Wang Yang, Fan Yin","doi":"10.1109/CSP58884.2023.00018","DOIUrl":"https://doi.org/10.1109/CSP58884.2023.00018","url":null,"abstract":"Deep learning allows building high-accuracy malware detectors without complicated feature engineering. However, research shows that the deep learning model is vulnerable and can be deceived if attackers add perturbation to input samples to craft adversarial examples deliberately. By altering the pixel values of the images, attackers have been able to generate adversarial examples that can fool state-of-the-art deep learning based image classifiers. However, Windows malware is a structured binary program file. Therefore, arbitrarily altering its contents will often break the program's functionality. In order to solve this problem, a standard but inefficient method is to run the sample in the sandbox to verify whether its functionality is preserved. This paper proposes a multi-strategy adversarial attack method, which can generate malware adversarial examples with functionality-preserving. Our method manipulates the redundant or extended space in the Windows malware binary, so it will not break functionality. Experiments show that our method has a high attack success rate and efficiency.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128854595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信