发布求助
文献互助 智能选刊 最新文献

ISC Int. J. Inf. Secur.最新文献

筛选
英文 中文
Unauthenticated event detection in wireless sensor networks using sensors co-coverage 基于传感器共覆盖的无线传感器网络中的未认证事件检测
ISC Int. J. Inf. Secur. Pub Date : 2016-01-31 DOI: 10.22042/ISECURE.2016.8.1.4
M. Kamarei, A. Patooghy, M. Fazeli
{"title":"Unauthenticated event detection in wireless sensor networks using sensors co-coverage","authors":"M. Kamarei, A. Patooghy, M. Fazeli","doi":"10.22042/ISECURE.2016.8.1.4","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.8.1.4","url":null,"abstract":"Wireless Sensor Networks (WSNs) offer inherent packet redundancy since each point within the network area is covered by more than one sensor node. This phenomenon, which is known as sensors co-coverage, is used in this paper to detect unauthenticated events. Unauthenticated event broadcasting in a WSN imposes network congestion, worsens the packet loss rate, and increases the network energy congestion. In the proposed method, the more the safe, the less the unsafe (MSLU) method, each secure occurred event must be confirmed by various sensor nodes; otherwise the event is dropped. Indeed, the proposed method tends to forward event occurrence reports that are detected by various sensor nodes. The proposed method is evaluated by means of simulation as well as analytical modeling. A wide range of simulations, which are carried out using NS-2, show that the proposed method detects more than 85% of unauthenticated events. This comes at the cost of the network end-to-end delay of 20% because the proposed method does not impose delay on incoming packets. In addition, the proposed method is evaluated by means of an analytical model based on queuing networks. The model accurately estimates the network performance utilizing the proposed unauthenticated event detection method. © 2016 ISC. All rights reserved.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133930000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Aggrandizing the beast's limbs: patulous code reuse attack on ARM architecture 强化野兽的四肢:对ARM架构的扩展代码重用攻击
ISC Int. J. Inf. Secur. Pub Date : 2016-01-23 DOI: 10.22042/isecure.2016.8.1.6
Farzane Aminmansour, H. Shahriari
{"title":"Aggrandizing the beast's limbs: patulous code reuse attack on ARM architecture","authors":"Farzane Aminmansour, H. Shahriari","doi":"10.22042/isecure.2016.8.1.6","DOIUrl":"https://doi.org/10.22042/isecure.2016.8.1.6","url":null,"abstract":"Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as Code Reuse Attack (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM architecture, we concentrate on available ARM-based CRAs. Currently, three types of CRAs are proposed on ARM architecture including Return2ZP, ROP, and BLX-attack, in accordance to three sub-models available on X86 Ret2Libc, ROP, and JOP. In this paper, we have considered some unique aspects of ARM architecture to provide a general model for code reuse attacks called Patulous Code Reuse Attack (PCRA). Our attack applies all available machine instructions that change Program Counter (PC), as well as direct or indirect branches in order to deploy the principles of CRA convention. We have demonstrated the effectiveness of our approach by defining five different sub-models of PCRA, explaining the algorithm of finding PCRA gadgets, introducing a useful set of gadgets, and providing a sample proof of concept exploit on Android 4.4 platform. © 2016 ISC. All rights reserved.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127247643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Computationally secure multiple secret sharing: models, schemes, and formal security analysis 计算安全的多秘密共享:模型、方案和正式的安全分析
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.2
S. Mashhadi
{"title":"Computationally secure multiple secret sharing: models, schemes, and formal security analysis","authors":"S. Mashhadi","doi":"10.22042/ISECURE.2016.7.2.2","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.2","url":null,"abstract":"A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. In such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secure, or do not have a formal security analysis/proof. In 2013, Herranz et al. provided the first formal definition of computational security for multi-stage secret sharing scheme (MSSS) in the standard model and proposed a practical and secure scheme. As far as we know, their scheme is the only computationally secureMSSin the standard model, and there is no formal definition of the computational security for other categories of MSSs. Based on this motivation, in this paper, we define the first formal model of in distinguishability against the chosen secret attacks (CSA) for other types of MSSs in the standard model. Furthermore, we present two practical CSA-secure MSSs, belonging to different types of MSSs and enjoying the advantage of short shares. They are also provably secure in the standard model. Based on the semantic security of the underlying encryption schemes, we prove the security of our schemes.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"170 7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114360031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Cryptanalysis of some first round CAESAR candidates 一些第一轮凯撒候选人的密码分析
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.5
J. Alizadeh, M. Aref, N. Bagheri, H. Sadeghi
{"title":"Cryptanalysis of some first round CAESAR candidates","authors":"J. Alizadeh, M. Aref, N. Bagheri, H. Sadeghi","doi":"10.22042/ISECURE.2016.7.2.5","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.5","url":null,"abstract":"AES _ CMCCv1, AVALANCHEv1, CLOCv1, and SILCv1 are four candidates of the first round of CAESAR. CLOCv1 is presented in FSE 2014 and SILCv1 is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against AES _ CMCCv1 with the complexity of two queries and the success probability of almost 1, and distinguishing attacks on CLOCv1 and SILCv1 with the complexity of O(2n/2) queries and the success probability of 0.63, in which n is bit length of message blocks. In addition, a forgery attack is presented against AVALANCHEv1 which requires only one query and has the success probability of 1. The attacks reveal weaknesses in the structure of these first round candidates and inaccuracy of their security claims.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"149 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124173903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A collusion mitigation scheme for reputation systems 信誉系统的合谋缓解方案
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.7
Mina Niknafs, Sadegh Dorri Nogoorani, R. Jalili
{"title":"A collusion mitigation scheme for reputation systems","authors":"Mina Niknafs, Sadegh Dorri Nogoorani, R. Jalili","doi":"10.22042/ISECURE.2016.7.2.7","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.7","url":null,"abstract":"Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, and some model-specific mitigation methods are proposed to combat collusion. Detection of colluders is shown to be an NP-complete problem. In this paper, we propose the Colluders Similarity Measure (CSM) which is used by a heuristic clustering algorithm (the Colluders Detection Algorithm (CDA)) to detect colluders in O (n2m + n4) in which m and n are the total number of nodes and colluders, respectively. Furthermore, we propose architecture to implement the algorithm in a distributed manner which can be used together with compatible reputation management systems. Implementation results and comparison with other mitigation approaches show that our scheme prevents colluders from unfairly increasing their reputation and decreasing the reputation of the other nodes.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133427702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Efficient implementation of low time complexity and pipelined bit-parallel polynomial basis multiplier over binary finite fields 二进制有限域上的低时间复杂度和流水线式位并行多项式基乘法器的有效实现
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.3
Bahram Rashidi, R. R. Farashahi, S. Sayedi
{"title":"Efficient implementation of low time complexity and pipelined bit-parallel polynomial basis multiplier over binary finite fields","authors":"Bahram Rashidi, R. R. Farashahi, S. Sayedi","doi":"10.22042/ISECURE.2016.7.2.3","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.3","url":null,"abstract":"This paper presents two efficient implementations of fast and pipelined bit-parallel polynomial basis multipliers over GF (2m) by irreducible pentanomials and trinomials. The architecture of the first multiplier is based on a parallel and independent computation of powers of the polynomial variable. In the second structure only even powers of the polynomial variable are used. The parallel computation provides regular and low-cost structure with low critical path delay. In addition, the pipelining technique is applied to the proposed structures to shorten the critical path and to perform the computation in two clock cycles. The implementations of the proposed methods over the binary extension fields GF(2163) and GF(2233) have been successfully verified and synthesized using Xilinx ISE 11 by Virtex-4, XC4VLX200 FPGA.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129102846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Enhancing privacy of recent authentication schemes for low-cost RFID systems 提高低成本RFID系统最新认证方案的隐私性
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.6
Karim Baghery, B. Abdolmaleki, Bahareh Akhbari, M. Aref
{"title":"Enhancing privacy of recent authentication schemes for low-cost RFID systems","authors":"Karim Baghery, B. Abdolmaleki, Bahareh Akhbari, M. Aref","doi":"10.22042/ISECURE.2016.7.2.6","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.6","url":null,"abstract":"Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we analyze the privacy of two recently proposed RFID authentication protocols in 2012 and 2013. We present several traceability attacks including traceability, backward traceability and forward traceability against the first protocol. We also show that, the second protocol not only suffers from Denial-of-Service (DoS) attack, but also it is vulnerable to traceability and backward traceability attacks. We present our privacy analysis based on a well-known formal RFID privacy model which has been proposed by Ouafi and Phan in 2008. Then, in order to overcome the weaknesses, we apply some modifications on these protocols and propose two modified versions.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116177536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
EEH: AGGH-like public key cryptosystem over the eisenstein integers using polynomial representations 使用多项式表示的爱森斯坦整数上的类似aggh的公钥密码系统
ISC Int. J. Inf. Secur. Pub Date : 2016-01-06 DOI: 10.22042/ISECURE.2016.7.2.4
Reza Ebrahimi Atani, S. E. Atani, A. Karbasi
{"title":"EEH: AGGH-like public key cryptosystem over the eisenstein integers using polynomial representations","authors":"Reza Ebrahimi Atani, S. E. Atani, A. Karbasi","doi":"10.22042/ISECURE.2016.7.2.4","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.7.2.4","url":null,"abstract":"GGH class of public-key cryptosystems relies on computational problems based on the closest vector problem (CVP) in lattices for their security. The subject of lattice based cryptography is very active and there have recently been new ideas that revolutionized the field. We present EEH, a GGH-Like public key cryptosystem based on the Eisenstein integers Z [_3] where _3 is a primitive cube root of unity. EEH applies representations of polynomials to the GGH encryption scheme and we discuss its key size and parameters selection. We also provide theoretical and experimental data to compare the security and efficiency of EEH to GGH with comparable parameter sets and show that EEH is an improvement over GGH in terms of security and efficiency.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121748385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A new method for accelerating impossible differential cryptanalysis and its application on LBlock 一种加速不可能差分密码分析的新方法及其在LBlock上的应用
ISC Int. J. Inf. Secur. Pub Date : 2016-01-04 DOI: 10.22042/ISECURE.2016.8.1.5
A. Khalesi, H. Bahramgiri, D. Mansuri
{"title":"A new method for accelerating impossible differential cryptanalysis and its application on LBlock","authors":"A. Khalesi, H. Bahramgiri, D. Mansuri","doi":"10.22042/ISECURE.2016.8.1.5","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.8.1.5","url":null,"abstract":"Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In this paper, we present a new method for decreasing the time complexity of impossible differential cryptanalysis through breaking down the target key space into subspaces, and extending the results on subspaces to the main target key space. The main advantage of this method is that there is no need to consider the effects of changes in the values of independent key bits on each other. Using the 14-round impossible differential characteristic observed by Boura et al. at ASIACRYPT 2014, we implement this method on 23-round LBlock and demonstrate that it can reduce the time complexity of the previous attacks to 271.8 23-round encryptions using 259 chosen plaintexts and 2 73 blocks of memory.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115740902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Self authentication path insertion in FPGA-based design flow for tamper-resistant purpose 在基于fpga的设计流程中插入自认证路径以达到防篡改的目的
ISC Int. J. Inf. Secur. Pub Date : 2016-01-04 DOI: 10.22042/ISECURE.2016.8.1.3
Sharareh Zamanzadeh, A. Jahanian
{"title":"Self authentication path insertion in FPGA-based design flow for tamper-resistant purpose","authors":"Sharareh Zamanzadeh, A. Jahanian","doi":"10.22042/ISECURE.2016.8.1.3","DOIUrl":"https://doi.org/10.22042/ISECURE.2016.8.1.3","url":null,"abstract":"FPGA platforms have been widely used in many modern digital applications due to their low prototyping cost, short time-to-market, and flexibility. Field-programmability of FPGA bitstream has made it as a flexible and easy-to-use platform. However, access to bitstream degraded the security of FPGA IPs because there is no efficient method to authenticate the originality of bitstream by the FPGA programmer. The issue of secure transmission of configuration information to the FPGAs is of paramount importance to both users and IP providers. In this paper, we presented a “Self Authentication” methodology in which the originality of sub-components in bitstream is authenticated in parallel with the intrinsic operation of the design. In the case of discovering violation, the normal data flow is obfuscated and the circuit would be locked. Experimental results show that this methodology considerably improves the IP security against malicious updates with reasonable overheads. © 2016 ISC. All rights reserved.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130013656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信