Journal of Information Security and Applications最新文献

筛选
英文 中文
Semi-supervised QIM steganalysis with ladder networks 利用梯形网络进行半监督式 QIM 隐写分析
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-24 DOI: 10.1016/j.jisa.2024.103834
Chuanpeng Guo , Wei Yang , Liusheng Huang
{"title":"Semi-supervised QIM steganalysis with ladder networks","authors":"Chuanpeng Guo ,&nbsp;Wei Yang ,&nbsp;Liusheng Huang","doi":"10.1016/j.jisa.2024.103834","DOIUrl":"10.1016/j.jisa.2024.103834","url":null,"abstract":"<div><p>Recently, deep learning-based Quantization Index Modulation (QIM) steganalysis algorithms have achieved great success. However, most of them are supervised learning algorithms that rely on a large number of labeled samples and have poor generalization performance. Towards addressing the challenge, we present a novel semi-supervised ladder network, termed SSLadNet, for weak signal detection in QIM steganalysis of VoIP streams. In particular, we integrate supervised learning and unsupervised learning into an end-to-end learning architecture via a ladder network, and achieve joint optimization for semi-supervised learning by backpropagation to minimize the sum of supervised and unsupervised cost functions. To the best of our knowledge, this is the first deep learning-based semi-supervised detection model applied to QIM steganalysis that can effectively extract rich features reflecting the correlation changes between codewords caused by QIM steganography. Experimental results showed that even for the labeled samples with a number of 512, SSLadNet can achieve a detection accuracy of around 96.09% for <span><math><mrow><mn>1000</mn><mspace></mspace><mi>ms</mi></mrow></math></span> long samples and 100% embedding rate, and outperforms the state-of-the-art methods based on semi-supervised learning.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103834"},"PeriodicalIF":3.8,"publicationDate":"2024-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141951398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Hybrid Secure Signcryption Algorithm for data security in an internet of medical things environment 用于医疗物联网环境中数据安全的混合安全签名加密算法
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-24 DOI: 10.1016/j.jisa.2024.103836
Kanneboina Ashok , S. Gopikrishnan
{"title":"A Hybrid Secure Signcryption Algorithm for data security in an internet of medical things environment","authors":"Kanneboina Ashok ,&nbsp;S. Gopikrishnan","doi":"10.1016/j.jisa.2024.103836","DOIUrl":"10.1016/j.jisa.2024.103836","url":null,"abstract":"<div><p>It proposes a Hybrid Secure Signcryption Algorithm (HySSA), a small-size block chain (BC), and a planned system that secures an electronic health record (EHR) exchange through enabled device transmissions with minimal encryption and signature overhead. HySSA has two stages of operation. Patients are fitted with proximity sensor nodes (PSNs), which establish a wireless personal area network (WBAN) in the first phase of the procedure. It is up to the nodes to decide which cluster head (CH) in their vicinity can send data to the WBAN’s Gateway sensor nodes (GSN) containing EHR meta-data. Second, GSN implements a lightweight signcryption technique for authorized stakeholders that combines data encryption and signing in the second phase of its development. An interplanetary file system provides secure keys for access to the data, which is exchanged over open channels (IPFS). Data mining results are stored to lower computing expenses, and block ledgers are used in global chain architectures. Compared to other schemes, the proposed HySSA scheme is cheaper for transaction and signing expense parameters, throughput of transactions, and computational and communication expenses. It takes HySSA a standard of 3.32 s (s) to sign and 6.52 s (s) to verify in simulation. It takes 3.325 s to mine 200 blocks, compared to 7.8 s for traditional schemes. The throughput of transactions was 142.78 Mbps, as opposed to the standard 102.45 Mbps. Computing time (CC) is 45.80 ms, while communication time (CCM) is 97 bytes, indicating that the suggested approach is competitive with other current approaches in terms of security.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103836"},"PeriodicalIF":3.8,"publicationDate":"2024-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141951397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting malicious encrypted traffic with privacy set intersection in cloud-assisted industrial internet 在云辅助工业互联网中利用隐私集交叉检测恶意加密流量
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-24 DOI: 10.1016/j.jisa.2024.103831
Jingyu Feng, Jing Zhang, Wenbo Zhang, Gang Han
{"title":"Detecting malicious encrypted traffic with privacy set intersection in cloud-assisted industrial internet","authors":"Jingyu Feng,&nbsp;Jing Zhang,&nbsp;Wenbo Zhang,&nbsp;Gang Han","doi":"10.1016/j.jisa.2024.103831","DOIUrl":"10.1016/j.jisa.2024.103831","url":null,"abstract":"<div><p>Encryption technology provides the ability of confidential transmission to ensure the security of Industrial Internet communication, but it makes detecting malicious encrypted traffic very difficult. To resolve the conflict between the difficulty of malicious encrypted traffic detection and the requirements of traffic privacy protection, we propose a cloud-assisted Industrial Internet malicious encrypted traffic detection scheme with privacy protection. To accurately match the encrypted traffic and the detection rules, a privacy set intersection protocol based on the oblivious pseudorandom function and random garbled Bloom filter is constructed, which can detect malicious traffic without revealing data content. Meanwhile, our scheme can allow semi-trusted cloud servers to assist resource-constrained end devices to participate in private calculations. The key-homomorphic encryption is introduced to obfuscate the detection rules, making the detection rules always transparent to end users and semi-trusted cloud servers. We also design the random input verification to make the malicious end users do not have any opportunity to participate in the privacy set intersection calculation using arbitrary data. The scheme analysis and performance evaluation results show that our scheme can effectively guarantee the security of encrypted traffic detection with better detection performance and limited resource consumption.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103831"},"PeriodicalIF":3.8,"publicationDate":"2024-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141951396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improving image steganography security via ensemble steganalysis and adversarial perturbation minimization 通过集合隐写分析和对抗性扰动最小化提高图像隐写术的安全性
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-23 DOI: 10.1016/j.jisa.2024.103835
Dewang Wang , Gaobo Yang , Zhiqing Guo , Jiyou Chen
{"title":"Improving image steganography security via ensemble steganalysis and adversarial perturbation minimization","authors":"Dewang Wang ,&nbsp;Gaobo Yang ,&nbsp;Zhiqing Guo ,&nbsp;Jiyou Chen","doi":"10.1016/j.jisa.2024.103835","DOIUrl":"10.1016/j.jisa.2024.103835","url":null,"abstract":"<div><p>Adversarial embedding, which can deceive the CNN-based steganalyzers, has emerged as an effective strategy to improve image steganography security. However, its efficacy might be easily weakened when confronting re-trained or unknown steganalyzers. In this work, the security of adversarial embedding-based image steganography is further improved by ensemble steganalysis and adversarial perturbation minimization. Different from the existing works that rely on a single targeted steganalyzer, the proposed approach develops an ensemble steganographic classifier, which leverages the majority voting rule to smartly select those pixels that are more suitable for adversarial embedding. To mitigate the interference caused by adversarial embedding, two strategies are adopted. Firstly, a cover image is divided into two non-overlapping regions in terms of pixel gradient amplitude. The regions with higher gradient amplitudes are progressively conducted with adversarial embedding until the targeted steganalyzer is effectively deceived. Secondly, the embedding costs are fine-tuned to minimize the degradation of image quality. Extensive experimental results demonstrate that the proposed approach achieves superior steganography security. Under black-box attacks, with S-UNIWARD and HILL as baseline methods and Deng-Net as the targeted steganalyzer, the proposed approach improves the average detection accuracy of 4.88% and 2.47% for S-UNIWARD and HILL, respectively. In comparison, the existing works only achieve improvements of 2.88% and 2.93% for S-UNIWARD, and 1.44% and 1.12% for HILL, respectively.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103835"},"PeriodicalIF":3.8,"publicationDate":"2024-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141960703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
NeuroIDBench: An open-source benchmark framework for the standardization of methodology in brainwave-based authentication research NeuroIDBench:基于脑电波的身份验证研究方法标准化的开源基准框架
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-18 DOI: 10.1016/j.jisa.2024.103832
Avinash Kumar Chaurasia , Matin Fallahi , Thorsten Strufe , Philipp Terhörst , Patricia Arias Cabarcos
{"title":"NeuroIDBench: An open-source benchmark framework for the standardization of methodology in brainwave-based authentication research","authors":"Avinash Kumar Chaurasia ,&nbsp;Matin Fallahi ,&nbsp;Thorsten Strufe ,&nbsp;Philipp Terhörst ,&nbsp;Patricia Arias Cabarcos","doi":"10.1016/j.jisa.2024.103832","DOIUrl":"10.1016/j.jisa.2024.103832","url":null,"abstract":"<div><p>Biometric systems based on brain activity have been proposed as an alternative to passwords or to complement current authentication techniques. By leveraging the unique brainwave patterns of individuals, these systems offer the possibility of creating authentication solutions that are resistant to theft, hands-free, accessible, and potentially even revocable. However, despite the growing stream of research in this area, faster advance is hindered by reproducibility problems. Issues such as the lack of standard reporting schemes for performance results and system configuration, or the absence of common evaluation benchmarks, make comparability and proper assessment of different biometric solutions challenging. Further, barriers are erected to future work when, as so often, source code is not published open access. To bridge this gap, we introduce NeuroIDBench, a flexible open source tool to benchmark brainwave-based authentication models. It incorporates nine diverse datasets, implements a comprehensive set of pre-processing parameters and machine learning algorithms, enables testing under two common adversary models (known vs unknown attacker), and allows researchers to generate full performance reports and visualizations. We use NeuroIDBench to investigate the shallow classifiers and deep learning-based approaches proposed in the literature, and to test robustness across multiple sessions. We observe a 37.6% reduction in Equal Error Rate (EER) for unknown attacker scenarios (typically not tested in the literature), and we highlight the importance of session variability to brainwave authentication. All in all, our results demonstrate the viability and relevance of NeuroIDBench in streamlining fair comparisons of algorithms, thereby furthering the advancement of brainwave-based authentication through robust methodological practices.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103832"},"PeriodicalIF":3.8,"publicationDate":"2024-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001340/pdfft?md5=701ee49e0586c993c5933d0f423680fa&pid=1-s2.0-S2214212624001340-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141638326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Reversible data hiding in encrypted image based on key-controlled balanced Huffman coding 基于密钥控制平衡哈夫曼编码的加密图像可逆数据隐藏技术
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-11 DOI: 10.1016/j.jisa.2024.103833
Yaolin Yang , Fan Chen , Heng-Ming Tai , Hongjie He , Lingfeng Qu
{"title":"Reversible data hiding in encrypted image based on key-controlled balanced Huffman coding","authors":"Yaolin Yang ,&nbsp;Fan Chen ,&nbsp;Heng-Ming Tai ,&nbsp;Hongjie He ,&nbsp;Lingfeng Qu","doi":"10.1016/j.jisa.2024.103833","DOIUrl":"https://doi.org/10.1016/j.jisa.2024.103833","url":null,"abstract":"<div><p>To achieve privacy protection and effective management in cloud computing, and solve the problem of existing reversible data hiding in encrypted image (RDH-EI) algorithms being unable to resist existing various attacks, an RDH-EI algorithm based on key-controlled balanced Huffman coding (KBHC) is proposed. The novelty lies in KBHC and variable-length bit scrambling. KBHC possesses non-preset, balanced, and key-controlled characteristics, providing the proposed algorithm with high capacity and enhanced security. The non-preset allows coding tables to be adaptively generated based on prediction error maps, resulting in shorter encoded streams for higher embedding capacity. The balanced characteristic is achieved by adjusting the subtrees, so that the balance rate in the encoded stream is 0.014, and can also reach 0.065 for particularly smooth images, achieving uniform distribution of the encoded stream, thereby improving the ability to resist statistical analysis attacks. The random key controls the leaf nodes scrambling in the Huffman tree, which realizes the variability of the encoded stream and avoids the potential security risks caused by timestamp reconstruction, laying the foundation to achieve differential attack security. Variable-length bit scrambling determines the pseudo-random extension length and scrambling sequence by both the encryption key and coding table information, effectively resists brute force attacks and ensures up to 100 % difference rate between scrambling sequences generated in each run. Experimental results demonstrate that compared to several RDH-EI methods, the proposed algorithm achieves higher embedding capacity and security under acceptable complexity. The average embedding rate of three databases reaches 3.897 bpp, and the proposed algorithm effectively resists statistical analysis attacks, COA, KPA, and differential attack.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103833"},"PeriodicalIF":3.8,"publicationDate":"2024-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141596134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enabling security risk assessment and management for business process models 实现业务流程模型的安全风险评估和管理
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-05 DOI: 10.1016/j.jisa.2024.103829
David G. Rosado , Luis E. Sánchez , Ángel Jesús Varela-Vaca , Antonio Santos-Olmo , María Teresa Gómez-López , Rafael M. Gasca , Eduardo Fernández-Medina
{"title":"Enabling security risk assessment and management for business process models","authors":"David G. Rosado ,&nbsp;Luis E. Sánchez ,&nbsp;Ángel Jesús Varela-Vaca ,&nbsp;Antonio Santos-Olmo ,&nbsp;María Teresa Gómez-López ,&nbsp;Rafael M. Gasca ,&nbsp;Eduardo Fernández-Medina","doi":"10.1016/j.jisa.2024.103829","DOIUrl":"https://doi.org/10.1016/j.jisa.2024.103829","url":null,"abstract":"<div><p>Business processes (BP) are considered the enterprise’s cornerstone but are increasingly in the spotlight of attacks. Therefore, the design of business processes must consider the security risks and be adequately integrated into the information and operational systems. However, security risk assessment and management are rarely considered at the level of business processes during design time, let alone considering a risk architecture that takes into account the connection and dependencies of risks at these levels of the organisation, business processes, and information systems. In general, most approaches deal with integrating new artefacts for business process models to support risk analysis, but sometimes, the notation can increase complexity, making it difficult to have a risk management tool to support the analysis. After analysing the current risk processes and frameworks, we have realised that they are often neglected when considering organisational and business process levels. In this paper, MARISMA-BP (MARISMA for Business Process) pattern is proposed, a security risk pattern to enable the assessment and management of risks for business process models. This approach is an artefact that has been validated in a real scenario following the design science methodology. Further, MARISMA-BP pattern is supported by eMARISMA, an automated infrastructure that allows the definition and reuse of each risk component, helping us to carry out the risk assessment and management process in an efficient and dynamic way. To demonstrate the applicability of the proposal, MARISMA-BP pattern is applied to a real health-based business process scenario. The findings illustrate the efficacy of MARISMA-BP within eMARISMA for comprehensive risk assessment and management, underscoring its versatility and practical relevance in any business process environment.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103829"},"PeriodicalIF":3.8,"publicationDate":"2024-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001315/pdfft?md5=79e2b72fbb70dc8c5f2f35e3717059dc&pid=1-s2.0-S2214212624001315-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141542098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Specifying cycles of minimal length for commonly used linear layers in block ciphers 为块状密码中常用的线性层指定最小长度的周期
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-04 DOI: 10.1016/j.jisa.2024.103824
Guoqiang Deng , Yongzhuang Wei , Xuefeng Duan , Enes Pasalic , Samir Hodžić
{"title":"Specifying cycles of minimal length for commonly used linear layers in block ciphers","authors":"Guoqiang Deng ,&nbsp;Yongzhuang Wei ,&nbsp;Xuefeng Duan ,&nbsp;Enes Pasalic ,&nbsp;Samir Hodžić","doi":"10.1016/j.jisa.2024.103824","DOIUrl":"https://doi.org/10.1016/j.jisa.2024.103824","url":null,"abstract":"<div><p>Nonlinear invariant attack applied to lightweight block ciphers relies on the existence of a nonlinear invariant <span><math><mrow><mi>g</mi><mo>:</mo><msubsup><mrow><mi>F</mi></mrow><mrow><mn>2</mn></mrow><mrow><mi>n</mi></mrow></msubsup><mo>→</mo><msub><mrow><mi>F</mi></mrow><mrow><mn>2</mn></mrow></msub></mrow></math></span> for the round function. Whereas invariants of the entire S-box layer have been studied in terms of the corresponding cycle structure, a similar analysis for the linear layer has not been performed yet. In this article, we provide a theoretical analysis for specifying the minimal length of cycles for commonly used linear permutations in lightweight block ciphers. Namely, using a suitable matrix representation, we exactly specify the minimal cycle lengths for those linear layers that employ ShiftRows, Rotational-XOR and circular Boolean matrix operations which can be found in many well-known families of block ciphers. These results are practically useful for the purpose of finding nonlinear invariants of the entire encryption rounds since these can be specified using the intersection of cycles corresponding to the linear and S-box layer. We also apply our theoretical analysis practically and specify minimal cycle lengths of linear layers for certain families of block ciphers including some NIST candidates.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103824"},"PeriodicalIF":3.8,"publicationDate":"2024-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141542111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SL3PAKE: Simple Lattice-based Three-party Password Authenticated Key Exchange for post-quantum world SL3PAKE: 面向后量子世界的基于简单晶格的三方密码验证密钥交换系统
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-07-02 DOI: 10.1016/j.jisa.2024.103826
Vivek Dabra , Saru Kumari , Anju Bala , Sonam Yadav
{"title":"SL3PAKE: Simple Lattice-based Three-party Password Authenticated Key Exchange for post-quantum world","authors":"Vivek Dabra ,&nbsp;Saru Kumari ,&nbsp;Anju Bala ,&nbsp;Sonam Yadav","doi":"10.1016/j.jisa.2024.103826","DOIUrl":"https://doi.org/10.1016/j.jisa.2024.103826","url":null,"abstract":"<div><p>Three-party Password Authenticated Key Exchange (3PAKE) is a protocol where two parties generate the same session key with the help of a trusted server. With the evolution of quantum computers, there is a growing need to develop the 3PAKE protocols that can resist the quantum attacks. Hence, various 3PAKE protocols have been proposed based on the famous Ring Learning With Error (RLWE) problem. But we find out that all these protocols are vulnerable to signal leakage attacks if their public/private keys are reused. Also, the design of these protocols are pretty complex, thus making these protocols highly inefficient. Hence, to overcome the above issues, we have proposed Simple Lattice-based 3PAKE (SL3PAKE), which is simple in its design and resists signal leakage attack if its public/private keys are reused. The order and flow of messages in the proposed SL3PAKE protocol is quite natural without added complexity, thus makes it simple 3PAKE protocol. Finally, we present the comparative analysis based on communication overhead among the proposed SL3PAKE and other three-party protocols. From the analysis, it has been shown that the proposed SL3PAKE protocol has much less communication overhead/communication rounds than the other three-party protocols.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103826"},"PeriodicalIF":3.8,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141542238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Dynamic-anonymous privacy-preserving authenticated aggregation for safety-warning system for the Internet of Vehicles 用于车联网安全预警系统的动态匿名隐私保护认证聚合系统
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-06-29 DOI: 10.1016/j.jisa.2024.103830
Girraj Kumar Verma , Nahida Majeed Wani , Saurabh Rana , Neeraj Kumar , Asheesh Tiwari
{"title":"Dynamic-anonymous privacy-preserving authenticated aggregation for safety-warning system for the Internet of Vehicles","authors":"Girraj Kumar Verma ,&nbsp;Nahida Majeed Wani ,&nbsp;Saurabh Rana ,&nbsp;Neeraj Kumar ,&nbsp;Asheesh Tiwari","doi":"10.1016/j.jisa.2024.103830","DOIUrl":"https://doi.org/10.1016/j.jisa.2024.103830","url":null,"abstract":"<div><p>Currently, the connectivity of vehicles using the latest communication and computing technologies has grown as the Internet of Vehicles (IoV). IoV has been utilized to foster an easy traffic flow by sharing safety-warning messages. However, authentication and confidentiality of shared information is a challenging issue. To solve the problem, various privacy-preserving authenticated data-aggregation schemes have been devised. However, existing schemes have shortcomings specifically concerning a heavy computational cost, and the need for a secure channel. Besides, static pseudonyms may increase the risk of a vehicle’s privacy leakage. In response to these challenges, this study introduces a new pairing-less and secure privacy-preserving authenticated data aggregation (PLS-PPADA) scheme. Leveraging the pairing-less and certificate-based setting, the PLS-PPADA scheme emerges as a robust, efficient, and effective solution for safety-warning systems in IoV. Further, to resolve the risk of privacy leakage due to static pseudonyms, the paradigm of fuzzy identity has been utilized. Thus, it achieves efficiency and dynamic anonymity and also does not require a secure channel for key sharing. A comprehensive security analysis underscores its effective data protection capabilities and efficiency comparison presents it as a compelling alternative to existing state-of-the-art schemes.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103830"},"PeriodicalIF":3.8,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141485986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信