IET Information Security最新文献_第8页

A Publicly Verifiable Leveled Fully Homomorphic Signcryption Scheme 一个可公开验证的水平全同态签名加密方案

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-31 DOI: 10.1049/2023/1377042

Zhaoxuan Bian, Fuqun Wang, Renjun Zhang, Bin Lian, Lidong Han, Kefei Chen

引用次数: 0

Kyber, Saber, and SK-MLWR Lattice-Based Key Encapsulation Mechanisms Model Checking with Maude Kyber， Saber和SK-MLWR基于格子的密钥封装机制模型检查与Maude

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-30 DOI: 10.1049/2023/9399887

Duong Dinh Tran, Kazuhiro Ogata, Santiago Escobar, Sedat Akleylek, Ayoub Otmani

{"title":"Kyber, Saber, and SK-MLWR Lattice-Based Key Encapsulation Mechanisms Model Checking with Maude","authors":"Duong Dinh Tran, Kazuhiro Ogata, Santiago Escobar, Sedat Akleylek, Ayoub Otmani","doi":"10.1049/2023/9399887","DOIUrl":"10.1049/2023/9399887","url":null,"abstract":"<div>\u0000 <p>Facing the potential threat raised by quantum computing, a great deal of research from many groups and industrial giants has gone into building public-key post-quantum cryptographic primitives that are resistant to the quantum attackers. Among them, there is a large number of post-quantum key encapsulation mechanisms (KEMs), whose purpose is to provide a secure key exchange, which is a very crucial component in public-key cryptography. This paper presents a formal security analysis of three lattice-based KEMs including Kyber, Saber, and SK-MLWR. We use Maude, a specification language supporting equational and rewriting logic and a high-performance tool equipped with many advanced features, such as a reachability analyzer that can be used as a model checker for invariant properties, to model the three KEMs as state machines. Because they all belong to the class of lattice-based KEMs, they share many common parts in their designs, such as polynomials, vectors, and message exchange patterns. We first model these common parts and combine them into a specification, called base specification. After that, for each of the three KEMs, by extending the base specification, we just need to model some additional parts and the mechanism execution. Once completing the three specifications, we conduct invariant model checkings with the Maude search command, pointing out a similar man-in-the-middle attack. The occurrence of this attack is due to the fact that authentication is not part of the KEMs, and therefore an active attacker can modify all communication between two honest parties.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2023 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2023-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2023/9399887","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136019437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Bit-Sliced Implementation of SM4 and New Performance Records SM4的位切片实现和新的性能记录

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-27 DOI: 10.1049/2023/1821499

Xin Miao, Lu Li, Chun Guo, Meiqin Wang, Weijia Wang

引用次数: 0

A Survey of Secure Communications for Satellite Internet Based on Cryptography and Physical Layer Security 基于密码学和物理层安全的卫星互联网安全通信研究

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-26 DOI: 10.1049/2023/5604802

Yu Zhang, Shuangrui Zhao, Ji He, Yuanyu Zhang, Yulong Shen, Xiaohong Jiang

{"title":"A Survey of Secure Communications for Satellite Internet Based on Cryptography and Physical Layer Security","authors":"Yu Zhang, Shuangrui Zhao, Ji He, Yuanyu Zhang, Yulong Shen, Xiaohong Jiang","doi":"10.1049/2023/5604802","DOIUrl":"10.1049/2023/5604802","url":null,"abstract":"<div>\u0000 <p>Satellite internet serves as an indispensable component of the upcoming sixth-generation networks for providing global broadband internet access service. Due to the open nature of satellite-ground communication, security issue in satellite internet has always been an important concern for both industry and academia. Although many researchers focus on secure communications in satellite internet, the literature is surprisingly sparse, with no comprehensive overview of the state-of-the-art security techniques. This paper provides an in-depth survey of secure communications for various satellite internet scenarios. Based on different security mechanisms, we first categorize the existing works of secure communications in satellite internet into two categories: cryptography-based and physical layer security-based. The former includes classical encryption-based and quantum encryption-based secure communication, and the latter is further divided into precoding-based, cooperative jamming-based, relay selection-based, and physical-layer authentication-based secure communication depending on the applied techniques. Finally, we provide some future research directions.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2023 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2023-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2023/5604802","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134907874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cross-Space Conduction Assessment Method of Network Attack Risk under the Strong Coupling Characteristics of Electric Power Cyber Physics 电力网络物理强耦合特性下网络攻击风险跨空间传导评估方法

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-25 DOI: 10.1049/2023/9006166

Shenjian Qiu, Jiaxuan Fei, Jian Wang

{"title":"Cross-Space Conduction Assessment Method of Network Attack Risk under the Strong Coupling Characteristics of Electric Power Cyber Physics","authors":"Shenjian Qiu, Jiaxuan Fei, Jian Wang","doi":"10.1049/2023/9006166","DOIUrl":"10.1049/2023/9006166","url":null,"abstract":"<div>\u0000 <p>With the deep integration and wide application of advanced digital sensing, Internet of Things technology, and energy technology in power systems. Power information systems and physical systems are gradually being coupled and developed into power cyber–physical systems (CPS). A number of blackouts in recent years have shown that cyberspace cyber attacks on CPS can lead to the intensification and rapid spread of faults in the physical space of the power grid, and even system collapse. Aiming at the difficulty of analyzing the evolution of cyber–physical cross-space impacts of cyber-attacks, this paper proposes a cross-domain propagation impact assessment method that considers cyber–physical coupling risks caused by attacks. First, according to the multiple coupling relationship between the power system information space and physical space, the monitoring function model and the control function model are established. Second, under the effect of high-concealment attack, analyze the impact of the risk caused by its failure after it is transmitted to the physical space with different propagation probabilities. Finally, the experimental verification was carried out using the IEEE RTS79 standard test system. The simulation results show that the proposed method can comprehensively consider the cyber–physical energy supply coupling relationship, the risk propagation probability, and the operating characteristics of the information system, and effectively quantify and evaluate the impact of information space network attacks on the physical space entity power grid. It further reveals the objective law that information space risks can evolve and spread across domains under the condition of strong coupling of information physics.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2023 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2023-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2023/9006166","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135112439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Hardness of Module-LWE with Semiuniform Seeds from Module-NTRU 模组- ntru半均匀种子模组- lwe硬度

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-23 DOI: 10.1049/2023/2969432

Wenjuan Jia, Jiang Zhang, Baocang Wang

{"title":"Hardness of Module-LWE with Semiuniform Seeds from Module-NTRU","authors":"Wenjuan Jia, Jiang Zhang, Baocang Wang","doi":"10.1049/2023/2969432","DOIUrl":"10.1049/2023/2969432","url":null,"abstract":"<div>\u0000 <p>The module learning with errors (MLWE) problem has attracted significant attention and has been widely used in building a multitude of lattice-based cryptographic primitives. The hardness of the MLWE problem has been established for several variants, but most of the known results require the seed distribution (i.e., the distribution of matrix <b>A</b>) to be the uniform distribution. In this paper, we show that under the Module-N-th degree Truncated polynomial Ring Units (NTRU) (MNTRU) assumption, the search MLWE problem can still be hard for some distributions that are not (even computationally indistinguishable from) the uniform distribution. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for appropriate settings of parameters, the search MLWE problem is hard under the MNTRU assumption. Moreover, we also show that under the appropriate settings of parameters, the search learning with errors over rings problem with semiuniform seeds can still be hard under the NTRU assumption due to our results for the search MLWE problem with semiuniform seeds being rank-preserving.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2023 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2023/2969432","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135412746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Hardness of (Semiuniform) MLWE with Short Distributions Using the Rényi Divergence 用rsamnyi散度分析短分布（半均匀）MLWE的硬度

IF 1.3 4区计算机科学

IET Information Security Pub Date : 2023-10-23 DOI: 10.1049/2023/2104380

Wenjuan Jia, Baocang Wang

{"title":"Hardness of (Semiuniform) MLWE with Short Distributions Using the Rényi Divergence","authors":"Wenjuan Jia, Baocang Wang","doi":"10.1049/2023/2104380","DOIUrl":"10.1049/2023/2104380","url":null,"abstract":"<div>\u0000 <p>The module learning with errors (MLWE) problem has attracted considerable attention for its tradeoff between security and efficiency. The quantum/classical worst-case to average-case hardness for the MLWE problem (or more exactly, a family of problems) has been established, but most of the known results require the seed distribution to be the uniform distribution. In the present paper, we show that, using the noise flooding technique based on the Rényi divergence, the search MLWE problem with uniform <i>B</i>-bounded secret distribution for 1 ≤ <i>B</i> ≪ <i>q</i> can still be hard for some seed distributions that are not (even computationally indistinguishable from) the uniform distribution under the standard MLWE assumption. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for suitable parameter choices, the search MLWE problem with uniform bounded secret distribution is hard under the standard MLWE assumption. Moreover, we also show that under the appropriate setting of parameters, the search MLWE problem with uniform bounded noise distribution is at least as hard as the standard MLWE assumption using a different approach than the one used by Boudgoust et al. in [JoC 2023].</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2023 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2023/2104380","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135412888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Defending against social engineering attacks: A security pattern-based analysis framework 抵御社会工程攻击：一个基于安全模式的分析框架

IF 1.4 4区计算机科学

IET Information Security Pub Date : 2023-07-18 DOI: 10.1049/ise2.12125

Tong Li, Chuanyong Song, Qinyu Pang

{"title":"Defending against social engineering attacks: A security pattern-based analysis framework","authors":"Tong Li, Chuanyong Song, Qinyu Pang","doi":"10.1049/ise2.12125","DOIUrl":"https://doi.org/10.1049/ise2.12125","url":null,"abstract":"<p>Social engineering attacks are a growing threat to modern complex systems. Increasingly, attackers are exploiting people's \"vulnerabilities\" to carry out social engineering attacks for malicious purposes. Although such a severe threat has attracted the attention of academia and industry, it is challenging to propose a comprehensive and practical set of countermeasures to protect systems from social engineering attacks due to its interdisciplinary nature. Moreover, the existing social engineering defence research is highly dependent on manual analysis, which is time-consuming and labour-intensive and cannot solve practical problems efficiently and pragmatically. This paper proposes a systematic approach to generate countermeasures based on a typical social engineering attack process. Specifically, we systematically ‘attack’ each step of social engineering attacks to prevent, mitigate, or eliminate them, resulting in 62 countermeasures. We have designed a set of social engineering security patterns that encapsulate relevant security knowledge to provide practical assistance in the defence analysis of social engineering attacks. Finally, we present an automatic analysis framework for applying social engineering security patterns. We applied the case study method and performed semi-structured interviews with nine participants to evaluate our proposal, showing that our approach effectively defended against social engineering attacks.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"703-726"},"PeriodicalIF":1.4,"publicationDate":"2023-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12125","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50136879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Solving blockchain trilemma using off-chain storage protocol 使用链下存储协议解决区块链三重困境

IF 1.4 4区计算机科学

IET Information Security Pub Date : 2023-07-18 DOI: 10.1049/ise2.12124

Saha Reno, Md. Mokammel Haque

引用次数: 0

An optimisation for a two-round good-case latency protocol 两轮良好情况下延迟协议的优化

IF 1.4 4区计算机科学

IET Information Security Pub Date : 2023-07-13 DOI: 10.1049/ise2.12123

Kexin Hu, Zhenfeng Zhang, Kaiwen Guo, Weiyu Jiang, Xiaoman Li, Jiang Han

{"title":"An optimisation for a two-round good-case latency protocol","authors":"Kexin Hu, Zhenfeng Zhang, Kaiwen Guo, Weiyu Jiang, Xiaoman Li, Jiang Han","doi":"10.1049/ise2.12123","DOIUrl":"https://doi.org/10.1049/ise2.12123","url":null,"abstract":"<p>Byzantine broadcast is a fundamental primitive in distributed computing. A highly efficient Byzantine broadcast protocol, motivated by the real-world performance of practical state machine replication protocols, is increasingly needed. This article focuses on the state-of-the-art partially synchronous Byzantine broadcast protocol proposed by Abraham et al. (PODC’21), which achieves optimal good-case latency of two rounds and optimal resilience of <i>n</i> ≥ 5<i>f</i> − 1 in this setting. Each step of the protocol is analysed, and then improved by cutting down the number of messages required to be collected and transmitted <i>in the heaviest step</i> of the protocol <i>by about half</i>, without adding any extra cost. This benefits from a new property, named “spread”, that we identify and extract from the original protocol. It helps us to eliminate non-essential work in its view-change procedure. The authors also show that no further reduction is possible without violating security. A prototype is implemented and the performances of improved and original protocols are evaluated in the same environment. The results show that our improvement can achieve about 50% lower communication cost and 40% shorter latency at a scale of 100 replicas. The latency gap becomes wider as the scale further increases.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"664-680"},"PeriodicalIF":1.4,"publicationDate":"2023-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12123","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50131632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0