Information Security And Cryptography

A Formally Verified Device Authentication Protocol Using Casper/FDR

by Mahdi Aiash

TrustCom 2012- International Symposium on Advances in Trusted and Secure Information Systems (TSIS)

For communication in Next Generation Networks,
highly-developed mobile devices will enable users to store andmore For communication in Next Generation Networks,
highly-developed mobile devices will enable users to store and
manage a lot of credentials on their terminals. Furthermore,
these terminals will represent and act on behalf of users when
accessing different networks and connecting to a wide variety
of services. In this situation, it is essential for users to trust
their terminals and for all transactions using them to be
secure. This paper analyses a number of the Authentication
and Key Agreement protocols between the users and mobile
terminals, then proposes a novel device authentication protocol.
The proposed protocol is analysed and verified using a formal
methods approach based on Casper/FDR compiler.

A formally verified AKA protocol for vertical handover in heterogeneous environments using Casper/FDR

by Mahdi Aiash

Mahdi Aiash, Glenford Mapp, Aboubaker Lasebae, Raphael Phan, Jonathan Loo

EURASIP Journal on Wireless Communications and Networking.

Next generation networks will comprise di®erent wireless networks including cellular technologies, WLAN and indoor... more Next generation networks will comprise di®erent wireless networks including cellular technologies, WLAN and indoor technologies. To support these heterogeneous environments, there is a need to consider a new design of the network infrastructure. Furthermore, this heterogeneous environment implies that future devices will need to roam between di®erent networks using vertical handover techniques. When a mobile user moves into a new foreign network, data con¯dentiality and mutual authentication between the user and the network are vital issues in this heterogeneous environment. This article deals with these issues by ¯rst examining the implication of moving towards an open architecture, and then looking at how current approaches such as the 3GPP, HOKEY and mobile ethernet respond to the new environment while trying to address the security issue. The results indicate that a new authentication and key agreement protocol is required to secure handover in this environment. Casper/FDR, is used in the analysis and development of the protocol. The proposed protocol has been proven to be successful in this heterogeneous environment. Keywords: authentication and key agreement protocol; secure vertical handover; heterogeneous environments; Casper/FDR.

Framework for the analysis and design of encryption strategies based on discrete-time chaotic dynamical systems

by David Arroyo

On the security of wireless sensor networks

by Rodrigo Roman

A survey of cryptographic primitives and implementations for hardware-constrained sensor network nodes

by Rodrigo Roman

On the hardware implementation efficiency of cryptographic primitives

by Rodrigo Roman

TSense: Trusted Sensors and Support Infrastructure

by Benedikt Kristinsson

A Hash-Based Approach for Colour Image Steganography

by Imran Sarwar Bajwa

IEEE International Conference on Computer Networks and Information Technology (ICCNIT 2011)

In this, paper we propose a novel hash-based approach for colour image steganography. As, the available approaches for... more In this, paper we propose a novel hash-based approach for colour image steganography. As, the available approaches for colour image steganography are using chaos-based and symmetric-key based cryptographic algorithms are not efficient and good for bulky data. However, the hash-based algorithms based approaches are considerably better in terms of providing better speed but these approaches are vulnerable in terms of providing security due to inherent flaws caused by used checksum approach. The key reason of vulnerability is that the used algorithms in such approaches such as MD5 and SHA-2 have flaws. In our approach, we purpose the use of perfect hash-function algorithm to provide a secure and fast approach for colour image steganography. We also present a prototype tool in this paper that is implementation of the presented approach and is also a proof of concept. Another contribution of the approach is that the presented approach can be used for coding data in any type of colour images such as bmp, jpeg, gif, and tiff as other available approaches are file format specific. The results of the initial experiments are very encouraging and support not only the used approach but also uphold the potential of the presented approach in general.

Integrity Mechanism for eHealth Tele-monitoring System in Smart Home Environment

by Nikos Komninos

31st International Conference of the IEEE Engineering in
Medicine and Biology Society, September 2-6, Minnesota, USA, 2009.

During the past few years, a lot of effort has been invested in research and development of eHealth tele-monitoring... more During the past few years, a lot of effort has been invested in research and development of eHealth tele-monitoring systems that will provide many benefits for healthcare delivery from the healthcare provider to the patient's home. However, there is a plethora of security requirements in eHealth tele-monitoring systems. Data integrity of the transferred medical data is one of the most important security requirements that should be satisfied in these systems, since medical information is extremely sensitive information, and even sometimes life threatening information. In this paper, we present a data integrity mechanism for eHealth tele-monitoring system that operates in a smart home environment. Agent technology is applied to achieve data integrity with the use of cryptographic smart cards. Furthermore, the overall security infrastructure and its various components are described.

Security Enhancement for A5/1 Without Losing Hardware Efficiency in Future Mobile Systems

by Nikos Komninos

IEE 3rd International Conference on 3G Mobile
Communication Technologies, IEE Conference Publication 489, London, UK, 2002, Page(s): 324-328.

A5/1 is the strong encryption algorithm which protects the air interface of the GSM cellular network. However, in the... more A5/1 is the strong encryption algorithm which protects the air interface of the GSM cellular network. However, in the Fast Software Encryption Workshop 2000, two attacks, the biased birthday attack and the random subgraph attack against A5/1 were presented. We propose new security enhancements to improve A5/1 encryption algorithm from the biased birthday attack and random subgraph attack in order to be used in future mobile communication systems. The improvements that make both attacks impractical are based on the clocking mechanism of the registers, and their key setup routine. Furthermore, we have increased the linear complexity of A5/1 to make the solution of the linear equations impractical in real time systems. Finally, both original and modified versions of A5/1 were implemented easily in a complex programmable logic device (CPLD). The modified version of A5/1 is fast, easy to implement, and most important small in size which makes it ideal for future mobile terminals.

Efficient Group Key Agreement & Recovery in Ad Hoc Networks

by Nikos Komninos

2nd IET International Conference on Wireless, Mobile & Multimedia Networks (ICWMMN 2008), Beijing China, 12-15 October 2008.

Ad hoc networks are dynamic peer-to-peer wireless networks composed of a collection of nodes which employ wireless... more Ad hoc networks are dynamic peer-to-peer wireless networks composed of a collection of nodes which employ wireless transmission methods in a self-organized way without relying on fixed infrastructure or predetermined connectivity. Such networks pose great challenges in group communication. In this paper, we propose an efficient group key agreement and recovery mechanism based on key escrow systems for ad hoc networks. Nodes randomly change their operation and perform authentication services for specific groups.

New Client Puzzle Approach for DoS Resistance in Ad Hoc Networks

by Nikos Komninos

IEEE International Conference on Information Theory and
Information Security (ICITIS), Beijin, China, December 17-19, 2010.

In this paper we propose a new client puzzle approach to prevent Denial of Service (DoS) attacks in ad hoc networks.... more In this paper we propose a new client puzzle approach to prevent Denial of Service (DoS) attacks in ad hoc networks. Each node in the network first solves a computational problem and with the solution has to create and solve a client puzzle. By combining computational problems with puzzles, we improve the efficiency and latency of the communicating nodes and resistance in DoS attacks. Experimental results show the effectiveness of our approach.

Integrity and Authenticity Mechanisms in Sensor Networks

by Nikos Komninos

International Journal on Computer Research, Nova Science Publishing Inc., Volume
15, Issue 1, Page(s): 57-72, 2007

User Dependent Cryptography for Security in Future Mobile Telecommunication Systems

by Nikos Komninos

IEEE 18th International Conference on Telecommunications (ICT 2011), Ag. Napa, Cyprus, 2011

In this paper we propose a user dependent scheme for enhancing security of the transmitted content in the future... more In this paper we propose a user dependent scheme for enhancing security of the transmitted content in the future telecommunication systems. In order to achieve a higher level of security we introduce a scheme where the user identity gets involved in the encryption/decryption processes using an additional component for the block cipher which represents the user's behavioural model. Applying such a scheme, in addition to introducing more difficulties to an attacker due to the user dependency of the cipher algorithm, gives the mobile operator the opportunity to ensure that a licensed service has not been shared by the customer. To show the feasibility of our approach we use the concept of invertible Boolean functions as an example.

Mitigate DoS and DDoS Attack in Mobile Ad Hoc Networks

by Nikos Komninos

International Journal of Digital Crime and Forensics, Vol: 3, Issue:1, 2011, Page(s): 14-36

This paper proposes a technique in order to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS)... more This paper proposes a technique in order to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. Our technique is divided into two main parts and is a combination of game theory and cryptographic puzzles. First, we introduce a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and is mainly based on fundamental principles of game theory. By combining computational problems with puzzles, we improve the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of our approach even for devices with limited resources and for environments like ad hoc networks where nodes must exchange information really fast.

Secure Communication In Asynchronous Noise Phase Shift Keying CDMA Systems

by Ramin Vali

This paper appears in: Spread Spectrum Techniques and Applications, 2008. ISSSTA '08. IEEE 10th International Symposium on

Gaussian distributed random signals are analyzed
for encoding and spreading users’ message sequences in code more Gaussian distributed random signals are analyzed
for encoding and spreading users’ message sequences in code
division multiple access systems (CDMA). Using theoretical
analysis and practical implementation in DSP technology it has
been shown that the random sequences generated from the
Gaussian distribution can be efficiently used in this CDMA
system. In this way the security of the message transmission is
enhanced due to the random nature of all signals generated and
used for users’ message signal spreading and coding in this
communication system. The signal processing blocks of the
system, including the transmitter, receiver and the channel, are
theoretically described. The expressions for the probability of
error are derived for the case when the additive white Gaussian
noise and fading are present in the channel. The system, including
the transceiver and the channel, is implemented in DSP
technology and the theoretical results are confirmed by
measurements on the designed system. Moreover the acquisition
phase of a synchronization block using Gaussian distributed
random signals is also theoretically analyzed and implemented in
DSP technology.

The Use of AHP in Security Policy Decision Making: An Open Office Calc Application

by Irfan Syamsuddin

Journal of Software (ISSN 1796-217X), Vol 5, No 10 (2010): Special Issue: Information Security and Applications, pp. 1162-1169, October 2010

In this paper, we introduce a framework to guide decision makers evaluating information security policy performance.... more In this paper, we introduce a framework to guide decision makers evaluating information security policy performance. It is motivated by lack of adequate decision making mechanism with broader scopes and easy to use for the decision makers. The framework, which adopts Analytic hierarchy Process (AHP) methodology, is developed into a four level hierarchy (goal, criteria, sub-criteria, and alternatives) representing different aspects of information security policy. A survey based on AHP methodology was conducted to obtain decision maker preferences. Instead of relying on dedicated AHP software, we prefer to clearly demonstrate the process of AHP calculations by using Open Office Calc in data analysis. The aims are to show the applicability of open source software in handling AHP decision making problem and to help decision makers in understanding AHP data analysis procedures without relying on proprietary software. Results show that decision makers prefer availability of information security as highest priority, followed by confidentiality and integrity. The findings reflect future strategy in order to improve the effectiveness of information security policy in the
organization.

Bitcoin: A Currency Revolution

by Aaron Miller

This is my research paper for my freshman comp. II class I took with Dr. Bellah.

Faith and trust give paper power, but faith can be shattered and trust abused. Choice of practical means of exchange... more Faith and trust give paper power, but faith can be shattered and trust abused. Choice of practical means of exchange has been limited, but a new era in the world of currency may becoming. Like revolutions and advances past, this one may bring good and bad. Bitcoin is thename, and in its realm, faith and trust are immaterial. Bitcoin will shape the future of the worldof currency by eliminating the middleman.

Shedding light on rfid distance bounding protocols and terrorist fraud attacks

by Christos Dimitrakakis

An Authentication Framework for Wireless Sensor Networks Using Identity-Based Signatures: Implementation and Evaluation

by Rehana Yasmin

Special section on Trust, Security and Privacy in Computing and Communication Systems in IEICE Transactions on Information and Systems (IEICE-2011). Vol. E95-D, No. 01, pp. 126-133, publication date 01 Jan. 2012.

In Wireless Sensor Networks (WSNs), authentication is a crucial security requirement to avoid attacks against secure... more In Wireless Sensor Networks (WSNs), authentication is a crucial security requirement to avoid attacks against secure communication, and to mitigate DoS attacks exploiting the limited resources of sensor nodes. Resource constraints of sensor nodes are hurdles in applying strong public key cryptographic based mechanisms in WSNs. To address the problem of authentication in WSNs, we propose an efficient and secure framework for authenticated broadcast/multicast by sensor nodes as well as for outside user authentication, which utilizes identity based cryptography and online/offline signature (OOS) schemes. The primary goals of this framework are to enable all sensor nodes in the network, firstly, to broadcast and/or multicast an authenticated message quickly; secondly, to verify the broadcast/multicast message sender and the message contents; and finally, to verify the legitimacy of an outside user. This paper reports the implementation and experimental evaluation of the previously proposed authenticated broadcast/multicast by sensor nodes scheme using online/offline signature on TinyOS and MICA2 sensor nodes.