One-to-Cloud One-Time Pad Data Encryption: Introducing Virtual Prototyping with PSpice

In this paper, we examine the design and application of a one-time pad encryption system for protecting data stored in the Cloud. Personalising security using a one-time pad generator at the client-end protects data from break-ins, side-channel attacks and backdoors in public encryption algorithms. The one-time pad binary sequences were obtained from modified analogue chaos oscillators initiated by noise and encoded client data locally. Specific ``one-to-Cloud\u27\u27 storage applications returned control back to the end user but without the key distribution problem normally associated with one-time pad encryption. Development of the prototype was aided by ``Virtual Prototyping\u27\u27 in the latest version of Cadence OrCAD PSpice$^\copyright$. This addition allows the prototype simulation schematic to be connected to an actual microcontroller in real time using device model interfacing for bi-directional communication

Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

Secure agent data integrity shield

In the rapidly expanding field of E-Commerce, mobile agent is the emerging technology that addresses the requirement of intelligent filtering/processing of information. This paper will address the area of mobile agent data integrity protection. We propose the use of Secure Agent Data Integrity Shield (SADIS) as a scheme that protects the integrity of data collected during agent roaming. With the use of a key seed negotiation protocol and integrity protection protocol, SADIS protects the secrecy as well as the integrity of agent data. Any illegal data modification, deletion, or insertion can be detected either by the subsequent host or the agent butler. Most important of all, the identity of each malicious host can be established. To evaluate the feasibility of our design, a prototype has been developed using Java. The result of benchmarking shows improvement both in terms of data and time efficiency