A novel block cipher design paradigm for secured communication

Unmanned aerial vehicles (UAV) are commonly used to conduct tasks (e.g. monitor and surveillance) in various civilian applications from a remote location. Wireless communications (i.e. radio frequency) are often used to remotely pilot the UAV and stream data back to the operator. The characteristics of the wireless communication channel allows attackers to monitor and manipulate the operation of the UAV through passive and active attacks. Cryptography is selected as a countermeasure to mitigate these threats; however, a drawback of using cryptography is the impact on the real-time operation and performance of the UAV. This paper proposes the Permutation Substitution Network (PSN) design paradigm with an instance presented which isthe Alternative Advanced Encryption Standard (AAES) and analysis of its performance against the standardised Substitution Permutation Network (SPN) design paradigm the Advanced Encryption Standard (AES). Results indicate that using the PSN paradigm is a feasible approach in comparison to the SPN design paradigm

A Novel Approach to Transport-Layer Security for Spacecraft Constellations

Spacecraft constellations seek to provide transformational services from increased environmental awareness to reduced-latency international finance. This connected future requires trusted communications. Transport-layer security models presume link characteristics and encapsulation techniques that may not be sustainable in a networked constellation. Emerging transport layer protocols for space communications enable new transport security protocols that may provide a pragmatic alternative to deploying Internet security mechanisms in space. The Bundle Protocol (BP) and Bundle Protocol Security (BPSec) protocol have been designed to provide such an alternative. BP is a store-and-forward alternative to IP that carries session information as secondary headers. BPSec uses BP’s featureful secondary header mechanism to hold security information and security results. In doing so, BPSec provides an in-packet augmentation alternative to security by encapsulation. BPSec enables features such as security-at-rest, separate encryption/signing of individual protocol headers, and the ability to add secondary headers and secure them at waypoints in the network. These features provided by BPSec change the system trades associated with networked constellations. They enable security at rest, secure content caching, and deeper inspection at gateways otherwise obscured by tunneling

Novel Proposed Work for Empirical Word Searching in Cloud Environment

People's lives have become much more convenient as a result of the development of cloud storage. The third-party server has received a lot of data from many people and businesses for storage. Therefore, it is necessary to ensure that the user's data is protected from prying eyes. In the cloud environment, searchable encryption technology is used to protect user information when retrieving data. The versatility of the scheme is, however, constrained by the fact that the majority of them only offer single-keyword searches and do not permit file changes.A novel empirical multi-keyword search in the cloud environment technique is offered as a solution to these issues. Additionally, it prevents the involvement of a third party in the transaction between data holder and user and guarantees integrity. Our system achieves authenticity at the data storage stage by numbering the files, verifying that the user receives a complete ciphertext. Our technique outperforms previous analogous schemes in terms of security and performance and is resistant to inside keyword guessing attacks.The server cannot detect if the same set of keywords is being looked for by several queries because our system generates randomized search queries. Both the number of keywords in a search query and the number of keywords in an encrypted document can be hidden. Our searchable encryption method is effective and protected from the adaptive chosen keywords threat at the same time

Efficient Implementation on Low-Cost SoC-FPGAs of TLSv1.2 Protocol with ECC_AES Support for Secure IoT Coordinators

Security management for IoT applications is a critical research field, especially when taking into account the performance variation over the very different IoT devices. In this paper, we present high-performance client/server coordinators on low-cost SoC-FPGA devices for secure IoT data collection. Security is ensured by using the Transport Layer Security (TLS) protocol based on the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher suite. The hardware architecture of the proposed coordinators is based on SW/HW co-design, implementing within the hardware accelerator core Elliptic Curve Scalar Multiplication (ECSM), which is the core operation of Elliptic Curve Cryptosystems (ECC). Meanwhile, the control of the overall TLS scheme is performed in software by an ARM Cortex-A9 microprocessor. In fact, the implementation of the ECC accelerator core around an ARM microprocessor allows not only the improvement of ECSM execution but also the performance enhancement of the overall cryptosystem. The integration of the ARM processor enables to exploit the possibility of embedded Linux features for high system flexibility. As a result, the proposed ECC accelerator requires limited area, with only 3395 LUTs on the Zynq device used to perform high-speed, 233-bit ECSMs in 413 µs, with a 50 MHz clock. Moreover, the generation of a 384-bit TLS handshake secret key between client and server coordinators requires 67.5 ms on a low cost Zynq 7Z007S device

Making the Distribution Subsystem Secure

This report presents how the Distribution Subsystem is made secure. A set of different security threats to a shared data programming system are identifed. The report presents the extensions nessesary to the DSS in order to cope with the identified security threats by maintaining reference security. A reference to a shared data structure cannot be forged or guessed; only by proper delegation can a thread acquire access to data originating at remote processes. Referential security is a requirement for secure distributed applications. By programmatically restricting access to distributed data to trusted nodes, a distributed application can be made secure. However, for this to be true, referential security must be supported on the level of the implementation

ABC based Double Layer-Triple Encryption Method for Data Security in Cloud

CLOUD computing is a new computing paradigm that is constructed on virtualization, aligned and circulated computing, utility computing, and service oriented architecture. The advantages of cloud computing include decreased charges and capital expenditures, expanded operational efficiencies, scalability, flexibility, immediate time to market, and so on. Distinct service oriented cloud computing forms have been proposed, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and programs as a Service (SaaS). In cloud computing, users have to give up their data to the cloud service provider for storage and business operations, while the cloud service provider is generally a financial enterprise, which will not be completely trusted. That is the main reason behind researchers’ motivation of the work. The proposed method provides better the data storage security with lesser time