8,104 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
REISCH: incorporating lightweight and reliable algorithms into healthcare applications of WSNs
Healthcare institutions require advanced technology to collect patients' data accurately and continuously. The tradition technologies still suffer from two problems: performance and security efficiency. The existing research has serious drawbacks when using public-key mechanisms such as digital signature algorithms. In this paper, we propose Reliable and Efficient Integrity Scheme for Data Collection in HWSN (REISCH) to alleviate these problems by using secure and lightweight signature algorithms. The results of the performance analysis indicate that our scheme provides high efficiency in data integration between sensors and server (saves more than 24% of alive sensors compared to traditional algorithms). Additionally, we use Automated Validation of Internet Security Protocols and Applications (AVISPA) to validate the security procedures in our scheme. Security analysis results confirm that REISCH is safe against some well-known attacks
Cloud Data Auditing Using Proofs of Retrievability
Cloud servers offer data outsourcing facility to their clients. A client
outsources her data without having any copy at her end. Therefore, she needs a
guarantee that her data are not modified by the server which may be malicious.
Data auditing is performed on the outsourced data to resolve this issue.
Moreover, the client may want all her data to be stored untampered. In this
chapter, we describe proofs of retrievability (POR) that convince the client
about the integrity of all her data.Comment: A version has been published as a book chapter in Guide to Security
Assurance for Cloud Computing (Springer International Publishing Switzerland
2015
Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks
This chapter discusses the need of security and privacy protection mechanisms
in aggregation protocols used in wireless sensor networks (WSN). It presents a
comprehensive state of the art discussion on the various privacy protection
mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed
by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA
protocol and proposes a mechanism to plug that vulnerability. To demonstrate
the need of security in aggregation process, the chapter further presents
various threats in WSN aggregation mechanisms. A large number of existing
protocols for secure aggregation in WSN are discussed briefly and a protocol is
proposed for secure aggregation which can detect false data injected by
malicious nodes in a WSN. The performance of the protocol is also presented.
The chapter concludes while highlighting some future directions of research in
secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table
- …