Cryptanalysis of the Improved Cellular Message Encryption Algorithm

This paper analyzes the Improved Cellular Message Encryption Algorithm (CMEA-I) which is an improved version of the Telecommunication Industry Association\u27s Cellular Message Encryption Algorithm (CMEA). We present a chosen-plaintext attack of CMEA-I which requires less than 850 plaintexts in its adaptive version. This demonstrates that the improvements made over CMEA are ineffective to thwart such attacks and confirms that the security of CMEA and its variants must be reconsidered from the beginning

Recent Advancements on Symmetric Cryptography Techniques -A Comprehensive Case Study

Now a day2019;s Cryptography is one of the broad areas for researchers; because of the conventional block cipher has lost its potency due to the sophistication of modern systems that can break it by brute force. Due to its importance, several cryptography techniques and algorithms are adopted by many authors to secure the data, but still there is a scope to improve the previous approaches. For this necessity, we provide the comprehensive survey which will help the researchers to provide better techniques

BVPSMS: A Batch Verification Protocol for End-to-End Secure SMS for Mobile Users

Short Message Service (SMS) is a widely used communication medium for mobile applications, such as banking, social networking, and e-commerce. Applications of SMS services also include real-time broadcasting messages, such as notification of natural disasters and terrorist attacks, and sharing the current whereabouts to other users, such as notifying urgent business meeting information, transmitting quick information in the battlefield to multiple users, notifying current location to our friends, and sharing market information. However, traditional SMS is not designed with security in mind (e.g. messages are not securely sent). In this paper, we introduce a batch verification Authentication and Key Agreement (AKA) protocol, BVPSMS, which provides end-to-end message security over an insecure communication channel between different Mobile Subscribers (MSs). Specifically, the proposed protocol securely transmits SMS from one MS to multiple MS simultaneously. We then evaluate the performance of the BVPSMS protocol in terms of communication and computation overheads, protocol execution time, and batch and re-batch verification times. The impacts of the user mobility, and the time, space, and cost complexity analysis are also discussed. We present a formal proof of the proposed protocol. To the best of our knowledge, this is the first provably-secure batch verification AKA protocol, which provides end-to-end security to the SMS using symmetric keys

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

CUPS : Secure Opportunistic Cloud of Things Framework based on Attribute Based Encryption Scheme Supporting Access Policy Update

The ever‐growing number of internet connected devices, coupled with the new computing trends, namely within emerging opportunistic networks, engenders several security concerns. Most of the exchanged data between the internet of things (IoT) devices are not adequately secured due to resource constraints on IoT devices. Attribute‐based encryption is a promising cryptographic mechanism suitable for distributed environments, providing flexible access control to encrypted data contents. However, it imposes high decryption costs, and does not support access policy update, for highly dynamic environments. This paper presents CUPS, an ABE‐based framework for opportunistic cloud of things applications, that securely outsources data decryption process to edge nodes in order to reduce the computation overhead on the user side. CUPS allows end‐users to offload most of the decryption overhead to an edge node and verify the correctness of the received partially decrypted data from the edge node. Moreover, CUPS provides the access policy update feature with neither involving a proxy‐server, nor re‐encrypting the enciphered data contents and re‐distributing the users' secret keys. The access policy update feature in CUPS does not affect the size of the message received by the end‐user, which reduces the bandwidth and the storage usage. Our comprehensive theoretical analysis proves that CUPS outperforms existing schemes in terms of functionality, communication and computation overheads