EFFICIENT HARDWARE PRIMITIVES FOR SECURING LIGHTWEIGHT SYSTEMS

In the era of IoT and ubiquitous computing, the collection and communication of sensitive data is increasingly being handled by lightweight Integrated Circuits. Efficient hardware implementations of crytographic primitives for resource constrained applications have become critical, especially block ciphers which perform fundamental operations such as encryption, decryption, and even hashing. We study the efficiency of block ciphers under different implementation styles. For low latency applications that use unrolled block cipher implementations, we design a glitch filter to reduce energy consumption. For lightweight applications, we design a novel architecture for the widely used AES cipher. The design eliminates inefficiencies in data movement and clock activity, thereby significantly improving energy efficiency over state-of-the-art architectures. Apart from efficiency, vulnerability to implementation attacks are a concern, which we mitigate by our randomization capable lightweight AES architecture. We fabricate our designs in a commercial 16nm FinFET technology and present measured testchip data on energy consumption and side channel resistance. Finally, we address the problem of supply chain security by using image processing techniques to extract fingerprints from surface texture of plastic IC packages for IC authentication and counterfeit prevention. Collectively these works present efficient and cost effective solutions to secure lightweight systems

EXPLORING CONFIDENTIALITY AND PRIVACY OF IMAGE IN CLOUD COMPUTING

With the increasing popularity of cloud computing, clients are storing their data in cloud servers and are using “software as a service” for computing services. However, clients’ data may be sensitive, critical, and private, and processing such data with cloud servers may result in losing data privacy or compromising data confidentiality. Some cloud servers may be dishonest, while malicious entities may compromise others. In order to protect data privacy and confidentiality, clients need to be able to hide their actual data values and send the obfuscated values to cloud servers. This thesis deals with the outsourcing of computing to cloud servers, in which clients’ images can be computed and stored. This thesis proposes a technique that obfuscates images before sending them to servers, so these servers can perform computations on images without knowing the actual images. The proposed technique is expected to ensure data privacy and confidentiality. Servers will not be able to identify an individual whose images are stored and manipulated by the server. In addition, our approach employs an obfuscating technique to maintain the confidentiality of images, allowing cloud servers to compute obfuscated data accurately without knowing the actual data value, thus supporting privacy and confidentiality. The proposed approach is based on the Rabin block cipher technique, which has some weaknesses, however. The main drawback is its decryption technique, which results in four values, and only one of these values represents the actual value of plain data. Another issue is that the blocking technique requires a private key for each block that requires a high-computing effort; requiring one private key for each block of data demands that a great number of keys be stored by the client. As a result, it decreases the robustness of the Rabin block cipher. This thesis proposes additional techniques to overcome some of the weaknesses of the Rabin block cipher by introducing some new features, such as tokenization, a digit counter, and a set of blocks. The new technique increases the privacy of data and decreases the computational complexity by requiring fewer private keys. The new features have been implemented in image processing in order to demonstrate their applicability. However, in order to apply our approach to images, we must first apply some preprocessing techniques on images to make them applicable to being obfuscated by our proposed obfuscating system

Multimedia security and privacy protection in the internet of things: research developments and challenges

With the rapid growth of the internet of things (IoT), huge amounts of multimedia data are being generated from and/or exchanged through various IoT devices, systems and applications. The security and privacy of multimedia data have, however, emerged as key challenges that have the potential to impact the successful deployment of IoT devices in some data-sensitive applications. In this paper, we conduct a comprehensive survey on multimedia data security and privacy protection in the IoT. First, we classify multimedia data into different types and security levels according to application areas. Then, we analyse and discuss the existing multimedia data protection schemes in the IoT, including traditional techniques (e.g., cryptography and watermarking) and emerging technologies (e.g., blockchain and federated learning). Based on the detailed analysis on the research development of IoT-related multimedia security and privacy protection, we point out some open challenges and provide future research directions, aiming to advance the study in the relevant fields and assist researchers in gaining a deeper understanding of the state of the art on multimedia data protection in the IoT

Privacy preserving, real-time and location secured biometrics for mCommerce authentication

Secure wireless connectivity between mobile devices and financial/commercial establishments is mature, and so is the security of remote authentication for mCommerce. However, the current techniques are open for hacking, false misrepresentation, replay and other attacks. This is because of the lack of real-time and current-precise-location in the authentication process. This paper proposes a new technique that includes freshly-generated real-time personal biometric data of the client and present-position of the mobile device used by the client to perform the mCommerce so to form a real-time biometric representation to authenticate any remote transaction. A fresh GPS fix generates the "time and location" to stamp the biometric data freshly captured to produce a single, real-time biometric representation on the mobile device. A trusted Certification Authority (CA) acts as an independent authenticator of such client's claimed real time location and his/her provided fresh biometric data. Thus eliminates the necessity of user enrolment with many mCommerce services and application providers. This CA can also "independently from the client" and "at that instant of time" collect the client's mobile device "time and location" from the cellular network operator so to compare with the received information, together with the client's stored biometric information. Finally, to preserve the client's location privacy and to eliminate the possibility of cross-application client tracking, this paper proposes shielding the real location of the mobile device used prior to submission to the CA or authenticators