5,624 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations
With the expansion of wireless sensor networks (WSNs), the need for securing
the data flow through these networks is increasing. These sensor networks allow
for easy-to-apply and flexible installations which have enabled them to be used
for numerous applications. Due to these properties, they face distinct
information security threats. Security of the data flowing through across
networks provides the researchers with an interesting and intriguing potential
for research. Design of these networks to ensure the protection of data faces
the constraints of limited power and processing resources. We provide the
basics of wireless sensor network security to help the researchers and
engineers in better understanding of this applications field. In this chapter,
we will provide the basics of information security with special emphasis on
WSNs. The chapter will also give an overview of the information security
requirements in these networks. Threats to the security of data in WSNs and
some of their counter measures are also presented
- …