Device-Based Isolation for Securing Cryptographic Keys

In this work, we describe an eective device-based isolation approach for achieving data security. Device-based isolation leverages the proliferation of personal computing devices to provide strong run-time guarantees for the condentiality of secrets. To demonstrate our isolation approach, we show its use in protecting the secrecy of highly sensitive data that is crucial to security operations, such as cryptographic keys used for decrypting ciphertext or signing digital signatures. Private key is usually encrypted when not used, however, when being used, the plaintext key is loaded into the memory of the host for access. In our threat model, the host may be compromised by attackers, and thus the condentiality of the host memory cannot be preserved. We present a novel and practical solution and its prototype called DataGuard to protect the secrecy of the highly sensitive data through the storage isolation and secure tunneling enabled by a mobile handheld device. DataGuard can be deployed for the key protection of individuals or organizations

On the feasibility of attribute-based encryption on Internet of Things devices

Attribute-based encryption (ABE) could be an effective cryptographic tool for the secure management of Internet of Things (IoT) devices, but its feasibility in the IoT has been under-investigated thus far. This article explores such feasibility for well-known IoT platforms, namely, Intel Galileo Gen 2, Intel Edison, Raspberry pi 1 model B, and Raspberry pi zero, and concludes that adopting ABE in the IoT is indeed feasible

Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices

Networks are evolving toward a ubiquitous model in which heterogeneous devices are interconnected. Cryptographic algorithms are required for developing security solutions that protect network activity. However, the computational and energy limitations of network devices jeopardize the actual implementation of such mechanisms. In this paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing based cryptography on personal agendas, and compare them with the costs of basic operating system functions. Results show that although cryptographic power costs are high and such operations shall be restricted in time, they are not the main limiting factor of the autonomy of a device

ABAKA : a novel attribute-based k-anonymous collaborative solution for LBSs

The increasing use of mobile devices, along with advances in telecommunication systems, increased the popularity of Location-Based Services (LBSs). In LBSs, users share their exact location with a potentially untrusted Location-Based Service Provider (LBSP). In such a scenario, user privacy becomes a major con- cern: the knowledge about user location may lead to her identification as well as a continuous tracing of her position. Researchers proposed several approaches to preserve users’ location privacy. They also showed that hiding the location of an LBS user is not enough to guarantee her privacy, i.e., user’s pro- file attributes or background knowledge of an attacker may reveal the user’s identity. In this paper we propose ABAKA, a novel collaborative approach that provides identity privacy for LBS users considering users’ profile attributes. In particular, our solution guarantees p -sensitive k -anonymity for the user that sends an LBS request to the LBSP. ABAKA computes a cloaked area by collaborative multi-hop forwarding of the LBS query, and using Ciphertext-Policy Attribute-Based Encryption (CP-ABE). We ran a thorough set of experiments to evaluate our solution: the results confirm the feasibility and efficiency of our proposal

Design and Implementation of Secure Location Service Using Software Engineering Approach in the Age of Industry 4.0

Data privacy and security are major concerns in any location-based system. In majority of location-based systems, data security is ensured via data replacement policies. Data replacement or hiding policy requires additional measures for providing required security standards for Industry 4.0. Whereas, cryptography primitives and protocols are integral part of any network and can be re-used for ensuring user’s locations in Industry 4.0 based applications. In this work, an application has been designed and developed that used RSA encryption/decryption algorithm for ensuring location data’s confidentiality. The proposed system is distributed in nature and gives access to location’s information after users get authenticated and authorized. In the proposed system, a threshold-based subset mechanism is adopted for keys and their storage. Server is designed to securely store the location information for clients and provide this information to those set of clients or users who are able to verify sum of subset of keys. This work has elaborated the location-based data confidentiality designs in a distributed client/server environment and presented the in-depth system working with different flow diagrams. The command line and graphical User Interface (GUI)-based implementation shows that the proposed system is capable of working with standard system requirements (i5 processor, 4 GB RAM and 64-bits operating system). In addition to location information, system is able to provide much important information (including IP address, timestamp, time to access, hop count) that enhances the overall system capabilities

Secure Communication with DNS through Cloud

Internet in today’s world has become one of the most prominent ways to communicate through text, voice, pictures, video and many more ways. Millions of MB of data is exchanged over internet in a single day all over the world. And lots of those data is sensitive and private. Thus internet provides as point to intrude in someone’s private life or intercept some sensitive data. With the increasing use of Smartphone, a big amount of data is being stored and exchange through the application running on its operating system. This have only increased the data exchange over the network. That’s why the importance of security over the exchange as well as storage of data has increased dramatically over the past few years. For providing security many different methods or ways are taken. Over those methods use of cryptography is one of the widely used methods. DOI: 10.17762/ijritcc2321-8169.15060