Algebraic Curves and Cryptographic Protocols for the e-society

Amb l'augment permanent de l'adopció de sistemes intel·ligents de tot tipus en la societat actual apareixen nous reptes. Avui en dia quasi tothom en la societat moderna porta a sobre almenys un telèfon intel·ligent, si no és que porta encara més dispositius capaços d'obtenir dades personals, com podria ser un smartwatch per exemple. De manera similar, pràcticament totes les cases tindran un comptador intel·ligent en el futur pròxim per a fer un seguiment del consum d'energia. També s'espera que molts més dispositius del Internet de les Coses siguin instal·lats de manera ubiqua, recol·lectant informació dels seus voltants i/o realitzant accions, com per exemple en sistemes d'automatització de la llar, estacions meteorològiques o dispositius per la ciutat intel·ligent en general. Tots aquests dispositius i sistemes necessiten enviar dades de manera segura i confidencial, les quals poden contindre informació sensible o de caire privat. A més a més, donat el seu ràpid creixement, amb més de nou mil milions de dispositius en tot el món actualment, s'ha de tenir en compte la quantitat de dades que cal transmetre. En aquesta tesi mostrem la utilitat de les corbes algebraiques sobre cossos finits en criptosistemes de clau pública, en particular la de les corbes de gènere 2, ja que ofereixen la mida de clau més petita per a un nivell de seguretat donat i això redueix de manera significativa el cost total de comunicacions d'un sistema, a la vegada que manté un rendiment raonable. Analitzem com la valoració 2-àdica del cardinal de la Jacobiana augmenta en successives extensions quadràtiques, considerant corbes de gènere 2 en cossos de característica senar, incloent les supersingulars. A més, millorem els algoritmes actuals per a computar la meitat d'un divisor d'una corba de gènere 2 sobre un cos binari, cosa que pot ser útil en la multiplicació escalar, que és l'operació principal en criptografia de clau pública amb corbes. Pel que fa a la privacitat, presentem un sistema de pagament d'aparcament per mòbil que permet als conductors pagar per aparcar mantenint la seva privacitat, i per tant impedint que el proveïdor del servei o un atacant obtinguin un perfil de conducta d'aparcament. Finalment, oferim protocols de smart metering millorats, especialment pel que fa a la privacitat i evitant l'ús de terceres parts de confiança.Con el aumento permanente de la adopción de sistemas inteligentes de todo tipo en la sociedad actual aparecen nuevos retos. Hoy en día prácticamente todos en la sociedad moderna llevamos encima al menos un teléfono inteligente, si no es que llevamos más dispositivos capaces de obtener datos personales, como podría ser un smartwatch por ejemplo. De manera similar, en el futuro cercano la mayoría de las casas tendrán un contador inteligente para hacer un seguimiento del consumo de energía. También se espera que muchos más dispositivos del Internet de las Cosas sean instalados de manera ubicua, recolectando información de sus alrededores y/o realizando acciones, como por ejemplo en sistemas de automatización del hogar, estaciones meteorológicas o dispositivos para la ciudad inteligente en general. Todos estos dispositivos y sistemas necesitan enviar datos de manera segura y confidencial, los cuales pueden contener información sensible o de ámbito personal. Además, dado su rápido crecimiento, con más de nueve mil millones de dispositivos en todo el mundo actualmente, hay que tener en cuenta la cantidad de datos a transmitir. En esta tesis mostreamos la utilidad de las curvas algebraicas sobre cuerpos finitos en criptosistemas de clave pública, en particular la de las curvas de género 2, ya que ofrecen el tamaño de clave más pequeño para un nivel de seguridad dado y esto disminuye de manera significativa el coste total de comunicaciones del sistema, a la vez que mantiene un rendimiento razonable. Analizamos como la valoración 2-ádica del cardinal de la Jacobiana aumenta en sucesivas extensiones cuadráticas, considerando curvas de género 2 en cuerpos de característica importa, incluyendo las supersingulares. Además, mejoramos los algoritmos actuales para computar la mitad de un divisor de una curva de género 2 sobre un cuerpo binario, lo cual puede ser útil en la multiplicación escalar, que es la operación principal en criptografía de clave pública con curvas. Respecto a la privacidad, presentamos un sistema de pago de aparcamiento por móvil que permite a los conductores pagar para aparcar manteniendo su privacidad, y por lo tanto impidiendo que el proveedor del servicio o un atacante obtengan un perfil de conducta de aparcamiento. Finalmente, ofrecemos protocolos de smart metering mejorados, especialmente en lo relativo a la privacidad y evitando el uso de terceras partes de confianza.With the ever increasing adoption of smart systems of every kind throughout society, new challenges arise. Nowadays, almost everyone in modern societies carries a smartphone at least, if not even more devices than can also gather personal data, like a smartwatch or a fitness wristband for example. Similarly, practically all homes will have a smart meter in the near future for billing and energy consumption monitoring, and many other Internet of Things devices are expected to be installed ubiquitously, obtaining information of their surroundings and/or performing some action, like for example, home automation systems, weather detection stations or devices for the smart city in general. All these devices and systems need to securely and privately transmit some data, which can be sensitive and personal information. Moreover, with a rapid increase of their number, with already more than nine billion devices worldwide, the amount of data to be transmitted has to be considered. In this thesis we show the utility of algebraic curves over finite fields in public key cryptosystems, specially genus 2 curves, since they offer the minimum key size for a given security level and that significantly reduces the total communication costs of a system, while maintaining a reasonable performance. We analyze how the 2-adic valuation of the cardinality of the Jacobian increases in successive quadratic extensions, considering genus 2 curves with odd characteristic fields, including supersingular curves. In addition, we improve the current algorithms for computing the halving of a divisor of a genus 2 curve over binary fields, which can be useful in scalar multiplication, the main operation in public key cryptography using curves. As regards to privacy, we present a pay-by-phone parking system which enables drivers to pay for public parking while preserving their privacy, and thus impeding the service provider or an attacker to obtain a profile of parking behaviors. Finally, we offer better protocols for smart metering, especially regarding privacy and the avoidance of trusted third parties

Data Encryption and Authetication Using Public Key Approach

AbstractToday various numbers of diverse applications that include e- payments in secure commerce and payment applications to provide security for their communications and transactions by protecting passwords. Encryption is a fundamental tool for the protection of sensitive information. The purpose is to use encryption is privacy for preventing disclosure or confidentiality in during communications. In this paper, we proposed a new method which is based on the Euler's Totient theorem to produce a set of numbers that encrypt the data stream and then we used our proposed method using an ECC approach to generate the signature key which is added to encrypt data before transmission and decryption operation and a signature can verify at the receiver site

Testing Data Security Using a Vigenere Cipher Based on the QR Code

Data, especially personal data, is sensitive and if misused, it can become a source of threats and crimes for ourselves or for others. Therefore, data security is very important. Cryptography is a way to secure data that aims to safeguard the information that contained in data, so the information contained is not known by unauthorized parties. Vigenere Cipher is a cryptographic method used to hide data with steganography. In the process, the Vigenere cipher converts information called plain text into ciphertext or text that has been steganographed. In this research, process of encryption was carried out on the text based on the given key. The results of the text encryption were stored in the form of a QR-Code which can later be decrypted from the QR-Code using the key, so that the text contained in the QR-Code can be identified

Comments on Micorpayment Schemes for Multi-Merchants with Anonymity and Untraceability

[[conferencetype]]國內[[conferencedate]]20120530~20120531[[booktype]]電子版[[iscallforpapers]]Y[[conferencelocation]]Taichung, Taiwa

Cryptography and Its Applications in Information Security

Nowadays, mankind is living in a cyber world. Modern technologies involve fast communication links between potentially billions of devices through complex networks (satellite, mobile phone, Internet, Internet of Things (IoT), etc.). The main concern posed by these entangled complex networks is their protection against passive and active attacks that could compromise public security (sabotage, espionage, cyber-terrorism) and privacy. This Special Issue “Cryptography and Its Applications in Information Security” addresses the range of problems related to the security of information in networks and multimedia communications and to bring together researchers, practitioners, and industrials interested by such questions. It consists of eight peer-reviewed papers, however easily understandable, that cover a range of subjects and applications related security of information

SYNERGY OF BUILDING CYBERSECURITY SYSTEMS

The development of the modern world community is closely related to advances in computing resources and cyberspace. The formation and expansion of the range of services is based on the achievements of mankind in the field of high technologies. However, the rapid growth of computing resources, the emergence of a full-scale quantum computer tightens the requirements for security systems not only for information and communication systems, but also for cyber-physical systems and technologies. The methodological foundations of building security systems for critical infrastructure facilities based on modeling the processes of behavior of antagonistic agents in security systems are discussed in the first chapter. The concept of information security in social networks, based on mathematical models of data protection, taking into account the influence of specific parameters of the social network, the effects on the network are proposed in second chapter. The nonlinear relationships of the parameters of the defense system, attacks, social networks, as well as the influence of individual characteristics of users and the nature of the relationships between them, takes into account. In the third section, practical aspects of the methodology for constructing post-quantum algorithms for asymmetric McEliece and Niederreiter cryptosystems on algebraic codes (elliptic and modified elliptic codes), their mathematical models and practical algorithms are considered. Hybrid crypto-code constructions of McEliece and Niederreiter on defective codes are proposed. They can significantly reduce the energy costs for implementation, while ensuring the required level of cryptographic strength of the system as a whole. The concept of security of corporate information and educational systems based on the construction of an adaptive information security system is proposed. ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print) ------------------------------------------------------------------------------------------------------------------ How to Cite: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2 ------------------------------------------------------------------------------------------------------------------ Indexing:                    Розвиток сучасної світової спільноти тісно пов’язаний з досягненнями в області обчислювальних ресурсів і кіберпростору. Формування та розширення асортименту послуг базується на досягненнях людства у галузі високих технологій. Однак стрімке зростання обчислювальних ресурсів, поява повномасштабного квантового комп’ютера посилює вимоги до систем безпеки не тільки інформаційно-комунікаційних, але і до кіберфізичних систем і технологій. У першому розділі обговорюються методологічні основи побудови систем безпеки для об'єктів критичної інфраструктури на основі моделювання процесів поведінки антагоністичних агентів у систем безпеки. У другому розділі пропонується концепція інформаційної безпеки в соціальних мережах, яка заснована на математичних моделях захисту даних, з урахуванням впливу конкретних параметрів соціальної мережі та наслідків для неї. Враховуються нелінійні взаємозв'язки параметрів системи захисту, атак, соціальних мереж, а також вплив індивідуальних характеристик користувачів і характеру взаємовідносин між ними. У третьому розділі розглядаються практичні аспекти методології побудови постквантових алгоритмів для асиметричних криптосистем Мак-Еліса та Нідеррейтера на алгебраїчних кодах (еліптичних та модифікованих еліптичних кодах), їх математичні моделі та практичні алгоритми. Запропоновано гібридні конструкції криптокоду Мак-Еліса та Нідеррейтера на дефектних кодах. Вони дозволяють істотно знизити енергетичні витрати на реалізацію, забезпечуючи при цьому необхідний рівень криптографічної стійкості системи в цілому. Запропоновано концепцію безпеки корпоративних інформаційних та освітніх систем, які засновані на побудові адаптивної системи захисту інформації. ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print) ------------------------------------------------------------------------------------------------------------------ Як цитувати: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2 ------------------------------------------------------------------------------------------------------------------ Індексація:                 &nbsp

A Review on Smart Cart Shopping System Using IOT

The internet of things (IOT) is changing human lives by connecting everyday objects together. Nowadays shopping at big malls is a daily activity in metro cities. One can see a huge rush at malls on holidays and on special discount days. People purchase different items and put them in trolleys and go to billing counter for payments. In that time, they have to wait in a long queue to get their products scanned using RFID reader with help of barcode scanner and get their billed. To modify that customer has to purchase in smart way in shopping malls. Each and e very product is attached with a RFID tags, when placed into a smart shopping cart, can be automatically read by a cart equipped with a RFID reader, so that the billing can be conducted from the shopping cart itself. In this way, customer can avoid waiting in a long queue at the checkout points. For this system, additional smart shelving can be added and equipped with RFID reader and can monitor stock, also updating central server, server knows the status of the items in the store. The inventory management also becomes much easier, because all the items can be automatically read by a RFID reader instead of manually scanned by the laborer

A Comprehensive Study on Crypto-Algorithms

In the field of computer network and security, cryptography plays a vital role for secure data transmission as it follows the principle of data confidentiality, integrity, non-repudiation, authentication. By using several cryptographic algorithms, a user can deliver and receive the message in more convenient way. In this paper, we have collaborated on various cryptographic algorithms, several types of cryptographic techniques along with different types of security attacks prevailing in case of cryptography. During the exchanging of any sort of information, the key generation, encryption and decryption processes are examined in more details in the current paper. We have discussed regarding RSA (Ron Rives, Adi Shamir and Len Adelman), which is one of the most secure algorithm in the context of data and information sharing, that has been analysed clearly in our work along with the basic concepts of DES(Data Encryption Standard) , conventional encryption model, ECC(Elliptic curve cryptography), Digital signature, ABE(Attribute based Encryption), KP-ABE(Key policy Attribute based encryption), CP-ABE(Ciphertext policy attribute based encryption), IBE(Identity based Encryption). We have elaborated various cryptograhic concepts for keeping the message confidential and secure while considering secured data communication in case of networks

Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review