5,885 research outputs found
Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices
Networks are evolving toward a ubiquitous model in which heterogeneous
devices are interconnected. Cryptographic algorithms are required for developing security
solutions that protect network activity. However, the computational and energy limitations
of network devices jeopardize the actual implementation of such mechanisms. In this
paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric
cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing
based cryptography on personal agendas, and compare them with the costs of basic operating
system functions. Results show that although cryptographic power costs are high and such
operations shall be restricted in time, they are not the main limiting factor of the autonomy
of a device
Securing Internet of Things with Lightweight IPsec
Real-world deployments of wireless sensor networks (WSNs) require
secure communication. It is important that a receiver is able to verify that sensor
data was generated by trusted nodes. In some cases it may also be necessary
to encrypt sensor data in transit. Recently, WSNs and traditional IP networks
are more tightly integrated using IPv6 and 6LoWPAN. Available IPv6 protocol
stacks can use IPsec to secure data exchange. Thus, it is desirable to extend
6LoWPAN such that IPsec communication with IPv6 nodes is possible. It is
beneficial to use IPsec because the existing end-points on the Internet do not
need to be modified to communicate securely with the WSN. Moreover, using
IPsec, true end-to-end security is implemented and the need for a trustworthy
gateway is removed.
In this paper we provide End-to-End (E2E) secure communication between
an IP enabled sensor nodes and a device on traditional Internet. This is the
first compressed lightweight design, implementation, and evaluation of 6LoWPAN
extension for IPsec on Contiki. Our extension supports both IPsec's Authentication
Header (AH) and Encapsulation Security Payload (ESP). Thus,
communication endpoints are able to authenticate, encrypt and check the integrity
of messages using standardized and established IPv6 mechanisms
Dynamic Selection of Symmetric Key Cryptographic Algorithms for Securing Data Based on Various Parameters
Most of the information is in the form of electronic data. A lot of
electronic data exchanged takes place through computer applications. Therefore
information exchange through these applications needs to be secure. Different
cryptographic algorithms are usually used to address these security concerns.
However, along with security there are other factors that need to be considered
for practical implementation of different cryptographic algorithms like
implementation cost and performance. This paper provides comparative analysis
of time taken for encryption by seven symmetric key cryptographic algorithms
(AES, DES, Triple DES, RC2, Skipjack, Blowfish and RC4) with variation of
parameters like different data types, data density, data size and key sizes.Comment: 8 pages, 4 figures, Fifth International Conference on Communications
Security & Information Assurance (CSIA 2014) May 24~25, 2014, Delhi, Indi
Compiling symbolic attacks to protocol implementation tests
Recently efficient model-checking tools have been developed to find flaws in
security protocols specifications. These flaws can be interpreted as potential
attacks scenarios but the feasability of these scenarios need to be confirmed
at the implementation level. However, bridging the gap between an abstract
attack scenario derived from a specification and a penetration test on real
implementations of a protocol is still an open issue. This work investigates an
architecture for automatically generating abstract attacks and converting them
to concrete tests on protocol implementations. In particular we aim to improve
previously proposed blackbox testing methods in order to discover automatically
new attacks and vulnerabilities. As a proof of concept we have experimented our
proposed architecture to detect a renegotiation vulnerability on some
implementations of SSL/TLS, a protocol widely used for securing electronic
transactions.Comment: In Proceedings SCSS 2012, arXiv:1307.802
Privacy-Preserving Shortest Path Computation
Navigation is one of the most popular cloud computing services. But in
virtually all cloud-based navigation systems, the client must reveal her
location and destination to the cloud service provider in order to learn the
fastest route. In this work, we present a cryptographic protocol for navigation
on city streets that provides privacy for both the client's location and the
service provider's routing data. Our key ingredient is a novel method for
compressing the next-hop routing matrices in networks such as city street maps.
Applying our compression method to the map of Los Angeles, for example, we
achieve over tenfold reduction in the representation size. In conjunction with
other cryptographic techniques, this compressed representation results in an
efficient protocol suitable for fully-private real-time navigation on city
streets. We demonstrate the practicality of our protocol by benchmarking it on
real street map data for major cities such as San Francisco and Washington,
D.C.Comment: Extended version of NDSS 2016 pape
- …