4 research outputs found
Implementation Cryptography and Access Control on IoT-Based Warehouse Inventory Management System
Warehousing is a product storage management activity to ensure product availability, so inventory management is needed to oversee the movement of logistics and equipment. Some things need to be considered in the storage process, such as the suitability of the storage location, safe from theft, and safe from physical disturbances. Vulnerabilities can occur when unauthorized users find out information from the database regarding stored goods, so a security mechanism for the warehouse database is needed. In addition, proper identification needs to be made of someone trying to access the database. In this research, a Warehouse Inventory Management System (WIMS) was created by implementing the AES-128 cryptographic algorithm, which was built using ESP32 and Raspberry Pi 3 devices. Time Password (T-OTP). The results show that the built system can overcome inventory problems in conventional warehousing management systems and implement data security using the AES-128 algorithm. The application of two-factor authentication in the form of smartcards and T-OTP shows very good results in testing its accuracy to overcome the vulnerability of unauthorized access to the system databas
Improving Security of Crypto Wallets in Blockchain Technologies
A big challenge in blockchain and cryptocurrency is securing the private key from potential hackers. Nobody can rollback a transaction made with a stolen key once the network confirms it. The technical solution to protect private keys is the cryptocurrency wallet, software, hardware, or a combination to manage the keys. In this dissertation, we try to investigate the significant challenges in existing cryptocurrency wallets and propose innovative solutions. Firstly, almost all cryptocurrency wallets suffer from the lack of a secure and convenient backup and recovery process. We offer a new cryptographic scheme to securely back up a hardware wallet relying on the side-channel human visual verification on the hardware wallet. Another practical mechanism to protect the funds is splitting the money between two wallets with small and large amounts. We propose a new scheme to create hierarchical wallets that we call deterministic sub-wallet to achieve this goal. The user can send funds from the wallet with a large amount to a smaller one in a secure way. We propose a multilayered architecture for cryptocurrency wallets based on a Defense-in-Depth strategy to protect private keys with a balance between convenience and security. The user protects the private keys in three restricted layers with different protection mechanisms. Finally, we try to solve another challenge in cryptocurrencies, which is losing access to private keys by its user, resulting in inaccessible coins. We propose a new mechanism called lean recovery transaction to tackle this problem. We make a change in wallet key management to generate a recovery transaction when needed. We implement a proof-of-concept for all of our proposals on a resource-constraint hardware wallet with a secure element, an embedded display, and one physical button. Furthermore, we evaluate the performance of our implementation and analyze the security of our proposed mechanisms
Improving key exchange protocols based on sender and receiver electronic identification documents
ΠΡΠ΅Π΄ΠΌΠ΅Ρ ΡΠ°Π΄Π° Π΄ΠΎΠΊΡΠΎΡΡΠΊΠ΅ Π΄ΠΈΡΠ΅ΡΡΠ°ΡΠΈΡΠ΅ ΡΠ΅ ΡΠ°Π³Π»Π΅Π΄Π°Π²Π°ΡΠ΅ Π°ΠΊΡΡΠ΅Π»Π½ΠΈΡ
ΠΏΡΠΎΠ±Π»Π΅ΠΌΠ° Π²Π΅Π·Π°Π½ΠΈΡ
Π·Π° ΠΏΠΎΡΠΌΠΎΠ²Π΅ ΡΠ°Π·ΠΌΠ΅Π½Π° ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΠΊΠΈΡ
ΠΊΡΡΡΠ΅Π²Π° ΠΈ Π°ΡΡΠ΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΡΠ° ΠΊΠΎΡΠΈΡΠ½ΠΈΠΊΠ° ΡΠΈΡΡΠ΅ΠΌΠ° Π·Π° ΡΠ°ΡΠ½Ρ ΠΊΠΎΠΌΡΠ½ΠΈΠΊΠ°ΡΠΈΡΡ. Π Π°Π΄ ΡΠ΅ Π±Π°Π²ΠΈ Π°Π½Π°Π»ΠΈΠ·ΠΎΠΌ ΠΏΠΎΡΡΠΎΡΠ΅ΡΠΈΡ
ΡΠ΅ΡΠ΅ΡΠ° Ρ ΠΎΠ±Π»Π°ΡΡΠΈ ΠΈΡΡΡΠ°ΠΆΠΈΠ²Π°ΡΠ° ΠΈ ΡΠ°Π·Π²ΠΈΡΠ°ΡΠ΅ΠΌ ΡΠΎΠΏΡΡΠ²Π΅Π½ΠΎΠ³ ΡΠΈΡΡΠ΅ΠΌΠ° Π·Π° ΡΠ°ΡΠ½Ρ ΠΊΠΎΠΌΡΠ½ΠΈΠΊΠ°ΡΠΈΡΡ.
ΠΠ°ΡΡΠ½ΠΈ ΡΠΈΡ Π΄ΠΈΡΠ΅ΡΡΠ°ΡΠΈΡΠ΅ ΡΠ΅ ΡΠ½Π°ΠΏΡΠ΅ΡΠ΅ΡΠ΅ ΠΏΡΠΎΡΠΎΠΊΠΎΠ»Π° Π·Π° ΡΠ°Π·ΠΌΠ΅Π½Ρ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΠΊΠΈΡ
ΠΊΡΡΡΠ΅Π²Π° Π½Π° Π±Π°Π·ΠΈ Π»ΠΈΡΠ½ΠΈΡ
ΠΈΠ΄Π΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΎΠ½ΠΈΡ
Π΄ΠΎΠΊΡΠΌΠ΅Π½Π°ΡΠ°. ΠΠ·Π²ΡΡΠ΅Π½Π° ΡΠ΅ Π°Π½Π°Π»ΠΈΠ·Π° ΠΏΠΎΡΡΠΎΡΠ΅ΡΠΈΡ
ΠΏΡΠΈΡΡΡΠΏΠ° Ρ ΠΎΠ±Π»Π°ΡΡΠΈ ΠΈΡΡΡΠ°ΠΆΠΈΠ²Π°ΡΠ° Ρ ΡΠΈΡΠ΅ΠΌ Π΄Π° ΡΠ΅ ΠΏΠΎΠ±ΠΎΡΡΠ° Π½ΠΈΠ²ΠΎ Π·Π°ΡΡΠΈΡΠ΅ ΠΏΡΠΈΠ»ΠΈΠΊΠΎΠΌ ΡΠ°ΡΠ½Π΅ ΠΊΠΎΠΌΡΠ½ΠΈΠΊΠ°ΡΠΈΡΠ΅ ΠΈ Π΄ΠΎΠ±ΠΈΡΠ΅ ΠΎΡΠ½ΠΎΠ²Π° Π·Π° ΡΠ°Π·Π²ΠΎΡ ΡΠΎΠΏΡΡΠ²Π΅Π½ΠΎΠ³ ΡΠΈΡΡΠ΅ΠΌΠ°. ΠΠΎΠΌΠ±ΠΈΠ½ΠΎΠ²Π°ΡΠ΅ΠΌ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΠΊΠΈΡ
ΠΌΠ΅ΡΠΎΠ΄Π° ΠΊΠΎΡΠ΅ ΠΎΠ±Π΅Π·Π±Π΅ΡΡΡΡ ΠΏΠΎΠ²Π΅ΡΡΠΈΠ²ΠΎΡΡ, Π°ΡΡΠ΅Π½ΡΠΈΡΠ½ΠΎΡΡ ΠΈ ΠΈΠ½ΡΠ΅Π³ΡΠΈΡΠ΅Ρ, ΡΠ· ΠΏΡΠΈΠΌΠ΅Π½Ρ ΡΡΠ΅Π³Π°Π½ΠΎΠ³ΡΠ°ΡΡΠΊΠΈΡ
ΠΌΠ΅ΡΠΎΠ΄Π° Π·Π° ΡΠ°Π·ΠΌΠ΅Π½Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡΠ° Π½Π° ΡΠΊΡΠΈΠ²Π΅Π½ Π½Π°ΡΠΈΠ½, ΠΊΠΎΡΠΈΡΠ½ΠΈΡΠΈΠΌΠ° ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½ΠΎΠ³ ΡΠΈΡΡΠ΅ΠΌΠ° ΡΠ΅ ΠΏΡΡΠΆΠ° ΠΌΠΎΠ³ΡΡΠ½ΠΎΡΡ Π΄Π° Π½Π° Π΅ΡΠΈΠΊΠ°ΡΠ°Π½ ΠΈ ΡΠΈΠ³ΡΡΠ°Π½ Π½Π°ΡΠΈΠ½ ΡΠ°Π·ΠΌΠ΅ΡΡΡΡ ΡΠ°ΡΠ½Π΅ ΠΏΠΎΡΡΠΊΠ΅.
ΠΠ½Π°Π»ΠΈΠ·ΠΎΠΌ ΡΠ΅Π·ΡΠ»ΡΠ°ΡΠ° ΠΈΡΡΡΠ°ΠΆΠΈΠ²Π°ΡΠ° Π·Π°ΠΊΡΡΡΠ΅Π½ΠΎ ΡΠ΅ Π΄Π° ΠΏΠΎΡΡΠΎΡΠΈ ΠΎΠΏΡΠ°Π²Π΄Π°Π½ΠΎΡΡ ΡΠΏΠΎΡΡΠ΅Π±Π΅ Π»ΠΈΡΠ½ΠΈΡ
ΠΈΠ΄Π΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΎΠ½ΠΈΡ
Π΄ΠΎΠΊΡΠΌΠ΅Π½Π°ΡΠ° Π·Π° ΡΠ°Π·ΠΌΠ΅Π½Ρ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΠΊΠΈΡ
ΠΊΡΡΡΠ΅Π²Π° ΠΊΠΎΡΠΈ ΡΠ΅ ΠΊΠΎΡΠΈΡΡΠ΅ Ρ ΡΠ°ΡΠ½ΠΎΡ ΠΊΠΎΠΌΡΠ½ΠΈΠΊΠ°ΡΠΈΡΠΈ
Secure Smart Card Signing With Time-Based Digital Signature
People use their personal computers, laptops, tablets and smart phones to digitally sign documents in company\u27s websites and other online electronic applications, and one of the main cybersecurity challenges in this process is trusted digital signature. While the majority of systems use password-based authentication to secure electronic signature, some more critical systems use USB token and smart card to prevent identity theft and implement the trusted digital signing process. Even though smart card provides stronger security, any weakness in the terminal itself can compromise the security of smart card. In this paper, we investigate current smart card digital signature, and illustrate well-known basic vulnerabilities of smart card terminal with the real implementation of two possible attacks including PIN sniffing and message alteration just before signing. As we focus on second attack in this paper, we propose a novel mechanism using time-based digital signing by smart card to defend against message alteration attack. Our prototype implementation and performance analysis illustrate that our proposed mechanism is feasible and provides stronger security. Our method uses popular timestamping protocol packets and does not require any new key distribution and certificate issuance