Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3

Discussions about the choice of a tree hash mode of operation for a standardization have recently been undertaken. It appears that a single tree mode cannot address adequately all possible uses and specifications of a system. In this paper, we review the tree modes which have been proposed, we discuss their problems and propose remedies. We make the reasonable assumption that communicating systems have different specifications and that software applications are of different types (securing stored content or live-streamed content). Finally, we propose new modes of operation that address the resource usage problem for the three most representative categories of devices and we analyse their asymptotic behavior

CKMI: Comprehensive Key Management Infrastructure Design for Industrial Automation and Control Systems

Industrial Automation and Control Systems (IACS) are broadly utilized in critical infrastructures for monitoring and controlling the industrial processes remotely. The real-time transmissions in such systems provoke security breaches. Many security breaches have been reported impacting society severely. Hence, it is essential to achieve secure communication between the devices for creating a secure environment. For this to be effective, the keys used for secure communication must be protected against unauthorized disclosure, misuse, alteration or loss, which can be taken care of by a Key Management Infrastructure. In this paper, by considering the generic industrial automation network, a comprehensive key management infrastructure (CKMI) is designed for IACS. To design such an infrastructure, the proposed scheme employs ECDH, matrix method, and polynomial crypto mechanisms. The proposed design handles all the standard key management operations, viz. key generation, device registration, key establishment, key storage, device addition, key revocation, key update, key recovery, key archival, and key de-registration and destruction. The design supports secure communication between the same and different levels of IACS devices. The proposed design can be applied for major industrial automation networks to handle the key management operations. The performance analysis and implementation results highlight the benefits of the proposed design

Optimal Witnessing of Healthcare IoT Data Using Blockchain Logging Contract

Verification of data generated by wearable sensors is increasingly becoming of concern to health service providers and insurance companies. There is a need for a verification framework that various authorities can request a verification service for the local network data of a target IoT device. In this paper, we leverage blockchain as a distributed platform to realize an on-demand verification scheme. This allows authorities to automatically transact with connected devices for witnessing services. A public request is made for witness statements on the data of a target IoT that is transmitted on its local network, and subsequently, devices (in close vicinity of the target IoT) offer witnessing service. Our contributions are threefold: (1) We develop a system architecture based on blockchain and smart contract that enables authorities to dynamically avail a verification service for data of a subject device from a distributed set of witnesses which are willing to provide (in a privacy-preserving manner) their local wireless measurement in exchange of monetary return; (2) We then develop a method to optimally select witnesses in such a way that the verification error is minimized subject to monetary cost constraints; (3) Lastly, we evaluate the efficacy of our scheme using real Wi-Fi session traces collected from a five-storeyed building with more than thirty access points, representative of a hospital. According to the current pricing schedule of the Ethereum public blockchain, our scheme enables healthcare authorities to verify data transmitted from a typical wearable device with the verification error of the order 0.01% at cost of less than two dollars for one-hour witnessing service.Comment: 12 pages, 12 figure

Security in Mobile Networks: Communication and Localization

Nowadays the mobile networks are everywhere. The world is becoming more dependent on wireless and mobile services, but the rapid growth of these technologies usually underestimates security aspects. As wireless and mobile services grow, weaknesses in network infrastructures become clearer. One of the problems is privacy. Wireless technologies can reduce costs, increase efficiencies, and make important information more readily and widely available. But, there are also risks. Without appropriate safeguards, these data can be read and modified by unauthorized users. There are many solutions, less and more effective, to protect the data from unauthorized users. But, a specific application could distinguish more data flows between authorized users. Protect the privacy of these information between subsets of users is not a trivial problem. Another problem is the reliability of the wireless service. Multi-vehicle systems composed of Autonomous Guided Vehicles (AGVs) are largely used for industrial transportation in manufacturing and logistics systems. These vehicles use a mobile wireless network to exchange information in order to coordinate their tasks and movements. The reliable dissemination of these information is a crucial operation, because the AGVs may achieve an inconsistent view of the system leading to the failure of the coordination task. This has clear safety implications. Going more in deep, even if the communication are confidential and reliable, anyway the positioning information could be corrupted. Usually, vehicles get the positioning information through a secondary wireless network system such as GPS. Nevertheless, the widespread civil GPS is extremely fragile in adversarial scenarios. An insecure distance or position estimation could produce security problems such as unauthorized accesses, denial of service, thefts, integrity disruption with possible safety implications and intentional disasters. In this dissertation, we face these three problems, proposing an original solution for each one