An efficient FIS and RSA based Signcryption Security Scheme

No Abstrac

Efficient and Secure Key Management and Authentication Scheme for WBSNs Using CP-ABE and Consortium Blockchain

publishedVersio

A Comprehensive Survey on Signcryption Security Mechanisms in Wireless Body Area Networks

WBANs (Wireless Body Area Networks) are frequently depicted as a paradigm shift in healthcare from traditional to modern E-Healthcare. The vitals of the patient signs by the sensors are highly sensitive, secret, and vulnerable to numerous adversarial attacks. Since WBANs is a real-world application of the healthcare system, it’s vital to ensure that the data acquired by the WBANs sensors is secure and not accessible to unauthorized parties or security hazards. As a result, effective signcryption security solutions are required for the WBANs’ success and widespread use. Over the last two decades, researchers have proposed a slew of signcryption security solutions to achieve this goal. The lack of a clear and unified study in terms of signcryption solutions can offer a bird’s eye view of WBANs. Based on the most recent signcryption papers, we analyzed WBAN’s communication architecture, security requirements, and the primary problems in WBANs to meet the aforementioned objectives. This survey also includes the most up to date signcryption security techniques in WBANs environments. By identifying and comparing all available signcryption techniques in the WBANs sector, the study will aid the academic community in understanding security problems and causes. The goal of this survey is to provide a comparative review of the existing signcryption security solutions and to analyze the previously indicated solution given for WBANs. A multi-criteria decision-making approach is used for a comparative examination of the existing signcryption solutions. Furthermore, the survey also highlights some of the public research issues that researchers must face to develop the security features of WBANs.publishedVersio

Certificateless Digital Signature Technology for e-Governance Solutions

. In spite of the fact that digital signing is an essential requirement for implementation of e-governance solutions in any organization, its use in large scale Government ICT implementation is negligible in India. In order to understand the reasons for low-level acceptance of the technology, authors performed a detailed study of a famous e-governance initiative of India. The outcome of the study revealed that the reasons are related to the challenges concerning the use of cryptographic devices carrying private key and the complicated process of generation, maintenance and disposal of Digital Signature Certificates (DSC).The solution, for the challenges understood from the case study, required implementation of a certificateless technology where private keys should be generated as and when required rather than storing them on cryptographic devices. Although many solutions which provide certificateless technology exist, to date there have been no practical implementation for using biometrics for implementing the solution. This paper presents the first realistic architecture to implement Identity Based Cryptography with biometrics using RSA algorithm. The solution presented in the paper is capable of providing a certificateless digital signature technology to the users, where public and private keys are generated on-the-fly

Multi-message multi-receiver signcryption scheme based on blockchain

In conventional message communication systems, the practice of multi-message multi-receiver signcryption communication encounters several challenges, including the vulnerability to Key Generation Center (KGC) attacks, privacy breaches and excessive communication data volume. The KGC necessitates a secure channel to transmit partial private keys, thereby rendering the security of these partial private keys reliant on the integrity of the interaction channel. This dependence introduces concerns regarding the confidentiality of the private keys. Our proposal advocates for the substitution of the KGC in traditional certificateless schemes with blockchain and smart contract technology. Parameters are publicly disclosed on the blockchain, leveraging its tamper-proof property to ensure security. Furthermore, this scheme introduces conventional encryption techniques to achieve user identity privacy in the absence of a secure channel, effectively resolving the issue of user identity disclosure inherent in blockchain-based schemes and enhancing communication privacy. Moreover, users utilize smart contract algorithms to generate a portion of the encrypted private key, thereby minimizing the possibility of third-party attacks. In this paper, the scheme exhibits resilience against various attacks, including KGC leakage attacks, internal privilege attacks, replay attacks, distributed denial of service attacks and Man-in-the-Middle (MITM) attacks. Additionally, it possesses desirable security attributes such as key escrow security and non-repudiation. The proposed scheme has been theoretically and experimentally analyzed under the random oracle model, based on the computational Diffie-Hellman problem and the discrete logarithm problem. It has been proven to possess confidentiality and unforgeability. Compared with similar schemes, our scheme has lower computational cost and shorter ciphertext length. It has obvious advantages in communication and time overhead

Footsteps in the fog: Certificateless fog-based access control

The proliferating adoption of the Internet of Things (IoT) paradigm has fuelled the need for more efficient and resilient access control solutions that aim to prevent unauthorized resource access. The majority of existing works in this field follow either a centralized approach (i.e. cloud-based) or an architecture where the IoT devices are responsible for all decision-making functions. Furthermore, the resource-constrained nature of most IoT devices make securing the communication between these devices and the cloud using standard cryptographic solutions difficult. In this paper, we propose a distributed access control architecture where the core components are distributed between fog nodes and the cloud. To facilitate secure communication, our architecture utilizes a Certificateless Hybrid Signcryption scheme without pairing. We prove the effectiveness of our approach by providing a comparative analysis of its performance in comparison to the commonly used cloud-based centralized architectures. Our implementation uses Azure – an existing commercial platform, and Keycloak – an open-source platform, to demonstrate the real-world applicability. Additionally, we measure the performance of the adopted encryption scheme on two types of resource-constrained devices to further emphasize the applicability of the proposed architecture. Finally, the experimental results are coupled with a theoretical analysis that proves the security of our approach

Key management for beyond 5G mobile small cells: a survey

The highly anticipated 5G network is projected to be introduced in 2020. 5G stakeholders are unanimous that densification of mobile networks is the way forward. The densification will be realized by means of small cell technology, and it is capable of providing coverage with a high data capacity. The EU-funded H2020-MSCA project “SECRET” introduced covering the urban landscape with mobile small cells, since these take advantages of the dynamic network topology and optimizes network services in a cost-effective fashion. By taking advantage of the device-to-device communications technology, large amounts of data can be transmitted over multiple hops and, therefore, offload the general network. However, this introduction of mobile small cells presents various security and privacy challenges. Cryptographic security solutions are capable of solving these as long as they are supported by a key management scheme. It is assumed that the network infrastructure and mobile devices from network users are unable to act as a centralized trust anchor since these are vulnerable targets to malicious attacks. Security must, therefore, be guaranteed by means of a key management scheme that decentralizes trust. Therefore, this paper surveys the state-of-the-art key management schemes proposed for similar network architectures (e.g., mobile ad hoc networks and ad hoc device-to-device networks) that decentralize trust. Furthermore, these key management schemes are evaluated for adaptability in a network of mobile small cells

A review of the state of the art in privacy and security in the eHealth cloud

The proliferation and usefulness of cloud computing in eHealth demands high levels of security and privacy for health records. However, eHealth clouds pose serious security and privacy concerns for sensitive health data. Therefore, practical and effective methods for security and privacy management are essential to preserve the privacy and security of the data. To review the current research directions in security and privacy in eHealth clouds, this study has analysed and summarized the state of the art technologies and approaches reported in security and privacy in the eHealth cloud. An extensive review covering 132 studies from several peer-reviewed databases such as IEEE Xplore was conducted. The relevant studies were reviewed and summarized in terms of their benefits and risks. This study also compares several research works in the domain of data security requirements. This paper will provide eHealth stakeholders and researchers with extensive knowledge and information on current research trends in the areas of privacy and security

Selected Papers from the First International Symposium on Future ICT (Future-ICT 2019) in Conjunction with 4th International Symposium on Mobile Internet Security (MobiSec 2019)

The International Symposium on Future ICT (Future-ICT 2019) in conjunction with the 4th International Symposium on Mobile Internet Security (MobiSec 2019) was held on 17–19 October 2019 in Taichung, Taiwan. The symposium provided academic and industry professionals an opportunity to discuss the latest issues and progress in advancing smart applications based on future ICT and its relative security. The symposium aimed to publish high-quality papers strictly related to the various theories and practical applications concerning advanced smart applications, future ICT, and related communications and networks. It was expected that the symposium and its publications would be a trigger for further related research and technology improvements in this field