Provably secure and efficient audio compression based on compressive sensing

The advancement of systems with the capacity to compress audio signals and simultaneously secure is a highly attractive research subject. This is because of the need to enhance storage usage and speed up the transmission of data, as well as securing the transmission of sensitive signals over limited and insecure communication channels. Thus, many researchers have studied and produced different systems, either to compress or encrypt audio data using different algorithms and methods, all of which suffer from certain issues including high time consumption or complex calculations. This paper proposes a compressing sensing-based system that compresses audio signals and simultaneously provides an encryption system. The audio signal is segmented into small matrices of samples and then multiplied by a non-square sensing matrix generated by a Gaussian random generator. The reconstruction process is carried out by solving a linear system using the pseudoinverse of Moore-Penrose. The statistical analysis results obtaining from implementing different types and sizes of audio signals prove that the proposed system succeeds in compressing the audio signals with a ratio reaching 28% of real size and reconstructing the signal with a correlation metric between 0.98 and 0.99. It also scores very good results in the normalized mean square error (MSE), peak signal-to-noise ratio metrics (PSNR), and the structural similarity index (SSIM), as well as giving the signal a high level of security

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations

A Lightweight Scheme to Authenticate and Secure the Communication in Smart Grids

Self-reconfiguration in electrical power grids is a significant tool for their planning and operation during both normal and abnormal conditions. The increasing in employment of Intelligent Electronic Devices (IEDs), as well as the rapid growth of the new communication technologies have increased the application of Feeder Automation (FA) in Distribution Networks (DNs). In a Smart Grid (SG), automation equipment, such as a Smart Breaker (SB), is used. Using either a wired or a wireless network or even a combination of both, communication between the Control Center (CC) and SBs can be made. Nowadays, wireless technology is widely used in the communication of DNs. This may cause several security vulnerabilities in the power system, such as remote attacks, with the goal of cutting off the electrical power provided to significant consumers. Therefore, to preserve the cybersecurity of the system, there is a need for a secure scheme. The available literature investments proposed a heavyweight level in security schemes, while the overhead was not considered. To overcome this drawback, this paper presents an efficient lightweight authentication mechanism with the necessary steps to ensure real-time automatic reconfiguration during a fault. As a first stage, authentication will be made between CC and SB, SB then sends the information about its status. To ensure the integrity of the authentication exchange, a hash function is used, while the symmetric algorithm is used to ensure privacy. The applicability of the suggested scheme has been proved by conducting security performance and analysis. The proposed scheme will be injected on ABB medium voltage breaker with the REF 542plus controller. Therefore, the probable benefit of the suggested scheme is the contribution to provide more flexibility for electrical utilities in terms of reducing the overall computational overhead and withstanding to various types of attacks, while also opening new prospects in FA of SGs

Lightweight Integrity Preserving Scheme for Secure Data Exchange in Cloud-Based IoT Systems

The information obtained from external sources within the cloud and the resulting computations are not always reliable. This is attributed to the absence of tangible regulations and information management on the part of the information owners. Although numerous techniques for safeguarding and securing external information have been developed, security hazards in the cloud are still problematic. This could potentially pose a significant challenge to the effective adoption and utilization of cloud technology. In terms of performance, many of the existing solutions are affected by high computation costs, particularly in terms of auditing. In order to reduce the auditing expenses, this paper proposes a well-organised, lightweight system for safeguarding information through enhanced integrity checking. The proposed technique implements a cryptographic hash function with low-cost mathematic operations. In addition, this paper explores the role of a semi-trusted server with regard to smart device users. This facilitates the formal management of information prior to distribution through the IoT-cloud system. Essentially, this facilitates the validation of the information stored and exchanged in this environment. The results obtained show that the proposed system is lightweight and offers features such as a safeguarding capability, key management, privacy, decreased costs, sufficient security for smart device users, one-time key provision, and high degree of accuracy. In addition, the proposed method exhibits lower computation complexity and storage expenses compared with those of other techniques such as bilinear map-based systems

Ensuring Data Integrity Scheme Based on Digital Signature and Iris Features in Cloud

Cloud computing is a novel paradigm that allows users to remotely access their data through web- based tools and applications. Later, the users do not have the ability to monitor or arrange their data. In this case, many security challenges have been raised. One of these challenges is data integrity. Contentiously, the user cannot access his data directly and he could not know whether his data is modified or not. Therefore, the cloud service provider should provide efficient ways for the user to ascertain whether the integrity of his data is protected or compromised. In this paper, we focus on the problem of ensuring the integrity of data stored in the cloud. Additionally, we propose a method which combines biometric and cryptography techniques in a cost-effective manner for data owners to gain trust in the cloud. We present efficient and secure integrity based on the iris feature extraction and digital signature.  Iris recognition has become a new, emergent approach to individual identification in the last decade. It is one of the most accurate identity verification systems. This technique gives the cloud user more confidence in detecting any block that has been changed. Additionally, our proposed scheme employs user’s iris features to secure and integrate data in a manner difficult for any internal or external unauthorized entity to take or compromise it. Iris recognition is an internal organ that is well protected against damage and wear by a highly transparent and sensitive membrane. Extensive security and performance analysis show that our proposed scheme is highly efficient and provably secure

Lightweight Secure Message Delivery for E2E S2S Communication in the IoT-Cloud System

The continuous increase in the use of smart devices and the need for E2E smart2smart (S2S) services in IoT systems play effective and contemporary roles in the field of communication, and a large amount of resources is required. Thus, IoTs and cloud computing must be integrated. One of the results of this integration is the increase in the number of attacks and vulnerabilities in the E2E S2S message delivery service of such an IoT-cloud system. However, none of the traditional security solutions can be sufficiently regarded as a secure and lightweight mechanism for ensuring that the security requirements for E2E S2S message transmission in the IoT-cloud system are fulfilled. This work aims to provide an efficient and secure, lightweight E2E S2S message delivery function, which includes the E2E S2S secure key and biometric parameter exchange function, a bio-shared parameter and bio-key generation function, secure lightweight E2E S2S communication negotiation and secure E2E S2S lightweight message delivery. The secure, lightweight cryptographic communication procedure is negotiated between a pair of smart devices during each E2E session to minimize the power consumption required of limited-energy devices. Such a negotiation process prevents known attacks by providing responsive mutual authentication. Lightweight message delivery by the two smart devices can satisfy the basic security requirements of E2E communication and ensure that the computational cost required for a real-time system is as low as possible