Search results for: Message Authentication Code (MAC)

Authors: Syed Umair Aziz, Muhammad Faheem, Sameer Hussain, Faraz Idris

Abstract:

Content centric network is the network based on the mechanism of sending and receiving the data based on the interest and data request to the specified node (which has cached data). In this network, the security is bind with the content not with the host hence making it host independent and secure. In this network security is applied by taking content’s MAC (message authentication code) and encrypting it with the public key of the receiver. On the receiver end, the message is first verified and after verification message is saved and decrypted using the receiver's private key.

Keywords: content centric network, client-server, host security threats, message authentication code, named data network, network caching, peer-to-peer

Procedia PDF Downloads 611

Authors: Eun-Jun Yoon

Abstract:

Deniable authentication protocol is a new security authentication mechanism which can enable a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. In 2013, Kar proposed a secure ID-based deniable authentication protocol whose security is based on computational infeasibility of solving Elliptic Curve Diffie-Hellman Problem (ECDHP). Kar claimed that the proposed protocol achieves properties of deniable authentication, mutual authentication, and message confidentiality. However, this paper points out that Kar's protocol still suffers from sender spoofing attack and message modification attack unlike its claims.

Keywords: deniable authentication, elliptic curve cryptography, Diffie-Hellman problem, cryptanalysis

Procedia PDF Downloads 295

Authors: Hailang Yang

Abstract:

To ensure the confidentiality and integrity of speech signals in communication transmission, this paper proposes a voice signal encryption scheme based on chaotic theory. Firstly, the scheme utilizes chaotic mapping to generate a key stream and then employs the key stream to perform bitwise exclusive OR (XOR) operations for encrypting the speech signal. Additionally, the scheme utilizes a chaotic hash function to generate a Message Authentication Code (MAC), which is appended to the encrypted data to verify the integrity of the data. Subsequently, we analyze the security performance and encryption efficiency of the scheme, comparing and optimizing it against existing solutions. Finally, experimental results demonstrate that the proposed scheme can resist common attacks, achieving high-quality encryption and speed.

Keywords: chaotic theory, XOR encryption, chaotic hash function, Message Authentication Code (MAC)

Procedia PDF Downloads 15

Authors: N. Pitcheswara Rao

Abstract:

In the process of conveying the information there may be a chance of signal being corrupted which leads to the erroneous bits in the message. The message may consist of single, double and multiple bit errors. In high-reliability applications, memory can sustain multiple soft errors due to single or multiple event upsets caused by environmental factors. The traditional hamming code with SEC-DED capability cannot be address these types of errors. It is possible to use powerful non-binary BCH code such as Reed-Solomon code to address multiple errors. However, it could take at least a couple dozen cycles of latency to complete first correction and run at a relatively slow speed. In order to overcome this drawback i.e., to increase speed and latency we are using reed-Muller code.

Keywords: SEC-DED, BCH code, Reed-Solomon code, Reed-Muller code

Procedia PDF Downloads 397

Authors: Che-Wei Lee, Bay-Erl Lai

Abstract:

A new steganographic method via the use of numeric data on public websites with self-authentication capability is proposed. The proposed technique transforms a secret message into partial shares by Shamir’s (k, n)-threshold secret sharing scheme with n = k + 1. The generated k+1 partial shares then are embedded into the selected numeric items in a website as if they are part of the website’s numeric content. Afterward, a receiver links to the website and extracts every k shares among the k+1 ones from the stego-numeric-content to compute k+1 copies of the secret, and the phenomenon of value consistency of the computed k+1 copies is taken as an evidence to determine whether the extracted message is authentic or not, attaining the goal of self-authentication of the extracted secret message. Experimental results and discussions are provided to show the feasibility and effectiveness of the proposed method.

Keywords: steganography, data hiding, secret authentication, secret sharing

Procedia PDF Downloads 216

Authors: Pitcheswara Rao Nelapati

Abstract:

In the process of conveying the information there may be a chance of signal being corrupted which leads to the erroneous bits in the message. The message may consist of single, double and multiple bit errors. In high-reliability applications, memory can sustain multiple soft errors due to single or multiple event upsets caused by environmental factors. The traditional hamming code with SEC-DED capability cannot be address these types of errors. It is possible to use powerful non-binary BCH code such as Reed-Solomon code to address multiple errors. However, it could take at least a couple dozen cycles of latency to complete first correction and run at a relatively slow speed. In order to overcome this drawback i.e., to increase speed and latency we are using reed-Muller code.

Keywords: SEC-DED, BCH code, Reed-Solomon code, Reed-Muller code

Procedia PDF Downloads 383

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 339

Authors: S. Malarvizhi, S. Sadiq Basha, M. Santhosh Kumar, K. Saravanan, R. Sasikumar, R. Satheesh

Abstract:

This is a web based application which provides authorization for the vehicle identification and registration. It also provides mutual authentication between the police and users in order to avoid misusage. The QR code generation in this application overcomes the difficulty in the manual registration of the vehicle documents. This generated QR code is placed in the number plates of the vehicles. The QR code is scanned using the QR Reader installed in the smart devices. The police officials can check the vehicle details and file cases on accidents, theft and traffic rules violations using QR code. In addition to vehicle insurance payments and renewals, the renewal alert is sent to the vehicle owner about payment deadline. The non-permitted vehicles can be blocked in the next check-post by sending the alert messages.

Keywords: QR code, QR reader, registration, authentication, idenfication

Procedia PDF Downloads 450

Authors: Hashim Ali, Sheheryar Khan

Abstract:

Security for applications is always been a keen issue of concern. In general, security is to allow access of grant to legal user or to deny non-authorized access to the system. Shoulder surfing is an observation technique to hack an account or to enter into a system. When a malicious observer is capturing or recording the fingers of a user while he is entering sensitive inputs (PIN, Passwords etc.) and may be able to observe user’s password credential. It is very rigorous for a novice user to prevent himself from shoulder surfing or unaided observer in a public place while accessing his account. In order to secure the user account, there are five factors of authentication; they are: “(i) something you have, (ii) something you are, (iii) something you know, (iv) somebody you know, (v) something you process”. A technique has been developed of fifth-factor authentication “something you process” to provide novel approach to the user. In this paper, we have applied position based operational code authentication in such a way to more easy and user friendly to the user.

Keywords: shoulder surfing, malicious observer, sensitive inputs, authentication

Procedia PDF Downloads 235

Authors: Mohammad A. Alia, Abdelfatah Aref Tamimi, Omaima N. A. Al-Allaf

Abstract:

This paper reviews a comparison study on the most common used authentication methods. Some of these methods are actually based on cryptography. In this study, we show the main cryptographic services. Also, this study presents a specific discussion about authentication service, since the authentication service is classified into several categorizes according to their methods. However, this study gives more about the real life example for each of the authentication methods. It talks about the simplest authentication methods as well about the available biometric authentication methods such as voice, iris, fingerprint, and face authentication.

Keywords: information security, cryptography, system access control, authentication, network security

Procedia PDF Downloads 431

Authors: Divyans Mahansaria

Abstract:

User authentication is an important security measure for protecting confidential data and systems. However, the vulnerability while authenticating into a system has significantly increased. Thus, necessary mechanisms must be deployed during the process of authenticating a user to safeguard him/her from the vulnerable attacks. The proposed solution implements a novel authentication mechanism to counter various forms of security breach attacks including phishing, Trojan horse, replay, key logging, Asterisk logging, shoulder surfing, brute force search and others. QR code (Quick Response Code) is a type of matrix barcode or two-dimensional barcode that can be used for storing URLs, text, images and other information. In the proposed solution, during each new authentication request, a QR code is dynamically generated and presented to the user. A piece of generic information is mapped to plurality of elements and stored within the QR code. The mapping of generic information with plurality of elements, randomizes in each new login, and thus the QR code generated for each new authentication request is for one-time use only. In order to authenticate into the system, the user needs to decode the QR code using any QR code decoding software. The QR code decoding software needs to be installed on handheld mobile devices such as smartphones, personal digital assistant (PDA), etc. On decoding the QR code, the user will be presented a mapping between the generic piece of information and plurality of elements using which the user needs to derive cipher secret information corresponding to his/her actual password. Now, in place of the actual password, the user will use this cipher secret information to authenticate into the system. The authentication terminal will receive the cipher secret information and use a validation engine that will decipher the cipher secret information. If the entered secret information is correct, the user will be provided access to the system. Usability study has been carried out on the proposed solution, and the new authentication mechanism was found to be easy to learn and adapt. Mathematical analysis of the time taken to carry out brute force attack on the proposed solution has been carried out. The result of mathematical analysis showed that the solution is almost completely resistant to brute force attack. Today’s standard methods for authentication are subject to a wide variety of software, hardware, and human attacks. The proposed scheme can be very useful in controlling the various types of authentication related attacks especially in a networked computer environment where the use of username and password for authentication is common.

Keywords: authentication, QR code, cipher / decipher text, one time password, secret information

Procedia PDF Downloads 240

Authors: Senthuran Manoharan, Rathesan Sivagananalingam

Abstract:

One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.

Keywords: authentication, adaptive authentication, machine learning, security

Procedia PDF Downloads 198

Authors: Carlos Gonzalez

Abstract:

When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI).

Keywords: authentication, digital signature, keystroke dynamics, personal rhythm, public-key encryption

Procedia PDF Downloads 263

Authors: Wen Shyong Hsieh, Chih Hsueh Lin

Abstract:

In this paper, we combine the concepts of chameleon hash function (CHF) and identification based cryptography (IBC) to build a message authentication environment for VANET under sparse RSUs. Based on the CHF, TA keeps two common secrets that will be embedded to all identities to be as the evidence of mutual trusting. TA will issue one original identity to every RSU and vehicle. An identity contains one public ID and one private key. The public ID, includes three components: pseudonym, random key, and public key, is used to present one entity and can be verified to be a legal one. The private key is used to claim the ownership of the public ID. Based on the concept of IBC, without any negotiating process, a CHF pairing key multiplied by one private key and other’s public key will be used for mutually trusting and to be utilized as the session key of secure communicating between RSUs and vehicles. To help the vehicles to do message authenticating, the RSUs are assigned to response the vehicle’s temple identity request using two short time secretes that are broadcasted by TA. To light the loading of request information, one day is divided into M time slots. At every time slot, TA will broadcast two short time secretes to all valid RSUs for that time slot. Any RSU can response the temple identity request from legal vehicles. With the collected announcement of public IDs from the neighbor vehicles, a vehicle can set up its neighboring set, which includes the information about the neighbor vehicle’s temple public ID and temple CHF pairing key that can be derived by the private key and neighbor’s public key and will be used to do message authenticating or secure communicating without the help of RSU.

Keywords: Internet of Vehicles (IOV), Vehicular Ad-hoc Networks (VANETs), Chameleon Hash Function (CHF), message authentication

Procedia PDF Downloads 358

Authors: Michał Glet, Kamil Kaczyński

Abstract:

Counterfeit goods and documents are a global problem, which needs more and more sophisticated methods of resolving it. Existing techniques using watermarking or embedding symbols on objects are not suitable for all use cases. To address those special needs, we created complete system allowing authentication of paper documents and physical objects with flat surface. Objects are marked using orientation independent and resistant to camera noise 2D graphic codes, named DotAuth. Based on the identifier stored in 2D code, the system is able to perform basic authentication and allows to conduct more sophisticated analysis methods, e.g., relying on augmented reality and physical properties of the object. In this paper, we present the complete architecture, algorithms and applications of the proposed system. Results of the features comparison of the proposed solution and other products are presented as well, pointing to the existence of many advantages that increase usability and efficiency in the means of protecting physical objects.

Keywords: anti-forgery, authentication, paper documents, security

Procedia PDF Downloads 101

Authors: N. Meddeb, A. M. Makhlouf, M. A. Ben Ayed

Abstract:

Due to the real-time requirement of message in Vehicular Ad hoc NETworks (VANET), it is necessary to authenticate vehicles to achieve security, efficiency, and conditional privacy-preserving. Privacy is of utmost relevance in VANETs. For this reason, we have proposed a new protocol called ‘Multilevel Authentication Protocol’ (MAP) that considers different vehicle categories. The proposed protocol is based on our Multilevel Authentication protocol for Vehicular networks (MAVnet). But the MAP leads to human safety, where the priority is given to the ambulance vehicles. For evaluation, we used the Java language to develop a demo application and deployed it on the Network Security Simulation (Nessi2). Compared with existing authentication protocols, MAP markedly enhance the communication overhead and decreases the delay of exchanging messages while preserving conditional privacy.

Keywords: Vehicular Ad hoc NETworks (VANET), vehicle categories, safety, databases, privacy, authentication, throughput, delay

Procedia PDF Downloads 262

Authors: Ossama Al-Maliki

Abstract:

The Europay, MasterCard, and Visa (EMV) is the transaction protocol for most of the world and especially in Europe and the UK. EMV protocol consists of three main stages which are: card authentication, cardholder verification methods, and transaction authorization. This paper details in full the EMV card authentications. We have used AVISPA and SPAN tools to do our modulization for the EMV card authentications. The code for each type of the card authentication was written by using CAS+ language. The results showed that our modulations were successfully addressed all the steps of the EMV card authentications and the entire process of the EMV card authentication are secured. Also, our modulations were successfully addressed all the main goals behind the EMV card authentications according to the EMV specifications.

Keywords: EMV, card authentication, contactless card, SDA, DDA, CDA AVISPA

Procedia PDF Downloads 148

Authors: Yo Han Choi, Hee Suk Seo, Seung Hwan Ju, Sung Hyu Han

Abstract:

As currently various portable devices were launched, smart business conducted using them became common. Since smart business can use company-internal resources in an external remote place, user authentication that can identify authentic users is an important factor. Commonly used user authentication is a method of using user ID and Password. In the user authentication using ID and Password, the user should see and enter authentication information him or herself. In this user authentication system depending on the user’s vision, there is the threat of password leaks through snooping in the process which the user enters his or her authentication information. This study designed and produced a user authentication module using an actuator to respond to the snooping threat.

Keywords: actuator, user authentication, security evaluation, haptic actuator

Procedia PDF Downloads 320

Authors: Sandhya Armoogum

Abstract:

In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described. This reference monitor entity on the remote host may also provide several security services such as authentication and integrity to the mobile code.

Keywords: security, mobile agents, reference monitor, trust

Procedia PDF Downloads 411

Authors: C. P. Autry, A. W. Roscoe, Mykhailo Magal

Abstract:

We discuss the theoretical model underlying 2BPA (two-band peer authentication), a practical alternative to conventional authentication of entities and data in IoT. In essence, this involves assembling a virtual map of authentication assets in the network, typically leading to many paths of confirmation between any pair of entities. This map is continuously updated, confirmed, and evaluated. The value of authentication along multiple disjoint paths becomes very clear, and we require analogues of triangulation to extend authentication along extended paths and deliver it along all possible paths. We discover that if an attacker wants to make an honest node falsely believe she has authenticated another, then the length of the authentication paths is of little importance. This is because optimal attack strategies correspond to minimal cuts in the authentication graph and do not contain multiple edges on the same path. The authentication provided by disjoint paths normally is additive (in entropy).

Keywords: authentication, edge computing, industrial IoT, post-quantum resistance

Procedia PDF Downloads 167

Authors: Walid Abdallah, Noureddine Boudriga

Abstract:

Wireless sensor networks have shown their effectiveness in the deployment of many critical applications especially in the military domain. Border surveillance is one of these applications where a set of wireless sensors are deployed along a country border line to detect illegal intrusion attempts to the national territory and report this to a control center to undergo the necessary measures. Regarding its nature, this wireless sensor network can be the target of many security attacks trying to compromise its normal operation. Particularly, in this application the deployment and location of sensor nodes are of great importance for detecting and tracking intruders. This paper proposes a location-based authentication and key distribution mechanism to secure wireless sensor networks intended for border surveillance where the key establishment is performed using elliptic curve cryptography and identity-based public key scheme. In this scheme, the public key of each sensor node will be authenticated by keys that depend on its position in the monitored area. Before establishing a pairwise key between two nodes, each one of them must verify the neighborhood location of the other node using a message authentication code (MAC) calculated on the corresponding public key and keys derived from encrypted beacon messages broadcast by anchor nodes. We show that our proposed public key authentication and key distribution scheme is more resilient to node capture and node replication attacks than currently available schemes. Also, the achievement of the key distribution between nodes in our scheme generates less communication overhead and hence increases network performances.

Keywords: wireless sensor networks, border surveillance, security, key distribution, location-based

Procedia PDF Downloads 631

Authors: Rasheed Gbenga Jimoh, Akinbowale Nathaniel Babatunde

Abstract:

The use of Automated Teller Machine (ATM) has become an important tool among commercial banks, customers of banks have come to depend on and trust the ATM conveniently meet their banking needs. Although the overwhelming advantages of ATM cannot be over-emphasized, its alarming fraud rate has become a bottleneck in it’s full adoption in Nigeria. This study examined the menace of ATM in the society another cost of running ATM services by banks in the country. The researcher developed a prototype of an enhanced Automated Teller Machine Authentication using Short Message Service (SMS) Verification. The developed prototype was tested by Ten (10) respondents who are users of ATM cards in the country and the data collected was analyzed using Statistical Package for Social Science (SPSS). Based on the results of the analysis, it is being envisaged that the developed prototype will go a long way in reducing the alarming rate of ATM fraud in Nigeria.

Keywords: ATM, ATM fraud, e-banking, prototyping

Procedia PDF Downloads 276

Authors: Ejd Garba, Okike Benjamin

Abstract:

Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.

Keywords: arithmetic, cyber space, modulo-2, information security

Procedia PDF Downloads 277

Authors: Aisha Iddrisu, Ferruh Uztuğ

Abstract:

This study is a quantitative content analysis of advertising message strategies used in Ghana’s TV commercials (2020-2021) using the modified strategy of Wang and Praet (2016) with the objective of exploring the various advertising message strategies used in Ghana’s TV advertisement, its variation according to product category including the most widely used message strategy. The findings indicate that, out of the 220 commercials used in the study, the Affective message strategy (n=122, 55%) was the dominant message strategy used in Ghana’s TV commercials. The most advertised product category in Ghana’s TV commercials (2020-2021) was the food category, and a significant relationship was observed between message strategy and product category as well as message strategy and brand type.

Keywords: advertising, message strategy, Ghana, television

Procedia PDF Downloads 150

Authors: Wassim Bekai

Abstract:

Code switching, as its name states, is altering between two or more languages in one sentence. The speaker tends to use code switching in his/her speech for better clarification of his/her message to the receiver. It is commonly used in sociocultural countries such as Lebanon because of the various cultures that have come across its lands through history, considering Lebanon is geographically located in the heart of the world, and hence between many cultures and languages. In addition, Lebanon was occupied by Turkish authorities for about 400 years, and later on by the French mandate, where both of these countries forced their languages in official papers and in the Lebanese educational system. In this paper, the importance of code switching in the Lebanese workplace will be examined, stressing the efficiency and amount of the production resulting from code switching in the workplace (factories, universities among other places) in addition to exploring the social, education, religious and cultural factors behind this phenomenon in Lebanon.

Keywords: code switching, Lebanon, cultural, factors

Procedia PDF Downloads 245

Authors: Newroz Nooralddin Abdulrazaq, Thuraya Mahmood Qaradaghi

Abstract:

The McEliece cryptosystem is an asymmetric type of cryptography based on error correction code. The classical McEliece used irreducible binary Goppa code which considered unbreakable until now especially with parameter [1024, 524, and 101], but it is suffering from large public key matrix which leads to be difficult to be used practically. In this work Irreducible and Separable Goppa codes have been introduced. The Irreducible and Separable Goppa codes used are with flexible parameters and dynamic error vectors. A Comparison between Separable and Irreducible Goppa code in McEliece Cryptosystem has been done. For encryption stage, to get better result for comparison, two types of testing have been chosen; in the first one the random message is constant while the parameters of Goppa code have been changed. But for the second test, the parameters of Goppa code are constant (m=8 and t=10) while the random message have been changed. The results show that the time needed to calculate parity check matrix in separable are higher than the one for irreducible McEliece cryptosystem, which is considered expected results due to calculate extra parity check matrix in decryption process for g2(z) in separable type, and the time needed to execute error locator in decryption stage in separable type is better than the time needed to calculate it in irreducible type. The proposed implementation has been done by Visual studio C#.

Keywords: McEliece cryptosystem, Goppa code, separable, irreducible

Procedia PDF Downloads 235

Authors: Neetesh Saxena, Narendra S. Chaudhari

Abstract:

Nowadays, SMS is a very popular mobile service and even the poor, illiterate people and those living in rural areas use SMS service very efficiently. Although many mobile operators have already started 3G and 4G services, 2G services are still being used by the people in many countries. In 2G (GSM), only encryption provided is between the MS and the BTS, there is no end-to-end encryption available. Sometimes we all need to send some confidential message to other person containing bank account number, some password, financial details, etc. Normally, a message is sent in plain text only to the recipient and it is not an acceptable standard for transmitting such important and confidential information. Authors propose an end-to-end encryption approach by proposing a terminal for sending/receiving a secure message. An asymmetric key exchange algorithm is used in order to transmit secret shared key securely to the recipient. The proposed approach with terminal device provides authentication, confidentiality, integrity and non-repudiation.

Keywords: AES, DES, Diffie-Hellman, ECDH, A5, SMS

Procedia PDF Downloads 379

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 397

Authors: Mohammed Salem Atoum

Abstract:

The success of audio steganography is to ensure imperceptibility of the embedded message in stego file and withstand any form of intentional or un-intentional degradation of message (robustness). Audio steganographic that utilized LSB of audio stream to embed message gain a lot of popularity over the years in meeting the perceptual transparency, robustness and capacity. This research proposes an XLSB technique in order to circumvent the weakness observed in LSB technique. Scrambling technique is introduce in two steps; partitioning the message into blocks followed by permutation each blocks in order to confuse the contents of the message. The message is embedded in the MP3 audio sample. After extracting the message, the permutation codebook is used to re-order it into its original form. Md5sum and SHA-256 are used to verify whether the message is altered or not during transmission. Experimental result shows that the XLSB performs better than LSB.

Keywords: XLSB, scrambling, audio steganography, security

Procedia PDF Downloads 340

Authors: C. P. Autry, A.W. Roscoe

Abstract:

Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.

Keywords: authentication, enterprise IoT cybersecurity, PKI/TTP, IoT space

Procedia PDF Downloads 136