Timed Automaton-Based Quantitative Feasibility Analysis of Symmetric Cipher in Embedded RTOS: A Case Study of AES

The real-time operating system (RTOS) has a wide range of application domains and provides devices with the ability to schedule resources. Because of the restricted resources of embedded devices and the real-time constraints of RTOS, the application of cryptographic algorithms in these devices will affect the running systems. The existing approaches for RTOS ciphers’ evaluation are mainly provided by experimental data performance analysis, which, however, lack a clear judgment on the affected RTOS performance indicators, such as task schedulability, bandwidth, as well as a quantitative prediction of the remaining resources of RTOS. By focusing on task schedulability in RTOS, this paper provides a timed automaton-based quantitative approach to judge the feasibility of ciphers in embedded RTOS. First, a cryptographic algorithm execution overhead estimation model is established. Then, by combining the overhead model with a sensitivity analysis method, we can analyze the feasibility of the cryptographic algorithm. Finally, a task-oriented and timed automaton-based model is built to verify the analysis results. We take AES as a case study and carry out experiments on embedded devices. The experimental results show the effectiveness of our approach, which will provide specific feasibility indicators for the application of cryptographic algorithms in RTOS.

Implementation Combination Cryptographic Algorithm Triangle Chain Cipher and Vigenere Cipher In Securing Data in Database

Data security is most important today, because the rampant data theft resulting in a lot of misuse of data by irresponsible parties so that it makes us anxious as data owners, for data storage it is usually stored in the database. From these problems the idea emerged to create a cryptographic system where the system can secure data by encrypting and decrypting also make data fully save and then the data owned by the user. This study aims to secure the data in the database by encrypting the original data without destroying the original data when later after decrypted. To perform this security, a cryptographic methodology is used with both of method that is Vigenere Cipher and Triangle Chain Cipher algorithms which are implemented in the application because both of methodology have same root that is classical cryptographic. This application will later be used as a medium for users to secure their data in the database so that later data theft will not to be easy. After doing fully research that produces applications that can implement combination of Vigenere Cipher and Triangle Chain Cipher algorithms,data in the encrypted database field is safe because encryption has been done to the data.

Decision Support System for Finding an Optimal Postquantum Key Encapsulation Mechanism. Part 2. Prototype Evaluation

This is the final part of the series of articles devoted to the development of a decision support system for choosing the optimal post-quantum key encapsulation mechanism. Efficiency of the methodology proposed for choosing the optimal implementation of the post-quantum cryptographic algorithm is evaluated and substantiated. The economic feasibility of approach is shown and its positive impact on the quality of the cryptographic information protection subsystem is demonstrated. Efficiency comparison of the prototype of the decision support system with existing software products aimed at supporting decision-making in the field of information security is carried out. The consistency of prototype’s recommendations with the conclusions of analytical studies in the field of post-quantum cryptography is checked.

Accessing Cloud Services Using Token based Framework for IoT Devices

Nowadays cloud environments are used by many business service sectors like healthcare, retail marketing, banking, and many business fields. At the same time, the usage of Internet of Things (IoT) devices in different sectors also increasing tremendously. So, there is a general problem for securing any business service in enterprise cloud environments restricting by only authorized devices. We are proposing cryptographic techniques with the help of a token-based framework by enabling a secure handshake between consuming applications and the source business service which aims to authorize the target end consumers of the respective business service. The proposed work aims to achieve the desired secure handshake so that any consuming application or device requests the desired business service with a secret token and an input combination. The source business service creates a secure token using any latest robust cryptographic algorithm on the above input combination and returns the token to the consuming application. The consuming application requests to the source business service, it must pass the above token which if validated then only would receive the required data. Hence, in this paper, we propose the delegation of the authorization task to the end consumers, who are responsible to fetch the security tokens and use them in their application lifecycle.

A New IOT Image Encryption Algorithm based on Chaotic Map

IOT information is always subjected to attacks, because component of the IOT system always unsupervised for most of time, also due to simplicity of wireless communication media, so there is high chance for attack, lastly, IOT is constraint device in terms of energy and computation complexity. So, different research and study are proposed to provide cryptographic algorithm. In this paper, a new image encryption is proposed based on anew chaotic map used to generate the binary key. The proposed map is three dimensional map, which is more sensitive to initial condition, each dimension of the 3-D chaotic map is depended on the others dimension, which may increase the randomness of the behavior trajectory for the next values and this gives the algorithm the ability to resist any attacks. At first, 3-D chaotic map is proposed, which is very sensitive for initial condition, the three dimension is depended on each other, which make the system more randomness, then the produced sequences is converted on binary key by using mod operation. The original image is scrambled based on mod operation to exchange the row and interleaving them, the same operations are repeated for column of the image. Later, the image is divided into blocks of size (8*8) and scrambled by using negative diagonal scan, the final pixels are converted into binary sequences, which are XORed with the generated key to produce the encrypted image. The experiment is performed on different images with different properties and tested with different metrics such as entropy, correlation, key sensitivity, number of pixel change rate (NPCR) and histogram of the original and encrypted images. T results shows that the proposed encryption algorithm is more efficient and outperform other methods.

An implementation of Hill cipher and 3x3x3 rubik's cube to enhance communication security

Message security is must be managed seriously. Therefore, to maintain the confidentiality of any message, cryptography is needed. Cryptography is a science that uses mathematics to encrypt and decrypt messages. Cryptography is used as a tool to protect messages, for example, national secrets and strategies. The method of this research is qualitative research with a literature review. This research implements a hybrid cryptographic algorithm by combining Hill cipher and 3x3x3 Rubik's cube methods with Python software simulation.

Analysis of Electromagnetic Information Leakage Based on Cryptographic Integrated Circuits

Cryptographic algorithm is the most commonly used method of information security protection for many devices. The secret key of cryptographic algorithm is usually stored in these devices’ registers. In this paper, we propose an electromagnetic information leakage model to investigate the relationship between the electromagnetic leakage signal and the secret key. The registers are considered as electric dipole models to illustrate the source of the electromagnetic leakage. The equivalent circuit of the magnetic field probe is developed to bridge the output voltage and the electromagnetic leakage signal. Combining them, the electromagnetic information leakage model’s function relationship can be established. Besides, an electromagnetic leakage model based on multiple linear regression is proposed to recover the secret key and the model’s effectiveness is evaluated by guess entropy. Near field tests are conducted in an unshielded ordinary indoor environment to investigate the electromagnetic side-channel information leakage. The experiment result shows the correctness of the proposed electromagnetic leakage model and it can be used to recover the secret key of the cryptographic algorithm.

Designing a Block Cipher in Galois Extension Fields for IoT Security

This paper focuses on a block cipher adaptation of the Galois Extension Fields (GEF) combination technique for PRNGs and targets application in the Internet of Things (IoT) space, an area where the combination technique was concluded as a quality stream cipher. Electronic Codebook (ECB) and Cipher Feedback (CFB) variations of the cryptographic algorithm are discussed. Both modes offer computationally efficient, scalable cryptographic algorithms for use over a simple combination technique like XOR. The cryptographic algorithm relies on the use of quality PRNGs, but adds an additional layer of security while preserving maximal entropy and near-uniform distributions. The use of matrices with entries drawn from a Galois field extends this technique to block size chunks of plaintext, increasing diffusion, while only requiring linear operations that are quick to perform. The process of calculating the inverse differs only in using the modular inverse of the determinant, but this can be expedited by a look-up table. We validate this GEF block cipher with the NIST test suite. Additional statistical tests indicate the condensed plaintext results in a near-uniform distributed ciphertext across the entire field. The block cipher implemented on an MSP430 offers a faster, more power-efficient alternative to the Advanced Encryption Standard (AES) system. This cryptosystem is a secure, scalable option for IoT devices that must be mindful of time and power consumption.

Ciphertext-Policy Attribute-Based Encryption with Outsourced Set Intersection in Multimedia Cloud Computing

In a multimedia cloud computing system, suppose all cloud users outsource their own data sets to the cloud in the encrypted form. Each outsourced set is associated with an access structure such that a valid data user, Bob, with the credentials satisfying the access structure is able to conduct computing over outsourced encrypted set (e.g., decryption or other kinds of computing function). Suppose Bob needs to compute the set intersection over a data owner Alice’s and his own outsourced encrypted sets. Bob’s simple solution is to download Alice’s and Bob’s outsourced encrypted sets, perform set intersection operation, and decrypt the set intersection ciphertexts. A better solution is for Bob to delegate the cloud to calculate the set intersection, without giving the cloud any ability in breaching the secrecy of the sets. To solve this problem, this work introduces a novel primitive called ciphertext-policy attribute-based encryption with outsourced set intersection for multimedia cloud computing. It is the first cryptographic algorithm supporting a fully outsourced encrypted storage, computation delegation, fine-grained authorization security for ciphertext-policy model, without relying on an online trusted authority or data owners, and multi-elements set, simultaneously. We construct a scheme that provably satisfies the desirable security properties, and analyze its efficiency.