Securing Audio Using AES-based Authenticated Encryption with Python

The focus of this research is to analyze the results of encrypting audio using various authenticated encryption algorithms implemented in the Python cryptography library for ensuring authenticity and confidentiality of the original contents. The Advanced Encryption Standard (AES) is used as the underlying cryptographic primitive in conjunction with various modes including Galois Counter Mode (GCM), Counter with Cipher Block Chaining Message Authentication Code (CCM), and Cipher Block Chaining (CBC) with Keyed-Hashing for encrypting a relatively small audio file. The resulting encrypted audio shows similarity in the variance when encrypting using AES-GCM and AES-CCM. There is a noticeable reduction in variance of the performed encodings and an increase in the amount of time it takes to encrypt and decrypt the same audio file using AES-CBC with Keyed-Hashing. In addition, the corresponding encrypted using this mode audio spans a longer duration. As a result, AES should either have GCM or CCM for an efficient and reliable authenticated encryption integration within a workflow.

A Proficient Mechanism for Cloud Security Supervision in Distributive Computing Environment

In the existing epoch, the cloud-IoT integrated distributive computing is earning very high attractiveness because of its immense characteristics which can be divided into two categories namely essential and common characteristics. The essential characteristics of cloud-IoT computing are demand dependent like broad network access, self-service, resource pooling, and speedy elastic nature. The common characteristics of cloud-IoT computing are homogeneity, massive scale, virtualization, resilient computing, low cost software availability, service orientation, geographic independent computation, and advanced safety availability. The cloud-IoT dependent internetworked distributive computation is internet based computation environment in which infrastructure, application software, and various similar / dissimilar platforms are accessible in the cloud and the end users (businessman, developers) have the right to use it as the client. Cloud is a step from Utility Computing and several industries / companies are frequently using cloud based systems in their day-to-day work. Therefore, safety issues and challenges of cloud computing cannot be avoided in the current era. Hence, the researchers must develop high order authentication protocols for preventing the safety threats of cloud based data communication systems.. The proposed CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) based management of cloud-IoT integrated information is a two phase authenticated encoding (AE) mechanism. The first phase is worn for executing privacy computations, and the second phase is used for computing validation and truthfulness. Here, both the cycles use same encoding technique. It is well known to us that the CCM/CCMP is an amalgamation of two forms namely AES counter form and CBC- MAC (cipher-block-chain message authentication code) protocol form. The counter form is worn to carry out encoding which guarantees data privacy whereas CBCMAC is worn to attain data legitimacy and reliability. In this investigation work the author has investigated and critically analyzed the CCMP dependent safe Cloud-IoT integrated distributive mechanism for data / information management. The proposed approach further improves the overall security and performance of cloud-IoT integrated computing networks. Further, the author has solved the challenges of cloud-IoT computing by studying and analyzing major cloud-IoT computing safety concerns, and safety threats which are expected in future generation cloud computing systems. In this paper, the author has proposed CCMP & CBC-HMAC (Cipher-Block-Chain key Hash-MessageAuthentication-Code) encoding protocol can be efficiently used for providing information safety and preventing various attacks when the data is being transferred between the Cloud and a local network. The prevention mechanism for unauthorized access of data within the cloud is also presented whose performance is highly satisfactory. A secure and flexible framework to support self-organize and self register of consumer’s information in to the cloud network is designed and tested. The testing results of proposed analysis provides us very clear evidences that the PRF of CCMP is a superior and secure in contrast to that of CBC-HMAC.

On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security

Observing the growing popularity of random permutation (RP)-based designs (e.g, Sponge), Bart Mennink in CRYPTO 2019 has initiated an interesting research in the direction of RP-based pseudorandom functions (PRFs). Both are claimed to achieve beyond-the-birthday-bound (BBB) security of 2n/3 bits (n being the input block size in bits) but require two instances of RPs and can handle only oneblock inputs. In this work, we extend research in this direction by providing two new BBB-secure constructions by composing the tweakable Even-Mansour appropriately. Our first construction requires only one instance of an RP and requires only one key. Our second construction extends the first to a nonce-based Message Authentication Code (MAC) using a universal hash to deal with multi-block inputs. We show that the hash key can be derived from the original key when the underlying hash is the Poly hash. We provide matching attacks for both constructions to demonstrate the tightness of the proven security bounds.

SENTINEL: A Secure and Efficient Authentication Framework for Unmanned Aerial Vehicles

Extensive use of unmanned aerial vehicles (commonly referred to as a “drone”) has posed security and safety challenges. To mitigate security threats caused by flights of unauthorized drones, we present a framework called SENTINEL (Secure and Efficient autheNTIcation for uNmanned aErial vehicLes) under the Internet of Drones (IoD) infrastructure. SENTINEL is specifically designed to minimize the computational and traffic overheads caused by certificate exchanges and asymmetric cryptography computations that are typically required for authentication protocols. SENTINEL initially generates a flight session key for a drone having a flight plan and registers the flight session key and its flight plan into a centralized database that can be accessed by ground stations. The registered flight session key is then used as the message authentication code key to authenticate the drone by any ground station while the drone is flying. To demonstrate the feasibility of the proposed scheme, we implemented a prototype of SENTINEL with ECDSA, PBKDF2 and HMAC-SHA256. The experiment results demonstrated that the average execution time of the authentication protocol in SENTINEL was about 3.1 times faster than the “TLS for IoT” protocol. We also formally proved the security of SENTINEL using ProVerif that is an automatic cryptographic protocol verifier.

Đánh giá chính xác cận an toàn cho mã xác thực LightMAC

Tóm tắt— LightMAC là mã xác thực thông điệp được Atul Luykx đề xuất sử dụng trong các môi trường có tài nguyên hạn chế và có cận an toàn không phụ thuộc vào độ dài thông điệp. Thuật toán LightMAC sinh ra nhãn xác thực có độ dài tùy theo yêu cầu của người sử dụng. Tuy nhiên, đánh giá an toàn trong [1] lại sử dụng trực tiếp kết quả dành cho độ dài nhãn xác thực bằng kích cỡ mã khối cơ sở của Dodis [2]. Trong bài báo này, đầu tiên, chúng tôi đánh giá cận an toàn của mã xác thực LightMAC trong trường hợp độ dài nhãn xác thực nhỏ hơn kích cỡ của mã khối cơ sở. Sau đó, sự phụ thuộc vào độ dài thông điệp trong cận an toàn của LightMAC được xem xét lại. Abstract— The message authentication code mode, LightMAC, which was proposed to use in resource-constrained environments by Atul Luykx has security bound independ on message length. The tag length in LightMAC algorithm depend on demand of user’s. However, the security analysis’s Atul [1] directly uses the Dodis’s result [2] which presents for the case that tag length is the block size. In this paper, we first evaluate the security bound of LightMAC when tag length is less than the block size. Then, the dependence on the message length of LightMAC’s security bound is reviewed.