Shared Secret Key Generation by Exploiting Inaudible Acoustic Channels

To build a secure wireless networking system, it is essential that the cryptographic key is known only to the two (or more) communicating parties. Existing key extraction schemes put the devices into physical proximity and utilize the common inherent randomness between the devices to agree on a secret key, but they often rely on specialized hardware (e.g., the specific wireless NIC model) and have low bit rates. In this article, we seek a key extraction approach that only leverages off-the-shelf mobile devices, while achieving significantly higher key generation efficiency. The core idea of our approach is to exploit the fast varying inaudible acoustic channel as the common random source for key generation and wireless parallel communication for exchanging reconciliation information to improve the key generation rate. We have carefully studied and validated the feasibility of our approach through both theoretical analysis and a variety of measurements. We implement our approach on different mobile devices and conduct extensive experiments in different real scenarios. The experiment results show that our approach achieves high efficiency and satisfactory robustness. Compared with state-of-the-art methods, our approach improves the key generation rate by 38.46% and reduces the bit mismatch ratio by 42.34%.

Review of Physically Unclonable Functions (PUFs): Structures, Models, and Algorithms

Physically unclonable functions (PUFs) are now an essential component for strengthening the security of Internet of Things (IoT) edge devices. These devices are an important component in many infrastructure systems such as telehealth, commerce, industry, etc. Traditionally these devices are the weakest link in the security of the system since they have limited storage, processing, and energy resources. Furthermore they are located in unsecured environments and could easily be the target of tampering and various types of attacks. We review in this work the structure of most salient types of PUF systems such as static RAM static random access memory (SRAM), ring oscillator (RO), arbiter PUFs, coating PUFs and dynamic RAM dynamic random access memory (DRAM). We discuss statistical models for the five most common types of PUFs and identify the main parameters defining their performance. We review some of the most recent algorithms that can be used to provide stable authentication and secret key generation without having to use helper data or secure sketch algorithms. Finally we provide results showing the performance of these devices and how they depend on the authentication algorithm used and the main system parameters.

Centralized Threshold Key Generation Protocol Based on Shamir Secret Sharing and HMAC Authentication

Many group key management protocols have been proposed to manage key generation and distribution of vehicular communication. However, most of them suffer from high communication and computation costs due to the complex elliptic curve and bilinear pairing cryptography. Many shared secret protocols have been proposed using polynomial evaluation and interpolation to solve the previous complexity issues. This paper proposes an efficient centralized threshold shared secret protocol based on the Shamir secret sharing technique and supporting key authentication using Hashed Message Authentication Code Protocol (HMAC). The proposed protocol allows the group manager to generate a master secret key for a group of n vehicles and split this key into secret shares; each share is distributed securely to every group member. t-of-n vehicles must recombine their secret shares and recover the original secret key. The acceptance of the recovered key is based on the correctness of the received HMAC signature to verify the group manager’s identity and ensure the key confidentiality. The proposed protocol is unconditionally secure and unbreakable using infinite computing power as t, or more than t secret shares are required to reconstruct the key. In contrast, attackers with t−1 secret shares cannot leak any information about the original secret key. Moreover, the proposed protocol reduces the computation cost due to using polynomial evaluation to generate the secret key and interpolation to recover the secret key, which is very simple and lightweight compared with the discrete logarithm computation cost in previous protocols. In addition, utilizing a trusted group manager that broadcasts some public information is important for the registered vehicles to reconstruct the key and eliminate secure channels between vehicles. The proposed protocol reduces the communication cost in terms of transmitted messages between vehicles from 2(t−1) messages in previous shared secret protocols to zero messages. Moreover, it reduces the received messages at vehicles from 2t to two messages. At the same time, it allows vehicles to store only a single secret share compared with other shared secret protocols that require storage of t secret shares. The proposed protocol security level outperforms the other shared secret protocols security, as it supports key authentication and confidentiality using HMAC that prevents attackers from compromising or faking the key.

Elliptical curve cryptography image encryption scheme with aid of optimization technique using gravitational search algorithm

<p>Image <span>encryption enables users to safely transmit digital photographs via a wireless medium while maintaining enhanced anonymity and validity. Numerous studies are being conducted to strengthen picture encryption systems. Elliptical curve cryptography (ECC) is an effective tool for safely transferring images and recovering them at the receiver end in asymmetric cryptosystems. This method's key generation generates a public and private key pair that is used to encrypt and decrypt a picture. They use a public key to encrypt the picture before sending it to the intended user. When the receiver receives the image, they use their private key to decrypt it. This paper proposes an ECC-dependent image encryption scheme utilizing an enhancement strategy based on the gravitational search algorithm (GSA) algorithm. The private key generation step of the ECC system uses a GSA-based optimization process to boost the efficiency of picture encryption. The image's output is used as a health attribute in the optimization phase, such as the peak signal to noise ratio (PSNR) value, which demonstrates the efficacy of the proposed approach. As comparison to the ECC method, it has been discovered that the suggested encryption scheme offers better optimal PSNR </span>values.</p>

Achieving Reconciliation between Privacy Preservation and Auditability in Zero-trust Cloud Storage using Intel SGX

Cloud storage allows for saving files at an off-site location that is accessible through the public internet. However, cloud storage suffers from a lack of trust since employees have physical and electronic access to almost all of the data, and zero-trust security is thus essential. This paper proposes an SGX-based file hosting scheme that gives full consideration to both privacy preservation and auditability to address the aforementioned concerns. We designed a secure key exchange protocol consisting of two phases: a key generation phase and a key verification phase. Theoretical analysis and experiments indicate that the protocol can resist man in-the-middle attacks, which has been unattainable in previous studies. The experimental results show that our scheme takes little time regardless of file size and achieves solid performance in handling concurrent requests; furthermore, it is innocuous for clients, and the memory usage is acceptable.