IMPLEMENTASI VERIFIKASI TEKS MENGGUNAKAN METODE RIVEST SHAMIR ADLEMAN (RSA)

Perkembangan teknologi dan sistem jaringan saat ini mengalami peningkatan secara signifikan, terutama dalam aspek keamanan. Keamanan jaringan setidaknya memiliki dua syarat, yaitu authenticity dan nonrepudiation. Kriptografi dapat dimanfaatkan terkait dengan keamanan informasi berupa kerahasiaan, keutuhan data, nir penyangkalan, serta otentikasi. Untuk menjaga keamanan pesan berupa teks atau kata, biasanya digunakan teknik enkripsi agar kerahasiaan data tersebut terjamin. Salah satu algoritma enkripsi yang sering digunakan yaitu algoritma kriptografi Rivest Shamir Adleman (RSA). Pada penelitian ini, algoritma RSA digunakan sebagai pelindung data, dan menggunakan mekanisme berupa teks sebagai alat verifikasi. Penelitian ini bertujuan untuk membuat interface pengiriman pesan terautentikasi dengan menerapkan algoritma kriptografi Rivest Shamir Adleman (RSA) pada sebuah teks. RSA merupakan algoritma asimetrik yang mempunyai dua kunci yang berbeda, yaitu kunci publik dan kunci privat. Kedua pasangan kunci (key pair) tersebut digunakan untuk proses enkripsi dan dekripsi. Tingkat keamanan algoritma RSA sangat bergantung pada ukuran kunci tersebut, karena makin kecil ukuran kunci, maka makin besar juga kemungkinan kombinasi kunci yang bisa dijebol dengan metode memeriksa kombinasi satu persatu kunci atau lebih dikenal dengan istilah Brute Force Attack. Bilangan prima yang dihasilkan dalam algoritma RSA mempengaruhi ukuran kunci sandi.

GRU-BWFA Classifier for Detecting DDoS Attack within SNMP-MIB Dataset

With the advancing trends in the field of information technology, the data users were subjected to face differernt of attacks. Hence effective and prompt detection of malicious attacks must be optimized in terms of confidentiality, privacy, availability and integrity. Accordingly this research paper provides an effective mechanism for detecting and classifying DDoS attacks such as TCP-SYN, UDP flood, ICMP echo, HTTP flood, Slowloris Slow Post and Brute Force attack, by utilizing machine learning methods within SNMP-MIB dataset. MIB (Management Information Base) is meant for attack classification database linked to the SNMP (Simple Network Management protocol). Three classifiers are considered such as MLP, Random forest, Adaboost to construct the detection model. Significantly, Gated Recurrent Unit Neural Network based on Bidirectional Weighted Feature Averaging (GRU-BWFA) classifier is utilizing as a proposed classifier for high detection rate and accuracy in distinguishing the mentioned DDoS attacks. Feature selection is performed using the Enhanced Salp Swarm Optimization technique to select the optimal features for identify the attacks. The application of various classifier provides a detailed study on the effectiveness of SNMP-MIB dataset in detecting DDoS attacks. Empirical findings indicate that machine learning methods are highly effective at detecting and classifying the attacks with a higher accuracy rate.

Detection of Username Enumeration Attack on SSH Protocol: Machine Learning Approach

Over the last two decades (2000–2020), the Internet has rapidly evolved, resulting in symmetrical and asymmetrical Internet consumption patterns and billions of users worldwide. With the immense rise of the Internet, attacks and malicious behaviors pose a huge threat to our computing environment. Brute-force attack is among the most prominent and commonly used attacks, achieved out using password-attack tools, a wordlist dictionary, and a usernames list—obtained through a so-called an enumeration attack. In this paper, we investigate username enumeration attack detection on SSH protocol by using machine-learning classifiers. We apply four asymmetrical classifiers on our generated dataset collected from a closed-environment network to build machine-learning-based models for attack detection. The use of several machine-learners offers a wider investigation spectrum of the classifiers’ ability in attack detection. Additionally, we investigate how beneficial it is to include or exclude network ports information as features-set in the process of learning. We evaluated and compared the performances of machine-learning models for both cases. The models used are k-nearest neighbor (K-NN), naïve Bayes (NB), random forest (RF) and decision tree (DT) with and without ports information. Our results show that machine-learning approaches to detect SSH username enumeration attacks were quite successful, with KNN having an accuracy of 99.93%, NB 95.70%, RF 99.92%, and DT 99.88%. Furthermore, the results improve when using ports information.

Security Analysis of Image Scrambling Cipher Based on Compound Chaotic Equation

As digital image has become one of the most important forms of expression in multimedia information, the security of digital image has become a concern. Because of its large amount of data and high redundancy, there are many security hidden dangers in ordinary image encryption methods. Aiming at the problems of low flexibility and poor anti-interference of traditional image scrambling technology, this paper proposes to select the scrambling diffusion encryption structure in the process of chaotic digital image encryption, which can produce relatively better encryption performance than single scrambling and diffusion scrambling. The composite chaotic operation used in this paper masks the distribution characteristics of chaotic subsequences. Based on the composite chaotic mapping model, the image scrambling password under the two-dimensional chaotic equation is established by scrambling the image in space and frequency domain. Several rounds of experiments show that the algorithm has a large scrambling scheme, further expands the key space of Arnold algorithm, and effectively resists the common computer brute force attack cracking and image decryption cracking methods such as exhaustive, differential attack and known plaintext attack. The improved encryption algorithm can realize the key avalanche effect, is very sensitive to the initial key and has high key security performance, and solves the security problem in the process of image transmission. Several performance syntheses show that the algorithm has high security performance and is suitable for image encryption scheme.

A Cipher Based on Prefix Codes

A prefix code, a P-code, is a code where no codeword is a prefix of another codeword. In this paper, a symmetric cipher based on prefix codes is proposed. The simplicity of the design makes this cipher usable for Internet of Things applications. Our goal is to investigate the security of this cipher. A detailed analysis of the fundamental properties of P-codes shows that the keyspace of the cipher is too large to mount a brute-force attack. Specifically, in this regard we will find bounds on the number of minimal P-codes containing a binary word given in advance. Furthermore, the statistical attack is difficult to mount on such cryptosystem due to the attacker’s lack of information about the actual words used in the substitution mapping. The results of a statistical analysis of possible keys are also presented. It turns out that the distribution of the number of minimal P-codes over all binary words of a fixed length is Gaussian.

An improved NFC device authentication protocol

Aimed at the security authentication problem between Near Field Communication (NFC) devices, this paper uses the technology of asymmetric encryption algorithm, symmetric encryption algorithm, hash function, timestamp and survival period to improve the confidentiality, performance and security of the protocol. The symmetric encryption algorithm encrypts the transmission content, while the asymmetric encryption algorithm encrypts the shared key. The whole authentication process is secure, and the key distribution is secure. The improved NFC device authentication protocol can effectively resist the brute force attack, man-in-the-middle attack and replay attack in the authentication process, it can reduce the number of message transmission in the authentication process, improve the transmission efficiency, enhance the confidentiality, integrity, non-repudiation and improve the security of NFC device authentication.

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

In recent years, smartphones have become an increasingly important storage facility for personal sensitive data ranging from photos and credentials up to financial and medical records like credit cards and person’s diseases. Trivially, it is critical to secure this information and only provide access to the genuine and authenticated user. Smartphone vendors have already taken exceptional care to protect user data by the means of various software and hardware security features like code signing, authenticated boot chain, dedicated co-processor and integrated cryptographic engines with hardware fused keys. Despite these obstacles, adversaries have successfully broken through various software protections in the past, leaving only the hardware as the last standing barrier between the attacker and user data. In this work, we build upon existing software vulnerabilities and break through the final barrier by performing the first publicly reported physical Side-Channel Analysis (SCA) attack on an iPhone in order to extract the hardware-fused devicespecific User Identifier (UID) key. This key – once at hand – allows the adversary to perform an offline brute-force attack on the user passcode employing an optimized and scalable implementation of the Key Derivation Function (KDF) on a Graphics Processing Unit (GPU) cluster. Once the passcode is revealed, the adversary has full access to all user data stored on the device and possibly in the cloud.As the software exploit enables acquisition and processing of hundreds of millions oftraces, this work further shows that an attacker being able to query arbitrary many chosen-data encryption/decryption requests is a realistic model, even for compact systems with advanced software protections, and emphasizes the need for assessing resilience against SCA for a very high number of traces.

Secured Message Broadcasting in VANET using Blowfish Algorithm with Oppositional Deer Hunting Optimization

Emergency Message broadcasting is an important process in VANET. Security and reliable transmission are the two major concerns in message broadcasting. VANET is open to unauthorized nodes, hackers, misbehaving vehicles, malicious attackers etc without security. Without valid confirmation of authorized vehicles, these types of attacks may occur. To enhance the reliability in message broadcasting, some existing techniques are used. They transmit the data without much delay but they didn’t provide any trusted authentication. So hackers, malicious nodes, unauthorized vehicles may easily interrupt the emergency messages. Also Brute force attack, Man in Middle attack are not identified and eliminated. In this research, a trust based secured broadcasting mechanism is developed which ensures the metrics such as security, privacy, integrity, trust etc. The major intension of this research is to reduce latency and provide high reliable, secure and efficient communication over the vehicles. The data such as vehicle position, location, speed, and other traffic information’s are generated and stored in a separate table. A network is created with varying densities. A path is generated for message broadcasting between source and destination based on the specific gateway estimated. Here, Optimal Wireless Access in Vanet (OWAV) Protocol is employed to gather vehicle related information to reduce the delay. Blowfish encryption algorithm along with Oppositional Deer Hunting Optimization (ODHO) is used to store the trusted vehicles location to avoid unauthorized tracking. The performance of the proposed research is analyzed with various metrics such as Packet delivery ratio (PDR), transmission delay, encryption time, throughput, computational overhead etc. The efficiency of the research is compared with other existing methods.

An improved chacha algorithm for securing data on IoT devices

In recent years, revolution of development was exceedingly quick in the Internet. Nevertheless, instead of only linking personal computers, mobiles and wearable equipment's, Internet growths from a web binding to true world physical substances that is indicated to novel connotation, which is labeled as Internet of Things (IoT). This concept is utilized in many scopes like education, health care, agriculture and commerce. IoT devices are presented with batteries to have independence from electric current; consequently, their working time is specified by the total time of the power of these batteries. In many IoT applications, data of IoT devices are extremely critical and should be encrypted. Current encryption approaches are created with a high complexity of an arithmetical process to provide a high level of security. However, these arithmetical processes lead to troubles concerning the efficiency and power consumption. ChaCha cipher is one of these approaches, which recently attracted attention due to its deployment in several applications by Google. In the present study, a new stream cipher procedure is proposed (called Super ChaCha), which performs low duty cycles for securing data on IoT devices. The proposed algorithm represents an improved revision to the standard ChaCha algorithm by increasing resistance to cryptanalysis. The modification focuses on rotation procedure which has been changed from a fixed constant to a variable constant based on random value. Also, the inputs of the cipher are changing in the columns form followed by diagonals form to zigzag form and then by alternate form to provide improved diffusion in comparison with the standard ChaCha. Results regarding the security illustrate that Super ChaCha needs 2512 probable keys to break by brute-force attack. Furthermore, the randomness of Super ChaCha successfully passed the five benchmark and NIST test.