Search Results (25)

The integration of external devices and network connectivity into autonomous vehicles has raised significant concerns about in-vehicle security vulnerabilities. Existing security mechanisms for in-vehicle bus systems, which mainly rely on appending authentication codes and data encryption, have been extensively studied in the context of CAN and CAN-FD buses. However, these approaches are not directly applicable to Ethernet buses due to the much higher data transmission rates of Ethernet buses compared to other buses. The real-time encryption and decryption required by Ethernet buses cannot be achieved with conventional methods, necessitating an acceleration in the speed of cryptographic operations to match the demands of Ethernet communication. In response to these challenges, our paper introduces a range of cryptographic solutions specifically designed for in-vehicle Ethernet networks. We employ an AES-ECC hybrid algorithm for critical vehicle control signals, combining the efficiency of AES with the security of ECC. For multimedia signals, we propose an improved AES-128 (IAES-128) and an improved MD5 (IMD), which improve encryption time by 15.77%. Our proposed security mechanisms have been rigorously tested through attack simulations on the CANoe (version 10) platform. These tests cover both in-vehicle control signals, such as braking and throttle control, and non-critical systems like multimedia entertainment. The experimental results convincingly demonstrate that our optimized algorithms and security mechanisms ensure the secure and reliable operation of real-time communication in autonomous vehicles. Full article

Data security and privacy have become essential due to the increasingly advanced interconnectivity in today’s world, hence the reliance on cryptography. This paper introduces a new algorithm that uses a novel hybrid Tent–May chaotic map to generate pseudo-random numbers, as well as block encryption. We design a robust S-box by combining the Tent and May Maps, which yields a chaotic system with improved cryptographic properties. This S-box is a critical cryptographic primitive that significantly improves encryption security and leverages the strengths of both maps. The encryption process involves two key steps: block-wise substitution and permutation. First, we divide the image into $16\times 16$ blocks, then substitute each pixel with the $8-byte$ key and S-box. Next, we convert the encrypted image back into vector form, reorganize it using the permutation vector based on the subgroups of $S_{16}$, and finally return it to its original form. This approach greatly improves block cipher security when used, especially to protect medical images by guaranteeing their confidentiality and noninterference. Performance measures like PSNR, UACI, MSE, NCC, AD, SC, MD, and NAE prove how immune our method is to various cryptographic and statistical attacks, making it more accurate and more secure than the existing techniques. Full article

To analyze the security of encryption, an effectual encryption scheme based on colored images utilizing the hybrid pseudo-random binary sequence (HPRBS) and substitution boxes, known as S-boxes, is proposed. The presented work aims to design S-boxes using pseudo-random binary numbers acquired by Linear Feedback Shift Registers (LFSRs) in combination with a modified quadratic chaotic map. Firstly, cryptographically robust S-boxes are constructed by using binary pseudo-random number sequences, and then the cryptographic properties of the presented S-boxes are tested. The suggested S-boxes showed good results. Secondly, an RGB image encryption algorithm utilizing sequences generated by modified quadratic chaotic maps and S-boxes is offered. The new color image encryption techniques comprise two steps, including a permutation and a substitution step. The key association with the content of the image is also addressed. This strategy can result in a “one-time pad” effect and make the algorithm resistant to chosen-plaintext attack (CPA). The proposed scheme has been confirmed to be more valuable than most of the existing schemes. S-boxes are analyzed by the nonlinearity test, bit independence criterion (BIC), linear and differential approximation probabilities (LPs; DPs), and Strict-Avalanche Criterion (SAC) tests. A comparison with different S-boxes presented in the literature is also carried out. The comparison shows encouraging results about the quality of the proposed box. From security and experimental outcomes, the effectiveness of the presented color image encryption technique is verified. The proposed scheme has evident efficiency benefits, which implies that the proposed colored encryption of the image scheme has better potential for application in encryption schemes in real-time. Full article

Currently, Internet of Things (IoT)-based cloud systems face several problems such as privacy leakage, failure in centralized operation, managing IoT devices, and malicious attacks. The data transmission between the cloud and healthcare IoT needs trust and secure transmission of Electronic Health Records (EHRs). IoT-enabled healthcare equipment is seen in hospitals that have been implementing the technology for many years. Nonetheless, medical agencies fail to consider the security risk associated with healthcare IoT devices, which are readily compromised and cause potential threats to authentication and encryption procedures. Existing cloud computing methods like homomorphic encryption and the elliptic curve cryptography are unable to meet the security, identity, authentication, and security needs of healthcare IoT devices. The majority of conventional healthcare IoT algorithms lack secure data transmission. Therefore, fog computing is introduced to overcome the problems of IoT device verification, authentication, and identification for scalable and secure transmission of data. In this research manuscript, fog computing includes a hybrid mathematical model: Elliptic Curve Cryptography (ECC) and Proxy Re-encryption (PR) with Enhanced Salp Swarm Algorithm (ESSA) for IoT device verification, identification, and authentication of EHRs. ESSA is incorporated into the PR algorithm to determine the optimal key size and parameters of the PR algorithm. Specifically, in the ESSA, a Whale Optimization Algorithm (WOA) is integrated with the conventional Salp Swarm Algorithm (SSA) to enhance its global and local search processes. The primary objective of the proposed mathematical model is to further secure data sharing in the real time services. The extensive experimental analysis shows that the proposed model approximately reduced 60 Milliseconds (ms) to 18 milliseconds of processing time and improved 25% to 3% of reliability, compared to the traditional cryptographic algorithms. Additionally, the proposed model obtains a communication cost of 4260 bits with a memory usage of 680 bytes in the context of security analysis. Full article

A cryptocurrency is a non-centralized form of money that facilitates financial transactions using cryptographic processes. It can be thought of as a virtual currency or a payment mechanism for sending and receiving money online. Cryptocurrencies have gained wide market acceptance and rapid development during the past few years. Due to the volatile nature of the crypto-market, cryptocurrency trading involves a high level of risk. In this paper, a new normalized decomposition-based, multi-objective particle swarm optimization (N-MOPSO/D) algorithm is presented for cryptocurrency algorithmic trading. The aim of this algorithm is to help traders find the best Litecoin trading strategies that improve their outcomes. The proposed algorithm is used to manage the trade-offs among three objectives: the return on investment, the Sortino ratio, and the number of trades. A hybrid weight assignment mechanism has also been proposed. It was compared against the trading rules with their standard parameters, MOPSO/D, using normalized weighted Tchebycheff scalarization, and MOEA/D. The proposed algorithm could outperform the counterpart algorithms for benchmark and real-world problems. Results showed that the proposed algorithm is very promising and stable under different market conditions. It could maintain the best returns and risk during both training and testing with a moderate number of trades. Full article

The integration of cryptographic algorithms like Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC) is pivotal in bolstering the core attributes of blockchain technology, especially in achieving decentralization, tamper resistance, and anonymization within the realm of medical applications. Despite their widespread utilization, the conventional AES and ECC face significant hurdles in security and efficiency when dealing with expansive medical data, posing a challenge to the effective preservation of patient privacy. In light of these challenges, this study introduces HAE (hybrid AES and ECC), an innovative hybrid cryptographic algorithm that ingeniously amalgamates the robustness of AES with the agility of ECC. HAE is designed to symmetrically encrypt original data with AES while employing ECC for the asymmetric encryption of the initial AES key. This strategy not only alleviates the complexities associated with AES key management but also enhances the algorithm’s security without compromising its efficiency. We provide an in-depth exposition of HAE’s deployment within a framework tailored for medical scenarios, offering empirical insights into its enhanced performance metrics. Our experimental outcomes underscore HAE’s exemplary security, time efficiency, and optimized resource consumption, affirming its potential as a breakthrough advancement for augmenting blockchain applications in the medical sector, heralding a new era of enhanced data security and privacy within this critical domain. Full article

The Internet of Things (IoT) is rapidly expanding and becoming an integral part of daily life, increasing the potential for security threats such as malware or cyberattacks. Many embedded systems (ESs), responsible for handling sensitive data or facilitating secure online activities, must adhere to stringent security standards. For instance, payment processors employ security-critical components as distinct chips, maintaining physical separation from other network components to prevent the leakage of sensitive information such as cryptographic keys. Establishing a trusted environment in IoT and ESs, where interactions are based on the trust model of communication nodes, is a viable approach to enhance security in IoT and ESs. Although trust management (TM) has been extensively studied in distributed networks, IoT, and ESs, significant challenges remain for real-world implementation. In response, we propose a hybrid fuzzy rule algorithm (FRA) and trust planning mechanism (TPM), denoted FRA + TPM, for effective trust management and to bolster IoT and ESs reliability. The proposed system was evaluated against several conventional methods, yielding promising results: trust prediction accuracy (99%), energy consumption (53%), malicious node detection (98%), computation time (61 s), latency (1.7 ms), and throughput (9 Mbps). Full article

The development of quantum computing systems poses a great threat to the security of existing public key-based systems. As a result, the National Institute of Standards and Technology (NIST) started a Post-Quantum Cryptography (PQC) standardization project in 2015, and currently active research is being conducted to apply PQC to various cryptographic protocols. Unlike elliptic curve cryptography (ECC)-based schemes, PQC requires a large memory footprint and key/signature size. Therefore, when migrating PQC to a protocol, depending on the PQC and protocol specifications, it can be hard to migrate PQC. In the case of the WAVE protocol, it is difficult to satisfy the accuracy of a specific PQC algorithm because segmentation of the signature occurs during transmission due to the limitation of the maximum packet size. Therefore, in this paper, we present two methodologies that can apply PQC while complying with IEEE 1609.2 standards to the WAVE protocol in the V2V environment. Whereas previous migration studies have focused on designing a hybrid mode of protocols, this paper explores solutions more intuitively at the application layer of protocols. We analyzed two postquantum digital signature algorithms (Crystals-Dilithium and Falcon) and the structure of basic-safety messages (BSMs) of the V2V protocol on the size side. Through this, we propose methods that can perform an independent signature verification process without waiting for all divided signatures in the WAVE protocol. Our methodology overcomes the limitation that schemes with large signature sizes cannot be mounted into the WAVE protocol. We also note that the architecture used as an on-board unit (OBU) in an autonomous driving environment is mainly a microprocessor. We investigated an optimized PQC implementation in the OBU environment and simulated our methodology with the V2Verifier. Finally, we measured the accurate latency through simulation in Jetson Xavier, which is mainly used as an OBU in the V2V communication network. Full article

The theory and application of cellular automata (CA) for a stream cipher-based encryption principle are presented in this study. Certain fundamental transformations are developed based on CA theory regarding decentralized computation for modeling different system’s behavior. The changes governing state transitions rely on simple evolution rules, which can easily be translated into functions using logic operators. A class of linear hybrid cellular automata (LHCA) based on rules 90 and 150 is used to implement these functions. Symmetric key systems theory is the foundation of the suggested algorithm. The algorithm functions use the proprieties provided by the LHCA evolution in order to convert plain text into cipher text and vice versa, in each case starting from the same initial state of the system and performing the same number of steps for each operation. Cellular automata’s parallel information processing property, in addition to their regular and dynamical structure, makes hardware implementation of such schemes best suited for VLSI implementation. Testing of the proposed algorithm was performed by developing both software and hardware solutions. Hardware implementation of the presented cryptosystem was developed using VHDL hardware description language and a FPGA device (XILINX Spartan3E XC3S500E). Design and software simulations have been carried out using the C# programming language. Full article

This article has proposed an efficient area-optimized elliptic curve cryptographic processor architecture over $GF\left(2^{409}\right)$ and $GF\left(2^{571}\right)$. The proposed architecture employs Lopez-Dahab projective point arithmetic operations. To do this, a hybrid Karatsuba multiplier of 4-split polynomials is proposed. The proposed multiplier uses general Karatsuba and traditional schoolbook multiplication approaches. Moreover, the multiplier resources are reused to implement the modular squares and addition chains of the Itoh-Tsujii algorithm for inverse computations. The reuse of resources reduces the overall area requirements. The implementation is performed in Verilog (HDL). The achieved results are provided on Xilinx Virtex 7 device. In addition, the performance of the proposed design is evaluated on ASIC 65 nm process technology. Consequently, a figure-of-merit is constructed to compare the FPGA and ASIC implementations. An exhaustive comparison to existing designs in the literature shows that the proposed architecture utilizes less area. Therefore, the proposed design is the right choice for area-constrained cryptographic applications. Full article

The Internet of Vehicles (IoV) is witnessed to play the leading role in the future of Intelligent Transportation Systems (ITS). Though many works have focused on IoV improvement, there is still a lack of performance due to insufficient spectrum availability, lower data rates, and the involvement of attackers. This paper considers all three issues by developing a novel mmWave-assisted Cognitive Radio based IoV (CR-IoV) model. The integration of CR in IoV resolves the issue of spectrum management, while mmWave technology ensures symmetry in acquiring higher data rates for Secondary Users (SUs). With the proposed mmWave-assisted CR-IoV model, symmetric improvements in network performance were achieved in three main areas: security, beamforming, and routing. Optimum detection mechanisms isolate malicious Secondary Users (SUs) in the overall network. First, Spectrum Sensing Data Falsification (SSDF) attack is detected by a Hybrid Kernel-based Support Vector Machine (HK-SVM), which is the lightweight Machine Learning (ML) technique. Then, the Primary User Emulation (PUE) attack is detected by a hybrid approach, namely the Fang Algorithm-based Time Difference of Arrival (FA-TDoA) method. Further, security is assured by validating the legitimacy of each SU through a Lightweight ID-based Certificate Validation mechanism. To accomplish this, we employed the Four Q-curve asymmetric cryptographic algorithm. Overall, the proposed dual-step security provisioning approach assures that the network is free from attackers. Next, beamforming is performed for legitimate SUs by a 3D-Beamforming algorithm that relies on Array Factor (AF) and Beampattern Function. Finally, routing is enabled by formulating Forwarding Zone (FZ) based on the forwarding angle. In the forwarding zone, optimal forwarders are selected by the Multi-Objective Whale Optimization (MOWO) algorithm. Here, a new potential score is formulated for fitness evaluation. Finally, the proposed mmWave-assisted CR-IoV model is validated through extensive simulations in the ns-3.26 simulation tool. The evaluation shows better performance in terms of throughput, packet delivery ratio, delay, bit error rate, and detection accuracy. Full article

As a key component of ubiquitous computing, the wireless body area network (WBAN) can be used in a variety of disciplines, including health monitoring. Our everyday routines have been transformed by wearable technology, which has changed the medical industry and made our lives more convenient. However, the openness of the wireless network has raised concerns about the privacy and security of patient’s data because of the latent threat imposed by attackers. Patients’ sensitive data are safeguarded with authentication schemes against a variety of cyberattacks. Using pulse signals and a lightweight cryptographic approach, we propose a hybrid, anonymous, authentication scheme by extracting the binarized stream (bio-key) from pulse signal. We acquired 20 different sample signals to verify the unpredictability and randomness of keys, which were further utilized in an authentication algorithm. Formal proof of mutual authentication and key agreement was provided by the widely known BAN logic, and informal verification was provided by the Automated Validation of Internet Security Protocol and Applications (AVISPA) tool. The performance results depicted that storage cost on the sensor side was only 640 b, whereas communication cost was 512 b. Similarly, the computation time and energy consumption requirements were 0.005 ms and 0.55 µJ, respectively. Hence, it could be asserted that the proposed authentication scheme provided sustainable communication cost along with efficient computation, energy, and storage overheads as compared to peer work. Full article

Information storage and access in multi-cloud environments have become quite prevalent. In this paper, a multi-cloud framework is presented that secures users’ data. The primary goal of this framework is to secure users’ data from untrusted Cloud Service Providers (CSPs). They can collude with other malicious users and can hand over users’ data to these malicious users for their beneficial interests. In order to achieve this goal, the data are split into parts, and then each part is encrypted and uploaded to a different cloud. Therefore, client-side cryptography is used in this framework. For encrypting users’ data, the BDNA encryption technique is used. This framework presents a hybrid cryptographic approach that uses Identity-based Broadcast Encryption (IBBE) for managing the keys of the symmetric key algorithm (BDNA) by encrypting them with the particular version of IBBE. The work presented in this research paper is the first practical implementation of IBBE for securing encryption keys. Earlier, IBBE was only used for securely broadcasting data across many users over a network. The security of this hybrid scheme was proved through Indistinguishable Chosen-Ciphertext Attacks. This double encryption process makes the framework secure against all insiders and malicious users’ attacks. The proposed framework was implemented as a web application, and real-time storage clouds were used for storing the data. The workflow of the proposed framework is presented through screenshots of different working modules. Full article

The Security Protocol and Data Model (SPDM) defines a set of flows whose purpose includes the authentication of a computing device’s hardware identity. SPDM also allows for the creation of a secure session wherein data communication between two devices has both confidentiality and integrity protection. The present version of SPDM, namely version 1.2, relies upon traditional asymmetric cryptographic algorithms, and these algorithms are known to be vulnerable to quantum attacks. This paper describes the means by which support for post-quantum (PQ) cryptography can be added to the SPDM protocol in order to prepare SPDM for the upcoming world of quantum computing. As part of this paper, we examine the SPDM 1.2 protocol and discuss various aspects of using PQC algorithms, including negotiation of the use of post-quantum cryptography (PQC) algorithms, support for device identity reporting, mechanisms for device authentication, and establishing a secure session. We consider so-called “hybrid modes” where both classical and PQC algorithms are used to achieve security properties, especially given the fact that these modes are important during the transition period from the classical to the quantum computing regime. We also share our experience with implementing a software embodiment of PQC in SPDM, namely “PQ-SPDM”, and we provide benchmarks that evaluate a subset of the winning NIST PQC algorithms. Full article

The incredible advancements in data transmission technology have opened up more potentials for data security than ever before. Numerous methods for data protection have been developed during the previous decades, including steganography and cryptography. The security and integrity of medical data have emerged as major barriers for healthcare service systems as the Internet of Things has evolved dramatically in the healthcare business. Communication between two devices securely is a difficult problem. Numerous cryptographic algorithms are already available, including data encryption standard (DES), Rivest–Shamir–Adleman (RSA), and advanced encryption standard (AES). In this paper, we present a hybrid security model for the protection of diagnostic text data contained in medical photographs. The proposed model is built by combining a proposed hybrid encryption system with either a 2D Discrete Wavelet Transform 1 Level (2D-DWT-1L) or a 2D Discrete Wavelet Transform 2 Level (2D-DWT-2L) steganography technique. The suggested model encrypts secret data and hides them using 2D-DWT-3L. As text covers, color and grayscale images are employed. The suggested system’s performance was tested using PSNR, SSIM, MSE, and Correlation. Associated to state-of-the-art approaches, the proposed model masked personal patient data with high capacity, imperceptibility and minimum deterioration in the received stego-image. We use MATLAB to build the proposed mechanism, and measures such as throughput and execution time are used to assess performance. Full article