A secure search protocol for lightweight and low-cost RFID systems

In radio frequency identification (RFID) systems, search protocols are used to find a specific item in a large number of tagged products. These protocols should be secure against RFID attacks such as traceability, impersonation, DoS and eavesdropping. Sundaresan et al. (IEEE Trans Dependable Secure Comput, 2015) presented a server-less search protocol based on 128-bits PRNG function and claimed that their method can address all vulnerabilities of previous protocols. In this paper, we prove that Sundaresan et al.’s protocol is vulnerable to traceability attack with the high probability. In addition, we present an improved protocol to solve the proposed problem and analyze its security level informally and formally based on AVISPA tool and BAN logic.     

Key management protocol with end-to-end data security and key revocation for a multi-BS wireless sensor network

Focusing on a large-scale wireless sensor network with multiple base stations (BS), a key management protocol is designed in this paper. For securely relaying data between a node and a base station or two nodes, an end-to-end data security method is adopted by this protocol. Further employing a distributed key revocation scheme to efficiently remove compromised nodes then forms our key management protocol celled multi-BS key management protocol (MKMP). Through performance evaluation, we show that MKMP outperforms LEDS Ren et al. (IEEE Trans Mobile Comput 7(5):585–598, 2008) in terms of efficiency of resilience against the node capture attack. With the analysis of key storage overheads, we demonstrate that MKMP performs better than mKeying Wang et al. (A key management protocol for wireless sensor networks with multiple base stations. In: Procceedings of ICC'08, pp 1625–1629, 2008) in terms of this overhead.     

Determining the number of true different permutation polynomials of degrees up to five by Weng and Dong algorithm

Permutation polynomials (PPs) are used for interleavers in turbo codes, cryptography or sequence generation. The paper presents an algorithm for determining the number of true different PPs of degrees up to five. It is based on the algorithm from Weng and Dong (IEEE Trans Inf Theory 54(9):4388–4390, 2008) and on the null polynomials modulo the interleaver length.     

Security of Blind Signatures Revisited

We revisit the security definitions of blind signatures as proposed by Pointcheval and Stern (J Cryptol 13(3):361–396, 2000). Security comprises the notions of one-more unforgeability, preventing a malicious user to generate more signatures than requested, and of blindness, averting a malicious signer to learn useful information about the user’s messages. Although this definition is well established nowadays, we show that there are still desirable security properties that fall outside of the model. More precisely, in the original unforgeability definition is not excluded that an adversary verifiably uses the same message m for signing twice and is then still able to produce another signature for a new message \(m'\ne m\). Intuitively, this should not be possible; yet, it is not captured in the original definition, because the number of signatures equals the number of requests. We thus propose a stronger notion, called honest-user unforgeability, that covers these attacks. We give a simple and efficient transformation that turns any unforgeable blind signature scheme (with deterministic verification) into an honest-user unforgeable one.     

An efficient TDMA-based variable interval multichannel MAC protocol for vehicular networks

Vehicular Adhoc NETworks (VANETs) are the key to the future of intelligent transportation systems. An efficient MAC protocol is of greater importance to meet the strict deadlines of safety related applications in VANETs. This work introduces a novel TDMA-based variable interval multichannel MAC protocol (TM-MAC) for VANETs. TM-MAC employs TDMA along with variable interval multichannel scheduling for providing a reliable and efficient broadcast service over a lossy wireless medium. TM-MAC reduces transmission collisions thus making Control CHannel (CCH) more reliable and provides high throughput over Service CHannel (SCH) via maximum channel utilization. The scheduling strategy ensures that vehicles are assigned a slot instantaneously. Moreover there is a reduction of almost 50 % in number of vehicles incurring merging collisions when compared with VeMAC (Omar et al. in IEEE Trans Mob Comput 12(9):1724–1736, 2013), an existing and recently proposed TDMA based MAC protocol. This reduction in merging collisions increased the packet delivery ratio by almost 25 % when compared with VeMAC. Extensive simulations which were done over a realistic city scenario connote the superiority of TM-MAC over existing schemes for a wide range of traffic conditions.     

Reproducible Circularly Secure Bit Encryption: Applications and Realizations

We give generic constructions of several fundamental cryptographic primitives based on a new encryption primitive that combines circular security for bit encryption with the so-called reproducibility property (Bellare et al. in Public key cryptography—PKC 2003, vol. 2567, pp. 85–99, Springer, 2003). At the heart of our constructions is a novel technique which gives a way of de-randomizing reproducible public-key bit encryption schemes and also a way of reducing one-wayness conditions of a constructed trapdoor function family (TDF) to circular security of the base scheme. The main primitives that we build from our encryption primitive include k-wise one-way TDFs (Rosen and Segev in SIAM J Comput 39(7):3058–3088, 2010), chosen-ciphertext-attack-secure encryption and deterministic encryption. Our results demonstrate a new set of applications of circularly secure encryption beyond fully homomorphic encryption and symbolic soundness. Finally, we show the plausibility of our assumptions by showing that the decisional Diffie–Hellman-based circularly secure scheme of Boneh et al. (Advances in cryptology—CRYPTO 2008, vol. 5157, Springer, 2008) and the subgroup indistinguishability-based scheme of Brakerski and Goldwasser (Advances in cryptology—CRYPTO 2010, vol. 6223, pp. 1–20, Springer, 2010) are both reproducible.     

Optimal Security Proofs for Full Domain Hash,Revisited

RSA Full Domain Hash (RSA-FDH) is a digital signature scheme, secure against chosen message attacks in the random oracle model. The best known security reduction from the RSA assumption is non-tight, i.e., it loses a factor of \(q_s\), where \(q_s\) is the number of signature queries made by the adversary. It was furthermore proven by Coron (Advances in cryptology—EUROCRYPT 2002, Lecture notes in computer science, vol 2332. Springer, Berlin, pp 272–287, 2002) that a security loss of \(q_s\) is optimal and cannot possibly be improved. In this work, we uncover a subtle flaw in Coron’s impossibility result. Concretely, we show that it only holds if the underlying trapdoor permutation is certified. Since it is well known that the RSA trapdoor permutation is (for all practical parameters) not certified, this renders Coron’s impossibility result moot for RSA-FDH. Motivated by this, we revisit the question whether there is a tight security proof for RSA-FDH. Concretely, we give a new tight security reduction from a stronger assumption, the Phi-Hiding assumption introduced by Cachin et al. (Advances in Cryptology—EUROCRYPT’99. Lecture notes in computer science, vol 1592. Springer, Berlin, pp 402–414, 1999). This justifies the choice of smaller parameters in RSA-FDH, as it is commonly used in practice. All of our results (positive and negative) extend to the probabilistic signature scheme PSS (with message recovery).     

Two-dimensional discrete fractional Fourier transform-based content removal algorithm

This paper proposes a novel content removal technique for enhancing the camera identification performance. Here, very low bit rate videos with the overall noise patterns having time-varying statistics are considered. First, different two-dimensional discrete fractional Fourier transforms with different rotational angles are applied to the overall noise pattern of each frame of each video. Second, the modulus of each element of each transformed matrix is normalized to one if the rotational angles of the transforms are not equal to the integer multiples of \(\pi \). Third, the corresponding two-dimensional inverse discrete fractional Fourier transform is applied to each normalized matrix, and the corresponding real part is taken out for the further processing. Fourth, the absolute values of the elements in each normalized real-valued matrix are bounded by certain threshold values. Here, different threshold values are employed for different rotational angles. Finally, the processed matrices are averaged over all the rotational angles and all the frames of the videos of the same camera. To evaluate the performance, the correlation function is employed. Extensive computer numerical simulations are preformed. The obtained results show that the proposed method outperforms existing methods (Kang et al. in IEEE Trans Inf Forensics Secur 7(2):393–402, 2012; Li in IEEE Trans Inf Forensics Secur 5(2):280–287, 2010).     

Outage Probability and Ergodic Capacity Analysis for Two-Way Relaying System with Different Relay Selection Protocols

The outage probability and ergodic capacity analysis for decode-and-forward two-way relaying system is investigated in this paper. First, the exact expressions (or bounds) of outage probability, ergodic capacity and average bidirectional ergodic capacity (ABEC) for max–min relay selection, random relay selection and direct transmission protocols are derived through theoretic analysis, and performance comparisons among different relay selection protocols are developed. Then a novel maximum average bidirectional mutual information (MABM) relay selection protocol is proposed and analyzed. Simulation results demonstrate that the derived analytical results fit well with Monte-Carlo simulations. The proposed MABM protocol can always achieve larger ABEC than other protocols while keeping low outage probability, and the MABM and max–min protocols in this paper can always achieve better performance than the max–min selection and max-sum selection in Krikidis (IEEE Trans Veh Technol 59(9):4620–4628, 2010). In addition, outage probability, ergodic capacity and ABEC performance of the proposed protocol become worse while distance becomes larger.     

Designing a green optical network unit using ARMA-based traffic prediction for quality of service-aware traffic

The optical access networks (OANs) provide an attractive solution to the bandwidth bottleneck problem of the last mile. However, it has been proved (Baliga et al. in J Lightwave Technol 27(13):2391–2403, 2009; Baliga et al. in IEEE Commun Mag 49(6):70–77, 2011) that the OAN consumes a significant ratio of the total energy consumed in an optical networking scenario. This has provided incentive for inspection of energy-efficient schemes for OANs. It has been demonstrated in the literature that energy consumption figures of an OAN can be improved by either designing efficient hardware or employing better media access control (MAC) protocols. In this paper, we design a MAC protocol for OANs to ensure energy-efficiency in the presence of quality of service (QoS)-aware traffic. The proposed scheme incorporates traffic prediction-based selection of different sleep (energy-efficient) modes of operation, of the optical network units—ONUs (OAN end units). It also implements switching between different sleep modes to maintain high QoS with significant energy-efficiency figures. The discussed scheme requires processing at the ONU only and can work independent of the entire OAN (ONU assisted). Thus, our proposal is an attractive solution for the already deployed networks or even in green field deployment.     

Tightly Secure Signatures From Lossy Identification Schemes

In this paper, we present three digital signature schemes with tight security reductions in the random oracle model. Our first signature scheme is a particularly efficient version of the short exponent discrete log-based scheme of Girault et al. (J Cryptol 19(4):463–487, 2006). Our scheme has a tight reduction to the decisional short discrete logarithm problem, while still maintaining the non-tight reduction to the computational version of the problem upon which the original scheme of Girault et al. is based. The second signature scheme we construct is a modification of the scheme of Lyubashevsky (Advances in Cryptology—ASIACRYPT 2009, vol 5912 of Lecture Notes in Computer Science, pp 598–616, Tokyo, Japan, December 6–10, 2009. Springer, Berlin, 2009) that is based on the worst-case hardness of the shortest vector problem in ideal lattices. And the third scheme is a very simple signature scheme that is based directly on the hardness of the subset sum problem. We also present a general transformation that converts what we term \(lossy \) identification schemes into signature schemes with tight security reductions. We believe that this greatly simplifies the task of constructing and proving the security of such signature schemes.     

Node coloring based replica detection technique in wireless sensor networks

Node replication attack possess a higher level of threat in wireless sensor networks. A replicated node takes advantage of having legal identity of the compromised node to control the network traffic and inject malicious information into the network. Several techniques have been proposed to detect node replication in wireless sensor networks. However, in most of these techniques, the responsibility for replica detection lies either with the base station or a few randomly selected witness nodes. In this paper, we propose a technique for detecting replicas without the participation of base station and witness nodes. In the proposed scheme, each node is assigned with a color (value), which is unique within its neighborhood. A color conflict within the neighborhood of a node is detected as a replica. We made a comparison of the proposed scheme with RED (Conti et al. in IEEE Trans Dependable Secure Comput 8(5):685–698, 2011), LSM (Parno et al. in Proceedings of IEEE symposium on security and privacy. IEEE, pp 49–63, 2005), and SET (Choi et al. in Proceedings of third international conference on security and privacy in communications networks and the workshops, SecureComm 2007. IEEE, pp 341–350, 2007). Parameters considered for comparison are detection probability, communication complexity and storage overhead. We observed that the proposed scheme has a higher detection probability, and lower communication and storage overhead.     

Accelerating signature-based broadcast authentication for wireless sensor networks

In wireless sensor networks (WSNs), broadcast authentication is a crucial security mechanism that allows a multitude of legitimate users to join in and disseminate messages into the networks in a dynamic and authenticated way. During the past few years, several public-key based multi-user broadcast authentication schemes have been proposed to achieve immediate authentication and to address the security vulnerability intrinsic to μTESLA-like schemes. Unfortunately, the relatively slow signature verification in signature-based broadcast authentication has also incurred a series of problems such as high energy consumption and long verification delay. In this contribution, we propose an efficient technique to accelerate the signature verification in WSNs through the cooperation among sensor nodes. By allowing some sensor nodes to release the intermediate computation results to their neighbors during the signature verification, a large number of sensor nodes can accelerate their signature verification process significantly. When applying our faster signature verification technique to the broadcast authentication in a 4 × 4 grid-based WSN, a quantitative performance analysis shows that our scheme needs 17.7-34.5% less energy and runs about 50% faster than the traditional signature verification method. The efficiency of the proposed technique has been tested through an experimental study on a network of MICAz motes.     

Efficient Cryptosystems From $$\mathbf{2}^{{\varvec{k}}}$$-th Power Residue Symbols

Goldwasser and Micali (J Comput Syst Sci 28(2):270–299, 1984) highlighted the importance of randomizing the plaintext for public-key encryption and introduced the notion of semantic security. They also realized a cryptosystem meeting this security notion under the standard complexity assumption of deciding quadratic residuosity modulo a composite number. The Goldwasser–Micali cryptosystem is simple and elegant but is quite wasteful in bandwidth when encrypting large messages. A number of works followed to address this issue and proposed various modifications. This paper revisits the original Goldwasser–Micali cryptosystem using \(2^k\)-th power residue symbols. The so-obtained cryptosystems appear as a very natural generalization for \(k \ge 2\) (the case \(k=1\) corresponds exactly to the Goldwasser–Micali cryptosystem). Advantageously, they are efficient in both bandwidth and speed; in particular, they allow for fast decryption. Further, the cryptosystems described in this paper inherit the useful features of the original cryptosystem (like its homomorphic property) and are shown to be secure under a similar complexity assumption. As a prominent application, this paper describes an efficient lossy trapdoor function-based thereon.     

HHT-Based Security Enhancement Approach with Low Overhead for Coding-Based Reprogramming Protocols in Wireless Sensor Networks

Coding-based reprogramming protocols can effectively and remotely disseminate a new code image to all sensor nodes via wireless channels in wireless sensor networks. However, security service is crucial to these protocols when sensor nodes are deployed in adversarial environments. Existing security schemes can resist Pollution Attack, but the overheads are excessive. In this paper, a security enhancement approach with low overhead based on Hierarchical Hash Tree is proposed to enhance the security of the protocols. Our scheme is composed of two layers of Merkle Tree based on the ideas of hierarchy and aggregation. Then, the security of proposed approach is proven and the overheads of that are analyzed. Furthermore, our scheme is used to implement page authentication of Sreluge protocol, which is a representative reprogramming protocol based on random linear codes. Experimental results show that our scheme can cut authentication overhead by at least 43 % that of Merkle Tree and other overheads have been reduced markedly with the size of code image growing.     

Fully Electrical Modeling of Thermoelectric Generators with Contact Thermal Resistance Under Different Operating Conditions

The Seebeck effect is used in thermoelectric generators (TEGs) to supply electronic circuits by converting the waste thermal into electrical energy. This generated electrical power is directly proportional to the temperature difference between the TEG module’s hot and cold sides. Depending on the applications, TEGs can be used either under constant temperature gradient between heat reservoirs or constant heat flow conditions. Moreover, the generated electrical power of a TEG depends not only on these operating conditions, but also on the contact thermal resistance. The influence of the contact thermal resistance on the generated electrical power have already been extensively reported in the literature. However, as reported in Park et al. (Energy Convers Manag 86:233, 2014) and Montecucco and Knox (IEEE Trans Power Electron 30:828, 2015), while designing TEG-powered circuit and systems, a TEG module is mostly modeled with a Thévenin equivalent circuit whose resistance is constant and voltage proportional to the temperature gradient applied to the TEG’s terminals. This widely used simplified electrical TEG model is inaccurate and not suitable under constant heat flow conditions or when the contact thermal resistance is considered. Moreover, it does not provide realistic behaviour corresponding to the physical phenomena taking place in a TEG. Therefore, from the circuit designer’s point of view, faithful and fully electrical TEG models under different operating conditions are needed. Such models are mainly necessary to design and evaluate the power conditioning electronic stages and the maximum power point tracking algorithms of a TEG power supply. In this study, these fully electrical models with the contact thermal resistance taken into account are presented and the analytical expressions of the Thévenin equivalent circuit parameters are provided.     

Efficient Privacy-Preserving Anonymous Authentication Protocol for Vehicular Ad-Hoc Networks

Vehicular ad-hoc network (VANET) has been considered as one of the most promising wireless sensor technologies, which could enhance driving convenience and traffic efficiency through real-time information interaction. Nevertheless, emerging security issues (e.g., confidentiality, integrity, identity privacy, message authentication) will hinder the widespread deployment of VANETs. To address these issues, in this paper, we propose an efficient privacy-preserving anonymous authentication protocol for VANETs. We first design an identity-based signature algorithm, and exploit it with an account information of a vehicle to propose our anonymous authentication protocol. The protocol enables each vehicle to anonymously send an authenticated message to nearby roadside units (RSUs) in a confidential way, and efficiently check the feedback information from nearby RSUs. Simultaneously, the protocol achieves key-exchange functionality, which could produce a session key for later secure communication between vehicles and RSUs. Finally, we give the security analysis of the proposed protocol and conduct a comprehensive performance evaluation, the results demonstrate its feasibility in the secure deployment of VANETs.

     

A Robust Mutual Authentication Protocol for Wireless Sensor Networks

Authentication is an important service in wireless sensor networks (WSNs) for an unattended environment. Recently, Das proposed a hash‐based authentication protocol for WSNs, which provides more security against the masquerade, stolen‐verifier, replay, and guessing attacks and avoids the threat which comes with having many logged‐in users with the same login‐id. In this paper, we point out one security weakness of Das' protocol in mutual authentication for WSN's preservation between users, gateway‐node, and sensor nodes. To remedy the problem, this paper provides a secrecy improvement over Das' protocol to ensure that a legal user can exercise a WSN in an insecure environment. Furthermore, by presenting the comparisons of security, computation and communication costs, and performances with the related protocols, the proposed protocol is shown to be suitable for higher security WSNs.     

Locally Computable UOWHF with Linear Shrinkage

We study the problem of constructing locally computable universal one-way hash functions (UOWHFs) \(\mathcal {H}:\{0,1\}^n \rightarrow \{0,1\}^m\). A construction with constant output locality, where every bit of the output depends only on a constant number of bits of the input, was established by Applebaum et al. (SIAM J Comput 36(4):845–888, 2006). However, this construction suffers from two limitations: (1) it can only achieve a sublinear shrinkage of \(n-m=n^{1-\epsilon }\) and (2) it has a super-constant input locality, i.e., some inputs influence a large super-constant number of outputs. This leaves open the question of realizing UOWHFs with constant output locality and linear shrinkage of \(n-m= \epsilon n\), or UOWHFs with constant input locality and minimal shrinkage of \(n-m=1\). We settle both questions simultaneously by providing the first construction of UOWHFs with linear shrinkage, constant input locality and constant output locality. Our construction is based on the one-wayness of “random” local functions—a variant of an assumption made by Goldreich (Studies in Complexity and Cryptography, 76–87, 2011; ECCC 2010). Using a transformation of Ishai et al. (STOC, 2008), our UOWHFs give rise to a digital signature scheme with a minimal additive complexity overhead: signing n-bit messages with security parameter \(\kappa \) takes only \(O(n+\kappa )\) time instead of \(O(n\kappa )\) as in typical constructions. Previously, such signatures were only known to exist under an exponential hardness assumption. As an additional contribution, we obtain new locally computable hardness amplification procedures for UOWHFs that preserve linear shrinkage.     

A New Lightweight User Authentication and Key Agreement Scheme for WSN

The Internet of Things (IoT) is one of the most up-to-date and newest technologies that allows remote control of heterogeneous networks and has a good outlook for industrial applications. Wireless sensor networks (or in brief WSNs) have a key role on the Internet of industrial objects. Due to the limited resources of the sensor nodes, designing a balanced authentication scheme to provide security in reasonable performance in wireless sensor networks is a major challenge in these applications. So far, several security schemes have been presented in this context, but unfortunately, none of these schemes have provided desired security in reasonable cost. In 2017, Khemissa et al. proposed a security protocol for mutual authentication between sensor node and user in WSNs, however, in this paper we show that this protocol is not safe enough in the confrontation of desynchronization, user impersonation and gateway impersonation attacks. The proposed attacks succeed with the probability of one and to be realized only require an execution of the protocol. Given merits of the Khemissa et al.’s protocol, we also improved their protocol in such a way that provides suitable level of security, and also we prove its security using two formal ways, i.e. BAN logic and also the Scyther tool. We also argue informally about the improved protocol’s security.