An Efficient Electronic Cash System Based on Certificateless Group Signcryption Scheme Using Conformable Chaotic Maps

Chandrashekhar Meshram; Agbotiname Lucky Imoize; Amer Aljaedi; Adel R. Alharbi; Sajjad Shaukat Jamal; Sharad Kumar Barve

doi:10.3390/s21217039

An Efficient Electronic Cash System Based on Certificateless Group Signcryption Scheme Using Conformable Chaotic Maps

Sensors ◽

10.3390/s21217039 ◽

2021 ◽

Vol 21 (21) ◽

pp. 7039

Author(s):

Chandrashekhar Meshram ◽

Agbotiname Lucky Imoize ◽

Amer Aljaedi ◽

Adel R. Alharbi ◽

Sajjad Shaukat Jamal ◽

...

Keyword(s):

High Efficiency ◽

Chaotic Maps ◽

Security Analysis ◽

Electronic Cash ◽

Security Vulnerabilities ◽

The Public ◽

Security Issues ◽

Significant Research ◽

Online Business ◽

Chosen Ciphertext Attack

Signcryption schemes leveraging chaotic constructions have garnered significant research interest in recent years. These schemes have proffered practical solutions towards addressing the vast security vulnerabilities in Electronic Cash Systems (ECS). The schemes can seamlessly perform message confidentiality and authentication simultaneously. Still, their applications in emerging electronic cash platforms require a higher degree of complexity in design and robustness, especially as billions of online transactions are conducted globally. Consequently, several security issues arise from using open wireless channels for online business transactions. In order to guarantee the security of user information over these safety-limited channels, sophisticated security schemes are solely desired. However, the existing signcryption schemes cannot provide the required confidentiality and authentication for user information on these online platforms. Therefore, the need for certificateless group signcryption schemes (CGSS) becomes imperative. This paper presents an efficient electronic cash system based on CGSS using conformable chaotic maps (CCM). In our design, any group signcrypter would encrypt information/data with the group manager (GM) and send it to the verifier, who confirms the authenticity of the signcrypted information/data using the public criteria of the group. Additionally, the traceability, unforgeability, unlinkability, and robust security of the proposed CGSS-CCM ECS scheme have been built leveraging computationally difficult problems. Performance evaluation of the proposed CGSS-CCM ECS scheme shows that it is secure from the Indistinguishably Chosen Ciphertext Attack. Finally, the security analysis of the proposed technique shows high efficiency in security-vulnerable applications. Overall, the scheme gave superior security features compared to the existing methods in the preliminaries.

Download Full-text

Order-Revealing Encryption Scheme with Comparison Token for Cloud Computing

Security and Communication Networks ◽

10.1155/2020/8837904 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Jingjing Guo ◽

Jiacong Sun

Keyword(s):

High Efficiency ◽

Security Analysis ◽

Bloom Filter ◽

Cloud Service ◽

Range Query ◽

Encryption Scheme ◽

Security Issues ◽

Encrypted Database ◽

Almost All ◽

Outsourced Database

Order-preserving encryption (OPE) is a basic paradigm for the outsourced database where the order of plaintexts is kept in ciphertexts. OPE enables efficient order comparison execution while providing privacy protection. Unfortunately, almost all the previous OPE schemes either require numerous rounds of interactions or reveal more information about the encrypted database (e.g., the most significant bit). Order-revealing encryption (ORE) as a generalization is an encryption scheme where the order of plaintexts can be evaluated by running a comparison algorithm. Therefore, it is desirable to design an efficient ORE scheme which addresses above efficiency and security issues. In this paper, we propose a noninteractive ORE scheme from prefix encoding and Bloom filter techniques. The proposed scheme is an encryption scheme where a cloud service provider cannot evaluate the order of plaintexts until a comparison token is provided. The security analysis illustrates that our scheme achieves ideal security with frequency hiding. Furthermore, we illustrate a secure range query scheme through designing an encrypted tree structure named PORE tree from the above ORE scheme. The PORE tree reveals the order between different nodes and leaves encrypted data items in the same node incomparable even after query execution. Finally, the experimental evaluation shows the high efficiency of the proposed ORE scheme and range query scheme.

Download Full-text

A Robot Operating System Framework for Secure UAV Communications

Sensors ◽

10.3390/s21041369 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1369

Author(s):

Hyojun Lee ◽

Jiyoung Yoon ◽

Min-Seong Jang ◽

Kyung-Joon Park

Keyword(s):

Operating System ◽

Unmanned Aerial Vehicles ◽

Ground Control ◽

Unmanned Aerial System ◽

Security Framework ◽

Security Vulnerabilities ◽

Robot Operating System ◽

Security Issues ◽

Aerial Vehicles ◽

Ground Control Station

To perform advanced operations with unmanned aerial vehicles (UAVs), it is crucial that components other than the existing ones such as flight controller, network devices, and ground control station (GCS) are also used. The inevitable addition of hardware and software to accomplish UAV operations may lead to security vulnerabilities through various vectors. Hence, we propose a security framework in this study to improve the security of an unmanned aerial system (UAS). The proposed framework operates in the robot operating system (ROS) and is designed to focus on several perspectives, such as overhead arising from additional security elements and security issues essential for flight missions. The UAS is operated in a nonnative and native ROS environment. The performance of the proposed framework in both environments is verified through experiments.

Download Full-text

Research on Electronic Cash Security Technology in Electronic Commerce

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.846-847.1628 ◽

2013 ◽

Vol 846-847 ◽

pp. 1628-1631

Author(s):

Song Jie Gong ◽

Lin Di Jin

Keyword(s):

Electronic Commerce ◽

Rapid Development ◽

Group Signature ◽

Electronic Payment ◽

Electronic Cash ◽

Security Technology ◽

Security Issues ◽

Information Safety ◽

Security Problem ◽

Precautionary Measures

With the rapid development of electronic commerce, payment is becoming the focus problem of electronic commerce. Electronic cash has become the ideal method of electronic payment for it is able to realize fair, secure, effect electronic transacts. Along with electronic commerce development, electronic cash payment systems are also gradually developing. However, most electronic cashes are facing the security issues. Moreover, the amount of money each electronic cash card contains is fixed at issuance and is available only within a specified system. The key technology is digital signature technology, including blind signature, group signature, and ring signature. The paper researches the security problems of electronic cash in information safety and e-commerce, and discusses the electronic payment and the security problem, which is regarded as the foundation of electronic commerce. The main factors are given that causes security problems of electronic payment, and suggests corresponding precautionary measures.

Download Full-text

Provably Secure Authentication Approach for Data Security in Cloud Using Hashing, Encryption, and Chebyshev-Based Authentication

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2022010106 ◽

2022 ◽

Vol 16 (1) ◽

pp. 0-0

Keyword(s):

Data Security ◽

Security Analysis ◽

Data Communication ◽

Computation Time ◽

Computational Time ◽

Security Issues ◽

Authentication Mechanism ◽

Cloud Server ◽

Secure Authentication ◽

Provably Secure

Secure and efficient authentication mechanism becomes a major concern in cloud computing due to the data sharing among cloud server and user through internet. This paper proposed an efficient Hashing, Encryption and Chebyshev HEC-based authentication in order to provide security among data communication. With the formal and the informal security analysis, it has been demonstrated that the proposed HEC-based authentication approach provides data security more efficiently in cloud. The proposed approach amplifies the security issues and ensures the privacy and data security to the cloud user. Moreover, the proposed HEC-based authentication approach makes the system more robust and secured and has been verified with multiple scenarios. However, the proposed authentication approach requires less computational time and memory than the existing authentication techniques. The performance revealed by the proposed HEC-based authentication approach is measured in terms of computation time and memory as 26ms, and 1878bytes for 100Kb data size, respectively.

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Cloud Security: Inter-Host Docker Container Communication using Vault Dynamic Secrets

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b1035.1292s19 ◽

2019 ◽

Vol 9 (2S) ◽

pp. 395-401

Keyword(s):

Best Practices ◽

Cloud Security ◽

Simulation Environment ◽

Monitoring Tool ◽

Security Vulnerabilities ◽

Security Issues ◽

Industry Standard ◽

Flooding Attacks ◽

Arp Spoofing

In this paper we attempt to address Inter-Host Docker container communications security issues by incorporating a latest approach provided by Vault Hashicorp dynamic secret mechanism for managing SSH keys and server credentials. A simulation environment is prepared for Inter-Host container communication consisting of one host running locally and the peer host running as an AWS EC2 instance in cloud. Industry standard monitoring tool Grafana is used in the simulation environment to highlight the security impacts for any organization. We also draw special attention to some of the security vulnerabilities in docker container like ARP spoofing, Integrity of the docker host and containers and MAC flooding attacks. We try to list some best practices to be followed when using docker containers in any production deployments.

Download Full-text

Remote Data Possession Checking Scheme with Supporting Efficient Group User Authority Management for Shared Cloud Data

10.21203/rs.3.rs-884701/v1 ◽

2021 ◽

Author(s):

Yilin Yuan ◽

Jianbiao Zhang ◽

Wanshan Xu ◽

Xiao Wang ◽

Yanhui Liu

Keyword(s):

Security Analysis ◽

Public Auditing ◽

Cloud Data ◽

The Public ◽

Shared Data ◽

Identity Based ◽

And Performance ◽

Data Auditing ◽

Data Checking ◽

Remote Data

Abstract Under the shared big data environment, most of the existing data auditing schemes rarely consider the authorization management of group users. Meanwhile, how to deal with the shared data integrity is a problem that needs to be pondered. Thus, in this paper, we propose a novel remote data checking possession scheme which achieves group authority management while completing the public auditing. To perform authority management work, we introduce a trusted entity – group manager. We formalize a new algebraic structure operator named authorization invisible authenticator (AIA). Meanwhile, we provide two versions of AIA scheme: basic AIA scheme and standard AIA scheme. The standard AIA scheme is constructed based on the basic AIA scheme and user information table (UIT), with advanced security and wider applicable scenarios. By virtue of standard AIA scheme, the group manager can perfectly and easily carry out authority management, including enrolling, revoking, updating. On the basis of the above, we further design a public auditing scheme for non-revoked users’ shared data. The scheme is based on identity-based encryption (IBE), which greatly reduce the necessary certificate management cost. Furthermore, the detailed security analysis and performance evaluation demonstrate that the scheme is safe and feasible.

Download Full-text

Security Issues in Mobile Ad Hoc Networks

Security, Privacy, Trust, and Resource Management in Mobile and Wireless Communications - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-4691-9.ch009 ◽

2014 ◽

pp. 176-221 ◽

Cited By ~ 2

Author(s):

Sunil Kumar ◽

Kamlesh Dutta

Keyword(s):

Ad Hoc Networks ◽

Mobile Ad Hoc Networks ◽

Ad Hoc Network ◽

Ad Hoc ◽

Mobile Ad Hoc Network ◽

Mobile Nodes ◽

Security Vulnerabilities ◽

Security Issues ◽

Mobile Ad Hoc ◽

Hoc Networks

A Mobile Ad hoc NETwork (MANET) is a self-organizing, infrastructure-less network of mobile nodes connecting by wireless links. In operation, the nodes of MANETs do not have a central control mechanism. It is known for its properties of routable network, where each node acts as a router to forward packets to other specific nodes in the network. The unique properties of MANET have made it useful for large number of applications and led to a number of security challenges. Security in the mobile ad hoc network is a very critical job and requires the consideration of different security issues on all the layers of communication. The countermeasures are the functions that reduce or eliminate security vulnerabilities and attacks. This chapter provides a comprehensive study of all prominent attacks in Mobile Ad Hoc Networks described in the literature. It also provides various proactive and reactive approaches proposed to secure the MANETs. Moreover, it also points to areas of research that need to be investigated in the future.

Download Full-text

Analysis of Vulnerabilities in IoT and Its Solutions

Managing Resources for Futuristic Wireless Networks - Advances in Wireless Technologies and Telecommunication ◽

10.4018/978-1-5225-9493-2.ch007 ◽

2021 ◽

pp. 157-177

Author(s):

Puspanjali Mallik

Keyword(s):

Security And Privacy ◽

Heterogeneous Structure ◽

Privacy Concern ◽

Security Vulnerabilities ◽

Smart Vehicles ◽

Security Issues ◽

Smart Healthcare ◽

Wide Range ◽

Main Motive ◽

Iot Devices

The internet of things (IoT) fulfils abundant demands of present society by facilitating the services of cutting-edge technology in terms of smart home, smart healthcare, smart city, smart vehicles, and many more, which enables present day objects in our environment to have network communication and the capability to exchange data. These wide range of applications are collected, computed, and provided by thousands of IoT elements placed in open spaces. The highly interconnected heterogeneous structure faces new types of challenges from a security and privacy concern. Previously, security platforms were not so capable of handling these complex platforms due to different communication stacks and protocols. It seems to be of the utmost importance to keep concern about security issues relating to several attacks and vulnerabilities. The main motive of this chapter is to analyze the broad overview of security vulnerabilities and its counteractions. Generally, it discusses the major security techniques and protocols adopted by the IoT and analyzes the attacks against IoT devices.

Download Full-text

Economics of Cyber Security and the Way Forward

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch008 ◽

2018 ◽

pp. 132-150

Author(s):

Taiseera Al Balushi ◽

Saqib Ali ◽

Osama Rehman

Keyword(s):

Communication Technology ◽

Cyber Security ◽

Cyber Attacks ◽

Remote Access ◽

Security Threats ◽

The Public ◽

Security Issues ◽

Information And Communication ◽

Financial Losses ◽

Government Perspective

Initiatives carried by companies, institutes and governments to flourish and embellish the Information and Communication Technology (ICT) among the public have led to its penetration into every walk of life. ICT enhances the efficiency of various systems, such as the organisation and transfer of data. However, with the digital and remote access features of ICT comes the motivation towards financial, political and military gains by rivals. Security threats and vulnerabilities in existing ICT systems have resulted in cyber-attacks that are usually followed by substantial financial losses. This study discusses the security in ICT from a business, economic and government perspective. The study makes an attempt to understand the seriousness of the security issues and highlights the consequences of security breech from an economic perspective. Based on the performed analysis, the factors behind these attacks are provided along with recommendations for better preparations against them.

Download Full-text