Visible to the public Biblio

Found 168 results

Filters: Keyword is message authentication  [Clear All Filters]
2021-06-01
Chandrasekaran, Selvamani, Ramachandran, K.I., Adarsh, S., Puranik, Ashish Kumar.  2020.  Avoidance of Replay attack in CAN protocol using Authenticated Encryption. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—6.
Controller Area Network is the prominent communication protocol in automotive systems. Its salient features of arbitration, message filtering, error detection, data consistency and fault confinement provide robust and reliable architecture. Despite of this, it lacks security features and is vulnerable to many attacks. One of the common attacks over the CAN communication is the replay attack. It can happen even after the implementation of encryption or authentication. This paper proposes a methodology of supressing the replay attacks by implementing authenticated encryption embedded with timestamp and pre-shared initialisation vector as a primary key. The major advantage of this system is its flexibility and configurability nature where in each layer can be chosen with the help of cryptographic algorithms to up to the entire size of the keys.
2021-04-08
Sarma, M. S., Srinivas, Y., Abhiram, M., Ullala, L., Prasanthi, M. S., Rao, J. R..  2017.  Insider Threat Detection with Face Recognition and KNN User Classification. 2017 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM). :39—44.
Information Security in cloud storage is a key trepidation with regards to Degree of Trust and Cloud Penetration. Cloud user community needs to ascertain performance and security via QoS. Numerous models have been proposed [2] [3] [6][7] to deal with security concerns. Detection and prevention of insider threats are concerns that also need to be tackled. Since the attacker is aware of sensitive information, threats due to cloud insider is a grave concern. In this paper, we have proposed an authentication mechanism, which performs authentication based on verifying facial features of the cloud user, in addition to username and password, thereby acting as two factor authentication. New QoS has been proposed which is capable of monitoring and detection of insider threats using Machine Learning Techniques. KNN Classification Algorithm has been used to classify users into legitimate, possibly legitimate, possibly not legitimate and not legitimate groups to verify image authenticity to conclude, whether there is any possible insider threat. A threat detection model has also been proposed for insider threats, which utilizes Facial recognition and Monitoring models. Security Method put forth in [6] [7] is honed to include threat detection QoS to earn higher degree of trust from cloud user community. As a recommendation, Threat detection module should be harnessed in private cloud deployments like Defense and Pharma applications. Experimentation has been conducted using open source Machine Learning libraries and results have been attached in this paper.
Wu, X., Yang, Z., Ling, C., Xia, X..  2016.  Artificial-Noise-Aided Message Authentication Codes With Information-Theoretic Security. IEEE Transactions on Information Forensics and Security. 11:1278–1290.
In the past, two main approaches for the purpose of authentication, including information-theoretic authentication codes and complexity-theoretic message authentication codes (MACs), were almost independently developed. In this paper, we consider to construct new MACs, which are both computationally secure and information-theoretically secure. Essentially, we propose a new cryptographic primitive, namely, artificial-noise-aided MACs (ANA-MACs), where artificial noise is used to interfere with the complexity-theoretic MACs and quantization is further employed to facilitate packet-based transmission. With a channel coding formulation of key recovery in the MACs, the generation of standard authentication tags can be seen as an encoding process for the ensemble of codes, where the shared key between Alice and Bob is considered as the input and the message is used to specify a code from the ensemble of codes. Then, we show that artificial noise in ANA-MACs can be well employed to resist the key recovery attack even if the opponent has an unlimited computing power. Finally, a pragmatic approach for the analysis of ANA-MACs is provided, and we show how to balance the three performance metrics, including the completeness error, the false acceptance probability, and the conditional equivocation about the key. The analysis can be well applied to a class of ANA-MACs, where MACs with Rijndael cipher are employed.
Walia, K. S., Shenoy, S., Cheng, Y..  2020.  An Empirical Analysis on the Usability and Security of Passwords. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :1–8.
Security and usability are two essential aspects of a system, but they usually move in opposite directions. Sometimes, to achieve security, usability has to be compromised, and vice versa. Password-based authentication systems require both security and usability. However, to increase password security, absurd rules are introduced, which often drive users to compromise the usability of their passwords. Users tend to forget complex passwords and use techniques such as writing them down, reusing them, and storing them in vulnerable ways. Enhancing the strength while maintaining the usability of a password has become one of the biggest challenges for users and security experts. In this paper, we define the pronounceability of a password as a means to measure how easy it is to memorize - an aspect we associate with usability. We examine a dataset of more than 7 million passwords to determine whether the usergenerated passwords are secure. Moreover, we convert the usergenerated passwords into phonemes and measure the pronounceability of the phoneme-based representations. We then establish a relationship between the two and suggest how password creation strategies can be adapted to better align with both security and usability.
2021-03-29
Li, K., Ren, A., Ding, Y., Shi, Y., Wang, X..  2020.  Research on Decentralized Identity and Access Management Model Based on the OIDC Protocol. 2020 International Conference on E-Commerce and Internet Technology (ECIT). :252—255.

In the increasingly diverse information age, various kinds of personal information security problems continue to break out. According to the idea of combination of identity authentication and encryption services, this paper proposes a personal identity access management model based on the OIDC protocol. The model will integrate the existing personal security information and build a set of decentralized identity authentication and access management application cluster. The advantage of this model is to issue a set of authentication rules, so that all users can complete the authentication of identity access of all application systems in the same environment at a lower cost, and can well compatible and expand more categories of identity information. Therefore, this method not only reduces the number of user accounts, but also provides a unified and reliable authentication service for each application system.

Khan, S., Jadhav, A., Bharadwaj, I., Rooj, M., Shiravale, S..  2020.  Blockchain and the Identity based Encryption Scheme for High Data Security. 2020 Fourth International Conference on Computing Methodologies and Communication (ICCMC). :1005—1008.

Using the blockchain technology to store the privatedocuments of individuals will help make data more reliable and secure, preventing the loss of data and unauthorized access. The Consensus algorithm along with the hash algorithms maintains the integrity of data simultaneously providing authentication and authorization. The paper incorporates the block chain and the Identity Based Encryption management concept. The Identity based Management system allows the encryption of the user's data as well as their identity and thus preventing them from Identity theft and fraud. These two technologies combined will result in a more secure way of storing the data and protecting the privacy of the user.

Shaout, A., Schmidt, N..  2020.  Keystroke Identifier Using Fuzzy Logic to Increase Password Security. 2020 21st International Arab Conference on Information Technology (ACIT). :1—8.

Cybersecurity is a major issue today. It is predicted that cybercrime will cost the world \$6 trillion annually by 2021. It is important to make logins secure as well as to make advances in security in order to catch cybercriminals. This paper will design and create a device that will use Fuzzy logic to identify a person by the rhythm and frequency of their typing. The device will take data from a user from a normal password entry session. This data will be used to make a Fuzzy system that will be able to identify the user by their typing speed. An application of this project could be used to make a more secure log-in system for a user. The log-in system would not only check that the correct password was entered but also that the rhythm of how the password was typed matched the user. Another application of this system could be used to help catch cybercriminals. A cybercriminal may have a certain rhythm at which they type at and this could be used like a fingerprint to help officials locate cybercriminals.

Bogdan-Iulian, C., Vasilică-Gabriel, S., Alexandru, M. D., Nicolae, G., Andrei, V..  2020.  Improved Secure Internet of Things System using Web Services and Low Power Single-board Computers. 2020 International Conference on e-Health and Bioengineering (EHB). :1—5.

Internet of Things (IoT) systems are becoming widely used, which makes them to be a high-value target for both hackers and crackers. From gaining access to sensitive information to using them as bots for complex attacks, the variety of advantages after exploiting different security vulnerabilities makes the security of IoT devices to be one of the most challenging desideratum for cyber security experts. In this paper, we will propose a new IoT system, designed to ensure five data principles: confidentiality, integrity, availability, authentication and authorization. The innovative aspects are both the usage of a web-based communication and a custom dynamic data request structure.

Salim, M. N., Hutahaean, I. W., Susanti, B. H..  2020.  Fixed Point Attack on Lin et al.’s Modified Hash Function Scheme based on SMALLPRESENT-[8] Algorithm. 2020 International Conference on ICT for Smart Society (ICISS). CFP2013V-ART:1–7.
Lin et al.'s scheme is a hash function Message Authentication Codes (MAC) block cipher based scheme that's composed of the compression function. Fixed point messages have been found on SMALLPRESENT-[s] algorithm. The vulnerability of block cipher algorithm against fixed point attacks can affect the vulnerability of block cipher based hash function schemes. This paper applies fixed point attack against Lin et al.'s modified scheme based on SMALLPRESENT-[8] algorithm. Fixed point attack was done using fixed point message from SMALLPRESENT-[8] algorithm which used as Initial Value (IV) on the scheme branch. The attack result shows that eight fixed point messages are successfully discovered on the B1 branch. The fixed point messages discovery on B1 and B2 branches form 18 fixed point messages on Lin et al.'s modified scheme with different IVs and keys. The discovery of fixed point messages shows that Lin et al.'s modified scheme is vulnerable to fixed point attack.
2021-03-22
Kumar, A..  2020.  A Novel Privacy Preserving HMAC Algorithm Based on Homomorphic Encryption and Auditing for Cloud. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :198–202.
Cloud is the perfect way to hold our data every day. Yet the confidentiality of our data is a big concern in the handling of cloud data. Data integrity, authentication and confidentiality are basic security threats in the cloud. Cryptography techniques and Third Party Auditor (TPA) are very useful to impose the integrity and confidentiality of data. In this paper, a system is proposed Enhancing data protection that is housed in cloud computing. The suggested solution uses the RSA algorithm and the AES algorithm to encrypt user data. The hybridization of these two algorithms allows better data protection before it is stored in the cloud. Secure hash algorithm 512 is used to compute the Hash Message Authentication Code (HMAC). A stable audit program is also introduced for Third Party Auditor (TPA) use. The suggested algorithm is applied in python programming and tested in a simple sample format. It is checked that the proposed algorithm functions well to guarantee greater data protection.
2021-03-18
Khan, A., Chefranov, A. G..  2020.  A Captcha-Based Graphical Password With Strong Password Space and Usability Study. 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE). :1—6.

Security for authentication is required to give a superlative secure users' personal information. This paper presents a model of the Graphical password scheme under the impact of security and ease of use for user authentication. We integrate the concept of recognition with re-called and cued-recall based schemes to offer superior security compared to existing schemes. Click Symbols (CS) Alphabet combine into one entity: Alphanumeric (A) and Visual (V) symbols (CS-AV) is Captcha-based password scheme, we integrate it with recall-based n ×n grid points, where a user can draw the shape or pattern by the intersection of the grid points as a way to enter a graphical password. Next scheme, the combination of CS-AV with grid cells allows very large password space ( 2.4 ×104 bits of entropy) and provides reasonable usability results by determining an empirical study of memorable password space. Proposed schemes support most applicable platform for input devices and promising strong resistance to shoulder surfing attacks on a mobile device which can be occurred during unlocking (pattern) the smartphone.

2021-03-09
Sibahee, M. A. A., Lu, S., Abduljabbar, Z. A., Liu, E. X., Ran, Y., Al-ashoor, A. A. J., Hussain, M. A., Hussien, Z. A..  2020.  Promising Bio-Authentication Scheme to Protect Documents for E2E S2S in IoT-Cloud. 2020 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC). :1—6.

Document integrity and origin for E2E S2S in IoTcloud have recently received considerable attention because of their importance in the real-world fields. Maintaining integrity could protect decisions made based on these message/image documents. Authentication and integrity solutions have been conducted to recognise or protect any modification in the exchange of documents between E2E S2S (smart-to-smart). However, none of the proposed schemes appear to be sufficiently designed as a secure scheme to prevent known attacks or applicable to smart devices. We propose a robust scheme that aims to protect the integrity of documents for each users session by integrating HMAC-SHA-256, handwritten feature extraction using a local binary pattern, one-time random pixel sequence based on RC4 to randomly hide authentication codes using LSB. The proposed scheme can provide users with one-time bio-key, robust message anonymity and a disappearing authentication code that does not draw the attention of eavesdroppers. Thus, the scheme improves the data integrity for a users messages/image documents, phase key agreement, bio-key management and a one-time message/image document code for each users session. The concept of stego-anonymity is also introduced to provide additional security to cover a hashed value. Finally, security analysis and experimental results demonstrate and prove the invulnerability and efficiency of the proposed scheme.

Ramesh, K., Kumar, B. A., Renjith, P. N..  2020.  Treats based Revisiting Defences Against Password Guessing Attacks and Phishing Data Over Different Online Records. 2020 International Conference on Inventive Computation Technologies (ICICT). :824—827.

Password Guessing Attacks, for instance, Brute Force and word reference ambushes on online records are directly wide spread. Guarding the ambushes and giving the accommodating login the genuine customers together is a problematic endeavour. The present structures are lacking to give both the security and solace together. Phishing is a digital assault that targets credulous online clients fooling into uncovering delicate data, for example, username, secret key, standardized savings number or charge card number and so forth. Assailants fool the Internet clients by concealing site page as a dependable or real page to recover individual data. Password Guessing Attacks Resistance Protocol (PGARP) limits the full-scale number of logins attempts from darken remote hosts to as low as a single undertaking for each username, genuine customers all around (e.g., when tries are created utilizing known, occasionally used machines) can make a couple failed login tries before being tried with an ATT. A specific most distant point will be made to oblige the number of failed attempts with the ATT in order to keep the attacks. After the failed login attempt with ATT limit accomplished, an admonition will be sent to the customer concerning the failed login tries have accomplished the best measurement. This admonition will caution the customer and the customer will be urged to change the mystery expression and security question.

Toutara, F., Spathoulas, G..  2020.  A distributed biometric authentication scheme based on blockchain. 2020 IEEE International Conference on Blockchain (Blockchain). :470–475.

Biometric authentication is the preferred authentication scheme in modern computing systems. While it offers enhanced usability, it also requires cautious handling of sensitive users' biometric templates. In this paper, a distributed scheme that eliminates the requirement for a central node that holds users' biometric templates is presented. This is replaced by an Ethereum/IPFS combination to which the templates of the users are stored in a homomorphically encrypted form. The scheme enables the biometric authentication of the users by any third party service, while the actual biometric templates of the user never leave his device in non encrypted form. Secure authentication of users in enabled, while sensitive biometric data are not exposed to anyone. Experiments show that the scheme can be applied as an authentication mechanism with minimal time overhead.

2021-02-23
Mendiboure, L., Chalouf, M. A., Krief, F..  2020.  A Scalable Blockchain-based Approach for Authentication and Access Control in Software Defined Vehicular Networks. 2020 29th International Conference on Computer Communications and Networks (ICCCN). :1—11.
Software Defined Vehicular Networking (SDVN) could be the future of the vehicular networks, enabling interoperability between heterogeneous networks and mobility management. Thus, the deployment of large SDVN is considered. However, SDVN is facing major security issues, in particular, authentication and access control issues. Indeed, an unauthorized SDN controller could modify the behavior of switches (packet redirection, packet drops) and an unauthorized switch could disrupt the operation of the network (reconnaissance attack, malicious feedback). Due to the SDVN features (decentralization, mobility) and the SDVN requirements (flexibility, scalability), the Blockchain technology appears to be an efficient way to solve these authentication and access control issues. Therefore, many Blockchain-based approaches have already been proposed. However, two key challenges have not been addressed: authentication and access control for SDN controllers and high scalability for the underlying Blockchain network. That is why in this paper we propose an innovative and scalable architecture, based on a set of interconnected Blockchain sub-networks. Moreover, an efficient access control mechanism and a cross-sub-networks authentication/revocation mechanism are proposed for all SDVN devices (vehicles, roadside equipment, SDN controllers). To demonstrate the benefits of our approach, its performances are compared with existing solutions in terms of throughput, latency, CPU usage and read/write access to the Blockchain ledger. In addition, we determine an optimal number of Blockchain sub-networks according to different parameters such as the number of certificates to store and the number of requests to process.
Kamal, A., Dahshan, H., Elbayoumy, A. D..  2020.  A New Homomorphic Message Authentication Code Scheme for Network Coding. 2020 3rd International Conference on Information and Computer Technologies (ICICT). :520—524.
Network coding (NC) can significantly increase network performance and make lossy networks more reliable. Since the middle nodes modify the packets during their path to destination, integrity of the original packets cannot be checked using classical methods (MACs, Signatures, etc). Though, pollution attacks are the most common threat to network coded systems, where an infected node can inject the data flow of a network with a number of false packets and ban the receiver from properly decoding the packets. A lot of work in the security of NC in resisting pollution attacks has been investigated in recent years, majority have the same security parameter 1/q. A Homomorphic MAC scheme is presented earlier to resist pollution attacks with a security level 1/qˆl, In this paper, we will show that the mentioned scheme is subject to known-plaintext attacks. This is due to that part of the key can be revealed in an initial process. Also, the whole key could be revealed if the key is used more than once. Then, a modification to the mentioned scheme is proposed to overcome this issue. Besides, the MAC length is adjustable according to the required security level and not variable according to the vector's length which will accordingly increase the performance and efficiency of the scheme.
2021-02-16
Zhang, Z., Li, N., Xia, S., Tao, X..  2020.  Fast Cross Layer Authentication Scheme for Dynamic Wireless Network. 2020 IEEE Wireless Communications and Networking Conference (WCNC). :1—6.
Current physical layer authentication (PLA) mechanisms are mostly designed for static communications, and the accuracy degrades significantly when used in dynamic scenarios, where the network environments and wireless channels change frequently. To improve the authentication performance, it is necessary to update the hypothesis test models and parameters in time, which however brings high computational complexity and authentication delay. In this paper, we propose a lightweight cross-layer authentication scheme for dynamic communication scenarios. We use multiple characteristics based PLA to guarantee the reliability and accuracy of authentication, and propose an upper layer assisted method to ensure the performance stability. Specifically, upper layer authentication (ULA) helps to update the PLA models and parameters. By properly choosing the period of triggering ULA, a balance between complexity and performance can be easily obtained. Simulation results show that our scheme can achieve pretty good authentication performance with reduced complexity.
2021-02-08
Jain, S., Sharma, S., Chandavarkar, B. R..  2020.  Mitigating Man-in-the-Middle Attack in Digital Signature. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–5.
We all are living in the digital era, where the maximum of the information is available online. The digital world has made the transfer of information easy and provides the basic needs of security like authentication, integrity, nonrepudiation, etc. But, with the improvement in security, cyber-attacks have also increased. Security researchers have provided many techniques to prevent these cyber-attacks; one is a Digital Signature (DS). The digital signature uses cryptographic key pairs (public and private) to provide the message's integrity and verify the sender's identity. The private key used in the digital signature is confidential; if attackers find it by using various techniques, then this can result in an attack. This paper presents a brief introduction about the digital signature and how it is vulnerable to a man-in-the-middle attack. Further, it discusses a technique to prevent this attack in the digital signature.
Pramanik, S., Bandyopadhyay, S. K., Ghosh, R..  2020.  Signature Image Hiding in Color Image using Steganography and Cryptography based on Digital Signature Concepts. 2020 2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA). :665–669.
Data Transmission in network security is one of the most vital issues in today's communication world. The outcome of the suggested method is outlined over here. Enhanced security can be achieved by this method. The vigorous growth in the field of information communication has made information transmission much easier. But this type of advancement has opened up many possibilities of information being snooped. So, day-by-day maintaining of information security is becoming an inseparable part of computing and communication. In this paper, the authors have explored techniques that blend cryptography & steganography together. In steganography, information is kept hidden behind a cover image. In this paper, approaches for information hiding using both cryptography & steganography is proposed keeping in mind two considerations - size of the encrypted object and degree of security. Here, signature image information is kept hidden into cover image using private key of sender & receiver, which extracts the information from stego image using a public key. This approach can be used for message authentication, message integrity & non-repudiation purpose.
2021-01-28
Sammoud, A., Chalouf, M. A., Hamdi, O., Montavont, N., Bouallegue, A..  2020.  A secure three-factor authentication and biometrics-based key agreement scheme for TMIS with user anonymity. 2020 International Wireless Communications and Mobile Computing (IWCMC). :1916—1921.

E- Health systems, specifically, Telecare Medical Information Systems (TMIS), are deployed in order to provide patients with specific diseases with healthcare services that are usually based on remote monitoring. Therefore, making an efficient, convenient and secure connection between users and medical servers over insecure channels within medical services is a rather major issue. In this context, because of the biometrics' characteristics, many biometrics-based three factor user authentication schemes have been proposed in the literature to secure user/server communication within medical services. In this paper, we make a brief study of the most interesting proposals. Then, we propose a new three-factor authentication and key agreement scheme for TMIS. Our scheme tends not only to fix the security drawbacks of some studied related work, but also, offers additional significant features while minimizing resource consumption. In addition, we perform a formal verification using the widely accepted formal security verification tool AVISPA to demonstrate that our proposed scheme is secure. Also, our comparative performance analysis reveals that our proposed scheme provides a lower resource consumption compared to other related work's proposals.

Javed, M. U., Jamal, A., Javaid, N., Haider, N., Imran, M..  2020.  Conditional Anonymity enabled Blockchain-based Ad Dissemination in Vehicular Ad-hoc Network. 2020 International Wireless Communications and Mobile Computing (IWCMC). :2149—2153.

Advertisement sharing in vehicular network through vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication is a fascinating in-vehicle service for advertisers and the users due to multiple reasons. It enable advertisers to promote their product or services in the region of their interest. Also the users get to receive more relevant ads. Usually, users tend to contribute in dissemination of ads if their privacy is preserved and if some incentive is provided. Recent researches have focused on enabling both of the parameters for the users by developing fair incentive mechanism which preserves privacy by using Zero-Knowledge Proof of Knowledge (ZKPoK) (Ming et al., 2019). However, the anonymity provided by ZKPoK can introduce internal attacker scenarios in the network due to which authenticated users can disseminate fake ads in the network without payment. As the existing scheme uses certificate-less cryptography, due to which malicious users cannot be removed from the network. In order to resolve these challenges, we employed conditional anonymity and introduced Monitoring Authority (MA) in the system. In our proposed scheme, the pseudonyms are assigned to the vehicles while their real identities are stored in Certification Authority (CA) in encrypted form. The pseudonyms are updated after a pre-defined time threshold to prevent behavioural privacy leakage. We performed security and performance analysis to show the efficiency of our proposed system.

Beemer, A., Graves, E., Kliewer, J., Kosut, O., Yu, P..  2020.  Authentication with Mildly Myopic Adversaries. 2020 IEEE International Symposium on Information Theory (ISIT). :984—989.

In unsecured communications settings, ascertaining the trustworthiness of received information, called authentication, is paramount. We consider keyless authentication over an arbitrarily-varying channel, where channel states are chosen by a malicious adversary with access to noisy versions of transmitted sequences. We have shown previously that a channel condition termed U-overwritability is a sufficient condition for zero authentication capacity over such a channel, and also that with a deterministic encoder, a sufficiently clear-eyed adversary is essentially omniscient. In this paper, we show that even if the authentication capacity with a deterministic encoder and an essentially omniscient adversary is zero, allowing a stochastic encoder can result in a positive authentication capacity. Furthermore, the authentication capacity with a stochastic encoder can be equal to the no-adversary capacity of the underlying channel in this case. We illustrate this for a binary channel model, which provides insight into the more general case.

2021-01-18
Sebbah, A., Kadri, B..  2020.  A Privacy and Authentication Scheme for IoT Environments Using ECC and Fuzzy Extractor. 2020 International Conference on Intelligent Systems and Computer Vision (ISCV). :1–5.
The internet of things (IoT) is consisting of many complementary elements which have their own specificities and capacities. These elements are gaining new application and use cases in our lives. Nevertheless, they open a negative horizon of security and privacy issues which must be treated delicately before the deployment of any IoT. Recently, different works emerged dealing with the same branch of issues, like the work of Yuwen Chen et al. that is called LightPriAuth. LightPriAuth has several drawbacks and weakness against various popular attacks such as Insider attack and stolen smart card. Our objective in this paper is to propose a novel solution which is “authentication scheme with three factor using ECC and fuzzy extractor” to ensure security and privacy. The obtained results had proven the superiority of our scheme's performances compared to that of LightPriAuth which, additionally, had defeated the weaknesses left by LightPriAuth.
2020-12-21
Karthiga, K., Balamurugan, G., Subashri, T..  2020.  Computational Analysis of Security Algorithm on 6LowPSec. 2020 International Conference on Communication and Signal Processing (ICCSP). :1437–1442.
In order to the development of IoT, IETF developed a standard named 6LoWPAN for increase the usage of IPv6 to the tiny and smart objects with low power. Generally, the 6LoWPAN radio link needs end to end (e2e) security for its IPv6 communication process. 6LoWPAN requires light weight variant of security solutions in IPSec. A new security approach of 6LoWPAN at adaptation layer to provide e2e security with light weight IPSec. The existing security protocol IPsec is not suitable for its 6LoWPAN IoT environment because it has heavy restrictions on memory, power, duty cycle, additional overhead transmission. The IPSec had packet overhead problem due to share the secret key between two communicating peers by IKE (Internet Key Exchange) protocol. Hence the existing security protocol IPSec solutions are not suitable for lightweight-based security need in 6LoWPAN IoT. This paper describes 6LowPSec protocol with AES-CCM (Cipher block chaining Message authentication code with Counter mode) cryptographic algorithm with key size of 128 bits with minimum power consumption and duty cycle.
2020-12-11
Huang, Y., Wang, Y..  2019.  Multi-format speech perception hashing based on time-frequency parameter fusion of energy zero ratio and frequency band variance. 2019 3rd International Conference on Electronic Information Technology and Computer Engineering (EITCE). :243—251.

In order to solve the problems of the existing speech content authentication algorithm, such as single format, ununiversal algorithm, low security, low accuracy of tamper detection and location in small-scale, a multi-format speech perception hashing based on time-frequency parameter fusion of energy zero ratio and frequency band bariance is proposed. Firstly, the algorithm preprocesses the processed speech signal and calculates the short-time logarithmic energy, zero-crossing rate and frequency band variance of each speech fragment. Then calculate the energy to zero ratio of each frame, perform time- frequency parameter fusion on time-frequency features by mean filtering, and the time-frequency parameters are constructed by difference hashing method. Finally, the hash sequence is scrambled with equal length by logistic chaotic map, so as to improve the security of the hash sequence in the transmission process. Experiments show that the proposed algorithm is robustness, discrimination and key dependent.