Multi Level Key Exchange and Encryption Protocol for Internet of Things (IoT)

The burgeoning network communications for multiple applications such as commercial, IoT, consumer devices, space, military, and telecommunications are facing many security and privacy challenges. Over the past decade, the Internet of Things (IoT) has been a focus of study. Security and privacy are the most important problems for IoT applications and are still facing huge difficulties. To promote this high-security IoT domain and prevent security attacks from unauthorized users, keys are frequently exchanged through a public key exchange algorithm. This paper introduces a novel algorithm based on Elliptic Curve Cryptography(ECC) for multi-level Public Key Exchange and Encryption Mechanism. It also presents a random number generation technique for secret key generation and a new authentication methodology to enhance the security level. Finally, in terms of security, communication and computational overhead, the performance analysis of the proposed work is compared with the existing protocols.     

Hybrid and Adaptive Cryptographic-based secure authentication approach in IoT based applications using hybrid encryption

The Internet of Things (IoT) in communication networks has gained major interest in recent decades. Accordingly, secure authentication of such individuals results in a major challenge due to the weakness in the authentication process. Hence, an effective Hybrid and Adaptive Cryptographic (HAC)-based secure authentication framework is designed in this research to perform an authentication process in IoT. The proposed approach uses cryptographic operations, like exclusive-or (Ex-or) operation, a hashing function, and hybrid encryption to accomplish the authentication process. However, the hybrid encryption function is carried out in two different ways: one depends on Advanced Encryption Standard (AES) as well as Elliptic Curve Cryptography (ECC), while other is based on Rivest Shamir Adleman (RSA) and AES. With a hybrid encryption function, security flaws can be effectively dealt through the cryptographic system. Moreover, the proposed approach provides high robustness with low complexity. The proposed HAC-based secure authentication approach obtained a minimum communication cost of 0.017sec, less computation time of 0.060sec, and minimum memory usage of 2.502MB, respectively.     

椭圆曲线密码体制在VPN中的应用研究

先介绍了椭圆曲线密码体制,基于椭圆曲线密钥短、安全性高的特点,分析了椭圆曲线密码体制在VPN中的应用,提出了一种使用椭圆曲线数字签名(ECDSA),还利用椭圆曲线密钥建立协议(ECKEP)VPN安全通道的方案,并给出了相应的算法.     

基于智能卡的素数域椭圆曲线密码的快速实现

椭圆曲线密码相比其它公钥密码,有密钥短的特点,尤其适合在智能卡等资源受限的条件下使用。文章指出了在智能卡平台上选择素数域为基域实现椭圆曲线密码的原因。并详细分析了椭圆曲线密码实现过程中的各个环节,包括标量乘法运算、点加/倍点运算和基域运算,指出了各个环节的优化措施。最后给出了素数域椭圆曲线签名算法在智能卡上实现的实验数据,实验结果证明文中采用的实现方法是高效的。     

基于ECC数字签名的实现及优化

为满足无线传感器网络对信源端身份认证的需求,在TelosB硬件节点上实现椭圆曲线加密机制（ECC）数字签名算法,并对ECC的点乘运算模块进行优化。改进算法的运算复杂度和实际节点运行情况都优于已有的功能软件。实验结果表明,在硬件平台和加密强度相同的情况下,改进后的ECC算法可以有效提高数字签名的运算速度。     

改进的基于椭圆曲线加密的3G认证与密钥协商协议

针对第三代移动通信系统(3G)中采用的认证与密钥协商(AKA)协议存在安全漏洞和密钥管理困难等问题,采用基于椭圆曲线密码(ECC)和公钥体制协商会话密钥、对称加密算法加密消息的方法,提出了一种应用于3G业务中的改进协议.该协议不仅有效克服了AKA协议中存在的各种缺陷,避免了复杂的密钥管理难题,而且相比其他协议更简单容易,具有实际应用性.     

基于ECC的移动通信认证和密钥协商协议

提出一个基于椭圆曲线密码体制（ECC）的快速认证和密钥协商协议,用于移动通信中任意移动用户之间或者移动用户和网络之间进行安全会话的认证和密钥协商。协议把ECC引入Diffie—Hellman密钥交换过程,并在此过程中添加证书认证方案来完成相互认证和密钥协商。采用ECC使该协议在更小密钥量下提供了更大的安全性,所需带宽明显减少,而且还大大降低了用户端的计算负担和存储要求。     

ECCbAS: An ECC based authentication scheme for healthcare IoT systems

Smart technology is a concept for efficiently managing smart things such as vehicles, buildings, home appliances, healthcare systems and others, through the use of networks and the Internet. Smart architecture makes use of technologies such as the Internet of Things (IoT), fog computing, and cloud computing. The Smart Medical System (SMS), which is focused on communication networking and sensor devices, is one of the applications used in this architecture. In a smart medical system, a doctor uses cloud-based applications such as mobile devices, wireless body area networks, and other cloud-based apps to provide online therapy to patients. Consequently, with the advancement and growth of IoT and 6G wireless technology, privacy and security have emerged as two of the world’s most important issues. Recently, Sureshkumar et al. proposed an authentication scheme for medical wireless sensor networks (MWSN) by using an Elliptic Curve Cryptography (ECC) based lightweight authentication protocol and claimed that it provides better security for smart healthcare systems. This paper will demonstrate that this protocol is susceptible to attacks such as traceability, integrity contradiction, and de-synchronization with the complexity of one run of the protocol and a success probability of one. Furthermore, we also propose an ECC based authentication scheme called ECCbAS to address the Sureshkumar et al. protocol’s vulnerabilities and demonstrate its security using a variety of non-formal and formal methods.     

基于ECC算法的Wimax系统证书改进

X.509数字证书机制是WiMax网络和用户之间进行相互认证的基本手段。基于椭圆曲线加密（ECC）算法对采用RSA算法的X.509证书进行了改进,提出了初步的改进思路和实现方案,并对改进后的证书性能进行了分析。分析表明改进后的X.509证书的在维持其原本的运行机制的基础上,提高了攻击者伪造用户数字证书的难度,进一步提高了IEEE802.16e标准下的双向认证的安全性。     

基于ECC的指纹身份认证系统

椭圆曲线密码机制（ECC）是目前应用密码学的一个研究热点。介绍了ECC的基本算法,阐述了基于特征向量匹配的自动指纹识别过程。分析设计了三层架构的指纹身份认证系统,并采用基于椭圆曲线的Diffie-Hellman密钥交换协议生成用会话密钥,结合对称加密操作实现数据的安全传输,提高了系统的安全性和可靠性。     

基于多基表示的滑动窗口椭圆曲线多标量乘算法

标量乘运算从整体上决定了椭圆曲线密码体制的快速实现效率，在一些椭圆曲线公钥密码体制中需要计算多标量乘。多基数链的标量表示长度更短、非零比特数目更少，较好地适用于椭圆曲线标量乘的快速计算。为了提高椭圆曲线密码的效率，在已有的二进制域和素域的标量乘算法的基础上，结合滑动窗口技术、多基算法，提出新的更高效的多标量乘算法。实验结果表明，新算法与传统Shamir算法和交错NAF算法相比，其所需的运算量更少，能有效地提高椭圆曲线多标量乘算法的效率，使多标量乘的运算更高效。相比于其他算法，新算法的计算效率比已有的多标量乘算法提高了约7.9%~20.6%。     

GF（3^m）-ECC算法及其软件实现

研究GF（3^m）有限域算术、GF（3^m）上的椭圆曲线群算术和椭圆曲线密码协议。设计并实现椭圆曲线密码算法库,对各种GF（3^m）-ECC密码算法进行仿真和性能分析,结果表明GF（3^m）-ECC算法与GF（2^m）和GF（p）上的ECC算法效率相当,可以应用到基于ECC的各种安全协议设计中。     

ECC joins first time with SC-FDMA for Mission “security”

The recent advancements in the internet technology have created the urgency in developing critical data security framework around the globe. One of the most shared multimedia objects is the image which is safeguarded through a task called image encryption. An integrated approach to image encryption is the need of the hour which can combine algorithm and communication model. In this context, this work presents the first- of- its- kind approach addressing Elliptic Curve Cryptography (ECC) to encrypt and decrypt the images to enhance their security during transmission via Single Carrier Frequency Division Multiple Access (SC-FDMA) communication systems. The uniqueness of this work is to combine the encryption scheme and subsequent wireless transmission. Modified Huffman coding has been employed to achieve compression. The viability of the proposed approach was tested and the performance metrics namely Entropy, PSNR, Histogram, correlation coefficient, differential attack, NIST test, and occulation attack analyses were evaluated. The simulation results prove the efficiency of the proposed integrated encryption – compression – communication schema.

     

Java Card在智能卡开发中的应用

阐述了SUN公司推出的Java card在智能卡开发应用中的实现过程,阐明其构架以及主要的API。提出Java Card的安全性问题,推荐 使用椭圆曲线算法,并在Java Card API中补充设计加密解密部分。     

基于身份的椭圆曲线密码体制安全组播方案

提出一个应用椭圆曲线密码体制进行密钥协商而在基于身份的公钥密码系统内进行组通信的全新安全组播方案,分析子组成员的密钥协商和子组间的通信过程,以及组成员动态变化时密钥的更新过程。结果表明,该方案在降低计算和通信代价方面可取得较好的效果,且满足密钥协商的安全要求。     

基于簇内分组的ECC密钥管理方案

根据椭圆曲线密码（Elliptic Curve Cryptography,简称ECC）体制,论文提出了一种逻辑簇内分组结构的无线传感器网络（Wireless Sensor Networks,简称WSN）的ECC密钥管理方案。方案将簇内节点逻辑划分成多个组,每个组共享不同的通信密钥,簇头实时掌握簇内每个组的通信密钥,簇内节点通过所在组的共享密钥与簇头通信,确保了通信的安全性。理论分析和仿真实验表明,本方案在保障密钥安全的前提下,有效地减少了密钥协商过程中的通信能量消耗,非常适合资源有限的大规模无线传感器网络。     

一种基于椭圆曲线的WSN密钥管理方案

为在有限资源的无线传感器网络上进行安全的通信,根据路由算法思想和网络部署环境的特点,提出了一种基于椭圆曲线的节点存储邻居节点公钥动态变化的密钥管理方案。在方案中,每个节点使用公钥列表保存邻居节点的公钥,通过对公钥列表的查找决定通信密钥的协商过程,通过对公钥列表的大小进行分析,确定最佳列表长度。该方案基于椭圆曲线密钥体制,安全性得到了足够的保证,并且具有节点认证的功能,更符合无线传感器网络的要求。     

基于椭圆曲线盲签名的安全数字时间戳方案

时间戳能为电子文件或电子交易提供准确的时间证明。该文在时间戳相对认证和时间戳绝对认证2种机制的基础上,提出一种新型的基于椭圆曲线盲签名的安全数字时间戳方案,该方案能有效解决前向时间伪造,防止签名者和TSS合谋作假所引起的后向时间伪造。     

Logistic Regression Trust–A Trust Model for Internet-of-Things Using Regression Analysis

Internet of Things (IoT) is a popular social network in which devices are virtually connected for communicating and sharing information. This is applied greatly in business enterprises and government sectors for delivering the services to their customers, clients and citizens. But, the interaction is successful only based on the trust that each device has on another. Thus trust is very much essential for a social network. As Internet of Things have access over sensitive information, it urges to many threats that lead data management to risk. This issue is addressed by trust management that help to take decision about trustworthiness of requestor and provider before communication and sharing. Several trust-based systems are existing for different domain using Dynamic weight method, Fuzzy classification, Bayes inference and very few Regression analysis for IoT. The proposed algorithm is based on Logistic Regression, which provide strong statistical background to trust prediction. To make our stand strong on regression support to trust, we have compared the performance with equivalent sound Bayes analysis using Beta distribution. The performance is studied in simulated IoT setup with Quality of Service (QoS) and Social parameters for the nodes. The proposed model performs better in terms of various metrics. An IoT connects heterogeneous devices such as tags and sensor devices for sharing of information and avail different application services. The most salient features of IoT system is to design it with scalability, extendibility, compatibility and resiliency against attack. The existing works finds a way to integrate direct and indirect trust to converge quickly and estimate the bias due to attacks in addition to the above features.     

基于ECC的数字签名方案在单片机上的实现

本文详细分析了椭圆曲线密码体制上的算法,如大数模加、求逆、点加、点积等运算,并在单片机上实现了基于192-bit素域上的椭圆曲线密码体制的数字签名方案。