IET Information Security
Volume 12, Issue 5, September 2018
Volumes & issues:
Volume 12, Issue 5
September 2018
-
- Author(s): Jiqiang Lu ; Wun-She Yap ; Yongzhuang Wei
- Source: IET Information Security, Volume 12, Issue 5, p. 389 –397
- DOI: 10.1049/iet-ifs.2017.0173
- Type: Article
- + Show details - Hide details
-
p.
389
–397
(9)
The MISTY1 block cipher has a 64-bit block size, a 128-bit master key, and a total of 8 rounds. It is an ISO international standard, a Japanese CRYPTREC-recommended e-government cipher, and a European NESSIE selected cipher. In this study, the authors show another cryptographic weakness of the full MISTY1 cipher: they describe four classes of weak keys of the full MISTY1 cipher for a related-key amplified boomerang attack that has a data complexity of chosen plaintexts and a time complexity of encryptions under each class of weak keys. The result shows that the MISTY1 cipher can be distinguishable from an ideal cipher in terms of related-key amplified boomerang cryptanalysis, and users should be very careful when using MISTY1 for a full security in relevant application situations.
- Author(s): Tzuo-Yau Fan and Her-Chang Chao
- Source: IET Information Security, Volume 12, Issue 5, p. 398 –403
- DOI: 10.1049/iet-ifs.2017.0546
- Type: Article
- + Show details - Hide details
-
p.
398
–403
(6)
This study proposes a user-friendly XOR-based visual secret sharing scheme using random grids. In some visual secret sharing schemes, problems such as pixel expansion or noisy and meaningless shares may be encountered. In the proposed scheme, different regions in the shared image will have different brightness levels depending on the cover image's pixel values so that the generated shares contain information regarding the cover image and are not just a meaningless noisy image. This can overcome the difficulty in recovering the secret image in cases wherein the shares were mixed up by mistake. Furthermore, the dimension of the share is the same as the secret image and there are no pixel expansion problems. The size of the recovered secret image is consistent with the size of the original secret image, and there are no changes in scaling. Lastly, although one of the generated share is a complementary cover image, the image quality of the recovered secret image is still favourable when the secret image is recovered. The experimental and analysis results demonstrate that the proposed scheme is more effective than other schemes.
- Author(s): Guillermo Suárez-Tangil ; Santanu Kumar Dash ; Pedro García-Teodoro ; José Camacho ; Lorenzo Cavallaro
- Source: IET Information Security, Volume 12, Issue 5, p. 404 –413
- DOI: 10.1049/iet-ifs.2017.0460
- Type: Article
- + Show details - Hide details
-
p.
404
–413
(10)
Smartphone platforms are becoming increasingly complex, which gives way to software vulnerabilities difficult to identify and that might allow malware developers to gain unauthorised privileges through technical exploitation. However, the authors maintain that these types of attacks indirectly renders a number of unexpected behaviours in the system that can be profiled. In this work, the authors present CoME, an anomaly-based methodology aiming at detecting software exploitation in Android systems. CoME models the normal behaviour of a given software component or service and it is capable of identifying any unanticipated behaviour. To this end, they first monitor the normal operation of a given exploitable component through lightweight virtual introspection. Then, they use a multivariate analysis approach to estimate the normality model and detect anomalies. They evaluate their system against one of the most critical vulnerable and widely exploited services in Android, i.e. the mediaserver. Results show that the proposed approach can not only provide a meaningful explanatory of discriminant features for illegitimate activities, but can also be used to accurately detect malicious software exploitations at runtime.
- Author(s): Zhixiong Chen
- Source: IET Information Security, Volume 12, Issue 5, p. 414 –418
- DOI: 10.1049/iet-ifs.2017.0307
- Type: Article
- + Show details - Hide details
-
p.
414
–418
(5)
Let p be an odd prime and be a positive integer. The authors continue to investigate the binary sequence over defined from polynomial quotients by modulo p. The is generated in terms of which equals to the Legendre symbol of for u ≥ 0. In an earlier work, the linear complexity of was determined for (i.e. the case of Fermat quotients) under the assumption of . In this work, they develop a naive trick to calculate all possible values on the linear complexity of for all under the same assumption. They also state that the case of larger can be reduced to that of . So far, the linear complexity is almost determined for all kinds of Legendre-polynomial quotients.
- Author(s): Dong Yang ; Wen-Feng Qi ; Hua-Jin Chen
- Source: IET Information Security, Volume 12, Issue 5, p. 419 –424
- DOI: 10.1049/iet-ifs.2017.0196
- Type: Article
- + Show details - Hide details
-
p.
419
–424
(6)
Truncated differential attack (TDA) proposed by Knudsen in Fast Software Encryption 1995 (FSE'95) has been widely used in the analysis of block ciphers. In this study, the authors specifically study the security of SP block ciphers against TDA. In FSE'15, Li et al. introduced a meet-in-the-middle technique to construct truncated differential for Feistel ciphers. They first apply Li's technique to SP block ciphers and get some further results. Second, they introduce the concept of generalised truncated difference to control the diffusion of active S-boxes in the truncated differential. On the basis of these, two 5-round truncated differential distinguishers for mCrypton and CRYPTON V1.0 have been constructed. Using these two 5-round distinguishers, they present the first 8-round DA on mCrypton-64 and improve the former best TDA on CRYPTON V1.0 by one round.
- Author(s): Dan Wang ; Bing Guo ; Yan Shen
- Source: IET Information Security, Volume 12, Issue 5, p. 425 –430
- DOI: 10.1049/iet-ifs.2017.0341
- Type: Article
- + Show details - Hide details
-
p.
425
–430
(6)
Several privacy protection technologies have been designed for protecting individuals’ privacy information in data publishing. It is often easy to make additional information loss of a dataset without measuring the strength of privacy protection it required. To apply appropriate strength of privacy preservation, the authors put forward privacy score, a new metric for making a comprehensive evaluation of the privacy information contained in the pre-published dataset. Using this measure, publishers can apply the privacy techniques to the pre-published dataset in accordance with the privacy level it belongs to. The privacy score is determined by the amount as well as the quality of privacy information in which the pre-published dataset is contained. Furthermore, the authors present a data sensitivity model based on analytic hierarchy process for assigning a sensitivity score to each possible value of a sensitive attribute. The reasonability and effectiveness of the proposed approach are verified by using the Adult dataset.
- Author(s): Tao Chen ; Michael Farcasin ; Eric Chan-Tin
- Source: IET Information Security, Volume 12, Issue 5, p. 431 –437
- DOI: 10.1049/iet-ifs.2017.0606
- Type: Article
- + Show details - Hide details
-
p.
431
–437
(7)
Many people now own smartphones and store all their documents such as pictures and financial statements on their phone. To protect this sensitive information, people generally use a passcode to prevent unauthorised access to their phone. Shoulder-surfing attacks are well known. However, contrary to common belief, they are not easy to carry out. Shoulder-surfing attacks to predict the passcode by humans are shown to not be accurate. The authors thus propose an automated algorithm to accurately predict the passcode entered by a victim on her smartphone by recording the video. Their proposed algorithm is able to predict over 92% of numbers entered in fewer than 75 s with training performed once.
- Author(s): Penglin Yang ; Limin Tao ; Haitao Wang
- Source: IET Information Security, Volume 12, Issue 5, p. 438 –444
- DOI: 10.1049/iet-ifs.2017.0459
- Type: Article
- + Show details - Hide details
-
p.
438
–444
(7)
In programme dynamic analysis, control flow integrity (CFI) is an efficient way to investigate programme's behaviour. By detecting these CF instructions, researchers can obtain programme's runtime information and execution status accurately. This feature makes CFI a sharp and sensitive approach to detect programme abnormal conditions and malicious attacks such as stack overflow and return-oriented programming. Meanwhile, with the development of dynamic trusted computing technique, a Trusted Platform Module (TPM) chip can provide cryptographic service both in a system's booting period and runtime period. In this study, the authors combine CFI and dynamic trusted computing to present runtime trusted verifier (RTTV) as a dynamic CFI measurement tool based on TPM. Compared to traditional measurement methods, their work is more accurate and reliable, can totally enforce programme run as predefined CF. RTTV uses TPM as ‘root of trust’, which also provides computing resource such as hash algorithm to reduce performance overhead. With the characteristic of sensitivity, simplicity and efficiency, RTTV can especially meet the security requirement of remote embedded systems such as satellites and other valuable equipments.
- Author(s): Tongxiang Wang ; Tao Liang ; Jianhua Fan ; Xianglin Wei
- Source: IET Information Security, Volume 12, Issue 5, p. 445 –454
- DOI: 10.1049/iet-ifs.2017.0346
- Type: Article
- + Show details - Hide details
-
p.
445
–454
(10)
Multi-hop wireless network (MHWN) can be easily attacked by jammers for its shared nature and open access to the wireless medium. Jamming attack may pose a significant threat to MHWN by occupying wireless channel used by legitimate users. A number of anti-jamming countermeasures have been put forward to eliminate the impact of communication disruption caused by jamming attacks. As an important building block of anti-jamming strategies, jammer localisation attracts much attention in recent years and several algorithms have been presented. However, how to locate multiple co-existing jammers receives little attention, and the efficiency and accuracy of the existing methods are still unsatisfactory. In this study, the authors focus on the localisation of sequential opening multi-jammers and put forward the multi-jammers localisation algorithm based on time series analysis (MLTSA) algorithm. The main process of MLTSA consists of four steps: detection of jamming attack, collection of received jamming signal strength, anomaly detection and separation of nodes, the existence determination and localisation of jammers. Finally, a series of simulation experiments are conducted to evaluate the correctness and effectiveness of the proposed algorithm. Experimental results show that the localisation accuracies of MLTSA are better than those of several state-of-the-art solutions.
- Author(s): Emre Yüce and Ali Aydn Selçuk
- Source: IET Information Security, Volume 12, Issue 5, p. 455 –461
- DOI: 10.1049/iet-ifs.2016.0611
- Type: Article
- + Show details - Hide details
-
p.
455
–461
(7)
Secure socket layer/transport layer security (TLS) is the de facto protocol for providing secure communications over the Internet. It relies on the web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificate authorities without the consent of the domain owners. Several solutions have been proposed to solve this problem but no solution has yet received widespread adoption due to complexity and deployability issues. In this study, the authors propose an effective solution for this problem that allows a TLS server to detect a certificate substitution attack against its domain across the Internet. The proposed solution is practical and allows a smooth and gradual transition. They also give a triangulation algorithm enabling the server to find out the origin of the attack. They conducted simulation experiments using real-world BGP data and showed that their proposal can be effective for detecting and locating attacks using relatively few vantage points over the Internet.
Weak keys of the full MISTY1 block cipher for related-key amplified boomerang cryptanalysis
User-friendly XOR-based visual secret sharing by random grid
Anomaly-based exploratory analysis and detection of exploits in android mediaserver
Linear complexity of Legendre-polynomial quotients
Observations on the truncated differential of SP block ciphers and their applications to mCrypton and CRYPTON V1.0
Method for measuring the privacy level of pre-published dataset
Smartphone passcode prediction
RTTV: a dynamic CFI measurement tool based on TPM
Sequential opening multi-jammers localisation in multi-hop wireless network
Server notaries: a complementary approach to the web PKI trust model
Most viewed content
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article