Online ISSN
1751-8717
Print ISSN
1751-8709
IET Information Security
Volume 6, Issue 3, September 2012
Volumes & issues:
Volume 6, Issue 3
September 2012
-
- Author(s): C.-L. Chen and J.-J. Liao
- Source: IET Information Security, Volume 6, Issue 3, p. 123 –130
- DOI: 10.1049/iet-ifs.2010.0228
- Type: Article
- + Show details - Hide details
-
p.
123
–130
(8)
More and more customers are purchasing digital content through the Internet because it is both popular and convenient. However, there are lots of pirated editions of digital products and they have become more available and easier to obtain. Hence, proving who the legal owner of digital content has become an important issue. In this study, the authors want to preserve customer ownership; they propose an intact arbitration mechanism to solve the fairness transaction between the customer and the shop. The arbiter can make correct judgements without the customer's and the shop's private keys in the arbitration phase. In order to achieve the above objectives, the security of this protocol is based on three cryptographic techniques: the subliminal channel, one-way hash function and RSA cryptosystem. Our scheme not only protects a customer's legal ownership of digital content, but also achieves fair transaction, customer anonymity, owner tracing of E-cash and payment security. - Author(s): R. Venkataraman ; M. Pushpalatha ; T. Rama Rao
- Source: IET Information Security, Volume 6, Issue 3, p. 131 –140
- DOI: 10.1049/iet-ifs.2011.0234
- Type: Article
- + Show details - Hide details
-
p.
131
–140
(10)
The focus of this study is to propose a generalised trust-model over routing protocols in mobile ad hoc networks (MANETs). It is observed that the presence of malicious nodes is a critical factor affecting the network performance in an ad hoc network. The novelty in the approach is that the notion of trust can be easily incorporated into any routing protocol in MANETs. The vector auto regression based trust model is introduced to identify malicious nodes that launch multiple attacks in the network. The proposed trust model is incorporated over ad hoc on-demand distance vector (AODV) routing protocol and optimised link state routing (OLSR) protocol in MANETs. The performance evaluations show that by carefully setting the trust parameters, substantial benefit in terms of throughput can be obtained with minimal overheads. The computed trust and confidence values are introduced into the path computation process of the ad hoc routing protocols. It was observed that the nodes in the network were able to learn the malicious activities of their neighbours and hence, alternate trustworthy paths are taken to avoid data loss in the network, with trade-offs in end-to-end packet delay and routing traffic. - Author(s): G. Epiphaniou ; C. Maple ; P. Sant ; G.A. Safdar
- Source: IET Information Security, Volume 6, Issue 3, p. 141 –148
- DOI: 10.1049/iet-ifs.2011.0213
- Type: Article
- + Show details - Hide details
-
p.
141
–148
(8)
Voice over IP (VoIP) is the technology used to transport real-time voice over a packet-switched network. This study analyses the effects of encrypted VoIP streams on perceived Quality of Experience (QoE) from a user's perspective. An in-depth analysis on how the transparent nature of encryption can influence the way users perceive the quality of a VoIP call have been investigated by using the E model. A series of experiments have been conducted using a representative sample of modern codecs currently employed for digitising voice, as well as three of the most commonly used iterative block ciphers for encryption (DES, 3DES, AES). It has been found that the Internet Protocol Security encryption of VoIP strongly relates to the payload sizes and choice of codecs and this relationship has different effects on the overall QoE as measured by the E model, in terms of the way that users perceive the quality of a VoIP call. The main result of this paper is that the default payload shipped with the codecs is not the optimal selection for an increased number of VoIP calls, when encryption is applied and a minimum level of QoE has to be maintained, per call. - Author(s): C. Sun ; C. Hu ; B. Liu
- Source: IET Information Security, Volume 6, Issue 3, p. 149 –156
- DOI: 10.1049/iet-ifs.2010.0158
- Type: Article
- + Show details - Hide details
-
p.
149
–156
(8)
SYN flood attacks still dominate distributed denial of service attacks. It is a great challenge to accurately detect the SYN flood attacks which utilise skillful spoofs to evade traditional detection methods. An intelligent attacker would evade the public detection methods by suitably spoofing the attack to appear benign. Keeping per-flow or per-connection state could eliminate such a spoofing, but meanwhile, it is very difficult to be implemented in practice. A more accurate and fast SYN flood detection method, named SACK2, is proposed to deal with all kinds of SYN flood attacks with limited implementation costs. SACK2 exploits the behaviour of the SYN/ACK-CliACK pair to identify the victim server and the TCP port being attacked, where a SYN/ACK packet is sent by a server when receiving a connection request and a CliACK packet is the ACK packet sent by the client to complete the three-way handshake. It also utilises the space efficient data structure, counting Bloom filter, to recognise the CliACK packet. The memory cost of SACK2 for a 10 Gbps link is 364 KB and can be easily accommodated in modern routers. SACK2 can report the start of the attack in less than one detection period, and the end of the attack less than two detection periods. It is also demonstrated that SACK2 is the most accurate detection method through comprehensive experiments. - Author(s): T.-P. Chuang ; C. Wun Chiou ; S.-S. Lin ; C.-Y. Lee
- Source: IET Information Security, Volume 6, Issue 3, p. 157 –170
- DOI: 10.1049/iet-ifs.2011.0190
- Type: Article
- + Show details - Hide details
-
p.
157
–170
(14)
Fault-tolerant design of a finite field multiplier is an efficient method for resisting fault-based cryptanalysis in Elliptic curve cryptosystems. A novel fault-tolerant bit-parallel Gaussian normal basis (GNB) multiplier with type-t over GF(2m), which can tolerate multiple module failures at one time, is presented. No hardware modification in the proposed GNB multiplier is required to achieve the fault-tolerant function. Hence, the proposed fault-tolerant GNB multiplier has low hardware cost. The reliability of the proposed fault-tolerant GNB multiplier with type-t increases as t increases. However, the behaviour of existing GNB multipliers with concurrent error correction (CEC) resembles triple modular redundancy (TRM) when t>3. In practice, most of suggested m's by NIST use GNB with type-t>3. The proposed fault-tolerant GNB multiplier is an N-modular redundancy (NMR) system with N=t. Thus, the proposed fault-tolerant GNB multiplier with type-t can tolerate at most t/2-1 failed modules simultaneously, while existing GNB multipliers with CEC only can tolerate one failed module. The proposed GNB multiplier requires less extra space and time complexities than similar multipliers. System reliability of the proposed fault-tolerant GNB multiplier is better than that of similar GNB multipliers. - Author(s): Q.I. Ali and S. lazim
- Source: IET Information Security, Volume 6, Issue 3, p. 171 –182
- DOI: 10.1049/iet-ifs.2010.0245
- Type: Article
- + Show details - Hide details
-
p.
171
–182
(12)
The exponential growth in wireless network faults, vulnerabilities and attacks makes the wireless local area network (WLAN) security management a challenging research area. In this study, a new embedded wireless intrusion detection system (WIDS) is designed and implemented in order to protect a multi-services wireless network. The proposed WIDS must be in small size in order to be integrated in different wireless devices, low cost in order to be placed in many places and has good performance to cover the data rate of the WLAN. All these attributes are achieved by network processor, and Ubicom network processor is used to implement the proposed WIDS. Different implementations of the proposed intrusion detection system are suggested and various searching algorithms are tested on an experimental platform. Finally, the WIDS approach is validated by experimenting with ten different types of attacks. The experimental results obtained from this work indicate that the proposed WIDS can worked efficiently at IEEE 802.11b WLAN network which provides different services to its clients with data rate ranges between 1.08 and 9.24 Mbps, and memory capacity of 250 rules. - Author(s): X.-B. Liu ; S.N. Koh ; X.-W. Wu ; C.-C. Chui
- Source: IET Information Security, Volume 6, Issue 3, p. 183 –189
- DOI: 10.1049/iet-ifs.2011.0215
- Type: Article
- + Show details - Hide details
-
p.
183
–189
(7)
It is well known that in order to build linear scramblers and stream ciphers that are robust against correlation-based reconstruction, primitive polynomials which do not have sparse multiples of moderate degrees must be used. In this paper, the existence and density of such ‘good primitive polynomials’ are studied. Two theoretical lower bounds on the degree d of the primitive polynomial are derived. When d is larger than the first lower bound, there exists at least one primitive polynomial of degree d which does not have any sparse multiple of moderate degree and when d is larger than the second lower bound, it is almost guaranteed that a randomly chosen primitive polynomial of degree d does not have any sparse multiples of moderate degree. To make the lower bound tight, the distribution of the minimum degrees of sparse multiples of primitive polynomials is investigated in this paper. From comparison, it can be seen that the lower bounds obtained in this paper are much better than the previous results reported in the literature. - Author(s): P. Babaheidarian ; S. Salimi ; M.R. Aref
- Source: IET Information Security, Volume 6, Issue 3, p. 190 –201
- DOI: 10.1049/iet-ifs.2011.0232
- Type: Article
- + Show details - Hide details
-
p.
190
–201
(12)
A source model including four terminals is considered, where three simultaneously generating three types of keys are intended. Terminals 1, 2 and 3 wish to share a common key, the secret key, which should be kept secret from terminal 4 and simultaneously terminals 1 and 2 intend to share a private key with terminal 3, which should be kept secret from each other. Also, all the keys should be concealed from terminal 4 (the external wiretapper). The authors assume that all terminals including the external wiretapper have access to distinct correlated i.i.d. sources; there is also a noiseless public channel with unlimited capacity among the terminals. The authors have investigated the model on two scenarios of key sharing depending on the direction of the public channel. Rate regions of the keys are derived. It is shown that in some special cases the inner and outer bounds of the capacity regions coincide and the capacity regions are derived. - Author(s): I.S. Kim and M.H. Kim
- Source: IET Information Security, Volume 6, Issue 3, p. 202 –211
- DOI: 10.1049/iet-ifs.2011.0154
- Type: Article
- + Show details - Hide details
-
p.
202
–211
(10)
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) that use signatures cannot protect servers from new types of internet worms. Therefore it is important to collect information about new attacks because the detection rules employed by IDSs and IPSs are formulated using this information. Honeypots are valuable security resources that act as baits for attackers. They can monitor intrusions by being probed, attacked or compromised and can detect zero-day attacks and provide researchers intending to improve security with information about the attacks. However, it is almost impossible to immediately generate detection rules from the information collected by honeypots. This study presents an agent-based honeynet framework for protecting servers in a campus network. In this framework, agents remove malicious processes and executable files on servers infected by zero-day attacks as soon as the honeynet detects them. The proposed framework provides a novel defense mechanism that protects servers from new types of internet worms effectively, without the use of signatures. - Author(s): Z. Li and G. Gong
- Source: IET Information Security, Volume 6, Issue 3, p. 212 –218
- DOI: 10.1049/iet-ifs.2011.0052
- Type: Article
- + Show details - Hide details
-
p.
212
–218
(7)
The HB-like entity authentication protocols for low-cost pervasive devices have attracted a great deal of attention because of their simplicity, computational efficiency and solid security foundation on a well-studied hard problem–learning parity with noise. By far, the most efficient protocol is HB#, which is provably resistant to the GRS attack under the conjecture that it is secure in the DET-model. However, in order to achieve 80-bit security, a typical HB# authentication key comprises over 1000 bits, which imposes considerable storage burdens on resource-constrained devices. In this study, the authors propose a new HB-like protocol: HB. The protocol makes use of a special type of circulant matrix, in contrast to the Toeplitz matrix in HB#, to significantly reduce storage consumption and overcome a subtle security proof inefficacy in HB#. In addition, the authors introduce a masking technique that substantially increases noise level from an adversary's standpoint, and thus improves protocol performance. The authors demonstrate that 613-bit authentication key suffices for 80-bit security in the HB protocol, which is quite competitive and more appealing for low-cost devices. - Author(s): T. Hyla ; I. El Fray ; W. Maćków ; J. Pejaś
- Source: IET Information Security, Volume 6, Issue 3, p. 219 –227
- DOI: 10.1049/iet-ifs.2011.0344
- Type: Article
- + Show details - Hide details
-
p.
219
–227
(9)
Increasing numbers of documents are currently being stored in electronic archives. These documents are often digitally signed to ensure non-repudiation. However, the term of validity of digital signatures is usually only 2 years, so the archive must extend their validity to the required storage period. The simplest solution to this problem is to use XAdES-A specification and process each signed document separately. Such an approach requires the creation of a timestamp for each signed document. This time stamping operation is very time consuming; therefore several improved techniques have been proposed, for example, evidence record syntax (ERS). The documents in an archive are often related to one entity. The ERS allows us to prove the existence of a document group in one round. This study presents a solution extending ERS and providing a functionality that enables proof of the existence of a document group over a long period (multiple rounds). - Author(s): J. Lu ; Y. Wei ; P.A. Fouque ; J. Kim
- Source: IET Information Security, Volume 6, Issue 3, p. 228 –238
- DOI: 10.1049/iet-ifs.2011.0342
- Type: Article
- + Show details - Hide details
-
p.
228
–238
(11)
The Camellia block cipher has a 128-bit block length, a user key 128, 192 or 256 bits long and a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, a European new European schemes for signatures, integrity and encryption (NESSIE) selected cipher and an ISO international standard. In this study, the authors describe a flaw in the approach used to choose plaintexts or ciphertexts in certain previously published square-like cryptanalytic results for Camellia and give two possible approaches to correct them. Finally, by taking advantage of the early abort technique and a few observations on the key schedule of Camellia, the authors present impossible differential attacks on 10-round Camellia with the FL/FL−1 functions under 128 key bits, 11-round Camellia with the FL/FL−1 functions under 192 key bits, 14-round Camellia without the FL/FL−1 functions under 192 key bits and 16-round Camellia without the FL/FL−1 functions under 256 key bits.
Fair offline digital content transaction system
Regression-based trust model for mobile ad hoc networks
Effects of iterative block ciphers on quality of experience for Internet Protocol Security enabled voice over IP calls
SACK2: effective SYN flood detection against skillful spoofs
Fault-tolerant Gaussian normal basis multiplier over GF(2m)
Design and implementation of an embedded intrusion detection system for wireless applications
Primitive polynomials for robust linear feedback shift registers-based scramblers and stream ciphers
Simultaneously generating multiple keys in a four-terminal network
Agent-based honeynet framework for protecting servers in campus networks
HB entity authentication for low-cost pervasive devices
Long-term preservation of digital signatures for multiple groups of related documents
Cryptanalysis of reduced versions of the Camellia block cipher
Most viewed content for this Journal
Article
content/journals/iet-ifs
Journal
5
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article