New Publications are available for IET Information Security
http://digital-library.theiet.org/content/journals/iet-ifs?TRACK=RSS
New Publications are available now online for this publication.
Please follow the links to view the publication.Volume 9, Issue 6
http://digital-library.theiet.org/content/journals/iet-ifs/9/6
2015-11-01T00:00:00ZVolume 9, Issue 5
http://digital-library.theiet.org/content/journals/iet-ifs/9/5
2015-09-01T00:00:00ZVolume 9, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/9/4
2015-07-01T00:00:00ZVolume 9, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/9/3
2015-05-01T00:00:00ZVolume 9, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/9/2
2015-03-01T00:00:00ZVolume 9, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/9/1
2015-01-01T00:00:00ZVolume 8, Issue 6
http://digital-library.theiet.org/content/journals/iet-ifs/8/6
2014-11-01T00:00:00ZVolume 8, Issue 5
http://digital-library.theiet.org/content/journals/iet-ifs/8/5
2014-09-01T00:00:00ZVolume 8, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/8/4
2014-07-01T00:00:00ZVolume 8, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/8/3
2014-05-01T00:00:00ZVolume 8, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/8/2
2014-03-01T00:00:00ZVolume 8, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/8/1
2014-01-01T00:00:00ZVolume 7, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/7/4
2013-12-01T00:00:00ZVolume 7, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/7/3
2013-09-01T00:00:00ZVolume 7, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/7/2
2013-06-01T00:00:00ZVolume 7, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/7/1
2013-03-01T00:00:00ZVolume 6, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/6/4
2012-12-01T00:00:00ZVolume 6, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/6/3
2012-09-01T00:00:00ZVolume 6, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/6/2
2012-06-01T00:00:00ZVolume 6, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/6/1
2012-03-01T00:00:00ZVolume 5, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/5/4
2011-12-01T00:00:00ZVolume 5, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/5/3
2011-09-01T00:00:00ZVolume 5, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/5/2
2011-06-01T00:00:00ZVolume 5, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/5/1
2011-03-01T00:00:00ZVolume 4, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/4/4
2010-12-01T00:00:00ZVolume 4, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/4/3
2010-09-01T00:00:00ZVolume 4, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/4/2
2010-06-01T00:00:00ZVolume 4, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/4/1
2010-03-01T00:00:00ZVolume 3, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/3/4
2009-12-01T00:00:00ZVolume 3, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/3/3
2009-09-01T00:00:00ZVolume 3, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/3/2
2009-06-01T00:00:00ZVolume 3, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/3/1
2009-03-01T00:00:00ZVolume 2, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/2/4
2008-12-01T00:00:00ZVolume 2, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/2/3
2008-09-01T00:00:00ZVolume 2, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/2/2
2008-06-01T00:00:00ZVolume 2, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/2/1
2008-03-01T00:00:00ZVolume 12, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/12/3
2018-05-01T00:00:00ZVolume 12, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/12/2
2018-03-01T00:00:00ZVolume 12, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/12/1
2018-01-01T00:00:00ZVolume 11, Issue 6
http://digital-library.theiet.org/content/journals/iet-ifs/11/6
2017-11-01T00:00:00ZVolume 11, Issue 5
http://digital-library.theiet.org/content/journals/iet-ifs/11/5
2017-09-01T00:00:00ZVolume 11, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/11/4
2017-07-01T00:00:00ZVolume 11, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/11/3
2017-05-01T00:00:00ZVolume 11, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/11/2
2017-03-01T00:00:00ZVolume 11, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/11/1
2017-01-01T00:00:00ZVolume 10, Issue 6
http://digital-library.theiet.org/content/journals/iet-ifs/10/6
2016-11-01T00:00:00ZVolume 10, Issue 5
http://digital-library.theiet.org/content/journals/iet-ifs/10/5
2016-09-01T00:00:00ZVolume 10, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/10/4
2016-07-01T00:00:00ZVolume 10, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/10/3
2016-05-01T00:00:00ZVolume 10, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/10/2
2016-03-01T00:00:00ZVolume 10, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/10/1
2016-01-01T00:00:00ZVolume 1, Issue 4
http://digital-library.theiet.org/content/journals/iet-ifs/1/4
2007-12-01T00:00:00ZVolume 1, Issue 3
http://digital-library.theiet.org/content/journals/iet-ifs/1/3
2007-09-01T00:00:00ZVolume 1, Issue 2
http://digital-library.theiet.org/content/journals/iet-ifs/1/2
2007-06-01T00:00:00ZVolume 1, Issue 1
http://digital-library.theiet.org/content/journals/iet-ifs/1/1
2007-03-01T00:00:00ZWeak keys of the full MISTY1 block cipher for related-key amplified boomerang cryptanalysis
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0173
2018-01-04T00:00:00ZVulnerability Modeling of Crypto-chips Against Scan-Based Attacks.
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0440
2018-04-04T00:00:00ZUser-friendly XOR-based visual secret sharing by random grid
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0546
2018-02-21T00:00:00ZTrade-off between self-healing and energy consumption in mobile unattended WSNs
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0369
<p>This study investigates the performance analysis of mobile unattended wireless sensor networks (UWSNs) during the self-healing process under informed movement inside a cluster of healed and sick sensors. Introducing mobility within a cluster can increase the chance that a sick sensor has healthy neighbours and this will aid the sick sensor to be healed faster and better. However, sensor mobility is considered as one of the most energy consuming factors in UWSNs. This study proposes a new self-healing scheme based on a single flow controlled mobility within a cluster to make a trade-off between self-healing and energy consumption in mobile UWSNs. The obtained results show that using the proposed scheme, UWSNs can exploit controlled sensor mobility to enhance network capability in terms of self-healing and reduce the communication-related energy consumption. In addition, the proposed scheme with single flow controlled mobility does not disturb the number of neighbours per sensor and the network coverage.</p>2018-04-04T00:00:00ZTowards Incorporating Honeywords In n-Session Recording Attack Resilient Unaided Authentication Services
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0538
2018-06-06T00:00:00ZThermal maps based Hardware Trojan detection using spatial projection transformation
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0354
2018-04-04T00:00:00ZSmartphone Passcode Prediction
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0606
2018-04-27T00:00:00ZServer Notaries: A Complementary Approach to the Web PKI Trust Model
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2016.0611
2018-02-20T00:00:00ZSequential Opening Multi-Jammers Localization in Multi-Hop Wireless Network
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0346
2018-04-27T00:00:00ZSandwich construction for keyed sponges: independence between capacity and construction queries
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0027
<p>In this study, the authors study the pseudo-random function (PRF) security of keyed sponges. ‘Capacity’ is a parameter of a keyed sponge that usually defines a dominant term in the PRF-security bound. The previous works have improved the capacity term in the PRF-security bound of the ‘prefix’ keyed sponge, where a secret key is prepended to an input message, and then the resultant value is inputted into the sponge function. A tight bound for the capacity term was given by Naito and Yasuda (FSE 2016): <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mo>(</mml:mo> <mml:mi>q</mml:mi> <mml:mi>Q</mml:mi> <mml:mo>+</mml:mo> <mml:msup> <mml:mi>q</mml:mi> <mml:mn>2</mml:mn> </mml:msup> <mml:mo>)</mml:mo> <mml:mrow> <mml:mo>/</mml:mo> </mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mi>c</mml:mi> </mml:msup> </mml:math> </script> for the capacity <i>c</i>, the number of construction queries <i>q</i> and the number of primitive queries <i>Q</i>. Thus, the following question naturally arises: <i>Can they construct a keyed sponge with beyond the</i> <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mo>(</mml:mo> <mml:msup> <mml:mi>q</mml:mi> <mml:mn>2</mml:mn> </mml:msup> <mml:mo>+</mml:mo> <mml:mi>q</mml:mi> <mml:mi>Q</mml:mi> <mml:mo>)</mml:mo> <mml:mrow> <mml:mo>/</mml:mo> </mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mi>c</mml:mi> </mml:msup> </mml:math> </script> <i>-bound security?</i> In this study, they consider the ‘sandwich’ keyed sponge, where a secret key is both prepended and appended to an input message, and then the resultant value is inputted into the sponge function. They prove that the capacity term becomes <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mi>r</mml:mi> <mml:mi>Q</mml:mi> <mml:mrow> <mml:mo>/</mml:mo> </mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mi>c</mml:mi> </mml:msup> </mml:math> </script> for the rate <i>r</i>, which is usually <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mi>r</mml:mi> <mml:mo>≪</mml:mo> <mml:mi>q</mml:mi> </mml:math> </script> and <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mi>r</mml:mi> <mml:mo>≪</mml:mo> <mml:mi>Q</mml:mi> </mml:math> </script>. That is, the dependence between the capacity and construction queries can be removed by the sandwich construction.</p>2017-08-04T00:00:00ZRun-time Trusted Verifier: A dynamic CFI measurement tool based on TPM
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0459
2018-04-27T00:00:00ZProtect white-box AES to resist table composition attacks
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0046
<p>White-box cryptography protects cryptographic software in a white-box attack context (WBAC), where the dynamic execution of the cryptographic software is under full control of an adversary. Protecting AES in the white-box setting attracted many scientists and engineers, and several solutions emerged. However, almost all these solutions have been badly broken by various efficient white-box attacks, which target compositions of key-embedding lookup tables. In 2014, Luo, Lai, and You proposed a new WBAC-oriented AES implementation, and claimed that their implementation is secure against both Billet <i>et al.</i>'s attack and De Mulder <i>et al.</i>'s attack. In this study, based on the existing table-composition-targeting cryptanalysis techniques, the authors show that the secret key of the Luo–Lai–You (LLY) implementation can be recovered with a time complexity of about 2<sup>44</sup>. Furthermore, the authors propose a new white-box AES implementation based on table lookups, which is shown to be resistant against the existing table-composition-targeting white-box attacks. The authors, key-embedding tables are obfuscated with large affine mappings, which cannot be cancelled out by table compositions of the existing cryptanalysis techniques. Although their implementation requires twice as much memory as the LLY WBAES to store the tables, its speed is about 63 times of the latter.</p>2018-02-05T00:00:00ZPreprocessing Optimization: Revisiting Recursive-BKZ Lattice Reduction Algorithm
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0400
2018-06-06T00:00:00ZPower of public-key function-private functional encryption
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2016.0459
<p>In the public-key setting, known constructions of <i>function-private</i> functional encryption (FPFE) were limited to very restricted classes of functionalities like inner-product. Moreover, its power has not been well investigated. The authors construct FPFE for general functions and explore its powerful applications, both for general and specific functionalities. One key observation entailed by their results is that attribute-based encryption with function privacy implies FE, a notable fact that sheds light on the importance of the function privacy property for FE.</p>2017-12-13T00:00:00ZPhysical feasibility of QKD based on probabilistic quantum circuits
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0375
<p>The authors present a comparison between the basic BB84 Quantum Key Distribution (QKD) and its optimised version based on Quantum Dense Coding, in terms of theoretical modelling and feasibility of circuits implementations. These circuits are mainly composed of probabilistic quantum gates, single photon sources, beam splitters (BSs), polarising BS and single photon detectors. They assume that the photonic devices composing the circuits are not perfect. They assess the average success probabilities of the two protocols depending on the success probability of the photonic sources used and the distance between Alice and Bob. They demonstrate that typical real-world photonic devices permit the implementation of secure communication with 0.65 of success probability over 120 km, while it could reach more than 0.9 over 148 km if just deterministic sources are provided.</p>2018-05-03T00:00:00ZPersonalised anonymity for microdata release
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2016.0613
<p>Individual privacy protection in the released data sets has become an important issue in recent years. The release of microdata provides a significant information resource for researchers, whereas the release of person-specific data poses a threat to individual privacy. Unfortunately, microdata could be linked with publicly available information to exactly re-identify individuals’ identities. In order to relieve privacy concerns, data has to be protected with a privacy protection mechanism before its disclosure. The <i>k</i>-anonymity model is an important method in privacy protection to reduce the risk of re-identification in microdata release. This model necessitates the indistinguishably of each tuple from at least <i>k</i> − 1 other tuples in the released data. While <i>k</i>-anonymity preserves the truthfulness of the released data, the privacy level of anonymisation is same for each individual. However, different individuals have different privacy needs in the real world. Thereby, personalisation plays an important role in supporting the notion of individual privacy protection. This study proposes a personalised anonymity model that provides distinct privacy levels for each individual by offering them to control their anonymity on the released data. To satisfy the personal anonymity requirements with low information loss, the authors introduce a clustering based algorithm.</p>2018-02-27T00:00:00ZParallel multiple pattern matching schemes based on cuckoo filter for deep packet inspection on graphics processing units
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0421
<p>A large amount of data now being transferred through networks has made deep packet inspection (DPI) an essential part of security activities. Several DPI systems are developed based on Bloom filters to defend against malicious worm attacks through the Internet. These approaches have achieved significant performance. However, they do not permit deletion of items from the set of target patterns. This study proposes two multiple pattern matching schemes for DPI to exploit high parallelism capacity of graphics processing units (GPUs). Firstly, a GPU-based Cuckoo filter scheme is proposed by adopting a new approximate set membership, called Cuckoo filter, for parallel multiple pattern matching. The Cuckoo filter has many advantages over the Bloom filter such as higher insert performance, higher lookup throughput, less memory consumption, less false positive rate, and delete operation support. Secondly, an implementation of the GPU-based Cuckoo filter, called GPUshared-based Cuckoo filter is proposed. This scheme can efficiently distribute input string and pre-processing data in the hierarchical memory of GPUs to optimise the performance of the GPU-based Cuckoo filter scheme. Experiments show that the proposed schemes offer better performance than the previous approaches based on the Bloom filter.</p>2018-02-05T00:00:00ZObservations on the Truncated Differential of SP Block Ciphers and Their Applications to mCrypton and CRYPTON V1.0
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0196
2018-04-04T00:00:00ZOPEXA: Analyzer Assistant for Detecting Over-Privileged Extensions
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0652
2018-06-06T00:00:00ZNew Algorithms for the Unbalanced Generalized Birthday Problem
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0495
2018-05-03T00:00:00ZMulti-objective auto-regressive whale optimisation for traffic-aware routing in urban VANET
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2018.0002
<p>Vehicular <i>ad-hoc</i> network (VANET) is a growing networking concept that has been used increasingly in various applications including traffic alert broadcasting. The main purpose of VANET is to provide safety to the drivers by alerting them to the dangers that may happen. This study presents a traffic-aware routing protocol in VANET by the introduction of multi-objective auto-regressive whale optimisation (ARWO) algorithm. ARWO algorithm selects the best path from the multiple paths by considering the multiple objectives, such as end-to-end delay (EED), link life time, packet delay and distance, in the fitness function. Here, the traffic density and the expected average speed of the vehicle are predicted by the exponential weighted moving average approach. The performance of ARWO protocol is compared with four existing techniques, like stable CDS-based routing protocol, fractional glow worm swarm optimisation, glow worm swarm optimisation, and Whale Optimization Algorithm (WOA), using the metrics, EED, distance, traffic density, and throughput. The simulation results show that the proposed ARWO algorithm achieves EED of 2.941, a distance of 2.15, traffic density of 0.009 and throughput of 0.1, respectively, at maximum constraints, i.e. at a maximum number of vehicles and simulation time and thus proves its efficiency against the comparative protocols.</p>2018-01-17T00:00:00ZLinear complexity of Legendre-polynomial quotients
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0307
2018-04-04T00:00:00ZLeast lion optimisation algorithm (LLOA) based secret key generation for privacy preserving association rule hiding
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0634
<p>Privacy preserving data mining (PPDM) is a well-known research area, which can analyse the database ensuring privacy such that it does not expose the confidential details. This study proposes a technique of secret key generation for privacy preserving using the least lion optimisation algorithm (LLOA). The proposed algorithm involves two stages: rule mining and secret key generation for the sanitisation. Initially, whale optimisation algorithm mines the association rules for the input database and validates the rules with the newly formulated fitness function. An algorithm, LLOA is developed by modifying the lion optimisation algorithm (LOA) with the inclusion of least mean square (LMS) which generates a secret key to provide privacy in mining. With the secret key, LLOA converts the original database into the sanitised database. Then, the algorithm optimally selects a secret key such that the sanitised database hides sensitive information by the utilisation of two factors, namely, privacy factor and utility factor, in its objective function. From the results, it can be shown that the LLOA technique attains the privacy of 84.36, 83.74, and 82.46%; and utility of 81.37, 83.96, and 81.37%, for chess, T10I4D100K, and retail datasets.</p>2018-02-20T00:00:00ZImproved zero-correlation and impossible differential cryptanalysis of reduced-round SIMECK block cipher
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2016.0590
<p>SIMECK is a family of three lightweight block ciphers designed by Yang <i>et al.</i>, following the framework used by Beaulieu <i>et al.</i> from the United States National Security Agency to design SIMON and SPECK. In this study, the authors employ an improved miss-in-the-middle approach to find zero correlation linear distinguishers and impossible differentials on SIMECK48 and SIMECK64. Based on this novel technique, they will be able to present zero-correlation linear approximations for 15-round SIMECK48 and 17-round SIMECK64 and these zero-correlation linear approximations improve the previous best result by two rounds for SIMECK48 and SIMECK64. Moreover, they attack 27-round SIMECK48 and 31-round SIMECK64 based on these zero-correlation linear distinguishers. In addition, due to the duality of zero-correlation and impossible differential, they search for the impossible differential characteristics for SIMECK48 and SIMECK64 so that they will be able to present 15-round SIMECK48 and 17-round SIMECK64 while the best previously known results were 13-round impossible differentials for SIMECK48 and 15-round impossible differentials for SIMECK64. Moreover, they propose impossible differential attacks on 22-round SIMECK48 and 24-round SIMECK64 based on these impossible differential characteristics. The results significantly improve the previous zero correlation attack and impossible differential characteristic results for these variants of SIMECK to the best of the authors’ knowledge.</p>2018-02-05T00:00:00ZImproved Integral Attacks without Full Codebook
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0388
2018-05-03T00:00:00ZHPCgnature: A Hardware-based Application-level Intrusion Detection System
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0629
2018-06-06T00:00:00ZGuess-and-Determine Attacks on PANAMA-like Stream Ciphers
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0553
2018-04-26T00:00:00ZGeneralisation of Hadamard matrix to generate involutory MDS matrices for lightweight cryptography
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0156
<p>In this study, the authors generalise Hadamard matrix over <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:msub> <mml:mrow> <mml:mrow> <mml:mi>F</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mi>m</mml:mi> </mml:msup> </mml:mrow> </mml:msub> </mml:math> </script> and propose a new form of Hadamard matrix, which they call generalised Hadamard (GHadamard) matrix. Then, they focus on generating lightweight (involutory) maximum distance separable (MDS) matrices. They also extend this idea to any <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mi>k</mml:mi> <mml:mo>×</mml:mo> <mml:mi>k</mml:mi> </mml:math> </script> matrix form, where <i>k</i> is not necessarily a power of 2. The new matrix form, GHadamard matrix, is used to generate new <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mn>4</mml:mn> <mml:mo>×</mml:mo> <mml:mn>4</mml:mn> </mml:math> </script> involutory MDS matrices over <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:msub> <mml:mrow> <mml:mrow> <mml:mi>F</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mn>4</mml:mn> </mml:msup> </mml:mrow> </mml:msub> </mml:math> </script> and <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:msub> <mml:mrow> <mml:mrow> <mml:mi>F</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mn>8</mml:mn> </mml:msup> </mml:mrow> </mml:msub> </mml:math> </script>, and <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mn>8</mml:mn> <mml:mo>×</mml:mo> <mml:mn>8</mml:mn> </mml:math> </script> involutory/non-involutory MDS matrices over <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:msub> <mml:mrow> <mml:mrow> <mml:mi>F</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mn>4</mml:mn> </mml:msup> </mml:mrow> </mml:msub> </mml:math> </script> by considering the minimum exclusive OR (XOR) count, which is a metric defined to estimate the hardware implementation cost. In this context, they improve the best-known results of XOR counts for <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mn>8</mml:mn> <mml:mo>×</mml:mo> <mml:mn>8</mml:mn> </mml:math> </script> involutory/non-involutory MDS matrices over <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:msub> <mml:mrow> <mml:mrow> <mml:mi>F</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:msup> <mml:mn>2</mml:mn> <mml:mn>4</mml:mn> </mml:msup> </mml:mrow> </mml:msub> </mml:math> </script>.</p>2018-01-04T00:00:00ZFramework for practical and receipt-free remote voting
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0213
<p>Remote voting allows the voters to cast their votes remotely at their convenience, and it is desirable in many circumstances. In the literature, a number of verifiable remote voting schemes have been introduced recently. However, some of these schemes are only suitable for the low coercion environment. Since without the receipt-freeness guarantee, voters can be coerced or bribed to vote the candidate favoured by adversaries. Some other schemes provide a very high level of security assurance, e.g. coercion resistance, but these schemes are normally very complex, and ordinary voters are required to perform complicated crypto calculations. In this study, the authors introduce a generic framework for practical and receipt-free remote voting. In their proposed scheme, voters do not need to have special knowledge or use any trusted device to cast their votes, and meanwhile, they cannot prove to the others how they have voted.</p>2018-02-05T00:00:00ZFHE over the integers and modular arithmetic circuits
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0024
<p>Fully homomorphic encryption (FHE) over the integers, as proposed by van Dijk <i>et al.</i> in 2010 and developed in a number of papers afterwards, originally supported the evaluation of Boolean circuits (i.e. mod-2 arithmetic circuits) only. It is easily generalised to the somewhat homomorphic versions of the corresponding schemes to support arithmetic operations modulo <i>Q</i> for any <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mi>Q</mml:mi> <mml:mo>></mml:mo> <mml:mn>2</mml:mn> </mml:math> </script>, but bootstrapping those generalised variants into fully homomorphic schemes is not easy. Thus, Nuida and Kurosawa settled an interesting open problem in 2015 by showing that one could in fact construct FHE over the integers with message space <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mrow> <mml:mrow> <mml:mi>Z</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:mo>/</mml:mo> </mml:mrow> <mml:mi>Q</mml:mi> <mml:mrow> <mml:mrow> <mml:mi>Z</mml:mi> </mml:mrow> </mml:mrow> </mml:math> </script> for any constant prime <i>Q</i>. As a result of their work, the authors can homomorphically evaluate a mod-<i>Q</i> arithmetic circuit with an FHE scheme over the integers in two different ways: one could either use their scheme with message space <script type="math/mml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML"> <mml:mrow> <mml:mrow> <mml:mi>Z</mml:mi> </mml:mrow> </mml:mrow> <mml:mrow> <mml:mo>/</mml:mo> </mml:mrow> <mml:mi>Q</mml:mi> <mml:mrow> <mml:mrow> <mml:mi>Z</mml:mi> </mml:mrow> </mml:mrow> </mml:math> </script> directly, or one could first convert the arithmetic circuit to a Boolean one, and then evaluate that converted circuit using an FHE scheme with binary message space. In this study, they compare both approaches and show that the latter is often preferable to the former.</p>2017-08-07T00:00:00ZDeterministic lattice reduction on knapsacks with collision-free properties
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0107
<p>The knapsack problem is an important problem in computer science and had been used to design public key cryptosystems. Low-density subset sum algorithms are powerful tools to reduce the security of trapdoor knapsacks to the shortest vector problem (SVP) over lattices. Several knapsack ciphers Chor–Rivest, Okamoto–Tanaka–Uchiyama, and Kate–Goldberg were proposed to defend low-density attacks by utilising low-weight knapsack problems. Some evidence was also found on the vulnerabilities of the above three knapsack ciphers to lattice attacks. However, previous lattice-based cryptanalytic results have been established via a probabilistic approach. The authors investigate some collision-free properties and derive from the properties a deterministic reduction from the knapsack problems in the Chor–Rivest, Okamoto–Tanaka–Uchiyama, and Kate–Goldberg knapsack ciphers to SVP without imposing any restriction and assumption. To the best of the authors' knowledge, the proposed reduction is the first deterministic reduction from public key cryptographic knapsacks to SVP.</p>2017-12-08T00:00:00ZDetection of Double Compression in HEVC Videos Based on TU Size and Quantized DCT Coefficients
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0555
2018-06-06T00:00:00ZDetection and Differentiation of Application Layer DDoS Attack from Flash Events using Fuzzy-GA Computation
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0500
2018-04-27T00:00:00ZDetecting shilling profiles in collaborative recommender systems via multidimensional profile temporal features
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0012
2018-04-04T00:00:00ZCryptoSAT: a tool for SAT-based cryptanalysis
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0176
2018-04-04T00:00:00ZCostly Freeware: A Systematic Analysis of Abuse in Download Portals
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0585
2018-06-06T00:00:00ZAnomaly-based Exploratory Analysis and Detection of Exploits in Android Mediaserver
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0460
2018-04-04T00:00:00ZAnalysing HSTS and HPKP implementation in both browsers and servers
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0030
<p>HTTP Strict Transport Security (HSTS) and HTTP Public Key Pinning (HPKP) are two protocols aimed to enforce HTTPS connections and allow certificate pinning over HTTP. The combination of these recent protocols improves and strengthens HTTPS security in general, adding an additional layer of trust and verification. In addition, they help ensure that the connection is always ciphered and correctly authenticated. However, during the process of adoption and implementation of any protocol that is not yet completely settled, the possibility of introducing new weaknesses, opportunities or attack scenarios arises. Even when these protocols are implemented, bad practices prevent them from actually providing the additional security they are expected to provide. In this study, the authors review not just the quantity but the quality (according to several criteria) of the implementation in both servers and most popular browsers and report on some possible attack scenarios that the authors have discovered.</p>2017-10-12T00:00:00ZAn Equivalent Key Attack Against a Public-key Cryptosystem Based on Subset Sum Problem
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2018.0041
2018-04-27T00:00:00ZAn Efficient Batch Identity-Based Fully Homomorphic Encryption Scheme in the Standard Model
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0567
2018-04-04T00:00:00ZA Supervised Learning Framework for Covert Channel Detection in LTE-A
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0394
2018-06-06T00:00:00ZA Method for Measuring the Privacy Level of Pre-published Dataset
http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2017.0341
2018-04-27T00:00:00Z