The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A proxy signature scheme allows one user to delegate his/her signing capability to another user called a proxy signer in such a way that the latter can sign messages on behalf of the former. After verification the verifier is convinced of the original signer's agreement on the signed message. Forward-secure signatures enable the signer to guarantee the security of messages signed in the past even...
This paper proposes a scheme to hide some extra confidential data in transparencies during secret image encryption in visual cryptography. The secret image is multitoned into several levels first. An extended non-expansion visual secret sharing model is employed, i.e. size of transparencies is equal to that of the secret image. Thus less time and space are needed for transparencies transmission and...
A new approach for skin region segmentation is proposed. It uses color distance map (CDM) and an algorithm based on the property of flow of water. The CDM itself is a grayscale image, which makes the algorithm very simple. However, it is still capable of providing color information based on which some skin and non-skin seed regions can be determined reliably. Then a water-flow based procedure determines...
As online transactions become increasingly practical, a broad range of industrial and e-government applications have emerged which depend on time-based protection of confidential data. Despite theoretical progress in timed-release cryptography (TRC), there is still no implementation infrastructure that takes advantage of the latest TRC algorithms. The purpose of this paper is to propose such an infrastructure...
In PKC'2004, a constant-round group key exchange protocol is proposed. It takes advantage of the properties of the ElGamal encryption scheme combined with the standard secret sharing technique. In this paper, we show that the scheme can be greatly simplified because the standard secret sharing technique does not work well. Based on the observation, we present a revisited scheme. It saves about 4/5...
Since 2006, many countries, all over the world, begin to issue e-passports containing biometric data for their citizens. The International Civil Aviation Organization (ICAO) specification for cryptography in e-passport is proven to be insecure and has many threats. The European Union (EU) has defined an extended access control (EAC) mechanism for e-passports. But, even this solution presents many...
Keystream reuse in stream ciphers in case of textual data has been the focus of cryptanalysis for quite some time. The first ever use of hidden Markov models based speech recognition approach to cryptanalysis of encrypted digitized speech signals in a keystream reuse situation was presented by us in [1]. In this paper, we extend the idea presented in [1] and show the applicability of different speech...
In this paper, we present the Dynamic Substitution Model (DSM) and its variant the Static Substitution Model (SSM). In DSM and SSM, the secret encryption key is divided into a primary key and a secondary key. DSM is a model that allows any block cipher to accept a variable length secondary key, this is achieved by substituting some bits of the cipher's expanded key with the secondary key. SSM is a...
Due to standardization and connectivity to other networks, networked control systems, a vital component of many nations' critical infrastructures, face potential disruption. Its possible manifestation can affect Kalman filter, the primary recursive estimation method used in control engineering field. Whereas to improve such estimation, data fusion may take place at a central location to fuse and process...
Checking the integrity of a file on a remote untrusted or compromised server is to be achieved with minimal computational and storage requirements on part of a healthy verifier. Existing solutions are time and storage intensive. A fast protocol comprising of maximum period linear congruence generators and linear feedback shift registers with compact storage requirements is proposed.
In this paper, we present a new narrow block mode of operation, the masked code book (MCB), that can be efficiently deployed in disk encryption applications. MCB is characterized by its high-speed in comparison to current state of the art narrow block modes of operation. It is about 80% faster than XTS (when AES with 128-bits key is the underlying cipher).
Data provenance (information about the origin of data items and the transformations that they have gone through) can be a useful security tool, particularly for forensic investigation. Provenance information can also be used to enforce information assurance concepts like integrity and authenticity. The current techniques for finding data source and lineage information are annotations and query inversion...
Application level multicast protocols construct an overlay tree between end-hosts participating in the multicast session. The efficiently of the constructed overlay tree depends entirely on the honesty and on the cooperation of all participating members. However such behavior can not be guaranteed and some selfish and non-cooperative nodes may take profit from the honesty of other members in the overlay...
In this paper, we propose attack capability modelling language (ACML) used for capability model proposed by Zhau et. al. is a specification and description language that has been utilized to express the capability gained by attacker at each step in the intrusion process. These capabilities have been defined using the IDS alerts. Moreover the language also provides for the specification of compete...
A recent privacy protocol for secure e-polls aims at ensuring the submitting individuals that the pollster will preserve the privacy of their submitted preferences. Otherwise the individuals can indict the pollster, provided that the pollster participates actively in this phase. The analysis of the protocol in a realistic threat model denounces that a malicious pollster that abuses the private preferences...
An intrusion detection system should support the operator of the system. Thus, in addition to producing alerts, it should allow for easy insertion of new detection algorithms. It should also support dynamic selection and de-selection of detection algorithms, and it should adjust its resource consumption to the current need. Such a system would allow the operator to easily extend the system when new...
In this paper we present a virus propagation and elimination model that takes into account the traffic and server characteristics of the network computers. This model partitions the network nodes into perimeter and non-perimeter nodes. Incoming/outgoing traffic of the network passes through the perimeter of the network, where the perimeter is defined as the set of the servers which are connected directly...
Current Intrusion Detection Systems (IDS) examine all data features to detect intrusion or misuse patterns. Some of the features may be redundant or contribute little (if anything) to the detection process. The purpose of this research is to identify important input features in building an IDS that is computationally efficient and effective. This paper propose a novel matrix factorization approach...
To achieve high accuracy while lowering false alarm rates are major challenges in designing an intrusion detection system. In addressing this issue, this paper proposes an ensemble of one-class classifiers where each uses different learning paradigms. The techniques deployed in this ensemble model are; linear genetic programming (LGP), adaptive neural fuzzy inference system (ANFIS) and random forest...
Because most Web application attacks exploit vulnerabilities that result from lack of input validation, a promising approach to thwarting these attacks is to apply validation checks on tainted portions of the operands used in security-sensitive operations, where a byte is tainted if it is data/control dependent on some network packet(s). This paper presents the design, implementation and evaluation...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.