The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Timing attack is a type of side-channel attack directed at weakly secured computing devices and aims at extracting private keys from cryptosystems. The incidence of timing attacks is expected to rise in the age of Internet of Things (IoT) where devices are mostly power-constrained and cryptographic implementations are minimal. These types of attacks rely on precise timings obtained from cryptographic...
The acceleration in developments in communication technology has led to a consequent increase in the vulnerability of data due to penetration attacks. These attacks often came from outside where non-qualified companies develop IT projects. Cryptography can offer high levels of security but has recently shown vulnerabilities such as the man-in-the-middle (MITM) attack in areas of key exchange protocols,...
Design models help the system development to analyze and visualize its working scenario as a blueprint or a prototype. A successful or error free design leads to an efficient implementation. Thus ensuring the design correctness is a crucial factor in a complex system development like communication protocols. They are reactive in nature and the general verification like correctness evaluation will...
Network traffic generation was the subject of many research projects in the past, but none of them could generate network data which has the same nature as a traffic from human or machine behavior. In this paper we introduce a related work in this field of area focusing on advantages and disadvantages, such as authenticity, inaccuracy, wrong timings and real-time generation. Further, we propose a...
Cloud computing is a new pattern of computing paradigm which enables the users to transfer their work to the cloud. The tremendous storage and computing resources provided by the cloud liberate the users from the shortage of local resources. However, as the adoption of cloud computing is emerging rapidly, the security and privacy issues are still significant challenges. In a cloud environment, a user...
PCI Express is a high-performance I/O bus protocol. The PCI Express protocol provides higher bandwidth than the legacy buses that makes PCI Express as an ideal choice for a wide variety of applications such as Network Interface, Graphics Accelerators, and Storage Controllers (SSD). The PCI Express protocol supports many features to improve performance of I/O Bus, so verification of a design based...
The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ensures that a session key derived from a set of long-term public and private keys used in the protocol to authenticate, does not compromise the secrecy of session key. In this protocol, each group establishes connection by communicating through a trusted third party. The trusted party acts as a group controller...
Key management schemes establish a shared secret key between all the members in the group. Key management in multicast dynamic groups, where users can leave or join at their ease is one of the most crucial and essential part of secure communication. We proposed a new decentralized group key management scheme using attribute based encryption which provide no single point of failure, scalability and...
The buses protocol is designed to provide provably anonymous communication on a connected graph. Figuratively speaking, a bus is a single unit of transport containing multiple seats. Each seat carries a ciphertext from a sender to a receiver. The buses approach aims to conceal traffic patterns by having buses constantly travel along fixed routes and is a step forward in concealing traffic compared...
In this paper, we address the communication overhead problem between OpenFlow controllers and switches due to table-miss in a flow table. For dealing with table-miss, the switch informs the controller by sending a packet-in message to make the controller perform further actions. However, this packet-in procedure to deal with table-miss may cause a controller overhead when one controller has to process...
When the AAG protocol was first introduced, braid groups were proposed as platform group. However, there are studies that successful attack AAG with braid groups, one main attack method is the length-based attack. Searching for a new platform for AAG, Garber, Kahrobaei, and Lam studied polycyclic groups generated by number field and concluded that they are resistant against the length-based attack...
The increasing speeds and decreasing prices of network equipment have spurred much interest in applying networks to many different types of systems. A wide range of network protocols and tools already exist making its application attractive. Over the last decade, there has been a noticeable shift to introduce Internet Protocol (IP) networks into new areas such as data acquisition systems. These modern...
In component-based and model-driven development it is common to model embedded applications in a platform-independent manner. As an example, some approaches allow development of distributed applications while abstracting away from details of communication between platform nodes. Using such an approach requires to implement this communication before an executable system is deployed. Currently it is...
In this paper a solution is described which facilitates the integration of TR-069 functionality to Android applications. Solution for this problem is given as an Android service with a binding interface, which can be incorporated in any Android application.
In the last few years, we have witnessed the expansion of Broadband Forum's CWMP (TR-069) protocol usage. Many devices today have integrated the TR-069 device agent. Integration of that agent can be difficult and time-consuming because of the many parameters and objects, where each of them requires an API function, to report its value. What we propose in this paper is the solution which includes API...
Cloud storage services have become necessities in our daily life. Although the cloud storage services provide online storage to hold data for the data owner with high accessibility, trust is always an obstacle between the user and the service provider. In this paper, we aim at the audit privilege management issue of integrity audit for cloud storage and search for a proper solution to provide controllable...
This work is concerned with the possible exploitation of weaknesses in security protocols by attackers using parallel session attacks and discovering ways of eliminating these weaknesses. A new analysis is presented on the reasons why security protocols, with certain weaknesses in their design, are vulnerable to parallel session attacks. Building on this analysis a new set of design requirements is...
FPGAs are widely deployed nowadays. Besides offering powerful computation capacity, contemporary FPGAs also provide many security features such as bitstream protection. The security of these features is dependent on the security of the keys embedded in the FPGA, which is usually generated by the vendor. This type of architecture has a shortcoming that the FPGA vendor knows everything and becomes the...
User constrained devices such as smart cards are commonly used in human-protocol interaction. Modelling these devices as part of human-protocol interaction is still an open problem. Examining the interaction of these devices as part of security ceremonies offers greater insight. This paper highlights two such cases: modelling extra channels between humans and devices in the ceremony, and modelling...
The conventional setup of a wireless sensor network is composed of several sensor nodes and one or more sinks. The network topology and data collection techniques are then optimized towards efficient collection of the sensed data at the sink(s). In this paper, we present a novel network coding technique based on Compressed Sensing that allows each node to operate as a sink. Our network coding technique...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.