Explore chapters and articles related to this topic
Cryptography Threats
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Konstantinos Limniotis, Nicholas Kolokotronis
More recently, the notion of the so-called authenticated encryption is being used to describe specific encryption schemes that simultaneously assure the confidentiality and authenticity (i.e. integrity and authentication of origin) of data. Roughly speaking, an authenticated encryption somehow embeds a MAC operation within the encryption process itself (in such cases, the data that are being produced as equivalent to the MAC output are being denoted as “tag”). For example, there exists a variation of the CTR mode of operation of block ciphers, being called as Galois Counter Mode (GCM), which simultaneously produces the ciphertext as well as an authentication tag of the data.
Access Environment Considerations for Coherent Optics Systems
Published in Zhensheng Jia, Luis Alberto Campos, Coherent Optics for Access Networks, 2019
Currently, there are two variants of encryption – unauthenticated and authenticated. Unauthenticated encryption does not increase the frame size and introduces no overhead but only provides data confidentiality [12]. Authenticated encryption, on the other hand, increases the frame size but provides enhanced security, including not only data confidentiality but also authentication, integrity protection, and replay protection [12]. The de facto standard for authenticated encryption is advanced encryption standard (AES) with Galois counter mode (GCM), where AES provides encryption, that is, data confidentiality, and GCM provides intrusion detection, intrusion prevention, and firewalling [11,12].
CCA-Security and Authenticated Encryption
Published in Jonathan Katz, Yehuda Lindell, Introduction to Modern Cryptography, 2020
Authenticated encryption with associated data. Often, a message m requires both secrecy and integrity but various associated data (e.g., header information) sent along with the message requires integrity only. While it is possible to simply concatenate the message and the associated data (in some way that allows for unambiguous parsing) and then use an AE scheme to encrypt them both, better efficiency can be achieved by providing the associated data with integrity protection only. We omit further details, but note that AE schemes with support for associated data are called authenticated encryption with associated data (AEAD) schemes in the literature.
Security in Internet of Drones: A Comprehensive Review
Published in Cogent Engineering, 2022
Snehal Samanth, Prema K V, Mamatha Balachandra
Ozmen et al. have proposed an efficient cryptography framework for small aerial drones. The proposed framework has used low-cost public-key cryptography (PKC) primitives and low-cost symmetric key primitives. The low-cost PKC primitives are an integration of Boyko-Peinado-Venkatesan (BPV) FourQ on ECDH protocol, integration of BPV FourQ on Schnorr digital signature, and integration of BPV FourQ on Elliptic Curve Integrated Encryption Scheme (ECIES) protocol. The low-cost symmetric key primitives are CHACHA20 stream cipher, CHACHA-POLY as authenticated encryption scheme, and POLY1305 as MAC protocol. The security of the proposed framework depends on the FourQ curve and BPV precomputation technique. The experiment for the proposed framework was conducted on Crazyflie 2.0. FourQ curve provides the same security as that of secp256k1 curve. The security of the proposed framework is almost the same as that of the standard framework. The key exchange of the proposed framework has an energy consumption of just 3.61% of the key exchange energy consumption of the standard framework. The digital signature energy consumption of the proposed framework has an energy consumption of just 2.83% of the digital signature energy consumption of the standard framework. The proposed framework’s authenticated encryption has an energy consumption of 14.42% of the standard framework. The proposed framework’s integrated public-key encryption energy consumption is just 3.61% of the integrated public-key encryption energy consumption of the standard framework (Ozmen & Yavuz, 2018).
Secured Model for Internet of Things (IoT) to Monitor Smart Field Data with Integrated Real-Time Cloud Using Lightweight Cryptography
Published in IETE Journal of Research, 2021
In this analysis, the performance of various algorithms that can be deployed on IoT platforms, which are popular to secure posts during online transactions on agriculture and real time cloud based (Firebase) IoT, along with a variety of security and safety criteria, helps to better understand security algorithm outcomes. This helps to evaluate sufficient cryptographic algorithms for real-time transactions. A variety of authentication algorithms, e.g. authenticated encryption, AES, DES and block ciphers, block cipher message authentication codes, hash functions and elliptical curves, etc. are available for IoT platform comparison and analysis. It helps to recognize areas where the algorithms to be worked on may be enhanced or limited. The main objective was to encourage its users to safely cloud storage from their data. A fully homomorphic encryption method for effective integer calculations on encrypted data was used. The reason for using a Lightweight fully homomorphic encryption scheme is its ability to minimize the use of computation power at encryption and key generation. Using this approach, a user can conduct an operation on encrypted information without the same results as the calculation used for unencrypted data being decrypted. The key contribution of this work is to have a lightweight scheme with improved efficiency while enabling homomorphism under both addition and multiplication.
Efficient Key Generation Techniques for Securing IoT Communication Protocols
Published in IETE Technical Review, 2021
Amol K. Boke, Sangeeta Nakhate, Arvind Rajawat
IEEE 802.15.4 originally designed for low data rate, short-range and low energy communication [7]. It has evolved significantly since 2003 when it was coined for the first time [8]. This protocol was defined over two bottom OSI layers i.e., Physical and data link combining together to form Physical Data Link layer in IoT stack. PHY (Physical) and MAC (Medium Access Control) layers are modified latest in 2015 which better supports commercial, consumer and industrial market. Actually, at PHY layer IEEE 802.15.4 does not provide any measure of security. On the contrary, the MAC layer is provided with several levels of security (Table 2). Rijndael Cryptographic algorithm i.e., AES is combined with CCM, called as AES-CCM which is used for securing the MAC layer, where CCM counters with CBC-MAC (Counter block Chaining-MAC) [9]. CCM is a generic authenticated encryption block cipher mode. Frame control field of IEEE 802.15.4 MAC frames consists of Security Enable flag which gives the degree of security in MAC frames. The presence of auxiliary security header denotes the way in which the frame is secured. One of the security levels (Table 2) can be selected by giving a proper value to the Security Level field in the frame. Security level 0 gives zero means of security. Level 1–3 and 5–7 give protection to frames with a heap of Message Integrity Code (MIC) which ensures integrity as well as origin authentication. Level 4–7 also gives encryption for payload which provides data confidentiality. Here AES_CCM is used as encryption primitive. As it is symmetric key block cipher encryption algorithm, it uses the symmetric keys for encrypting and decrypting the data. But key generation, distribution, and maintenance of those symmetric keys are not specified in the protocol. As a result of which, IEEE 802.15.4 is susceptible to DDoS (Distributed denial of service) attacks [8].