Counterfeited products are a significant problem in both developed and developing countries and has become more critical as an aftermath of COVID-19, exclusively for drugs and medical equipment’s. In this paper, an innovative approach is proposed to resist counterfeiting which is based on the principles of Synthetic DNA. The proposed encryption approach has employed the distinctive features of synthetic DNA in amalgamation with DNA encryption to provide information security and functions as an anticounterfeiting method that ensures usability. The scheme’s security analysis and proof of concept are detailed. Scyther is used to carry out the formal analysis of the scheme, and all of the modeled assertions are verified without any attacks.

With people s attention to information security, the research on authentication encryption algorithm has become a very important branch of cryptography in recent years. It is widely used in data encryption, message authentication, authentication and key management. In the network of large-scale communication nodes, there are a large quantity of network nodes and a variety of devices. The traditional PKI cryptosystem has the problems of certificate management difficulty and resource waste. Based on the research of block cipher algorithm, this article discusses its application in the design of terminal identity authentication system, and designs a node two-way authentication scheme based on identity encryption. The simulation results show that the block cipher algorithm proposed in this article can get 95.82\%, accuracy, which is higher than the contrast algorithm. Authentication and encryption algorithm based on block cipher plays an important role in authentication and encryption algorithm because of its fast implementation speed of software and hardware and easy standardization. The research shows that the algorithm proposed in this article is superior to other algorithms in the application of terminal identity authentication system. It provides a new solution for related research.

Due to the existing global navigation satellite system (GNSS) is an open, without certification system, satellite receiver is vulnerable to the potential for fraud. Therefore, it is urgent to solve the security certification problem of GNSS civil signals. Aiming at the above problems, this paper proposes a navigation encryption authentication technology based on modulation Method authentication (MMA) based on UBFH-BOC signal system. The results show that the authentication scheme can effectively resist the threat of spoofing, ensure the security of navigation signal transmission, and provide a reference for the subsequent application of high security navigation signal structure.

The changes in technologies has also changed the way we compute. Computing applications provide various types of functionalities. However, a common thing is to secure the same computing system. It requires a high level of developer skills to secure a system. Generally, verifying users before access of services, encryption of data, and techniques of parallel access of information by multiple users is done to ensure only valid users can access the services. One need to verify person, device, process, or service before it access the related service(s). In this paper, we present a review of authentication techniques used in computing computing. It elaborates methods used for traditional authentication using articles, letters, people, passwords, one-time passwords, digital certificates, two-way authentication to latest behavioural, doodles, image sequence, gestures based recognition of users using biometrics, gait-based and their behavioural analytics. It also discusses key features of various methods including gaps and scope of improvement.

Data encryption is the process of turning data into encrypted data. It is a crucial technology for securing data while it is being stored or transmitted, especially in cloud environments where data is stored remotely and accessed over the internet. In our study, we compared five well-known algorithms to determine which is the most reliable for data encryption in cloud environments. This research study provides insights into the performance of different data encryption algorithms in the cloud environment and their potential applications in various industries. There are several benefits of using data encryption, including cost efficiency, management control and remote worker protection. Encryption is cheap to implement as many of today s devices and systems come with built-in encryption technology. Encryption can free organizations from government-imposed regulatory fines as some governments have mandated regulations and requirements regarding data protection that require private data to be encrypted and prevent all unauthorized access and all illegal activities. Encryption can help secure and protect remote workers by securing their data and communications. As more and more employees opt for remote working, that is, working from home, the need for data security has become more important.

Encryption technique is widely used to ensure security in communication and wireless networks such as the Internet, Networking zone and Intranet. Every type of data has its own characteristics consequently, to safeguard private picture data from unwanted access, a variety of strategies are employed. In this paper an image encryption technology called Data Encryption Standard (DES) is combined with XOR to create a block cypher transformation algorithm for picture security. The suggested method is based on XOR with DES encryption, which emphasizes larger changes in the RGB combination as well as the histogram. The findings of the suggested method indicate more variety. The security of the system will be increased by increasing the variety.

Nowadays, the increasing number of devices deployed in IoT systems implementation and the requirement of preserving the integrity of data transported over the Internet, demand the use of data encryption schemes. This paper aims to show the performance evaluation of CP-ABE (Ciphertext-Policy Attribute Based Encryption) type of encryption over MQTT (Message Queue Transport Telemetry) that focuses on execution time for an IoT system with Raspberry Pi. For the implementation, two Raspberry Pi 4 Computer Model B are used for both the publisher and the subscriber, and a computer with Ubuntu 20.04 LTS operating system is used for the Broker and the Key Authority. The result of the present work provides relevant information on the execution times required in the CP-ABE encryption scheme to provide data integrity and fine-grained access control policy in an IoT system. The work demonstrates that the CP-ABE encryption scheme is suitable for IoT systems.

This paper present s a new image encryption model with focus on symmetric key schemes. It discus 5 schemes: Random Generation Key (8B); Random Key Generation part A(4B) and part B(4B); Input User Key (4B), Encrypted key and Random Key generation (4B); Random Key Generate (4B) and Input User Encrypted Key (4B); Input User Key (8B). Experimental results are based on image encryption by DES algorithm (5 instances) and by AES algorithm (5 instances). A table with image quality values and a table with complex arithmetic mean error are done.

The foundation of cryptography is number theory, which is crucial to data security. The majority of commonly used encryption techniques use prime integers, making it challenging to identify specific prime values (keys). The suggested approach employs matrices and vectors as keys, making it harder to identify the individual keys and using vectors to represent the data. Now a days, one method for providing data security safeguards is encryption. The right encryption technique protects digital data from unauthorized access, data corruption, e-piracy, e-theft, and other threats. Data security is the main benefit of utilizing this method. Here, we have used the symmetric key encryption procedure to generate keys from two uneven matrices. Seven different keys in matrix format have been chosen to perform encryption and decryption. With the help of an example, the techniques for encryption and decryption have been explained.

Nowadays, in communications, the main criteria to ensure that the information and communication in the network. The normal two users communication exchanges confidential data and files via the network. Secure data communication is the most important and crucial problem by message transmission networks. To resolve this problem, cryptography uses mathematical encryption and decryption data on adaptation by converting a data from key into an unreadable format. Cryptography provides a method for performing the transmission of confidential or secure communication. The proposed Padding Key Encryption (PKE) algorithm is used to encrypt the data; it generates the secret key in an unreadable format. The receiver decrypts the data using the private key in a readable format. In the proposed PKE algorithm, the sender sends data into plain text to cipher-text using a secret key to the authorized person; the unauthorized person cannot access the data through the Internet; only an authorized person can view the data the private key. The proposed simulation results provide high security to communicate the receiver for confidential data or files compared with other previous methods.

This paper presents a novel image encryption method that combines symmetric and asymmetric encryption with a watermark embedding extraction algorithm based on wavelet transform. The algorithm ensures the invisibility and robustness of the watermark, providing the first layer of encryption. The second layer of encryption is implemented by leveraging the efficiency of symmetric encryption and the security of asymmetric encryption. The integrity of the watermarking is evaluated using MEB(\%), PSNR(dB), and SSIM(\%), while the algorithm s efficiency is assessed through the encryption time T(ms). Experimental results show that the watermark achieves a PSNR of 59.671dB and an SSIM of 99.9, confirming its integrity and robustness. Furthermore, the synthetic encryption process takes only 50 seconds, ensuring both security and efficiency without increasing the time complexity. In conclusion, the proposed synthetic encryption algorithm demonstrates excellent performance in terms of efficiency and security.

The power communication network based on 5G network slicing is an important foundation to support smart grid, and the bearing of small granularity power regulation and control class services depends on the slicing soft isolation technology, and the data isolation between each soft isolation channel is crucial. In this paper, we propose a new symmetric cryptographic algorithm based on random coding, and establish a hybrid encryption method based on this symmetric algorithm, combined with SM2 and SM3 algorithms, which is suitable for encrypting the data of power regulation and control services. It is also verified through simulation that the proposed hybrid encryption method has high encryption efficiency while ensuring security.

This paper explores the advantages and limitations of probabilistic and deterministic encryption schemes for securing sensitive data. While probabilistic encryption ensures high security for data encryption, it can pose limitations when filtering and querying data. On the other hand, deterministic encryption method is a more flexible and unchanging encryption scheme that allows for the benefits of filtering data while icing its security. Many platform encryptions use deterministic encryption to allow for filtering of translated data while minimizing exposure of plain values to cipher values. Still, deterministic encryption can still pose certain pitfalls and may reveal information to eavesdroppers. A promising variation of encryption for perfecting security in communication end is ‘Varying encryption’ which is grounded on factors such as distance and country of connection. This acclimatized approach offers increased speed and security and can confuse attackers, making it harder for them to gain access to information being transmitted. Though, careful analysis of the advantages and disadvantages of assigning a specific encryption standard to a given set of conditions is essential to achieve optimal results.

With the increased usage of video communication technologies, the requirement for secure video data transfer has grown more critical than ever. Video encryption methods are critical in preventing unauthorized access to sensitive video data while it is provided across insecure networks. This study compares several video encryption algorithms, including symmetric and asymmetric key-based encryption methods. The goal of this research is to compare the security, computational complexity, and transmission overhead of several video encryption techniques. The research includes an examination of well-known encryption algorithms that include AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adelman) and DES (Data Encryption Standard), as well as variants on these techniques. Furthermore, this work offers a hybrid video encryption method that combines symmetric and asymmetric key-based encryption approaches to provide good security while being computationally simple. The experimental results reveal that the proposed method is more successful and effective than existing video encryption techniques. The suggested method used to secure video data communication over unsecured networks such as the internet, assuring the video data s secrecy, integrity, and authenticity.

The Internet of Things (IoT) refers to the growing network of connected physical objects embedded with sensors, software and connectivity. While IoT has potential benefits, it also introduces new cyber security risks. This paper provides an overview of IoT security issues, vulnerabilities, threats, and mitigation strategies. The key vulnerabilities arising from IoT s scale, ubiquity and connectivity include inadequate authentication, lack of encryption, poor software security, and privacy concerns. Common attacks against IoT devices and networks include denial of service, ransom-ware, man-in-the-middle, and spoofing. An analysis of recent literature highlights emerging attack trends like swarm-based DDoS, IoT botnets, and automated large-scale exploits. Recommended techniques to secure IoT include building security into architecture and design, access control, cryptography, regular patching and upgrades, activity monitoring, incident response plans, and end-user education. Future technologies like blockchain, AI-enabled defense, and post-quantum cryptography can help strengthen IoT security. Additional focus areas include shared threat intelligence, security testing, certification programs, international standards and collaboration between industry, government and academia. A robust multilayered defense combining preventive and detective controls is required to combat rising IoT threats. This paper provides a comprehensive overview of the IoT security landscape and identifies areas for continued research and development.

With the continuous improvement of the current level of information technology, the malicious software produced by attackers is also becoming more complex. It s difficult for computer users to protect themselves against malicious software attacks. Malicious software can steal the user s privacy, damage the user s computer system, and often cause serious consequences and huge economic losses to the user or the organization. Hence, this research study presents a novel deep learning-based malware detection scheme considering packers and encryption. The proposed model has 2 aspects of innovations: (1) Generation steps of the packer malware is analyzed. Packing involves adding code to the program to be protected, and original program is compressed and encrypted during the packing process. By understanding this step, the analysis of the software will be efficient. (2) The deep learning based detection model is designed. Through the experiment compared with the latest methods, the performance is proven to be efficient.

In this paper, a quantitative analysis method is proposed to calculate the risks from cyber-attacks focused on the domain of data security in the financial sector. Cybersecurity risks have increased in organizations due to the process of digital transformation they are going through, reflecting in a notorious way in the financial sector, where a considerable percentage of the attacks carried out on the various industries are concentrated. In this sense, risk assessment becomes a critical point for their proper management and, in particular, for organizations to have a risk analysis method that allows them to make cost-effective decisions. The proposed method integrates a layered architecture, a list of attacks to be prioritized, and a loss taxonomy to streamline risk analysis over the data security domain including: encryption, masking, deletion, and resiliency. The layered architecture considers: presentation layer, business logic layer, and data management layer. The method was validated and tested by 6 financial companies in Lima, Peru. The preliminary results identified the applicability of the proposed method collected through surveys of experts from the 6 entities surveyed, obtaining 85.7\% who consider that the proposed three-layer architecture contains the assets considered critical.

Due to the concern on cloud security, digital encryption is applied before outsourcing data to the cloud for utilization. This introduces a challenge about how to efficiently perform queries over ciphertexts. Crypto-based solutions currently suffer from limited operation support, high computational complexity, weak generality, and poor verifiability. An alternative method that utilizes hardware-assisted Trusted Execution Environment (TEE), i.e., Intel SGX, has emerged to offer high computational efficiency, generality and flexibility. However, SGX-based solutions lack support on multi-user query control and suffer from security compromises caused by untrustworthy TEE function invocation, e.g., key revocation failure, incorrect query results, and sensitive information leakage. In this article, we leverage SGX and propose a secure and efficient SQL-style query framework named QShield. Notably, we propose a novel lightweight secret sharing scheme in QShield to enable multi-user query control; it effectively circumvents key revocation and avoids cumbersome remote attestation for authentication. We further embed a trust-proof mechanism into QShield to guarantee the trustworthiness of TEE function invocation; it ensures the correctness of query results and alleviates side-channel attacks. Through formal security analysis, proof-of-concept implementation and performance evaluation, we show that QShield can securely query over outsourced data with high efficiency and scalable multi-user support.

The releases of Intel SGX and AMD SEV mark the transition of hardware-based enclaves from research prototypes to mainstream products. These two paradigms of secure enclaves are attractive to both the cloud providers and tenants, since security is one of the key pillars of cloud computing. However, it is found that current hardware-defined enclaves are not flexible and efficient enough for the cloud. For example, although SGX can provide strong memory protection with both confidentiality and integrity, the size of secure memory is tightly restricted. On the contrary, SEV enables enclaves to use more memory but has critical security flaws due to no memory integrity protection. Meanwhile, both types of enclaves have relatively long booting latency, which makes them not suitable for short-term tasks like serverless workloads. After an in-depth analysis, we find that there are some intrinsic tradeoffs between security and performance due to the limitation of architectural designs. In this article, we investigate a novel hardware-software co-design of enclaves to meet the requirements of cloud by placing a part of the logic of the enclave mechanism into a lightweight software layer, named Enclavisor, to achieve a balance between security, performance, and flexibility. Specifically, our implementation is based on AMD’s SEV and, Enclavisor is placed in the guest kernel mode of SEV’s secure virtual machines. Enclavisor inherently supports memory encryption with no memory limitation and also achieves efficient booting, multiple enclave granularities, and post-launch remote attestation. Meanwhile, we also propose hardware/ software solutions to mitigate the security flaws caused by the lack of memory integrity. We implement a prototype of Enclavisor on an AMD SEV server. The experiments on both micro-benchmarks and application benchmarks show that enclaves on Enclavisor can have close-to-native performance.

Due to the concern on cloud security, digital encryption is applied before outsourcing data to the cloud for utilization. This introduces a challenge about how to efficiently perform queries over ciphertexts. Crypto-based solutions currently suffer from limited operation support, high computational complexity, weak generality, and poor verifiability. An alternative method that utilizes hardware-assisted Trusted Execution Environment (TEE), i.e., Intel SGX, has emerged to offer high computational efficiency, generality and flexibility. However, SGX-based solutions lack support on multi-user query control and suffer from security compromises caused by untrustworthy TEE function invocation, e.g., key revocation failure, incorrect query results, and sensitive information leakage. In this article, we leverage SGX and propose a secure and efficient SQL-style query framework named QShield. Notably, we propose a novel lightweight secret sharing scheme in QShield to enable multi-user query control; it effectively circumvents key revocation and avoids cumbersome remote attestation for authentication. We further embed a trust-proof mechanism into QShield to guarantee the trustworthiness of TEE function invocation; it ensures the correctness of query results and alleviates side-channel attacks. Through formal security analysis, proof-of-concept implementation and performance evaluation, we show that QShield can securely query over outsourced data with high efficiency and scalable multi-user support.

The releases of Intel SGX and AMD SEV mark the transition of hardware-based enclaves from research prototypes to mainstream products. These two paradigms of secure enclaves are attractive to both the cloud providers and tenants, since security is one of the key pillars of cloud computing. However, it is found that current hardware-defined enclaves are not flexible and efficient enough for the cloud. For example, although SGX can provide strong memory protection with both confidentiality and integrity, the size of secure memory is tightly restricted. On the contrary, SEV enables enclaves to use more memory but has critical security flaws due to no memory integrity protection. Meanwhile, both types of enclaves have relatively long booting latency, which makes them not suitable for short-term tasks like serverless workloads. After an in-depth analysis, we find that there are some intrinsic tradeoffs between security and performance due to the limitation of architectural designs. In this article, we investigate a novel hardware-software co-design of enclaves to meet the requirements of cloud by placing a part of the logic of the enclave mechanism into a lightweight software layer, named Enclavisor, to achieve a balance between security, performance, and flexibility. Specifically, our implementation is based on AMD’s SEV and, Enclavisor is placed in the guest kernel mode of SEV’s secure virtual machines. Enclavisor inherently supports memory encryption with no memory limitation and also achieves efficient booting, multiple enclave granularities, and post-launch remote attestation. Meanwhile, we also propose hardware/ software solutions to mitigate the security flaws caused by the lack of memory integrity. We implement a prototype of Enclavisor on an AMD SEV server. The experiments on both micro-benchmarks and application benchmarks show that enclaves on Enclavisor can have close-to-native performance.

With the proliferation of IoT devices, the number of devices connected to the Internet has been rapidly increasing. An edge computing platform must flexible and efficient data control. Also, edge nodes are not always reliable. Edge node administrators can leak data through intentional mishandling. In this paper, we propose an edge computing platform on modular architecture that protects data and processing from interception and a processing flow based on data characteristics using Intel SGX and multi-authority attribute-based encryption. In addition, we report a performance evaluation of our method.

The adoption of IoT in a multitude of critical infrastructures revolutionizes several sectors, ranging from smart healthcare systems to financial organizations and thermal and nuclear power plants. Yet, the progressive growth of IoT devices in critical infrastructure without considering security risks can damage the user’s privacy, confidentiality, and integrity of both individuals and organizations. To overcome the aforementioned security threats, we proposed an AI and onion routing-based secure architecture for IoT-enabled critical infrastructure. Here, we first employ AI classifiers that classify the attack and non-attack IoT data, where attack data is discarded from further communication. In addition, the AI classifiers are secure from data poisoning attacks by incorporating an isolation forest algorithm that efficiently detects the poisoned data and eradicates it from the dataset’s feature space. Only non-attack data is forwarded to the onion routing network, which offers triple encryption to encrypt IoT data. As the onion routing only processes non-attack data, it is less computationally expensive than other baseline works. Moreover, each onion router is associated with blockchain nodes that store the verifying tokens of IoT data. The proposed architecture is evaluated using performance parameters, such as accuracy, precision, recall, training time, and compromisation rate. In this proposed work, SVM outperforms by achieving 97.7\% accuracy.

Scientific and technological advancements, particularly in IoT, have greatly enhanced the quality of life in society. Nevertheless, resource constrained IoT devices are now connected to the Internet through IPv6 and 6LoWPAN networks, which are often unreliable and untrusted. Securing these devices with robust security measures poses a significant challenge. Despite implementing encryption and authentication, these devices remain vulnerable to wireless attacks from within the 6LoWPAN network and from the Internet. Researchers have developed various methods to prevent attacks on the RPL protocol within the 6LoWPAN network. However, each method can only detect a limited number of attack types, and there are still several drawbacks that require improvement. This study aims to implement several attack prevention methods, such as Lightweight Heartbeat Protocol, SVELTE, and Contiki IDS. The study will provide an overview of these methods theories and simulate them on Contiki OS using Cooja software to assess their performance. The study s results demonstrate a correlation between the simulated data and the proposed theories. Furthermore, the study identifies and evaluates the strengths and weaknesses of these methods, highlighting areas that can be improved upon.

Mobile Ad Hoc Networks (MANETs) are more susceptible to security threats due to the nature of openness and decentralized administration. Even though there exist several standard cryptography and encryption methods, they induce an additional computational and storage burden on the resource constrained mobile nodes in MANETs. To sort out this issue, this paper proposes a simple trust management mechanism called as Mobility and Trust Aware Adaptive Location Aided Routing (MTALAR). Initially, MTALAR founds the request zone whose sides are parallel to the line connecting the source and destination nodes. Next, the source node finds a trustworthy route through multi-hop nodes based on a new factor called as Mobile-Trust Factor (MTF). MTF is the combination of communication trust and mobility. Communication trust ensures a correct detection of malicious nodes and mobility ensures a proper protection for innocent nodes. After route discovery, the source node periodically measures the MTF of the multi-hop nodes through HELLO packets. Based on the obtained MTF values, the source node declares the corresponding node as malicious or not. Extensive simulations performed on the proposed method prove the superiority in the identification of malicious nodes.