Cosine-transform-based chaotic system for image encryption

2D Logistic-Sine-coupling map for image encryption

Wireless sensor networks can be deployed in any attended or unattended environments like environmental monitoring, agriculture, military, health care etc., where the sensor nodes forward the sensing data to the gateway node. As the sensor node has very limited battery power and cannot be recharged after deployment, it is very important to design a secure, effective and light weight user authentication and key agreement protocol for accessing the sensed data through the gateway node over insecure networks. Most recently, Turkanovic et?al. proposed a light weight user authentication and key agreement protocol for accessing the services of the WSNs environment and claimed that the same protocol is efficient in terms of security and complexities than related existing protocols. In this paper, we have demonstrated several security weaknesses of the Turkanovic et?al. protocol. Additionally, we have also illustrated that the authentication phase of the Turkanovic et?al. is not efficient in terms of security parameters. In order to fix the above mentioned security pitfalls, we have primarily designed a novel architecture for the WSNs environment and basing upon which a proposed scheme has been presented for user authentication and key agreement scheme. The security validation of the proposed protocol has done by using BAN logic, which ensures that the protocol achieves mutual authentication and session key agreement property securely between the entities involved. Moreover, the proposed scheme has simulated using well popular AVISPA security tool, whose simulation results show that the protocol is SAFE under OFMC and CL-AtSe models. Besides, several security issues informally confirm that the proposed protocol is well protected in terms of relevant security attacks including the above mentioned security pitfalls. The proposed protocol not only resists the above mentioned security weaknesses, but also achieves complete security requirements including specially energy efficiency, user anonymity, mutual authentication and user-friendly password change phase. Performance comparison section ensures that the protocol is relatively efficient in terms of complexities. The security and performance analysis makes the system so efficient that the proposed protocol can be implemented in real-life application.

A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks

Medical image encryption using high-speed scrambling and pixel adaptive diffusion

Image encryption using a new parametric switching chaotic system

Sensor networks are ad hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, security threats need to be addressed and, taking into account its limited resources, the use of symmetric cryptography is strongly recommended. In this paper, a light-weight authentication model for wireless sensor networks composed of a key management and an authentication protocol is presented. It is based on the use of simple symmetric cryptographic primitives with very low computational requirements, which obtains better results than other proposals in the literature. Compared to SPINS and BROSK protocols, the proposal can reduce energy consumption by up to 98% and 67%, respectively. It also scales well with the size of the network, due to it only requiring one interchanged message, independently of the total number of nodes in the network.

A light-weight authentication scheme for wireless sensor networks

The strict avalanche criterion randomness test

Distinguishing the output of a cryptographic primitive such as a block cipher or a habh function from the output of a random mapping seriously affects the credibility of the primitive security, and defeats it for many cryptographic applications. However, this is usually a quite difficult task. In a previous work [1], a new cryptoanalytic technique was presented and proved useful in distinguishing a block cipher from a random permutation in a completely automatic way. This technique is based in the selection of the worst input patterns for the block cipher with the aid of genetic algorithms. The objective is to find which input patters generate a significant deviation of the observed output from the output we would expect from a random permutation. In [1], this technique was applied to the case of the block cipher TEA with 1 round. The much harder problem of breaking TEA with 2 rounds is successfully solved in this paper, where an efficient distinguisher ia also presented.

/pdf/genetic-cryptoanalysis-of-two-rounds-tea-zl6b1gb6f1.pdf

Genetic Cryptoanalysis of Two Rounds TEA

This paper presents the study and enhancement of LAPSE, a security software based on the static analysis of code for detecting security vulnerabilities in Java EE Applications. LAPSE was developed by the SUIF Compiler Group of Stanford University as a plugin for Eclipse Java IDE. The latest stable release of the plugin, LAPSE 2.5.6, dates from 2006, and it is obsolete in terms of the number of vulnerabilities detected and its integration with new versions of Eclipse. This paper focuses on introducing LAPSE+, an enhanced version of LAPSE 2.5.6. This new version of the plugin extends the functionality of the previous one, being updated to work with Eclipse Helios, providing a wider catalog of vulnerabilities and improvements for code analysis. In addition, the paper introduces a command-line version of LAPSE+ to make this tool independent of Eclipse Java IDE. This command-line version features the generation of XML reports of the potential vulnerabilities detected in the application.

José M. Sierra

Papers

A light-weight authentication scheme for wireless sensor networks

The strict avalanche criterion randomness test

Genetic Cryptoanalysis of Two Rounds TEA

LAPSE+ Static Analysis Security Software: Vulnerabilities Detection in Java EE Applications

Advances in network smart cards authentication