The Algebraic Eraser (AE) is a public key protocol for sharing information
over an insecure channel using commutative and noncommutative groups; a
concrete realization is given by Colored Burau Key Agreement Protocol (CBKAP).
In this paper, we describe how to choose data in CBKAP to thwart an attack by
Kalka--Teicher--Tsaban.

In this work we propose a methodology for the verification of security
properties of network protocols which would help preventing possible attacks on
them. The methodology can be separated in two main parts: environment and
requirements analysis, and formal representation and procedural verification of
the protocol. In order to illustrate the advantages provided by the procedures
introduced with our methodology, we analyze three real security protocols,
explaining how some flaws can be detected.

This article presents an analysis of the secure key broadcasting scheme
proposed by Wu, Ruan, Lai and Tseng. The study of the parameters of the system
is based on a connection with a special type of symmetric equations over finite
fields. We present two different attacks against the system, whose efficiency
depends on the choice of the parameters. In particular, a time-memory tradeoff
attack is described, effective when a parameter of the scheme is chosen without
care.

This paper presents a new privacy-preserving smart metering system. Our
scheme is private under the differential privacy model and therefore provides
strong and provable guarantees. With our scheme, an (electricity) supplier can
periodically collect data from smart meters and derive aggregated statistics
while learning only limited information about the activities of individual
households. For example, a supplier cannot tell from a user's trace when he
watched TV or turned on heating.

In many recent years, the programming world has been introduced about a new
programming language for designing websites, it is CSS that can be be used
together with HTML to develop a web interface. And now, these two programming
languages as if inseparably from each other. As a client-side scripting, CSS is
visible by all users as the original script, but it can not be granted changed.
Website is a tool of information disseminator throughout the world, this is
certainly can be used to a secret communication by using CSS as a message
hider.

In this paper we present a new pseudorandom number generator (PRNG) on
graphics processing units (GPU). This PRNG is based on the so-called chaotic
iterations. It is firstly proven to be chaotic according to the Devaney's
formulation. We thus propose an efficient implementation for GPU that
successfully passes the BigCrush tests, deemed to be the hardest battery of
tests in TestU01. Experiments show that this PRNG can generate about 20 billion
of random numbers per second on Tesla C1060 and NVidia GTX280 cards.

Leveraging quantum mechanics, cryptographers have devised provably secure key
sharing protocols. Despite proving the security in theory, real-world
application falls short of the ideal. Last year, cryptanalysts completed an
experiment demonstrating a successful eavesdropping attack on commercial
quantum key distribution (QKD) systems. This attack exploits a weakness in the
typical real-world implementation of quantum cryptosystems. Cryptanalysts have
successfully attacked several protocols.

In this article we provide a formal framework for reidentification in
general. We define n-confusion as a concept for modelling the anonymity of a
database table and we prove that n-confusion is a generalization of k-
anonymity. After a short survey on the different available definitions of k-
anonymity for graphs we provide a new definition for k-anonymous graph, which
we consider to be the correct definition. We provide a description of the
k-anonymous graphs, both for the regular and the non-regular case. We also
introduce the more flexible concept of (k,l)-anonymous graph.

The popularity of Internet usage although increases exponentially, it is
incapable of providing the security for exchange of confidential data between
the users. As a result, several cryptosystems for encryption of data and images
have been developed for secured transmission over Internet.

This paper develops a new algorithm to improve the security of RC4. Given
that RC4 cipher is widely used in the wireless communication and has some
weaknesses in the security of RC4 cipher, our idea is based on the combination
of the RC4 and the poly alphabetic cipher Vigen\`ere to give a new and more
secure algorithm which we called VRC4. In this technique the plain text is
encrypted using the classic RC4 cipher then re-encrypt the resulted cipher text
using Vigen\`ere cipher to be a more secure cipher text.

Collaborative spectrum sensing has been recognized as a promising approach to
improve the sensing performance via exploiting the spatial diversity of the CR
users. Such kind of cooperation, however, might be easily disrupted by the
selfish users, especially for the distributed collaborative sensing. In this
study, we identify a new kind of selfish behavior in collaborative sensing.
Specifically, the selfish user could pretend to be an honest one by claiming a
duplicated or slightly modified sensing report from others as a new one.

This encryption algorithm is mainly designed for having a secure file
transfer in the low privilege servers and as well as in a secured environment
too. This methodology will be implemented in the data center and other
important data transaction sectors of the organisation where the encoding
process of the software will be done by the database administrator or system
administrators and his trusted clients will have decoding process of the
software. This software will not be circulated to the unauthorised customers.

Recent advances in anti-malware technologies have steered the security
industry away from maintaining vast signature databases and into newer defence
technologies such as behaviour blocking, application whitelisting and others.
Most would agree that the reasoning behind this is to keep up with the arms
race established between malware writers and the security community almost
three decades ago. Still, malware writers have not as yet created new
paradigms.

IT security issues are an important aspect for each and every organization
within the video game industry. Within the video game industry alone, you might
not normally think of security risks being an issue. But as we can and have
seen in recent news, no company is immune to security risks no matter how big
or how small. While each of these organizations will never be exactly the same
as the next, there are common security issues that can and do affect each and
every video game company.

Information assurance is at the core of every initiative that an organization
executes. For online universities, a common and complex initiative is
maintaining user lifecycle and providing seamless access using one identity in
a large virtual infrastructure. To achieve information assurance the management
of user privileges affected by events in the user's identity lifecycle needs to
be the determining factor for access control.

Secret sharing schemes create an effective method to safeguard a secret by
dividing it among several participants. By using hash functions and the herding
hashes technique, we first set up a (t+1, n) threshold scheme which is perfect
and ideal, and then extend it to schemes for any general access structure. The
schemes can be further set up as proactive or verifiable if necessary. The
setup and recovery of the secret is efficient due to the fast calculation of
the hash function. The proposed scheme is flexible because of the use of
existing hash functions.

In this paper, we survey the state of the art of the secure key exchange
method that is secured by the laws of classical statistical physics, and
involves the Kirchhoff's law and the generalized Johnson noise equation, too.
We discuss the major characteristics and advantages of these schemes especially
in comparison with quantum encryption, and analyze some of the technical
challenges of its implementation, too.

The challenging number is used for the detection of Spoofing attack. The IP
Spoofing is considered to be one of the potentially brutal attack which acts as
a tool for the DDoS attack which is considered to be a major threat among
security problems in today's internet. These kinds of attack are extremely
severe. They bring down business of company drastically. DDoS attack can easily
exhaust the computing and communication resources of its victim within a short
period of time.

The existing peer-to-peer networks have several problems such as fake content
distribution, free riding, white-washing and poor search scalability, lack of a
robust trust model and absence of user privacy protection mechanism. Although,
several trust management and semantic community-based mechanisms for combating
free riding and distribution of malicious contents have been proposed by some
researchers, most of these schemes lack scalability due to their high
computational, communication and storage overhead.

This chapter is going to deal with enhancing the efficiency of Biometric by
integrating it with Salt Value (randomly generated value of varying length).
Normally at an enterprise level or data centres, the servers are maintained
with complex passwords and they are known only to the system administrators.
Even after applying lot of securities at an expert level, the hackers are able
to penetrate through the network and break the passwords easily.

The linear complexity and the $k$-error linear complexity of a sequence have
been used as important security measures for key stream sequence strength in
linear feedback shift register design. By studying the linear complexity of
binary sequences with period $2^n$, one could convert the computation of
$k$-error linear complexity into finding error sequences with minimal Hamming
weight.

The Google Desktop Search is an indexing tool, currently in beta testing,
designed to allow users fast, intuitive, searching for local files. The
principle interface is provided through a local web server which supports an
interface similar to Google.com's normal web page. Indexing of local files
occurs when the system is idle, and understands a number of common file types.
A optional feature is that Google Desktop can integrate a short summary of a
local search results with Google.com web searches. This summary includes 30-40
character snippets of local files.

The evolving necessity of the Internet increases the demand on the bandwidth.
Therefore, this demand opens the doors for the hackers' community to develop
new methods and techniques to gain control over networking systems. Hence, the
intrusion detection systems (IDS) are insufficient to prevent/detect
unauthorized access the network. Network Intrusion Detection System (NIDS) is
one example that still suffers from performance degradation due the increase of
the link speed in today's networks.

Oblivious RAM simulation is a method for achieving confidentiality and
privacy in cloud computing environments. It involves obscuring the access
patterns to a remote storage so that the manager of that storage cannot infer
information about its contents. Existing solutions typically involve small
amortized overheads for achieving this goal, but nevertheless involve
potentially huge variations in access times, depending on when they occur. In
this paper, we show how to de-amortize oblivious RAM simulations, so that each
access takes a worst-case bounded amount of time.

Importance of Elliptic Curves in Cryptography was independently proposed by
Neal Koblitz and Victor Miller in 1985.Since then, Elliptic curve cryptography
or ECC has evolved as a vast field for public key cryptography (PKC) systems.
In PKC system, we use separate keys to encode and decode the data. Since one of
the keys is distributed publicly in PKC systems, the strength of security
depends on large key size. The mathematical problems of prime factorization and
discrete logarithm are previously used in PKC systems.

Selling train tickets has evolved in the last ten years from queuing in the
railway station, to buying tickets on the internet and printing them. Both
alternatives are still viable options, though they are time consuming or need
printing devices. Nowadays it is essential to offer a service that is as fast
and efficient as possible: mobile phones provide an accessible, affordable and
widely available tool for supplying information and transferring data. The goal
of this project is to design a train ticket contained in a SMS message.

Since 1998 the GSM security has been academically broken but no real attack
has ever been done until in 2008 when two engineers of Pico Computing (FPGA
manufacture) revealed that they could break the GSM encryption in 30 seconds
with 200'000$ hardware and precomputed rainbow tables. Since then the hardware
was either available for rich people only or was confiscated by government
agencies. So Chris Paget and Karsten Nohl decided to react and do the same
thing but in a distributed open source form (on torrent).

Consider the problem of verifying security properties of a cryptographic
protocol coded in C. We propose an automatic solution that needs neither a
pre-existing protocol description nor manual annotation of source code. First,
symbolically execute the C program to obtain symbolic descriptions for the
network messages sent by the protocol. Second, apply algebraic rewriting to
obtain a process calculus description. Third, run an existing protocol analyser
(ProVerif) to prove security properties or find attacks.

Recent Microsoft security bulletins show that kernel vulnerabilities are
becoming more and more important security threats. Despite the pretty extensive
security mitigations many of the kernel vulnerabilities are still exploitable.
Successful kernel exploitation typically grants the attacker maximum privilege
level and results in total machine compromise.

In this paper we propose a method to construct logarithmic signatures which
are not amalgamated transversal and further do not even have a periodic block.
The latter property was crucial for the successful attack on the system MST3 by
Blackburn et al. [1]. The idea for our construction is based on the theory in
Szab\'o's book about group factorizations [12].

A new approach to the generation of random sequences and two dimensional
random patterns is proposed in this paper in which random sequences are
generated by making use of either Delaunay triangulation or Voronoi diagrams
drawn from random points taken in a two dimensional plane. Both the random
sequences and two dimensional random patterns generated in this manner are
shown to be more random when compared to pseudo-random sequences and patterns.

The quality of image encryption is commonly measured by the Shannon entropy
over the ciphertext image. However, this measurement does not consider to the
randomness of local image blocks and is inappropriate for scrambling based
image encryption methods. In this paper, a new information entropy-based
randomness measurement for image encryption is introduced which, for the first
time, answers the question of whether a given ciphertext image is sufficiently
random-like.

In studying how to communicate over a public channel with an active
adversary, Dodis and Wichs introduced the notion of a non-malleable extractor.
A non-malleable extractor dramatically strengthens the notion of a strong
extractor. A strong extractor takes two inputs, a weakly-random x and a
uniformly random seed y, and outputs a string which appears uniform, even given
y. For a non-malleable extractor Ext, the output Ext(x,y) should appear uniform
given y as well as Ext(x,A(y)), where A is an arbitrary function with A(y) not
equal to y.

Different variants of the code-based McEliece cryptosystem were pro- posed to
reduce the size of the public key. All these variants use very structured
codes, which open the door to new attacks exploiting the underlying structure.
In this paper, we show that the dyadic variant can be designed to resist all
known attacks. In light of a new study on list decoding algorithms for binary
Goppa codes, we explain how to increase the security level for given public
keysizes.

We further investigate the approximate privacy model recently introduced by
Feigenbaum et al. We explore the privacy properties of a natural class of
communication protocols that we refer to as "dissection protocols". Under a
dissection protocol, the communicating parties are restricted to answering
questions of the form "Is your input between the values a and b (under a
natural order over possible inputs)?".

Recently, Choi \emph{et al}. proposed an assumption on Mayers-Lo-Chau (MLC)
no-go theorem that the state of the entire quantum system is invariable to both
participants before the unveiling phase. This means that the theorem is only
applicable to static quantum bit commitment (QBC). This paper find that the
assumption is unnecessary and the MLC no-go theorem can be applied to not only
static QBC, but also non-static one.

This paper proposes a strict authentication watermarking for medical images.
In this scheme, we define region of interest (ROI) by taking the smallest
rectangle around an image. The watermark is generated from hashing the area of
interest. The embedding region is considered to be outside the region of
interest as to preserve the area from distortion as a result from watermarking.
The strict authentication watermarking is robust to some degree of JPEG
compression (SAW-JPEG). JPEG compression will be reviewed.

This paper presents new properties of Primitive Pythagorean Triples (PPT)
that have relevance in applications where events of different probability need
to be generated and in cryptography.

This paper introduces current watermarking techniques available from the
literatures. Requirements for medical watermarking will be discussed. We then
propose a watermarking scheme that can recover the original image from the
watermarked one. The purpose is to verify the integrity and authenticity of
DICOM images. We used ultrasound (US) images in our experiment. SHA-256 of the
whole image is embedded in the least significant bits of the RONI (Region of
Non-Interest). If the image has not been altered, the watermark will be
extracted and the original image will be recovered.

Smart Metering is a concept that allows to collect fine-grained consumption
profiles from customers by replacing traditional electricity meters with Smart
Meters in customers' households. The recorded consumption profile is the basis
for the calculation of time-dependent tariffs but also allows deduction of the
inhabitant's personal schedules and habits. The current reporting of such
consumption profiles only protects this data from 3rd parties but falls short
to protect the customer's privacy from illegitimate abuse by the supplier
itself.

As sensors become ever more prevalent, more and more information will be
collected about each of us. A long-term research question is how best to
support beneficial analysis of such data while preserving individual privacy.
Awareness systems represent an emerging class of applications supporting both
business and social functions that leverage pervasive sensors to detect and
report end-user physical state, activities, and available communication
channels. To buy into the system, however, users must be able to control how
information about them is shared.

Corporate mail services are designed to perform better than public mail
services. Fast mail delivery, large size file transfer as an attachments, high
level spam and virus protection, commercial advertisement free environment are
some of the advantages worth to mention. But these mail services are frequent
target of hackers and spammers. Distributed Denial of service attacks are
becoming more common and sophisticated. The researchers have proposed various
solutions to the DDOS attacks. Can we stop these kinds of attacks with
available technology?

This paper presents solutions for distribution, access and use of resources
in information security systems. The solutions comprise the authors’ experience
in development and implementation of systems for information security in the
Automated Information Systems. The models, the methods and the modus operandi
are being explained.

In pervasive computing environments, Location- Based Services (LBSs) are
becoming increasingly important due to continuous advances in mobile networks
and positioning technologies. Nevertheless, the wide deployment of LBSs can
jeopardize the location privacy of mobile users. Consequently, providing
safeguards for location privacy of mobile users against being attacked is an
important research issue. In this paper a new scheme for safeguarding location
privacy is proposed.

Spam messages muddle up users inbox, consume network resources, and build up
DDoS attacks, spread malware. Our goal is to present a definite figure about
the characteristics of spam and spam vulnerable email accounts. These
evaluations help us to enhance the existing technology to combat spam
effectively. We collected 400 thousand spam mails from a spam trap set up in a
corporate mail server for a period of 14 months form January 2006 to February
2007. Spammers use common techniques to spam end users regardless of corporate
server and public mail server.

In Ciphertext Policy Attribute based Encryption scheme, the encryptor can fix
the policy, who can decrypt the encrypted message. The policy can be formed
with the help of attributes. In CP-ABE, access policy is sent along with the
ciphertext. We propose a method in which the access policy need not be sent
along with the ciphertext, by which we are able to preserve the privacy of the
encryptor. The proposed construction is provably secure under Decision Bilinear
Diffe-Hellman assumption.

Spam messes up users inbox, consumes resources and spread attacks like DDoS,
MiM, Phishing etc., Phishing is a byproduct of email and causes financial loss
to users and loss of reputation to financial institutions. In this paper we
study the characteristics of phishing and technology used by phishers. In order
to counter anti phishing technology, phishers change their mode of operation;
therefore continuous evaluation of phishing helps us to combat phishers
effectively.

With increasing complexity of modern-day mobile devices, security of these
devices in presence of myriad attacks by an intelligent adversary is becoming a
major issue. The vast majority of cell phones still remain unsecured from many
existing and emerging security threats. To address the security threats in
mobile devices we are exploring a technology, which we refer as "Collaborative
Trust". It is a technology that uses a system of devices cooperating with each
other (working in a fixed or ad-hoc network) to achieve the individual security
of each device.

We consider the problem of constructing optimal authentication codes with
splitting. New infinite families of such codes are obtained. In particular, we
establish the first known infinite family of optimal authentication codes with
splitting that are secure against spoofing attacks of order two.

Since security is one of the most important issues, the evolve of
cryptography and cryptographic analysis are considered as the fields of
on-going research. The latest development on this field is DNA cryptography. It
has emerged after the disclosure of computational ability of Deoxyribo Nucleic
Acid (DNA). DNA cryptography uses DNA as the computational tool along with
several molecular techniques to manipulate it. Due to very high storage
capacity of DNA, this field is becoming very promising.

An algorithm for constructing a shortest binary k-stage machine generating a
given binary sequence is presented. This algorithm can be considered as an
extension of Berlekamp-Massey algorithm to the non-linear case.

We formalize automated analysis techniques for the validation of web services
specified in BPEL and a RBAC variant tailored to BPEL. The idea is to use
decidable fragments of first-order logic to describe the state space of a
certain class of web services and then use state-of-the-art SMT solvers to
handle their reachability problems. To assess the practical viability of our
approach, we have developed a prototype tool implementing our techniques and
applied it to a digital contract signing service inspired by an industrial case
study.

Attack--defense trees are used to describe security weaknesses of a system
and possible countermeasures. In this paper, the connection between
attack--defense trees and game theory is made explicit. We show that
attack--defense trees and binary zero-sum two-player extensive form games have
equivalent expressive power when considering satisfiability, in the sense that
they can be converted into each other while preserving their outcome and their
internal structure.

Steganography and Cryptography are two popular ways of sending vital
information in a secret way. One hides the existence of the message and the
other distorts the message itself. There are many cryptography techniques
available; among them AES is one of the most powerful techniques. In
Steganography we have various techniques in different domains like spatial
domain, frequency domain etc. to hide the message. It is very difficult to
detect hidden message in frequency domain and for this domain we use various
transformations like DCT, FFT and Wavelets etc.

In this paper a secret sharing scheme based on the word problem in groups is
introduced. The security of the scheme and possible variations are discussed in
section 2. The article concludes with the suggestion of two categories of
platform groups for the implementation of the scheme.

Each day, anti-virus companies receive tens of thousands samples of
potentially harmful executables. Many of the malicious samples are variations
of previously encountered malware, created by their authors to evade
pattern-based detection. Dealing with these large amounts of data requires
robust, automatic detection approaches. This paper studies malware
classification based on call graph clustering. By representing malware samples
as call graphs, it is possible to abstract certain variations away, and enable
the detection of structural similarities between samples.

The fuzzy vault is an error tolerant authentication method that ensures the
privacy of the stored reference data. Several publications have proposed the
application of the fuzzy vault to fingerprints, but the results of subsequent
analyses indicate that a single finger does not contain sufficient information
for a secure implementation. In this contribution, we present an implementation
of a fuzzy vault based on minutiae information in several fingerprints aiming
at a security level comparable to current cryptographic applications.

This article describes a new family of cryptographically secure pseudorandom
number generators, based on coupled chaotic maps, that will serve as keystream
in a stream cipher. The maps are a modification of a piecewise linear map, by
dynamic changing of the coefficient values and perturbing its lesser
significant bits.

Security and privacy are the inherent problems in RFID communications. There
are several protocols have been proposed to overcome those problems. Hash chain
is commonly employed by the protocols to improve security and privacy for RFID
authentication. Although the protocols able to provide specific solution for
RFID security and privacy problems, they fail to provide integrated solution.
This article is a survey to closely observe those protocols in terms of its
focus and limitations.

Improved interoperability between public and private organizations is of key
significance to make digital government newest triumphant. Digital Government
interoperability, information sharing protocol and security are measured the
key issue for achieving a refined stage of digital government. Flawless
interoperability is essential to share the information between diverse and
merely dispersed organisations in several network environments by using
computer based tools.

Internet worm attacks pose a significant threat to network security and
management. In this work, we coin the term Internet worm tomography as
inferring the characteristics of Internet worms from the observations of
Darknet or network telescopes that monitor a routable but unused IP address
space.

Video chat systems such as Chatroulette have become increasingly popular as a
way to meet and converse one-on-one via video and audio with other users online
in an open and interactive manner. At the same time, security and privacy
concerns inherent in such communication have been little explored. This paper
presents one of the first investigations of the privacy threats found in such
video chat systems, identifying three such threats, namely de-anonymization
attacks, phishing attacks, and man-in-the-middle attacks.

We propose a new platform for implementing secure wireless ad hoc networks.
Our proposal is based on a modular architecture, with the software stack
constructed directly on the Ethernet layer. Within our platform we use a new
security protocol that we designed to ensure mutual authentication between
nodes and a secure key exchange. The correctness of the proposed security
protocol is ensured by Guttman's authentication tests.

The establishment of trust relationships to a trusted platform relies on the
process of validation. Validation allows an external entity to build trust in
the expected behaviour of the platform based on provided evidence of the
platform's configuration. In a validation mechanism such as remote attestation,
the trusted platform exhibits verification data created during a start up
process. These data consist in hardware-protected values of platform
configuration registers, containing nested measurement values, i.e., hash
values, of all loaded or started components.

This article is meant to provide an additional point of view, applying known
knowledge, to supply keys that have a series of non-repeating digits, in a
manner that is not usually thought of. Traditionally, prime numbers are used in
encryption as keys that have non-repeating sequences. Non-repetition of digits
in a key is very sought after in encryption. Uniqueness in a digit sequence
defeats decryption by method.

This article is meant to provide an additional point of view, applying known
knowledge, to supply keys that have a series of non-repeating digits, in a
manner that is not usually thought of. Traditionally, prime numbers are used in
encryption as keys that have non-repeating sequences. Usually, non-repetition,
especially of digits in a key, is very sought after in encryption. Uniqueness
in a digit sequence defeats decryption.

The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence
generator which is recently proposed by A. Kanso. It consists of three
registers of length l, m and n bits. The first register controls the clocking
of the two others. The two other registers are clocked r times (or not clocked)
(resp. s times or not clocked) depending on the clock-control bit in the first
register. The special case r=s=1 is the original and well known Alternating
Step Generator. Kanso claims there is no efficient attack against the ASG(r,s)
since r and s are kept secret.

Secret sharing in user hierarchy represents a challenging area for research.
Although a lot of work has already been done in this direc- tion, this paper
presents a novel approach to share a secret among a hierarchy of users while
overcoming the limitations of the already exist- ing mechanisms. Our work is
based on traditional (k +1; n)-threshold secret sharing, which is secure as
long as an adversary can compromise not more than k secret shares. But in real
life it is often feasible for an adversary to obtain more than k shares over a
long period of time.

In the paper systematization and classification of modern quantum
technologies of the information security against cyber-terrorist attack are
carried out. The characteristic of the basic directions of quantum cryptography
from the viewpoint of used quantum technologies is given. The qualitative
analysis of advantages and disadvantages of concrete quantum protocols is made.
The current status of a problem of practical quantum cryptography using in
telecommunication networks is considered.

In 1998 [8], Patarin proposed an efficient cryptosystem called Little Dragon
which was a variant a variant of Matsumoto Imai cryptosystem C*. However
Patarin latter found that Little Dragon cryptosystem is not secure [8], [3]. In
this paper we propose a cryptosystem Little Dragon Two which is as efficient as
Little Dragon cryptosystem but secure against all the known attacks. Like
Little Dragon cryptosystem the public key of Little Dragon Two is mixed type
that is quadratic in plaintext and cipher text variables.

Radio Frequency Identification (RFID) technology one of the most promising
technologies in the field of ubiquitous computing. Indeed, RFID technology may
well replace barcode technology. Although it offers many advantages over other
identification systems, there are also associated security risks that are not
easy to be addressed. When designing a real lightweight authentication protocol
for low cost RFID tags, a number of challenges arise due to the extremely
limited computational, storage and communication abilities of Low-cost RFID
tags.

Quantum Cryptography or Quantum key distribution (QKD) is a technique that
allows the secure distribution of a bit string, used as key in cryptographic
protocols. When it was noted that quantum computers could break public key
cryptosystems based on number theory extensive studies have been undertaken on
QKD. Based on quantum mechanics, QKD offers unconditionally secure
communication. Now, the progress of research in this field allows the
anticipation of QKD to be available outside of laboratories within the next few
years.

E-Commerce offers the banking industry great opportunity, but also creates a
set of new risks and vulnerability such as security threats. Information
security, therefore, is an essential management and technical requirement for
any efficient and effective Payment transaction activities over the internet.
Still, its definition is a complex endeavor due to the constant technological
and business change and requires a coordinated match of algorithm and technical
solutions.

A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to
provide communications among nearby vehicles and between vehicles and nearby
fixed roadside equipment. The key operation in VANETs is the broadcast of
messages. Consequently, the vehicles need to make sure that the information has
been sent by an authentic node in the network. VANETs present unique challenges
such as high node mobility, real-time constraints, scalability, gradual
deployment and privacy.

A simple binary model to compute the degree of balancedness in the output
sequence of LFSR-combinational generators has been developed. The computational
method is based exclusively on the handling of binary strings by means of logic
operations. The proposed model can serve as a deterministic alternative to
existing probabilistic methods for checking balancedness in binary sequence
generators. The procedure here described can be devised as a first selective
criterium for acceptance/rejection of this type of generators.

In this work, pseudorandom sequence generators based on finite fields have
been analyzed from the point of view of their cryptographic application. In
fact, a class of nonlinear sequence generators has been modelled in terms of
linear cellular automata. The algorithm that converts the given generator into
a linear model based on automata is very simple and is based on the
concatenation of a basic structure. Once the generator has been linearized, a
cryptanalytic attack that exploits the weaknesses of such a model has been
developed.

In mobile ad hoc networks, by attacking the corresponding routing protocol,
an attacker can easily disturb the operations of the network. For ad hoc
networks, till now many secured routing protocols have been proposed which
contains some disadvantages. Therefore security in ad hoc networks is a
controversial area till now. In this paper, we proposed a Lightweight and
Attack Resistant Authenticated Routing Protocol (LARARP) for mobile ad hoc
networks. For the route discovery attacks in MANET routing protocols, our
protocol gives an effective security.

The evolution of encryption algorithms have led to the development of very
complicated and highly versatile algorithms that sacrifice efficiency for
better and harder to decrypt results. But by the application of a genetic
schema to the encryption of data, a new structure can be created. Genetic
methods and procedures are lethal in the way they handle and manipulate data.
The RAmM algorithm uses four genetic operations that have been developed
specifically for encryption of data. The operations are Replication,
Augmentation, Mutation and Multiplication.

Negative databases - negative representations of a set of data - have been
introduced in 2004 to protect the data they contain. Today, no solution is
known to constitute biometric negative databases. This is surprising as
biometric applications are very demanding of such protection for privacy
reasons. The main difficulty comes from the fact that biometric captures of the
same trait give different results and comparisons of the stored reference with
the fresh captured biometric data has to take into account this variability.

In this paper, we introduce new learning algorithms for reducing false
positives in intrusion detection. It is based on decision tree-based attribute
weighting with adaptive na\"ive Bayesian tree, which not only reduce the false
positives (FP) at acceptable level, but also scale up the detection rates (DR)
for different types of network intrusions. Due to the tremendous growth of
network-based services, intrusion detection has emerged as an important
technique for network security.

In this paper a homomorphic privacy preserving association rule mining
algorithm is proposed which can be deployed in resource constrained devices
(RCD). Privacy preserved exchange of counts of itemsets among distributed
mining sites is a vital part in association rule mining process. Existing
cryptography based privacy preserving solutions consume lot of computation due
to complex mathematical equations involved.

A new class of linear sequence generators based on cellular automata is here
introduced in order to model several nonlinear keystream generators with
practical applications in symmetric cryptography. The output sequences are
written as solutions of linear difference equations, and three basic properties
(period, linear complexity and number of different output sequences) are
analyzed.

We present a new approach to edit distance attacks on certain
clock-controlled generators, which applies basic concepts of Graph Theory to
simplify the search trees of the original attacks in such a way that only the
most promising branches are analyzed. In particular, the proposed improvement
is based on cut sets defined on some graphs so that certain shortest paths
provide the edit distances.

Reactive routing protocols like Ad Hoc On-Demand Distance Vector Routing
(AODV) and Dynamic Source Routing (DSR)in Ad-Hoc Wireless Networks which are
used in Mobile and Ad Hoc Networks (MANETs) work by flooding the network with
control packets. There is generally a limit on the number of these packets that
can be generated or forwarded. But a malicious node can disregard this limit
and flood the network with fake control packets. These packets hog the limited
bandwidth and processing power of genuine nodes in the network while being
forwarded.

An Air Force evaluation of Multics, and Ken Thompson's Turing award lecture
("Reflections on Trusting Trust"), showed that compilers can be subverted to
insert malicious Trojan horses into critical software, including themselves. If
this "trusting trust" attack goes undetected, even complete analysis of a
system's source code will not find the malicious code that is running.
Previously-known countermeasures have been grossly inadequate.

This paper introduced NgViz, a tool that examines DNS traffic and shows
anomalies in n-gram frequencies. This is accomplished by comparing input files
against a fingerprint of legitimate traffic. Both quantitative analysis and
visual aids are provided that allow the user to make determinations about the
legitimacy of the DNS traffic.

High-bandwidth covert channels pose significant risks to sensitive and
proprietary information inside company networks. Domain Name System (DNS)
tunnels provide a means to covertly infiltrate and exfiltrate large amounts of
information passed network boundaries. This paper explores the possibility of
detecting DNS tunnels by analyzing the unigram, bigram, and trigram character
frequencies of domains in DNS queries and responses.

Visual Cryptography is a special encryption technique to hide information in
images, which divide secret image into multiple layers. Each layer holds some
information. The receiver aligns the layers and the secret information is
revealed by human vision without any complex computation. The proposed
algorithm is for color image, that presents a system which takes four pictures
as an input and generates three images which correspond to three of the four
input pictures.

In this paper, we present a very important primitive called Information
Checking Protocol (ICP) which plays an important role in constructing
statistical Verifiable Secret Sharing (VSS) and Weak Secret Sharing (WSS)
protocols. Informally, ICP is a tool for authenticating messages in the
presence of computationally unbounded corrupted parties. Here we extend the
basic bare-bone definition of ICP, introduced by Rabin et al. and then present
an ICP that attains the best communication complexity and round complexity
among all the existing ICPs in the literature.

Type-flaw attacks and multi-protocol attacks on security protocols have been
frequently reported in the literature. Heather et al. and Guttman et al. have
proven that these could be prevented by tagging encrypted components with
distinct constants in a standard protocol model with free message algebra and
perfect encryption. However, most "real-world" protocols such as SSL 3.0 are
designed with the Exclusive-OR (XOR) operator that possesses algebraic
properties, breaking the free algebra assumption.

In (k, n) visual secret sharing (VSS) scheme, secret image can be visually
reconstructed when k or more participants printing theirs shares on
transparencies and stack them together. No secret is revealed with fewer than k
shares. The alignment of the transparencies is important to the visual quality
of the reconstructed secret image. In VSS scheme, each pixel of the original
secret image is expanded to m sub-pixels in a share image.

In our proposed model, the route selection is a function of following
parameters: hop count, trust level of node and security level of application.
In this paper, to focus on secure neighbor detection, trust factor evaluation,
operational mode, route discovery and route selection. The paper mainly address
the security of geographic routing. The watchdog identifies misbehaving nodes,
while the Pathselector avoids routing packets through these nodes. The
watchdog, the pathselector is run by each server.

Cross Site Scripting (XSS) Flaws are currently the most popular security
problems in modern web applications. These Flaws make use of vulnerabilities in
the code of web-applications, resulting in serious consequences, such as theft
of cookies, passwords and other personal credentials. Cross-Site scripting
Flaws occur when accessing information in intermediate trusted sites. Client
side solution acts as a web proxy to mitigate Cross Site Scripting Flaws which
manually generated rules to mitigate Cross Site Scripting attempts.

According to actual needs, generalized signcryption scheme can flexibly work
as an encryption scheme, a signature scheme or a signcryption scheme. In this
paper, firstly, we give a security model for identity based generalized
signcryption which is more complete than existing model. Secondly, we propose
an identity based generalized signcryption scheme. Thirdly, we give the
security proof of the new scheme in this complete model. Comparing with
existing identity based generalized signcryption, the new scheme has less
implementation complexity.

Almost all existing RFID authentication schemes (tag/reader) are vulnerable
to relay attacks, because of their inability to estimate the distance to the
tag. These attacks are very serious since it can be mounted without the notice
of neither the reader nor the tag and cannot be prevented by cryptographic
protocols that operate at the application layer. Distance bounding protocols
represent a promising way to thwart relay attacks, by measuring the round trip
time of short authenticated messages.

In 2004, Das, Saxena and Gulati proposed a dynamic ID-based remote user
authentication scheme which has many advantage such as no verifier table, user
freedom to choose and change password and so on. However the subsequent papers
have shown that this scheme is completely insecure and vulnerable to many
attacks. Since then many schemes with improvements to Das et al's scheme has
been proposed but each has its pros and cons. Recently Yan-yan Wang et al.

This paper proposes to address new requirements of confidentiality, integrity
and availability properties fitting to peer-to-peer domains of resources. The
enforcement of security properties in an open peer-topeer network remains an
open problem as the literature have mainly proposed contribution on
availability of resources and anonymity of users. That paper proposes a novel
architecture that eases the administration of a peer-to-peer network.

Cryptographic check values (digital signatures, MACs and H-MACs) are useful
only if they are free of errors. For that reason all of errors in cryptographic
check values should be corrected after the transmission over a noisy channel
before their verification is performed. Soft Input Decryption is a method of
combining SISO convolutional decoding and decrypting of cryptographic check
values to improve the correction of errors in themselves. If Soft Input
Decryption is successful, i.e.

Intrusion Detection & Prevention Systems generally aims at detecting /
preventing attacks against Information systems and networks. The basic task of
IDPS is to monitor network & system traffic for any malicious packets/patterns
and hence to prevent any unwarranted incidents which leads the systems to
insecure state. The monitoring is done by checking each packet for its validity
against the signatures formulated for identified vulnerabilities.

We present an overview of quantum key distribution (QKD), a secure key
exchange method based on the quantum laws of physics rather than computational
complexity. We also provide an overview of the two most widely used commodity
security protocols, IPsec and TLS. Pursuing a key exchange model, we propose
how QKD could be integrated into these security applications. For such a QKD
integration we propose a support layer that provides a set of common QKD
services between the QKD protocol and the security applications

this paper demonstrates analysis of well known block cipher CAST-128 and its
modified version using avalanche criterion and other tests namely encryption
quality, correlation coefficient, histogram analysis and key sensitivity tests.

Cryptographic hash functions for calculating the message digest of a message
has been in practical use as an effective measure to maintain message integrity
since a few decades. This message digest is unique, irreversible and avoids all
types of collisions for any given input string. The message digest calculated
from this algorithm is propagated in the communication medium along with the
original message from the sender side and on the receiver side integrity of the
message can be verified by recalculating the message digest of the received
message and comparing the two digest values.

The Internet never forgets and data lingers virtually forever. Private data
created by users is frequently disseminated around the Internet and users often
lose the control and ownership of their contents. This increasing diffusion of
private data over the Internet motivates the need for ephemeral data, i.e.
time-bounded data that cannot be accessed after a userspecified expiration
time. This paper explores and formalizes the concept of Ephemeral Data Systems,
systems that prevent an adversary from accessing expired contents.

Type-flaw attacks upon security protocols wherein agents are led to
misinterpret message types have been reported frequently in the literature.
Preventing them is crucial for protocol security and verification. Heather et
al. proved that tagging every message field with it's type prevents all
type-flaw attacks under a free message algebra and perfect encryption system.
In this paper, we prove that type-flaw attacks can be prevented with the same
technique even under the ACUN algebraic properties of XOR which is commonly
used in "real-world" protocols such as SSL 3.0.

Distance bounding protocols are used by nodes in wireless networks to
calculate upper bounds on their distances to other nodes. However, dishonest
nodes in the network can turn the calculations both illegitimate and inaccurate
when they participate in protocol executions. It is important to analyze
protocols for the possibility of such violations. Past efforts to analyze
distance bounding protocols have only been manual.

The rapid development of multimedia and internet allows for wide distribution
of digital media data. It becomes much easier to edit, modify and duplicate
digital information .Besides that, digital documents are also easy to copy and
distribute, therefore it will be faced by many threats. It is a big security
and privacy issue, it become necessary to find appropriate protection because
of the significance, accuracy and sensitivity of the information. Steganography
considers one of the techniques which used to protect the important
information.

Secure sum computation of private data inputs is an interesting example of
Secure Multiparty Computation (SMC) which has attracted many researchers to
devise secure protocols with lower probability of data leakage. In this paper,
we provide a novel protocol to compute the sum of individual data inputs with
zero probability of data leakage when two neighbor parties collude to know the
data of a middle party.

In a recent paper \cite{Zhang-Xiao}, Zhang and Xiao describe a technique on
constructing almost optimal resilient functions on even number of variables. In
this paper, we will present an extensive study of the constructions of almost
optimal resilient functions by using the generalized Maiorana-McFarland (GMM)
construction technique.

As the amount of personal information stored at remote service providers
increases, so does the danger of data theft. When connections to remote
services are made in the clear and authenticated sessions are kept using HTTP
cookies, data theft becomes extremely easy to achieve. In this paper, we study
the architecture of the world's largest service provider, i.e., Google. First,
with the exception of a few services that can only be accessed over HTTPS
(e.g., Gmail), we find that many Google services are still vulnerable to simple
session hijacking.

In cluster-based routing protocol (CBRP), two-level hierarchical structure is
successfully used to reduce over-flooding in wireless Ad Hoc networks. As it is
vulnerable to a single point of failure, we propose a new adaptive distributed
threshold scheme to replace the cluster head by a group of cluster heads within
each cluster, called COUNCIL, and distribute the service of single cluster head
to multiple cluster heads using (k,n) threshold secret sharing scheme.

When Bluetooth devices come within the range of another, an electronic
conversation takes place to determine whether the devices in range are known or
whether one needs to control the other. Most Bluetooth devices do not require
any form of user interaction for this to occur. If devices within range are
known to one another, the devices automatically form a network known as a
pairing. Authentication addresses the identity of each communicating device.
The sender sends an encrypted authentication request frame to the receiver.

Security of any software can be enhanced manifolds if multiple factors for
authorization and authentication are used .The main aim of this work was to
design and implement an Academy Automation Software for IPS Academy which uses
OpenID and Windows CardSpace as Authentication Techniques in addition to Role
Based Authentication (RBA) System to ensure that only authentic users can
access the predefined roles as per their Authorization level.

We propose a hybrid technique for image encryption which employs the concept
of carrier image and SCAN patterns generated by SCAN methodology. Although it
involves existing method like SCAN methodology, the novelty of the work lies in
hybridizing and carrier image creation for encryption. Here the carrier image
is created with the help of alphanumeric keyword. Each alphanumeric key will be
having a unique 8bit value generated by 4 out of 8-code. This newly generated
carrier image is added with original image to obtain encrypted image.

Security issues are playing dominant role in today's high speed communication
systems. A fast and compact FPGA based implementation of the Data Encryption
Standard (DES) and Triple DES algorithm is presented in this paper that is
widely used in cryptography for securing the Internet traffic in modern day
communication systems. The design of the digital cryptographic circuit was
implemented in a Vertex 5 series (XCVLX5110T) target device with the use of
VHDL as the hardware description language.

In this paper we address the problem of protecting elliptic curve scalar
multiplication implementations against side-channel analysis by using the
atomicity principle. First of all we reexamine classical assumptions made by
scalar multiplication designers and we point out that some of them are not
relevant in the context of embedded devices. We then describe the
state-of-the-art of atomic scalar multiplication and propose an atomic pattern
improvement method.

Secure Multi-Party Computation (SMC) allows multiple parties to compute some
function of their inputs without disclosing the actual inputs to one another.
Secure sum computation is an easily understood example and the component of the
various SMC solutions. Secure sum computation allows parties to compute the sum
of their individual inputs without disclosing the inputs to one another. In
this paper, we propose a modified version of our ck-Secure Sum protocol with
more security when a group of the computing parties conspire to know the data
of some party.

The Discrete Logarithm Problem is well-known among cryptographers, for its
computational hardness that grants security to some of the most commonly used
cryptosystems these days. Still, many of these are limited to a small number of
candidate algebraic structures which permit implementing the algorithms. In
order to extend the applicability of discrete-logarithm-based cryptosystems to
a much richer class of algebraic structures, we present a generalized form of
exponential function. Our extension relaxes some assumptions on the exponent,
which is no longer required to be an integer.

The Hill cipher is a classical symmetric encryption algorithm that succumbs
to the know-plaintext attack. Although its vulnerability to cryptanalysis has
rendered it unusable in practice, it still serves an important pedagogical role
in cryptology and linear algebra. In this paper, a variant of the Hill cipher
is introduced that makes the Hill cipher secure while it retains the
efficiency. The proposed scheme includes a ciphering core for which a
cryptographic protocol is introduced.