• Title/Summary/Keyword: enhanced message authentication encryption

Search Result 3, Processing Time 0.047 seconds

Enhanced Message Authentication Encryption Scheme Based on Physical-Layer Key Generation in Resource-Limited Internet of Things

  • Zeng Xing;Bo Zhao;Bo Xu;Guangliang Ren;Zhiqiang Liu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.9
    • /
    • pp.2546-2563
    • /
    • 2024
  • The Internet of Things (IoT) is facing growing security challenges due to its vulnerability. It is imperative to address the security issues using lightweight and efficient encryption schemes in resource-limited IoT. In this paper, we propose an enhanced message authentication encryption (MAE) scheme based on physical-layer key generation (PKG), which uses the random nature of wireless channels to generate and negotiate keys, and simultaneously encrypts the messages and authenticates the source. The proposed enhanced MAE scheme can greatly improve the security performance via dynamic keyed primitives construction while consuming very few resources. The enhanced MAE scheme is an efficient and lightweight secure communication solution, which is very suitable for resource-limited IoT. Theoretical analysis and simulations are carried out to confirm the security of the enhanced MAE scheme and evaluate its performance. A one-bit flipping in the session key or plain texts will result in a 50%-bit change in the ciphertext or message authentication code. The numerical results demonstrate the good performance of the proposed scheme in terms of diffusion and confusion. With respect to the typical advanced encryption standard (AES)-based scheme, the performance of the proposed scheme improves by 80.5% in terms of algorithm execution efficiency.

Sender Authentication Mechanism based on DomainKey with SMS for Spam Mail Sending Protection (대량 스팸메일 발송 방지를 위한 SMS 기반 DomainKey 방식의 송신자 인증 기법)

  • Lee, Hyung-Woo
    • The Journal of the Korea Contents Association
    • /
    • v.7 no.4
    • /
    • pp.20-29
    • /
    • 2007
  • Although E-mail system is considered as a most important communication media, 'Spam' is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Therefore advanced anti-spam techniques are required to basically reduce its transmission volume on sender mail server or MTA, etc. In this study, we propose a new sender authentication model with encryption function based on modified DomainKey with SMS for Spam mail protection. From the SMS message, we can get secret information used for verification of its real sender on e-mail message. And by distributing this secret information with SMS like out-of-band channel, we can also combine proposed modules with existing PGP scheme for secure e-mail generation and authentication steps. Proposed scheme provide enhanced authentication function and security on Spam mail protection function because it is a 'dual mode' authentication mechanism.

A Database Security System for Detailed Access Control and Safe Data Management (상세 접근 통제와 안전한 데이터 관리를 위한 데이터베이스 보안 시스템)

  • Cho, Eun-Ae;Moon, Chang-Joo;Park, Dae-Ha;Hong, Sung-Jin;Baik, Doo-Kwon
    • Journal of KIISE:Databases
    • /
    • v.36 no.5
    • /
    • pp.352-365
    • /
    • 2009
  • Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.