International Journal of Information Security
Volume:13 Issue: 1, Jan 2021

A novel feature extraction algorithm using Otsu’s Threshold (OT-features) on scrambled images and the Instantaneous Clustering (IC-CBIR) approach is proposed for Content-Based Image Retrieval in cloud computing. Images are stored in the cloud in an encrypted or scrambled form to preserve the privacy content of the images. The proposed method extracts the features from the scrambled images using the Otsu’s threshold. Initially, the Otsu’s threshold is estimated from the scrambled image and based on this threshold the image is divided into two classes in the first iteration. Again, the new threshold values are estimated from two classes. The difference between the new threshold and the previous threshold gives two features. This process is repeated for number of iteration to obtain the complete OT-features of the scrambled image. This paper also proposes an instantaneous clustering approach (IC-CBIR) where the image is moved into a cluster as soon as the image is uploaded by the image owner. Therefore while retrieving the images, the images near to a particular cluster are matched instead of matching with a complete set of image features in the dataset which reduces the search time. The performance of the proposed algorithm is being tested using four different types of the dataset such as Corel 10K, Misc, Oxford flower, and INRIA Holidays dataset. The experimental evaluation reveals that the proposed method outperforms better than the traditional CBIR algorithm on encrypted images in terms of precision, time of search and time of index construction.

Numerous studies have been conducted to present new attacks using the time difference between the processor access to main memory and cache memory. Access-driven attacks are a series of cache-based attacks using fewer measurement samples to extract sensitive key values due to the ability of the attacker to evict or access cache lines compared to the other attacks based on this feature. In the access-driven attacks, the attacker frequently needs to evict or reload data from the cache memory before or after performing the targeted cryptosystem which requires the knowledge about the virtual or physical addresses. Knowledge of address offset for the corresponding data blocks in cryptographic libraries is a prerequisite for an adversary to reload or evict cache lines in Intel processors. Preventing the access of attackers to the address offsets can potentially be a countermeasure to mitigate access-driven attacks. In this paper, we demonstrate how to perform the Evict+Time attack on Intel x86 CPUs without any privilege of knowing address offsets.

‎Hardware Trojans have emerged as a major concern for integrated circuits in recent years‎. ‎As a result‎, ‎detecting Trojans has become an important issue in critical applications‎, ‎such as finance and health‎. ‎The Trojan detection methods are mainly categorized into functional and side channel based ones‎. ‎To increase the capability of both mentioned detection methods‎, ‎one can increase the transition activity of the circuit‎. ‎This paper proposes a trusted platform for detecting Trojans in FPGA bitstreams‎. ‎The proposed methodology takes advantage of increased Trojan activation‎, ‎caused by transition aware partitioning of the circuit‎. ‎Meanwhile‎, ‎it benefits partial reconfiguration feature of FPGAs to reduce area overhead‎. ‎Experimental studies on the mapped version of s38417 ISCAS89 benchmark show that for the transition probability thresholds of 10^{-4} and 2*10^{-5}‎, ‎our method increases the ratio of the number of transitions (TCTCR) in the Trojan circuit by about 290.93% and 131.48%‎, ‎respectively‎, ‎compared to the unpartitioned circuit‎. ‎Similar experiments on s15850 for the transition probability thresholds of 10^{-4} and 2*10^{-5} show an increase of 290.26% and 203.11% in TCTCR‎, ‎respectively. Furthermore‎, ‎this method improves the functional Trojan detection capability due to a significant increase in the ratio of observing wrong results in primary outputs‎.

Nowadays the security of the design is so important because of the different available attacks to the system. the main aim of this paper is to improve the security of the circuit design implemented on FPGA device. Two approaches are proposed for this purpose. The first is to fill out empty space using flip-flops and LUTs so that there is no available space for inserting a hardware Trojan. We name this filling structure as Gate-chain. The second approach increases the security of the implemented design by identifying the low observable/controllable points of the main design and wiring them to the unused ports or the pre-designed Gate-chains. The proposed solutions not only prevent Trojan insertion but also increase the Trojan detection capabilities. Simulation results on Xilinx devices implementing different benchmarks show that the proposed method incurs dynamic power overhead just in test mode with less than one percent of delay overhead for critical path in normal mode.

In recent years, due to their potential applications, proxy blind signatures became an active research topic and are an extension of the basic proxy signature. A proxy blind signature scheme enables a proxy signer to produce a blind signature on behalf of an original signer. Such schemes are useful in many practical applications such as e-commerce, e-voting, e-tendering systems. Many proxy blind signature schemes have been proposed in the literature. In order to improve the efficiency and to adopt resource constrained devices, in this paper, we propose a pairing free ID-based proxy blind signature scheme with message recovery. The proposed scheme is proven secure against the random oracle model under the hardness assumption of the elliptic curve discrete logarithm problem. We compare our scheme with the other proxy blind signature schemes. The efficiency analysis shows that our scheme is more efficient in terms of computational and communicational point of view. Also due to the message recovery property, our scheme can be deployed easily in low band width devices.

Today, the Internet of Things (IoT) is one of the emerging technologies that enable the connection and transfer of information through communication networks. The main idea of the IoT is the widespread presence of objects such as mobile devices, sensors, and RFID. With the increase in traffic volume in urban areas, the existing intelligent urban traffic management system based on IoT can be vital. Therefore, this paper focused on security in urban traffic based on using RFID. In our scheme, RFID tags chose as the purpose of this article. We, in this paper, present a mutual authentication protocol that leads to privacy based on hybrid cryptography. Also, an authentication process with RFID tags is proposed that can be read at high speed. The protocol has attempted to reduce the complexity of computing. At the same time, the proposed method can withstand attacks such as spoofing of tag and reader, tag tracking, and replay attack.