نشریه نوآوری های فناوری اطلاعات و ارتباطات کاربردی
پیاپی 2 (تابستان 1400)

In the past, encryption and its applications were used defensively and provided users with privacy, authentication, and security, but now hackers use crypto-malwares offensively to infiltrate and alter victims' data. Cryptovirology or malicious encryption is a different way of stealing information using a combination of one or more encryption methods and malwares, which launches an attack to ruin user data with a predetermined plan. Some crypto-malware attacks known as kleptography attacks are done using public key encryption. The purpose of this research, in addition to identifying new angles of computed kleptography and examining the new concepts presented in recent years, is to focus closely on backdoor attacks on RSA encryption key generating algorithms, and to study, review and analyze several correct and incorrect key generating algorithms. After calculating the complexity of the key production algorithms in theory, these algorithms are implemented and simulated using MATLAB software and the results are presented in comparative tables and graphs.

In the last decade, cloud computing has attracted the attention of many IT providers and users. One of the most widely used models of providing services in the field of cloud computing is the “software as a service” or SaaS model, which is usually provided as a combination of data and application components. One of the major challenges in this area is finding the optimal location for the software components on the cloud infrastructure where the software as a service can perform at its best. The problem of locating software as a service, addresses the challenge of determining which components in the cloud data center can host which components without violating the limitations of the software as a service. In this paper, we have presented a multi-objective optimization solution with the aim of reducing costs and execution time for locating components in cloud environments. We have simulated our proposed solution using the Cloudsim library and finally evaluated and compared it with two multi-objective and cuckoo search algorithms. The simulation results show that the proposed solution performs better than the two basic algorithms, reducing the implementation time of the “software as a service” components and the costs by 9.4% and 9.1% respectively, and increasing the productivity by 7.9%.

The Internet of Things provides instant access to information about the physical world and the objects within it, leading to new services and increasing efficiency and productivity. The wireless sensor network is an important network infrastructure in the Industrial Internet of Things and user authentication is used as a basic security mechanism to authenticate users to wireless sensor networks. In this article, we intend to provide a new way to improve the security of authentication using image processing. The analysis was performed by MATLAB software. The results presented in this article, which includes seven steps, have a 93% correct detection rate in pupil identification. These seven steps are: 1. Noise reduction, 2. Finding the outer border of the pupil, 3. Separating the eyelashes, 4. Finding the border of the eyelids, 5. Finding the outer border of the iris, 6. Separating the iris area and 7. Extracting the feature and encoding the pixels by the elliptic curve cryptography (ECC) method. With the measurements and experiments performed, it was found that the proposed method in identifying the eyelid border by the quadratic equation method is more efficient and faster in terms of time than the third-degree equation and the Huff parabolic conversion method. In order to extract the feature, the effective parameters in the SAIF feature extraction algorithm were examined and measured, and the optimal parameters were selected. The Sigma parameter with a value of 2.5 and the Octave parameter with a value of 4 should be considered as the best values. Also, in order to evaluate the resistance of the proposed method to error factors such as the angle, brightness and scale, the proposed method was tested and it was proved that the method has the appropriate resistance resolution in different conditions.

Today, wireless sensor networks are exposed to dangerous attacks that can disrupt the network. One of these malicious attacks is wormhole and black hole attacks which can pose serious threats to the network. Timely detection and detection of these attacks can improve network performance. In this research, a method is provided to improve, identify, detect and deal with wormhole and black hole attacks. The proposed method is a combination of two methods based on RTT and end-to-end identification method. In wireless sensor networks, when a wormhole attack occurs, it is natural that the number of node neighbors will be higher than usual; So we use this information to identify and attack wormholes. The results of this study indicate an improvement in the detection and response of attacks so that in sections, the average rate of packets received, the number of RREQs accepted at the destination, comparison of average energy consumption, node removal rate and system overhead can achieve acceptable performance compared to others. Acquired existing methods.

Today UAVs are used as data collection platforms for a group of IoT devices around the world. Determining the optimal number and locations of UAVs can minimize the energy consumption of the IoT data collection system. The use of modern multi-objective optimization algorithms can achieve this goal. In this research, a model-based multi-objective evolutionary optimization algorithm (multi-objective evolutionary algorithm using Gaussian process based on reverse modeling) is used on the data collection platform for a group of IoT devices around the earth. The results of this method have been compared with other evolutionary multi-objective optimization algorithms based on the inverse generation distance evaluation criterion. The analysis of the results of the evaluation criterion used shows that the optimization method used has a significant impact on the process of optimal energy consumption in this system. The results of this research can be used for identification of the optimization parameters in this system.

In 2019, the NIST institute started a competition called lightweight cryptography (LWC), in order to select a new standard in the pioneers of lightweight cryptography including authenticated encryption schemes and abstract-creating functions. On March 29, 2021, out of 32 candidates in the second round of the competition, 10 candidates were nominated as finalists. One of the important criteria for selecting a competition finalist is the presence of a safe and efficient structure with design features suitable for environments with limited resources. This paper, examines the top 10 finalists for the LWC in terms of the operation mode, primitives and design features. Also, the number of primary calls used in the initial and final initialization phases of the designs, which determines the cost of the preprocessing and is an important criterion in the efficiency of the structure, is examined. Based on the studies performed, Sponge-duplex and Elephant, Romulus and Grain-128AEAD designs have good performance in terms of efficiency.