Xin-Wen Wu

On the Security of Permutation-Only Image Encryption Schemes

Permutation is a commonly used primitive in multimedia (image/video) encryption schemes, and many permutation-only algorithms have been proposed in recent years for the protection of multimedia data. In permutation-only image ciphers, the entries of the image matrix are scrambled using a permutation mapping matrix which is built by a pseudo-random number generator. The literature on the cryptanalysis of image ciphers indicates that the permutation-only image ciphers are insecure against ciphertext-only attacks and/or known/chosenplaintext attacks. However, the previous studies have not been able to ensure the correct retrieval of the complete plaintext elements. In this paper, we revisited the previous works on cryptanalysis of permutation-only image encryption schemes and made the cryptanalysis work on chosen-plaintext attacks complete and more efficient. We proved that in all permutationonly image ciphers, regardless of the cipher structure, the correct permutation mapping is recovered completely by a chosenplaintext attack. To the best of our knowledge, for the first time, this paper gives a chosen-plaintext attack that completely determines the correct plaintext elements using a deterministic method. When the plain-images are of size M × N and with L different color intensities, the number n of required chosen plain-images to break the permutation-only image encryption algorithm is n = ΓlogL(MN)1. The complexity of the proposed attack is O (n · M N) which indicates its feasibility in a polynomial amount of computation time. To validate the performance of the proposed chosen-plaintext attack, numerous experiments were performed on two recently proposed permutation-only image/video ciphers. Both theoretical and experimental results showed that the proposed attack outperforms the state-of-theart cryptanalytic methods.

Wireless Smart Home Sensor Networks: Mobile Agent Based Anomaly Detection

Pervasive computing is changing the life style of human being in the 21st century. Smart home is one of the emerging examples for pervasive computing applications. In a smart home scenario, Wireless Sensor Network (WSN) can potentially provide information about device activities and their status. This information can be useful for variety of purposes like monitoring home security, examining status of nodes, and replacing nodes that are malfunctioning or dead. The sensor network needs to be protected from intrusions and anomalies. Over the years, various Intrusion Detection Systems (IDS) are proposed for preventing WSNs from intrusions. Although some mobile agent based IDS are proposed, anomaly detection for wireless smart home sensor network (WSHSN) is not fully exploited. In this article, we have proposed a mobile agent based anomaly detection mechanism for WSHSNs. The proposed scheme takes advantage from heterogeneous nature of devices in smart home for effectively detecting anomalies. The anomaly detection infrastructure is installed at resource rich nodes such as Cluster Heads (CHs).The mobile agent takes only few bytes of data to further assess the anomalous behavior of suspicious node. The analysis and comparative study show several advantages of the proposed scheme, such as efficient utilization of memory, reducing network load, and reduction in overall computational cost of the network. The nature of our proposed solution is generic, so that as it is, or with slight modifications, it can be implemented on other heterogeneous wireless sensor networks.

Mobile agent-based cross-layer anomaly detection in smart home sensor networks using fuzzy logic

Despite the rapid advancements in consumer electronics, the data transmitted by sensing devices in a smart home environment are still vulnerable to anomalies due to node faults, transmission errors, or attacks. This affects the reliability of the received sensed data and may lead to the incorrect decision making at both local (i.e., smart home) and global (i.e., smart city) levels. This study introduces a novel mobile agent-based cross-layer anomaly detection scheme, which takes into account stochastic variability in cross-layer data obtained from received data packets, and defines fuzzy logic-based soft boundaries to characterize behavior of sensor nodes. This cross-layer design approach empowers the proposed scheme to detect both node and link anomalies, and also effectively transmits mobile agents by considering the communication link-state before transmission of the mobile agent. The proposed scheme is implemented on a real testbed and a modular application software is developed to manage the anomaly detection system in the smart home. The experimental results show that the proposed scheme detects cross-layer anomalies with high accuracy and considerably reduces the energy consumption caused by the mobile agent transmission in the poor communication link-state situations.

A novel dynamic user authentication scheme

Network based businesses including on-line financial services have suffered from various attacks on user authentication. There is a strong desire to develop and implement more secure authentication schemes to protect businesses and clients against security threats. Intensive work has been done in this area, to improve on traditional password authentication, such as two-factor authentication, session key exchanging scheme, and dynamic password scheme. However, these schemes have been proved not effective, due to their security design or additional overheads. In this paper, we proposed a secure dynamic user authentication scheme. Unlike the traditional password authentication (where a static password is used) or two-factor authentication (where two pieces of authentication information are required), our proposed authentication scheme will use a dynamic one-time password (OTP), based on users password, the authenticating time, as well as a unique property that the user possesses at the moment of authentication (that is, “something the user has”, for example, the MAC address of the machine that the user uses for authentication). As we will analyze, the proposed authentication improves upon two-factor authentication and other currently known authentication schemes, and effectively protect users account against various attack (such as phishing attack, reply attack, and perfect-man-in-the-middle attack). Our testing and simulation work will show that the proposed authentication is efficient and user friendly.

Reconstructing a Linear Scrambler With Improved Detection Capability and in the Presence of Noise

In this paper, the problem of reconstruction of the feedback polynomial in a linear scrambler is studied. Our work contains two parts. In the first part, schemes to improve the performance of an existing reconstruction algorithm are proposed. Simulation results show that both the detection capability and speed of the existing algorithm are significantly improved by using our proposed schemes. In the second part, the reconstruction of linear scramblers in the presence of channel noise is investigated. We consider flipped bits due to noise as well as insertion of bits in the scrambled bit sequence. For both cases, factors which affect the performance of the reconstruction algorithm are discussed.

A 3D Object Encryption Scheme Which Maintains Dimensional and Spatial Stability

Due to widespread applications of 3D vision technology, the research into 3D object protection is primarily important. To maintain confidentiality, encryption of 3D objects is essential. However, the requirements and limitations imposed by 3D objects indicate the impropriety of conventional cryptosystems for 3D object encryption. This suggests the necessity of designing new ciphers. In addition, the study of prior works indicates that the majority of problems encountered with encrypting 3D objects are about point cloud protection, dimensional and spatial stability, and robustness against surface reconstruction attacks. To address these problems, this paper proposes a 3D object encryption scheme, based on a series of random permutations and rotations, which deform the geometry of the point cloud. Since the inverse of a permutation and a rotation matrix is its transpose, the decryption implementation is very efficient. Our statistical analyses show that within the cipher point cloud, points are randomly distributed. Furthermore, the proposed cipher leaks no information regarding the geometric structure of the plain point cloud, and is also highly sensitive to the changes of the plaintext and secret key. The theoretical and experimental analyses demonstrate the security, effectiveness, and robustness of the proposed cipher against surface reconstruction attacks.

Comments on the security of Diffusion-substitution based gray image encryption scheme

In this paper, it is shown that the recently proposed image encryption scheme by Pareek et al. (2013) [1] is not secure and the secret key is deduced by a chosen-ciphertext attack. Security flaws of the encryption scheme are discussed and solutions are proposed.

Securing mobile agent based Wireless Sensor Network applications on middleware

Wireless Sensor Network (WSN) is an indispensable component of pervasive computing. Mobile agents are used for several applications in WSNs such as data fusion, localization, re-allocate, and update of tasks on sensor nodes, etc. Middleware can provide a platform to these different applications to work concurrently and independently on top of sensor nodes operating system. WSN often suffer from low availability of resources. Thus they cannot afford to implement effective security mechanisms at application or hardware layer. In this article, we propose a middleware architecture for mobile agent based WSN applications that is not only efficient for traditional tasks, but also capable of providing adequate security services. As a case study, we explore mobile agent based intrusion detection system, considering as an application, for our proposed middleware architecture. Comparative study and detailed analysis of proposed middleware architecture show a number of benefits.

An Analytical Model for Lifetime Estimation of Wireless Sensor Networks

We propose an analytical model to formally define the lifetime of Wireless Sensor Networks by considering various input factors including remaining energy, link quality, and location of the sensor nodes in the network. The model derives an expression for lifetime estimation on the basis of distribution of sensor nodes in the deployment area. The proposed model can be used to evaluate the performance of any routing protocol. We validate the model by means of simulation and show that the analytical outcomes are close to the experimental results.

Primitive polynomials for robust scramblers and stream ciphers against reverse engineering

A linear feedback shift register (LFSR) is a basic component of a linear scrambler and a stream cipher for a communication system. And primitive polynomials are used as the feedback polynomials of the LFSRs. In a non-cooperative context, the reverse-engineering of a linear scrambler and a stream cipher includes recovering the feedback polynomials and the LFSRs initial states (which are the secret keys in the case of stream ciphers). The problem of recovering the secret keys of stream ciphers has been extensively studied. For example, an effective approach for recovering a secret key is known as the correlation attack in the literature. The problem of reconstructing the feedback polynomials of a stream cipher and a linear scrambler has been studied recently. Both recovering the LFSR initial states by the above-mentioned correlation attack and reconstructing the feedback polynomials are highly dependent on an assumption, that is, they require that the feedback polynomials have sparse multiples of moderate degrees. Hence, in order to build linear scramblers and stream ciphers that are robust against reverse engineering, we should use primitive polynomials which do not have sparse multiples of moderate degrees. In this paper, we study the existence of primitive polynomials which do not have sparse multiples of moderate degrees, and the density of such primitive polynomials among all primitive polynomials. Our results on the existence and density of such primitive polynomials are better than the previous results in the literature.