Financial risk is closely related to the risk of finance. For both institutions and financial industry, once financial risk occurs, it will bring great harm. It is very necessary to forewarn financial risks before they occur. Through the analysis and supervision of financial risk can effectively control the occurrence of financial crisis. In the current Internet era, blockchain technology has been widely used in various aspects. In finance, in particular, blockchain has brought great convenience to the analysis and supervision of its risks. This paper aims to study financial risk analysis and related regulatory research through the relevant technologies of big data and blockchain. This paper puts forward the way of combining theory and model to study financial risk. The risk value is obtained through the study of risk‐related attributes. Experimental results show that the risk rate of financial risks under big data and blockchain technology has been reduced by 10%–15%. This degree of risk reduction is of great application in actual financial risk control. Financial security is closely related to financial risks and financial crises. Both risks and crises can be used to explain and measure the degree of security, and security can also be used to explain and measure risks and crises. The higher the degree of security, the lower the risk; conversely, the greater the risk, the lower the degree of security; a crisis is the result of a large‐scale accumulation of risks, and a crisis is serious insecurity, which is an extreme of financial security.
{"title":"Financial risk analysis system and supervision based on big data and blockchain technology","authors":"Liping Wang","doi":"10.1002/spy2.224","DOIUrl":"https://doi.org/10.1002/spy2.224","url":null,"abstract":"Financial risk is closely related to the risk of finance. For both institutions and financial industry, once financial risk occurs, it will bring great harm. It is very necessary to forewarn financial risks before they occur. Through the analysis and supervision of financial risk can effectively control the occurrence of financial crisis. In the current Internet era, blockchain technology has been widely used in various aspects. In finance, in particular, blockchain has brought great convenience to the analysis and supervision of its risks. This paper aims to study financial risk analysis and related regulatory research through the relevant technologies of big data and blockchain. This paper puts forward the way of combining theory and model to study financial risk. The risk value is obtained through the study of risk‐related attributes. Experimental results show that the risk rate of financial risks under big data and blockchain technology has been reduced by 10%–15%. This degree of risk reduction is of great application in actual financial risk control. Financial security is closely related to financial risks and financial crises. Both risks and crises can be used to explain and measure the degree of security, and security can also be used to explain and measure risks and crises. The higher the degree of security, the lower the risk; conversely, the greater the risk, the lower the degree of security; a crisis is the result of a large‐scale accumulation of risks, and a crisis is serious insecurity, which is an extreme of financial security.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"54 7","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50980464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, many lightweight block ciphers were proposed to provide security for resource‐constrained environments such as Internet of Things (IoT). PIPO, which stands for “plug‐in plug‐out”, is just a lightweight bit‐sliced block cipher offering excellent performance in 8‐bit AVR software implementations. In fact, PIPO owns 64‐bit input and output, 128‐bit secret key. In this article, we consider the differential fault analysis (DFA), a typical side‐channel attack, on the PIPO cipher. More concretely, for the first time, we apply the mixed attack model, which considers the DFA on the encryption state and key schedule simultaneously, to recover PIPO's 128‐bit master key. The theoretical analysis shows that, in average, after injecting 4‐byte faults, the complexity of obtaining the master key reduces from 2128 reduces to 214. In fact, this attack model alleviates the assumption on attacker than the bit‐injection case. It should be noted that our analysis also holds for other bit‐sliced block ciphers. Finally, the simulations show that our proposed DFA on PIPO cipher is rather practical.
近年来,人们提出了许多轻量级分组密码来为资源受限的环境(如物联网)提供安全性。PIPO,即“plug - in plug - out”,是一种轻量级的位切片分组密码,在8位AVR软件实现中提供出色的性能。实际上,PIPO拥有64位输入和输出,128位密钥。在本文中,我们考虑了PIPO密码的差分故障分析(DFA),这是一种典型的侧信道攻击。更具体地说,我们首次应用同时考虑加密状态和密钥调度上的DFA的混合攻击模型来恢复PIPO的128位主密钥。理论分析表明,平均而言,注入4字节错误后,获得主密钥的复杂度从2128降低到214。实际上,该攻击模型比注比特攻击模型减轻了对攻击者的假设。值得注意的是,我们的分析也适用于其他位切片分组密码。最后,仿真结果表明,该算法在PIPO密码上的DFA是非常实用的。
{"title":"Differential fault analysis on the lightweight block cipher plug‐in plug‐out","authors":"Haiyan Xiao, Lifang Wang","doi":"10.1002/spy2.286","DOIUrl":"https://doi.org/10.1002/spy2.286","url":null,"abstract":"In recent years, many lightweight block ciphers were proposed to provide security for resource‐constrained environments such as Internet of Things (IoT). PIPO, which stands for “plug‐in plug‐out”, is just a lightweight bit‐sliced block cipher offering excellent performance in 8‐bit AVR software implementations. In fact, PIPO owns 64‐bit input and output, 128‐bit secret key. In this article, we consider the differential fault analysis (DFA), a typical side‐channel attack, on the PIPO cipher. More concretely, for the first time, we apply the mixed attack model, which considers the DFA on the encryption state and key schedule simultaneously, to recover PIPO's 128‐bit master key. The theoretical analysis shows that, in average, after injecting 4‐byte faults, the complexity of obtaining the master key reduces from 2128 reduces to 214. In fact, this attack model alleviates the assumption on attacker than the bit‐injection case. It should be noted that our analysis also holds for other bit‐sliced block ciphers. Finally, the simulations show that our proposed DFA on PIPO cipher is rather practical.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"15 10","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50980516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
N. Renugadevi, Stheya Julakanti, Sai Charan Vemula, Somya Bhatnagar, Shirisha Thangallapally
Now‐a‐days advanced cryptographic algorithms are needed in order to improve data security and confidentiality. One such algorithm used prominently is advanced encryption standard (AES) algorithm. AES is a complex algorithm with multiple rounds of processing data and occupies more space or area when implemented on hardware. Since each sub‐step of computation has a similar structure, the proposed method employs the novel idea of using the same hardware to implement the AES functionality. Hence the number of logical units occupied are leveraged. The proposed scheme, Mux‐Demux pair method (MDP), uses a mux‐demux structure. It is implemented on Virtex‐7 and ZynQ7000 FPGAs and the code is written in Verilog HDL language in the Vivado software. The proposed work when simulated on Virtex‐7 occupies an area of 1932 slices, giving an optimized throughput of 10.167 Gbps while the work simulated on ZynQ7000 occupies an area of 3253 slices, resulting in a throughput of 23.858 Gbps.
{"title":"Low area and high throughput implementation of advanced encryption standard hardware accelerator on FPGA using Mux‐Demux pair","authors":"N. Renugadevi, Stheya Julakanti, Sai Charan Vemula, Somya Bhatnagar, Shirisha Thangallapally","doi":"10.1002/spy2.292","DOIUrl":"https://doi.org/10.1002/spy2.292","url":null,"abstract":"Now‐a‐days advanced cryptographic algorithms are needed in order to improve data security and confidentiality. One such algorithm used prominently is advanced encryption standard (AES) algorithm. AES is a complex algorithm with multiple rounds of processing data and occupies more space or area when implemented on hardware. Since each sub‐step of computation has a similar structure, the proposed method employs the novel idea of using the same hardware to implement the AES functionality. Hence the number of logical units occupied are leveraged. The proposed scheme, Mux‐Demux pair method (MDP), uses a mux‐demux structure. It is implemented on Virtex‐7 and ZynQ7000 FPGAs and the code is written in Verilog HDL language in the Vivado software. The proposed work when simulated on Virtex‐7 occupies an area of 1932 slices, giving an optimized throughput of 10.167 Gbps while the work simulated on ZynQ7000 occupies an area of 3253 slices, resulting in a throughput of 23.858 Gbps.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47577270","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Although speech recognition technology has improved significantly over the past few years, the absence of reliable voice authentication methods has negatively affected the Internet of Things (IoT). Voice‐activated devices, by design, rely on personal voice biometrics for access‐level security, and insecure voice authentication techniques limit the development of voice interfaces that can deal with multiple users with different privileges. Furthermore, public concerns surrounding biometric systems have been reported. Outsourcing biometric data are liable to various privacy breaches, increasing vulnerability to cyberattacks from both criminal organizations and government agencies. In this article, we address the security and privacy challenges of voice authentication for IoT by presenting an edge‐based, hands‐free, single‐factor authentication scheme that consists of three security‐based features: random phrase verification, anti‐spoof verification, and text‐independent speaker recognition. The use of edge technology allows the integration of this authentication scheme with resource contained IoT devices such as voice assistants. Additionally, privacy is ensured by a novel security protocol that uses chaffing and encryption techniques to protect the users' biometric data stored locally on the edge device. Finally, the scheme does not compromise the user experience as it requires only two short voice inputs.
{"title":"Privacy‐preserving hands‐free voice authentication leveraging edge technology","authors":"Zaid Sh. Alattar, Tarek Abbes, Faouzi Zerai","doi":"10.1002/spy2.290","DOIUrl":"https://doi.org/10.1002/spy2.290","url":null,"abstract":"Although speech recognition technology has improved significantly over the past few years, the absence of reliable voice authentication methods has negatively affected the Internet of Things (IoT). Voice‐activated devices, by design, rely on personal voice biometrics for access‐level security, and insecure voice authentication techniques limit the development of voice interfaces that can deal with multiple users with different privileges. Furthermore, public concerns surrounding biometric systems have been reported. Outsourcing biometric data are liable to various privacy breaches, increasing vulnerability to cyberattacks from both criminal organizations and government agencies. In this article, we address the security and privacy challenges of voice authentication for IoT by presenting an edge‐based, hands‐free, single‐factor authentication scheme that consists of three security‐based features: random phrase verification, anti‐spoof verification, and text‐independent speaker recognition. The use of edge technology allows the integration of this authentication scheme with resource contained IoT devices such as voice assistants. Additionally, privacy is ensured by a novel security protocol that uses chaffing and encryption techniques to protect the users' biometric data stored locally on the edge device. Finally, the scheme does not compromise the user experience as it requires only two short voice inputs.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44459665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Internet of Things (IoT) is a crucial technology in the healthcare industry thanks to recent developments in automated data collection. Current statistics of the healthcare sector show that it is expanding at a remarkable rate. However, the performance of the healthcare system is impacted by many challenges, such as security, privacy, latency, scalability, and heterogeneity that come with advancement. Fog computing and software‐defined networks (SDN) are critical enabling technologies that help to improve IoT‐based healthcare systems by ensuring timely and reliable data provisioning for use in healthcare applications. SDN solves interoperability, device management, and network management issues and automates patient health monitoring without human interaction. SDN and fog computing in IoT‐based healthcare can optimize device communication and computing power at a low cost. SDN‐enabled fog computing has lower latency and better security than cloud‐based IoT healthcare architecture. The researchers have not entirely discovered SDN‐enabled fog computing to the best of our knowledge. This paper covers healthcare IoT technicalities and related technologies. We examined ways to merge SDN, fog computing, and IoT to improve healthcare solutions. Finally, we concluded the paper with research issues and future healthcare system improvements.
{"title":"Software‐defined networks‐enabled fog computing for IoT‐based healthcare: Security, challenges and opportunities","authors":"Malaram Kumhar, Jitendra Bhatia","doi":"10.1002/spy2.291","DOIUrl":"https://doi.org/10.1002/spy2.291","url":null,"abstract":"The Internet of Things (IoT) is a crucial technology in the healthcare industry thanks to recent developments in automated data collection. Current statistics of the healthcare sector show that it is expanding at a remarkable rate. However, the performance of the healthcare system is impacted by many challenges, such as security, privacy, latency, scalability, and heterogeneity that come with advancement. Fog computing and software‐defined networks (SDN) are critical enabling technologies that help to improve IoT‐based healthcare systems by ensuring timely and reliable data provisioning for use in healthcare applications. SDN solves interoperability, device management, and network management issues and automates patient health monitoring without human interaction. SDN and fog computing in IoT‐based healthcare can optimize device communication and computing power at a low cost. SDN‐enabled fog computing has lower latency and better security than cloud‐based IoT healthcare architecture. The researchers have not entirely discovered SDN‐enabled fog computing to the best of our knowledge. This paper covers healthcare IoT technicalities and related technologies. We examined ways to merge SDN, fog computing, and IoT to improve healthcare solutions. Finally, we concluded the paper with research issues and future healthcare system improvements.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45531674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
I. A. Sikiru, L. Olawoyin, N. Faruk, A. Oloyede, A. Abdulkarim, Imam-Fulani Yusuf Olayinka, O. Sowande, Salisu Garba, A. Imoize
The broadcast nature of radio propagation in wireless communication has been suspected as the loopholes of passive or active attacks by unauthorized users (eavesdroppers). The physical layer security techniques operate at the lowest stack of OSI layer against conventional cryptographic approaches, operating at the upper layer. However, techniques such as channel coding, power (directional antenna and artificial noise), and spread spectrum have been (and continuously) deployed to safeguard against sophisticated attacks. Most of these deployments are theoretical, and a few are enhanced for efficient security against an intruder. In this article, a boundary technique approach is proposed and applied to the physical layer to improve its secrecy‐capacity and subdue adversary effects at the legitimate receiver. Hybrid performance metrics were adopted, and a Monte Carlo simulation was performed. The result obtained using secrecy outage probability, secrecy‐capacity, and intercept‐probability show that our proposed techniques enhance the secret transmission between the main transmitter and legitimate receiver. The simulation results were compared with the analytical methods. It was found that the channel between the transmitter and the main receiver has a better signal‐to‐noise ratio than the corresponding eavesdropper's channel. Conclusively, performance of the proposed technique is validated for applications in emerging wireless communication systems.
{"title":"Physical layer security using boundary technique for emerging wireless communication systems","authors":"I. A. Sikiru, L. Olawoyin, N. Faruk, A. Oloyede, A. Abdulkarim, Imam-Fulani Yusuf Olayinka, O. Sowande, Salisu Garba, A. Imoize","doi":"10.1002/spy2.288","DOIUrl":"https://doi.org/10.1002/spy2.288","url":null,"abstract":"The broadcast nature of radio propagation in wireless communication has been suspected as the loopholes of passive or active attacks by unauthorized users (eavesdroppers). The physical layer security techniques operate at the lowest stack of OSI layer against conventional cryptographic approaches, operating at the upper layer. However, techniques such as channel coding, power (directional antenna and artificial noise), and spread spectrum have been (and continuously) deployed to safeguard against sophisticated attacks. Most of these deployments are theoretical, and a few are enhanced for efficient security against an intruder. In this article, a boundary technique approach is proposed and applied to the physical layer to improve its secrecy‐capacity and subdue adversary effects at the legitimate receiver. Hybrid performance metrics were adopted, and a Monte Carlo simulation was performed. The result obtained using secrecy outage probability, secrecy‐capacity, and intercept‐probability show that our proposed techniques enhance the secret transmission between the main transmitter and legitimate receiver. The simulation results were compared with the analytical methods. It was found that the channel between the transmitter and the main receiver has a better signal‐to‐noise ratio than the corresponding eavesdropper's channel. Conclusively, performance of the proposed technique is validated for applications in emerging wireless communication systems.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44814256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Blockchain‐based data outsourcing has attracted a huge deal of attention in recent years. However, key management and reliance on pre‐defined or randomly‐selected third‐party auditors (TPAs) are still challenging owing to refusing to collaborate or break auditing policies. Additionally, it is impossible to store secrets in smart contracts (SCs) for signing or auditing. Thus, in the present study, a zero‐knowledge (ZK)‐based distributed auditing protocol (DAP) is provided. In this protocol, a user‐based key generation mechanism offers users security against curious authorities based on no TPA causing them to reveal no knowledge about under‐auditing data. Based on Pointcheval's and Sanders's signature scheme, as a ZK‐based randomizable signature applied in an SC to handle the auditing process, the proposed DAP provides confidential transactions and user accountability. Evaluation indicates that the proposed ZK‐based DAP is efficient for the user side and it is the fastest DAP in the blockchain.
{"title":"Zero‐knowledge‐based distributed auditing protocol","authors":"Saeed Banaeian Far, M. R. Asaar, Afrooz Haghbin","doi":"10.1002/spy2.289","DOIUrl":"https://doi.org/10.1002/spy2.289","url":null,"abstract":"Blockchain‐based data outsourcing has attracted a huge deal of attention in recent years. However, key management and reliance on pre‐defined or randomly‐selected third‐party auditors (TPAs) are still challenging owing to refusing to collaborate or break auditing policies. Additionally, it is impossible to store secrets in smart contracts (SCs) for signing or auditing. Thus, in the present study, a zero‐knowledge (ZK)‐based distributed auditing protocol (DAP) is provided. In this protocol, a user‐based key generation mechanism offers users security against curious authorities based on no TPA causing them to reveal no knowledge about under‐auditing data. Based on Pointcheval's and Sanders's signature scheme, as a ZK‐based randomizable signature applied in an SC to handle the auditing process, the proposed DAP provides confidential transactions and user accountability. Evaluation indicates that the proposed ZK‐based DAP is efficient for the user side and it is the fastest DAP in the blockchain.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44135972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the popularity of smart terminals, such as the Internet of Things, crowdsensing is an emerging data aggregation paradigm, which plays a pivotal role in data‐driven applications. There are some key issues in the development of crowdsensing such as platform security and privacy protection. As the crowdsensing is usually managed by a centralized platform, centralized management will bring various security vulnerabilities and scalability issues. To solve these issues, an effective reputation‐based partition scheme (RSPC) is proposed in this article. The partition scheme calculates the optimal partition size by combining the node reputation value and divides the node into several disjoint partitions according to the node reputation value. By selecting the appropriate partition size, RSPC provides a mechanism to ensure that each partition is valid, as long as the maximum permissible threshold for the failed node is observed. At the same time, the RSPC reorganizes the network periodically to avoid partition attacks. In addition, for cross‐partition transactions, this paper innovatively proposes a four‐stage confirmation protocol to ensure the efficient and safe completion of cross‐partition transactions. Finally, experiments show that RSPC improves scalability, low latency, and high throughput for crowdsensing.
{"title":"Reputation‐based partition scheme for IoT security","authors":"Zhikui Chen, Muhammad Zeeshan Haider, Naiwen Luo, Shuo Yu, Xu Yuan, Yaochen Zhang, Tayyaba Noreen","doi":"10.1002/spy2.287","DOIUrl":"https://doi.org/10.1002/spy2.287","url":null,"abstract":"With the popularity of smart terminals, such as the Internet of Things, crowdsensing is an emerging data aggregation paradigm, which plays a pivotal role in data‐driven applications. There are some key issues in the development of crowdsensing such as platform security and privacy protection. As the crowdsensing is usually managed by a centralized platform, centralized management will bring various security vulnerabilities and scalability issues. To solve these issues, an effective reputation‐based partition scheme (RSPC) is proposed in this article. The partition scheme calculates the optimal partition size by combining the node reputation value and divides the node into several disjoint partitions according to the node reputation value. By selecting the appropriate partition size, RSPC provides a mechanism to ensure that each partition is valid, as long as the maximum permissible threshold for the failed node is observed. At the same time, the RSPC reorganizes the network periodically to avoid partition attacks. In addition, for cross‐partition transactions, this paper innovatively proposes a four‐stage confirmation protocol to ensure the efficient and safe completion of cross‐partition transactions. Finally, experiments show that RSPC improves scalability, low latency, and high throughput for crowdsensing.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48550158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Quantum computing research might lead to “quantum leaps,” and it could have unanticipated repercussions in the medical field. This technique has the potential to be used in a broad range of contexts, some of which include the development of novel drugs, the individualization of medical treatments, and the speeding of deoxyribonucleic acid sequencing. This work has assembled a list of the numerous methodologies presently employed in quantum medicine and other disciplines pertaining to healthcare. This work has created a list of the most critical concerns that need to be addressed before the broad use of quantum computing can be realized. In addition, this work investigates in detail the ways in which potential future applications of quantum computing might compromise the safety of healthcare delivery systems from the perspective of the medical industry and the patient‐centric healthcare system. The primary objective of this investigation into quantum cryptography is to locate any potential flaws in the cryptographic protocols and strategies that have only very recently been the focus of scrutiny from academic research community members.
{"title":"Secure quantum computing for healthcare sector: A short analysis","authors":"Srikanth Pulipeti, Adarsh Kumar","doi":"10.1002/spy2.293","DOIUrl":"https://doi.org/10.1002/spy2.293","url":null,"abstract":"Quantum computing research might lead to “quantum leaps,” and it could have unanticipated repercussions in the medical field. This technique has the potential to be used in a broad range of contexts, some of which include the development of novel drugs, the individualization of medical treatments, and the speeding of deoxyribonucleic acid sequencing. This work has assembled a list of the numerous methodologies presently employed in quantum medicine and other disciplines pertaining to healthcare. This work has created a list of the most critical concerns that need to be addressed before the broad use of quantum computing can be realized. In addition, this work investigates in detail the ways in which potential future applications of quantum computing might compromise the safety of healthcare delivery systems from the perspective of the medical industry and the patient‐centric healthcare system. The primary objective of this investigation into quantum cryptography is to locate any potential flaws in the cryptographic protocols and strategies that have only very recently been the focus of scrutiny from academic research community members.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45663184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Uddalak Chatterjee, Sangram Ray, Sharmistha Adhikari, M. Khan, Mou Dasgupta
Voting allows the people to elect their representative and express their preferences. In modern day democracy, voting is one fundamental and most important tool for election. To strengthen this process, efforts must be made to achieve a confirmable and transparent voting system. Naturally, the veracity of the election process is of ultimate importance for the honor of the democracy itself. The online voting or e‐voting system is a cost‐effective procedure, which saves a lot of money and time spent for organizing the election. However, security, integrity of data and privacy of the voter are the increasing concerns in this context. In this paper, we have done a thorough literature survey of the various latest schemes in this context and found that the schemes prone to several security and privacy threats. Moreover, a major issue with all these schemes is that they are inefficient in terms of computation and communication overheads. With this motivation, we present a novel and efficient e‐voting scheme to tackle the security and privacy concerns. The proposed scheme is designed using the concept of blind signature, anonymous channel and trust worthy entities where elliptic curve cryptography (ECC) works as a backbone. The proposed scheme is formally evaluated using well known AVISPA simulation tool, which simulates the attack model using CL‐AtSe as well as OFMC backend according to Dolev‐Yao threat model. In both the cases, all the possible security threats are being nullified by the proposed scheme and results in safe communication. Also, the scheme is analyzed against all the possible attacks that jeopardize the integrity of the existing voting systems. Moreover, the proposed scheme is also compared with other prevailing schemes in terms of computation and communication overheads and found more efficient.
{"title":"Efficient and secure e‐voting scheme using elliptic curve cryptography","authors":"Uddalak Chatterjee, Sangram Ray, Sharmistha Adhikari, M. Khan, Mou Dasgupta","doi":"10.1002/spy2.283","DOIUrl":"https://doi.org/10.1002/spy2.283","url":null,"abstract":"Voting allows the people to elect their representative and express their preferences. In modern day democracy, voting is one fundamental and most important tool for election. To strengthen this process, efforts must be made to achieve a confirmable and transparent voting system. Naturally, the veracity of the election process is of ultimate importance for the honor of the democracy itself. The online voting or e‐voting system is a cost‐effective procedure, which saves a lot of money and time spent for organizing the election. However, security, integrity of data and privacy of the voter are the increasing concerns in this context. In this paper, we have done a thorough literature survey of the various latest schemes in this context and found that the schemes prone to several security and privacy threats. Moreover, a major issue with all these schemes is that they are inefficient in terms of computation and communication overheads. With this motivation, we present a novel and efficient e‐voting scheme to tackle the security and privacy concerns. The proposed scheme is designed using the concept of blind signature, anonymous channel and trust worthy entities where elliptic curve cryptography (ECC) works as a backbone. The proposed scheme is formally evaluated using well known AVISPA simulation tool, which simulates the attack model using CL‐AtSe as well as OFMC backend according to Dolev‐Yao threat model. In both the cases, all the possible security threats are being nullified by the proposed scheme and results in safe communication. Also, the scheme is analyzed against all the possible attacks that jeopardize the integrity of the existing voting systems. Moreover, the proposed scheme is also compared with other prevailing schemes in terms of computation and communication overheads and found more efficient.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2022-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48268240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: