Pub Date : 2024-09-10DOI: 10.1186/s13635-024-00178-z
Maria Zubair, Maryam Sabzevari, Vikramajeet Khatri, Sasu Tarkoma, Kimmo Hätönen
In the envisioned 6G landscape, data sharing is expected to become increasingly prevalent, giving rise to digital marketplaces that foster cooperation among organizations for collecting, sharing, and processing data for analysis. These marketplaces serve as connectors between data producers and consumers, empowering multi-tenancy scenarios for seamless and secure data sharing both within and outside organizations. Given that 6G networks promise ultra-low latency, enhanced connectivity, and massive data throughput, the need for robust data access control mechanisms becomes imperative. These mechanisms ensure security and trust among entities, particularly in multi-tenant environments where multiple organizations share infrastructure and data resources. In this paper, we have designed and implemented a novel access control mechanism tailored for a distributed data streaming system developed by Nokia Bell Labs. Our approach leverages fine-grained policies, dynamic enforcement, and transparency mechanisms to enhance trust between data owners and consumers. By facilitating secure multi-tenancy data sharing, our solution contributes to the seamless exchange of data across diverse entities within the next-generation communication ecosystem. We demonstrate that our proposed access control mechanism incurs minimal overhead while ensuring data confidentiality and integrity. The introduction of such advancements in data sharing markets strengthens the overall ecosystem by providing heightened transparency and enhanced control over data, promoting collaboration and innovation in the 6G era.
{"title":"Access control for trusted data sharing","authors":"Maria Zubair, Maryam Sabzevari, Vikramajeet Khatri, Sasu Tarkoma, Kimmo Hätönen","doi":"10.1186/s13635-024-00178-z","DOIUrl":"https://doi.org/10.1186/s13635-024-00178-z","url":null,"abstract":"In the envisioned 6G landscape, data sharing is expected to become increasingly prevalent, giving rise to digital marketplaces that foster cooperation among organizations for collecting, sharing, and processing data for analysis. These marketplaces serve as connectors between data producers and consumers, empowering multi-tenancy scenarios for seamless and secure data sharing both within and outside organizations. Given that 6G networks promise ultra-low latency, enhanced connectivity, and massive data throughput, the need for robust data access control mechanisms becomes imperative. These mechanisms ensure security and trust among entities, particularly in multi-tenant environments where multiple organizations share infrastructure and data resources. In this paper, we have designed and implemented a novel access control mechanism tailored for a distributed data streaming system developed by Nokia Bell Labs. Our approach leverages fine-grained policies, dynamic enforcement, and transparency mechanisms to enhance trust between data owners and consumers. By facilitating secure multi-tenancy data sharing, our solution contributes to the seamless exchange of data across diverse entities within the next-generation communication ecosystem. We demonstrate that our proposed access control mechanism incurs minimal overhead while ensuring data confidentiality and integrity. The introduction of such advancements in data sharing markets strengthens the overall ecosystem by providing heightened transparency and enhanced control over data, promoting collaboration and innovation in the 6G era.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142188452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-05DOI: 10.1186/s13635-024-00176-1
Arpitha T., Dharamendra Chouhan, Shreyas J.
The Internet of Things (IoT) is now an essential component of our day-to-day lives. In any case, the association of various devices presents numerous security challenges in IoT. In some cases, ubiquitous data or traffic may be collected by certain smart devices which threatens the privacy of a source node location. To address this issue, a hybrid DL technique named Deep Q Learning Neural network (DQ-NN) is proposed for the Source Location Privacy (SLP) in IoT networks based on phantom routing. Here, an IoT network with multiple sources and destinations is considered first, and then the phantom node is chosen by analyzing neighbor list, energy, distance, and trust heterogeneity parameters. After that, multiple routes are created from the source node to the sink node via the phantom node. Finally, path selection is performed by the proposed DQ-NN. Moreover, DQ-NN is obtained by merging the Deep Q Learning Network (DQN) and Deep Neural Network (DNN). A simulation environment consisting of 150 nodes is created to study the effectiveness of performance and scalability. The proposed novel DQ-NN outperforms other existing algorithms, by recording a high network lifetime is 111.912, a safety period of 664970.7 m, an energy is 0.034 J, and a distance is 56.594 m.
{"title":"DQ-NN and phantom routing for enhanced source location privacy for IoT under multiple source and destination","authors":"Arpitha T., Dharamendra Chouhan, Shreyas J.","doi":"10.1186/s13635-024-00176-1","DOIUrl":"https://doi.org/10.1186/s13635-024-00176-1","url":null,"abstract":"The Internet of Things (IoT) is now an essential component of our day-to-day lives. In any case, the association of various devices presents numerous security challenges in IoT. In some cases, ubiquitous data or traffic may be collected by certain smart devices which threatens the privacy of a source node location. To address this issue, a hybrid DL technique named Deep Q Learning Neural network (DQ-NN) is proposed for the Source Location Privacy (SLP) in IoT networks based on phantom routing. Here, an IoT network with multiple sources and destinations is considered first, and then the phantom node is chosen by analyzing neighbor list, energy, distance, and trust heterogeneity parameters. After that, multiple routes are created from the source node to the sink node via the phantom node. Finally, path selection is performed by the proposed DQ-NN. Moreover, DQ-NN is obtained by merging the Deep Q Learning Network (DQN) and Deep Neural Network (DNN). A simulation environment consisting of 150 nodes is created to study the effectiveness of performance and scalability. The proposed novel DQ-NN outperforms other existing algorithms, by recording a high network lifetime is 111.912, a safety period of 664970.7 m, an energy is 0.034 J, and a distance is 56.594 m.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142188453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-02DOI: 10.1186/s13635-024-00177-0
Yingcong Hong, Junyi Li, Yaping Lin, Qiao Hu, Xiehua Li
In spatial crowdsourcing services, the trajectories of the workers are sent to a central server to provide more personalized services. However, for the honest-but-curious servers, it also poses a challenge in terms of potential privacy leakage of the workers. Local differential privacy (LDP) is currently the latest technique to protect data privacy. However, most of LDP-based schemes have limitations in providing good utility due to extensive noise in perturbing trajectories. In this work, to balance the privacy and utility, we propose a novel pattern-aware privacy protection method called trajectory-aware privacy-preserving with local differential privacy (TALDP). The key idea is that, rather than applying the same degree of perturbation to all location points, we employ adaptive privacy budget allocation, assigning varied privacy budgets to individual location points, thereby mitigating the perturbation’s impact and enhancing overall utility. Meanwhile, to ensure the privacy, we give the different perturbing points to different privacy budgets according to their important degree for the patterns of the trajectories. In particular, we use Karman filter method to select the important location points and decide their privacy budgets. We conduct extensive experiments on three real datasets. The results show that our approach improves the utility over many other current methods while still provide good the privacy protection.
{"title":"Trajectory-aware privacy-preserving method with local differential privacy in crowdsourcing","authors":"Yingcong Hong, Junyi Li, Yaping Lin, Qiao Hu, Xiehua Li","doi":"10.1186/s13635-024-00177-0","DOIUrl":"https://doi.org/10.1186/s13635-024-00177-0","url":null,"abstract":"In spatial crowdsourcing services, the trajectories of the workers are sent to a central server to provide more personalized services. However, for the honest-but-curious servers, it also poses a challenge in terms of potential privacy leakage of the workers. Local differential privacy (LDP) is currently the latest technique to protect data privacy. However, most of LDP-based schemes have limitations in providing good utility due to extensive noise in perturbing trajectories. In this work, to balance the privacy and utility, we propose a novel pattern-aware privacy protection method called trajectory-aware privacy-preserving with local differential privacy (TALDP). The key idea is that, rather than applying the same degree of perturbation to all location points, we employ adaptive privacy budget allocation, assigning varied privacy budgets to individual location points, thereby mitigating the perturbation’s impact and enhancing overall utility. Meanwhile, to ensure the privacy, we give the different perturbing points to different privacy budgets according to their important degree for the patterns of the trajectories. In particular, we use Karman filter method to select the important location points and decide their privacy budgets. We conduct extensive experiments on three real datasets. The results show that our approach improves the utility over many other current methods while still provide good the privacy protection.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142188454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-15DOI: 10.1186/s13635-024-00175-2
Mohamed A. Taha, Mohamed M. K. Fadul, Joshua H. Tyler, Donald R. Reising, T. Daniel Loveless
Internet of Things (IoT) deployments are anticipated to reach 29.42 billion by the end of 2030 at an average growth rate of 16% over the next 6 years. These deployments represent an overall growth of 201.4% in operational IoT devices from 2020 to 2030. This growth is alarming because IoT devices have permeated all aspects of our daily lives, and most lack adequate security. IoT-connected systems and infrastructures can be secured using device identification and authentication, two effective identity-based access control mechanisms. Physical Layer Security (PLS) is an alternative or augmentation to cryptographic and other higher-layer security schemes often used for device identification and authentication. PLS does not compromise spectral and energy efficiency or reduce throughput. Specific Emitter Identification (SEI) is a PLS scheme capable of uniquely identifying senders by passively learning emitter-specific features unintentionally imparted on the signals during their formation and transmission by the sender’s radio frequency (RF) front end. This work focuses on image-based SEI because it produces deep learning (DL) models that are less sensitive to external factors and better generalize to different operating conditions. More specifically, this work focuses on reducing the computational cost and memory requirements of image-based SEI with little to no reduction in performance by selecting the most informative portions of each image using entropy. These image portions or tiles reduce memory storage requirements by 92.8% and the DL training time by 81% while achieving an average percent correct classification performance of 91% and higher for SNR values of 15 dB and higher with individual emitter performance no lower than 87.7% at the same SNR. Compared with another state-of-the-art time-frequency (TF)-based SEI approach, our approach results in superior performance for all investigated signal-to-noise ratio conditions, the largest improvement being 21.7% at 9 dB and requires 43% less data.
预计到 2030 年底,物联网(IoT)的部署量将达到 294.2 亿台,未来 6 年的平均增长率为 16%。这些部署表明,从 2020 年到 2030 年,运行中的物联网设备总体增长了 201.4%。这一增长令人震惊,因为物联网设备已经渗透到我们日常生活的方方面面,而大多数设备都缺乏足够的安全性。使用设备识别和身份验证这两种有效的基于身份的访问控制机制,可以确保物联网连接系统和基础设施的安全。物理层安全(PLS)是通常用于设备识别和身份验证的加密和其他高层安全方案的替代或增强方案。PLS 不会影响频谱和能效,也不会降低吞吐量。特定发射器识别(SEI)是一种 PLS 方案,它能够通过被动学习发射器在信号形成和传输过程中无意中传授给发射器的特定特征,从而唯一地识别发送器。这项工作的重点是基于图像的 SEI,因为它产生的深度学习(DL)模型对外部因素的敏感性较低,并能更好地适应不同的操作条件。更具体地说,这项工作的重点是通过使用熵来选择每幅图像中信息量最大的部分,从而在几乎不降低性能的情况下降低基于图像的 SEI 的计算成本和内存要求。在信噪比为 15 dB 或更高时,这些图像部分或图块可将内存存储要求降低 92.8%,将 DL 训练时间缩短 81%,同时实现 91% 或更高的平均分类正确率,而在相同信噪比下,单个发射器的性能不低于 87.7%。与另一种最先进的基于时间频率 (TF) 的 SEI 方法相比,我们的方法在所有调查的信噪比条件下都取得了更优越的性能,在 9 dB 时最大改进幅度为 21.7%,所需的数据量减少了 43%。
{"title":"Enhancing internet of things security using entropy-informed RF-DNA fingerprint learning from Gabor-based images","authors":"Mohamed A. Taha, Mohamed M. K. Fadul, Joshua H. Tyler, Donald R. Reising, T. Daniel Loveless","doi":"10.1186/s13635-024-00175-2","DOIUrl":"https://doi.org/10.1186/s13635-024-00175-2","url":null,"abstract":"Internet of Things (IoT) deployments are anticipated to reach 29.42 billion by the end of 2030 at an average growth rate of 16% over the next 6 years. These deployments represent an overall growth of 201.4% in operational IoT devices from 2020 to 2030. This growth is alarming because IoT devices have permeated all aspects of our daily lives, and most lack adequate security. IoT-connected systems and infrastructures can be secured using device identification and authentication, two effective identity-based access control mechanisms. Physical Layer Security (PLS) is an alternative or augmentation to cryptographic and other higher-layer security schemes often used for device identification and authentication. PLS does not compromise spectral and energy efficiency or reduce throughput. Specific Emitter Identification (SEI) is a PLS scheme capable of uniquely identifying senders by passively learning emitter-specific features unintentionally imparted on the signals during their formation and transmission by the sender’s radio frequency (RF) front end. This work focuses on image-based SEI because it produces deep learning (DL) models that are less sensitive to external factors and better generalize to different operating conditions. More specifically, this work focuses on reducing the computational cost and memory requirements of image-based SEI with little to no reduction in performance by selecting the most informative portions of each image using entropy. These image portions or tiles reduce memory storage requirements by 92.8% and the DL training time by 81% while achieving an average percent correct classification performance of 91% and higher for SNR values of 15 dB and higher with individual emitter performance no lower than 87.7% at the same SNR. Compared with another state-of-the-art time-frequency (TF)-based SEI approach, our approach results in superior performance for all investigated signal-to-noise ratio conditions, the largest improvement being 21.7% at 9 dB and requires 43% less data.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-08-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142188455","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-12DOI: 10.1186/s13635-024-00171-6
Antoine Mallet, Martin Beneš, Rémi Cogranne
Operational steganalysis contends with a major problem referred to as the cover-source mismatch (CSM), which is essentially a difference in distribution caused by different parameters and settings over training and test data. Despite it being of fundamental importance in an operational context, the CSM problem is often overlooked in the literature. With the goal to increase the visibility of this problem and attract the interest of the community, the present paper proposes a systematic review of the literature. It summarizes gathered knowledge and major open questions over the last 20 years of active research on CSM: terminology, methods of measurement, known causes, and mitigation strategies. Over 100 papers exploring, mitigating, assessing, or discussing steganalysis under train-test mismatch were collected by sampling scholar databases, and tracing references, cited and generated. For image steganalysis, the literature provided enough evidence to quantify the impact of causes, and the effectiveness of mitigation strategies.
{"title":"Cover-source mismatch in steganalysis: systematic review","authors":"Antoine Mallet, Martin Beneš, Rémi Cogranne","doi":"10.1186/s13635-024-00171-6","DOIUrl":"https://doi.org/10.1186/s13635-024-00171-6","url":null,"abstract":"Operational steganalysis contends with a major problem referred to as the cover-source mismatch (CSM), which is essentially a difference in distribution caused by different parameters and settings over training and test data. Despite it being of fundamental importance in an operational context, the CSM problem is often overlooked in the literature. With the goal to increase the visibility of this problem and attract the interest of the community, the present paper proposes a systematic review of the literature. It summarizes gathered knowledge and major open questions over the last 20 years of active research on CSM: terminology, methods of measurement, known causes, and mitigation strategies. Over 100 papers exploring, mitigating, assessing, or discussing steganalysis under train-test mismatch were collected by sampling scholar databases, and tracing references, cited and generated. For image steganalysis, the literature provided enough evidence to quantify the impact of causes, and the effectiveness of mitigation strategies.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141946545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-08DOI: 10.1186/s13635-024-00159-2
Nezer Jacob Zaidenberg, Michael Kiperberg
We present VirtSecIO, a hypervisor-based platform for executing secure modules. VirtSecIO provides the modules with secure paths to peripheral devices, which can be shared between the modules and the operating system. Moreover, VirtSecIO is a thin hypervisor with a negligible performance overhead and a minimal attack surface. We demonstrate VirtSecIO’s abilities by developing HyperWallet, a secure module that acts as a hardware crypto-wallet, without requiring any dedicated hardware.
{"title":"HyperWallet: cryptocurrency wallet as a secure hypervisor-based application","authors":"Nezer Jacob Zaidenberg, Michael Kiperberg","doi":"10.1186/s13635-024-00159-2","DOIUrl":"https://doi.org/10.1186/s13635-024-00159-2","url":null,"abstract":"We present VirtSecIO, a hypervisor-based platform for executing secure modules. VirtSecIO provides the modules with secure paths to peripheral devices, which can be shared between the modules and the operating system. Moreover, VirtSecIO is a thin hypervisor with a negligible performance overhead and a minimal attack surface. We demonstrate VirtSecIO’s abilities by developing HyperWallet, a secure module that acts as a hardware crypto-wallet, without requiring any dedicated hardware.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141969693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-05DOI: 10.1186/s13635-024-00174-3
Shuying Xu, Ching-Chun Chang, Huy H. Nguyen, Isao Echizen
Facial recognition systems have emerged as indispensable components in identity verification. These systems heavily rely on facial data, which is stored in a biometric database. However, storing such data in a database raises concerns about privacy breaches. To address this issue, several technologies have been proposed for protecting facial biometrics. Unfortunately, many of these methods can cause irreversible damage to the data, rendering it unusable for other purposes. In this paper, we propose a novel reversible anonymization scheme for face images via cyclic learning. In our scheme, face images can be de-identified for privacy protection and reidentified when necessary. To achieve this, we employ generative adversarial networks with a cycle consistency loss function to learn the bidirectional transformation between the de-identified and re-identified domains. Experimental results demonstrate that our scheme performs well in terms of both de-identification and reidentification. Furthermore, a security analysis validates the effectiveness of our system in mitigating potential attacks.
{"title":"Reversible anonymization for privacy of facial biometrics via cyclic learning","authors":"Shuying Xu, Ching-Chun Chang, Huy H. Nguyen, Isao Echizen","doi":"10.1186/s13635-024-00174-3","DOIUrl":"https://doi.org/10.1186/s13635-024-00174-3","url":null,"abstract":"Facial recognition systems have emerged as indispensable components in identity verification. These systems heavily rely on facial data, which is stored in a biometric database. However, storing such data in a database raises concerns about privacy breaches. To address this issue, several technologies have been proposed for protecting facial biometrics. Unfortunately, many of these methods can cause irreversible damage to the data, rendering it unusable for other purposes. In this paper, we propose a novel reversible anonymization scheme for face images via cyclic learning. In our scheme, face images can be de-identified for privacy protection and reidentified when necessary. To achieve this, we employ generative adversarial networks with a cycle consistency loss function to learn the bidirectional transformation between the de-identified and re-identified domains. Experimental results demonstrate that our scheme performs well in terms of both de-identification and reidentification. Furthermore, a security analysis validates the effectiveness of our system in mitigating potential attacks.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141969840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-07-09DOI: 10.1186/s13635-024-00170-7
Randy Kuang, Maria Perepechaenko, Ryan Toth, Michel Barbeau
A novel quantum-safe key encapsulation algorithm, called Multivariate Polynomial Public Key (MPPK), was recently proposed by Kuang, Perepechaenko, and Barbeau. Security of the MPPK key encapsulation mechanism does not rely on the prime factorization or discrete logarithm problems. It builds upon the NP-completeness of the modular Diophantine equation problem, for which there are no known efficient classical or quantum algorithms. Hence, it is resistant to known quantum computing attacks. The private key of MPPK comprises a pair of multivariate polynomials. In a companion paper, we analyzed the performance of MPPK when these polynomials are quadratic. The analysis highlighted the MPPK high decapsulation time. We found that, while maintaining the security strength, the polynomials can be linear. Considerable performance gains are obtained for the decapsulation process. In this article, we benchmark the linear case and compare the results with the previous quadratic case.
{"title":"Performance comparison of quantum-safe multivariate polynomial public key encapsulation algorithm","authors":"Randy Kuang, Maria Perepechaenko, Ryan Toth, Michel Barbeau","doi":"10.1186/s13635-024-00170-7","DOIUrl":"https://doi.org/10.1186/s13635-024-00170-7","url":null,"abstract":"A novel quantum-safe key encapsulation algorithm, called Multivariate Polynomial Public Key (MPPK), was recently proposed by Kuang, Perepechaenko, and Barbeau. Security of the MPPK key encapsulation mechanism does not rely on the prime factorization or discrete logarithm problems. It builds upon the NP-completeness of the modular Diophantine equation problem, for which there are no known efficient classical or quantum algorithms. Hence, it is resistant to known quantum computing attacks. The private key of MPPK comprises a pair of multivariate polynomials. In a companion paper, we analyzed the performance of MPPK when these polynomials are quadratic. The analysis highlighted the MPPK high decapsulation time. We found that, while maintaining the security strength, the polynomials can be linear. Considerable performance gains are obtained for the decapsulation process. In this article, we benchmark the linear case and compare the results with the previous quadratic case.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141568039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-07-04DOI: 10.1186/s13635-024-00173-4
Jimin Zhang, Xiaolei He, Yun Cao
Recently, a robust steganographic algorithm that achieves errorless robustness against JPEG recompression has been proposed. The method employs a lattice embedding scheme and utilizes the syndrome-trellis code (STC) for practical embedding. However, we have noticed that errorless robust embedding with STC may encounter failures due to modifications on wet coefficients, especially when a high quality factor is used by the compression channel. To solve this problem, we have discovered that using steganographic polar code (SPC) for embedding has better performance in avoiding modifications on wet coefficients. In this paper, we conduct theoretical analysis to prove the better performance of SPC in wet paper embedding. We establish the condition of avoiding modifications on wet coefficients, followed by presenting a recursive calculation method for determining the distribution of columns in the generator matrix of SPC. The findings reveal that SPC can avoid modifications on wet coefficients under a larger number of wet coefficients compared with STC, and therefore we propose a better errorless robust embedding method employing SPC. The experimental results demonstrate that under close security performance, the proposed method achieves a higher success rate compared with embedding with STC. Specifically, when the quality factor of the compressor is 95 and the payload size is 0.4 bpnzac, our method achieves a success rate of 99.85%, surpassing the 91.95% success rate of the embedding with STC.
{"title":"Errorless robust JPEG steganography using steganographic polar codes","authors":"Jimin Zhang, Xiaolei He, Yun Cao","doi":"10.1186/s13635-024-00173-4","DOIUrl":"https://doi.org/10.1186/s13635-024-00173-4","url":null,"abstract":"Recently, a robust steganographic algorithm that achieves errorless robustness against JPEG recompression has been proposed. The method employs a lattice embedding scheme and utilizes the syndrome-trellis code (STC) for practical embedding. However, we have noticed that errorless robust embedding with STC may encounter failures due to modifications on wet coefficients, especially when a high quality factor is used by the compression channel. To solve this problem, we have discovered that using steganographic polar code (SPC) for embedding has better performance in avoiding modifications on wet coefficients. In this paper, we conduct theoretical analysis to prove the better performance of SPC in wet paper embedding. We establish the condition of avoiding modifications on wet coefficients, followed by presenting a recursive calculation method for determining the distribution of columns in the generator matrix of SPC. The findings reveal that SPC can avoid modifications on wet coefficients under a larger number of wet coefficients compared with STC, and therefore we propose a better errorless robust embedding method employing SPC. The experimental results demonstrate that under close security performance, the proposed method achieves a higher success rate compared with embedding with STC. Specifically, when the quality factor of the compressor is 95 and the payload size is 0.4 bpnzac, our method achieves a success rate of 99.85%, surpassing the 91.95% success rate of the embedding with STC.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141546663","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-07-03DOI: 10.1186/s13635-024-00172-5
Matthew Comb, Andrew Martin
The field of digital identity innovation has grown significantly over the last 30 years, with over 6000 technology patents registered worldwide. However, many questions remain about who controls and owns our digital identity and intellectual property and, ultimately, where the future of digital identity is heading. To investigate this further, this research mines digital identity patents and explores core themes such as identity, systems, privacy, security, and emerging fields like blockchain, financial transactions, and biometric technologies, utilizing natural language processing (NLP) methods including part-of-speech (POS) tagging, clustering, topic classification, noise reduction, and lemmatisation techniques. Finally, the research employs graph modelling and statistical analysis to discern inherent trends and forecast future developments. The findings significantly contribute to the digital identity landscape, identifying key players, emerging trends, and technological progress. This research serves as a valuable resource for academia and industry stakeholders, aiding in strategic decision-making and investment in emerging technologies and facilitating navigation through the dynamic realm of digital identity technologies.
{"title":"Mining digital identity insights: patent analysis using NLP","authors":"Matthew Comb, Andrew Martin","doi":"10.1186/s13635-024-00172-5","DOIUrl":"https://doi.org/10.1186/s13635-024-00172-5","url":null,"abstract":"The field of digital identity innovation has grown significantly over the last 30 years, with over 6000 technology patents registered worldwide. However, many questions remain about who controls and owns our digital identity and intellectual property and, ultimately, where the future of digital identity is heading. To investigate this further, this research mines digital identity patents and explores core themes such as identity, systems, privacy, security, and emerging fields like blockchain, financial transactions, and biometric technologies, utilizing natural language processing (NLP) methods including part-of-speech (POS) tagging, clustering, topic classification, noise reduction, and lemmatisation techniques. Finally, the research employs graph modelling and statistical analysis to discern inherent trends and forecast future developments. The findings significantly contribute to the digital identity landscape, identifying key players, emerging trends, and technological progress. This research serves as a valuable resource for academia and industry stakeholders, aiding in strategic decision-making and investment in emerging technologies and facilitating navigation through the dynamic realm of digital identity technologies.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141546664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}