Abstract: Controller area network (CAN) is a communication protocol that provides reliable and productive transmission between in-vehicle nodes continuously. CAN bus protocol is broadly utilized standard channel to deliver sequential communications between electronic control units (ECUs) due to simple and reliable in-vehicle communication. Existing studies report how easily an attack can be performed on the CAN bus of in-vehicle due to weak security mechanisms that could lead to system malfunctions. Hence the security of communications inside a vehicle is a latent problem. In this paper, we propose a novel approach named CANintelliIDS, for vehicle intrusion attack detection on the CAN bus. CANintelliIDS is based on a combination of convolutional neural network (CNN) and attention-based gated recurrent unit (GRU) model to detect single intrusion attacks as well as mixed intrusion attacks on a CAN bus. The proposed CANintelliIDS model is evaluated extensively and it achieved a performance gain of 10.79% on test intrusion attacks over existing approaches.

Abstract: We introduce CryptGPU, a system for privacy-preserving machine learning that implements all operations on the GPU (graphics processing unit). Just as GPUs played a pivotal role in the success of modern deep learning, they are also essential for realizing scalable privacy-preserving deep learning. In this work, we start by introducing a new interface to losslessly embed cryptographic operations over secret-shared values (in a discrete domain) into floating-point operations that can be processed by highly-optimized CUDA kernels for linear algebra. We then identify a sequence of "GPU-friendly" cryptographic protocols to enable privacy-preserving evaluation of both linear and non-linear operations on the GPU. Our microbenchmarks indicate that our private GPU-based convolution protocol is over 150× faster than the analogous CPU-based protocol; for non-linear operations like the ReLU activation function, our GPU-based protocol is around 10× faster than its CPU analog. With CryptGPU, we support private inference and training on convolutional neural networks with over 60 million parameters as well as handle large datasets like ImageNet. Compared to the previous state-of-the-art, our protocols achieve a 2× to 8× improvement in private inference for large networks and datasets. For private training, we achieve a 6× to 36× improvement over prior state-of-the-art. Our work not only showcases the viability of performing secure multiparty computation (MPC) entirely on the GPU to newly enable fast privacy-preserving machine learning, but also highlights the importance of designing new MPC primitives that can take full advantage of the GPU’s computing capabilities.

Abstract: Blockchain plays a vital task in cybersecurity. With the exerted efforts for realising large-scale quantum computers, most current cryptographic mechanisms may be hacked. Accordingly, we need a quantum tool utilised for designing blockchain frameworks to have the ability to be executed in the level of digital computers and resist the probable attacks from both digital and quantum computers. Quantum walks may be utilised as a quantum-inspired model for designing new cryptographic algorithms. In this paper, we present a new authentication and encryption protocol based on quantum-inspired quantum walks (QIQW). The proposed protocol is utilized to build a blockchain framework for secure data transmission among IoT devices. Instead of using classical cryptographic hash functions, quantum hash functions based on QIQW are employed for linking blocks of the chain. The main advantages of the presented framework are helping IoT nodes to effectively share their data with other nodes and full control of their records. Security analysis demonstrates that our proposed protocol can defend against message attack and impersonation attacks, thus ensuring secure transmission of data among IoT devices.

Abstract: The adoption of network traffic encryption is continually growing. Popular applications use encryption protocols to secure communications and protect the privacy of users. In addition, a large portion of malware is spread through the network traffic taking advantage of encryption protocols to hide its presence and activity. Entering into the era of completely encrypted communications over the Internet, we must rapidly start reviewing the state-of-the-art in the wide domain of network traffic analysis and inspection, to conclude if traditional traffic processing systems will be able to seamlessly adapt to the upcoming full adoption of network encryption. In this survey, we examine the literature that deals with network traffic analysis and inspection after the ascent of encryption in communication channels. We notice that the research community has already started proposing solutions on how to perform inspection even when the network traffic is encrypted and we demonstrate and review these works. In addition, we present the techniques and methods that these works use and their limitations. Finally, we examine the countermeasures that have been proposed in the literature in order to circumvent traffic analysis techniques that aim to harm user privacy.

Abstract: Information encryption with optical technologies has become increasingly important due to remarkable multidimensional capabilities of light fields However, the optical encryption protocols proposed to date have been primarily based on the first-order field characteristics, which are strongly affected by interference effects and make the systems become quite unstable during light-matter interaction Here, we introduce an alternative optical encryption protocol whereby the information is encoded into the second-order spatial coherence distribution of a structured random light beam via a generalized van Cittert-Zernike theorem We show that the proposed approach has two key advantages over its conventional counterparts First, the complexity of measuring the spatial coherence distribution of light enhances the encryption protocol security Second, the relative insensitivity of the second-order statistical characteristics of light to environmental noise makes the protocol robust against the environmental fluctuations, eg, the atmospheric turbulence We carry out experiments to demonstrate the feasibility of the coherence-based encryption method with the aid of a fractional Fourier transform Our results open up a promising avenue for further research into optical encryption in complex environments

Abstract: The Internet of Things (IoT) comprises physical/virtual networked objects that collect and exchange data with each other via the public Internet. As this exchange often takes place over public networks, many security attacks in an IoT environment are possible. First, we briefly review the security issues in the IoT environment. Next, we focus on recent cryptographic protocol standards that are in use or have been recommended for IoT devices to ensure secure communications. We also highlight the advantages and weaknesses of the several protocol standards for various IoT application scenarios including connected vehicles, health, smart home, and consumer appliances and devices. Finally, we discuss some challenges in the area of cryptographic protocol standards that still require to be addressed for IoT applications in the future.

Abstract: The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices’ identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Non-cryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, incremental learning, and abnormality detection.

Abstract: Sixth generation systems are expected to face new security challenges, while opening up new frontiers towards context awareness in the wireless edge. The workhorse behind this projected technological leap will be a whole new set of sensing capabilities predicted for 6G devices, in addition to the ability to achieve high precision localization. The combination of these enhanced traits can give rise to a new breed of context-aware security protocols, following the quality of security (QoSec) paradigm. In this framework, physical layer security solutions emerge as competitive candidates for low complexity, low-delay and low-footprint, adaptive, flexible and context aware security schemes, leveraging the physical layer of the communications in genuinely cross-layer protocols, for the first time.

Abstract: Internet of Things (IoT) is an emergent and evolving technology, interconnecting the cyber and physical worlds. IoT technology finds applications in a broad spectrum of areas such as homes, health, water and sanitation, transportation, and environmental monitoring. However, the endless opportunities and benefits of IoT come with many security challenges due to the reduced computation, communication, storage, and energy capabilities of the IoT smart devices. Several computationally lightweight cryptographic protocols exist for these resource-constrained IoT smart devices. However, lightweight solutions render the resource-rich ends of the IoT systems (e.g., edge, fog, or cloud modes) vulnerable as nodes at those ends have the capacity for computationally heavier cryptographic protocols, and they operate in relatively more malicious environments. This asymmetric computational nature of IoT systems requires security protocols that can adapt to the resource availability at the node that they operate. This survey describes the IoT structure, computational capabilities of the devices at the end, edge, fog, and cloud platforms, and classifies existing lightweight cryptographic protocols. The comparative analysis of the existing lightweight cryptographic solutions along with their advantages, drawbacks, and vulnerabilities highlights the need for elastic cryptographic protocols which are capable of adapting to the asymmetric capabilities of the different nodes in IoT systems.

Abstract: Industrial Internet of Things (IoT) has suffered from insufficient identity authentication and dynamic network topology, thereby resulting in vulnerabilities to data confidentiality. Recently, the attribute-based encryption (ABE) schemes have been regarded as a solution to ensure data transmission security and the fine-grained sharing of encrypted IoT data. However, most of existing ABE schemes that bring tremendous computational cost are not suitable for resource-constrained IoT devices. Therefore, lightweight and efficient data sharing and searching schemes suitable for IoT applications are of great importance. To this end, In this article, we propose a light searchable ABE scheme (namely LSABE). Our scheme can significantly reduce the computing cost of IoT devices with the provision of multiple-keyword searching for data users. Meanwhile, we extend the LSABE scheme to multiauthority scenarios so as to effectively generate and manage the public/secret keys in the distributed IoT environment. Finally, the experimental results demonstrate that our schemes can significantly maintain computational efficiency and save the computational cost at IoT devices, compared to other existing schemes.

Abstract: It is a challenging task to deploy lightweight security protocols in resource-constrained IoT applications. A hardware-oriented lightweight authentication protocol based on device signature generated during voltage over-scaling (VOS) was recently proposed to address this issue. VOS-based authentication employs the computation unit such as adders to generate the process variation dependent error which is combined with secret keys to create a two-factor authentication protocol. In this paper, machine learning (ML)-based modeling attacks to break such authentication is presented. We also propose a \underline{c}hallenge \underline{s}elf-\underline{o}bfuscation \underline{s}tructure (CSoS) which employs previous challenges combined with keys or random numbers to obfuscate the current challenge for the VOS-based authentication to resist ML attacks. Experimental results show that ANN, RNN and CMA-ES can clone the challenge-response behavior of VOS-based authentication with up to 99.65% prediction accuracy, while the prediction accuracy is less than 51.2% after deploying our proposed ML resilient technique. In addition, our proposed CSoS also shows good obfuscation ability for strong PUFs. Experimental results show that the modeling accuracies are below 54% when $10^6$ challenge-response pairs (CRPs) are collected to model the CSoS-based Arbiter PUF with ML attacks such as LR, SVM, ANN, RNN and CMA-ES.

Abstract: We give a protocol for Asynchronous Distributed Key Generation (A-DKG) that is optimally resilient (can withstand f Our A-DKG protocol relies on several building blocks that are of independent interest. We define and design a Proposal Election (PE) protocol that allows parties to retrospectively agree on a validproposal after enough proposals have been sent from different parties. With constant probability the elected proposal was proposed by a nonfaulty party. In building our PE protocol, we design a Verifiable Gather protocol which allows parties to communicate which proposals they have and have not seen in a verifiable manner. The final building block to our A-DKG is a Validated Asynchronous Byzantine Agreement (VABA) protocol. We use our PE protocol to construct a VABA protocol that does not require leaders or an asynchronous DKG setup. Our VABA protocol can be used more generally when it is not possible to use threshold signatures.

Abstract: A smart home enables users to access devices such as lighting, HVAC, temperature sensors, and surveillance camera. It provides a more convenient and safe living environment for users. Security and privacy, however, is a key concern since information collected from these devices are normally communicated to the user through an open network (i.e. Internet) or system provided by the service provider. The service provider may store and have access to these information. Emerging smart home hubs such as Samsung SmartThings and Google Home are also capable of collecting and storing these information. Leakage and unauthorized access to the information can have serious consequences. For example, the mere timing of switching on/off of an HVAC unit may reveal the presence or absence of the home owner. Similarly, leakage or tampering of critical medical information collected from wearable body sensors can have serious consequences. Encrypting these information will address the issues, but it also reduces utility since queries is no longer straightforward. Therefore, we propose a privacy-preserving scheme, $\sf {PrivHome}$ PrivHome . It supports authentication, secure data storage and query for smart home systems. $\sf {PrivHome}$ PrivHome provides data confidentiality as well as entity and data authentication to prevent an outsider from learning or modifying the data communicated between the devices, service provider, gateway, and the user. It further provides privacy-preserving queries in such a way that the service provider, and the gateway does not learn content of the data. To the best of our knowledge, privacy-preserving queries for smart home systems has not been considered before. Under our scheme is a new, lightweight entity and key-exchange protocol, and an efficient searchable encryption protocol. Our scheme is practical as both protocols are based solely on symmetric cryptographic techniques. We demonstrate efficiency and effectiveness of our scheme based on experimental and simulation results, as well as comparisons to existing smart home security protocols.

Abstract: Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

Abstract: Transmission of the information in any form requires security. Security protocols used for communication rely on the use of random numbers. Pseudo-random numbers are required with good statistical properties and efficiency. The use of a single chaotic map may not produce enough randomness. The turbulence is padded into the existing map to improve its chaotic behaviour and increase the periodicity. A Pseudo-random number generator (PRNG) with this architecture is devised to generate random bit sequences from secret keys. The statistical properties of newly constructed PRNG are tested with NIST SP 800–22 statistical test suite and were shown to have good randomness. To ensure its usability in cryptographic applications, we analysed the size of its key space, key sensitivity, and performance speed. The test results show that the newly designed PRNG has a 3.6% increase in key space and a 5% increase in its performance speed compared to existing chaotic PRNGs. The novel PRNG with faster performance is found suitable for lightweight cryptographic applications.

Abstract: Information security broadly refers to the state of protection against unsanctioned access to information or data, principally electronic or digital data. In today’s world of modern technology, there is a need to design and develop security measures to protect information from various security risks and threats. Wireless Sensor Networks (WSNs) hold significant importance in this era of the technological world; as its wide range of applications are being used around the globe in almost every domain. WSNs are being deployed with several constraints and limitations, due to which deploying security mechanisms on such networks becomes a difficult task for the developers. This research work specifically targeted security issues in WSNs and hence subjected to provide authentication and data encryption in a novel manner for node-to-node communication. The proposed scheme not only provides security for the node to node communication network but also hoards memory space on nodes with the help of Elliptic Curve Digital Signature (ECDSA) cryptographic scheme to provide an appropriate mechanism for measuring key generation time, count of hello message and packet size. Furthermore, the Algorithm for Wireless Secure Communication (ASCW) also provides key management with acceptable key length. In addition to this, ASCW helps in securing the communication on node level which helps in securing the whole network in a better and efficient manner. ASCW also reduces the cost of risk and security threats on the network with the help of authentication mechanism. A physical testbed has designed based on devices and sensor motes according to the required specifications. The proposed solutions have evaluated in terms of key generation time, several hello message and size of data packets. Experimental results have indicated that ASCW is one of the suitable and a novel approach for securing data on nodes during communication in WSNs.

Abstract: 5G mobile communication systems promote the mobile network to not only interconnect people, but also interconnect and control the machine and other devices. 5G-enabled Internet of Things (IoT) communication environment supports a wide-variety of applications, such as remote surgery, self-driving car, virtual reality, flying IoT drones, security and surveillance and many more. These applications help and assist the routine works of the community. In such communication environment, all the devices and users communicate through the Internet. Therefore, this communication agonizes from different types of security and privacy issues. It is also vulnerable to different types of possible attacks (for example, replay, impersonation, password reckoning, physical device stealing, session key computation, privileged-insider, malware, man-in-the-middle, malicious routing, and so on). It is then very crucial to protect the infrastructure of 5G-enabled IoT communication environment against these attacks. This necessitates the researchers working in this domain to propose various types of security protocols under different types of categories, like key management, user authentication/device authentication, access control/user access control and intrusion detection. In this survey paper, the details of various system models (i.e., network model and threat model) required for 5G-enabled IoT communication environment are provided. The details of security requirements and attacks possible in this communication environment are further added. The different types of security protocols are also provided. The analysis and comparison of the existing security protocols in 5G-enabled IoT communication environment are conducted. Some of the future research challenges and directions in the security of 5G-enabled IoT environment are displayed. The motivation of this work is to bring the details of different types of security protocols in 5G-enabled IoT under one roof so that the future researchers will be benefited with the conducted work.

Abstract: Wireless sensor networks are deployed without predefined infrastructure and are generally left unattended. Indeed, the vulnerability of the wireless sensor networks to attacks comes principally from their inherent characteristics. As the data are transmitted over the air, it is very easy for an adversary to spy on traffic. Also, to meet the strict budgetary requirements, the sensor nodes tend to not be tamperproof and thus offer no protection against security attacks. Alongside with these vulnerabilities, the human intervention is always not allowed to deal with adversaries who attempt to compromise the network. Therefore, security systems are mainly needed to secure the network and ensure the protection against security threats. Indeed, cryptographic based systems are generally used to ensure security. However, due to the lack of memory and power (low computing, limited energy reserves) of the sensor nodes, most of these approaches are not suitable. Therefore, providing security while respecting the specific constraints of the sensors, represents one of the most important research issue in wireless sensor networks. Indeed, several studies have been conducted these last decades to propose lightweight and efficient security protocols for wireless sensor networks. In this paper, we review the most leading protocols and classify them based the addressed security issue. Also, we outline the main security constraints and challenges and present the future research directions based on the emerged application fields.

Abstract: Nowadays, wireless sensor networks (WSNs) are essential for monitoring and data collection in many industrial environments. Industrial environments are usually huge. The distances between the devices located in them can be vast; in this case, the Industrial Internet of Things (IIoT) leads to greater productivity and efficiency of industries. Furthermore, the sensor devices in IIoT have limited memory and constrained processing power, and using gateway nodes is inevitable to cover these vast areas and manage communications between industrial sensors. Security threats such as compromised devices, denial of service, and leakage of confidential information can incur hefty expenses and irreparable damage to industrial systems. Hence, in the IIoT hierarchical architecture, anonymous and mutual authentication between users, gateway nodes, and sensor nodes is essential to protect users and the system’s security and privacy. In this article, we propose a lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-Based IIoT (LAPTAS). In LAPTAS, registered users can use their security smartcard to communicate with sensors and access their data. Moreover, the proposed scheme supports sensor node dynamic registration, password and biometric change, and revocation phase. Additionally, we evaluate and verify our scheme’s security formally using the Real-or-Random model and informally with the automatic cryptographic Protocol Verifier tool(ProVerif). Finally, our scheme is simulated by the OPNET network simulator and compared with other similar schemes to ensure that the LAPTAS meets all security and performance requirements.

Abstract: Intelligent UAV-based monitoring systems are becoming an essential apparatus for crowd monitoring as they have proven to be viable and cost-effective solutions. Applications of such systems may include detecting antisocial and abnormal behavior among a crowd to ensure public safety and security, especially during periods of pandemic or social unrest when technology is aimed at replacing the human factor to ensure scalability and reduce risk. On the other hand, the modern architectures of autonomous UAV-based systems requires processing the captured information at the edge and cloud facilities, which requires transmission and/or retransmission of the captured data. This vulnerability of data security during transmission may compromise the benefits of the technology. Therefore, there is need for an effective strategy to achieve a secure architecture that takes into consideration the limited computing capabilities onboard the UAV agents and the distributed nature of the system. Blockchain, as a distributed network technology, will provide a safe, transparent, and efficient network system for UAV systems. Therefore, this article proposes a drone-swarm-aided distributed monitoring system in a blockchain-powered network. In the proposed monitoring mechanism, the security protocol and encryption algorithm are applied to ensure the security of each stage of the system, so as to realize the cooperative drone swarm to reliably perform monitoring tasks. The blockchain technology is introduced to achieve tamper-proof monitoring log recording and support group decision making of monitoring transactions.

Abstract: In biomedical applications, valuable data is often split between owners who cannot openly share the data because of privacy regulations and concerns. Training machine learning models on the joint data without violating privacy is a major technology challenge that can be addressed by combining techniques from machine learning and cryptography. When collaboratively training machine learning models with the cryptographic technique named secure multi-party computation, the price paid for keeping the data of the owners private is an increase in computational cost and runtime. A careful choice of machine learning techniques, algorithmic and implementation optimizations are a necessity to enable practical secure machine learning over distributed data sets. Such optimizations can be tailored to the kind of data and Machine Learning problem at hand. Our setup involves secure two-party computation protocols, along with a trusted initializer that distributes correlated randomness to the two computing parties. We use a gradient descent based algorithm for training a logistic regression like model with a clipped ReLu activation function, and we break down the algorithm into corresponding cryptographic protocols. Our main contributions are a new protocol for computing the activation function that requires neither secure comparison protocols nor Yao’s garbled circuits, and a series of cryptographic engineering optimizations to improve the performance. For our largest gene expression data set, we train a model that requires over 7 billion secure multiplications; the training completes in about 26.90 s in a local area network. The implementation in this work is a further optimized version of the implementation with which we won first place in Track 4 of the iDASH 2019 secure genome analysis competition. In this paper, we present a secure logistic regression training protocol and its implementation, with a new subprotocol to securely compute the activation function. To the best of our knowledge, we present the fastest existing secure multi-party computation implementation for training logistic regression models on high dimensional genome data distributed across a local area network.

Abstract: With the maturity of cloud computing technology in terms of reliability and efficiency, a large number of services have migrated to the cloud platform. To convenient access to the services and protect the privacy of communication in the public network, three-factor Mutual Authentication and Key Agreement (MAKA) protocols for multi-server architectures gain wide attention. However, most of the existing three-factor MAKA protocols don’t provide a formal security proof resulting in various attacks on the related protocols, or they have high computation and communication costs. And most of the three-factor MAKA protocols haven’t a dynamic revocation mechanism, which leads to malicious users can not be promptly revoked. To address these drawbacks, we propose a provable dynamic revocable three-factor MAKA protocol that achieves the user dynamic management using Schnorr signatures and provides a formal security proof in the random oracle. Security analysis shows that our protocol can meet various demands in the multi-server environments. Performance analysis demonstrates that the proposed scheme is well suited for computing resource constrained smart devices. The full version of the simulation implementation proves the feasibility of the protocol.

Abstract: Despite unprecedented advancements, wireless local area network (WLAN) technologies for the Internet of Things (IoT), such as IEEE 802.11ah (i.e., WiFi-HaLow), are prone to serious security threats, owing to their constrained computational and memory resources, which limit the use of heavyweight intrusion protection and security protocols. To address this problem, security administrators (sec-admins) must perform regular and comprehensive vulnerability assessments of IoT devices. An Internet-wide port scan (IWPS) is the initial step. However, the medium access control mechanism of IEEE 802.11ah, designed specifically for heterogeneous IoT traffic and low-power operations, can degrade network performance in the case of traditional port-scan traffic. Moreover, Internet-security (IPSec) protocol support is mandatory for IPv6-enabled IoT devices to ensure data confidentiality, integrity, and availability. Although the objective of a port scan is to improve IoT security, the resultant network performance can adversely affect IPSec services. Therefore, in this study, we optimize the IWPS to maximize the IoT security over IEEE 802.11ah WLAN. To this end, we propose novel mathematical models to evaluate IoT security based on port-scan network performance and IPsec services, which derives an optimal scan rate for sec-admins. The effectiveness of the proposed framework is verified by comprehensive numerical analysis, which shows that our approach minimizes the risk to IoT devices while probing them at an optimal scan rate.

Abstract: Quantum computation represents a threat to many cryptographic protocols in operation today. It has been estimated that by 2035, there will exist a quantum computer capable of breaking the vital cryptographic scheme RSA2048. Blockchain technologies rely on cryptographic protocols for many of their essential sub-routines. Some of these protocols, but not all, are open to quantum attacks. Here we analyze the major blockchain-based cryptocurrencies deployed today—including Bitcoin, Ethereum, Litecoin and ZCash, and determine their risk exposure to quantum attacks. We finish with a comparative analysis of the studied cryptocurrencies and their underlying blockchain technologies and their relative levels of vulnerability to quantum attacks.

Abstract: Vehicular ad hoc networks (VANETs) significantly improves the efficiency and safety of driving since it reduces traffic jams and avoiding accidents, in which the necessary security goals are guaranteed using cryptographic method. In reality, the computation efficiency is very important in implementing the protocol in VANETs. When a vehicle with high speed enters in the coverage of a roadside unit (RSU), the computation overhead of authentication not only affects the communication experience, but also downgrades the driving safety. The feasible solution is to share a message in advance between vehicle and RSU with the help of certification authority (CA), however, CA can deduce the vehicle's route that should be privacy. In this paper, a privacy-preserving and lightweight V2I authentication (PLVA) protocol is proposed. Specifically, in the beginning phase, all roadside units in a region are converted to a vector using the Moore curve technique, then, a vehicle deduces the RSUs' information on its planning route using BGN homomorphic encryption before the vehicle begins its trip, meanwhile, CA knows nothing about the route plan although it assists the above process. With the deduced RSUs' information, fast authentication is achieved between vehicle and each RSU on its route. Moreover, performance evaluation illustrates that our PLVA is efficient in practical VANETs environment.

Abstract: The edge-based Internet of Things (IoT) computing provides a new value for the consumer where the smart devices, objects, and appliances connected over the internet. The data generated from the smart IoT devices need to be securely processed. With the increasing rate of smart IoT devices, the existing addressing schemes and security protocols do not guaranty to perform well in all situations. This paper proposed a smart card based secure addressing and authentication (SCSAA) scheme by modifying the standard IPv6 protocol to mitigate the security threats in the IoT network. The proposed scheme has two folds; firstly, this scheme provides a unique way of addressing by assigning unique 64-bit interface identifier (IID) to smart devices/appliances and uniquely authenticates them in IoT network. Secondly, this scheme uses the secret session key to prevent the network from unauthorized access. Additionally, this work also evaluates the informal security analysis, formal security analysis using ROR model and AVISPA tool. The overall security analysis proves that proposed scheme protect the smart home IoT network from various vulnerabilities and attacks.

Abstract: The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy...