Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
1
1
2009
01
28
A TESLA-based mutual authentication protocol for GSM networks
3
15
EN
A.
Fanian
fanian@ec.iut.ac.ir
M.
Berenjkoub
brnjkb@cc.iut.ac.ir
T. A.
Gulliver
a.gulliver@ieee.org
10.22042/isecure.2015.1.1.2
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against man-in-the-middle attacks. Several solutions have been proposed to establish mutual entity authentication. However, none provide a aw-free bilateral authentication protocol. In this paper, we show that a recently proposed solution is vulnerable to a "type attack". Then, we propose a novel mutual entity authentication using the TESLA protocol. The proposed solution not only provides secure bilateral authentication, but also decreases the call setup time and the required connection bandwidth. An important feature of the proposed protocol is that it is compatible with the GSM standard.
GSM,Entity Authentication,Bilateral Authentication,Unilateral Authentication,Man-in-the-Middle Attack,TESLA Protocol
https://www.isecure-journal.com/article_39162.html
https://www.isecure-journal.com/article_39162_442139f8b4631144334a0950f2c2ec02.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
1
1
2009
01
28
Steganalysis of embedding in difference of image pixel pairs by neural network
17
26
EN
V.
Sabeti
vajiheh.sabeti@gmail.com
Sh.
Samavi
samavi96@cc.iut.ac.ir
M.
Mahdavi
mahdavi@ec.iut.ac.ir
Sh.
Shirani
shirani@mcmaster.ca
10.22042/isecure.2015.1.1.3
In this paper a steganalysis method is proposed for pixel value differencing method. This steganographic method, which has been immune against conventional attacks, performs the embedding in the difference of the values of pixel pairs. Therefore, the histogram of the differences of an embedded image is di_erent as compared with a cover image. A number of characteristics are identified in the difference histogram that show meaningful alterations when an image is embedded. Five distinct multilayer perceptrons neural networks are trained to detect different levels of embedding. Every image is fed in to all networks and a voting system categorizes the image as stego or cover. The implementation results indicate an 88.6% success in correct categorization of the test images.
Steganography,Steganalysis,Pixel-Value Differencing,Neural Net,Perceptrons
https://www.isecure-journal.com/article_39163.html
https://www.isecure-journal.com/article_39163_226065ba3b3cf515366da5ef4b5dda36.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
1
1
2009
01
28
A collusion attack on the fuzzy vault scheme
27
34
EN
H.
T.
Poon
hpoon015@site.uottawa.ca
A.
Miri
samiri@site.uottawa.ca
10.22042/isecure.2015.1.1.4
The Fuzzy Vault scheme is an encryption scheme, which can tolerate errors in the keys. This leads to the possibility of enhancing the security in environments where these errors can be common, such as biometrics storage systems. Although several researchers have provided implementations, we find that the scheme is vulnerable to attacks when not properly used. This paper describes an attack on the Fuzzy Vault scheme where the attacker is assumed to have access to multiple vaults locked by the same key and where a non-maximal vault size is used. The attack effectively reduces the vault size by identifying and removing cha_ points. As the vault size decreases, the rate at which cha_ points are identified increases exponentially. Several possible defenses against the attack are also discussed.
Biometric Encryption,Fuzzy Vault,vulnerability
https://www.isecure-journal.com/article_39164.html
https://www.isecure-journal.com/article_39164_bb892dfd2dc7dcabe491c9d4e5201284.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
1
1
2009
01
28
CAMAC: a context-aware mandatory access control model
35
54
EN
J. H.
Jafarian
jafarian@ce.sharif.edu
M.
Amini
m.amini@ce.sharif.edu
10.22042/isecure.2015.1.1.5
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive computing environments. To this aim, we propose a context-aware mandatory access control model (CAMAC) capable of dynamic adaptation of access control policies to context, and of handling context-sensitive class association, in addition to preservation of confidentiality and integrity as specified in traditional mandatory access control models. In order to prevent any ambiguity, a formal specification of the model and its elements such as context predicates, context types, level update rules, and operations is required. High expressiveness of the model allows specification of the traditional mandatory access control models such as BLP, Biba, Dion, and Chinese Wall. The model can also be considered as an information flow control model with context-sensitive association of security classes.
Mandatory Access Control,Multilevel Security,Authorization,Context Awareness,Information Flow Control
https://www.isecure-journal.com/article_39165.html
https://www.isecure-journal.com/article_39165_e755ca5ca132adcb83c6cfa7503ec298.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
1
1
2009
01
28
Process algebraic modeling of authentication protocols for analysis of parallel multi-session executions
55
67
EN
R.
Ramezanian
ramezanian@sharif.edu
10.22042/isecure.2015.1.1.6
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authentication for parallel multiple session's execution. To model the authentication, two main notions called 1. <em>agent's scope</em> and 2. <em>agent's</em> <em>recognizability</em> are introduced, which consider the difference of ability of agents due to their different roles in the protocol and different access to keys and secrets. To formalize above notions, a process algebra provided by some primitives for manipulating cryptographic messages is used. We formalize some security protocols and examine our definition of authentication for them. We just discuss the symmetric key case.
Authentication,Process Algebra,Parallel Sessions,Security
https://www.isecure-journal.com/article_39166.html
https://www.isecure-journal.com/article_39166_1c551feb113b3ae95c92a8aabb86dd90.pdf