Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101A survey on digital data hiding schemes: principals, algorithms, and applications5363913410.22042/isecure.2013.5.1.2ENM. A.AkhaeeF.MarvastiJournal Article20130914This paper investigates digital data hiding schemes. The concept of information hiding will be explained at first, and its traits, requirements, and applications will be described subsequently. In order to design a digital data hiding system, one should first become familiar with the concepts and criteria of information hiding. Having knowledge about the host signal, which may be audio, image, or video and the final receiver, which is Human Auditory System (HAS) or Human Visual System (HVS), is also beneficial. For the speech/audio case, HAS will be briefly reviewed to find out how to make the most of its weaknesses for embedding as much data as possible. The same discussion also holds for the image watermarking. Although several audio and image data hiding schemes have been proposed so far, they can be divided into a few categories. Hence, conventional schemes along with their recently published extensions are introduced. Besides, a general comparison is made among these methods leading researchers/designers to choose the appropriate schemes based on their applications. Regarding the old scenario of the prisoner-warden and the evil intention of the warden to eavesdrop and/or destroy the data that Alice sends to Bob, there are both intentional and unintentional attacks to digital information hiding systems, which have the same effect based on our definition. These attacks can also be considered for testing the performance or benchmarking, of the watermarking algorithm. They are also known as steganalysis methods which will be discussed at the end of the paper.Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101Design and formal verification of DZMBE+37533913510.22042/isecure.2013.5.1.3ENM.Soodkhah MohammadiA.Ghaemi BafghiJournal Article20121231In this paper, a new broadcast encryption scheme is presented based on threshold secret sharing and secure multiparty computation. This scheme is maintained to be dynamic in that a broadcaster can broadcast a message to any of the dynamic groups of users in the system and it is also fair in the sense that no cheater is able to gain an unfair advantage over other users. Another important feature of our scheme is collusion resistance. Using secure multiparty computation, a traitor needs <em>k</em> cooperators in order to create a decryption machine. The broadcaster can choose the value of <em>k</em> as he decides to make a trade-off between communication complexity and collusion resistance. Comparison with other Broadcast Encryption schemes indicates enhanced performance and complexity on the part of the proposed scheme (in terms of message encryption and decryption, key storage requirements, and ciphertext size) relative to similar schemes. In addition, the scheme is modeled using applied pi calculus and its security is verified by means of an automated verification tool, i.e., ProVerif.Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC55703913610.22042/isecure.2013.5.1.4ENM.Sabzinejad Farashsabzinejad@tmu.ac.irM.Ahmadian AttariJournal Article20130101Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is generated by a trusted Private Key Generator (PKG). However, it is unrealistic to assume that a single PKG will be responsible for issuing private keys to members of different organizations or a large-scale nation. Hence, it is needed to consider multiple PKG environments with different system parameters. In this paper, we propose an identity-based key agreement protocol among users of different networks with independent PKGs, which makes use of elliptic curves. We prove the security of the proposed protocol in the random oracle model and show that all security attributes are satisfied. We also demonstrate a comparison between our protocol and some related protocols in terms of the communication costs and the execution time. The results show that the execution time of our protocol is less than 10%, and its communication costs are about 50% of the competitor protocols.Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101DyVSoR: dynamic malware detection based on extracting patterns from value sets of registers71823913710.22042/isecure.2013.5.1.5ENM.GhiasiA.SamiZ.SalehiJournal Article20130102To control the exponential growth of malware files, security analysts pursue dynamic approaches that automatically identify and analyze malicious software samples. Obfuscation and polymorphism employed by malwares make it difficult for signature-based systems to detect sophisticated malware files. The dynamic analysis or run-time behavior provides a better technique to identify the threat. In this paper, a dynamic approach is proposed in order to extract features from binaries. The run-time behavior of the binary files were found and recorded using a homemade tool that provides a controlled environment. The approach based on DyVSoR assumes that the run-time behavior of each binary can be represented by the values of registers. A method to compute the similarity between two binaries based on the value sets of the registers is presented. Hence, the values are traced before and after invoked API calls in each binary and mapped to some vectors. To detect an unknown file, it is enough to compare it with dataset binaries by computing the distance between registers, content of this file and all binaries. This method could detect malicious samples with 96.1% accuracy and 4% false positive rate. The list of execution traces and the dataset are reachable at: http://home.shirazu.ac.ir/˷ sami/malwareIranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101Robust multiplicative video watermarking using statistical modeling83953913810.22042/isecure.2013.5.1.6ENA.DiyanatM. A.AkhaeeSh.GhaemmaghamiJournal Article20130105The present paper is intended to present a robust multiplicative video watermarking scheme. In this regard, the video signal is segmented into 3-D blocks like cubes, and then, the 3-D wavelet transform is applied to each block. The low frequency components of the wavelet coefficients are then used for data embedding to make the process robust against both malicious and unintentional attacks. The hidden message is inserted through multiplying/dividing these coefficients by a constant parameter which controls the power of the watermark. The watermark extraction relies on a maximum likelihood-based procedure, observing the distribution of the watermarked coefficients. The performance of the proposed scheme has been verified via simulations and found to be superior to some of the well-known existing video watermarking methods.Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130101Image encryption based on chaotic tent map in time and frequency domains971103913910.22042/isecure.2013.5.1.7ENE.HassaniM.EshghiJournal Article20120203The present paper is aimed at introducing a new algorithm for image encryption using chaotic tent maps and the desired key image. This algorithm consists of two parts, the first of which works in the frequency domain and the second, in the time domain. In the frequency domain, a desired key image is used, and a random number is generated, using the chaotic tent map, in order to change the phase of the plain image. This change in the frequency domain causes changes in the pixels value and shuffles the pixels location in the time domain. Finally, in the time domain, a pseudo random image is produced using a chaotic tent map, to be combined to the image generated through the first step, and thus the final encrypted image is created. A computer simulation is also utilized to evaluate the proposed algorithm and to compare its results to images encrypted by other methods. The criteria for these comparisons are chi-square test of histogram, correlation coefficients of pixels, NPCR (number of pixel change rate), UACI (unified average changing intensity), MSE (mean square error) and MAE (mean absolute error), key space, and sensitivity to initial condition. These comparisons reveal that the proposed chaotic image encryption method shows a higher performance, and is of more secure.Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20455120130125Persian Abstract1111164522310.22042/isecure.2013.5.1.8ENJournal Article20130123