The ISC International Journal of Information Security

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract Cube Attack is a successful case of Algebraic Attack. Cube Attack consists of two phases, linear equation extraction and solving the extracted equation system. Due to the high complexity of equation extraction phase in finding linear equations, we can extract nonlinear ones that could be approximated to linear equations with high probability. The probabilistic equations could be considered as linear ones under some noises. Existing approaches to solve noisy equation systems work well provided that the equation system has low error rate; however, as the error rate increases, the success rate of finding the exact solution diminishes, making them rather inefficient in high error rate. In this paper, we extend Cube Attack to probabilistic equations. First, an approximation approach based on linear combinations of nonlinear equations is presented to find probabilistic linear equations with high probability. Then, we present an approach to improve the efficiency of current solving approaches and make them practical to solve high error rate linear equation system. Finally, utilizing proposed approaches, we find the right key under extended noisy equation system with lower complexity in comparison to the original Cube Attack.

Abstract A novel feature extraction algorithm using Otsu’s Threshold (OT-features) on scrambled images and the Instantaneous Clustering (IC-CBIR) approach is proposed for Content-Based Image Retrieval in cloud computing. Images are stored in the cloud in an encrypted or scrambled form to preserve the privacy content of the images. The proposed method extracts the features from the scrambled images using the Otsu’s threshold. Initially, the Otsu’s threshold is estimated from the scrambled image and based on this threshold the image is divided into two classes in the first iteration. Again, the new threshold values are estimated from two classes. The difference between the new threshold and the previous threshold gives two features. This process is repeated for number of iteration to obtain the complete OT-features of the scrambled image. This paper also proposes an instantaneous clustering approach (IC-CBIR) where the image is moved into a cluster as soon as the image is uploaded by the image owner. Therefore while retrieving the images, the images near to a particular cluster are matched instead of matching with a complete set of image features in the dataset which reduces the search time. The performance of the proposed algorithm is being tested using four different types of the dataset such as Corel 10K, Misc, Oxford flower, and INRIA Holidays dataset. The experimental evaluation reveals that the proposed method outperforms better than the traditional CBIR algorithm on encrypted images in terms of precision, time of search and time of index construction.

Abstract Digital signature schemes are used to guarantee for non-repudiation and authenticity of any kind of data like documents, messages or software. The Winternitz one-time signature (WOTS) scheme, which can be described using a certain number of so-called “function chains”, plays an important role in the design of both stateless and stateful many-time signature schemes. The main idea of WOTS scheme is the use of a limited number of function chains, all of which begin at some random values. This work introduces WOTS-GES, a new WOTS type signature scheme in which the need for computing all of the intermediate values of the chains is eliminated. More precisely, to compute each algorithm of the proposed scheme, we only need to calculate one intermediate value. This significantly reduces the number of required operations needed to calculate the algorithms of WOTS-GES. To achieve this results, we have used the concept of “leveled” multilinear maps which is also
referred to as graded encoding schemes. We expect these results to increase the efficiency of Winternitz based digital signature schemes.

Abstract Cloud computing created a revolution in the way IT organizations and IT teams manage their internal digital resources and workloads. One major drawback or limitation of cloud computing, among others, is security. Cloud computing is plagued by a plethora of threats and vulnerabilities, with new ones being identified from time to time. Year-by-year, minor to significant security incidents are reported across the globe. To the best of knowledge, there is no research artifact in the recent past that covers the recent advancements in cloud computing security. To address this issue, this paper provides an analysis of the literature in the past few years related to cloud computing security. Taxonomy related to cloud computing threats and vulnerabilities is provided by extending threats proposed by Cloud Security Alliance, which can educate cloud users and guide cloud providers to strengthen or audit their security policies and practices. Finally, state-of-the-art countermeasures and solutions to safeguard the cloud against different threats are also provided.

Abstract The emergence of quantum computing threatens the security of traditional
cryptographic primitives underpinning anonymous communication protocols
like mix networks (mixnets), necessitating quantum-resistant alternatives. This
paper introduces QuMixnet, a mixnet protocol designed to withstand quantum
attacks while ensuring robust anonymity and privacy. QuMixnet employs
post-quantum cryptographic primitives, utilizing CRYSTALS-Dilithium for
digital signatures to guarantee authenticity and CRYSTALS-Kyber for key
encapsulation to secure message encryption with symmetric ciphers (e.g.,
AES-GCM). Operating on a peer-to-peer (P2P) architecture, every node can
serve as a sender, receiver, or mix node, enhancing anonymity by obscuring
participant roles. Sender-determined routing ensures that only the sender knows
the full message path, with onion routing layered encryption across nodes. To
counter traffic analysis, QuMixnet implements message padding to a fixed size,
dummy messages for traffic covering, and batch processing with shuffling. A
security model, evaluated through formal security games, confirms resilience
of QuMixnet against adversaries with quantum capabilities, achieving strong
sender and receiver anonymity, communication anonymity, confidentiality, and
integrity. QuMixnet advances anonymous communication by offering a scalable,
quantum-safe solution that fortifies privacy against evolving threats.

Abstract Least Significant Bit Matching (LSBM) is a simple steganography approach that has been detected under multiple attacks. Imperceptibility (i.e., maintenance of high perceptual image quality) and security are significant parameters in steganography. However, most conventional steganography techniques rely on single-objective optimization, which focuses on improving one parameter while often compromising others. This limitation underscores the need for approaches that balance conflicting objectives. To address this, the present study employs the Non-Dominated Sorting Genetic Algorithm II (NSGA-II) to optimize security and imperceptibility. This methodology includes a cover image division into blocks, each with two critical decisions: (1) seed determination for the pseudo-random number generator to simultaneously identify optimal pixels for data embedding and (2) selecting whether the pixel value should be increased or reduced upon a mismatch between the data bit and pixel LSB. Pixels with the highest data bit–LSB correspondence are optimal, and a pixel value change (increase or reduction) is to minimize block histogram variation. This multiobjective optimization is carried out using NSGA-II. It was comparatively revealed that the developed methodology remarkably improved image quality metrics and decreased detection accuracy at different embedding rates. At embedding rates of 0.3, 0.5, and 0.8 bpp, the Peak Signal-to-Noise Ratio (PSNR) was approximately 57.65, 55.55, and 52.75, respectively. This result represents a 1.5-2.5% improvement compared to conventional LSBM techniques. 

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against COLM, one of the winners of CAESAR, is presented to indicate its vulnerability. To validate this attack, COLM is implemented on the FPGA of the SAKURA-G board. A successful CPA attack with zero value power model is mounted by measuring and collecting 1,800 power traces. In addition, a protected hardware architecture for COLM is proposed to make this design secure against first-order CPA attacks, where a domain-oriented masking (DOM) scheme with two-input/output shares is used to protect it. To verify these countermeasures, we mount first and second-order CPA attacks and a non-specified t-test on the protected COLM.
Keywords: Authenticated Cipher, COLM, CPA, DOM, Masking.

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief

Abstract The advent of cloud computing in the healthcare system makes accuracy and speed increased, costs reduced, and health services widely used. However, system users are always seriously concerned about the security of outsourced data. The ciphertext-policy attribute-based encryption (CP-ABE) is a promising way to ensure the security of and facilitate access control over outsourced data. However, conventional CP-ABE schemes have security flaws such as lack of attribute privacy and resistance to the keywords guessing attacks as well as the disability to multi-keyword searches. To meet such shortcomings, we present a scheme supporting multi-keyword search and fine-grained access control, simultaneously. The proposed scheme is resistant to the offline keywords guessing attack. Privacy-preserving in the access structure is another feature of the proposed scheme. The security analysis indicates that our scheme is selectively secure in the standard model. Finally, the performance evaluation of the proposed scheme shows the efficiency is reasonable despite the added functionalities.

Abstract From the Editor-in-Chief

Abstract From the Editor-in-Chief