Enhancement of Security for Cloud Based IoT Using XHE Scheme

Authors

  • K. Sailaja Associate Professor, Department of Master of Computer Applications, Mother Teresa Institute of Computer Applications, Andhra Pradesh, India
  • M. Rohitha PG Student, Department of Electronics and Communication Engineering, Sri Padmavati Mahila Visva Vidyalayam, Andhra Pradesh, India

DOI:

https://doi.org/10.51983/ajcst-2019.8.3.2735

Keywords:

IoT, Cloud, Password Based Encryption, Extended Honey Encryption, Brute-Force Attacks

Abstract

Security is a million dollar issue for all computer systems. Every week there is news of another major breakin to a commercial or government system. Also it is well known that many governments are actively engaged in cyber-warfare, trying to break into the systems of other governments and other groups. The Internet of Things is increasingly changing into an omnipresent computing service, requiring vast volumes of knowledge storage and process. Unfortunately, due to the unique characteristics of resource constraints, selforganization and short range communication in IoT, it always resorts to the cloud for outsourced storage and computation. Security is one of the major challenges faced by cloud based IoT. The standard file protection technique relies on password based encryption schemes and they are vulnerable to brute force attacks. The reason is that, for a wrongly guessed key,
the decryption process yields an invalid-looking plaintext message, confirming the invalidity of the key, while for the
correct key it outputs a valid-looking plaintext message, confirming the correctness of the guessed key. Honey
encryption helps to minimise this vulnerability. Hence, this paper proposed an extended Honey Encryption (XHE) scheme for enhancing the security of the cloud based IoT.

References

Mohammad Abdur Razzaque, Marija Milojevic-Jevric, Andrei Palade, and Siobhán Clarke, "Middleware for Internet of Things," IEEE Internet of Things Journal, vol. 3, no. 1, pp. 70 - 95, 2016.

W. Diffie and M.E. Hellman, "New Directions in Cryptography," IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644 - 654, IEEE Press, New Jersey, 1976.

G. Irazoqui, M.S. Inci, T. Eisenbarth, and B. Sunar, "Wait a Minute! A Fast, Cross-VM Attacks on AES," LNCS, Springer, Switzerland, vol. 8688, pp. 299-319, 2014.

Y. Wei, J. Lu, and Y. Hu, "Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits. LNCS," Springer, Heidelberg, vol. 6672, pp. 222-232, 2011.

A. Nitaj, M.R.K. Ariffin, D.I. Nassar, H.M. Bahig, "New Attacks on the RSA Cryptosystem. LNCS, Progress in Cryptology – AFRICACRYPT," LNCS, Springer, Switzerland, vol. 8469, pp. 178-198, 2014.

Y. Lu, L. Peng, S. Sarkar, "Cryptanalysis of an RSA variant with Moduli N = prq," In: 9th International Workshop on Coding and Cryptography 2015 WCC2015, Apr 2015, Paris, France. 2016.

S.F. Tan and A. Samsudin, "Enhanced Security for Public Cloud Storage with Honey Encryption," Advanced Science Letters. Accepted Manuscript.

A. Juels and T. Ristenpart, "Honey Encryption: Security beyond the Brute-Force Bound," Advances in Cryptology—Eurocrypt 2014, LNCS 8441, Springer, pp. 293–310, 2014.

H. Jo and J. Won, "A new countermeasure against brute-force attacks that use high-performance computers for big data analysis," Hindawi Publishing Corporation, International Journal of Distributed Sensor Networks, pp. 7, 2015. [Online] Available at: http://dx.doi.org/10.1155/2015/406915.

R. Chatterjee, J. Bonneau, A. Juels, and T. Ristenpart, "Cracking Resistant Password Vaults using Natural Language Encoders," Proceedings – IEEE Symposium on Security and Privacy, no. 7163043, pp. 481-498, July 2015.

Z. Huang, E. Ayday, J. Fellay, J. Hubaux, and A. Juels, "Genoguard: Protecting genomic data against brute-force attacks," IEEE Symposium on Security and Privacy, pp. 447-462, 2015. DOI 10.1109/SP.2015.34.

J. Jaeger, T. Ristenpart, and Q. Tang, "Honey encryption beyond message recovery security," International Association for Cryptologic Research, Fischlin and J.-S.Coron (Eds.): EUROCRYPT 2016, Part I, LNCS 9665, pp. 758–788, 2016. DOI: 10.1007/978-3-662-49890-3_29.

J. Kim and J. Won, "Honey chatting: A novel instant messaging system robust to eavesdropping over communication," IEEE In Acoustics, Speech and Signal Processing (ICASSP), pp. 2184-2188, 2016.

J.W. Yoon, H.S. Kim, H.J. Jo, H.L. Lee, and K.S. Lee, "Visual honey encryption: Application to steganography," in Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security, New York, NY, USA, 2015, IH & MM Sec ’15, pp. 65–74, ACM.

N. Tyagi, J. Wang, K. Wen, and D. Zuo, "Honey Encryption Applications. 6.857 Computer and Network Security," Massachusetts Institute of Technology. [Online] Available at: http://www.mit.edu/~ntyagi/papers/honey-encryption-cc.pdf, 2015

M. Golla, B. Beuscher, and M. Durmuth, "On the security of cracking resistant password vaults," Proceedings of the ACM Conference on Computer and Communications Security, vol. 24, no. 28, pp. 1230-1241, Oct. 2016.

R. Chatterjee, A. Athalye, D. Akhawe, A. Juels, and T. Ristenpart, "Password typos and how to correct them securely," In Security and Privacy (SP), 2016 IEEE Symposium, pp. 799–818, 2016.

H. Choi, H. Nam, and J. Hur, "Password Typos Resilience in Honey Encryption," IEEE Symposium. The 31st International Conference on Information Networking (ICOIN 2017), pp. 593-597, 2017.

Downloads

Published

12-09-2019

How to Cite

Sailaja, K., & Rohitha, M. (2019). Enhancement of Security for Cloud Based IoT Using XHE Scheme. Asian Journal of Computer Science and Technology, 8(3), 19–22. https://doi.org/10.51983/ajcst-2019.8.3.2735

Issue

Vol. 8 No. 3 (2019): July-December 2019

Section

Articles

License

Copyright (c) 2019 The Research Publication

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.