The Secure Sockets Layer (SSL) protocol and its successor , Transport Layer Security (TLS), have become the de facto means of providing strong cryptographic protection for network traffic. Their near universal integration with web browsers arguably makes them the most visible pieces of security infrastructure for average users. While vulnera-bilities are occasionally found in specific implement...

Security is a prerequisite of each device that provides physical access to anyone and logically expose communication network attacks. The Internet Things (IoT) must assure energy-saving provision due the unique characteristics IoT devices comprise cost-effective, low power, data delivery capacity. A Key-based Authentication scheme need without creating bottleneck for security in integration. so...

Abstract The key exchange mechanism in this paper is built utilizing neural network coordination and a hyperchaotic (or chaotic) nonlinear dynamic complex system. This approach used to send receive sensitive data between Internet-of-Things (IoT) nodes across public network. Using phishing, Man-In-The-Middle (MITM), or spoofing attacks, an attacker can easily target information during the proces...

The paper investigates cyber threats and potential solutions for protecting industrial control systems (ICS). On the side, different off-the-shelf offensive solutions, both hardware software, are analysed tested. goal of is to increase threat awareness by showing how such well known IT security...

We revisit narrow-pipe designs that are in practical use, and their security against preimage attacks. Our results are the best known preimage attacks on Tiger, MD4, and reduced SHA-2, with the result on Tiger being the first cryptanalytic shortcut attack on the full hash function. Our attacks runs in time 2 for finding preimages, and 2 for second-preimages. Both have memory requirement of orde...

We present Ack-storm DoS attacks, a new family of DoS attacks exploiting a subtle design flaw in the core TCP specifications. The attacks can be launched by a very weak MitM attacker, which can only eavesdrop occasionally and spoof packets (a Weakling in the Middle (WitM)). The attacks can reach theoretically unlimited amplification; we measured amplification of over 400,000 against popular web...

Simple Password Exponential Key Exchange (SPEKE) is a well-known Password Authenticated Key Exchange (PAKE) protocol that has been used in Blackberry phones for secure messaging and Entrust’s TruePass end-toend web products. It has also been included into international standards such as ISO/IEC 11770-4 and IEEE P1363.2. In this paper, we analyse the SPEKE protocol as specified in the ISO/IEC an...

Cloud Computing is gaining acceptance and increasing in popularity. Organizations often rely on Cloud resources to effectively replace their in house computer systems. In a Cloud environment an instance is typically accepted to be a virtual system resource established within that Cloud. Multiple instances can be contained a single node. The Cloud itself consists of multiple nodes. The Cloud str...