Message Verification Research Articles

Enhancing the Vehicular Public Key Infrastructure to Develop Privacy-Preserving Authentication Scheme for Vanet by Using PCM and MSS Scheme

This article proposes a security-based authentication as well as efficient certificate management approach for VANET to detect fraudulent nodes with better precision, less latency and overhead. The primary purpose of the developed system is to establish effectual and heftiness of VANET security that lead to the stability of overall network. VANETs are composed of vehicles and Road Side Units (RSUs) assisting with network management and the vehicles connect with one another and RSUs to furnish roadside information and safety solutions. Security is an essential factor in VANETs because the confidentiality of humans (passengers) is paramount; hence, Vehicular Public Key Infrastructure (VPKI) is utilised to offer authentication and safety services in VANETs. The developed structure provides an encrypted VANET transmission infrastructure by utilising the concepts of Merkle Signature Scheme (MSS) and Pseudo-code Certificate Management (PCM) to minimise overhead for communication and latency while ensuring entity authenticity. Messages are authenticated by sender, encoded with a vehicular public key distributed by a PCM-MSS and decrypted by the destination, resulting in every transmission including a certification from a reliable authority. During that verification, the transmitter and receiver of message’s authentication and validation is accomplished. Simulation findings show that the proposed approach improves the reliability of identifying hostile nodes and PDR while reducing authentication delays and overhead.

Topic maintenance in non-fluent aphasia conversation

Background: Studies on communication partner training programs for persons with aphasia reveal improvements in the conversation partners’ communication skills. This article explores the strategies for topic maintenance developed by the conversational partners of three people with non-fluent aphasia before and after an intervention on conversational strategies. Method: We used conversation analysis to examine video-recorded samples of everyday conversations (pre- and post-treatment and follow-up) between three couples. The assessment for topic management was performed with Conversation Analysis Profile for People with Aphasia (CAPPA). The intervention was conducted over a period of five weeks. The partners were trained to use strategies for better topic maintenance (multiple-choice, multimodality, and message verification). At six weeks post-therapy, a third recording was made. Results: After the intervention, changes in topic maintenance were observed. The use of strategies is related to the pre-existing context and the presence of visual support. Discussion/Conclusion: Individuals with non-fluent aphasia and their conversation partners engage in multimodal conversations and benefit from the use of strategies to overcome barriers to understanding, leading them to maintain a conversational topic.

DTR-SHIELD: Mutual Synchronization for Protecting against DoS Attacks on the SHIELD Protocol with AES-CTR Mode.

To enhance security in the semiconductor industry's globalized production, the Defense Advanced Research Projects Agency (DARPA) proposed an authentication protocol under the Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program. This protocol integrates a secure hardware root-of-trust, known as a dielet, into integrated circuits (ICs). The SHIELD protocol, combined with the Advanced Encryption Standard (AES) in counter mode, named CTR-SHIELD, targets try-and-check attacks. However, CTR-SHIELD is vulnerable to desynchronization attacks on its counter blocks. To counteract this, we introduce the DTR-SHIELD protocol, where DTR stands for double counters. DTR-SHIELD addresses the desynchronization issue by altering the counter incrementation process, which previously solely relied on truncated serial IDs. Our protocol adds a new AES encryption step and requires the dielet to transmit an additional 100 bits, ensuring more robust security through active server involvement and message verification.

Syrga2: Post-Quantum Hash-Based Signature Scheme

This paper proposes a new post-quantum signature scheme, Syrga2, based on hash functions. As known, existing post-quantum algorithms are classified based on their structures. The proposed Syrga2 scheme belongs to the class of multi-use signatures with state retention. A distinctive feature of state-retaining signatures is achieving a compromise between performance and signature size. This scheme enables the creation of a secure signature for r messages using a single pair of secret and public keys. The strength of signature algorithms based on hash functions depends on the properties of the hash function used in their structure. Additionally, for such algorithms, it is possible to specify the security level precisely. In the proposed scheme, the HBC-256 algorithm developed at the Institute of Information and Computational Technologies (IICT) is used as the hash function. The security of the HBC-256 algorithm has been thoroughly studied in other works by the authors. In contrast to the Syrga1 scheme presented in previous works by the authors, the Syrga2 scheme provides for the definition of different security levels determined by the parameter τ. This paper experimentally demonstrates the impossibility of breaking the proposed scheme using a chosen-plaintext attack. Additionally, the scheme’s performance is evaluated for signature creation, signing, and message verification.

Risk Analysis Research on SMS Verification Code and Biometric Recognition Technology

This paper delves into the ongoing transformation in the domain of digital identity security. It specifically focuses on the paradigm shift from traditional methods of authentication, such as passwords and text message verification codes, towards the use of biometric recognition technology. By scrutinizing the inherent weaknesses linked with the utilization of text message verification codes, the paper underlines the demand for more trustworthy and secure solutions for authentication. Following this, biometric authentication is thoroughly examined, with a highlight on its unique features, the convenience it provides to users, and its capacity for ongoing verification. The discussion extends to practical applications of biometrics in a variety of sectors, including healthcare and high-security workplaces, as well as in situations where employing text message verification is unsuitable. A focal point of the discussion is multi-modal biometric authentication. While acknowledging the potential hurdles and future possibilities tied to the adoption of biometric technology, the paper offers an objective perspective. The overall intent of this research is to furnish insights that will enable informed decision-making regarding the deployment and improvement of digital identity verification methods across a wide range of industries.

A message verification scheme based on physical layer-enabled data hiding for flying ad hoc network

The use of Unmanned Aerial Vehicles (UAVs) for military as well as civilian applications such as search and rescue operations, disaster management, parcel delivery and agriculture, is becoming increasingly popular, mainly due to their versatile nature and relatively inexpensive operating costs. However, one of the most significant barriers in the widespread adoption of UAVs for the aforementioned applications is the increasing concern for wireless communication security within the network. Unfortunately, the nodes that comprise these networks are extremely constrained in terms of storage space, processing power and battery life, which require light-weight security protocols that align with these limitations. The current standards for message authentication and verification predominantly rely on lightweight cryptographic techniques. However, there is continual scope for improvement, particularly in the realm of computational efficiency, to better align with the constraints inherent to UAVs. This paper explores data hiding in a multi-UAV environment, to form a light-weight message verification scheme to confirm the identity of the transmitting node. First, five venues having the potential to hide data are analyzed. Based on the analysis of bit error rate obtained from the simulated multi-UAV environment, both cyclic prefix and padding bits are selected. Next, a codeword is generated for each transmission and it is embedded along with the unique ID key, κ\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\\kappa $$\\end{document} of the transmitting node into each venue respectively, and the output is transmitted as Hello packets. Subsequently, the receiving node extracts and decodes the codeword in order to verify the authenticity of the transmitting node. An evaluation of the proposed scheme has been conducted by using a simulated UAV environment. In the best case scenario, the proposed authentication scheme can achieve a successful verification rate of at least 80% at a maximum hop-count of 10 hops. Through computational cost analysis, in comparison to the conventional methods, the proposed scheme was found to have a significantly lower total execution time of 1.7μs\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$1.7\\mu s$$\\end{document}. In addition, the security analysis shows that when the proposed scheme is paired with physical unclonable functions (PUFs), it is able to resist common security attacks, including man-in-the-middle, replay and cloning attacks.

Enhancing Consensus Security and Privacy with Multichain Ring Signatures Based on HotStuff

The paper introduces a novel consensus algorithm named MRPBFT, which is derived from the HotStuff consensus protocol and improved upon to address security deficiencies in traditional consensus algorithms within the domain of digital asset transactions. MRPBFT aims to enhance security and privacy protection while pursuing higher consensus efficiency. It employs a multi-primary-node approach and a ring signature mechanism to reinforce security and privacy preservation features in the consensus system. This algorithm primarily focuses on two main improvements: Firstly, it proposes the ed25519LRS signature algorithm and discusses its anonymity for transaction participants and the non-forgeability of signature information in the identity verification and message verification processes within the consensus algorithm. Secondly, the paper introduces MPBFT asynchronous view changes and a multi-primary-node mechanism to enhance consensus efficiency, allowing for view switching in the absence of global consensus. With the introduction of the multi-primary-node mechanism, nodes can be flexibly added or removed, supporting parallel processing of multiple proposals and transactions. Finally, through comparative experiments, the paper demonstrates that the improved algorithm performs significantly better in terms of throughput and network latency.

Towards load balancing in IoV system: A vehicle-assisted batch verification scheme

The Internet of Vehicles (IoV) can improve the efficiency of transportation systems while enhancing the passenger travel experience. However, due to the open wireless communication environment of the IoV, the transmission of data faces the threats of eavesdropping, forging and tampering. Fortunately, the concept of Vehicle-assisted Message Verification Schemes (VMS) are proposed which not only ensures the integrity and authenticity of message but also alleviates the burden of original verification nodes such as Roadside Units (RSUs). Nevertheless, since the individual rationality of vehicles, not all vehicles are willing to participate the message verification tasks. Besides, there may be an overlap in sensory ranges of vehicles that results in redundant verification data. Such two challenges greatly hinder the development of the VMS. Therefore, we present LBABV, a vehicle-assisted batch verification scheme towards load balancing in the IoV system. Firstly, we propose a novel batch verification scheme to enhance the efficiency of messages verification. Then, based on the proposed batch verification scheme, an assisted nodes selection algorithm with incentive mechanism is designed to select a suitable set of vehicles for parallel verification. In this way, the problems of redundant verification as well as individual rationality are elegantly addressed. Theoretical analysis demonstrates the security of our proposal. In the meanwhile, the simulation results show that the system total delay of our LBABV is reduced by 75% compared to batch verification and 81% compared to individual verification, respectively.

Partial message verification in fog-based industrial Internet of things

Due to the emergence of fog computing, the computational resources can be deployed close to the data source and conduct data-driven tasks. A typical scenario is integrity assurance in Industrial Internet of Things (IIoT). However, since the devices in IIoT scenario have low computation capability, they cannot verify the integrity of all incoming messages using traditional message authentication code (MAC), especially when the messages are in large volume and high frequency. In this paper, we propose a novel MAC scheme, namely, Partial Verification Message Authentication Code (PV-MAC), to partially offload the verification tasks to a device with more processing power, (e.g., a fog node). Moreover, the fog node can transparently choose parts of contents in the message for verification on behalf of the device that uses these data. Afterward, the user device can verify the integrity of the rest contents. The theoretical analysis and the experimental results show that our proposed schemes can achieve high efficiency and dynamic workload balancing while retaining a rigorous security guarantee.

Faster verification of V2X basic safety messages via Message Chaining

Vehicular-to-Everything (V2X) communications enable vehicles to exchange messages with other entities, including nearby vehicles and pedestrians. V2X is, thus, essential for establishing an Intelligent Transportation System (ITS), where vehicles use information from their surroundings to reduce traffic congestion and improve safety. To avoid abuse, V2X messages should be digitally signed using valid digital certificates. Messages sent by unauthorized entities can then be discarded, while misbehavior can lead to the revocation of the corresponding certificates. One challenge in this scenario is that messages must be verified shortly after arrival (e.g., within centiseconds), whereas vehicles may receive thousands of them per second. To handle this issue, some solutions propose prioritization or delayed-verification mechanisms, while others involve signature schemes that support batch verification. In this manuscript, we discuss two mechanisms, one based on Message Authentication Codes, and one based on hash chaining, that complement such proposals, enabling the authentication of a sequence of messages from the same source with one single signature verification. Our analysis shows that the technique can reduce the number of verified signatures and computational costs by around 90% for reliable communication channels, and by more than 65% for a maximum packet loss rate of 20%.

App-based detection of vulnerable implementations of OTP SMS APIs in the banking sector

AbstractTwo Factor Authentication (2FA) using One Time Password (OTP) codes via SMS messages is widely used. In order to improve user experience, Google has proposed APIs that allow the automatic verification of the SMS messages without the intervention of the users themselves. They reduce the risks of user error, but they also have vulnerabilities. One of these APIs is the SMS Retriever API for Android devices. This article presents a method to study the vulnerabilities of these OTP exchange APIs in a given sector. The most popular API in the sector is selected, and different scenarios of interaction between mobile apps and SMS OTP servers are posed to determine which implementations are vulnerable. The proposed methodology, applied here to the banking sector, is nevertheless simple enough to be applied to any other sector, or to other SMS OTP APIs. One of its advantages is that it proposes a method for detecting bad implementations on the server side, based on analyses of the apps, which boosts reusability and replicability, while offering a guide to developers to prevent errors that cause vulnerabilities. Our study focuses on Spain’s banking sector, in which the SMS Retriever API is the most popular. The results suggest that there are vulnerable implementations which would allow cybercriminals to steal the users SMS OTP codes. This suggests that a revision of the equilibrium between ease of use and security would apply in order to maintain the high level of security which has traditionally characterized this sector.

BDRA: Blockchain and Decentralized Identifiers Assisted Secure Registration and Authentication for VANETs

In vehicular ad-hoc networks (VANETs), road safety and road traffic efficiency can be improved through message interaction between vehicle users, which inevitably relies on secure identity authentication and message credibility verification. Existing authentication and message verification mechanisms are prone to severe single points of failure and low authentication efficiency due to their reliance on the trusted third party, especially during the user registration phase. This paper proposes a double-layer blockchain and decentralized identifiers assisted secure registration and authentication (BDRA) mechanism for decentralized VANETs, which can achieve the following advantages: 1) realizing a secure and decentralized user registration phase by using decentralized identifier (DID) technology; 2) accomplishing efficient authentication and message verification by combining double-layer blockchain, DIDs and a reputation feedback strategy; 3) enabling a more efficient cross-section re-registration that reduces the communication time by 30%. The security features and efficiency of the BDRA mechanism are demonstrated by carrying out security analysis and performance evaluation, which is based on the Hyperledger Fabric platform.

A quantum trust and consultative transaction-based blockchain cybersecurity model for healthcare systems

Many researchers have been interested in healthcare cybersecurity for a long time since it can improve the security of patient and health record data. As a result, a lot of research is done in the field of cybersecurity that focuses on the safe exchange of health data between patients and the medical setting. It still has issues with high computational complexity, increased time consumption, and cost complexity, all of which have an impact on the effectiveness and performance of the complete security system. Hence this work proposes a technique called Consultative Transaction Key Generation and Management (CTKGM) to enable secure data sharing in healthcare systems. It generates a unique key pair based on random values with multiplicative operations and time stamps. The patient data is then safely stored in discrete blocks of hash values using the blockchain methodology. The Quantum Trust Reconciliation Agreement Model (QTRAM), which calculates the trust score based on the feedback data, ensures reliable and secure data transfer. By allowing safe communication between patients and the healthcare system based on feedback analysis and trust value, the proposed framework makes a novel contribution to the field. Additionally, during communication, the Tuna Swarm Optimization (TSO) method is employed to validate nonce verification messages. Nonce message verification is a part of QTRAM that helps verify the users during transmission. The effectiveness of the suggested scheme has been demonstrated by comparing the obtained findings with other current state-of-the-art models after a variety of evaluation metrics have been analyzed to test the performance of this security model.

A Novel Identity-Based Privacy-Preserving Anonymous Authentication Scheme for Vehicle-to-Vehicle Communication

This paper proposes a novel bilinear pairing-free identity-based privacy-preserving anonymous authentication scheme for vehicle-to-vehicle (V2V) communication, called “NIBPA”. Today, vehicular ad hoc networks (VANETs) offer important solutions for traffic safety and efficiency. However, VANETs are vulnerable to cyberattacks due to their use of wireless communication. Therefore, authentication schemes are used to solve security and privacy issues in VANETs. The NIBPA satisfies the security and privacy requirements and is robust to cyberattacks. It is also a pairing-free elliptic curve cryptography (ECC)-based lightweight authentication scheme. The bilinear pairing operation and the map-to-point hash function in cryptography have not been used because of their high computational costs. Moreover, it provides batch message verification to improve VANETs performance. The NIBPA is compared to existing schemes in terms of computational cost and communication cost. It is also a test for security in the random oracle model (ROM). As a result of security and performance analysis, NIBPA gives better results compared to existing schemes.

DPB-MA: Low-Latency Message Authentication Scheme Based on Distributed Verification and Priority in Vehicular Ad Hoc Network

Vehicular ad hoc networks (VANETs) serve as crucial means to ensure safe transportation systems and enhance driving convenience. Ensuring authentication between vehicles and units is the most essential line of defense for VANETs systems. Various schemes of message authentication are put forward to realize safe communication in VANETs. However, these schemes mainly pay attention to privacy and security issues, and are not fit for high-density traffic environments where many messages should be verified by a roadside unit (RSU). At present, achieving the low-latency authentication under the security and privacy of messages remains a critical requirement and challenge. For addressing this problem, this study puts forward a novel low-latency message authentication scheme based on the distributed authentication and message priority (DPB-MA), which can minimize message verification latency through cooperation between the RSU and cooperative vehicles (CVs). In addition, a message priority strategy has been designed to ensure that urgent messages are preferentially verified. According to the security proof with tight reduction, the DPB-MA is existentially unforgeable against adaptive chosen message attack (EU-CMA) in the random oracle model (ROM). Furthermore, our DPB-MA achieves full message aggregation, which also greatly optimizes the communication overhead and authentication efficiency. Performance analysis indicates that our scheme works well in high-density traffic scenarios and is more suitable for securing emergency messages with ultra-low latency requirements.

An Anonymous and Revocable Authentication Protocol for Vehicle-to-Vehicle Communications

In the vehicular ad hoc network (VANET), the communication between the vehicle and other nodes is performed in an open channel, which puts forward the requirements for its privacy security and message integrity. Most previous protocols either frequently verify identities before accepting traffic information or do not involve identity revocation mechanisms, and they may assume that third parties are fully trusted. To further solve the above problem, a certificateless-based anonymous and revocable authentication protocol for vehicle-to-vehicle communications is proposed in this article. Our construction separates the identity authentication process from the traffic message verification, which not only avoids the disadvantage of a frequent identity revocation list (IRL) checking but also reduces the overhead in communication and message authentication. These features can make “identity authentication once, broadcast efficiency” really happen. In addition, since our authentication process is based on certificateless signature, it can resist malicious key generation centers (KGCs) and road-side units (RSUs), which is very necessary for privacy-sensitive application scenarios. Finally, the performance analyses show that our proposal is superior to the existing schemes in terms of authentication speed and communication overhead.

PCAS: Cryptanalysis and improvement of pairing-free certificateless aggregate signature scheme with conditional privacy-preserving for VANETs

Certificateless aggregate signature (CLAS) is an effective approach for the multiple authentications in multi-users and multi-information environments like the vehicular ad hoc networks (VANETs), which can address the certificate management issue in the traditional public key cryptography (PKC) and solve the key escrow problem in identity-based cryptography (IBC). In recent years, a new CLAS mechanism (LICLAS) is presented for the authentication of sensors in healthcare wireless medical sensor networks (HWMSNs). In this paper, we make an analysis and prove that LICLAS is not able to against forgery attacks. Thus, we present an improved CLAS scheme (PCAS) for vehicle authentication in VANETs, which satisfies the privacy and security requirements. PCAS constructs the signature algorithm based on Elliptic Curve Cryptography (ECC) to avoid bilinear pairing and Map-to-Hash function operations. In order to further improve security and efficiency of PCAS, the vehicle key generation and signature algorithm is revised. The pseudonym mechanism is also adopted to achieve conditional privacy preservation. Besides, PCAS allows to execute a batch verification of messages, where RSUs may verify the aggregated signatures from vehicles to reduce time overhead. Under the assumption that the elliptic curve discrete logarithm problem (ECDLP) is hard, PCAS is proved to be existentially unforgeable against adaptive chosen message attacks in the random oracle model. Through the performance analysis, under the same time complexity, PCAS is shown to more effective. Compared with LICLAS, for a single message and 2000 messages, the transmission overhead of PCAS is reduced by 25% and 25% respectively, and the computation overhead is reduced by 16.56% and 25.34% respectively.

PSEEMV: Provably secure and efficient emergency message verification scheme based on ECC and CRT for Space Information Network

With the rapid development of satellite computing and communication capabilities, Space Information Network (SIN) makes it possible for users to obtain subscription services anywhere and anytime. Especially for environmental monitoring, emergency rescue and disaster warning in remote areas, the deployed device cannot rely on traditional ground networks but can only transmit data and delay-sensitive emergency messages through satellite nodes of SIN. However, because of the openness of the satellite-to-ground link, it is vulnerable to various forms of attacks, which poses threats to data, emergency messages and user privacy. Existing mutual authentication schemes are not suitable for the transmission and verification of time-sensitive emergency messages due to high delay and computational overhead. Therefore, in this paper, we propose a provably secure and efficient emergency message verification scheme based on ECC and CRT, namely the PSEEMV scheme. The PSEEMV scheme not only uses the conditional privacy-preserving pseudo-identity to ensure privacy and accountability, but also supports confidential transmission and batch verification of emergency messages. Security proof and analysis prove that the PSEEMV scheme can resist forgery signature attacks based on the random oracle model, and meet the security and privacy requirements. Furthermore, performance analysis and comparison shows that the PSEEMV scheme has higher security, lower signaling, computational and communication overhead, and is more suitable for the transmission and verification of emergency message in the resource-constrained SIN.

Policy and performance in Uganda's seed sector: Opportunities and challenges

SummaryMotivationEfforts to increase smallholder access to improved varieties and quality seed is often central to agricultural development, economic growth, and poverty reduction in low‐income countries. Yet many governments and development partners grow impatient with slow progress in their seed sectors. Uganda stands out for its recent policy innovations, regulatory reforms, and market experiments for seed, and for the extensive analysis of its experience.PurposeThis article reviews the changing landscape of Uganda's seed system and assesses recent policy, regulatory, and institutional changes.Methods and approachWe draw on a wide range of documents, studies, and statistics.FindingsThe low uptake of improved varieties and quality seed in Uganda has encouraged innovation to overcome failures in the country's seed market. These innovations include regulatory changes to allow the production of quality declared seed (QDS) by smallholder seed producers; labelling to allow text message verification of seed; and crowd‐sourcing information on seed quality by farmers. All have promise, but it remains to be seen just how effective they will be. In the meantime, vested interests may resist moves to a more innovative seed sector, instead preferring to maintain the incumbent approach designed to use seed to secure political support from smallholders. This is at variance with the spirit of the 2018 legislation and subsequent regulatory reforms.Policy implicationsUganda has a policy framework that could make a real difference to farmer access to better varieties and seed. Market innovations can help the vision to become reality. But the seed sector needs sufficient public investment to generate new varieties and foundation seed, and capacity to manage the seed market to the benefit of producers, dealers and farmers.Having come so far, it would be counter‐productive for political economy factors to displace the efforts of private provision which is far more sustainable in the medium and long run.

ZSS Signature-Based Audit Message Verification Process for Cloud Data Integrity

ZSS Signature-Based Audit Message Verification Process for Cloud Data Integrity