Related papers: SoK: Why Johnny Can't Fix PGP Standardization
Internet of Things (IoT) have gained popularity in recent times. With an increase in the number of IoT devices, security and privacy vulnerabilities are also increasing. For sensitive domains like healthcare and industrial sectors, such…
The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key…
We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated key exchange (PAKE). This not…
We propose the use of PAKE for achieving and enhancing entity authentication (EA) and key management (KM) in the context of decentralized end-to-end encrypted email and secure messaging, i.e., where neither a public key infrastructure nor…
This paper concerns the problem of the absence of ingress filtering at the network edge, one of the main causes of important network security issues. Numerous network operators do not deploy the best current practice - Source Address…
The use of software applications is inevitable as they provide different services to users. The software applications collect, store users' data, and sometimes share with the third party, even without the user consent. One can argue that…
The Precision Time Protocol (PTP) aims to provide highly accurate and synchronised clocks. Its defining standard, IEEE 1588, has a security section ("Annex K") which relies on symmetric-key secrecy. In this paper we present a detailed…
Ensuring user privacy remains a critical concern within mobile cellular networks, particularly given the proliferation of interconnected devices and services. In fact, a lot of user privacy issues have been raised in 2G, 3G, 4G/LTE…
Data security, which is concerned with the prevention of unauthorized access to computers, databases, and websites, helps protect digital privacy and ensure data integrity. It is extremely difficult, however, to make security watertight,…
Authcoin is an alternative approach to the commonly used public key infrastructures such as central authorities and the PGP web of trust. It combines a challenge response-based validation and authentication process for domains,…
AES, Advanced Encryption Standard, can be considered the most widely used modern symmetric key encryption standard. To encrypt/decrypt a file using the AES algorithm, the file must undergo a set of complex computational steps. Therefore a…
A cryptographic protocol (CP) is a distributed algorithm designed to provide a secure communication in an insecure environment. CPs are used, for example, in electronic payments, electronic voting procedures, database access systems, etc.…
Data privacy is critical in instilling trust and empowering the societal pacts of modern technology-driven democracies. Unfortunately, it is under continuous attack by overreaching or outright oppressive governments, including some of the…
Cryptography has been widely accepted for security and partly for privacy control as discovered from past works. However, many of these works did not provide a way to manage cryptographic keys effectively especially in EHR applications, as…
Public key infrastructure (PKI) is a certificate-based technology that helps in authenticating systems identities. HTTPS/TLS relies mainly on PKI to minimize fraud over the Internet. Nowadays, websites utilize CDNs to improve user…
The General Data Protection Regulation (GDPR) has become a touchstone model for modern privacy law, in part because it empowers consumers with unprecedented control over the use of their personal information. However, this same power may be…
The increasing adoption of differential privacy (DP) leads to public-facing DP deployments by both government agencies and companies. However, real-world DP deployments often do not fully disclose their privacy guarantees, which vary…
Privacy amplification is a necessary step in all quantum key distribution protocols, and error correction is needed in each except when signals of many photons are used in the key communication in quantum noise approach. No security…
Encryption is crucial for securing sensitive data during transmission over networks. Various encryption techniques exist, such as AES, DES, and RC4, with AES being the most renowned algorithm. We proposed methodology that enables users to…
Messaging between two parties and in the group setting has enjoyed widespread attention both in practice, and, more recently, from the cryptographic community. One of the main challenges in the area is constructing secure (end-to-end…