entropy-logo

Journal Browser

Journal Browser

Entropy-Based Applied Cryptography and Enhanced Security for Future IT Environments

A topical collection in Entropy (ISSN 1099-4300). This collection belongs to the section "Multidisciplinary Applications".

Viewed by 58627

Editor


E-Mail Website
Collection Editor
Group of Analysis, Security and Systems (GASS), Universidad Complutense de Madrid (UCM), 28040 Madrid, Spain
Interests: artificial intelligence; big data; computer networks; computer security; information theory; IoT; multimedia forensics
Special Issues, Collections and Topics in MDPI journals

Topical Collection Information

Dear Colleagues,

Entropy is a basic and important concept in the information theory by Claude E. Shannon. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing, cloud computing, big data, and Internet of Things (IoT) have rapidly emerged as an exciting new paradigm. Together with these trends, applied cryptography and security have become a rising big issue for providing secure and trust computing in the next generation information technology (IT) and communications. A detailed discussion of these issues would include applied cryptography and security concerns that cover amongst others, confidentiality, integrity, and availability (including various application areas). In particular, these topics will comprehensively focus on the important aspects of entropy-based applied cryptography and enhanced security for Future IT environments (FIT).

Specific topics of interest include (but are not limited to):

  • Entropy-based Applied Cryptographic aspects for FIT
  • Entropy-based Hash Functions for FIT
  • Mathematical and Algorithmic Foundations of Applied Cryptography for FIT
  • Cryptography algorithms in personal devices for FIT
  • Advanced design and analysis of cryptographic algorithms for FIT
  • Public key cryptosystems for FIT
  • Authentication and access control for FIT
  • Privacy protection and trust computing for FIT
  • Entropy-based network security issues for FIT
  • Information hiding and digital forensics for FIT
  • Security service-centric issues for FIT-IoT, Converged IT, V2X
  • Security issues in cloud computing, social networks, big-data
  • Security issues in human-centric computing

This collection aims to provide advanced theories and applications; researchers should contribute original research and review articles that present state-of-the-art research outcomes, practical results in entropy-based applied cryptographic models, and enhanced security system for FIT.

Prof. Dr. Luis Javier Garcia Villalba
Collection Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the collection website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Entropy is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • applied cryptography
  • ubiquitous computing security
  • cryptography algorithms
  • public key cryptosystems
  • authentication
  • access control
  • privacy protection
  • trust computing
  • entropy based network security
  • information hiding
  • digital forensics

Published Papers (10 papers)

2022

Jump to: 2021, 2020, 2019, 2017, 2016

15 pages, 5152 KiB  
Article
FASSVid: Fast and Accurate Semantic Segmentation for Video Sequences
by Jose Portillo-Portillo, Gabriel Sanchez-Perez, Linda K. Toscano-Medina, Aldo Hernandez-Suarez, Jesus Olivares-Mercado, Hector Perez-Meana, Pablo Velarde-Alvarado, Ana Lucila Sandoval Orozco and Luis Javier García Villalba
Entropy 2022, 24(7), 942; https://doi.org/10.3390/e24070942 - 7 Jul 2022
Cited by 1 | Viewed by 2727
Abstract
Most of the methods for real-time semantic segmentation do not take into account temporal information when working with video sequences. This is counter-intuitive in real-world scenarios where the main application of such methods is, precisely, being able to process frame sequences as quickly [...] Read more.
Most of the methods for real-time semantic segmentation do not take into account temporal information when working with video sequences. This is counter-intuitive in real-world scenarios where the main application of such methods is, precisely, being able to process frame sequences as quickly and accurately as possible. In this paper, we address this problem by exploiting the temporal information provided by previous frames of the video stream. Our method leverages a previous input frame as well as the previous output of the network to enhance the prediction accuracy of the current input frame. We develop a module that obtains feature maps rich in change information. Additionally, we incorporate the previous output of the network into all the decoder stages as a way of increasing the attention given to relevant features. Finally, to properly train and evaluate our methods, we introduce CityscapesVid, a dataset specifically designed to benchmark semantic video segmentation networks. Our proposed network, entitled FASSVid improves the mIoU accuracy performance over a standard non-sequential baseline model. Moreover, FASSVid obtains state-of-the-art inference speed and competitive mIoU results compared to other state-of-the-art lightweight networks, with significantly lower number of computations. Specifically, we obtain 71% of mIoU in our CityscapesVid dataset, running at 114.9 FPS on a single NVIDIA GTX 1080Ti and 31 FPS on the NVIDIA Jetson Nano embedded board with images of size 1024×2048 and 512×1024, respectively. Full article
Show Figures

Figure 1

16 pages, 1046 KiB  
Article
Critical Analysis of Hypothesis Tests in Federal Information Processing Standard (140-2)
by Elena Almaraz Luengo, Marcos Brian Leiva Cerna, Luis Javier García Villalba, Julio Hernandez-Castro and Darren Hurley-Smith
Entropy 2022, 24(5), 613; https://doi.org/10.3390/e24050613 - 27 Apr 2022
Cited by 3 | Viewed by 1803
Abstract
This work presents an analysis of the existing dependencies between the tests of the FIPS 140-2 battery. Two main analytical approaches are utilized, the first being a study of correlations through the Pearson’s correlation coefficient that detects linear dependencies, and the second one [...] Read more.
This work presents an analysis of the existing dependencies between the tests of the FIPS 140-2 battery. Two main analytical approaches are utilized, the first being a study of correlations through the Pearson’s correlation coefficient that detects linear dependencies, and the second one being a novel application of the mutual information measure that allows detecting possible non-linear relationships. In order to carry out this study, the FIPS 140-2 battery is reimplemented to allow the user to obtain p-values and statistics that are essential for more rigorous end-user analysis of random number generators (RNG). Full article
Show Figures

Figure 1

17 pages, 747 KiB  
Article
Towards Secure Big Data Analysis via Fully Homomorphic Encryption Algorithms
by Rafik Hamza, Alzubair Hassan, Awad Ali, Mohammed Bakri Bashir, Samar M. Alqhtani, Tawfeeg Mohmmed Tawfeeg and Adil Yousif
Entropy 2022, 24(4), 519; https://doi.org/10.3390/e24040519 - 6 Apr 2022
Cited by 28 | Viewed by 5784
Abstract
Privacy-preserving techniques allow private information to be used without compromising privacy. Most encryption algorithms, such as the Advanced Encryption Standard (AES) algorithm, cannot perform computational operations on encrypted data without first applying the decryption process. Homomorphic encryption algorithms provide innovative solutions to support [...] Read more.
Privacy-preserving techniques allow private information to be used without compromising privacy. Most encryption algorithms, such as the Advanced Encryption Standard (AES) algorithm, cannot perform computational operations on encrypted data without first applying the decryption process. Homomorphic encryption algorithms provide innovative solutions to support computations on encrypted data while preserving the content of private information. However, these algorithms have some limitations, such as computational cost as well as the need for modifications for each case study. In this paper, we present a comprehensive overview of various homomorphic encryption tools for Big Data analysis and their applications. We also discuss a security framework for Big Data analysis while preserving privacy using homomorphic encryption algorithms. We highlight the fundamental features and tradeoffs that should be considered when choosing the right approach for Big Data applications in practice. We then present a comparison of popular current homomorphic encryption tools with respect to these identified characteristics. We examine the implementation results of various homomorphic encryption toolkits and compare their performances. Finally, we highlight some important issues and research opportunities. We aim to anticipate how homomorphic encryption technology will be useful for secure Big Data processing, especially to improve the utility and performance of privacy-preserving machine learning. Full article
Show Figures

Figure 1

2021

Jump to: 2022, 2020, 2019, 2017, 2016

24 pages, 4245 KiB  
Article
An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques
by Taher Al-Shehari and Rakan A. Alsowail
Entropy 2021, 23(10), 1258; https://doi.org/10.3390/e23101258 - 27 Sep 2021
Cited by 83 | Viewed by 8617
Abstract
Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than [...] Read more.
Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system. Full article
Show Figures

Figure 1

2020

Jump to: 2022, 2021, 2019, 2017, 2016

18 pages, 7171 KiB  
Article
An Image Encryption Algorithm Based on Random Hamiltonian Path
by Wei Zhang, Shuwen Wang, Weijie Han, Hai Yu and Zhiliang Zhu
Entropy 2020, 22(1), 73; https://doi.org/10.3390/e22010073 - 6 Jan 2020
Cited by 21 | Viewed by 4663
Abstract
In graph theory, Hamiltonian path refers to the path that visits each vertex exactly once. In this paper, we designed a method to generate random Hamiltonian path within digital images, which is equivalent to permutation in image encryption. By these means, building a [...] Read more.
In graph theory, Hamiltonian path refers to the path that visits each vertex exactly once. In this paper, we designed a method to generate random Hamiltonian path within digital images, which is equivalent to permutation in image encryption. By these means, building a Hamiltonian path across bit planes can shuffle the distribution of the pixel’s bits. Furthermore, a similar thought can be applied for the substitution of pixel’s grey levels. To ensure the randomness of the generated Hamiltonian path, an adjusted Bernoulli map is proposed. By adopting these novel techniques, a bit-level image encryption scheme was devised. Evaluation of simulation results proves that the proposed scheme reached fair performance. In addition, a common flaw in calculating correlation coefficients of adjacent pixels was pinpointed by us. After enhancement, correlation coefficient becomes a stricter criterion for image encryption algorithms. Full article
Show Figures

Figure 1

2019

Jump to: 2022, 2021, 2020, 2017, 2016

17 pages, 4164 KiB  
Article
An Algorithm of Image Encryption Using Logistic and Two-Dimensional Chaotic Economic Maps
by Sameh S. Askar, Abdel A. Karawia, Abdulrahman Al-Khedhairi and Fatemah S. Al-Ammar
Entropy 2019, 21(1), 44; https://doi.org/10.3390/e21010044 - 9 Jan 2019
Cited by 60 | Viewed by 5796
Abstract
In the literature, there are many image encryption algorithms that have been constructed based on different chaotic maps. However, those algorithms do well in the cryptographic process, but still, some developments need to be made in order to enhance the security level supported [...] Read more.
In the literature, there are many image encryption algorithms that have been constructed based on different chaotic maps. However, those algorithms do well in the cryptographic process, but still, some developments need to be made in order to enhance the security level supported by them. This paper introduces a new cryptographic algorithm that depends on a logistic and two-dimensional chaotic economic map. The robustness of the introduced algorithm is shown by implementing it on several types of images. The implementation of the algorithm and its security are partially analyzed using some statistical analyses such as sensitivity to the key space, pixels correlation, the entropy process, and contrast analysis. The results given in this paper and the comparisons performed have led us to decide that the introduced algorithm is characterized by a large space of key security, sensitivity to the secret key, few coefficients of correlation, a high contrast, and accepted information of entropy. In addition, the results obtained in experiments show that our proposed algorithm resists statistical, differential, brute-force, and noise attacks. Full article
Show Figures

Figure 1

2017

Jump to: 2022, 2021, 2020, 2019, 2016

2098 KiB  
Article
User-Centric Key Entropy: Study of Biometric Key Derivation Subject to Spoofing Attacks
by Lavinia Mihaela Dinca and Gerhard Hancke
Entropy 2017, 19(2), 70; https://doi.org/10.3390/e19020070 - 21 Feb 2017
Cited by 9 | Viewed by 7743
Abstract
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. [...] Read more.
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometric systems, was disproved for authentication and matching, studies showing that not only multi-modal biometric systems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more. Full article
Show Figures

Figure 1

1492 KiB  
Article
An Android Malicious Code Detection Method Based on Improved DCA Algorithm
by Chundong Wang, Zhiyuan Li, Liangyi Gong, Xiuliang Mo, Hong Yang and Yi Zhao
Entropy 2017, 19(2), 65; https://doi.org/10.3390/e19020065 - 11 Feb 2017
Cited by 5 | Viewed by 7273
Abstract
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source [...] Read more.
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source code can not completely extract malware’s code features. The Android malware static detection methods whose features used are only obtained from the AndroidManifest.xml file are easily affected by useless permissions. Therefore, there are some limitations in current Android malware static detection methods. The current Android malware dynamic detection algorithm is mostly required to customize the system or needs system root permissions. Based on the Dendritic Cell Algorithm (DCA), this paper proposes an Android malware algorithm that has a higher detection rate, does not need to modify the system, and reduces the impact of code obfuscation to a certain degree. This algorithm is applied to an Android malware detection method based on oriented Dalvik disassembly sequence and application interface (API) calling sequence. Through the designed experiments, the effectiveness of this method is verified for the detection of Android malware. Full article
Show Figures

Figure 1

2016

Jump to: 2022, 2021, 2020, 2019, 2017

637 KiB  
Article
Quantum Key Distribution in the Presence of the Intercept-Resend with Faked States Attack
by Luis Adrian Lizama-Pérez, José Mauricio López and Eduardo De Carlos López
Entropy 2017, 19(1), 4; https://doi.org/10.3390/e19010004 - 23 Dec 2016
Cited by 14 | Viewed by 6035
Abstract
Despite the unconditionally secure theory of the Quantum Key Distribution (Q K D), several attacks have been successfully implemented against commercial Q K D systems. Those systems have exhibited some flaws, as the secret key rate of corresponding protocols remains unaltered, [...] Read more.
Despite the unconditionally secure theory of the Quantum Key Distribution (Q K D), several attacks have been successfully implemented against commercial Q K D systems. Those systems have exhibited some flaws, as the secret key rate of corresponding protocols remains unaltered, while the eavesdropper obtains the entire secret key. We propose the negative acknowledgment state quantum key distribution protocol as a novel protocol capable of detecting the eavesdropping activity of the Intercept Resend with Faked Sates (I R F S) attack without requiring additional optical components different from the B B 84 protocol because the system can be implemented as a high software module. In this approach, the transmitter interleaves pairs of quantum states, referred to here as parallel and orthogonal states, while the receiver uses active basis selection. Full article
Show Figures

Figure 1

4742 KiB  
Article
Intelligent Security IT System for Detecting Intruders Based on Received Signal Strength Indicators
by Yunsick Sung
Entropy 2016, 18(10), 366; https://doi.org/10.3390/e18100366 - 16 Oct 2016
Cited by 5 | Viewed by 5953
Abstract
Given that entropy-based IT technology has been applied in homes, office buildings and elsewhere for IT security systems, diverse kinds of intelligent services are currently provided. In particular, IT security systems have become more robust and varied. However, access control systems still depend [...] Read more.
Given that entropy-based IT technology has been applied in homes, office buildings and elsewhere for IT security systems, diverse kinds of intelligent services are currently provided. In particular, IT security systems have become more robust and varied. However, access control systems still depend on tags held by building entrants. Since tags can be obtained by intruders, an approach to counter the disadvantages of tags is required. For example, it is possible to track the movement of tags in intelligent buildings in order to detect intruders. Therefore, each tag owner can be judged by analyzing the movements of their tags. This paper proposes a security approach based on the received signal strength indicators (RSSIs) of beacon-based tags to detect intruders. The normal RSSI patterns of moving entrants are obtained and analyzed. Intruders can be detected when abnormal RSSIs are measured in comparison to normal RSSI patterns. In the experiments, one normal and one abnormal scenario are defined for collecting the RSSIs of a Bluetooth-based beacon in order to validate the proposed method. When the RSSIs of both scenarios are compared to pre-collected RSSIs, the RSSIs of the abnormal scenario are about 61% more different compared to the RSSIs of the normal scenario. Therefore, intruders in buildings can be detected by considering RSSI differences. Full article
Show Figures

Figure 1

Back to TopTop