This special issue focuses on the effective design and engineering of cryptographic solutions for deployment in secure information systems. Information systems range from those deployed on home computers to state, governmental, and huge enterprise systems using computers connected with local and global networks using wired and wireless and often ad hoc channels of information exchange. In order for the users to have high confidence in those systems for the protection and authentication of stored and/or transmitted data, cryptographic solutions have often been provided as part of security mechanisms. It is essential for such solutions to be designed, implemented, and verified using sound engineering approaches and practices as they must support the core functionality of secure information systems. The designers and engineers need to balance the desired level of security versus financial costs and risks involved in deploying particular solutions in their intended applications. Therefore, the effective design and engineering of cryptographic solutions require a thorough understanding of the requirements of the applications at hand, their constraints and performance characteristics, the capabilities of the hardware and software platforms, and the nature of the network environments.
Submissions for this special issue were open to original, high quality contributions that were not published or currently under review by other archival journals or peer-reviewed conferences with formal proceedings. The authors of the papers presented at The 3rd International Conference on Security of Information and Networks (SIN 2010) were especially invited to submit the revised and substantially extended versions of their papers for the special issue. SIN 2010 was organized in technical cooperation with the ACM Special Interest Group on Security, Audit and Control (SIGSAC); it was held on 7–11 September 2010, in Taganrog, Rostov region, Russia. The SIN conference series provides an international forum for presentation of research and applications of security in information and networks, with a special focus on cryptographic solutions in secure information systems, and it was this focus that provided the motivation for the topic of this special issue.
There was an overwhelming interest in the special issue within the security and cryptography communities, and as a result, we received 31 submissions by authors from all over the world. Each submission was sent to three reviewers who were experts in security and cryptography research and closely related areas, with special research interests in cryptographic solutions in both theory and practice. After two rounds of reviewing, nine high quality papers were finally accepted for publication in the special issue, resulting in an acceptance rate of 29%. Many other worthy papers could not be accepted because of the space limitations and the timeliness of the special issue.
The papers cover many important topics in the design and engineering of cryptographic solutions for secure information systems, including hardware design, cryptographic fundamentals, auction design, authentication, routing protocols, protocol verification, detection of collusion attacks, and policy issues. The list of the papers included in the special issue is provided as follows:
- The paper, Design and Implementation of a Versatile Cryptographic Unit for RISC Processors by Kazım Yumbul, Erkay Savaş, Övünç Kocabaş, and Johann Großschädl, discusses the design and implementation of a cryptographic processing unit that can be integrated into any reduced instruction set processor for the safe and efficient execution of cryptographic algorithms.
- The paper, Algebraic Construction of Cryptographically Good Binary Linear Transformations by Bora Aslan and Muharrem Tolga Sakallı, proposes a new algebraic construction method for linear transformations that can be used in block ciphers.
- The paper, Efficient Homomorphic Sealed-Bid Auction Free of Bid Validity Check and Equality Test by Kun Peng, proposes three new homomorphic electronic auction protocols to avoid certain costly operations and improve the efficiency of electronic auctions.
- The paper, On Robust Key Agreement Based on Public Key Authentication by Feng Hao, proposes a new protocol for public key authentication that addresses a number of practical and theoretical flaws of the existing protocols.
- The paper, A Secure Many to Many Routing Protocol for Wireless Sensor and Actuator Networks by Son T. Nguyen, Erdal Çayırcı, and Chunming Rong, proposes a new power aware routing protocol for wireless sensor networks that increases energy efficiency and prolongs network life time.
- The paper, A UTP Approach Towards Probabilistic Protocol Verification by Riccardo Bresciani and Andrew Butterfield, proposes a new probabilistic approach toward protocol verification, based on an attacker model where cryptographic primitives can be broken probabilistically.
- The paper, Exploiting Convergence Characteristics to Tackle Collusion Attacks in OLSR for Security and Communication Networks by Manoj Singh Gaur, Rajbir Kaur, Lalith P. Suresh, and Vijay Laxmi, describes effective and resource efficient counter-measures for packet dropping attacks such as collusion attacks against optimized link state routing (OLSR) protocol in mobile ad hoc networks.
- The paper, Policy Override in Practice: Model, Evaluation, and Decision Support by Steffen Bartsch, proposes a flexible authorization model, called policy override, that allows end users to override authorization in a secure system in a controlled manner.
- The paper, BioPSTM: A Formal Model for Privacy, Security and Trust in Template-Protecting Biometric Authentication by Alper Kanak and İbrahim Soğukpınar, proposes a new model that formalizes the relationship between trust, privacy, and security and evaluates the model in the context of biometric security technologies.
Many individuals contributed to this special issue. First and foremost, we express our gratitude to Professor Hsiao-Hwa Chen, the Editor-in-Chief of Security and Communication Networks, for his continuing support for the special issue. We availed ourselves of his expert opinion at every junction of the whole process. We would also like thank our reviewers who generously donated their time in reading the submissions and providing very detailed and constructive comments for the authors. Their expertise and hard work were instrumental in the decision process. We are indebted to the authors of the 31 submissions who accepted our invitation to submit their best works for the special issue and made such a high quality collection possible in the first place.
We trust that the breadth and diversity of the papers published in this special issue will foster further research on design and engineering of cryptographic solutions in secure information systems ranging from theoretical to practical issues and ultimately to their applications.