Security and Communication Networks

Cover image for Vol. 7 Issue 6

June 2014

Volume 7, Issue 6

Pages i–iii, 945–1065

  1. Issue Information

    1. Top of page
    2. Issue Information
    3. Research Articles
    1. You have free access to this content
      Issue Information (pages i–iii)

      Version of Record online: 24 APR 2014 | DOI: 10.1002/sec.888

  2. Research Articles

    1. Top of page
    2. Issue Information
    3. Research Articles
    1. Weaknesses in a new ultralightweight RFID authentication protocol with permutation—RAPP (pages 945–949)

      Nasour Bagheri, Masoumeh Safkhani, Pedro Peris-Lopez and Juan E. Tapiador

      Version of Record online: 21 JUN 2013 | DOI: 10.1002/sec.803

      Thumbnail image of graphical abstract

      RFID systems represent a key technology for ubiquitous computing and the deployment of the Internet of things.

      RFID authentication protocols are often necessary to confirm the identity of the parties involved (i.e., RFID readers, RFID tags and/or database servers).

      Tian et al. recently proposed a permutation-based mutual authentication protocol called RAPP [1].

      In this letter, we present desynchronization, traceability, and disclosure attacks against RAPP more powerful than those previously published [2–4].

    2. Verifiable secret sharing based on the Chinese remainder theorem (pages 950–957)

      Lein Harn, Miao Fuyou and Chin-Chen Chang

      Version of Record online: 11 JUN 2013 | DOI: 10.1002/sec.807

      Thumbnail image of graphical abstract

      A Chinese remainder theorem-based verifiable secret sharing scheme, which is a simple extension of Azimuth–Bloom (t,n) secret sharing without making any computational assumptions is proposed. We use a linear combination of both the secret and the verification secret to protect the secrecy of both the secret and shares in the verification.

    3. Research on hidden malicious user detection problem (pages 958–963)

      Liu Tingting and Shu Feng

      Version of Record online: 11 JUN 2013 | DOI: 10.1002/sec.810

      Thumbnail image of graphical abstract

      In this paper, a hidden malicious user detection problem is proposed for the purpose to secure the cooperative spectrum sensing. The hidden malicious user can be identified through calculating the ratio between user's detection probability and false alarm probability. Compared with the original enhanced Dempster-Shafer (D-S) algorithm, the proposed method based on enhanced D-S algorithm in this paper provides a better global sensing performance.

    4. Collaborative agglomerative document clustering with limited information disclosure (pages 964–978)

      Chunhua Su, Jianying Zhou, Feng Bao, Tsuyoshi Takagi and Kouichi Sakurai

      Version of Record online: 14 JUN 2013 | DOI: 10.1002/sec.811

      Thumbnail image of graphical abstract

      In this paper, we propose a cryptography-based framework to realize privacy-preserving document clustering among the users under the distributed environment: there are two parties, each having his private document database, that want to collaboratively execute agglomerative document clustering without disclosing their private contents.

    5. Certificateless identification protocols from super singular elliptic curve (pages 979–986)

      Massoud Hadian Dehkordi and Reza Alimoradi

      Version of Record online: 15 AUG 2013 | DOI: 10.1002/sec.815

      Thumbnail image of graphical abstract

      In this paper, two certificateless identity-based identification schemes are represented. These are Challenge-response Identification protocols. Also, the second scheme introduced in this paper has the batch verification quality.

    6. A robust smart card‒based anonymous user authentication protocol for wireless communications (pages 987–993)

      Fengtong Wen, Willy Susilo and Guomin Yang

      Version of Record online: 14 JUN 2013 | DOI: 10.1002/sec.816

      Thumbnail image of graphical abstract

      Two weaknesses of a robust smart card‒based anonymous user authentication protocol for wireless communications have been pointed out. A new smart card‒based anonymous user authentication protocol for wireless communications is proposed. Our protocol uses a different user authentication mechanism, which does not require different entities to maintain a synchronized clock. It has good performance compared with the existing smart card‒based anonymous user authentication protocols in terms of computation cost and communication cost.

    7. Role-based and time-bound access and management of EHR data (pages 994–1015)

      Rui Zhang, Ling Liu and Rui Xue

      Version of Record online: 21 JUN 2013 | DOI: 10.1002/sec.817

      Thumbnail image of graphical abstract

      In this paper, we first present a role-based and time-bound access control (RBTBAC) model that provides more flexibility in both roles (spatial capability) and time (temporal capability) dimensions to control the access of sensitive data through algorithmic combination of role-based access control and time-bound key management. Then, we present an RBTBAC protocol for accessing electronic health record (EHR) data. Our initial experimental results show that tree-like time structure can improve the performance of the key management scheme significantly, and RBTBAC model is more suitable than existing solutions for EHR data management because it offers high-efficiency and better security and privacy.

    8. Fast authentication mechanism with provable correctness for cluster-based VANETs (pages 1016–1030)

      Jung-San Lee and Ya-Chieh Huang

      Version of Record online: 14 JUN 2013 | DOI: 10.1002/sec.818

      Thumbnail image of graphical abstract

      Vehicle ad hoc networks (VANETs) are self-configurable networks, in which involved nodes have to share the responsibility for achieving handover operation and providing communication services. Due to the fact that vehicles always move from one area to another very quick, how to handle the handover between roadside devices has become a crucial challenge. Thus, we develop a fast handover mechanism for seamless communications. In particular, we have applied the BAN logic model to prove the correctness of mutual authentication.

    9. A novel distributed covert channel in HTTP (pages 1031–1041)

      Fei Wang, Liusheng Huang, Haibo Miao and Miaomiao Tian

      Version of Record online: 2 JUL 2013 | DOI: 10.1002/sec.822

      Thumbnail image of graphical abstract

      We propose a novel distributed covert channel in HTTP. The channel deploys multiple HTTP clients to dilute steganographic features. With a proper transmission model, the channel is error free and has a high transmission rate. By adjusting a certain parameter, the channel can trade off two different features, the transmission rate and the undetectability, which can meet different demands in practical applications.

    10. An extensible cheat-proofing multi-secret sharing scheme with low computation complexity (pages 1042–1048)

      Yinfeng Wu, Liping Huang, Xiao Wang and Ning Yu

      Version of Record online: 2 JUL 2013 | DOI: 10.1002/sec.823

      Thumbnail image of graphical abstract

      An extensible cheat-proofing multi-secret sharing scheme with low computation complexity is proposed, which is based on the security of Rivest-Shamir-Adleman public key system and discrete logarithm puzzle. It can guard against cheating problem, resist various kinds of attacks and improve the success rate of group secret reconstruction.

    11. Efficient privacy-preserved data query over ciphertext in cloud computing (pages 1049–1065)

      Wei Song, Zhiyong Peng, Qian Wang, Fangquan Cheng, Xiaoxin Wu and Yihui Cui

      Version of Record online: 11 JUL 2013 | DOI: 10.1002/sec.824

      Thumbnail image of graphical abstract

      In this paper, we research efficient privacy-preserved data query methodologies for querying cipher-text numeric relational data in cloud computing. To provide efficient relational data query service just as DBMS does through SQL, we propose a service-oriented query (SOQ) algorithm that adaptively adjusts the encrypted data buckets based on sensitive data distribution and query workload. Moreover, we propose a two-stage index to address the issue of join query between encrypted attributes which has not been well solved to our knowledge.

SEARCH

SEARCH BY CITATION