Power analysis attack against encryption devices: a comprehensive analysis of AES, DES, and BC3

Putra, Septafiansyah Dwi; Yudhiprawira, Mario; Sutikno, Sarwono; Kurniawan, Yusuf; Ahmad, Adang Suwandi

doi:10.12928/telkomnika.v17i3.9384

Cited by 11 publications

(9 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In order to choose appropriate system for an application, there is a need to assess the security of different encryption algorithms used in each encryption category. There are many comparative studies in the literature that have compared these algorithms with respect to number of features such as speed, throughput, computation time, memory usage, size of key and data blocks, and possible attacks. According to a literature reviewed, AES (supported by most of the NoSQL and NewSQL systems) has a better speed and less memory utilization as compared with RSA (used in Cassandra, ClustrixDB, and VoltDB).…”

Section: Comparison and Discussionmentioning

confidence: 99%

Security assessment of data management systems for cyber physical system applications

Chaudhry

Yousaf

Khan

2019

J Software Evolu Process

View full text Add to dashboard Cite

Cyber physical system (CPS) applications are widely used to control critical infrastructure of various application domains, eg, medical health care, energy, and power, to name a few. Such applications usually take input data from sensors, estimate current state of the system, and then based on the estimation, make critical decisions to control the underlying infrastructure automatically. Therefore, security and integrity of the (system state) data are critically important to ensure safe operations of CPS. In this paper, we present a review of security of various data management systems used in CPS. Since CPS are composed of systems of (sub)systems that generate a huge amount of data (ie, periodical sensor input data), therefore, recently, NoSQL and NewSQL data management systems have emerged as popular data management systems to support efficient and scalable analysis of unstructured data. Unfortunately, these systems were not initially build for data security and thus are vulnerable to numerous security attacks. Considering flexible data model and efficient access methods in NoSQL and NewSQL, we discuss the security attacks on such data management systems and their corresponding solutions to mitigate them. In particular, we analyze the system and data security of popular NoSQL and NewSQL systems. To analyze that, we defined feature vectors for system and data security and compared the data systems against them. Finally, we propose security solutions for data management systems by identifying various security vulnerabilities in internal security algorithms of such systems. KEYWORDSaccess control security, CPS, data integrity, data security INTRODUCTIONIndustry 4.0 has led to the development of cyber physical systems (CPSs). A typical CPS consists of cyber and physical components, where cyber components are responsible for controlling physical components (respectively process) of an underlying critical infrastructure. The cyber components receive sensor data as an input to estimate current state of the physical components. Based on the state estimation, the cyber components make decisions (ie, issue commands) to change the state of the physical process. With the recent trend towards affordable sensors, fast communication networks, and better data acquisition methods, massive amount of data is generated by various sensors and autonomous resources in a CPS. This huge volume of data needs big data processing and management techniques. This introduces challenges related to the performance, security, reliability, scalability, and fault tolerance of a system. Since a CPS makes decision based on sensor input data, such data needs to be protected against various security attacks to ensure reliable and safe data operations. In this paper, we review the security of various data management systems that are used to store process data in a CPS. Modern CPS uses NoSQL and NewSQL systems to store data in order to assure reliable and efficient (ie, with strict time requirements) CPS operations. The increased data access has increa...

show abstract

Section: Comparison and Discussionmentioning

confidence: 99%

Security assessment of data management systems for cyber physical system applications

Chaudhry

Yousaf

Khan

2019

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

“…On the other hand, the PSNR and SSIM decryption process can be used to measure the perfection of the image decryption process, where the PSNR and SSIM values are infinity and 1 respectively, to get the perfect image decryption. PSNR can be calculated by (6), whereas SSIM can be calculated by (7). ; is a dynamic range (2 − 1) with the default value 1 = 0.01 and 2 = 0.03.…”

Section: Psnr and Ssimmentioning

confidence: 99%

“…At present, many cryptographic algorithms can be used to secure digital files. However, along with the times, cryptographic algorithms must also be developed and maintained to provide better security [5][6][7][8][9]. Cryptographic algorithms that are widely implemented in digital files are AES, DES, RC4, OTP, RSA, and Chaotic Map [4,5,8,[10][11][12][13].…”

Section: Introductionmentioning

confidence: 99%

Triple layer image security using bit-shift, chaos, and stream encryption

et al. 2020

View full text Add to dashboard Cite

One popular image security technique is image encryption. This research proposes an image encryption technique that consists of three encryption layers, i.e. bit-shift encryption, chaos-based encryption, and stream encryption. The chaos algorithm used is Arnold's chaotic map, while the stream cipher algorithm used is RC4. Each layer has different cryptology characteristics in order to obtain safer image encryption. The characteristics of cryptology are permutation, confusion, diffusion, and substitution. The combination of the proposed encryption method aims to secure images against various attacks, especially attacks on statistics and differentials. The encryption method testing is done by various measuring instruments such as statistical analysis, i.e. entropy information, avalanche effect, and histogram, differential analysis, i.e. UACI and NPCR, visual analysis using PSNR and SSIM, and bit error ratio. Based on the results of experiments that the encryption method that we propose can work excellently based on various measurement instruments. The decryption process can also work perfectly this is evidenced by the ∞ value based on PSNR, and zero value based on SSIM and BER.

show abstract

“…Information security is very important because it supports the performance of e-business systems, in improving services to customers [19]. Cryptography is a technique of making messages or information secret and can only be accessed by authorized users through an encryption process using a mathematical model to recover secret keys from cryptographic devices [20]. This study aims to improve security in the e-business system for rice milling small and medium-sized enterprises (SMEs) by implementing cryptographic algorithms, which can strengthen passwords on user accounts and hide the exchange of transaction information.…”

Section: Introductionmentioning

confidence: 99%

Improvement security in e-business systems using hybrid algorithm

Sumaryanti

Kusuma²,

Widijastuti

et al. 2021

TELKOMNIKA

View full text Add to dashboard Cite

E-business security becomes an important issue in the development of technology, to ensure the safety and comfort of transactions in the exchange of information is privacy. This study aims to improve security in e-business systems using a hybrid algorithm that combines two types of keys, namely symmetric and asymmetric keys. Encryption and decryption of messages or information carried by a symmetric key using the simple symmetric key algorithm and asymmetric keys using the Rivest Shamir Adleman (RSA) algorithm. The proposed hybrid algorithm requires a high running time in the decryption process compared to the application of a single algorithm. The level of security is stronger because it implements the process of message encryption techniques with two types of keys simultaneously.

show abstract

Power analysis attack against encryption devices: a comprehensive analysis of AES, DES, and BC3

Cited by 11 publications

References 18 publications

Security assessment of data management systems for cyber physical system applications

Security assessment of data management systems for cyber physical system applications

Triple layer image security using bit-shift, chaos, and stream encryption

Improvement security in e-business systems using hybrid algorithm

Contact Info

Product

Resources

About