Most recent issue published online for the International Journal of Electronic Security and Digital Forensics.

High capacity and secured methodologies for steganography

Rajesh Kumar Tiwari — 2012-02-09T23:20:50-05:00

High capacity and secured methodologies for steganography
Rajesh Kumar Tiwari
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 1 - 18
In current digital era, people are using e-devices such as ipods, iphones and cell phones for capturing the static and dynamic images. However, these images have a compromised size and quality due to fixed memory dimension. But, in the multi-media messaging service (MMS) of cell phones and iphones, they may participate as a cover medium, strengthening the steganography communication. The different methods of steganography are mostly applied on image files to embed the data. In all these cases, the principle of replacing the entire or some parts of the chosen pixel may not be able to utilise all the available memory area of an image for the purpose of the secret data. This paper presents a new high capacity steganographic technique to hide information. Three different techniques out of which two are to embed the plain text and one is for all type of data to embed in image. Based on these methods, we have constructed secured MMS creator and short message service creator viewer in Microsoft platform for providing data embedding in new e-devices.

Image encryption using HC-128 and HC-256 stream ciphers

Alireza Jolfaei; Ahmadreza Vizandan; Abdolrasoul Mirghadri — 2012-02-09T23:20:50-05:00

Image encryption using HC-128 and HC-256 stream ciphers
Alireza Jolfaei; Ahmadreza Vizandan; Abdolrasoul Mirghadri
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 19 - 42
In this paper, we surveyed HC-128 and HC-256 as methods for protecting the distribution of digital images in an efficient and secure way. We proposed the Hongjun Cipher (HC) image encryption algorithm based on column-wise raster scanning of the plain image. Then, we performed a series of tests and some comparisons to justify the efficiency of surveyed algorithms for image encryption. These tests included key space analysis, visual test and histogram analysis, randomness analysis, information entropy, encryption quality, correlation analysis, differential analysis, sensitivity analysis and performance analysis. Based on all analysis and experimental results, it can be concluded that the two variants of HC scheme are efficient, feasible and trustworthy to be adopted for image encryption.

Weaknesses in a dynamic ID-based remote user authentication scheme for multi-server environment

Debiao He; Yin Huang — 2012-02-09T23:20:50-05:00

Weaknesses in a dynamic ID-based remote user authentication scheme for multi-server environment
Debiao He; Yin Huang
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 43 - 53
Due to the widespread applications of internet services, the study of accessing the resources of multi-server environment has received considerable attention, and many schemes are proposed successively. Very recently, Hsiang et al. proposed a dynamic ID-based remote user authentication scheme for multi-server environment. They claimed their scheme can resist various attacks. However, in this paper, we will show that Hsiang et al.'s scheme is vulnerable to the impersonation attack, the password guessing attack, the masquerading user attack and the masquerading server attack. The analysis shows that Hsiang et al.'s scheme is insecure for practical application.

Children and geotagged images: quantitative analysis for security risk assessment

Joanne M. Kuzma — 2012-02-09T23:20:50-05:00

Children and geotagged images: quantitative analysis for security risk assessment
Joanne M. Kuzma
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 54 - 64
This paper investigates the levels of geocoding images with children pictures and discusses privacy and safety issues that may affect children. This study analysed the number of geocoded images of children's pictures on Flickr, a popular image-sharing site. For 50 of the top most expensive residential zip codes in the USA, the number of images that had geolocation tags was counted. Results showed significant number of images with children's faces that had geotagged information. The location information could possibly be used to locate a child's home or other location based on information publicly available on Flickr. Publishing geolocation data raises concerns about privacy and security of children when such personalised information is available to internet users who may have dubious reasons for accessing this data. People should understand the implications of this technology and post only appropriate data to protect themselves and their children.

Key generation based on elliptic curve over finite prime field

S. Maria Celestin Vigila; K. Muneeswaran — 2012-02-09T23:20:50-05:00

Key generation based on elliptic curve over finite prime field
S. Maria Celestin Vigila; K. Muneeswaran
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 65 - 81
With the explosion of networks and the huge amount of data transmitted along, securing data content is becoming more and more important. Data encryption is widely used to ensure security in open networks, like the internet. This paper presents the implementation of stream cipher, where the key stream is generated based on the properties of linear feedback shift register (LFSR) and cyclic elliptic curve (EC) over a finite prime field. Here, the process of encryption/decryption of an image in spatial domain is illustrated and also key file parameters needed for generating the key stream to other parties are encrypted using elliptic curve cryptography (ECC). Only, the encrypted key file parameters are transmitted, not the entire full length key. Since ECC is replacing RSA for key exchange, EC-based stream cipher offers a good choice for encryption in real-time application. The strength of the proposed cipher lies in the generation of random sequence using LFSR over finite prime field and also the use of EC discrete logarithmic problem makes it more difficult to determine the key file parameters. This paper also discusses the security aspects of the proposed cipher which is secure against all kinds of attacks.

RF authenticated protection scheme for SRAM-based FPGA IP cores

Sridhar Laavanya; V. Lakshmi Prabha — 2012-02-09T23:20:50-05:00

RF authenticated protection scheme for SRAM-based FPGA IP cores
Sridhar Laavanya; V. Lakshmi Prabha
International Journal of Electronic Security and Digital Forensics, Vol. 4, No. 1 (2012) pp. 82 - 100
Field programmable gate arrays (FPGAs) have become increasingly popular due to their rapid development times and low costs. Many FPGA-based systems utilise third-party intellectual property (IP) in their development. With their increased use, the need to protect the IP against unauthorised use has become important. In this paper, we have proposed a novel wireless intellectual property protection (IPP) technique that overcomes the secure secret decryption key storage problem associated with traditional encryption-based IPP techniques that are widely used for IPP of static random access memory-based FPGA IP cores. The proposed scheme also provides an extra authentication protection for IP cores to make it more security efficient. The results derived from the testing of hardware prototype used for the evaluation of the proposed scheme are quite encouraging.