International Journal of Electronic Security and Digital Forensics (9 papers in press)
The preservation of digital evidence and its admissibility in the court
by Fernando T. Molina Granja, Glen D. Rodríguez Rafael
Abstract: This articles objective is to screen and analyze the common models of digital preservation that exist, the elements, the degree of compliance with the general guidelines, the use of techniques and compliance with specific requirements as well as to evaluate the need for a solution to the environment of criminal investigation institutions, in the scenario that lacks a specific model. The importance of the preservation of digital objects is currently heavily analyzed. Several aspects may serve to make the digital objects worthless, such as the uselessness of hardware, the deficiency of ancient computing formats to support their use, human errors, and malicious software. The majority of crimes currently have a digital component, such that Governments and the police are obliged by law to indefinitely hold digital evidence for a cases history. Until the presentation of the digital evidence in Court, the evidence must be collected, preserved and properly distributed. The systems currently used often involve multiple steps that do not meet the demands of the growing digital world. The volume of digital evidence continues to grow, and these steps will soon become operationally and economically unfeasible for agencies responsible for performing these tasks.
Keywords: digital preservation;digital evidence;preservation of digital evidence;admissibility of evidence; criminal investigation institutions; cybercrime; preservation model; integrity of evidence.
Cryptographic Collusion-resistant Protocols for Secure Sum
by Maede Ashouri-Talouki, Ahmad Baraani-Dastjerdi
Abstract: Secure summation is one of the most applicable functions of secure multiparty computation (MPC) in which a group of users securely computes the summation value of their private inputs. The current solutions to this problem are basically on adding a random number to private inputs or splitting the inputs among users which need secure channel among members. Moreover, to be resistant against collusion of n-2 players, they impose high communication cost. In this paper, we propose three cryptography-based protocols for secure sum that do not need secure channel and are secure against collusion of n-2 players. Also, the communication cost of the proposed protocols is of complexity O(n). Based on the privacy requirements, the proposed protocols can provide the final result privacy as well as the private input privacy.
Keywords: Multiparty Computation; Cryptography; Data Privacy; Collusion
A New Kind of Steganography Schemes for Image
by Zhihai Zhuo, Ning Zhong
Abstract: Message security is more and more important in our modern life. As encryption arousing suspicion easily, steganography which aims at hiding secret message in a cover and has little influence on the cover becomes popular. There are many steganography algorithms having been proposed. Most of them are based on binary, but binary sequence is longer than ternary sequence of a same decimal sequence. In this paper, to have a shorter sequence to represent secret message and protect it, we propose a new method to deal with secret message and get a binary sequence, a ternary sequences and a quaternary sequence. For the ternary sequence and quaternary sequence, we propose a ternary JSteg method and a quaternary JSteg method; this method can keep the histogram characters. So for same secret message, our method will have less influence on the cover.
Keywords: Steganography, ternary Jsteg
A comprehensive digital forensic investigation process model
by Reza Montasari
Abstract: A formal process model is needed to enable digital forensic practitioners in following a uniform approach and to enable courts of law in determining the reliability of digital evidence presented to them. Such a model also needs to be generic in that it can be applicable in the different fields of digital forensics including law enforcement, corporates and incident response. There does not currently exist such a comprehensive process model that is both formal and generic. To address these shortcomings, this paper proposes a model that is formal in that it can enable the digital forensic practitioners in following a uniform approach when carrying out investigations and that is generic in that it can be applied in the different environments of digital forensics.
Keywords: digital forensics; incident response; process model; corporate digital investigations; digital investigations; computer forensics.
A new fully homomorphic encryption over the integers using smaller public key
by Yeluripati Govindha Ramaiah, Gunta Vijaya Kumari
Abstract: Fully homomorphic encryption scheme with practical time complexity is a widely acknowledged research problem in cryptography. In this work, a new somewhat homomorphic encryption with practical time complexities is proposed, from which fully homomorphic encryption is obtained using the optimisations suggested in the contemporary works. The central idea behind the proposition in achieving such reasonable time complexities lies in employing a small public key containing only two big integers with consequent reduction in the message expansion. The scheme may be considered as a variant of the DGHV's integers-based scheme, which was one of the earlier attempts in devising a conceptually simpler fully homomorphic encryption. The semantic security of the proposition is proved in the standard model by reducing the same to the hard problem of solving partial approximate greatest common divisor of two integers.
Keywords: approximate greatest common divisors; AGCDs; homomorphic encryption; message expansion; semantic security; smaller public key.
A new group signature scheme for dynamic membership
by Run Xie, Chunxiang Xu, Chanlian He, Xiaojun Zhang
Abstract: Group signatures allow a group member to sign messages anonymously on behalf of the group. Generally, group signatures have anonymity, traceability and authentication. It has been well applied in practical distributed security communication environments. However, very few schemes can achieve the non-frameability and support dynamic membership management. In this paper, we propose a new group signature scheme. Our scheme achieves the non-frameability without the trusted issuer. Meanwhile, this scheme can support dynamic members join and revocation without incurring other secure threats. Furthermore, in our scheme, the size of group member's private key and the size of group public key are shorter than other schemes while the costs to be kept constant for signing and verifying. In particular, we prove that our scheme achieves anonymity, traceability and non-frameability under the random oracle model.
Keywords: group signature; non-frameability; anonymity; traceability; security proof; random oracle model.
Security analysis and enhancements of a multi-factor biometric authentication scheme
by Min Wu, Jianhua Chen, Wenxia Zhu, Zhenyang Yuan
Abstract: The security of authentication scheme, especially multi-factor biometric authentication scheme based on password, smart card, and biometric in wireless communication is an important and significant issue that researchers have been focusing on lately. Most recently, Liling Cao et al. improved a multi-factor biometric authentication scheme which demonstrated that their scheme can resist masquerading attack, user masquerading attack, replay attack, and provide mutual authentication, and so on. In this paper, it is indicated that their scheme is vulnerable to stolen smart card attack, user impersonation attack, sever impersonation attack and man-in-the-middle-attack. Then, in order to avoid these attacks, a revised scheme with slight high computation costs but more security than other related schemes is presented.
Keywords: multi-factor; biometric; mutual authentication; scheme; smart card; security; attack.
Digital tags from multi-subject biometric features for joint ownership of digital data
by Anushikha Singh, Malay Kishore Dutta, Namrata Raghuvanshi
Abstract: This paper addresses the issue of joint ownership of digital images and audio signals by embedding a perceptually transparent digital signature. The pattern is generated using an approach so that the authentication of each constituent subject can be done after decomposition of the digital pattern. The features from these iris images from multiple subjects are strategically combined to generate a biometric watermark of an acceptable size under perceptual transparency constraints. This biometric watermark is embedded in SVD domain for audio signal and using a DCT-based method for digital images. The extracted watermark is decomposed into the respective iris templates for distinct identification in the database. Experimental result shows that proposed watermarking system maintains the challenging design requirements of watermarking system. Biometric watermark generated from biometric features of more than one subject is a novel effort for establishing joint ownership of multimedia data and may be considered as a significant contribution.
Keywords: digital signal; signal processing; biometric; watermarking; iris features; robustness; perceptual transparency; digital watermarking.
Wavelet-based reversible watermarking system for integrity control and authentication in tele-ophthalmological applications
by Abhilasha Singh, Malay Kishore Dutta
Abstract: In numerous applications, such as in the areas of law enforcement and medical imaging systems, together with perceptual transparency, it is required to reverse the modified media back to the original without any deformation, after the secret data are regained for some legal deliberations. This paper proposes a completely reversible watermarking system with enhanced imperceptibility, robustness, and capacity for colour medical images which can effectively check the unlawful utilisation of the medical images with no affect to medical information and its visual quality. The proposed algorithm depends on transforming non-overlapping blocks of the host image using wavelet transform and is completely blind. The proposed technique attains high values of peak signal to noise ratio (PSNR) of watermarked image and high values of normalised correlation (NC) of the extracted watermark and recovered original image. State-of-the-art comparison shows that the proposed scheme has advantages over the existing techniques. This scheme may be proficient in providing a broad range of applications that aims at security and privacy protection in the medical field. The scheme can also be helpful for the purpose of identification of fundus images for storage in distributed medical databases and tele-ophthalmological applications.
Keywords: Tele-ophthalmology; watermarking; reversible data hiding; fundus images; lossless; blind.