International Journal of Electronic Security and Digital Forensics (7 papers in press)
A Comprehensive Digital Forensic Investigation Process Model
by Reza Montasari
Abstract: A formal process model is needed to enable digital forensic practitioners in following a uniform approach and to enable courts of law in determining the reliability of digital evidence presented to them. Such a model also needs to be generic in that it can be applicable in the different fields of digital forensics including law enforcement, corporates and incident response. There does not currently exist such a comprehensive process model that is both formal and generic. To address these shortcomings, this paper proposes a model that is formal in that it can enable the digital forensic practitioners in following a uniform approach when carrying out investigations, and that is generic in that it can be applied in the different environments of digital forensics.
Keywords: digital forensics; incident response; process model; corporate digital investigations;rndigital investigations; computer forensics
A New Fully Homomorphic Encryption over the Integers using Smaller Public Key
by Govindha Ramaiah Yeluripati
Abstract: Fully Homomorphic Encryption scheme with practical time complexity is a widely acknowledged research problem in cryptography. In this work, a new Somewhat Homomorphic Encryption with practical time complexities is proposed, from which fully homomorphic encryption is obtained using the optimizations suggested in the contemporary works. The central idea behind the proposition in achieving such reasonable time complexities lies in employing a small public key containing only two big integers with consequent reduction in the message expansion. The scheme may be considered as a variant of the DGHVs integers based scheme, which was one of the earlier attempts in devising a conceptually simpler fully homomorphic encryption. The semantic security of the proposition is proved in the standard model by reducing the same to the hard problem of solving Partial Approximate Greatest Common Divisor of two integers.
Keywords: Approximate Greatest Common Divisors, Homomorphic Encryption, Message expansion, Semantic security, Smaller public key
A New Group Signature Scheme for Dynamic Membership
by Run Xie, Chunxiang Xu, Changlian He, Xiaojun Zhang
Abstract: Group signatures allows a group member to sign messages anonymously on behalf of the group. Generally, group signatures have anonymity, traceability and authentication. It has been well applied in practical distributed security communication environments. However, very few schemes can achieve the non-frameability and support dynamic membership management. In this paper, we propose a new group signature scheme. Our scheme achieves the non-frameability without the trusted issuer. Meanwhile, this scheme can support dynamic members join and revocation without incurring other secure threats. Furthermore, in our scheme, the size of group member's private key and the size of group public key are shorter than other schemes while the costs to be kept constant for signing and verifying. In particular, we prove that our scheme achieves anonymity, traceability and non-frameability under the random oracle model.
Keywords: group signature; non-frameability; anonymity; traceability; security proof ; random oracle model.
Security analysis and enhancements of a multi-factor biometric authentication scheme
by Min Wu, Jianhua Chen, Wenxia Zhu, Zhenyang Yuan
Abstract: The security of authentication scheme, especially multi-factor biometric authentication scheme based on password, smart card, and biometric in wireless communication is an important and significant issue that researchers have been focusing on of late. Most recently, Liling Cao et al. improved a multi-factor biometric authentication scheme which demonstrated that their scheme can resist masquerading attack, user masquerading attack, replay attack, and provide mutual authentication , and so on. In this paper, it is indicated that their scheme is vulnerable to stolen smart card attack, user impersonation attack, sever impersonation attack and man-in-the-middle-attack. Then, in order to avoid these attacks, a revised scheme with slight high computation costs but more security than other related schemes is presented.
Keywords: multi-factor; biometric; mutual authentication ; scheme; smart card; security; attack.
Digital Tags from Multi Subject Biometric Features for Joint Ownership of Digital Data
by Malay Kishore Dutta, Singh Anushikha, Namrata Raghuvanshi
Abstract: This paper addresses the issue of joint ownership of digital images and audio signals by embedding a perceptually transparent digital signature. The digital signature is created from features of iris images of more than one subject. The pattern is generated using some strategy so that the authentication of each constituent subject can be done after decomposition of the digital pattern. The features from these iris images from multiple subjects are strategically combined to generate the biometric watermark of an acceptable size under maintained perceptual transparency of host signal. This biometric watermark is embedded using a method in the SVD domain for the audio signals and using a DCT based method for the digital images. The extracted watermark was decomposed into the respective iris templates and the individual templates were mapped in the database for unique identification. Experimental result shows that proposed watermarking system maintains the perceptual transparency and is also robust against signal processing attacks. The signal to noise ratio of host signal and watermarked signal is more than 20 dB as well as normalized correlation and bit error rate of recovered watermark is significantly encouraging. The recovered iris templates from the extracted watermark were uniquely mapped in the database for identification even under various processing attacks. Biometric watermark generated from biometric features of more than one subject is a novel effort for establishing joint ownership of multimedia data and may be considered as a significant contribution for joint ownership of digital data.
Keywords: Digital Signal; Signal Processing; Biometric; Iris features, Watermarking; Robustness; Perceptual Transparency; Digital watermarking
Wavelet Based Reversible Watermarking System for Integrity Control and Authentication in Tele-Ophthalmological Applications
by Abhilasha Singh, Malay Kishore Dutta
Abstract: In numerous applications, such as in the areas of law enforcement and medical imaging systems, together with perceptual transparency, it is required to reverse the modified media back to the original cover media without any deformation, after the secret data are regained for some legal deliberations. This paper proposes a completely reversible watermarking system with an enhanced imperceptibility, robustness, and capacity for colour medical (fundus) images which can effectively check the unlawful utilization of the medical images with no affect to medical information and its visual quality. The proposed algorithm depends on transforming non-overlapping blocks of the host image using Wavelet transform as transform domain is best known to achieve robustness. Proposed scheme is completely blind and does not require original image or watermark for the extraction of watermark. The proposed technique attains high values of Peak Signal to Noise Ratio (PSNR) of watermarked image and high values of Normalized Correlation (NC) of the extracted watermark and recovered original image. Experimental results have been compared with some of the existing methods which show that the proposed scheme has advantages over the existing techniques. This scheme may be proficient in providing a broad range of applications that aims at security and privacy protection in the medical field. The scheme can also be helpful for the purpose of identification of fundus images for storage in distributed medical databases and tele-ophthalmological applications.
Keywords: Tele-ophthalmology; watermarking; reversible data hiding; fundus images; lossless; blind;
The preservation of digital evidence and its admissibility in the court
by Fernando T. Molina Granja, Glen D. Rodríguez Rafael
Abstract: This articles objective is to screen and analyze the common models of digital preservation that exist, the elements, the degree of compliance with the general guidelines, the use of techniques and compliance with specific requirements as well as to evaluate the need for a solution to the environment of criminal investigation institutions, in the scenario that lacks a specific model. The importance of the preservation of digital objects is currently heavily analyzed. Several aspects may serve to make the digital objects worthless, such as the uselessness of hardware, the deficiency of ancient computing formats to support their use, human errors, and malicious software. The majority of crimes currently have a digital component, such that Governments and the police are obliged by law to indefinitely hold digital evidence for a cases history. Until the presentation of the digital evidence in Court, the evidence must be collected, preserved and properly distributed. The systems currently used often involve multiple steps that do not meet the demands of the growing digital world. The volume of digital evidence continues to grow, and these steps will soon become operationally and economically unfeasible for agencies responsible for performing these tasks.
Keywords: digital preservation;digital evidence;preservation of digital evidence;admissibility of evidence; criminal investigation institutions; cybercrime; preservation model; integrity of evidence.