E-Mail Alert

Add your e-mail address to receive forthcoming issues of this journal:

Journal Browser

Journal Browser

Topical Collection "Entropy-Based Applied Cryptography and Enhanced Security for Future IT Environments"

Editor

Collection Editor
Prof. Dr. James Hyuk Park

Department of Computer Science and Engineering, Seoul National University of Science and Technology (SeoulTech), 232 Gongneung-ro, Nowon-gu, Seoul, 01811, Korea
Website | E-Mail
Phone: +82-2-970-6702
Fax: +82-2-977-9441
Interests: IoT; Ubiquitous Computing; Cloud Computing; Information Security

Topical Collection Information

Dear Colleagues,

Entropy is a basic and important concept in the information theory by Claude E. Shannon. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing, cloud computing, big data, and Internet of Things (IoT) have rapidly emerged as an exciting new paradigm. Together with these trends, applied cryptography and security have become a rising big issue for providing secure and trust computing in the next generation information technology (IT) and communications. A detailed discussion of these issues would include applied cryptography and security concerns that cover amongst others, confidentiality, integrity, and availability (including various application areas). In particular, these topics will comprehensively focus on the important aspects of entropy-based applied cryptography and enhanced security for Future IT environments (FIT).

Specific topics of interest include (but are not limited to):

  • Entropy-based Applied Cryptographic aspects for FIT
  • Entropy-based Hash Functions for FIT
  • Mathematical and Algorithmic Foundations of Applied Cryptography for FIT
  • Cryptography algorithms in personal devices for FIT
  • Advanced design and analysis of cryptographic algorithms for FIT
  • Public key cryptosystems for FIT
  • Authentication and access control for FIT
  • Privacy protection and trust computing for FIT
  • Entropy-based network security issues for FIT
  • Information hiding and digital forensics for FIT
  • Security service-centric issues for FIT-IoT, Converged IT, V2X
  • Security issues in cloud computing, social networks, big-data
  • Security issues in human-centric computing

This collection aims to provide advanced theories and applications; researchers should contribute original research and review articles that present state-of-the-art research outcomes, practical results in entropy-based applied cryptographic models, and enhanced security system for FIT.

Prof. Dr. James Park
Collection Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the collection website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Entropy is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1500 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • applied cryptography
  • ubiquitous computing security
  • cryptography algorithms
  • public key cryptosystems
  • authentication
  • access control
  • privacy protection
  • trust computing
  • entropy based network security
  • information hiding
  • digital forensics

Published Papers (4 papers)

2017

Jump to: 2016

Open AccessArticle User-Centric Key Entropy: Study of Biometric Key Derivation Subject to Spoofing Attacks
Entropy 2017, 19(2), 70; doi:10.3390/e19020070
Received: 30 November 2016 / Revised: 22 January 2017 / Accepted: 9 February 2017 / Published: 21 February 2017
PDF Full-text (2098 KB) | HTML Full-text | XML Full-text
Abstract
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure.
[...] Read more.
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometric systems, was disproved for authentication and matching, studies showing that not only multi-modal biometric systems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more. Full article
Figures

Figure 1

Open AccessArticle An Android Malicious Code Detection Method Based on Improved DCA Algorithm
Entropy 2017, 19(2), 65; doi:10.3390/e19020065
Received: 27 October 2016 / Revised: 29 January 2017 / Accepted: 30 January 2017 / Published: 11 February 2017
PDF Full-text (1492 KB) | HTML Full-text | XML Full-text
Abstract
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source
[...] Read more.
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source code can not completely extract malware’s code features. The Android malware static detection methods whose features used are only obtained from the AndroidManifest.xml file are easily affected by useless permissions. Therefore, there are some limitations in current Android malware static detection methods. The current Android malware dynamic detection algorithm is mostly required to customize the system or needs system root permissions. Based on the Dendritic Cell Algorithm (DCA), this paper proposes an Android malware algorithm that has a higher detection rate, does not need to modify the system, and reduces the impact of code obfuscation to a certain degree. This algorithm is applied to an Android malware detection method based on oriented Dalvik disassembly sequence and application interface (API) calling sequence. Through the designed experiments, the effectiveness of this method is verified for the detection of Android malware. Full article
Figures

Figure 1

2016

Jump to: 2017

Open AccessArticle Quantum Key Distribution in the Presence of the Intercept-Resend with Faked States Attack
Entropy 2017, 19(1), 4; doi:10.3390/e19010004
Received: 3 November 2016 / Revised: 15 December 2016 / Accepted: 19 December 2016 / Published: 23 December 2016
PDF Full-text (637 KB) | HTML Full-text | XML Full-text
Abstract
Despite the unconditionally secure theory of the Quantum Key Distribution (QKD), several attacks have been successfully implemented against commercial QKD systems. Those systems have exhibited some flaws, as the secret key rate of corresponding protocols remains unaltered,
[...] Read more.
Despite the unconditionally secure theory of the Quantum Key Distribution (Q K D), several attacks have been successfully implemented against commercial Q K D systems. Those systems have exhibited some flaws, as the secret key rate of corresponding protocols remains unaltered, while the eavesdropper obtains the entire secret key. We propose the negative acknowledgment state quantum key distribution protocol as a novel protocol capable of detecting the eavesdropping activity of the Intercept Resend with Faked Sates (I R F S) attack without requiring additional optical components different from the B B 84 protocol because the system can be implemented as a high software module. In this approach, the transmitter interleaves pairs of quantum states, referred to here as parallel and orthogonal states, while the receiver uses active basis selection. Full article
Figures

Figure 1

Open AccessArticle Intelligent Security IT System for Detecting Intruders Based on Received Signal Strength Indicators
Entropy 2016, 18(10), 366; doi:10.3390/e18100366
Received: 10 September 2016 / Revised: 10 October 2016 / Accepted: 10 October 2016 / Published: 16 October 2016
Cited by 1 | PDF Full-text (4742 KB) | HTML Full-text | XML Full-text
Abstract
Given that entropy-based IT technology has been applied in homes, office buildings and elsewhere for IT security systems, diverse kinds of intelligent services are currently provided. In particular, IT security systems have become more robust and varied. However, access control systems still depend
[...] Read more.
Given that entropy-based IT technology has been applied in homes, office buildings and elsewhere for IT security systems, diverse kinds of intelligent services are currently provided. In particular, IT security systems have become more robust and varied. However, access control systems still depend on tags held by building entrants. Since tags can be obtained by intruders, an approach to counter the disadvantages of tags is required. For example, it is possible to track the movement of tags in intelligent buildings in order to detect intruders. Therefore, each tag owner can be judged by analyzing the movements of their tags. This paper proposes a security approach based on the received signal strength indicators (RSSIs) of beacon-based tags to detect intruders. The normal RSSI patterns of moving entrants are obtained and analyzed. Intruders can be detected when abnormal RSSIs are measured in comparison to normal RSSI patterns. In the experiments, one normal and one abnormal scenario are defined for collecting the RSSIs of a Bluetooth-based beacon in order to validate the proposed method. When the RSSIs of both scenarios are compared to pre-collected RSSIs, the RSSIs of the abnormal scenario are about 61% more different compared to the RSSIs of the normal scenario. Therefore, intruders in buildings can be detected by considering RSSI differences. Full article
Figures

Figure 1

Journal Contact

MDPI AG
Entropy Editorial Office
St. Alban-Anlage 66, 4052 Basel, Switzerland
E-Mail: 
Tel. +41 61 683 77 34
Fax: +41 61 302 89 18
Editorial Board
Contact Details Submit to Entropy Edit a special issue Review for Entropy
logo
loading...
Back to Top