Enhancement of Security for Cloud Based IoT Using XHE SchemeAuthor : K. Sailaja and M. Rohitha
Volume 8 No.3 Special Issue:June 2019 pp 146-149
Security is a million dollar issue for all computer systems. Every week there is news of another major break in to a commercial or government system. Also it is well known that many governments are actively engaged in cyber-warfare, trying to break into the systems of other governments and other groups. The Internet of Things is increasingly changing into an omnipresent computing service, requiring vast volumes of knowledge storage and process. Unfortunately, due to the unique characteristics of resource constraints, self-organization and short range communication in IoT, it always resorts to the cloud for outsourced storage and computation. Security is one of the major challenges faced by cloud based IoT. The standard file protection technique relies on password-based encryption schemes and they are vulnerable to brute-force attacks. The reason is that, for a wrongly guessed key, the decryption process yields an invalid-looking plain text message, confirming the invalidity of the key, while for the correct key it outputs a valid-looking plain text message, confirming the correctness of the guessed key. Honey encryption helps to minimize this vulnerability. Hence, this paper proposed an extended Honey Encryption (XHE) scheme for enhancing the security of the cloud based IoT.
IoT, Cloud, Password Based Encryption, Extended Honey Encryption, Brute-Force Attacks
 Mohammad Abdur Razzaque, Marija Milojevic-Jevric, Andrei Palade, and SiobhánClarke, ―IEEE, Middleware for Internet of Things‖, IEEE Internet of Things Journal, Vol. 3, No. 1, pp. 70 – 95, 2016.
 W. Diffie and M.E. Hellman, ―New Directions in Crytography‖, IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644 -654,IEEE Press, New Jersey, 1976.
 G. Irazoqui, M.S. Inci, T. Eisenbarth and B. Sunar, ―Wait a Minute! A Fast, Cross-VM Attacks on AES‖, LNCS, Springer, Switzerland, Vol. 8688, pp. 299-319, 2014.
 Y. Wei, J. Lu and Y. Hu, ―Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits. LNCS‖, Springer, Heidelberg, Vol. 6672, pp. 222-232, 2011.
 A. Nitaj, M.R.K. Ariffin, D.I. Nassar, H.M. Bahig, ―New Attacks on the RSA Cryptosystem. LNCS, Progress in Cryptology – AFRICACRYPT‖, LNCS, Springer, Swtizerland, Vol. 8469, pp. 178-198, 2014.
 Y. Lu, L. Peng, S. Sarkar, ―Cryptanalysis of an RSA variant with Moduli N = prq‖, In: 9th International Workshop on Coding and Cryptography 2015 WCC2015, Apr 2015, Paris, France. 2016.
 S.F. Tan and A. Samsudin, ―Enhanced Security for Public Cloud Storage with Honey Encryption”, Advanced Science Letters. Accepted Manuscript.
 A. Juels and T. Ristenpart, ―Honey Encryption: Security beyond the Brute-Force Bound,‖ Advances in Cryptology—Euro crypt 2014‖, LNCS 8441, Springer, pp. 293–310, 2014
 H. Jo and J. Won, ―A new countermeasure against brute-force attacks that use high-performance computers for big data analysis‖,Hindawi Publishing Corporation, International Journal of Distributed Sensor Networks, pp. 7, 2015. [Online] Available at: http://dx.doi.org/ 10.1155/2015/406915.
 R. Chatterjee, J. Bonneau., A. Juels and T. Ristenpart, ―Cracking Resistant Password Vaults using Natural Language Encoders,‖ Proceedings – IEEE Symposium on Security and Privacy, No. 7163043, pp. 481-498, July 2015.
 Z. Huang, E. Ayday, J. Fellay, J. Hubaux and A. Juels, ―Genoguard: Protecting genomic data against brute-force attacks,‖ IEEE Symposium on Security and Privacy, pp. 447-462, 2015. DOI 10.1109/SP.2015.34.
 J. Jaeger, T. Ristenpart and Q. Tang, ―Honey encryption beyond message recovery security,‖ International Association for Cryptologic Research, Fischlin and J.-S.Coron (Eds.): EUROCRYPT 2016, Part I, LNCS 9665, pp. 758–788, 2016. DOI: 10.1007/978-3-662-49890-3 29.
 J. Kim and J. Won, ―Honey chatting: A novel instant messaging system robust to eavesdropping over communication,‖ IEEE In Acoustics, Speech and Signal Processing (ICASSP), pp. 2184-2188, 2016.
 J.W. Yoon, H.S. Kim, H.J. Jo, H.L. Lee, and K.S. Lee, ―Visual honey encryption: Application to steganography,‖ in Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security, New York, NY, USA, 2015, IH & MM Sec ’15, pp. 65–74, ACM.
 N. Tyagi, J. Wang, K. Wen and D.Zuo, ―Honey Encryption Applications. 6.857 Computer and Network Security‖, Massachusetts Institute of Technology. [Online] Available at: http://www.mit.edu/~ntyagi/papers/ honey-encryption-cc.pdf, 2015
 M. Golla, B. Beuscher and M. Durmuth, ―On the security of cracking resistant password vaults,‖ Proceedings of the ACM Conference on Computer and Communications Security, Vol. 24, No. 28, pp. 1230- 1241, Oct. 2016.
 R. Chatterjee, A. Athalye, D. Akhawe, A. Juels, and T. Ristenpart, ―Password typos and how to correct them securely,‖ In Security and Privacy (SP), 2016 IEEE Symposium, pp. 799–818, 2016.
 H. Choi, H. Nam and J. Hur, ―Password Typos Resilience in Honey Encryption,‖ IEEE Symposium. The 31st International Conference on Information Networking (ICOIN 2017), pp. 593-597, 2017.