Figure 4 - uploaded by Abdelrahman Altigani
Content may be subject to copyright.
Source publication
![Figure 2 Multilayer Hybrid Encryption [36]](profile/Abdelrahman-Altigani/publication/341879552/figure/fig2/AS:898374433796096@1591200564120/Multilayer-Hybrid-Encryption-36_Q320.jpg)
![Figure 3 : Modified AES with 16 Rounds: Encryption Module [50]](profile/Abdelrahman-Altigani/publication/341879552/figure/fig3/AS:898374433792000@1591200564143/Modified-AES-with-16-Rounds-Encryption-Module-50_Q320.jpg)
Current symmetric ciphers including the Advanced Encryption Standard (AES) are deterministic and open. Using standard ciphers is necessary for interoperability. However, it gives the potential opponent significant leverage, as it facilitates all the knowledge and time he needs to design effective attacks. In this review paper, we highlight prominen...
Similar publications
Industry 4.0 uses a subset of the IoT, named Industrial IoT (IIoT), to achieve connectivity, interoperability, and decentralization. The deployment of industrial networks rarely considers security by design, but this becomes imperative in smart manufacturing as connectivity increases. The combination of OT and IT infrastructures in Industry 4.0 add...
Citations
... At the start of encryption, each value is first initialized, sox n ∈ ½0, 1andx 1 ∈ ½0, 1. Assuming x 1 = 0:5y n−1 is its last encrypted data, but since the data y 0 has not been encrypted before y 1 , an arbitrary data is chosen (0~255 is recommended) and used as the encryption key [24]. Equation (9) and Equation (10) are for reasoning until the end of encryption. ...
With the widespread use of embedded systems, chaos is a nonlinear system with certainty and complexity. It is an important topic in the field of information security at present, and it is an effective way to apply to embedded systems. It has great practical value in theory and in practice. This research mainly focuses on the encryption technology of SQLite embedded database and proposes an improved sparrow algorithm (Logistic Chaos Sparrow Search Algorithm, LCSSA) based on Logistic Chaos Map. It shows that the security level of SQLite in web development is higher than that of conventional Access. The population is initialized by the logistic chaotic mapping method, which improves the quality of the initial solution, increases the diversity of the population, and reduces the risk of premature maturity of the algorithm. The initial value y 0 determines the encryption method of the nonlinear function. Taking the integer variable (int) as an example, the value range is -231~231. It can be seen that the key space is sufficient to prevent various conventional attacks. When the key is the wrong key, decryption will not yield any data. It can be found that encryption and decryption are very sensitive to the key, which is also determined by the sensitivity of chaotic encryption system to the initial value. The benchmark function compares the performance of the improved algorithm with the algorithm before the improvement and compares it with the SSA. The LCSSA has better convergence performance, higher accuracy, and better stability.
... The least significant bits of the three color components of a pixel (Altigani, Hasan, & Barry, 2020) ...
Digitalisation is more actual than ever and even forced by the Covid-19 pandemic for many. The evolution of technology enables everyone and everything to be connected. This is one of the reasons why cyber security is important to society as it makes the large majority vulnerable to cyber-attacks. Cyber-attacks not only impact confidentiality, integrity and availability of information but also can cause physical damage like Stuxnet. Notably, humans are considered the weakest link in cyber security. Training plays an important role in strengthening the weakest link. A survey was conducted with the aim
of developing a serious game for cyber security training where we found that current cyber security trainings are not effective in practice. The survey results showed that the conventional training method is both widely used and at the same time considered the least preferred training method. On the other hand, the game-based training method seems to be the least used training method, but this seems to be one of the most preferred training methods. Existing serious games in cyber security are “generic” as they do not seem to neither consider end-user preferences nor can be tailored to the specific and varying needs of an organisation. Therefore, a survey was conducted in an organisation to elicit end-user preferences. This was complemented with interviews of key management personnel to gather organisational needs. Based on the analysis of survey and interview results, a set of requirements are provided for developing a serious game for cyber security training in a specific organisation.
... The least significant bits of the three color components of a pixel (Altigani, Hasan, & Barry, 2020) ...
Digitalization has increased the significance of cybersecurity within the current highly interconnected society. The number and complexity of different cyber-attacks as well as other malicious activities has increased during the last decade and affected the efforts needed to maintain a sufficient level of cyber resilience in organisations. Due to Industry 4.0 and the advanced use of IT and OT technologies and the adaptation of IoT devices, sensors, AI technology, etc., cybersecurity can no longer considered to be taken lightly when trying to gain a competitive advantage in business. When transferring from traditional reactive cybersecurity measures to proactive cyber resilience, cyber ranges are considered a particularly useful tool for keeping the organisation in the game. With their background in defence research (e.g., DARPA NCP in 2008), cyber ranges are defined as interactive simulated platforms representing networks, systems, tools, and/or applications in a safe, legal environment that can be used for developing cyber skills or testing products and services. Cyber ranges can be considered vital in facilitating and fostering cybersecurity training, certification, and general education. Despite the definition, cyber ranges seem to be only used by military or so-called “technical people” when quite a few more organisations could benefit from them. This article attempts to reveal the secrets behind cyber ranges and their use focusing on suitable target environments, common functions, and use cases. Our main objective is to identify a classification of cyber ranges and skills related to these diverse types of ranges. We emphasise the cyber resilience of any type of organisation that demands the use of cyber range type of training. Different training scenarios improve different sets of organisational skills. The article is based on an extensive survey on cyber ranges, their use, and technical capabilities that was conducted in CyberSec4Europe project.
... A thorough discussion about the limitations of existing static and dynamic ciphers, and the need to devise a robust dynamic (i.e. polymorphic) cipher is available in the review paper [27]. ...
To secure various forms of data, a polymorphic variant of the Advanced Encryption Standard (P-AES) has been introduced. In the P-AES, the AES parameters’ values will change with every new key. The exact values will be available only to legitimate communicating parties during execution time. To achieve these objectives, the basic AES transformations, SubBytes, ShiftRows, and MixColumns, have been made key-dependent in the proposed P-AES. Hence, with every new key, these transformations will operate differently. The receiver can retrieve the operations’ details from the encryption key. Consequently, polymorphism has been achieved and interoperability remains intact. P-AES has been implemented seamlessly using the existing AES modules, and the performance was more or less equal to the AES performance (71 and 70 milliseconds to encrypt 500 bytes using the P-AES and the AES respectively). From a security standpoint, the proposed P-AES fully complies with Kerckhoff’s principle. This means the cipher has an open design, and the security provided by the P-AES depends only on the secrecy of the encryption key. The cipher resistance to differential and linear attacks has been proved. Moreover, the resulting proposed cipher can operate in 128 different ways, which will significantly reduce the capabilities of any sophisticated attacker. Furthermore, the proposed P-AES’s scores of the key avalanche and the plaintext avalanche were 0.496 and 0.504 respectively. Finally, the Statistical Test Suite (STS) recommended by the NIST has been used to ensure the randomness of the cipher output, and the cipher has passed all the STS tests.
