|
|
|
 |
Search published articles |
 |
|
Showing 3 results for Safkhani
Dr Masoumeh Safkhani, Mr Mohamadamin Arghavani,
Volume 5, Issue 2 (3-2017)
Abstract
In recent years the security of SHA-3 [1] is one of the most interesting topics in the field of cryptography. Cryptography uses Hash functions in different ways. Thus the security of Hash functions against different attacks is of vital importance. Several attacks and many analysis have been applied to SHA-3 till now but none of them could break it theoretically or practically. Keccak relies on a Sponge architecture.
In this paper, we focus on differential fault analysis attack and we review the latest attacks on SHA-3. Specifically, we describe cube attack, differential fault analysis and also describe zero-sum distinguisher attack and pre -image attack by using linear structures.
[1] Secure Hash Algorithm 3(SHA-3)
Mohammad Dakhilalian, Masomeh Safkhani, Fatemeh Pirmoradian,
Volume 12, Issue 1 (9-2023)
Abstract
Providing all remote services requires mutual authentication of participating parties. The framework by which this authentication is done is called authentication protocols. In other words, cryptographic or cryptographic protocol is a distributed cryptographic algorithm that establishes interactions between at least two or more hosts with a specific purpose. In fact, these protocols have provided secure and insecure channels for communication between the parties participating in the protocol. Usually, secure channels are used for registration and insecure channels for mutual authentication. After registering on the server and verifying its identity by the server, the user can benefit from the services provided by the server. Many authentication protocols have been proposed in fields such as e-medical care, Internet of Things, cloud computing, etc. The privacy and anonymity of users in these plans is the biggest challenge in implementing a platform to benefit from remote services. Due to the fact that authentication of users takes place on the insecure platform of the Internet, it can be vulnerable to all existing Internet attacks. In general, there are two methods to analyze and prove the security of authentication protocols. Formal method and In-formal method. The In-formal method, which is based on intuitive arguments, analyst's creativity and mathematical concepts, tries to find errors and prove security. While the formal method, which is done both manually and automatically, has used a variety of mathematical logics and automatic security analysis tools. Manual method using mathematical models such as Real Or Random and mathematical logics such as BAN logic, GNY logic, etc., and automatic method using AVISPA, Scyther, ProVerif, TAMARIN, etc. tools. In fact, the methods of proving and analyzing the security of security protocols are divided into two general categories based on proof of theorem and model verification, and in this article, the details of each of these methods of proving security are explained. It should be noted that most of the security protocol verification tools are based on model verification. The methods based on model checking and then the methods based on proving the theorem are described.
Fatemeh Gholami Sabzevar, Masoumeh Safkhani,
Volume 13, Issue 2 (12-2024)
Abstract
Privacy preservation in healthcare monitoring systems has always been a concern for both patients and doctors. To address this issue, many protocols have been designed. In this article, we examine the proposed scheme by Nasr Esfahani and colleagues, evaluating it from a security perspective. Their proposed scheme uses a three-layer hierarchical template chain to store and maintain critical medical information of patients in a centralized and secure manner. Additionally, by using Zero-Knowledge Proof (ZKP) and ring signature methods, they demonstrate that their scheme protects medical data against both internal and external attacks. According to potential scenarios, the Nasr Esfahani et al. protocol has shown good performance against many attacks, such as storage attacks and replay attacks, but it is vulnerable to integrity violation attacks. The success probability of the attacks presented in this article is one, and the complexity is only a single execution of the protocol.
|
|
