The Secure Socket Layer (SSL) protocol has been the most widely used security mechanism enabling safe web browsing. A new attack, called SSLstripping, reported by Moxie Malinspike at the Blackhat conference in 2009 [2], effectively defeats the SSL security by exploiting either users’ browsing habits or websites’ SSL policy, rather than a technological flaw in the protocol. For the former, most ...

In information security, ignorance is not bliss. It is always stated that hiding the protocols (let the other be ignorant about it) does not increase the security of organizations. However, there are cases that ignorance creates protocols. In this paper, we propose distributed contingency logic, a proper extension of contingency (ignorance) logic. Intuitively, a formula is distributed contingen...

QARMA is a recently published lightweight tweakable block cipher, which has been used by the ARMv8 architecture to support a software protection feature. In this paper, using the method of MITM, we give the first distinguisher of QARMA block cipher. It is made up of the Pseudo-Reflector construction with two forward rounds and three backward rounds. By adding two rounds on the top and three rou...

Received Jan 15, 2018 Revised Mar 15, 2018 Accepted Mar 29, 2018 The recent paradigm shift in the IT sector leading to cloud computing however innovative had brought along numerous data security concerns. One major such security laps is that referred to as the Man in the Middle (MITM) attack where external data are injected to either hijack a data in transit or to manipulate the files and objec...

One of the main advantages new power grid over traditional is intelligent energy management by customer and Operator. Energy supply, demand response management, consumption regulation are only possible with smart metering system. Smart meters component that Hence, a compromised meter or successful attack against this entity may cause data theft, falsification, server/device manipulation. Theref...

Everyone has accepted that the most vital resource of our age is information. As information felt more and as a power factor, great changes are taking place in ways thinking perceiving, research methods lifestyles. In this context, importance cyber threats emerged especially recent years to protect these matter discussion. MITM attacks pose significant threat network security they interrupt com...

In spite of the availability of DNSSEC, which protects against cache poisoning even by MitM attackers, many caching DNS resolvers still rely for their security against poisoning on merely validating that DNS responses contain some ‘unpredictable’ values, copied from the request. These values include the 16 bit identifier field, and other fields, randomised and validated by different ‘patches’ t...

Feistel structures are an extremely important and extensively researched type of cryptographic schemes. In this paper we describe improved attacks on Feistel structures with more than 4 rounds. We achieve this by a new attack that combines the main benefits of meet-in-the-middle attacks (which can reduce the time complexity by comparing only half blocks in the middle) and dissection attacks (wh...

Recently, intelligent transport systems have been applied to vehicle cloud environments. Such technology is especially useful for the systematic management of road traffic. Moreover, automobiles are increasingly equipped with a black box for accident prevention and preservation of evidence. Vehicle black boxes have become mandatory because black box images and voice data have served as forensic...

Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we d...