Search Results (1,540)

The Internet of Things produces vast amounts of data that require specialized algorithms in order to secure them. Lightweight cryptography requires ciphers designed to work on resource-constrained devices like sensors and smart things. A new encryption scheme is introduced based on a blend of the best-performing algorithms, SIMECK and TEA. A selection of software-oriented Addition–Rotation–XOR (ARX) block ciphers are augmented with a dynamic substitution security layer. The performance is compared against other lightweight approaches. The US National Institute of Standards and Technology (NIST) SP800-22 Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications and the German AIS.31 of the Federal Office for Information Security (BSI) are used to validate the output of the proposed encryption scheme. The law of iterated logarithm (LIL) for randomness is verified in all three forms. The total variance (TV), the Hellinger Distance (HD), and the root-mean-square deviation (RMSD) show values smaller than the required limit for 10.000 sequences of ciphertext. The performance evaluation is analyzed on a Raspberry PICO 2040. Several security metrics are compared against other ciphers, like χ2 and encryption quality (EQ). The results show that SIMECK-T is a powerful and fast, software-oriented, lightweight cryptography solution. Full article

Anonymous credential (AC) systems are privacy-preserving authentication mechanisms that allow users to prove that they have valid credentials anonymously. These systems provide a powerful tool for several practical applications, such as anonymous payment systems in e-commerce, preserving robust privacy protection for users. Most existing AC systems are constructed using traditional number-theoretic approaches, making them insecure under quantum attacks. With four decades of research in anonymous credential systems, there is a need for a comprehensive review that identifies the design structures of AC systems, organizes the research trends, and highlights unaddressed gaps for the future development of AC, especially bringing AC to post-quantum cryptography. This work is a complete study describing AC systems, as well as their architecture, components, security, and performance. Additionally, real-world implementations of various applications are identified, analyzed, and compared according to the design structure. Lastly, the challenges hindering the shift toward the quantumly secure lattice-based AC designs are discussed. Full article

Recently, the application of fog-computing technology to vehicular ad hoc networks (VANETs) has rapidly advanced. Despite these advancements, challenges remain in ensuring efficient communication and security. Specifically, there are issues such as the high communication and computation load of authentications and insecure communication over public channels between fog nodes and vehicles. To address these problems, a lightweight and secure authenticated key agreement protocol for confidential communication is proposed. However, we found that the protocol does not offer perfect forward secrecy and is vulnerable to several attacks, such as privileged insider, ephemeral secret leakage, and stolen smart card attacks. Furthermore, their protocol excessively uses elliptic curve cryptography (ECC), resulting in delays in VANET environments where authentication occurs frequently. Therefore, this paper proposes a novel authentication protocol that outperforms other related protocols regarding security and performance. The proposed protocol reduced the usage frequency of ECC primarily using hash and exclusive OR operations. We analyzed the proposed protocol using informal and formal methods, including the real-or-random (RoR) model, Burrows–Abadi–Nikoogadam (BAN) logic, and automated validation of internet security protocols and applications (AVISPA) simulation to show that the proposed protocol is correct and secure against various attacks. Moreover, We compared the computational cost, communication cost, and security features of the proposed protocol with other related protocols and show that the proposed methods have better performance and security than other schemes. As a result, the proposed scheme is more secure and efficient for fog-based VANETs. Full article

In this paper, we introduce a quantum private comparison (QPC) protocol designed for two players to securely and privately assess the equality of their private information. The protocol utilizes four-particle cluster states prepared by a semi-honest third party (TP), who strictly adheres to the protocol without deviation or collusion with any participant. The TP facilitates the private comparison by enabling users to encode their information through bit-flip or phase-shift operators applied to the received quantum sequences. Once the information is encoded, the sequences are returned to the TP, who can derive the comparison results without accessing any details of the private information. This design ensures correctness, privacy, and fairness throughout the process. The QPC protocol is robust against both external threats and participant attacks due to the incorporation of the decoy-state method and quantum key distribution techniques. Additionally, the protocol employs unitary operations and Bell-basis measurements, enhancing its technical feasibility for practical implementation. Notably, the proposed protocol achieves a qubit efficiency of up to 50%. This efficiency, combined with its strong security features, establishes the QPC protocol as a promising solution for private information comparisons within the realm of quantum cryptography. Full article

Numerous studies on the number pi ($\pi$) explore its properties, including normality and applicability. This research, grounded in two hypotheses, proposes and proves a theorem that employs a Bernoulli experiment to demonstrate the high probability of encountering any finite bit string within a sequence of consecutive bits in the decimal part of $\pi$. This aligns with findings related to its normality. To support the hypotheses, we present experimental evidence about the equiprobable and independent properties of bits of $\pi$, analyzing their distribution, and measuring correlations between bit strings. Additionally, from a cryptographic perspective, we evaluate the chaotic properties of two images generated using bits of $\pi$. These properties are evaluated similarly to those of encrypted images, using measures of correlation and entropy, along with two hypothesis tests to confirm the uniform distribution of bits and the absence of periodic patterns. Unlike previous works that solely examine the presence of sequences, this study provides, as a corollary, a formula to calculate an upper bound N. This bound represents the length of the sequence from $\pi$ required to ensure the location of any n-bit string at least once, with an adjustable probability p that can be set arbitrarily close to one. To validate the formula, we identify sequences of up to $n=$ 40 consecutive zeros and ones within the first N bits of $\pi$. This work has potential applications in Cryptography that use the number $\pi$ for random sequence generation, offering insights into the number of bits of $\pi$ required to ensure good randomness properties. Full article

The increasing demand for secure and efficient encryption algorithms has intensified the exploration of alternative cryptographic solutions, including biologically inspired systems like cellular automata. This study presents a symmetric block encryption design based on multiple reversible cellular automata (RCAs) that can assure both computational efficiency and reliable restoration of original data. The encryption key, with a length of 224 bits, is composed of specific rules used by the four distinct RCAs: three with radius-2 neighborhoods and one with a radius-3 neighborhood. By dividing plaintext into 128-bit blocks, the algorithm performs iterative transformations over multiple rounds. Each round includes forward or backward evolution steps, along with dynamically computed shift values and reversible transformations to securely encrypt or decrypt data. The encryption process concludes with an additional layer of security by encrypting the final RCA configurations, further protecting against potential attacks on the encrypted data. Additionally, the 224-bit key length provides robust resistance against brute force attacks. Testing and analysis were performed using a custom-developed software (version 1.0) application, which helped demonstrate the algorithm’s robustness, encryption accuracy, and ability to maintain data integrity. Full article

White-box cryptography plays a vital role in untrusted environments where attackers can fully access the execution process and potentially expose cryptographic keys. It secures keys by embedding them within complex and obfuscated transformations, such as lookup tables and algebraic manipulations. However, existing white-box protection schemes for SM2 signatures face vulnerabilities, notably random number leakage, which compromises key security and diminishes overall effectiveness. This paper proposes an improved white-box implementation of the SM2 signature computation leveraging a Trusted Execution Environment (TEE) architecture. The scheme employs three substitution tables for SM2 key generation and signature processes, orchestrated by a random bit string k. The k value and lookup operations are securely isolated within the TEE, effectively mitigating the risk of k leakage and enhancing overall security. Experimental results show our scheme enhances security, reduces storage, and improves performance over standard SM2 signature processing, validating its efficacy with TEE and substitution tables in untrusted environments. Full article

In this paper, we introduce a two-party quantum private comparison (QPC) protocol that employs single photons as quantum resources and utilizes rotational encryption to safeguard the privacy of the inputs. This protocol enables two parties to compare their private data without disclosing any information beyond the outcome of the comparison. The participants’ private data are encoded as single photons, which are encrypted using a rotational encryption method. These encrypted single photons are then transmitted to a semi-honest third party (TP), who conducts single-particle measurements to determine if the users’ private data are equal and subsequently announces the results to the participants. By harnessing the principles of quantum mechanics, we ensure robust protection against potential eavesdropping and participant attacks. In contrast to numerous existing QPC protocols that rely on multi-qubit or d-dimensional quantum states, our method exhibits superior efficiency and practicality. Specifically, our protocol achieves a qubit efficiency of 50% by using two single photons to compare one bit of classical information, and single photons are easier to prepare than multi-qubit and d-dimensional quantum states. Full article

Elliptic curves with the special quality known as supersingularity have gained much popularity in the rapidly developing field of cryptography. The conventional method of employing random search is quite ineffective in finding these curves. This paper analyzes the search of supersingular elliptic curves in the space of curves over Fp2. We show that naive random search is unsuitable to easily find any supersingular elliptic curves when the space size is greater than 1013. We improve the random search using a necessary condition for supersingularity. As our main result, we define for the first time an objective function to measure the supersingularity in ordinary curves, and we apply local search and a genetic algorithm using that function. The study not only finds these supersingular elliptic curves but also investigates possible uses for them. These curves were used to create cycles inside the isogeny graph in one particular application. The research shows how the design of S-boxes may strategically use these supersingular elliptic curves. The key components of replacement, which is a fundamental step in the encryption process that shuffles and encrypts the data inside images, are S-boxes. This work represents a major advancement in effectively identifying these useful elliptic curves, eventually leading to their wider application and influence in the rapidly expanding field of cryptography. Full article

We demonstrated the coexistence of an S-band CV-QKD signal with fully loaded C+L-band classical signals for the first time. The secret key rate of the S-band QKD system was 986 kbps with the C+L-band WDM signals transmitted through a 20 km G.654.E fiber link. We also revealed that the S-band CV-QKD performance limiting factor under the C+L-band WDM condition is the spontaneous Raman scattering light similar to the C-band CV-QKD performance limiting factor, confirming the validity of estimating the wavelength dependency of the secret key rate under the WDM condition from the fiber loss and the spontaneous Raman scattering light power. These results show that the CV-QKD performance under the C+L band WDM conditions becomes comparable to that under the C-band WDM conditions by wavelength design in the S-band. Full article

The lattice-based multi-identity fully homomorphic encryption scheme combines the quantum security of lattice cryptography with the advantage of identity-based encryption. However, existing schemes face challenges such as large key sizes, inefficient ciphertext expansion processes, and reliance on outdated trapdoor designs, limiting their compactness and practicality. In this study, we propose a novel Compact Multi-Identity Fully Homomorphic Encryption Scheme (WZ-MIBFHE) that eliminates the need for fresh ciphertexts during expansion. First, we construct a compact identity-based encryption scheme by combining the YJW23 trapdoor and ABB10 under the standard model, proving its IND-sID-CPA security. The scheme is then adapted to ensure correctness and security when integrated with the decomposition method for ciphertext expansion. This adaptation also utilizes approximation errors to reduce overall noise. Finally, we expand the modified IBE scheme’s ciphertext using the decomposition method to construct the WZ-MIBFHE scheme. Compared to existing methods, WZ-MIBFHE reduces the lattice dimension to nlogq+logbq, improves public and private key sizes, and significantly lowers ciphertext expansion rates by removing the need for fresh ciphertexts. These improvements enhance both the compactness and efficiency of the scheme, making it a promising solution for multi-identity homomorphic encryption. Full article

With the increasing connectivity and automation on the Internet of Vehicles, safety, security, and privacy have become stringent challenges. In the last decade, several cryptography-based protocols have been proposed as intuitive solutions to protect vehicles from information leakage and intrusions. Before generating the encryption keys, a random number generator (RNG) plays an important component in cybersecurity. Several deep learning-based RNGs have been deployed to train the initial value and generate pseudo-random numbers. However, interference from actual unpredictable driving environments renders the system unreliable for its low-randomness outputs. Furthermore, dynamics in the training process make these methods subject to training instability and pattern collapse by overfitting. In this paper, we propose an Effective Pseudo-Random Number Generator (EPRNG) which exploits a deep convolution generative adversarial network (DCGAN)-based approach using our processed vehicle datasets and entropy-driven stopping method-based training processes for the generation of pseudo-random numbers. Our model starts from the vehicle data source to stitch images and add noise to enhance the entropy of the images and then inputs them into our network. In addition, we design an entropy-driven stopping method that enables our model training to stop at the optimal epoch so as to prevent overfitting. The results of the evaluation indicate that our entropy-driven stopping method can effectively generate pseudo-random numbers in a DCGAN. Our numerical experiments on famous test suites (NIST, ENT) demonstrate the effectiveness of the developed approach in high-quality random number generation for the IoV. Furthermore, the PRNGs are successfully applied to image encryption, and the performance metrics of the encryption are close to ideal values. Full article

This paper provides the complete details of current challenges and solutions in the cybersecurity of cyber-physical systems (CPS) within the context of the IIoT and its integration with edge computing (IIoT–edge computing). We systematically collected and analyzed the relevant literature from the past five years, applying a rigorous methodology to identify key sources. Our study highlights the prevalent IIoT layer attacks, common intrusion methods, and critical threats facing IIoT–edge computing environments. Additionally, we examine various types of cyberattacks targeting CPS, outlining their significant impact on industrial operations. A detailed taxonomy of primary security mechanisms for CPS within IIoT–edge computing is developed, followed by a comparative analysis of our approach against existing research. The findings underscore the widespread vulnerabilities across the IIoT architecture, particularly in relation to DoS, ransomware, malware, and MITM attacks. The review emphasizes the integration of advanced security technologies, including machine learning (ML), federated learning (FL), blockchain, blockchain–ML, deep learning (DL), encryption, cryptography, IT/OT convergence, and digital twins, as essential for enhancing the security and real-time data protection of CPS in IIoT–edge computing. Finally, the paper outlines potential future research directions aimed at advancing cybersecurity in this rapidly evolving domain. Full article

The problem of constructing information measures with a well-defined interpretation is of fundamental significance in information theory. A good definition of an information measure entails certain desirable properties while also providing answers to operational problems. In this work, we investigate the properties of the unique information, an information measure that quantifies a deviation from the Blackwell order. Beyond providing an accessible introduction to the topic from a channel ordering perspective, we present a novel resource-theoretic characterization of unique information in a cryptographic task related to secret key agreement. Our operational view of unique information entails rich physical intuition that leads to new insights into secret key agreement in the context of non-negative decompositions of the mutual information into redundant and synergistic contributions. Through this lens, we illuminate new directions for research in partial information decompositions and information-theoretic cryptography. Full article

Lattice-based post-quantum cryptography (PQC) algorithms demand number theoretic transform (NTT)-based polynomial multiplications. NTT-based polynomials’ multiplication relies on the computation of forward number theoretic transform (FNTT) and inverse number theoretic transform (INTT), respectively. Therefore, this work presents a unified NTT hardware accelerator architecture to facilitate the polynomial multiplications of the CRYSTALS-Kyber PQC algorithm. Moreover, a unified butterfly unit design of Cooley–Tukey and Gentleman–Sande configurations is proposed to implement the FNTT and INTT operations using one adder, one multiplier, and one subtractor, sharing four routing multiplexers and one Barrett-based modular reduction unit. The critical path of the proposed butterfly unit is minimized using pipelining. An efficient controller is implemented for control functionalities. The simulation results after the post-place and -route step are provided on Xilinx Virtex-6 and Virtex-7 field-programmable gate array devices. Also, the proposed design is physically implemented for validation on Virtex-7 FPGA. The number of slices utilized on Virtex-6 and Virtex-7 devices is 398 and 312, the required number of clock cycles for one set of FNTT and INTT computations is 1410 and 1540, and the maximum operating frequency is 256 and 290 MHz, respectively. The average figure of merit (FoM), where FoM is the ratio of throughput to slices, illustrates 62% better performance than the most relevant NTT design from the literature. Full article