scispace - formally typeset
Search or ask a question

Showing papers on "Cipher published in 2022"


Journal ArticleDOI
TL;DR: This research work focuses on describing the comparison of time and performance when two FPGAs are utilized for the architecture of the AES, and it has been realized that the Spartan-6 FPGA provides better throughput and less time delay to theFPGA based IoT devices.

50 citations


Journal ArticleDOI
TL;DR: Wang et al. as mentioned in this paper investigated the essential properties of MPPS and DNA coding, and then proposed an efficient chosen-plaintext attack to disclose its equivalent secret-key, which only needs ⌈ log 256 ( 3 ⋅ M ⋆ N ) ⌉ + 4 pair of chosen plain-images and the corresponding cipher-images, where M × N and “3” are the size of the RGB color image and the number of color channels, respectively.

34 citations



Journal ArticleDOI
TL;DR: Li et al. as mentioned in this paper proposed in-depth security analysis on an image encryption algorithm based on a first-order time-delay system (IEATD) and gave a specific chosen-plaintext attack on it.
Abstract: Security is a key problem for the transmission, interchange, and storage process of multimedia systems and applications. In 2018, Li et al. proposed in-depth security analysis on an image encryption algorithm based on a first-order time-delay system (IEATD) and gave a specific chosen-plaintext attack on it. Moreover, an enhanced version called as IEACD was designed to fix the reported security defects. This article analyzes the essential structures of the two algorithms and evaluates their real security performances: 1) no efficient nonlinear operations are adopted to assure the sensibility of keystream; 2) the equivalent secret key of IEATD can be efficiently recovered from one known plain-image and the corresponding cipher-image; and 3) IEACD can still be efficiently cracked with a chosen-plaintext attack. Both rigorous theoretical analyses and detailed experimental results are provided to demonstrate effectiveness of the advanced cryptanalytic methods.

23 citations


Journal ArticleDOI
TL;DR: In this paper , a new improved Lorenz system (ImproLS) is designed with a better behavior due to a larger positive Lyapunov exponent, and an asymmetric image encryption scheme is presented based on blind signature and the ImproLS.
Abstract: In this paper, a new improved Lorenz system (ImproLS) is designed with a better behavior due to a larger positive Lyapunov exponent. Then, an asymmetric image encryption scheme is presented based on blind signature and the ImproLS. First, the sender uses the public key from the receiver to produce the cipher keys in conjunction with the Rivest–Shamir–Adleman (RSA) algorithm. Then, a new mathematical model is established to convert both the plain keys and the cipher keys to generate the initial values for ImproLS. After doing preprocess to the secret plain image, its statistical characteristics is changed greatly. Then, by employing permutation and diffusion operations, the cipher image can be obtained and sent to the receiver and the signer. Second, the signer encrypts the digital signature image using Arnold transform in conjunction with the RSA algorithm, and applies the discrete wavelet transform (DWT) to the cipher image. The scrambled signature image is then embedded into the wavelet domain of cipher image blindly. Then, the cipher image containing signature is sent to the receiver for authentication. Third, the receiver uses the private key to check the signature and recover the cipher image. After comparing the decrypted images from both the sender and the signer, the receiver can judge the source of the secret plain image. Experimental results show that the information entropy is high and closer to the theoretical value. In addition, both unsigned and signed cipher images can effectively resist salt and pepper attack, and clipping attack.

23 citations


Journal ArticleDOI
TL;DR: The authors’ proposed encryption scheme exempts conventional key distribution and transmission of CGI, enhances the security by secret sharing of VC, and increases the amount of hiding data contained in meta‐images with compressive sensing.
Abstract: Exploiting various degrees of freedom of light, metasurfaces have unique advantages in multiple‐channel information storage and demonstration, which thereby provides a novel platform to convey the keys and cipher images for different encryptions. Following the secret sharing principle of visual cryptography (VC), the authors here successfully embed both the keys and cipher images of computational ghost imaging (CGI) encryption into the holographic metasurface‐images (meta‐images). The decryption process starts with key retrieval via optical observation of overlapped meta‐images, followed by a compressive CGI calculation to reconstruct the target images according to the obtained key and steganographic cipher images with a high compression ratio of 4. By integrating metasurface imaging, VC, and CGI, the authors’ proposed encryption scheme exempts conventional key distribution and transmission of CGI, enhances the security by secret sharing of VC, and increases the amount of hiding data contained in meta‐images with compressive sensing.

19 citations


Journal ArticleDOI
01 Mar 2022-Optik
TL;DR: In this article , a color image encryption scheme based on symmetric keys using the synergistic approach of Arnold transform, 3D logistic chaotic map with XOR operation, and affine hill cipher technique was proposed.

16 citations


Journal ArticleDOI
TL;DR: In this paper , a stream cipher system based on an analog-digital hybrid chaotic system is presented, which can construct digital chaotic maps without degeneration and guarantee synchronization of analog chaotic systems for successful decryption.

15 citations


Journal ArticleDOI
TL;DR: This paper proposes a novel visually secure image encryption scheme by combining semi-tensor product compressed sensing and partial block pairing-substitution technique, which demonstrates the high quality of the cipher images and the high security of the proposed scheme.

15 citations


Journal ArticleDOI
TL;DR: In this paper , a new chaos-based block cipher algorithm (CBCA) based on an improved logistic chaotic map was proposed, which can be used to encrypt both small and large amounts of data.

10 citations


Journal ArticleDOI
TL;DR: In this paper , the authors evaluated the security of the TinyJAMBU cipher against cube attacks and concluded that it has a better security margin against cube attack than claimed by the designers.
Abstract: Lightweight cryptography has recently gained importance as the number of Internet of things (IoT) devices connected to Internet grows. Its main goal is to provide cryptographic algorithms that can be run efficiently in resource-limited environments such as IoT. To meet the challenge, the National Institute of Standards and Technology (NIST) announced the Lightweight Cryptography (LWC) project. One of the finalists of the project is the TinyJAMBU cipher. This work evaluates the security of the cipher. The tool used for the evaluation is the cube attack. We present five distinguishing attacks DA1-DA5 and two key recovery attacks KRA1-KRA2. The first two distinguishing attacks (DA1 and DA2) are launched against the initialisation phase of the cipher. The best result achieved for the attacks is a distinguisher for an 18-bit cube, where the cipher variant consists of the full initialisation phase together with 438 rounds of the encryption phase. The key recovery attacks (KRA1 and KRA2) are also launched against the initialisation phase of the cipher. The best key recovery attack can be applied for a cipher variant that consists of the full initialisation phase together with 428 rounds of the encryption phase. The attacks DA3-DA5 present a collection of distinguishers up to 437 encryption rounds, whose 32-bit cubes are chosen from the plaintext, nonce, or associated data bits. The results are confirmed experimentally. A conclusion from the work is that TinyJAMBU has a better security margin against cube attacks than claimed by the designers.

Journal ArticleDOI
TL;DR:
Abstract: Secure image transmission is one of the most challenging problems in the age of communication technology. Millions of people use and transfer images for either personal or commercial purposes over the internet. One way of achieving secure image transmission over the network is encryption techniques that convert the original image into a non-understandable or scrambled form, called a cipher image, so that even if the attacker gets access to the cipher they would not be able to retrieve the original image. In this study, chaos-based image encryption and block cipher techniques are implemented and analyzed for image encryption. Arnold cat map in combination with a logistic map are used as native chaotic and hybrid chaotic approaches respectively whereas advanced encryption standard (AES) is used as a block cipher approach. The chaotic and AES methods are applied to encrypt images and are subjected to measures of different performance parameters such as peak signal to noise ratio (PSNR), number of pixels change rate (NPCR), unified average changing intensity (UACI), and histogram and computation time analysis to measure the strength of each algorithm. The results show that the hybrid chaotic map has better NPCR and UACI values which makes it more robust to differential attacks or chosen plain text attacks. The Arnold cat map is computationally efficient in comparison to the other two approaches. However, AES has a lower PSNR value (7.53 to 11.93) and has more variation between histograms of original and cipher images, thereby indicating that it is more resistant to statistical attacks than the other two approaches.

Journal ArticleDOI
TL;DR: The hardware implementation of ChaCha20–Poly1305 AEAD demonstrates the viability of using a different option from the conventional cipher suite based on AES for TLS 1.3.
Abstract: Transport Layer Security (TLS) provides a secure channel for end-to-end communications in computer networks. The ChaCha20–Poly1305 cipher suite is introduced in TLS 1.3, mitigating the sidechannel attacks in the cipher suites based on the Advanced Encryption Standard (AES). However, the few implementations cannot provide sufficient speed compared to other encryption standards with Authenticated Encryption with Associated Data (AEAD). This paper shows ChaCha20 and Poly1305 primitives. In addition, a compatible ChaCha20–Poly1305 AEAD with TLS 1.3 is implemented with a fault detector to reduce the problems in fragmented blocks. The AEAD implementation reaches 1.4-cycles-per-byte in a standalone core. Additionally, the system implementation presents 11.56-cycles-per-byte in an RISC-V environment using a TileLink bus. The implementation in Xilinx Virtex-7 XC7VX485T Field-Programmable Gate-Array (FPGA) denotes 10,808 Look-Up Tables (LUT) and 3731 Flip-Flops (FFs), represented in 23% and 48% of ChaCha20 and Poly1305, respectively. Finally, the hardware implementation of ChaCha20–Poly1305 AEAD demonstrates the viability of using a different option from the conventional cipher suite based on AES for TLS 1.3.

Journal ArticleDOI
TL;DR: The synthesis and simultaneous sequencing of eight sequence-defined 10-mer oligourethanes are described and the use of different isotope labels, such as halogen tags, as a tool to deconvolute the complex sequence information found within a heterogeneous mixture of at least 96 unique molecules, with as little as four micromoles of total material is demonstrated.
Abstract: Molecular encoding in abiotic sequence-defined polymers (SDPs) has recently emerged as a versatile platform for information and data storage. However, the storage capacity of these sequence-defined polymers remains underwhelming compared to that of the information storing biopolymer DNA. In an effort to increase their information storage capacity, herein we describe the synthesis and simultaneous sequencing of eight sequence-defined 10-mer oligourethanes. Importantly, we demonstrate the use of different isotope labels, such as halogen tags, as a tool to deconvolute the complex sequence information found within a heterogeneous mixture of at least 96 unique molecules, with as little as four micromoles of total material. In doing so, relatively high-capacity data storage was achieved: 256 bits in this example, the most information stored in a single sample of abiotic SDPs without the use of long strands. Within the sequence information, a 256-bit cipher key was stored and retrieved. The key was used to encrypt and decrypt a plain text document containing The Wonderful Wizard of Oz. To validate this platform as a medium of molecular steganography and cryptography, the cipher key was hidden in the ink of a personal letter, mailed to a third party, extracted, sequenced, and deciphered successfully in the first try, thereby revealing the encrypted document.

Journal ArticleDOI
TL;DR: Wang et al. as mentioned in this paper proposed a reversible data hiding in encrypted images (RDH-EIs) scheme with multiple data hiders, which can protect the privacy of original images while exactly extracting the embedded data.
Abstract: Reversible data hiding in encrypted images (RDH-EIs) has attracted increasing attention since it can protect the privacy of original images while exactly extracting the embedded data. In this paper, we propose an RDH-EI scheme with multiple data hiders. First, we introduce a cipher-feedback secret sharing (CFSS) technique using the cipher-feedback strategy of the Advanced Encryption Standard. Then, using the CFSS technique, we devise a new $(r,n)$ -threshold ( $r\leq n$ ) RDH-EI scheme with multiple data hiders called CFSS-RDHEI. It can encrypt an original image into $n$ encrypted images with reduced size using an encryption key and sends each encrypted image to one data hider. Each data hider can independently embed secret data into the encrypted image to obtain a marked encrypted image. The embedded data can be extracted from each marked encrypted image using the data hiding key, and the original image can be completely recovered from $r$ marked encrypted images using the encryption key. Performance evaluations show that our CFSS-RDHEI scheme has a higher embedding rate and that its generated encrypted images are much smaller, while still being well protected, compared to existing secret sharing-based RDH-EI schemes.

Journal ArticleDOI
TL;DR: The comparison to the current literature shows that despite its simplicity, the WPB functions presented in this paper are the best in behavior from the algebraic immunity and the k-weight nonlinearities.

Journal ArticleDOI
TL;DR: A customized version of LEON3, the ReonV RISCV (Reduced Instruction Set Computer-five) processor, dedicated for IoT applications that has strong effective security mechanisms built in at the design stage that are secure enough to resist against the most common attacks.
Abstract: The Internet of Things is changing all sectors such as manufacturing, agriculture, city infrastructure, and the automotive industry. All these applications ask for secure processors that can be embedded in the IoT devices. Furthermore, these devices are restricted in terms of computing capabilities, memory, and power consumption. A major challenge is how to meet the need for security in such resource-constrained devices. This paper presents a customized version of LEON3, the ReonV RISCV (Reduced Instruction Set Computer-five) processor, dedicated for IoT applications that has strong effective security mechanisms built in at the design stage. Firstly, efficient lightweight cipher designs are elaborated and validated. Then, the proposed cryptographic instructions (PRESENT and PRINCE) are integrated into the default instruction set architecture of the ReonV processor core. The instruction set extensions (ISE) of lightweight cipher modules can be instantiated in software routines exactly as the instructions of the base architecture. A single instruction is needed to implement a full lightweight cryptographic instruction. The customized ReonV RISCV processor is implemented on a Xilinx FPGA platform and is evaluated for Slice LUTs plus FF-pairs, frequency, and throughput. Obtained results show that our proposed concepts not only can achieve good encryption results with high performance and reduced cost but also are secure enough to resist against the most common attacks.

Journal ArticleDOI
27 Apr 2022-Symmetry
TL;DR: The obtained bifurcation diagram and the plot of the Lyapunov exponent suggest that the so-called robust chaos characterizes this map, and the article proposes a new image encryption algorithm that uses, among others, cyclically shifted S-box or saving encrypted pixels on the first or last free space in the cipher-image.
Abstract: One of the applications of dynamical systems with chaotic behavior is data encryption. Chaos-based cryptography uses chaotic dynamical systems as the basis for creating algorithms. The present article discusses a new dynamical system called M-map with its analysis: fixed points, bifurcation diagram, Lyapunov exponent, and invariant density. The obtained bifurcation diagram and the plot of the Lyapunov exponent (with a minimum value of ln2 and a maximum value of ln4) suggest that the so-called robust chaos characterizes this map. Moreover, the obtained results are compared with other dynamical systems used in cryptography. Additionally, the article proposes a new image encryption algorithm. It uses, among others, cyclically shifted S-box or saving encrypted pixels on the first or last free space in the cipher-image. The conducted analysis shows that the cipher-images are characterized by an entropy value close to 8, a correlation of adjacent pixels value close to 0, or values of Number of Pixel of Change Rate (NPCR) and Unified Average Changing Intensity (UACI) measures close to 100% and 33%, respectively.

Journal ArticleDOI
TL;DR: In this paper , a secure communication scheme based on chaotic systems using a sliding-mode observer (SMO) that is robust against disturbances affecting the transmitter and transmission process is presented, and a simulated example is shown to exhibit the efficacy of the proposed scheme.
Abstract: This article presents a secure communication scheme based on chaotic systems using a sliding-mode observer (SMO) that is robust against disturbances affecting the transmitter and transmission process. The original message is first encrypted using a $N$ -cipher with a key signal and then fed into the state equation, whereas the key signal is fed into the output equation. The chaotic system in the transmitter is re-expressed to decouple the disturbances from the signals of interest. An SMO is then designed based on this form and implemented in the receiver to perform synchronization, and recover the broadcast messages to perform secure communication. The conditions required for the SMO to be feasible are investigated in terms of the transmitter system matrices. A set of design procedures for the chaotic secure communication scheme is outlined. Finally, a simulated example is shown to exhibit the efficacy of the proposed scheme.


Journal ArticleDOI
01 Jun 2022-Sensors
TL;DR: A modified image encryption process is proposed in this work with chaotic maps and orthogonal matrix in Hill cipher and claims that the proposed encryption algorithm is secured.
Abstract: In the last decade, the communication of images through the internet has increased. Due to the growing demands for data transfer through images, protection of data and safe communication is very important. For this purpose, many encryption techniques have been designed and developed. New and secured encryption schemes based on chaos theory have introduced methods for secure as well as fast communication. A modified image encryption process is proposed in this work with chaotic maps and orthogonal matrix in Hill cipher. Image encryption involves three phases. In the first phase, a chaotic Henon map is used for permuting the digital image. In the second phase, a Hill cipher is used whose encryption key is generated by an orthogonal matrix which further is produced from the equation of the plane. In the third phase, a sequence is generated by a chaotic tent map which is later XORed. Chaotic maps play an important role in the encryption process. To deal with the issues of fast and highly secured image processing, the prominent properties of non-periodical movement and non-convergence of chaotic theory play an important role. The proposed scheme is resistant to different attacks on the cipher image. Different tests have been applied to evaluate the proposed technique. The results of the tests such as key space analysis, key sensitivity analysis, and information entropy, histogram correlation of the adjacent pixels, number of pixel change rate (NPCR), peak signal to noise ratio (PSNR), and unified average changing intensity (UCAI) showed that our proposed scheme is an efficient encryption technique. The proposed approach is also compared with some state-of-the-art image encryption techniques. In the view of statistical analysis, we claim that our proposed encryption algorithm is secured.

Journal ArticleDOI
Jinyu Lu, Yunwen Liu, Tomer Ashur, Bing Sun, Chao Li 
TL;DR: In this article , the authors proposed a SAT/SMT model for searching compatible RX-characteristics in Simon-like ciphers, i.e., that there are at least one right pair of messages/keys to satisfy the RK-Characteristics.
Abstract: Rotational-XOR (RX) cryptanalysis is a cryptanalytic method aimed at finding distinguishable statistical properties in ARX-C ciphers, i.e., ciphers that can be described only by using modular addition, cyclic rotation, XOR, and the injection of constants. In this paper we extend RX-cryptanalysis to AND-RX ciphers, a similar design paradigm where the modular addition is replaced by vectorial bitwise AND; such ciphers include the block cipher families Simon and Simeck. We analyze the propagation of RX-differences through AND-RX rounds and develop a closed form formula for their expected probability. Inspired by the MILP verification model proposed by Sadeghi et al., we develop a SAT/SMT model for searching compatible RX-characteristics in Simon-like ciphers, i.e., that there are at least one right pair of messages/keys to satisfy the RK-characteristics. To the best of our knowledge, this is the first model that takes the RX-difference transitions and value transitions simultaneously into account in Simon-like ciphers. Meanwhile, we investigate how the choice of the round constants affects the resistance of Simon-like ciphers against RX-cryptanalysis. Finally, we show how to use an RXdistinguisher for a key recovery attack. Evaluating our model we find compatible RX-characteristics of up to 20, 27, and 34 rounds with respective probabilities of 2−26, 2−44, and 2−56 for versions of Simeck with block sizes of 32, 48, and 64 bits, respectively, for large classes of weak keys in the related-key model. In most cases, these are the longest published distinguishers for the respective variants of Simeck. In the case of Simon, we present compatible RX-characteristics for round-reduced versions of all ten instances. We observe that for equal block and key sizes, the RX-distinguishers cover fewer rounds in Simon than in Simeck. Concluding the paper, we present a key recovery attack on Simeck 64 reduced to 28 rounds using a 23-round RX-characteristic.

Journal ArticleDOI
TL;DR: In 2019, the National Institute of Standards and Technology (NIST) initialized the lightweight cryptography (LWC) project to standardize the lightweight cryptographic algorithms for resource-constrained devices as discussed by the authors .
Abstract: The security of resource-constrained devices is critical in the IoT field, given that everything is interconnected. Therefore, the National Institute of Standards and Technology (NIST) initialized the lightweight cryptography (LWC) project to standardize the lightweight cryptography algorithms for resource-constrained devices. After two rounds, the NIST announced the finalists in 2021. The finalist algorithms are Ascon, Elephant, GIFT-COFB, Grain-128AEAD, ISAP, PHOTON-Beetle, Romulus, SPARKLE, TinyJambu, and Xoodyak. The final round of the competition is still in progress, and the NIST will select the winner based on their and third-party evaluations. In this paper, we review the 10 finalists mentioned above, discuss their constructions, and classify them according to the underlying primitives. In particular, we analyze these ciphers from different perspectives, such as cipher specifications and structures, design primitives, security parameters, advantages and disadvantages, and existing cryptanalyses. We also review existing analyses of these finalists with a specific focus on the review of fault attacks. We hope the study compiled in this paper will benefit the cryptographic community by providing an easy-to-grasp overview of the NIST LWC finalists.

Journal ArticleDOI
TL;DR: In this article , a Rubik's cube based pixel level scrambling and simple XOR based diffusion is proposed to safely transmit multimedia information (images) through an untrusted channel, such as adaptive image content (i.e., plain image related) based initial random value generation is introduced to achieve high plain image sensitivity in order to overcome plain image-related attacks.

Journal ArticleDOI
TL;DR: Wang et al. as mentioned in this paper investigated the differential fault attack on the key schedule of KLEIN-96, which has 96 bits key length, by deeply developing the inner-relationship of input-output differentials for its S-box and reducing the complexity of exhaustive searching from the original 296 to an acceptable boundary by injecting a certain number of byte-faults.
Abstract: KLEIN is a new family of lightweight block ciphers designed for resource-constrained devices. Compared to other schemes, it also has great advantages in both software and hardware performances. In recent works, many researchers have studied its security against differential fault analysis (DFA). Note that all the works only focused on the scheme KLEIN-64, which only has 64 bits key length. In fact, the 64-bit's security is obviously not enough for the current ciphers. In this paper, we investigate the differential fault attack on the key schedule of KLEIN-96, which has 96 bits key length. More specifically, by deeply developing the inner-relationship of input-output differentials for its S-box, we reduce the complexity of exhaustive searching from the original 296 to an acceptable boundary by injecting a certain number of byte-faults. Finally, we also demonstrate the efficiency of our proposed attack by simulations, which show that our method has great advantages over other cryptanalysis on KLEIN cipher.

Journal ArticleDOI
TL;DR: This work designs a novel cryptosystem by introducing vector quantization (VQ) into CS-based encryption based on a 3D fractional Lorenz chaotic system and improves CS compression performance and the quality of decrypted images.
Abstract: Recently, generating visually secure cipher images by compressive sensing (CS) techniques has drawn much attention among researchers. However, most of these algorithms generate cipher images based on direct bit substitution and the underlying relationship between the hidden and modified data is not considered, which reduces the visual security of cipher images. In addition, performing CS on plain images directly is inefficient, and CS decryption quality is not high enough. Thus, we design a novel cryptosystem by introducing vector quantization (VQ) into CS-based encryption based on a 3D fractional Lorenz chaotic system. In our work, CS compresses only the sparser error matrix generated from the plain and VQ images in the secret generation phase, which improves CS compression performance and the quality of decrypted images. In addition, a smooth function is used in the embedding phase to find the underlying relationship and determine relatively suitable modifiable values for the carrier image. All the secret streams are produced by updating the initial values and control parameters from the fractional chaotic system, and then utilized in CS, diffusion, and embedding. Simulation results demonstrate the effectiveness of the proposed method.


Journal ArticleDOI
01 Dec 2022-Sensors
TL;DR: Wang et al. as discussed by the authors proposed a fast image encryption algorithm based on logistics-sine-cosine mapping, which first generates five sets of encrypted sequences from the Logistics-Sine-Cosine mapping and then uses the order of the encryption sequence to scramble the image pixels and designs a new pixel diffusion network to further improve the key sensitivity and plain-image sensitivity.
Abstract: Because images are vulnerable to external attacks in the process of network transmission and traditional image encryption algorithms have limitations such as long encryption time, insufficient entropy or poor diffusion of cipher image information when encrypting color images, a fast image encryption algorithm based on logistics-sine-cosine mapping is proposed. The algorithm first generates five sets of encrypted sequences from the logistics-sine-cosine mapping, then uses the order of the encryption sequence to scramble the image pixels and designs a new pixel diffusion network to further improve the key sensitivity and plain-image sensitivity of the encryption algorithm. Finally, in a series of security analysis experiments, the experimental image Lena was tested 100 times, and the average encryption time was 0.479 s. The average value of the information entropy, pixel change rate and uniform average change intensity of the cipher image reached 7.9994, 99.62% and 33.48%, respectively. The experimental results show that the fast image encryption algorithm based on logistics-sine-cosine mapping takes less time to encrypt, and the cipher image has good information entropy and diffusivity. It is a safe and effective fast image encryption algorithm.

Proceedings ArticleDOI
14 Jun 2022
TL;DR: A digital educational game (DEG) designed to promote language learning and student engagement in the context of an endangered language is introduced and a four-dimensional evaluation framework is employed which evaluates user satisfaction in terms of gaming experience, learning experience, adaptivity and usability.
Abstract: Digital game-based language learning (DGBLL) has become an increasingly popular topic in the field of digital educational games. DGBLL can provide learners with an enjoyable gaming experience as well as enhancing their language learning experience. The need for engaging approaches to the teaching and learning of minority or endangered languages has also led to greater interest in the application of DGBLL approaches. In this paper, we introduce a digital educational game (DEG) designed to promote language learning and student engagement in the context of an endangered language. In order to evaluate the user experience, we employ a four-dimensional evaluation framework which evaluates user satisfaction in terms of gaming experience, learning experience, adaptivity and usability. Survey responses were analysed and the findings indicate that participants were satisfied with the game and their feedback will be used to improve the game in the future.

Journal ArticleDOI
TL;DR: A single-bit flip-based differential fault attack on the lightweight block cipher PIPO for the first time is proposed and it is shown that simulations enable the recovery of the correct secret key with about 98% probability through 64 fault ciphertexts.
Abstract: . With the recent development of Internet of Things (IoT) devices, related security issues are also increasing. In particular, the pos-sibility of accessing and hijacking cryptographic devices is also increasing due to the rapid increase in usage of these devices. Therefore, research on cryptographic technologies that can provide a safe environment even in resource-constrained environments has been actively conducted. Among them, there are increasing security issues of side-channel analysis for devices due to their physical accessibility. The lightweight block cipher PIPO was recently proposed in ICISC 2020 to address these issues. The PIPO has the characteristic of providing robust security strength while having less overhead when using the side-channel analysis countermeasures. A differential fault attack is a type of side-channel analysis that induces fault in cryptographic operations and utilizes difference information that occurs. Differential fault attacks on the PIPO have not yet been studied. This paper proposed a single-bit flip-based differential fault attack on the lightweight block cipher PIPO for the first time. We show that simulations enable the recovery of the correct secret key with about 98% probability through 64 fault ciphertexts. Therefore, the PIPO does not provide security against differential fault attacks. When using the PIPO cipher on IoT devices, designers must apply appropriate countermeasures against fault-injection attacks.