Showing papers on "Cryptography published in 2022"
TL;DR: An improved algorithm is derived which requires O(log2 p) complexity if p 1 has only small prime factors and such values of p must be avoided in the cryptosystem.
Abstract: A cryptographic system is described which is secure if and only if computing logarithms over GF(p) is infeasible. Previously published algorithms for computing this function require O(P’/~) complexity in both time and space. An improved algorithm is derived which requires O(log2 p) complexity if p 1 has only small prime factors. Such values of p must be avoided in the cryptosystem. Constructive uses for the new algorithm are also described.
1,120 citations
01 Feb 2022
TL;DR: Wang et al. as discussed by the authors carried out a deeper survey about blockchain technology, especially its history, consensus algorithms' quantitative comparisons, details of cryptography in terms of public key cryptography, Zero-Knowledge Proofs, and hash functions used in the blockchain, and the comprehensive list of blockchain applications.
Abstract: Blockchain is a technology that has desirable features of decentralization, autonomy, integrity, immutability, verification, fault-tolerance, anonymity, auditability, and transparency. In this paper, we first carry out a deeper survey about blockchain technology, especially its history, consensus algorithms' quantitative comparisons, details of cryptography in terms of public key cryptography, Zero-Knowledge Proofs, and hash functions used in the blockchain, and the comprehensive list of blockchain applications. Further, the security of blockchain itself is a focus in this paper. In particular, we assess the blockchain security from risk analysis to derive comprehensive blockchain security risk categories, analyze the real attacks and bugs against blockchain, and summarize the recently developed security measures on blockchain. Finally, the challenges and research trends are presented to achieve more scalable and securer blockchain systems for the massive deployments.
98 citations
TL;DR: Proof that chaotic systems resist dynamic degradation through theoretical analysis is presented, and a novel one-dimensional two-parameter with a wide-range system mixed coupled map lattice model (TWMCML) is given.
Abstract: Since chaotic cryptography has a long-term problem of dynamic degradation, this paper presents proof that chaotic systems resist dynamic degradation through theoretical analysis. Based on this proof, a novel one-dimensional two-parameter with a wide-range system mixed coupled map lattice model (TWMCML) is given. The evaluation of TWMCML shows that the system has the characteristics of strong chaos, high sensitivity, broader parameter ranges and wider chaos range, which helps to enhance the security of chaotic sequences. Based on the excellent performance of TWMCML, it is applied to the newly proposed encryption algorithm. The algorithm realizes double protection of private images under the premise of ensuring efficiency and safety. First, the important information of the image is extracted by edge detection technology. Then the important area is scrambled by the three-dimensional bit-level coupled XOR method. Finally, the global image is more fully confused by the dynamic index diffusion formula. The simulation experiment verified the effectiveness of the algorithm for grayscale and color images. Security tests show that the application of TWMCML makes the encryption algorithm have a better ability to overcome conventional attacks.
92 citations
TL;DR: In this paper , the authors present a systematic study of modern blockchain-based solutions for securing medical data with or without cloud computing, and implement and evaluate the different methods using blockchain in this paper.
Abstract: Since the last decade, cloud-based electronic health records (EHRs) have gained significant attention to enable remote patient monitoring. The recent development of Healthcare 4.0 using the Internet of Things (IoT) components and cloud computing to access medical operations remotely has gained the researcher's attention from a smart city perspective. Healthcare 4.0 mainly consisted of periodic medical data sensing, aggregation, data transmission, data sharing, and data storage. The sensitive and personal data of patients lead to several challenges while protecting it from hackers. Therefore storing, accessing, and sharing the patient medical information on the cloud needs security attention that data should not be compromised by the authorized user's components of E-healthcare systems. To achieve secure medical data storage, sharing, and accessing in cloud service provider, several cryptography algorithms are designed so far. However, such conventional solutions failed to achieve the trade-off between the requirements of EHR security solutions such as computational efficiency, service side verification, user side verifications, without the trusted third party, and strong security. Blockchain-based security solutions gained significant attention in the recent past due to the ability to provide strong security for data storage and sharing with the minimum computation efforts. The blockchain made focused on bitcoin technology among the researchers. Utilizing the blockchain which secure healthcare records management has been of recent interest. This paper presents the systematic study of modern blockchain-based solutions for securing medical data with or without cloud computing. We implement and evaluate the different methods using blockchain in this paper. According to the research studies, the research gaps, challenges, and future roadmap are the outcomes of this paper that boost emerging Healthcare 4.0 technology.
86 citations
TL;DR: In this article , a key recovery attack against the Rainbow signature scheme was presented, which is one of the three finalist signature schemes still in the NIST Post-Quantum Cryptography standardization project.
Abstract: This work introduces new key recovery attacks against the Rainbow signature scheme, which is one of the three finalist signature schemes still in the NIST Post-Quantum Cryptography standardization project. The new attacks outperform previously known attacks for all the parameter sets submitted to NIST and make a key-recovery practical for the SL 1 parameters. Concretely, given a Rainbow public key for the SL 1 parameters of the second-round submission, our attack returns the corresponding secret key after on average 53 h (one weekend) of computation time on a standard laptop.
84 citations
TL;DR: The National Institute of Standards and Technology (NIST) as discussed by the authors is in the process of selecting one or more public-key cryptographic algorithms through an open competition, which is referred to as post-quantum cryptography (PQC).
Abstract: In recent years, there has been steady progress in the creation of quantum computers. If large-scale quantum computers are implemented, they will threaten the security of many widely used public-key cryptosystems. Key-establishment schemes and digital signatures based on factorization, discrete logarithms, and elliptic curve cryptography will be most affected. Symmetric cryptographic primitives such as block ciphers and hash functions will be broken only slightly. As a result, there has been an intensification of research on finding public-key cryptosystems that would be secure against cryptanalysts with both quantum and classical computers. This area is often called post-quantum cryptography (PQC), or sometimes quantum-resistant cryptography. The goal is to design schemes that can be deployed in existing communication networks and protocols without significant changes. The National Institute of Standards and Technology is in the process of selecting one or more public-key cryptographic algorithms through an open competition. New public-key cryptography standards will define one or more additional digital signatures, public-key encryption, and key-establishment algorithms. It is assumed that these algorithms will be able to protect confidential information well in the near future, including after the advent of quantum computers. After three rounds of evaluation and analysis, NIST has selected the first algorithms that will be standardized as a result of the PQC standardization process. The purpose of this article is to review and analyze the state of NIST's post-quantum cryptography standardization evaluation and selection process. The article summarizes each of the 15 candidate algorithms from the third round and identifies the algorithms selected for standardization, as well as those that will continue to be evaluated in the fourth round of analysis. Although the third round is coming to an end and NIST will begin developing the first PQC standards, standardization efforts in this area will continue for some time. This should not be interpreted as meaning that users should wait to adopt post-quantum algorithms. NIST looks forward to the rapid implementation of these first standardized algorithms and will issue future guidance on the transition. The transition will undoubtedly have many complexities, and there will be challenges for some use cases such as IoT devices or certificate transparency.
83 citations
TL;DR: A Genetic Algorithm inspired method to strengthen weak keys obtained from Random DNA-based Key Generators instead of completely discarding them is proposed.
Abstract: DNA (Deoxyribonucleic Acid) Cryptography has revolutionized information security by combining rigorous biological and mathematical concepts to encode original information in terms of a DNA sequence. Such schemes are crucially dependent on corresponding DNA-based cryptographic keys. However, owing to the redundancy or observable patterns, some of the keys are rendered weak as they are prone to intrusions. This paper proposes a Genetic Algorithm inspired method to strengthen weak keys obtained from Random DNA-based Key Generators instead of completely discarding them. Fitness functions and the application of genetic operators have been chosen and modified to suit DNA cryptography fundamentals in contrast to fitness functions for traditional cryptographic schemes. The crossover and mutation rates are reducing with each new population as more keys are passing fitness tests and need not be strengthened. Moreover, with the increasing size of the initial key population, the key space is getting highly exhaustive and less prone to Brute Force attacks. The paper demonstrates that out of an initial 25 × 25 population of DNA Keys, 14 keys are rendered weak. Complete results and calculations of how each weak key can be strengthened by generating 4 new populations are illustrated. The analysis of the proposed scheme for different initial populations shows that a maximum of 8 new populations has to be generated to strengthen all 500 weak keys of a 500 × 500 initial population.
62 citations
TL;DR: The proposed NCCS system has larger key space and exhibits better cryptographic features in dynamics than their original one-dimensional chaotic map, and the validity of the proposed algorithm in terms of high security is shown.
50 citations
18 Jun 2022
TL;DR: This work presents CraterLake, the first FHE accelerator that enables FHE programs of unbounded size (i.e., unbounded multiplicative depth), and introduces a new hardware architecture that efficiently scales to very large cipher-texts, novel functional units to accelerate key kernels, and new algorithms and compiler techniques to reduce data movement.
Abstract: Fully Homomorphic Encryption (FHE) enables offloading computation to untrusted servers with cryptographic privacy. Despite its attractive security, FHE is not yet widely adopted due to its prohibitive overheads, about 10,000X over unencrypted computation. Recent FHE accelerators have made strides to bridge this performance gap. Unfortunately, prior accelerators only work well for simple programs, but become inefficient for complex programs, which bring additional costs and challenges. We present CraterLake, the first FHE accelerator that enables FHE programs of unbounded size (i.e., unbounded multiplicative depth). Such computations require very large ciphertexts (tens of MBs each) and different algorithms that prior work does not support well. To tackle this challenge, CraterLake introduces a new hardware architecture that efficiently scales to very large cipher-texts, novel functional units to accelerate key kernels, and new algorithms and compiler techniques to reduce data movement. We evaluate CraterLake on deep FHE programs, including deep neural networks like ResNet and LSTMs, where prior work takes minutes to hours per inference on a CPU. CraterLake outperforms a CPU by gmean 4,600X and the best prior FHE accelerator by 11.2X under similar area and power budgets. These speeds enable realtime performance on unbounded FHE programs for the first time.
47 citations
TL;DR: In this paper , the authors present an experimental system that enables for device-independent quantum key distribution between two distant users, based on the generation and analysis of event-ready entanglement between two independently trapped single rubidium atoms located in buildings 400 meters apart.
Abstract: Device-independent quantum key distribution (DIQKD) enables the generation of secret keys over an untrusted channel using uncharacterized and potentially untrusted devices1-9. The proper and secure functioning of the devices can be certified by a statistical test using a Bell inequality10-12. This test originates from the foundations of quantum physics and also ensures robustness against implementation loopholes13, thereby leaving only the integrity of the users' locations to be guaranteed by other means. The realization of DIQKD, however, is extremely challenging-mainly because it is difficult to establish high-quality entangled states between two remote locations with high detection efficiency. Here we present an experimental system that enables for DIQKD between two distant users. The experiment is based on the generation and analysis of event-ready entanglement between two independently trapped single rubidium atoms located in buildings 400 metre apart14. By achieving an entanglement fidelity of [Formula: see text] and implementing a DIQKD protocol with random key basis15, we observe a significant violation of a Bell inequality of S = 2.578(75)-above the classical limit of 2-and a quantum bit error rate of only 0.078(9). For the protocol, this results in a secret key rate of 0.07 bits per entanglement generation event in the asymptotic limit, and thus demonstrates the system's capability to generate secret keys. Our results of secure key exchange with potentially untrusted devices pave the way to the ultimate form of quantum secure communications in future quantum networks.
43 citations
TL;DR: Li et al. as discussed by the authors proposed a Shamir threshold cryptography scheme for IIoT data protection using blockchain, where the edge gateway uses a symmetric key to encrypt the data uploaded by the IoT device and stores it in the cloud.
Abstract: The Industrial Internet of Things (IIoT), a typical Internet of Things (IoT) application, integrates the global industrial system with other advanced computing, analysis, and sensing technologies through Internet connectivity. Due to the limited storage and computing capacity of edge and IIoT devices, data sensed and collected by these devices are usually stored in the cloud. Encryption is commonly used to ensure privacy and confidentiality of IIoT data. However, the key used for data encryption and decryption is usually directly stored and managed by users or third-party organizations, which has security and privacy implications. To address this potential security and privacy risk, we propose a Shamir threshold cryptography scheme for IIoT data protection using blockchain: STCChain. Specifically, in our solution, the edge gateway uses a symmetric key to encrypt the data uploaded by the IoT device and stores it in the cloud. The symmetric key is protected by a private key generated by the edge gateway. To prevent the loss of the private key and privacy leakage, we use a Shamir secret sharing algorithm to divide the private key, encrypt it, and publish it on the blockchain. We implement a prototype of STCChain using Xuperchain, and the results show that STCChain can effectively prevent attackers from stealing data as well as ensuring the security of the encryption key.
TL;DR: The use of blockchain technology has recently become widespread. It is regarded as a decentralized, trustworthy, secure, transparent, and immutable solution that innovates data sharing and management as discussed by the authors .
Abstract: The use of Blockchain technology has recently become widespread. It has emerged as an essential tool in various academic and industrial fields, such as healthcare, transportation, finance, cybersecurity, and supply chain management. It is regarded as a decentralized, trustworthy, secure, transparent, and immutable solution that innovates data sharing and management. This survey aims to provide a systematic review of Blockchain application to intelligent transportation systems in general and the Internet of Vehicles (IoV) in particular. The survey is divided into four main parts. First, the Blockchain technology including its opportunities, relative taxonomies, and applications is introduced; basic cryptography is also discussed. Next, the evolution of Blockchain is presented, starting from the primary phase of pre-Bitcoin (fundamentally characterized by classic cryptography systems), followed by the Blockchain 1.0 phase, (characterized by Bitcoin implementation and common consensus protocols), and finally, the Blockchain 2.0 phase (characterized by the implementation of smart contracts, Ethereum, and Hyperledger). We compared and identified the strengths and limitations of each of these implementations. Then, the state of the art of Blockchain-based IoV solutions (BIoV) is explored by referring to a large and trusted source database from the Scopus data bank. For a well-structured and clear discussion, the reviewed literature is classified according to the research direction and implemented IoV layer. Useful tables, statistics, and analysis are also presented. Finally, the open problems and future directions in BIoV research are summarized.
TL;DR: Wang et al. as mentioned in this paper investigated the essential properties of MPPS and DNA coding, and then proposed an efficient chosen-plaintext attack to disclose its equivalent secret-key, which only needs ⌈ log 256 ( 3 ⋅ M ⋆ N ) ⌉ + 4 pair of chosen plain-images and the corresponding cipher-images, where M × N and “3” are the size of the RGB color image and the number of color channels, respectively.
TL;DR: This research developed a unique deep-learning-based secure search-able blockchain as a distributed database using homomorphic encryption to enable users to securely access data via search to result in a more efficient blockchain-based IoT system as compared to benchmark models.
Abstract: Due to the value and importance of patient health records (PHR), security is the most critical feature of encryption over the Internet. Users that perform keyword searches to gain access to the PHR stored in the database are more susceptible to security risks. Although a blockchain-based healthcare system can guarantee security, present schemes have several flaws. Existing techniques have concentrated exclusively on data storage and have utilized blockchain as a storage database. In this research, we developed a unique deep-learning-based secure search-able blockchain as a distributed database using homomorphic encryption to enable users to securely access data via search. Our suggested study will increasingly include secure key revocation and update policies. An IoT dataset was used in this research to evaluate our suggested access control strategies and compare them to benchmark models. The proposed algorithms are implemented using smart contracts in the hyperledger tool. The suggested strategy is evaluated in comparison to existing ones. Our suggested approach significantly improves security, anonymity, and monitoring of user behavior, resulting in a more efficient blockchain-based IoT system as compared to benchmark models.
TL;DR: A survey on the most up-to-date chaos-based image encryption techniques and classifies them into spatial, temporal and spatio-temporal domains for better understanding is presented in this paper .
Abstract: Abstract Chaos-based cryptosystems have been an active area of research in recent years. Although these algorithms are not standardized like AES, DES, RSA, etc., chaos-based cryptosystems like Chebyshev polynomials can provide additional security when used with standard public key cryptosystems like RSA and El-gamal. Standard encryption algorithms such as AES have always been the primary choice, but when it comes to image or video encryption, many researchers recommend chaos-based encryption techniques due to their computational efficiency. This paper presents a survey on the most up-to-date chaos-based image encryption techniques and classifies them into spatial, temporal and spatiotemporal domains for better understanding. The significant improvements in the field of image encryption are discussed. In addition, comparative analysis is performed to validate the evaluation matrices for quantifying the encryption algorithms’ security and performance in recent papers.
TL;DR: A comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators is provided in this article .
Abstract: The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices’ identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, noncryptographic IoT-device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Noncryptographic approaches require more effort and are not yet adequately investigated. In this article, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT-device identification and detection into four categories: 1) device-specific pattern recognition; 2) deep learning-enabled device identification; 3) unsupervised device identification; and 4) abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, incremental learning, and abnormality detection.
TL;DR: The adaptive Joint Photographic Experts Group 2000 (JPEG2000) image compression approach employing the wavelet image transform had proposed with the rise of the optimized Video Internet of Things (VIoT) using image transmission security using Elliptic Curve Cryptography (ECC) techniques as discussed by the authors .
TL;DR: In this article, the authors proposed a blockchain-based secure storage and sharing scheme for Electronic Learning Records (ELRs) in MOOCs learning systems, which can support efficient conditional anonymity, secure storage, and sharing without the need for sophisticated cryptographic calculations.
TL;DR: Wang et al. as mentioned in this paper proposed an efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0, and formally proved its security in the random oracle model.
Abstract: Industry 4.0, which combines information technology, network and industrial production, is expected to have a tremendous impact on our daily lives. In such a complex and security-critical system with resource-constrained sensor nodes, the design of a secure user authentication scheme for preventing real-time data from unauthorized access is full of challenges, and the main crux lies in how to realize the important property of forward secrecy. Existing schemes either fail to achieve forward secrecy or achieve forward secrecy with high computation cost on sensor nodes. Besides, they often fail to conform to the development trend of industry 4.0 systems where a cloud center is necessary to help intelligent decision-making and alleviate computation and storage pressure. Therefore, in this paper, we propose an efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0, and formally prove its security in the random oracle model. Compared with previous schemes, it has three advantages: (1) all eleven state-of-the-art criteria are achieved; (2) its computation cost on sensor nodes is comparable to those insecure schemes that employ only symmetric cryptographic algorithms, and is superior to those that also use asymmetric cryptographic algorithms; (3) it takes the advantage of the computation and storage capabilities of the cloud center to achieve user anonymity and the resistance to offline dictionary attack without performing any asymmetric cryptographic algorithms on gateways. Our computation cost on gateways is the smallest among all state-of-the-art relevant schemes for comparison.
01 Apr 2022
TL;DR: Wang et al. as mentioned in this paper proposed a blockchain-based secure storage and sharing scheme for Electronic Learning Records (ELRs) in MOOCs learning systems, which can support efficient conditional anonymity, secure storage, and sharing without the need for sophisticated cryptographic calculations.
Abstract: Massive Open Online Courses (MOOCs) have become a paramount online learning approach for flexible learning methods and extensive learning courses. Different from the traditional learning method, MOOCs advocate completing the learning process through online devices. Electronic Learning Records (ELRs) are vital for learners as compelling evidence of the learning process, generally are stored in a cloud data center. However, with trustless third-party storage, the security and privacy of ELRs cannot be guaranteed. Due to such, we propose a Blockchain-based secure storage and sharing scheme for ELRs in MOOCs learning systems. Designed to take advantage of blockchain, the proposed solution can support efficient conditional anonymity, secure storage, and sharing without the need for sophisticated cryptographic calculations. The experimental results and the security analysis shows that the proposed scheme achieves legitimate security assurance and outperforms other similar works.
TL;DR: A Chebyshev polynomial-based scheme for resisting side-channel attacks in 5G-enabled vehicular networks is proposed and its efficiency performance outperforms other existing recent works, making it suitable for use in Vehicular networks.
Abstract: The privacy and security vulnerabilities in fifth-generation (5G)-enabled vehicular networks are often required to cope with schemes based on either bilinear pair cryptography (BPC) or elliptic curve cryptography (ECC). Nevertheless, these schemes suffer from massively inefficient performance related to signing and verifying messages in areas of the high-density traffic stream. Meanwhile, adversaries could launch side-channel attacks to obtain sensitive data protected in a tamper-proof device (TPD) to destroy the system. This paper proposes a Chebyshev polynomial-based scheme for resisting side-channel attacks in 5G-enabled vehicular networks. Our work could achieve both important properties of the Chebyshev polynomial in terms of chaotic and semi-group. Our work consists of five phases: system initialization, enrollment, signing, verification, and pseudonym renew. Moreover, to resist side-channel attacks, our work renews periodically and frequently the vehicle’s information in the TPD. Security analysis shows that our work archives the privacy (pseudonym identity and unlikability) and security (authentication, integrity, and traceability) in 5G-enabled vehicular networks. Finally, our work does not employ the BPC or the ECC; its efficiency performance outperforms other existing recent works, making it suitable for use in vehicular networks.
TL;DR: In this article , a lightweight and practical anonymous authentication protocol for IoT that is resilient against machine learning attacks on Physically Unclonable Functions (PUFs) is proposed, which allows devices to generate unique and secure digital fingerprints at extremely low computational cost.
Abstract: The Internet of Things (IoT) is becoming a revolutionary paradigm, moving toward ubiquity in day-to-day life and used in several applications such as smart healthcare systems, industry 4.0, critical infrastructure, etc. As with any concept that relies on wireless communication, authentication is of paramount importance in regards to security considerations. Devices in many IoT applications are severely constrained in terms of computational resources and are thus unable to utilize many modern cryptographic methods for security purposes. Physically unclonable functions (PUFs) propose to solve this issue by allowing devices to generate unique and secure digital fingerprints at extremely low computational cost. However, PUFs are vulnerable to machine learning based modeling attacks that can mathematically clone the PUFs in order to impersonate them. To address these requirements, this article introduces a new lightweight and practical anonymous authentication protocol for IoT that is resilient against machine learning attacks on PUFs.
TL;DR: In this paper , state-of-the-art lightweight cryptographic protocols for IoT networks and presents a comparative analysis of popular contemporary ciphers are discussed and compared in two parts: symmetric and asymmetric lightweight cryptography.
TL;DR: A zero-knowledge proof for the syndrome decoding problem on random linear codes was proposed in this paper , where the MPC-in-the-head paradigm was used to reduce the task of proving the low Hamming weight of the SD solution to proving some relations between specific polynomials.
Abstract: Zero-knowledge proofs of knowledge are useful tools to design signature schemes. The ongoing effort to build a quantum computer urges the cryptography community to develop new secure cryptographic protocols based on quantum-hard cryptographic problems. One of the few directions is code-based cryptography for which the strongest problem is the syndrome decoding (SD) for random linear codes. This problem is known to be NP-hard and the cryptanalysis state of the art has been stable for many years. A zero-knowledge protocol for this problem was pioneered by Stern in 1993. Since its publication, many articles proposed optimizations, implementation, or variants. In this paper, we introduce a new zero-knowledge proof for the syndrome decoding problem on random linear codes. Instead of using permutations like most of the existing protocols, we rely on the MPC-in-the-head paradigm in which we reduce the task of proving the low Hamming weight of the SD solution to proving some relations between specific polynomials. Specifically, we propose a 5-round zero-knowledge protocol that proves the knowledge of a vector x such that $$y=Hx$$ and $${\text {wt}}(x)\le w$$ and which achieves a soundness error closed to 1/N for an arbitrary N. While turning this protocol into a signature scheme, we achieve a signature size of 11–12 KB for 128-bit security when relying on the hardness of the SD problem on binary fields. Using larger fields (like $$\mathbb {F}_{2^8}$$ ), we can produce fast signatures of around 8 KB. This allows us to outperform Picnic3 and to be competitive with SPHINCS+, both post-quantum signature candidates in the ongoing NIST standardization effort. Moreover, our scheme outperforms all the existing code-based signature schemes for the common “signature size $$+$$ public key size” metric.
TL;DR: In this paper , the authors present a survey of the analysis developed to prove the security of the basic quantum techniques introduced by Wiesner, Ekert, Bennett, and Brassard.
Abstract: Secure communications is a vital need of the world, and the basic features of quantum mechanics seemingly offer fundamental new tools for achieving this security. But do these tools really work? This review gives due attention to the real-world problems with experimental quantum cryptography, but the heart of the review is an in-depth survey of the analyses developed to prove the security of the basic quantum techniques introduced by Wiesner, Ekert, Bennett, and Brassard. A broader set of cryptographic tasks have quantum aspects which are also discussed here.
TL;DR: In this article , the authors combine the hyperelliptic curve cryptography (HECC) techniques, digital signature, and hash function to present a privacy-preserving authentication scheme.
Abstract: In this article, unmanned aerial vehicles (UAVs) are expected to play a key role in improving the safety and reliability of transportation systems, particularly where data traffic is nonhomogeneous and nonstationary. However, heterogeneous data sharing raises plenty of security and privacy concerns, which may keep UAVs out of future intelligent transportation systems (ITS). Some of the well-known security and privacy issues in the UAV-enabled ITS ecosystem include tracking UAVs and vehicle locations, unauthorized access to data, and message modification. Therefore, in this article, we contribute to the sum of knowledge by combining the hyperelliptic curve cryptography (HECC) techniques, digital signature, and hash function to present a privacy-preserving authentication scheme. The security features of the proposed scheme are assessed using formal security analysis methods, i.e., real-or- random (ROR) oracle model. To examine the performance of the proposed scheme, a comparison with other existing schemes has been carried out. The results reveal that the proposed scheme outperforms its counterpart schemes in terms of computation and communication costs.
TL;DR: White-box cryptosystems as mentioned in this paper have been used to protect the protected information and keys against black-box attacks and protect sensitive information in the context of white-box cryptographic primitives.
Abstract: According to the standard paradigm, white box cryptographic primitives are used to block black box attacks and protect sensitive information. This is performed to safeguard the protected information and keys against black box assaults. An adversary in such a setting is aware of the method and can analyze many system inputs and outputs, but is blind to the specifics of how a critical instantiation primitive is implemented. This is the focus of white-box solutions, which are designed to withstand attacks that come from the execution environment. This is significant because an attacker may obtain unrestricted access to the program’s execution in this environment. The purpose of this article is to assess the efficiency of white-box implementations in terms of security. Our contribution is twofold: first, we explore the practical implementations of white-box approaches, and second, we analyze the theoretical foundations upon which these implementations are built. First, a research proposal is crafted that details white-box applications of DES and AES encryption algorithms. To begin, this preparation is necessary. The research effort planned for this project also includes cryptanalysis of these techniques. Once the general cryptanalysis results have been examined, the white-box design approaches will be covered. We have decided to launch an investigation into creating a theoretical model for white box, since no prior formal definitions have been offered, and suggested implementations have not been accompanied by any assurance of security. This is due to the fact that no formal definition of “white box” has ever been provided. In this way lies the explanation for why this is the situation. We define WBC to encompass the security requirements of WBC specified over a white box cryptography technology and a security concept by studying formal models of obfuscation and shown security. This definition is the product of extensive investigation. This state-of-the-art theoretical model provides a setting in which to investigate the security of white-box implementations, leading to a wide range of positive and negative conclusions. As a result, this paper includes the results of a Digital Signature Algorithm (DSA) study which may be put to use in the real world with signature verification. Possible future applications of White Box Cryptography (WBC) research findings are discussed in light of these purposes and areas of investigation.
TL;DR: A novel algorithm along with implementation details as an effective and secure E-health cloud model using identity-based cryptography is proposed and decryption time has been decreased up to 50% with the proposed method of cryptography.
Abstract: Nowadays, one of the most popular applications is cloud computing for storing data and information through World Wide Web. Since cloud computing has become available, users are rapidly increasing. Cloud computing enables users to obtain a better and more effective application at a lower cost in a more satisfactory way. Health services data must therefore be kept as safe and secure as possible because the release of this data could have serious consequences for patients. A framework for security and privacy must be employed to store and manage extremely sensitive data. Patients' confidential health records have been encrypted and saved in the cloud using cypher text so far. To ensure privacy and security in a cloud computing environment is a big issue. The medical system has been designed as a standard, access of records, and effective use by medical practitioners as required. In this paper, we propose a novel algorithm along with implementation details as an effective and secure E-health cloud model using identity-based cryptography. The comparison of the proposed and existing techniques has been carried out in terms of time taken for encryption and decryption, energy, and power. Decryption time has been decreased up to 50% with the proposed method of cryptography. As it will take less time for decryption, less power is consumed for doing the cryptography operations.
TL;DR: In this article , the authors implemented a lens-free, optical, and portable physical unclonable function with silk identification cards and studied its characteristics and reliability in a systemic manner.
Abstract: For modern security, devices, individuals, and communications require unprecedentedly unique identifiers and cryptographic keys. One emerging method for guaranteeing digital security is to take advantage of a physical unclonable function. Surprisingly, native silk, which has been commonly utilized in everyday life as textiles, can be applied as a unique tag material, thereby removing the necessary apparatus for optical physical unclonable functions, such as an objective lens or a coherent light source. Randomly distributed fibers in silk generate spatially chaotic diffractions, forming self-focused spots on the millimeter scale. The silk-based physical unclonable function has a self-focusing, low-cost, and eco-friendly feature without relying on pre-/post-process for security tag creation. Using these properties, we implement a lens-free, optical, and portable physical unclonable function with silk identification cards and study its characteristics and reliability in a systemic manner. We further demonstrate the feasibility of the physical unclonable functions in two modes: authentication and data encryption.