Subjects -> COMMUNICATIONS (Total: 518 journals)
    - COMMUNICATIONS (446 journals)
    - DIGITAL AND WIRELESS COMMUNICATION (31 journals)
    - HUMAN COMMUNICATION (19 journals)
    - MEETINGS AND CONGRESSES (7 journals)
    - RADIO, TELEVISION AND CABLE (15 journals)

HUMAN COMMUNICATION (19 journals)

Showing 1 - 20 of 20 Journals sorted alphabetically
Acta Universitatis Sapientiae Communicatio     Open Access  
Advances in Image and Video Processing     Open Access   (Followers: 24)
Argumentation and Advocacy     Hybrid Journal   (Followers: 1)
Asian Journal of Communication     Hybrid Journal   (Followers: 9)
Atlantic Journal of Communication     Hybrid Journal   (Followers: 8)
Communication Quarterly     Hybrid Journal   (Followers: 14)
Communication Reports     Hybrid Journal   (Followers: 8)
Communication Research     Hybrid Journal   (Followers: 22)
Communication Research Reports     Hybrid Journal   (Followers: 8)
Communication Studies     Hybrid Journal   (Followers: 16)
Communication Teacher     Hybrid Journal   (Followers: 5)
Cryptography     Open Access   (Followers: 1)
European Journal of Communication     Hybrid Journal   (Followers: 16)
Health Communication     Hybrid Journal   (Followers: 17)
Jurnal The Messenger     Open Access  
Language Learning Journal     Hybrid Journal   (Followers: 30)
Mass Communication & Society     Hybrid Journal   (Followers: 11)
Political Communication     Hybrid Journal   (Followers: 19)
Popular Communication     Hybrid Journal   (Followers: 3)
Ukrainian Information Space     Open Access  
Similar Journals
Journal Cover
Cryptography
Number of Followers: 1  

  This is an Open Access Journal Open Access journal
ISSN (Online) 2410-387X
Published by MDPI Homepage  [249 journals]
  • Cryptography, Vol. 7, Pages 1: Authenticated Key Exchange Protocol in the
           Standard Model under Weaker Assumptions

    • Authors: Janaka Alawatugoda
      First page: 1
      Abstract: A two-party authenticated key exchange (AKE) protocol allows each of the two parties to share a common secret key over insecure channels, even in the presence of active adversaries who can actively control and modify the exchanged messages. To capture the malicious behaviors of the adversaries, there have been many efforts to define security models. Amongst them, the extended Canetti–Krawczyk (eCK) security model is considered one of the strongest security models and has been widely adopted. In this paper, we present a simple construction of a pairing-based eCK-secure AKE protocol in the standard model. Our protocol can be instantiated with a suitable signature scheme (i.e., an existentially unforgeable signature scheme against adaptive chosen message attacks). The underlying assumptions of our construction are the decisional bilinear Diffie–Hellman assumption and the existence of a pseudorandom function. Note that the previous eCK-secure protocol constructions either relied on random oracles for their security or used somewhat strong assumptions, such as the existence of strong-pseudorandom functions, target collision-resistant functions, etc., while our protocol construction uses fewer and more-standard assumptions in the standard model. Furthermore, preserving the same security argument, our protocol can be instantiated with any appropriate signature scheme that comes in the future with better efficiency.
      Citation: Cryptography
      PubDate: 2023-01-05
      DOI: 10.3390/cryptography7010001
      Issue No: Vol. 7, No. 1 (2023)
       
  • Cryptography, Vol. 7, Pages 2: Polar Codes for Module-LWE Public Key
           Encryption: The Case of Kyber

    • Authors: Iason Papadopoulos, Jiabo Wang
      First page: 2
      Abstract: In modern society, the Internet is one of the most used means of communication. Thus, secure information transfer is inevitably of major importance. Computers nowadays use encryption methods based on arithmetic operations to turn messages into ciphertexts that are practically impossible for an attacker to reverse-engineer using a classical computer. Lately, it has been proven that this is possible in a post-quantum setting where quantum computers of considerable size are available to attackers. With the advance of technology of quantum computers, it is now more necessary than ever before to construct encryption schemes that cannot be broken either using a classical or a quantum computer. The National Institute of Technology and Standards (NIST) has orchestrated a competition, and numerous encryption schemes have been proposed. The NIST has identified one algorithm to be standardized for the post-quantum era. This algorithm is called CRYSTALS-Kyber and is based on module learning with errors (MLWE). This paper investigates how to apply error correcting codes in order to create some excess decryption failure rate (DFR) and to take advantage of that in order to re-tune Kyber’s parameters in the pursuit of higher security. By applying Polar Codes, Kyber’s security was managed to be increased by 54.4% under a new set of parameters, while keeping the decryption failure rate well below the upper acceptable bound set by the NIST.
      Citation: Cryptography
      PubDate: 2023-01-10
      DOI: 10.3390/cryptography7010002
      Issue No: Vol. 7, No. 1 (2023)
       
  • Cryptography, Vol. 7, Pages 3: Acknowledgment to the Reviewers of
           Cryptography in 2022

    • Authors: Cryptography Editorial Office Cryptography Editorial Office
      First page: 3
      Abstract: High-quality academic publishing is built on rigorous peer review [...]
      Citation: Cryptography
      PubDate: 2023-01-18
      DOI: 10.3390/cryptography7010003
      Issue No: Vol. 7, No. 1 (2023)
       
  • Cryptography, Vol. 7, Pages 4: Early Detection of Clustered Trojan Attacks
           on Integrated Circuits Using Transition Delay Fault Model

    • Authors: Navya Mohan, J. P. Anita
      First page: 4
      Abstract: The chances of detecting a malicious reliability attack induced by an offshore foundry are grim. The hardware Trojans affecting a circuit’s reliability do not tend to alter the circuit layout. These Trojans often manifest as an increased delay in certain parts of the circuit. These delay faults easily escape during the integrated circuits (IC) testing phase, hence are difficult to detect. If additional patterns to detect delay faults are generated during the test pattern generation stage, then reliability attacks can be detected early without any hardware overhead. This paper proposes a novel method to generate patterns that trigger Trojans without altering the circuit model. The generated patterns’ ability to diagnose clustered Trojans are also analyzed. The proposed method uses only single fault simulation to detect clustered Trojans, thereby reducing the computational complexity. Experimental results show that the proposed algorithm has a detection ratio of 99.99% when applied on ISCAS’89, ITC’99 and IWLS’05 benchmark circuits. Experiments on clustered Trojans indicate a 46% and 34% improvement in accuracy and resolution compared to a standard Automatic Test Pattern Generator (ATPG)Tool.
      Citation: Cryptography
      PubDate: 2023-01-28
      DOI: 10.3390/cryptography7010004
      Issue No: Vol. 7, No. 1 (2023)
       
  • Cryptography, Vol. 7, Pages 5: Quantum Secret Aggregation Utilizing a
           Network of Agents

    • Authors: Michael Ampatzis, Theodore Andronikos
      First page: 5
      Abstract: Suppose that the renowned spymaster Alice controls a network of spies who all happen to be deployed in different geographical locations. Let us further assume that all spies have managed to get their hands on a small, albeit incomplete by itself, secret, which actually is just a part of a bigger secret. In this work, we consider the following problem: given the above situation, is it possible for the spies to securely transmit all these partial secrets to the spymaster so that they can be combined together in order to reveal the big secret to Alice' We call this problem, which, to the best of our knowledge, is a novel one for the relevant literature, the quantum secret aggregation problem. We propose a protocol, in the form of a quantum game, that addresses this problem in complete generality. Our protocol relies on the use of maximally entangled GHZ tuples, shared among Alice and all her spies. It is the power of entanglement that makes possible the secure transmission of the small partial secrets from the agents to the spymaster. As an additional bonus, entanglement guarantees the security of the protocol, by making it statistically improbable for the notorious eavesdropper Eve to steal the big secret.
      Citation: Cryptography
      PubDate: 2023-02-03
      DOI: 10.3390/cryptography7010005
      Issue No: Vol. 7, No. 1 (2023)
       
  • Cryptography, Vol. 6, Pages 48: Post Quantum Design in SPDM for Device
           Authentication and Key Establishment

    • Authors: Jiewen Yao, Krystian Matusiewicz, Vincent Zimmer
      First page: 48
      Abstract: The Security Protocol and Data Model (SPDM) defines a set of flows whose purpose includes the authentication of a computing device’s hardware identity. SPDM also allows for the creation of a secure session wherein data communication between two devices has both confidentiality and integrity protection. The present version of SPDM, namely version 1.2, relies upon traditional asymmetric cryptographic algorithms, and these algorithms are known to be vulnerable to quantum attacks. This paper describes the means by which support for post-quantum (PQ) cryptography can be added to the SPDM protocol in order to prepare SPDM for the upcoming world of quantum computing. As part of this paper, we examine the SPDM 1.2 protocol and discuss various aspects of using PQC algorithms, including negotiation of the use of post-quantum cryptography (PQC) algorithms, support for device identity reporting, mechanisms for device authentication, and establishing a secure session. We consider so-called “hybrid modes’’ where both classical and PQC algorithms are used to achieve security properties, especially given the fact that these modes are important during the transition period from the classical to the quantum computing regime. We also share our experience with implementing a software embodiment of PQC in SPDM, namely “PQ-SPDM’’, and we provide benchmarks that evaluate a subset of the winning NIST PQC algorithms.
      Citation: Cryptography
      PubDate: 2022-09-21
      DOI: 10.3390/cryptography6040048
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 49: Blockchain of Resource-Efficient Anonymity
           Protection with Watermarking for IoT Big Data Market

    • Authors: Chia-Hui Wang, Chih-Hao Hsu
      First page: 49
      Abstract: According to the ever-growing supply and demand of IoT content, IoT big data in diversified applications are deemed a valuable asset by private and public sectors. Their privacy protection has been a hot research topic. Inspired by previous work on bounded-error-pruned IoT content market, we observe that the anonymity protection with robust watermarking can be developed by further pruning data for better resource-efficient IoT big data without violating the required quality of sensor service or quality of decision-making. In this paper, resource-efficient anonymity protection with watermarking is thus proposed for data consumers and owners of IoT big data market via blockchain. Our proposed scheme can provide the IoT data with privacy protections of both anonymity and ownership in IoT big data market with resource efficiency. The experiments of four different-type IoT datasets with different settings included bounded-errors, sub-stream sizes, watermark lengths, and ratios of data tampering. The performance results demonstrated that our proposed scheme can provide data owners and consumers with ownership and anonymity via watermarking the IoT big data streams for lossless compressibility. Meanwhile, the developed DApp with our proposed scheme on the Ethereum blockchain can help data owners freely share and trade with consumers in convenience with availability, reliability, and security without mutual trust.
      Citation: Cryptography
      PubDate: 2022-09-30
      DOI: 10.3390/cryptography6040049
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 50: Cryptographic Rational Secret Sharing
           Schemes over General Networks

    • Authors: Alfonso Labao, Henry Adorna
      First page: 50
      Abstract: We propose cryptographic rational secret sharing protocols over general networks. In a general network, the dealer may not have direct connections to each player, and players may not have direct connections to each of the other players. We present conditions on the network topology for which our proposed protocols are computational strict Nash equilibria and (k−1)-resilient, along with analysis on their round and communication complexity. We also present new notions of equilibria such as Φ-resilient computational Nash equilibria, whereby a protocol is resilient to coalitions that satisfy conditions in Φ, regardless of the coalition’s size. We also propose (n−1)-key leakage-tolerant equilibria applicable to cryptographic protocols involving secret keys, whereby the equilibrium holds even if some players acquire (n−1) tuples of secret keys.
      Citation: Cryptography
      PubDate: 2022-10-01
      DOI: 10.3390/cryptography6040050
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 51: Efficient RO-PUF for Generation of
           Identifiers and Keys in Resource-Constrained Embedded Systems

    • Authors: Macarena C. Martínez-Rodríguez, Luis F. Rojas-Muñoz, Eros Camacho-Ruiz, Santiago Sánchez-Solano, Piedad Brox
      First page: 51
      Abstract: The generation of unique identifiers extracted from the physical characteristics of the underlying hardware ensures the protection of electronic devices against counterfeiting and provides security to the data they store and process. This work describes the design of an efficient Physical Unclonable Function (PUF) based on the differences in the frequency of Ring Oscillators (ROs) with identical layout due to variations in the technological processes involved in the manufacture of the integrated circuit. The logic resources available in the Xilinx Series-7 programmable devices are exploited in the design to make it more compact and achieve an optimal bit-per-area rate. On the other hand, the design parameters can also be adjusted to provide a high bit-per-time rate for a particular target device. The PUF has been encapsulated as a configurable Intellectual Property (IP) module, providing it with an AXI4-Lite interface to ease its incorporation into embedded systems in combination with soft- or hard-core implementations of general-purpose processors. The capability of the proposed RO-PUF to generate implementation-dependent identifiers has been extensively tested, using a series of metrics to evaluate its reliability and robustness for different configuration options. Finally, in order to demonstrate its utility to improve system security, the identifiers provided by RO-PUFs implemented on different devices have been used in a Helper Data Algorithm (HDA) to obfuscate and retrieve a secret key.
      Citation: Cryptography
      PubDate: 2022-10-05
      DOI: 10.3390/cryptography6040051
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 52: ICRP: Internet-Friendly Cryptographic
           Relay-Detection Protocol

    • Authors: Ghada Arfaoui, Gildas Avoine, Olivier Gimenez, Jacques Traoré
      First page: 52
      Abstract: Traffic hijacking over the Internet has become a frequent incident over the last two decades. From minor inconveniences for casual users to massive leaks of governmental data, these events cover an unprecedently large spectrum. Many hijackings are presumed to be caused by unfortunate routing mistakes, but a well-organized attacker could set up a long-term stealthy relay, accessing critical traffic metadata, despite suitable encryption schemes. While many studies focus on the mitigation of known attacks, we choose to design a complete detection method regardless of the attacker’s strategy. We propose a two-party cryptographic protocol for detecting traffic hijacking over the Internet. Our proposal relies on a distance-bounding mechanism that performs interactive authentication with a “Challenge–Response” exchange, and measures the round-trip time of packets to decide whether an attack is ongoing. Our construction is supported by worldwide experiments on communication time between multiple nodes, allowing us to both demonstrate its applicability and evaluate its performance. Over the course of this paper, we demonstrate our protocol to be efficient—itrequires only two cryptographic operations per execution inducing negligible workload for users and very few loss of throughput, scalable—no software updates are required for intermediate network nodes, routing protocol independent—this means that any future update of the route selection process will not induce changes on our scheme, and network friendly—the added volume of transiting data is only about 1.5%.
      Citation: Cryptography
      PubDate: 2022-10-17
      DOI: 10.3390/cryptography6040052
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 53: WPAxFuzz: Sniffing Out Vulnerabilities in
           Wi-Fi Implementations

    • Authors: Vyron Kampourakis, Efstratios Chatzoglou, Georgios Kambourakis, Apostolos Dolmes, Christos Zaroliagis
      First page: 53
      Abstract: This work attempts to provide a way of scrutinizing the security robustness of Wi-Fi implementations in an automated fashion. To this end, to our knowledge, we contribute the first full-featured and extensible Wi-Fi fuzzer. At the time of writing, the tool, made publicly available as open source, covers the IEEE 802.11 management and control frame types and provides a separate module for the pair of messages of the Simultaneous Authentication of Equals (SAE) authentication and key exchange method. It can be primarily used to detect vulnerabilities potentially existing in wireless Access Points (AP) under the newest Wi-Fi Protected Access 3 (WPA3) certification, but its functionalities can also be exploited against WPA2-compatible APs. Moreover, the fuzzer incorporates: (a) a dual-mode network monitoring module that monitors, in real time, the behavior of the connected AP stations and logs possible service or connection disruptions and (b) an attack tool used to verify any glitches found and automatically craft the corresponding exploit. We present results after testing the fuzzer against an assortment of off-the-shelf APs by different renowned vendors. Adhering to a coordinated disclosure process, we have reported the discovered issues to the affected vendors, already receiving positive feedback from some of them.
      Citation: Cryptography
      PubDate: 2022-10-20
      DOI: 10.3390/cryptography6040053
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 54: Privacy-Preserving Contrastive
           Explanations with Local Foil Trees

    • Authors: Thijs Veugen, Bart Kamphorst, Michiel Marcus
      First page: 54
      Abstract: We present the first algorithm that combines privacy-preserving technologies and state-of-the-art explainable AI to enable privacy-friendly explanations of black-box AI models. We provide a secure algorithm for contrastive explanations of black-box machine learning models that securely trains and uses local foil trees. Our work shows that the quality of these explanations can be upheld whilst ensuring the privacy of both the training data and the model itself.
      Citation: Cryptography
      PubDate: 2022-10-28
      DOI: 10.3390/cryptography6040054
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 55: Improving User Privacy in Identity-Based
           Encryption Environments

    • Authors: Carlisle Adams
      First page: 55
      Abstract: The promise of identity-based systems is that they maintain the functionality of public key cryptography while eliminating the need for public key certificates. The first efficient identity-based encryption (IBE) scheme was proposed by Boneh and Franklin in 2001; variations have been proposed by many researchers since then. However, a common drawback is the requirement for a private key generator (PKG) that uses its own master private key to compute private keys for end users. Thus, the PKG can potentially decrypt all ciphertext in the environment (regardless of who the intended recipient is), which can have undesirable privacy implications. This has led to limited adoption and deployment of IBE technology. There have been numerous proposals to address this situation (which are often characterized as methods to reduce trust in the PKG). These typically involve threshold mechanisms or separation-of-duty architectures, but unfortunately often rely on non-collusion assumptions that cannot be guaranteed in real-world settings. This paper proposes a separation architecture that instantiates several intermediate CAs (ICAs), rather than one (as in previous work). We employ digital credentials (containing a specially-designed attribute based on bilinear maps) as the blind tokens issued by the ICAs, which allows a user to easily obtain multiple layers of pseudonymization prior to interacting with the PKG. As a result, our proposed architecture does not rely on unrealistic non-collusion assumptions and allows a user to reduce the probability of a privacy breach to an arbitrarily small value.
      Citation: Cryptography
      PubDate: 2022-11-09
      DOI: 10.3390/cryptography6040055
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 56: On Advances of Lattice-Based Cryptographic
           Schemes and Their Implementations

    • Authors: Harshana Bandara, Yasitha Herath, Thushara Weerasundara, Janaka Alawatugoda
      First page: 56
      Abstract: Lattice-based cryptography is centered around the hardness of problems on lattices. A lattice is a grid of points that stretches to infinity. With the development of quantum computers, existing cryptographic schemes are at risk because the underlying mathematical problems can, in theory, be easily solved by quantum computers. Since lattice-based mathematical problems are hard to be solved even by quantum computers, lattice-based cryptography is a promising foundation for future cryptographic schemes. In this paper, we focus on lattice-based public-key encryption schemes. This survey presents the current status of the lattice-based public-key encryption schemes and discusses the existing implementations. Our main focus is the learning with errors problem (LWE problem) and its implementations. In this paper, the plain lattice implementations and variants with special algebraic structures such as ring-based variants are discussed. Additionally, we describe a class of lattice-based functions called lattice trapdoors and their applications.
      Citation: Cryptography
      PubDate: 2022-11-09
      DOI: 10.3390/cryptography6040056
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 57: Scaling Ethereum 2.0s Cross-Shard
           Transactions with Refined Data Structures

    • Authors: Alexander Kudzin, Kentaroh Toyoda, Satoshi Takayama, Atsushi Ishigame
      First page: 57
      Abstract: (1) Background: To solve the blockchain scaling issue, sharding has been proposed; however, this approach has its own scaling issue: the cross-shard communication method. To resolve the cross-shard communication scaling issue, rollups have been proposed and are being investigated. However, they also have their own scaling limitations, in particular, the degree of compression they can apply to transactions (TXs) affecting how many TXs can be included in one block. (2) Methods: In this paper, we propose a series of novel data structures for the compiling of cross-shard TXs sent using rollups for both public and private Ethereum. Our proposal removes redundant fields, consolidates repeated fields, and compresses any remaining fields in the rollup, modifying its data structure to compress the address, gas, and value fields. (3) Results: We have shown that our proposals can accommodate more cross-shard TXs in a block by reducing the TX size by up to 65% and 97.6% compared to the state-of-the-art in public and private Ethereum, respectively. This compression in TX size results in an over 2× increase in transactions per block (TPB) for our proposals targeting both types of Ethereum. (4) Conclusions: Our proposals will mitigate the scaling issue in a sharded blockchain that utilizes rollups for cross-shard communication. In particular, it will enable such sharded Ethereum networks to be deployed for large-scale decentralized systems.
      Citation: Cryptography
      PubDate: 2022-11-10
      DOI: 10.3390/cryptography6040057
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 58: Process Authentication through Blockchain:
           Three Case Studies

    • Authors: Mario Ciampi, Diego Romano, Giovanni Schmid
      First page: 58
      Abstract: In this work, we elaborate on the concept of process authenticity, which intuitively corresponds to the validity of all process steps and their proper binding. It represents the most exciting forefront of distributed ledger technology research concerning the primary challenge of reliably connecting distributed ledger networks to the physical context it must operate. More in detail, the paper describes a novel methodological approach to ensure the authenticity of business processes through blockchain and several security mechanisms applied to the digital twins of the actual processes. We illustrate difficulties and opportunities deriving from implementing process authenticity in concrete case studies in which we were involved as software designers belonging to three critical application domains: document dematerialization, e-voting, and healthcare.
      Citation: Cryptography
      PubDate: 2022-11-11
      DOI: 10.3390/cryptography6040058
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 59: Shift Register, Reconvergent-Fanout (SiRF)
           PUF Implementation on an FPGA

    • Authors: Jim Plusquellic
      First page: 59
      Abstract: Physical unclonable functions (PUFs) are gaining traction as an attractive alternative to generating and storing device keying material over traditional secure non-volatile memory (NVM) technologies. In this paper, we propose an engineered delay-based PUF called the shift-register, reconvergent-fanout (SiRF) PUF, and present an analysis of the statistical quality of its bitstrings using data collected from a set of FPGAs subjected to extended industrial temperature-voltage environmental conditions. The SiRF PUF utilizes the Xilinx shift register primitive and an engineered network of logic gates that are designed to distribute signal paths over a wide region of the FPGA fabric using a MUXing scheme similar in principle to the shift-rows permutation function within the Advanced Encryption Standard algorithm. The shift register is utilized in a unique fashion to enable individual paths through a Xilinx 5-input LUT to be selected as a source of entropy by the challenge. The engineered logic gate network utilizes reconvergent-fanout as a means of adding entropy, eliminating bias and increasing uncertainty with respect to which paths are actually being timed and used in post-processing to produce the secret key or authentication bitstring. The SiRF PUF is a strong PUF build on top of a network with 10’s of millions of possible paths.
      Citation: Cryptography
      PubDate: 2022-11-11
      DOI: 10.3390/cryptography6040059
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 60: Reevaluating Graph-Neural-Network-Based
           Runtime Prediction of SAT-Based Circuit Deobfuscation

    • Authors: Guangwei Zhao, Kaveh Shamsi
      First page: 60
      Abstract: Logic locking is a technique that can help hinder reverse-engineering-based attacks in the IC supply chain from untrusted foundries or end-users. In 2015, the Boolean Satisfiability (SAT) attack was introduced. Although the SAT attack is effective in deobfuscating a wide range of logic locking schemes, its execution time varies widely from a few seconds to months. Previous research has shown that Graph Convolutional Networks (GCN) may be used to estimate this deobfuscation time for locked circuits with varied key sizes. In this paper, we explore whether GCN models truly understand/capture the structural/functional sources of deobfuscation hardness. In order to tackle this, we generate different curated training datasets: traditional ISCAS benchmark circuits locked with varying key sizes, as well as an important novel class of synthetic benchmarks: Substitution-Permutation Networks (SPN), which are circuit structures used to produce the most secure and efficient keyed-functions used today: block-ciphers. We then test whether a GCN trained on a traditional benchmark can predict the simple fact that a deeper SPN is superior to a wide SPN of the same size. We find that surprisingly the GCN model fails at this. We propose to overcome this limitation by proposing a set of circuit features motivated by block-cipher design principles. These features can be used as stand-alone or combined with GCN models to provide deeper topological cues than what GCNs can access.
      Citation: Cryptography
      PubDate: 2022-11-22
      DOI: 10.3390/cryptography6040060
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 61: Certificateless Searchable Encryption
           Scheme in Multi-User Environment

    • Authors: Tao Feng, Jiewen Si
      First page: 61
      Abstract: Searchable encryption technology enables users to access data that has been made publicly encrypted without divulging the original content. The majority of the currently available multi-user certificateless searchable encryption technologies are based on identity-based public key encryption as well as conventional public key cryptosystems. Thus, they are challenged to adapt to the security needs of today’s large-scale network computing environment. As a result, issues such as excessive overhead, poor security, and the inability to handle large-scale applications are unavoidable. In order to address the aforementioned issues, this paper uses the method of combining public key authentication encryption and searchable encryption to propose a certificateless searchable encryption scheme in multi-user circumstances. The stochastic prediction model demonstrates that the scheme can effectively fend off keyword guessing attacks. The proposed algorithm not only performs well in terms of computation but also significantly reduces the amount of computation in simulations.
      Citation: Cryptography
      PubDate: 2022-12-02
      DOI: 10.3390/cryptography6040061
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 62: Intrusion Detection System for IoT Using
           Logical Analysis of Data and Information Gain Ratio

    • Authors: Sneha Chauhan, Sugata Gangopadhyay, Aditi Kar Gangopadhyay
      First page: 62
      Abstract: The rapidly increasing use of the internet has led to an increase in new devices and technologies; however, attack and security violations have grown exponentially as well. In order to detect and prevent attacks, an Intrusion Detection System (IDS) is proposed using Logical Analysis of Data (LAD). Logical Analysis of Data is a data analysis technique that classifies data as either normal or an attack based on patterns. A pattern generation approach is discussed using the concept of Boolean functions. The IDS model is trained and tested using the Bot-IoT dataset. The model achieves an accuracy of 99.98%, and is able to detect new attacks with good precision and recall.
      Citation: Cryptography
      PubDate: 2022-12-05
      DOI: 10.3390/cryptography6040062
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 63: Formalizing and Safeguarding
           Blockchain-Based BlockVoke Protocol as an ACME Extension for Fast
           Certificate Revocation

    • Authors: Anant Sujatanagarjuna, Arne Bochem, Benjamin Leiding
      First page: 63
      Abstract: Certificates are integral to the security of today’s Internet. Protocols like BlockVoke allow secure, timely and efficient revocation of certificates that need to be invalidated. ACME, a scheme used by the non-profit Let’s Encrypt Certificate Authority to handle most parts of the certificate lifecycle, allows automatic and seamless certificate issuance. In this work, we bring together both protocols by describing and formalizing an extension of the ACME protocol to support BlockVoke, combining the benefits of ACME’s certificate lifecycle management and BlockVoke’s timely and secure revocations. We then formally verify this extension through formal methods such as Colored Petri Nets (CPNs) and conduct a risk and threat analysis of the ACME/BlockVoke extension using the ISSRM domain model. Identified risks and threats are mitigated to secure our novel extension. Furthermore, a proof-of-concept implementation of the ACME/BlockVoke extension is provided, bridging the gap towards deployment in the real world.
      Citation: Cryptography
      PubDate: 2022-12-06
      DOI: 10.3390/cryptography6040063
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 64: Privacy Protection Scheme for the Internet
           of Vehicles Based on Private Set Intersection

    • Authors: Quan Zhou, Zhikang Zeng, Kemeng Wang, Menglong Chen
      First page: 64
      Abstract: Performing location-based services in a secure and efficient manner that remains a huge challenge for the Internet of Vehicles with numerous privacy and security risks. However, most of the existing privacy protection schemes are based on centralized location servers, which makes them all have a common drawback of a single point of failure and leaking user privacy. The employment of anonymity and cryptography is a well-known solution to the above problem, but its expensive resource consumption and complex cryptographic operations are difficult problems to solve. Based on this, designing a distributed and privacy-secure privacy protection scheme for the Internet of Vehicles is an urgent issue for the smart city. In this paper, we propose a privacy protection scheme for the Internet of Vehicles based on privacy set intersection. Specially, using privacy set intersection and blockchain techniques, we propose two protocols, that is, a dual authentication protocol and a service recommendation protocol. The double authentication protocol not only ensures that both communicating parties are trusted users, but also ensures the reliability of their session keys; while the service recommendation protocol based on pseudorandom function and one-way hash function can well protect the location privacy of users from being leaked. Finally, we theoretically analyze the security that this scheme has, i.e., privacy security, non-repudiation, and anti-man-in-the-middle attack.
      Citation: Cryptography
      PubDate: 2022-12-07
      DOI: 10.3390/cryptography6040064
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 65: Physical Visitor Access Control and
           Authentication Using Blockchain, Smart Contracts and Internet of Things

    • Authors: Frederick Stock, Yesem Kurt Peker, Alfredo J. Perez, Jarel Hearst
      First page: 65
      Abstract: In this work we explore the use of blockchain with Internet of Things (IoT) devices to provide visitor authentication and access control in a physical environment. We propose the use of a “bracelet” based on a low-cost NodeMCU IoT platform that broadcasts visitor location information and cannot be removed without alerting a management system. We present the design, implementation, and testing of our system. Our results show the feasibility of implementing a physical access control system based on blockchain technology, and performance improvements over a similar system proposed in the literature.
      Citation: Cryptography
      PubDate: 2022-12-08
      DOI: 10.3390/cryptography6040065
      Issue No: Vol. 6, No. 4 (2022)
       
  • Cryptography, Vol. 6, Pages 31: Side-Channel Attacks on Masked Bitsliced
           Implementations of AES

    • Authors: Anca Rădulescu, Marios O. Choudary
      First page: 31
      Abstract: In this paper, we provide a detailed analysis of CPA and Template Attacks on masked implementations of bitsliced AES, targeting a 32-bit platform through the ChipWhisperer side-channel acquisition tool. Our results show that Template Attacks can recover the full AES key successfully within 300 attack traces even on the masked implementation when using a first-order attack (no pre-processing). Furthermore, we confirm that the SubBytes operation is overall a better target for Template Attacks due to its non-linearity, even in the case of bitsliced implementations, where we can only use two bits per key byte target. However, we also show that targeting the AddRoundKey can be used to attack bitsliced implementations and that, in some cases, it can be more efficient than the SubBytes attack.
      Citation: Cryptography
      PubDate: 2022-06-28
      DOI: 10.3390/cryptography6030031
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 32: Adaptable Cryptographic Primitives in
           Blockchains via Smart Contracts

    • Authors: Riccardo Longo, Carla Mascia, Alessio Meneghetti, Giordano Santilli, Giovanni Tognolini
      First page: 32
      Abstract: Blockchain-based platforms utilise cryptographic protocols to enforce the correct behaviour of users, as well as to guarantee a sufficient level of protection against malicious adversaries. Cryptography is, however, an ever-evolving discipline, and any breakthrough would have immediate consequences on the security of blockchain-based applications. A possible threat currently under investigation is given by the development of quantum computers, since several wide-adopted cryptographic protocols have been proved to be unsafe against quantum-capable adversaries. In this work, we propose a novel approach for the management of cryptographic primitives in smart-contract-based ledgers, discussing how it fits in both a (partially) permissioned and a fully permissionless setting. The cryptographic protocols are managed in a flexible manner via a set of smart-contracts defined on the ledger itself, in this way the choice of algorithms and parameters can change quickly. Among the advantages of this approach, we remark how it allows designing an adaptive post-quantum-based blockchain that keeps up with ongoing technological advances. In general, the introduction of new features and the application of fixes to a blockchain cause forks in the chain, which may cause major disruptions. The use of smart contracts in blockchain management allows to avoid this problem, dynamically introducing new protocols or deprecating old ones without compromising previous data. The Cryptographic Kernel approach has been adopted by Quadrans, an open-source, public, decentralised smart-contract-based blockchain with a specific focus on the needs of industry, complex supply chains, and IOT devices.
      Citation: Cryptography
      PubDate: 2022-06-29
      DOI: 10.3390/cryptography6030032
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 33: A Batch Processing Technique for Wearable
           Health Crowd-Sensing in the Internet of Things

    • Authors: Abigail Akosua Addobea, Qianmu Li, Isaac Obiri Amankona, Jun Hou
      First page: 33
      Abstract: The influx of wearable sensor devices has influenced a new paradigm termed wearable health crowd-sensing (WHCS). WHCS enables wearable data collection through active sensing to provide health monitoring to users. Wearable sensing devices capture data and transmit it to the cloud for data processing and analytics. However, data sent to the cloud is vulnerable to on-path attacks. The bandwidth limitation issue is also another major problem during large data transfers. Moreover, the WHCS faces several anonymization issues. In light of this, this article presents a batch processing method to solve the identified issues in WHCS. The proposed batch processing method provides an aggregate authentication and verification approach to resolve bandwidth limitation issues in WHCS. The security of our scheme shows its resistance to forgery and replay attacks, as proved in the random oracle (ROM), while offering anonymity to users. Our performance analysis shows that the proposed scheme achieves a lower computational and communication cost with a reduction in the storage overhead compared to other existing schemes. Finally, the proposed method is more energy-efficient, demonstrating that it is suitable for the WHCS system.
      Citation: Cryptography
      PubDate: 2022-06-29
      DOI: 10.3390/cryptography6030033
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 34: BFV-Based Homomorphic Encryption for
           Privacy-Preserving CNN Models

    • Authors: Febrianti Wibawa, Ferhat Ozgur Catak, Salih Sarp, Murat Kuzlu
      First page: 34
      Abstract: Medical data is frequently quite sensitive in terms of data privacy and security. Federated learning has been used to increase the privacy and security of medical data, which is a sort of machine learning technique. The training data is disseminated across numerous machines in federated learning, and the learning process is collaborative. There are numerous privacy attacks on deep learning (DL) models that attackers can use to obtain sensitive information. As a result, the DL model should be safeguarded from adversarial attacks, particularly in medical data applications. Homomorphic encryption-based model security from the adversarial collaborator is one of the answers to this challenge. Using homomorphic encryption, this research presents a privacy-preserving federated learning system for medical data. The proposed technique employs a secure multi-party computation protocol to safeguard the deep learning model from adversaries. The proposed approach is tested in terms of model performance using a real-world medical dataset in this paper.
      Citation: Cryptography
      PubDate: 2022-07-01
      DOI: 10.3390/cryptography6030034
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 35: Physical Layer Security Design for Polar
           Code Construction

    • Authors: Yao Zeng, Yuxi Tang, Luping Xiang
      First page: 35
      Abstract: In contrast to the network security that relies on upper-layer encryption for the confidentiality and authenticity of communications, physical layer security (PLS) exploits the uniqueness and randomness of the physical channel to encrypt information and enhance the security of the system. In this paper, we study the PLS of a polar-coded wireless communication system. To be more specific, we leverage the unique properties in polar code construction and propose a channel quality indicator (CQI)-based frozen-bit pattern generation scheme. The transmitter employs the Gaussian approximation algorithm to generate the corresponding frozen bit pattern according to the instantaneous CQI of the legitimate link. At the receiver, by leveraging the full channel reciprocity in the time-division duplex (TDD) mode, we can map the CQI to the corresponding frozen bit pattern and correctly decode the received bits. By contrast, the eavesdropper was unable to have the knowledge of the legal channel, and hence cannot determine the frozen bit pattern of the polar-coded bit sequence. Our simulation results demonstrate that by adopting the proposed PLS key generation scheme, Eve was hardly able to correctly decode a complete frame, leading to a high block error rate (BLER), while Bob was able to attain a 10−5 BLER.
      Citation: Cryptography
      PubDate: 2022-07-04
      DOI: 10.3390/cryptography6030035
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 36: Multi-Wavelength Quantum Key Distribution
           Emulation with Physical Unclonable Function

    • Authors: Brit Riggs, Michael Partridge, Bertrand Cambou, Ian Burke, Manuel Aguilar Rios, Julie Heynssens, Dina Ghanaimiandoab
      First page: 36
      Abstract: This work details the theory and implementation of a multi-wavelength quantum key distribution (QKD) emulation system with a physical unclonable function (PUF). Multi-wavelength QKD can eliminate the need to share a subsection of the final key for eavesdropper detection and allow for ternary and quaternary data transmission. The inclusion of the PUF adds an additional layer of security. We provide preliminary error analysis of our emulation system. To support this work, we introduce a bitwise transform operator that enables binary output of the PUF to satisfy the ternary and quaternary input requirements of the QKD system.
      Citation: Cryptography
      PubDate: 2022-07-06
      DOI: 10.3390/cryptography6030036
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 37: Light Weight Authentication Scheme for
           Smart Home IoT Devices

    • Authors: Vipin Kumar, Navneet Malik, Jimmy Singla, N. Z. Jhanjhi, Fathi Amsaad, Abdul Razaque
      First page: 37
      Abstract: In today’s world, the use of computer networks is everywhere, and to access the home network we use the Internet. IoT networks are the new range of these networks in which we try to connect different home appliances and try to give commands from a remote place. Access to any device over an insecure network invites various types of attacks. User authentication can be performed using some password or biometric technique. However, when it comes to authenticating a device, it becomes challenging to maintain data security over a secure network such as the Internet. Many encryptions and decryption algorithms assert confidentiality, and hash code or message authentication code MAC is used for authentication. Traditional cryptographic security methods are expensive in terms of computational resources such as memory, processing capacity, and power consumption. They are incompatible with the Internet of Things devices that have limited resources. Although automatic Device-to-Device communication enables new potential applications, the limited resources of the networks’ machines and devices impose various constraints. This paper proposes a home device authentication scheme when these are accessed from a remote place. An authentication device is used for the home network and controller device to control home appliances. Our scheme can prevent various attacks such as replay attacks, server spoofing, and man-in-the-middle attack. The proposed scheme maintains the confidentiality and authenticity of the user and devices in the network. At the same time, we check the system in a simulated environment, and the results show that the network’s performance does not degrade much in terms of delay, throughput, and energy consumed.
      Citation: Cryptography
      PubDate: 2022-07-20
      DOI: 10.3390/cryptography6030037
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 38: Node Monitoring as a Fault Detection
           

    • Authors: Donald E. Owen, Jithin Joseph, Jim Plusquellic, Tom J. Mannos, Brian Dziki
      First page: 38
      Abstract: Advanced, superscalar microprocessors (μP) are highly susceptible to wear-out failures because of their highly complex, densely packed circuit structure and extreme operational frequencies. Although many types of fault detection and mitigation strategies have been proposed, none have addressed the specific problem of detecting faults that lead to information leakage events on I/O channels of the μP. Information leakage can be defined very generally as any type of output that the executing program did not intend to produce. In this work, we restrict this definition to output that represents a security concern, and in particular, to the leakage of plaintext or encryption keys, and propose a counter-based countermeasure to detect faults that cause this type of leakage event. Fault injection (FI) experiments are carried out on two RISC-V microprocessors emulated as soft cores on a Xilinx multi-processor System-on-chip (MPSoC) FPGA. The μP designs are instrumented with a set of counters that records the number of transitions that occur on internal nodes. The transition counts are collected from all internal nodes under both fault-free and faulty conditions, and are analyzed to determine which counters provide the highest fault coverage and lowest latency for detecting leakage faults. We show that complete coverage of all leakage faults is possible using only a single counter strategically placed within the branch compare logic of the μPs.
      Citation: Cryptography
      PubDate: 2022-08-03
      DOI: 10.3390/cryptography6030038
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 39: Multiverse of HawkNess: A
           Universally-Composable MPC-Based Hawk Variant

    • Authors: Aritra Banerjee, Hitesh Tewari
      First page: 39
      Abstract: The evolution of smart contracts in recent years inspired a crucial question: do smart contract evaluation protocols provide the required level of privacy when executing contracts on the blockchain' The Hawk (IEEE S&P ’16) paper introduces a way to solve the problem of privacy in smart contracts by evaluating the contracts off-chain, albeit with the trust assumption of a manager. To avoid the partially trusted manager altogether, a novel approach named zkHawk (IEEE BRAINS ’21) explains how we can evaluate the contracts privately off-chain using a multi-party computation (MPC) protocol instead of trusting said manager. This paper dives deeper into the detailed construction of a variant of the zkHawk protocol titled V-zkHawk using formal proofs to construct the said protocol and model its security in the universal composability (UC) framework (FOCS ’01). The V-zkHawk protocol discussed here does not support immediate closure, i.e., all the parties (n) have to send a message to inform the blockchain that the contract has been executed with corruption allowed for up to t parties, where t<n. In the most quintessential sense, the V-zkHawk is a variant because the outcome of the protocol is similar (i.e., execution of smart contract via an MPC function evaluation) to zkHawk, but we modify key aspects of the protocol, essentially creating a small trade-off (removing immediate closure) to provide UC (stronger) security. The V-zkHawk protocol leverages joint Schnorr signature schemes, encryption schemes, Non-Interactive Zero-Knowledge Proofs (NIZKs), and commitment schemes with Common Reference String (CRS) assumptions, MPC function evaluations, and assumes the existence of asynchronous, authenticated broadcast channels. We achieve malicious security in a dishonest majority setting in the UC framework.
      Citation: Cryptography
      PubDate: 2022-08-04
      DOI: 10.3390/cryptography6030039
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 40: Attribute-Based Encryption in Securing Big
           Data from Post-Quantum Perspective: A Survey

    • Authors: Zulianie Binti Jemihin, Soo Fun Tan, Gwo-Chin Chung
      First page: 40
      Abstract: Attribute-based encryption (ABE) cryptography is widely known for its potential to solve the scalability issue of recent public key infrastructure (PKI). It provides a fine-grained access control system with high flexibility and efficiency by labeling the secret key and ciphertext with distinctive attributes. Due to its fine-grained features, the ABE scheme is a protection layer in securing users’ data and privacy in big data processing and analytics. However, quantum computing, new technology on the horizon that will transform the security and privacy environment, has begun to appear. Like the conventional ABE schemes, present cryptography is not excluded from the impacts of quantum technology as they are not made to be quantum-resistant. While most recent surveys generally touched on the generic features of attribute-based encryption schemes such as user revocation, scalability, flexibility, data confidentiality, and scope in pairing-based ABE schemes, this survey investigated quantum-resistant ABE schemes in securing big data. This survey reviews the challenges faced by the recent ABE cryptography in the post-quantum era and highlights its differences from the conventional pairing-based ABE schemes. Subsequently, we defined the criteria of an ideal quantum-resistant ABE scheme. Additionally, existing works on quantum-resistant ABE schemes are reviewed based on their algorithms design, security and functionalities. Lastly, we summarized quantum-resistant ABE schemes’ ongoing challenges and future works.
      Citation: Cryptography
      PubDate: 2022-08-05
      DOI: 10.3390/cryptography6030040
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 41: Symmetric Cryptography on RISC-V:
           Performance Evaluation of Standardized Algorithms

    • Authors: Görkem Nişancı, Paul G. Flikkema, Tolga Yalçın
      First page: 41
      Abstract: The ever-increasing need for securing computing systems using cryptographic algorithms is spurring interest in the efficient implementation of common algorithms. While the algorithms can be implemented in software using base instruction sets, there is considerable potential to reduce memory cost and improve speed using specialized instructions and associated hardware. However, there is a need to assess the benefits and costs of software implementations and new instructions that implement key cryptographic algorithms in fewer cycles. The primary aim of this paper is to improve the understanding of the performance and cost of implementing cryptographic algorithms for the RISC-V instruction set architecture (ISA) in two cases: software implementations of the algorithms using the rv32i instruction set and using cryptographic instructions supported by dedicated hardware in additional functional units. For both cases, we describe a RISC-V processor with cryptography hardware extensions and hand-optimized RISC-V assembly language implementations of eleven cryptographic algorithms. Compared to implementations with only the rv32i instruction set, implementations with the cryptography set extension provide a 1.5× to 8.6× faster execution speed and 1.2× to 5.8× less program memory for five of the eleven algorithms. Based on our performance analyses, a new instruction is proposed to increase the implementation efficiency of the algorithms.
      Citation: Cryptography
      PubDate: 2022-08-10
      DOI: 10.3390/cryptography6030041
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 42: How Hard Is It to Detect Surveillance'
           A Formal Study of Panopticons and Their Detectability Problem

    • Authors: Vasiliki Liagkou, Panayotis E. Nastou, Paul Spirakis, Yannis C. Stamatiou
      First page: 42
      Abstract: The Panopticon (which means “watcher of everything”) is a well-known prison structure of continuous surveillance and discipline studied by Bentham in 1785. Today, where persistent, massive scale, surveillance is immensely facilitated by new technologies, the term Panopticon vaguely characterizes institutions with a power to acquire and process, undetectably, personal information. In this paper we propose a theoretical framework for studying Panopticons and their detectability status. We show, based on the Theory of Computation, that detecting Panopticons, modelled either as a simple Turing Machine or as an Oracle Turing Machine, is an undecidable problem. Furthermore, we show that for each sufficiently expressive formal system, we can effectively construct a Turing Machine for which it is impossible to prove, within the formal system, its Panopticon status. Finally, we discuss how Panopticons can be physically detected by the heat they dissipate each time they acquire, effortlessly, information in the form of an oracle and we investigate their detectability status with respect to a more powerful computational model than classical Turing Machines, the Infinite Time Turing Machines (ITTMs).
      Citation: Cryptography
      PubDate: 2022-08-20
      DOI: 10.3390/cryptography6030042
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 43: A Security Analysis of Circuit Clock
           Obfuscation

    • Authors: Rajesh Datta, Guangwei Zhao, Kanad Basu, Kaveh Shamsi
      First page: 43
      Abstract: Key-based circuit obfuscation or logic-locking is a technique that can be used to hide the full design of an integrated circuit from an untrusted foundry or end-user. The technique is based on creating ambiguity in the original circuit by inserting “key” input bits into the circuit such that the circuit is unintelligible absent a correct secret key. Clock signals have traditionally been avoided in locking in order to not corrupt the timing behavior of the locked circuit. In this paper, we explore the case where the clock signal itself may be obfuscated by ambiguating its frequency or pattern. Along with discussing formal notions of security in this context, we present practical ways to deobfuscate such designs using techniques from multi-rate model-checking. We present experimental data on deobfuscation runtime on a set of sequential benchmark circuits. Our results show that naive random clock obfuscation may not provide more security per overhead than traditional random keyed-gate insertion. We discuss how clock obfuscation may be a more attractive choice for special circuit designs that are inherently multi-clock/asynchronous.
      Citation: Cryptography
      PubDate: 2022-08-22
      DOI: 10.3390/cryptography6030043
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 44: Combining Markov and Semi-Markov Modelling
           for Assessing Availability and Cybersecurity of Cloud and IoT Systems

    • Authors: Vyacheslav Kharchenko, Yuriy Ponochovnyi, Oleg Ivanchenko, Herman Fesenko, Oleg Illiashenko
      First page: 44
      Abstract: This paper suggests a strategy (C5) for assessing cloud and IoT system (CIS) dependability, availability, and cybersecurity based on the continuous collection, comparison, choice, and combination of Markov and semi-Markov models (MMs and SMMs). It proposes the systematic building of an adequate and accurate model to evaluate CISs considering (1) continuous evolution of the model(s) together with systems induced by changes in the CIS or physical and cyber environment parameters; (2) the necessity of collecting data on faults, failures, vulnerabilities, cyber-attacks, privacy violations, and patches to obtain actual data for assessment; (3) renewing the model set based on analysis of CIS operation; (4) the possibility of choice and utilizing “off-the-shelf” models with understandable techniques for their development to assure improved accuracy of assessment; (5) renewing the models during application of CIS by time, component or mixed combining, taking into consideration different operation and maintenance events. The results obtained were algorithms for data collection and analysis, choice, and combining appropriate MM and SMMs and their different types, such as multi-fragmental and multiphase models, considering changing failure rates, cyber-attack parameters, periodical maintenance, etc. To provide and verify the approach, several private and public clouds and IoT systems were researched and discussed in the context of C5 and proposed algorithms.
      Citation: Cryptography
      PubDate: 2022-08-29
      DOI: 10.3390/cryptography6030044
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 45: Hardware Limitations of Lightweight
           Cryptographic Designs for IoT in Healthcare

    • Authors: Kyriaki Tsantikidou, Nicolas Sklavos
      First page: 45
      Abstract: Security is an important aspect of healthcare applications that employ Internet of Things (IoT) technology. More specifically, providing privacy and ensuring the confidentiality, integrity and authenticity of IoT-based designs are crucial in the health domain because the collected data are sensitive, and the continuous availability of the system is critical for the user’s wellbeing. However, the IoT consists of resource-constrained devices that increase the difficulty of implementing high-level-security schemes. Therefore, in the current paper, renowned lightweight cryptographic primitives and their most recent architecture, to the best of the authors’ knowledge, are investigated. Their security, architecture characteristics and overall hardware limitations are analyzed and collected in tables. Finally, all the algorithms are compared based on their effectiveness in securing healthcare applications, the utilized device and the overall implementation efficiency.
      Citation: Cryptography
      PubDate: 2022-09-01
      DOI: 10.3390/cryptography6030045
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 46: Subliminal Channels in Visual Cryptography

    • Authors: Katarzyna Koptyra, Marek R. Ogiela
      First page: 46
      Abstract: This paper describes three methods of creating a subliminal channel in visual cryptography that are defined for a (2,2) sharing scheme. They work by hiding additional covert information besides the original encrypted image. The first channel is revealed when the user folds the share along the specific axis. The second channel encodes subpixels on the basis of the encrypted message bits. It is designed to hide a wide range of data types. The third channel may be applied to a single share or multiple shares and is revealed when the proper parts of the shares are stacked. Fold and overlapping algorithms are adequate for printed shares, but the encryption method is only suitable for digital shares. The capacity of these methods ranges from half of the image size to the whole image size. The presented algorithms work on black-and-white images but are expandable to color visual cryptography. They may find applications in steganography and other data-hiding techniques. The created subliminal channels do not interfere with regular images that may still be revealed by stacking the shares. In short, this article introduces subliminal channels in visual cryptography, presents three algorithms for both binary and colorful images, shows examples of use with the results obtained, and discusses features of each method.
      Citation: Cryptography
      PubDate: 2022-09-16
      DOI: 10.3390/cryptography6030046
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 47: Connected Blockchain Federations for
           Sharing Electronic Health Records

    • Authors: Faiza Hashim, Khaled Shuaib, Farag Sallabi
      First page: 47
      Abstract: With the growing utility of blockchain technology, the desire for reciprocal interactions among different blockchains is growing. However, most operational blockchain networks currently operate in a standalone setting. This fragmentation in the form of isolated blockchains creates interoperability difficulties, inhibiting the adoption of blockchains in various ecosystems. Interoperability is a key factor in the healthcare domain for sharing EHRs of patients registered in independent blockchain networks. Each blockchain network could have its own rules and regulations, obstructing the exchange of EHRs for improving diagnosis and treatments. Examples include patients being treated by healthcare providers in different countries or regions, or within one country but with a different set of rules per state or emirate. By contrast, a federation of blockchain networks can provide better communication and service to stakeholders in healthcare. Thus, solutions for facilitating inter-blockchain communication in such a blockchain federation are needed. However, this possibility has not been fully explored, and further investigations are still being conducted. Hence, the present study proposes a transaction-based smart contract triggering system for inter-blockchain communication, enabling EHR sharing among independent blockchains. We use local and global smart contracts that will be executed once a transaction is created in the blockchain. Local smart contracts are used for EHR sharing within the blockchain, whereas global smart contracts are used for EHR sharing among independent blockchains. The experimental setup is conducted using the Hyperledger Fabric blockchain platform. Inter-blockchain communication between two independent fabric networks is conducted through a global smart contract using Hyperledger Cactus for EHR sharing in a health federation setup. To the best of our knowledge, our study is the first to implement an inter-blockchain communication model in the healthcare domain.
      Citation: Cryptography
      PubDate: 2022-09-16
      DOI: 10.3390/cryptography6030047
      Issue No: Vol. 6, No. 3 (2022)
       
  • Cryptography, Vol. 6, Pages 14: Continuous Nonintrusive Mobile Device Soft
           Keyboard Biometric Authentication

    • Authors: Timothy Dee, Ian Richardson, Akhilesh Tyagi
      First page: 14
      Abstract: Mobile banking, shopping, and in-app purchases utilize persistent authentication states for access to sensitive data. One-shot authentication permits access for a fixed time period. For instance, a username/password-based authentication allows a user access to all the shopping and payments data in the Amazon shopping app. Traditional user passwords and lock screens are easily compromised. Snooping attacks—observing an unsuspecting user entering passwords—and smudge attacks—examining touchscreen finger oil residue—enable compromised user authentication. Mobile device interactions provide robust human and device identity data. Such biometrics enhance authentication. In this paper, behavioral attributes during user input constitute the password. Adversary password reproduction difficulty increases since pure observation is insufficient. Current mobile continuous authentication schemes use, among others, touchscreen–swipe interactions or keyboard input timing. Many of these methods require cumbersome training or intrusive authentication. Software keyboard interactions provide a consistent biometric data stream. We develop biometric profiles using touch pressure, location, and timing. New interactions authenticate against a profile using a divergence measure. In our limited user–device data sets, the classification achieves virtually perfect accuracy.
      Citation: Cryptography
      PubDate: 2022-03-23
      DOI: 10.3390/cryptography6020014
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 15: Tightly Secure PKE Combiner in the Quantum
           Random Oracle Model

    • Authors: Brian Goncalves, Atefeh Mashatan
      First page: 15
      Abstract: The development of increasingly sophisticated quantum computers poses a long-term threat to current cryptographic infrastructure. This has spurred research into both quantum-resistant algorithms and how to safely transition real-world implementations and protocols to quantum-resistant replacements. This transition is likely to be a gradual process due to both the complexity and cost associated with transitioning. One method to ease the transition is the use of classical–quantum hybrid schemes, which provide security against both classical and quantum adversaries. We present a new combiner for creating hybrid encryption schemes directly from traditional encryption schemes. Our construction is the only existing proposal in the literature with IND-CCA-security in the classical and quantum random oracle models, respectively.
      Citation: Cryptography
      PubDate: 2022-03-29
      DOI: 10.3390/cryptography6020015
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 16: Benchmark Analysis of YOLO Performance on
           Edge Intelligence Devices

    • Authors: Haogang Feng, Gaoze Mu, Shida Zhong, Peichang Zhang, Tao Yuan
      First page: 16
      Abstract: In the 5G intelligent edge scenario, more and more accelerator-based single-board computers (SBCs) with low power consumption and high performance are being used as edge devices to run the inferencing part of the artificial intelligence (AI) model to deploy intelligent applications. In this paper, we investigate the inference workflow and performance of the You Only Look Once (YOLO) network, which is the most popular object detection model, in three different accelerator-based SBCs, which are NVIDIA Jetson Nano, NVIDIA Jetson Xavier NX and Raspberry Pi 4B (RPi) with Intel Neural Compute Stick2 (NCS2). Different video contents with different input resize windows are detected and benchmarked by using four different versions of the YOLO model across the above three SBCs. By comparing the inference performance of the three SBCs, the performance of RPi + NCS2 is more friendly to lightweight models. For example, the FPS of detected videos from RPi + NCS2 running YOLOv3-tiny is 7.6 times higher than that of YOLOv3. However, in terms of detection accuracy, we found that in the process of realizing edge intelligence, how to better adapt a AI model to run on RPi + NCS2 is much more complex than the process of Jetson devices. The analysis results indicate that Jetson Nano is a trade-off SBCs in terms of performance and cost; it achieves up to 15 FPSs of detected videos when running YOLOv4-tiny, and this result can be further increased by using TensorRT.
      Citation: Cryptography
      PubDate: 2022-04-01
      DOI: 10.3390/cryptography6020016
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 17: Privacy Issues in Stylometric Methods

    • Authors: Antonios Patergianakis, Konstantinos Limniotis
      First page: 17
      Abstract: Stylometry is a well-known field, aiming to identify the author of a text, based only on the way she/he writes. Despite its obvious advantages in several areas, such as in historical research or for copyright purposes, it may also yield privacy and personal data protection issues if it is used in specific contexts, without the users being aware of it. It is, therefore, of importance to assess the potential use of stylometry methods, as well as the implications of their use for online privacy protection. This paper aims to present, through relevant experiments, the possibility of the automated identification of a person using stylometry. The ultimate goal is to analyse the risks regarding privacy and personal data protection stemming from the use of stylometric techniques to evaluate the effectiveness of a specific stylometric identification system, as well as to examine whether proper anonymisation techniques can be applied so as to ensure that the identity of an author of a text (e.g., a user in an anonymous social network) remains hidden, even if stylometric methods are to be applied for possible re-identification.
      Citation: Cryptography
      PubDate: 2022-04-07
      DOI: 10.3390/cryptography6020017
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 18: A Review of Blockchain in Fintech:
           Taxonomy, Challenges, and Future Directions

    • Authors: Keerthi Nelaturu, Han Du, Duc-Phong Le
      First page: 18
      Abstract: The primary purpose of this paper is to bridge the technology gap between Blockchain and Fintech applications. Blockchain technology is already being explored in a wide number of Fintech sectors. After creating a unique taxonomy for Fintech ecosystems, this paper outlines a number of implementation scenarios. For each of the industries in which blockchain is already in use and has established itself as a complementary technology to traditional systems, we give a taxonomy of use cases. In this procedure, we cover both public and private blockchains. Because it is still believed to be in its infancy, especially when it comes to financial use cases, blockchain has both positive and negative aspects. As a result, it is critical to be aware of all of the open research issues in this field. Our goal is to compile a list of open research challenges related to various aspects of the blockchain’s protocol and application layers. Finally, we will provide a clear understanding of the applications for which blockchain can be valuable, as well as the risks associated with its use in parallel.
      Citation: Cryptography
      PubDate: 2022-04-19
      DOI: 10.3390/cryptography6020018
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 19: A Memory Hierarchy Protected against
           Side-Channel Attacks

    • Authors: Ezinam Bertrand Talaki, Olivier Savry, Mathieu Bouvier Des Noes, David Hely
      First page: 19
      Abstract: In the vulnerability analysis of System on Chips, memory hierarchy is considered among the most valuable element to protect against information theft. Many first-order side-channel attacks have been reported on all its components from the main memory to the CPU registers. In this context, memory hierarchy encryption is widely used to ensure data confidentiality. Yet, this solution suffers from both memory and area overhead along with performance losses (timing delays), which is especially critical for cache memories that already occupy a large part of the spatial footprint of a processor. In this paper, we propose a secure and lightweight scheme to ensure the data confidentiality through the whole memory hierarchy. This is done by masking the data in cache memories with a lightweight mask generator that provides masks at each clock cycle without having to store them. Only 8-bit Initialization Vectors are stored for each mask value to enable further recomputation of the masks. The overall security of the masking scheme is assessed through a mutual information estimation that helped evaluate the minimum number of attack traces needed to succeed a profiling side-channel attack to 592 K traces in the attacking phase, which provides an acceptable security level in an analysis where an example of Signal to Noise Ratio of 0.02 is taken. The lightweight aspect of the generator has been confirmed by a hardware implementation that led to resource utilization of 400 LUTs.
      Citation: Cryptography
      PubDate: 2022-04-20
      DOI: 10.3390/cryptography6020019
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 20: Certificate Management Scheme for VANETs
           Using Blockchain Structure

    • Authors: Maharage Nisansala Sevwandi Perera, Toru Nakamura, Masayuki Hashimoto, Hiroyuki Yokoyama, Chen-Mou Cheng, Kouichi Sakurai
      First page: 20
      Abstract: Vehicular Ad-hoc NETworks (VANETs), a special kind of Mobile Ad-hoc NETworks (MANETs), play an important role in Intelligent Transportation Systems (ITS). Via wireless technology, vehicles exchange information related to road conditions and their status, and, thereby, VANETs enhance transportation safety and efficiency. A critical aspect of VANETs is providing privacy for the vehicles. The employment of pseudonym certificates is a well-known solution to the privacy problems in VANETs. However, certificate management faces challenges in renewing certificates and revoking vehicles. The centralized certificate management, especially resulting in the delay of the revocation process, harms the nodes of VANETs. This paper proposes a blockchain structure-based certificate management for VANETs and voting-based revocation to halt misbehaving vehicles’ actions. Moreover, this paper presents extended privacy for the participants of the voting process using ring signatures.
      Citation: Cryptography
      PubDate: 2022-04-25
      DOI: 10.3390/cryptography6020020
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 21: Computational Analysis of Interleaving
           PN-Sequences with Different Polynomials

    • Authors: Sara D. Cardell, Verónica Requena, Amparo Fúster-Sabater
      First page: 21
      Abstract: Binary PN-sequences generated by LFSRs exhibit good statistical properties; however, due to their intrinsic linearity, they are not suitable for cryptographic applications. In order to break such a linearity, several approaches can be implemented. For example, one can interleave several PN-sequences to increase the linear complexity. In this work, we present a deep randomness study of the resultant sequences of interleaving binary PN-sequences coming from different characteristic polynomials with the same degree. We analyze the period and the linear complexity, as well as many other important cryptographic properties of such sequences.
      Citation: Cryptography
      PubDate: 2022-04-26
      DOI: 10.3390/cryptography6020021
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 22: A New Paradigm in Split Manufacturing:
           Lock the FEOL, Unlock at the BEOL

    • Authors: Abhrajit Sengupta, Mohammed Nabeel, Mohammed Ashraf, Johann Knechtel, Ozgur Sinanoglu
      First page: 22
      Abstract: Split manufacturing was introduced as a countermeasure against hardware-level security threats such as IP piracy, overbuilding, and insertion of hardware Trojans. However, the security promise of split manufacturing has been challenged by various attacks which exploit the well-known working principles of design tools to infer the missing back-end-of-line (BEOL) interconnects. In this work, we define the security of split manufacturing formally and provide the associated proof, and we advocate accordingly for a novel, formally secure paradigm. Inspired by the notion of logic locking, we protect the front-end-of-line (FEOL) layout by embedding secret keys which are implemented through the BEOL in such a way that they become indecipherable to foundry-based attacks. At the same time, our technique is competitive with prior art in terms of layout overhead, especially for large-scale designs (ITC’99 benchmarks). Furthermore, another concern for split manufacturing is its practicality (despite successful prototyping). Therefore, we promote an alternative implementation strategy, based on package-level routing, which enables formally secure IP protection without splitting at all, and thus, without the need for a dedicated BEOL facility. We refer to this as “poor man’s split manufacturing” and we study the practicality of this approach by means of physical-design exploration.
      Citation: Cryptography
      PubDate: 2022-05-05
      DOI: 10.3390/cryptography6020022
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 23: Localized State-Change Consensus in
           Immense and Highly Dynamic Environments

    • Authors: Linir Zamir, Mehrdad Nojoumian
      First page: 23
      Abstract: Consensus algorithms are the building block of any decentralized network where the risk of malicious users is high. These algorithms are required to be robust, scalable, and secure in order to operate properly. Localized state-change consensus (LSC) is a consensus algorithm that is specifically designed to handle state-change consensus, where the state value of given data points can dynamically change and the new value needs to be reflected in the system. LSC utilizes a trust measurement mechanism to validate messages and also enforce cooperation among users. Consensus algorithms, and specifically LSC, can be a practical solution for the immutable and secured communication of autonomous systems with limited computational resources. Indeed, distributed autonomous systems are growing rapidly and the integrity of their communication protocols for coordination and planning is still vulnerable because several units are required to act independently and securely. Therefore, this paper proposes a new localized consensus algorithm for immense and highly dynamic environments with validations through reputation values. The proposed solution can be considered as an efficient and practical consensus solution for any paradigms with resource-constrained devices where a regular encrypted communication method can negatively affect the system performance.
      Citation: Cryptography
      PubDate: 2022-05-06
      DOI: 10.3390/cryptography6020023
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 24: Cyber-Phishing Website Detection Using
           Fuzzy Rule Interpolation

    • Authors: Mohammad Almseidin, Mouhammad Alkasassbeh, Maen Alzubi, Jamil Al-Sawwa
      First page: 24
      Abstract: This paper introduces a novel detection method for phishing website attacks while avoiding the issues associated with the deficiencies of the knowledge-based representation and the binary decision. The suggested detection method was performed using Fuzzy Rule Interpolation (FRI). The FRI reasoning methods added the benefit of enhancing the robustness of fuzzy systems and effectively reducing the system’s complexity. These benefits help the Intrusion Detection System (IDS) to generate more realistic and comprehensive alerts in case of phishing attacks. The proposed method was applied to an open-source benchmark phishing website dataset. The results show that the proposed detection method obtained a 97.58% detection rate and effectively reduced the false alerts. Moreover, it effectively smooths the boundary between normal and phishing attack traffic because of its fuzzy nature. It has the ability to generate the required security alert in case of deficiencies in the knowledge-based representation. In addition, the results obtained from the proposed detection method were compared with other literature results. The results showed that the accuracy rate of this work is competitive with other methods. In addition, the proposed detection method can generate the required anti-phishing alerts even if one of the anti-phishing sparse rules does not cover some input parameters (observations).
      Citation: Cryptography
      PubDate: 2022-05-07
      DOI: 10.3390/cryptography6020024
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 25: Low-Cost Area-Efficient FPGA-Based
           Multi-Functional ECDSA/EdDSA

    • Authors: Binh Kieu-Do-Nguyen, Cuong Pham-Quoc, Ngoc-Thinh Tran, Cong-Kha Pham, Trong-Thuc Hoang
      First page: 25
      Abstract: In cryptography, elliptic curve cryptography (ECC) is considered an efficient and secure method to implement digital signature algorithms (DSAs). ECC plays an essential role in many security applications, such as transport layer security (TLS), internet protocol security (IPsec), and wireless sensor networks (WSNs). The proposed designs of ECC hardware implementation only focus on a single ECC variant and use many resources. These proposals cannot be used for resource-constrained applications or for the devices that need to provide multiple levels of security. This work provides a multi-functional elliptic curve digital signature algorithm (ECDSA) and Edwards-curve digital signature algorithm (EdDSA) hardware implementation. The core can run multiple ECDSA/EdDSA algorithms in a single design. The design consumes fewer resources than the other single-functional design, and is not based on digital signal processors (DSP). The experiments show that the proposed core could run up to 112.2 megahertz with Virtex-7 devices while consuming only 10,259 slices in total.
      Citation: Cryptography
      PubDate: 2022-05-10
      DOI: 10.3390/cryptography6020025
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 26: Locating Side Channel Leakage in Time
           through Matched Filters

    • Authors: Alessandro Barenghi, Gioele Falcetti, Gerardo Pelosi
      First page: 26
      Abstract: Side channel attacks provide an effective way to extract secret information from the execution of cryptographic algorithms run on a variety of computing devices. One of the crucial steps for a side channel attack to succeed is the capability to locate the time instant in which the cryptographic primitive being attacked is effectively leaking information on the side channel itself, and synchronize the data obtained from the measurements on that instant. In this work, we propose an efficient and effective solution relying on the digital signal processing technique known as matched filters. We derive our matched filter with a small amount of profiling information which can be obtained from a device matching the one under attack. Our technique reliably identifies the cryptographic operation being computed, even when system interrupts or software multithreading are enabled on our target platform. We validate our approach through a successful attack against an unprotected AES implementation running on a Cortex-M4-based microcontroller.
      Citation: Cryptography
      PubDate: 2022-05-30
      DOI: 10.3390/cryptography6020026
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 27: Review of Chosen Isogeny-Based
           Cryptographic Schemes

    • Authors: Bartosz Drzazga, Łukasz Krzywiecki
      First page: 27
      Abstract: Public-key cryptography provides security for digital systems and communication. Traditional cryptographic solutions are constantly improved, e.g., to suppress brute-force attacks. However, Shor’s algorithm suited for quantum computers can break the bedrock of most currently used systems, i.e., the RSA problem and discrete logarithm problem. Post-quantum cryptography can withstand attacks carried out by quantum computers. Several families of post-quantum systems exist; one of them is isogeny-based cryptography. As a main contribution, in this paper, we provide a survey of chosen, fundamental isogeny-based schemes. The target audience of this review is researchers interested in practical aspects of this field of cryptography; therefore the survey contains exemplary implementations. Our goal was not to develop an efficient implementation, but to provide materials that make it easier to analyze isogeny-based cryptography.
      Citation: Cryptography
      PubDate: 2022-05-31
      DOI: 10.3390/cryptography6020027
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 28: A New Chaotic-Based RGB Image Encryption
           Technique Using a Nonlinear Rotational 16 × 16 DNA Playfair Matrix

    • Authors: Dina Ibrahim, Kareem Ahmed, Mohamed Abdallah, AbdElmgeid A. Ali
      First page: 28
      Abstract: Due to great interest in the secure storage and transmission of color images, the necessity for an efficient and robust RGB image encryption technique has grown. RGB image encryption ensures the confidentiality of color images during storage and transmission. In the literature, a large number of chaotic-based image encryption techniques have been proposed, but there is still a need for a robust, efficient and secure technique against different kinds of attacks. In this paper, a novel RGB image encryption technique is proposed for encrypting individual pixels of RGB images using chaotic systems and 16 rounds of DNA encoding, transpositions and substitutions. First, round keys are generated randomly using a logistic chaotic function. Then, these keys are used across different rounds to alter individual pixels using a nonlinear randomly generated 16×16 DNA Playfair matrix. Experimental results show the robustness of the proposed technique against most attacks while reducing the consumed time for encryption and decryption. The quantitative metrics show the ability of the proposed technique to maintain reference evaluation values while resisting statistical and differential attacks. The obtained horizontal, vertical and diagonal correlation is less than 0.01, and the NPCR and UACI are larger than 0.99 and 0.33, respectively. Finally, NIST analysis is presented to evaluate the randomness of the proposed technique.
      Citation: Cryptography
      PubDate: 2022-06-08
      DOI: 10.3390/cryptography6020028
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 29: Probabilistic Logic Models for the
           Lightning Network

    • Authors: Damiano Azzolini, Fabrizio Riguzzi
      First page: 29
      Abstract: The Lightning Network (LN) has emerged as one of the prominent solutions to overcome the biggest limit of blockchain based on PoW: scalability. LN allows for creating a layer on top of an existing blockchain where users can send payments and micro-payments without waiting long confirmation times. One of the key features of LN is that payments can also be sent towards nodes that are not directly connected. From the routing perspective, the balance of an edge that connects two nodes is known, but the distribution between the two involved ends is unknown. Thus, the process of sending payments is based on a trial and error approach, and the routing can be considered probabilistic. Probabilistic Logic Programming (PLP) is a powerful formalism that allows the representation of complex relational domains characterized by uncertainty. In this paper, we study the problem of reasoning about the existence of a path between two nodes that can route a payment of a given size leveraging multiple models based on PLP. We adopt some recently proposed extensions of PLP and develop several models that can be adapted to represent multiple scenarios.
      Citation: Cryptography
      PubDate: 2022-06-15
      DOI: 10.3390/cryptography6020029
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 30: ChaCha20–Poly1305 Authenticated
           Encryption with Additional Data for Transport Layer Security 1.3

    • Authors: Ronaldo Serrano, Ckristian Duran, Marco Sarmiento, Cong-Kha Pham, Trong-Thuc Hoang
      First page: 30
      Abstract: Transport Layer Security (TLS) provides a secure channel for end-to-end communications in computer networks. The ChaCha20–Poly1305 cipher suite is introduced in TLS 1.3, mitigating the sidechannel attacks in the cipher suites based on the Advanced Encryption Standard (AES). However, the few implementations cannot provide sufficient speed compared to other encryption standards with Authenticated Encryption with Associated Data (AEAD). This paper shows ChaCha20 and Poly1305 primitives. In addition, a compatible ChaCha20–Poly1305 AEAD with TLS 1.3 is implemented with a fault detector to reduce the problems in fragmented blocks. The AEAD implementation reaches 1.4-cycles-per-byte in a standalone core. Additionally, the system implementation presents 11.56-cycles-per-byte in an RISC-V environment using a TileLink bus. The implementation in Xilinx Virtex-7 XC7VX485T Field-Programmable Gate-Array (FPGA) denotes 10,808 Look-Up Tables (LUT) and 3731 Flip-Flops (FFs), represented in 23% and 48% of ChaCha20 and Poly1305, respectively. Finally, the hardware implementation of ChaCha20–Poly1305 AEAD demonstrates the viability of using a different option from the conventional cipher suite based on AES for TLS 1.3.
      Citation: Cryptography
      PubDate: 2022-06-17
      DOI: 10.3390/cryptography6020030
      Issue No: Vol. 6, No. 2 (2022)
       
  • Cryptography, Vol. 6, Pages 2: A CCA-PKE Secure-Cryptosystem Resilient to
           Randomness Reset and Secret-Key Leakage

    • Authors: Alfonso Labao, Henry Adorna
      First page: 2
      Abstract: In recent years, several new notions of security have begun receiving consideration for public-key cryptosystems, beyond the standard of security against adaptive chosen ciphertext attack (CCA2). Among these are security against randomness reset attacks, in which the randomness used in encryption is forcibly set to some previous value, and against constant secret-key leakage attacks, wherein the constant factor of a secret key’s bits is leaked. In terms of formal security definitions, cast as attack games between a challenger and an adversary, a joint combination of these attacks means that the adversary has access to additional encryption queries under a randomness of his own choosing along with secret-key leakage queries. This implies that both the encryption and decryption processes of a cryptosystem are being tampered under this security notion. In this paper, we attempt to address this problem of a joint combination of randomness and secret-key leakage attacks through two cryptosystems that incorporate hash proof system and randomness extractor primitives. The first cryptosystem relies on the random oracle model and is secure against a class of adversaries, called non-reversing adversaries. We remove the random oracle oracle assumption and the non-reversing adversary requirement in our second cryptosystem, which is a standard model that relies on a proposed primitive called LM lossy functions. These functions allow up to M lossy branches in the collection to substantially lose information, allowing the cryptosystem to use this loss of information for several encryption and challenge queries. For each cryptosystem, we present detailed security proofs using the game-hopping procedure. In addition, we present a concrete instantation of LM lossy functions in the end of the paper—which relies on the DDH assumption.
      Citation: Cryptography
      PubDate: 2022-01-04
      DOI: 10.3390/cryptography6010002
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 3: A Survey on Group Signatures and Ring
           Signatures: Traceability vs. Anonymity

    • Authors: Maharage Nisansala Sevwandi Perera, Toru Nakamura, Masayuki Hashimoto, Hiroyuki Yokoyama, Chen-Mou Cheng, Kouichi Sakurai
      First page: 3
      Abstract: This survey reviews the two most prominent group-oriented anonymous signature schemes and analyzes the existing approaches for their problem: balancing anonymity against traceability. Group signatures and ring signatures are the two leading competitive signature schemes with a rich body of research. Both group and ring signatures enable user anonymity with group settings. Any group user can produce a signature while hiding his identity in a group. Although group signatures have predefined group settings, ring signatures allow users to form ad-hoc groups. Preserving user identities provided an advantage for group and ring signatures. Thus, presently many applications utilize them. However, standard group signatures enable an authority to freely revoke signers’ anonymity. Thus, the authority might weaken the anonymity of innocent users. On the other hand, traditional ring signatures maintain permanent user anonymity, allowing space for malicious user activities; thus achieving the requirements of privacy-preserved traceability in group signatures and controlled anonymity in ring signatures has become desirable. This paper reviews group and ring signatures and explores the existing approaches that address the identification of malicious user activities. We selected many papers that discuss balancing user tracing and anonymity in group and ring signatures. Since this paper scrutinizes both signatures from their basic idea to obstacles including tracing users, it provides readers a broad synthesis of information about two signature schemes with the knowledge of current approaches to balance excessive traceability in group signatures and extreme anonymity in ring signatures. This paper will also shape the future research directions of two critical signature schemes that require more awareness.
      Citation: Cryptography
      PubDate: 2022-01-19
      DOI: 10.3390/cryptography6010003
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 4: Network-Compatible Unconditionally Secured
           Classical Key Distribution via Quantum Superposition-Induced Deterministic
           Randomness

    • Authors: Byoung S. Ham
      First page: 4
      Abstract: Based on the addressability of quantum superposition and its unitary transformation, a network-compatible, unconditionally secured key distribution protocol is presented for arbitrary networking in a classical regime with potential applications of one-time-pad cryptography. The network capability is due to the addressable unitary transformation between arbitrary point-to-point connections in a network through commonly shared double transmission channels. The unconditional security is due to address-sensitive eavesdropping randomness via network authentication. The proposed protocol may offer a solid platform of unconditionally secured classical cryptography for mass-data communications in a conventional network, which would be otherwise impossible.
      Citation: Cryptography
      PubDate: 2022-01-21
      DOI: 10.3390/cryptography6010004
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 5: Designing a Practical Code-Based Signature
           Scheme from Zero-Knowledge Proofs with Trusted Setup

    • Authors: Shay Gueron, Edoardo Persichetti, Paolo Santini
      First page: 5
      Abstract: This paper defines a new practical construction for a code-based signature scheme. We introduce a new protocol that is designed to follow the recent paradigm known as “Sigma protocol with helper”, and prove that the protocol’s security reduces directly to the Syndrome Decoding Problem. The protocol is then converted to a full-fledged signature scheme via a sequence of generic steps that include: removing the role of the helper; incorporating a variety of protocol optimizations (using e.g., Merkle trees); applying the Fiat–Shamir transformation. The resulting signature scheme is EUF-CMA secure in the QROM, with the following advantages: (a) Security relies on only minimal assumptions and is backed by a long-studied NP-complete problem; (b) the trusted setup structure allows for obtaining an arbitrarily small soundness error. This minimizes the required number of repetitions, thus alleviating a major bottleneck associated with Fiat–Shamir schemes. We outline an initial performance estimation to confirm that our scheme is competitive with respect to existing solutions of similar type.
      Citation: Cryptography
      PubDate: 2022-01-27
      DOI: 10.3390/cryptography6010005
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 6: Post-Quantum Two-Party Adaptor Signature
           Based on Coding Theory

    • Authors: Jean Belo Klamti, M. Anwar Hasan
      First page: 6
      Abstract: An adaptor signature can be viewed as a signature concealed with a secret value and, by design, any two of the trio yield the other. In a multiparty setting, an initial adaptor signature allows each party to create additional adaptor signatures without the original secret. Adaptor signatures help address scalability and interoperability issues in blockchain. They can also bring some important advantages to cryptocurrencies, such as low on-chain cost, improved transaction fungibility, and fewer limitations of a blockchain’s scripting language. In this paper, we propose a new two-party adaptor signature scheme that relies on quantum-safe hard problems in coding theory. The proposed scheme uses a hash-and-sign code-based signature scheme introduced by Debris-Alazard et al. and a code-based hard relation defined from the well-known syndrome decoding problem. To achieve all the basic properties of adaptor signatures formalized by Aumayr et al., we introduce further modifications to the aforementioned signature scheme. We also give a security analysis of our scheme and its application to the atomic swap. After providing a set of parameters for our scheme, we show that it has the smallest pre-signature size compared to existing post-quantum adaptor signatures.
      Citation: Cryptography
      PubDate: 2022-01-27
      DOI: 10.3390/cryptography6010006
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 7: Acknowledgment to Reviewers of Cryptography
           in 2021

    • Authors: Cryptography Editorial Office Cryptography Editorial Office
      First page: 7
      Abstract: Rigorous peer-reviews are the basis of high-quality academic publishing [...]
      Citation: Cryptography
      PubDate: 2022-02-07
      DOI: 10.3390/cryptography6010007
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 8: A Searchable Encryption Scheme with
           Biometric Authentication and Authorization for Cloud Environments

    • Authors: Marius Iulian Mihailescu, Stefania Loredana Nita
      First page: 8
      Abstract: Cloud computing offers the possibility of providing suitable access within a network for a set of resources. Many users use different services for outsourcing their data within the cloud, saving and mitigating the local storage and other resources involved. One of the biggest concerns is represented by storing sensitive data on remote servers, which can be found to be extremely challenging within different situations related to privacy. Searchable Encryption (SE) represents a particular case of Fully Homomorphic Encryption (FHE) and at the same time represents a method composed from a set of algorithms meant to offer protection for users’ sensitive data, while it preserves the searching functionality on the server-side. There are two main types of SE: Searchable Symmetric Encryption (SSE), where the ciphertexts and trapdoors for searching are performed using private key holders, and Public Key Searchable Encryption (PKSE), in which a specific number of users have the public key based on which are capable of outputting ciphertexts and giving the possibility of producing the trapdoors by using the private key from the holder. In this article, we propose a searchable encryption system that uses biometric authentication. Additionally, biometric data are used in the trapdoor generation process, such that an unauthorized user cannot submit search queries. The proposed system contains three components: classic user authentication (based on username, password, and a message with a code using short message service (SMS), biometric authentication, and the searchable encryption scheme. The first two components can be seen as two-factor authentication (2FA), and the second component represents the initialization step of the searchable encryption scheme. In the end, we show and demonstrate that the proposed scheme can be implemented with success for medium to complex network infrastructures. We have granted special attention to the trapdoor function, which generates a value that can be used to perform the search process and search function that is based on the trapdoor pair for searching within the index structure. We provide the correctness and security proof of the operations, which gives us the guarantee that the cloud servers return the correct documents. Additionally, we discuss measuring the performance of the authentication scheme in terms of performance indicators, introducing two indicators for measuring purposes—namely, cloud average number of non-legitim the user actions for cloud purposes (CANNL) and cloud average number of legitim user actionsCANLU.
      Citation: Cryptography
      PubDate: 2022-02-14
      DOI: 10.3390/cryptography6010008
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 9: Quantum Identity-Based Encryption from the
           Learning with Errors Problem

    • Authors: Wenhua Gao, Li Yang, Daode Zhang, Xia Liu
      First page: 9
      Abstract: To prevent eavesdropping and tampering, network security protocols take advantage of asymmetric ciphers to establish session-specific shared keys with which further communication is encrypted using symmetric ciphers. Commonly used asymmetric algorithms include public key encryption, key exchange, and identity-based encryption (IBE). However, network security protocols based on classic identity-based encryption schemes do not have perfect forward secrecy. To solve this problem, we construct the first quantum IBE (QIBE) scheme based on the learning with errors (LWE) problem, which is also the first cryptographic scheme that applies the LWE problem to quantum encryption. We prove that our scheme is fully secure under the random oracle model and highlight the following advantages: (1) Network security protocols with our QIBE scheme provide perfect forward secrecy. The ciphertext is transmitted in the form of a quantum state unknown to the adversary and cannot be copied and stored. Thus, in network security protocols based on QIBE construction, the adversary does not have any previous quantum ciphertext to decrypt for obtaining the previous session key, even if the private identity key is threatened. (2) Classic key generation centre (KGC) systems can still be used in the QIBE scheme to generate and distribute private identity keys, reducing the cost when implementing this scheme. The classic KGC systems can be used because the master public and secret keys of our scheme are both in the form of classic bits. Finally, we present quantum circuits to implement this QIBE scheme and analyse its required quantum resources for given numbers of qubits, Hadamard gates, phase gates, T gates, and CNOT (controlled-NOT) gates. One of our main findings is that the quantum resources required by our scheme increase linearly with the number of plaintext bits to be encrypted.
      Citation: Cryptography
      PubDate: 2022-02-16
      DOI: 10.3390/cryptography6010009
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 10: Trusted and Secure Blockchain-Based
           Durable Medium Electronic Service

    • Authors: Grzegorz Bazydło, Remigiusz Wiśniewski, Kamil Kozdrój
      First page: 10
      Abstract: A novel, trusted, and secure durable medium electronic service is proposed in the paper. The proposed idea joins cryptographic methods (such as signing with an electronic seal and data encryption) with blockchain techniques. The e-service and blockchain databases were implemented on the TTP side, which made the presented concept trusted and secure. The proposed electronic service was oriented towards practical implementations, and it has commonly been developed together with a company from the cybersecurity field (which is considered a TTP in the proposed approach). The concept has been designed to meet the requirements of Polish law (i.e., the conditions and regulations related to the implementation of the durable medium in Poland); nevertheless, it can easily be adapted for other regions. The functionality of the presented e-service is illustrated by the example case study.
      Citation: Cryptography
      PubDate: 2022-02-21
      DOI: 10.3390/cryptography6010010
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 11: Preventing Differential Cryptanalysis
           Attacks Using a KDM Function and the 32-Bit Output S-Boxes on AES
           Algorithm Found on the Internet of Things Devices

    • Authors: Khumbelo Difference Muthavhine, Mbuyu Sumbwanyambe
      First page: 11
      Abstract: Many Internet of Things (IoT) devices use an Advanced Encryption Standard (AES) algorithm to secure data stored and transmitted during the communication process. The AES algorithm often suffers DC (DC) attacks. Little has been done to prevent DC attacks, particularly on an AES algorithm. This study focuses on preventing Differential Cryptanalysis attacks. DC attacks are practiced on an AES algorithm that is found on IoT devices. The novel approach of using a Khumbelo Difference Muthavine (KDM) function and changing the 8 × 8 S-Boxes to be the 8 × 32 S-Boxes successfully prevents DC attacks on an AES algorithm. A KDM function is a newly mathematically developed function, coined and used purposely in this study. A KDM function was never produced, defined, or utilized before by any researcher except for in this study. A KDM function makes a new 32-Bit S-Box suitable for the new Modified AES algorithm and confuses the attacker since it comprises many mathematical modulo operators. Additionally, these mathematical modulo operators are irreversible. The study managed to prevent the DC attack of a minimum of 70% on AES and a maximum of 100% on a Simplified DES. The attack on the new Modified AES Algorithm is 0% since no S-Box is used as a building block.
      Citation: Cryptography
      PubDate: 2022-02-22
      DOI: 10.3390/cryptography6010011
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 12: Variations of QKD Protocols Based on
           Conventional System Measurements: A Literature Review

    • Authors: Abdulbast A. Abushgra
      First page: 12
      Abstract: Cryptography is an unexpected revolution in information security in the recent decades, where remarkable improvements have been created to provide confidentiality and integrity. Quantum cryptography is one such improvement that has grown rapidly since the first announced protocol. Quantum cryptography contains substantial elements that must be addressed to ensure secure communication between legitimate parties. Quantum key distribution (QKD), a technique for creating a secret key, is one of the most interesting areas in quantum cryptography. This paper reviews some well-known quantum key distribution techniques that have been demonstrated in the past three decades. Furthermore, this paper discusses the process of creating a secret key using quantum mechanics and cryptography methods. Moreover, it explains the relationships between many basic aspects of QKD protocols and suggests some improvements in the cryptosystem. An accurate quantitative comparison between the QKD protocols is presented, especially the runtime execution for each QKD protocol. In addition, the paper will demonstrate a general model of each considered QKD protocol based on security principles.
      Citation: Cryptography
      PubDate: 2022-03-04
      DOI: 10.3390/cryptography6010012
      Issue No: Vol. 6, No. 1 (2022)
       
  • Cryptography, Vol. 6, Pages 13: On the IND-CCA1 Security of FHE Schemes

    • Authors: Prastudy Fauzi, Martha Norberg Hovd, Håvard Raddum
      First page: 13
      Abstract: Fully homomorphic encryption (FHE) is a powerful tool in cryptography that allows one to perform arbitrary computations on encrypted material without having to decrypt it first. There are numerous FHE schemes, all of which are expanded from somewhat homomorphic encryption (SHE) schemes, and some of which are considered viable in practice. However, while these FHE schemes are semantically (IND-CPA) secure, the question of their IND-CCA1 security is much less studied, and we therefore provide an overview of the IND-CCA1 security of all acknowledged FHE schemes in this paper. To give this overview, we grouped the SHE schemes into broad categories based on their similarities and underlying hardness problems. For each category, we show that the SHE schemes are susceptible to either known adaptive key recovery attacks, a natural extension of known attacks, or our proposed attacks. Finally, we discuss the known techniques to achieve IND-CCA1-secure FHE and SHE schemes. We concluded that none of the proposed schemes were IND-CCA1-secure and that the known general constructions all had their shortcomings.
      Citation: Cryptography
      PubDate: 2022-03-17
      DOI: 10.3390/cryptography6010013
      Issue No: Vol. 6, No. 1 (2022)
       
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
 


Your IP address: 18.232.179.5
 
Home (Search)
API
About JournalTOCs
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-