Cryptography

In this paper, we propose a new symmetric stream cipher encryption algorithm based on Graph Walks and 2-dimensional matrices, called Matrix Encryption Walks (MEW). We offer example Key Matrices and show the efficiency of the proposed method, which operates in linear complexity with an extremely large key space and low-resource requirements. We also provide the Proof of Concept code for the encryption algorithm and a detailed analysis of the security of our proposed MEW. The MEW algorithm is designed for low-resource environments such as IoT or smart devices and is therefore intended to be simple in operation. The encryption, decryption, and key generation time, along with the bytes required to store the key, are all discussed, and similar proposed algorithms are examined and compared. We further discuss the avalanche effect, key space, frequency analysis, Shannon entropy, and chosen/known plaintext-ciphertext attacks, and how MEW remains robust against these attacks. We have also discussed the potential for future research into algorithms such as MEW, which make use of alternative structures and graphic methods for improving encryption models. Full article

Information security is a fundamental and urgent issue in the digital transformation era. Cryptographic techniques and digital signatures have been applied to protect and authenticate relevant information. However, with the advent of quantum computers and quantum algorithms, classical cryptographic techniques have been in danger of collapsing because quantum computers can solve complex problems in polynomial time. Stemming from that risk, researchers worldwide have stepped up research on post-quantum algorithms to resist attack by quantum computers. In this review paper, we survey studies in recent years on post-quantum cryptography (PQC) and provide statistics on the number and content of publications, including a literature overview, detailed explanations of the most common methods so far, current implementation status, implementation comparisons, and discussion on future work. These studies focused on essential public cryptography techniques and digital signature schemes, and the US National Institute of Standards and Technology (NIST) launched a competition to select the best candidate for the expected standard. Recent studies have practically implemented the public key encryption/key encapsulation mechanism (PKE/KEM) and digital signature schemes on different hardware platforms and applied various optimization measures based on other criteria. Along with the increasing number of scientific publications, the recent trend of PQC research is increasingly evident and is the general trend in the cryptography industry. The movement opens up a promising avenue for researchers in public key cryptography and digital signatures, especially on algorithms selected by NIST. Full article

Artificial intelligence (AI) is a modern technology that allows plenty of advantages in daily life, such as predicting weather, finding directions, classifying images and videos, even automatically generating code, text, and videos. Other essential technologies such as blockchain and cybersecurity also benefit from AI. As a core component used in blockchain and cybersecurity, cryptography can benefit from AI in order to enhance the confidentiality and integrity of cyberspace. In this paper, we review the algorithms underlying four prominent cryptographic cryptosystems, namely the Advanced Encryption Standard, the Rivest–Shamir–Adleman, Learning with Errors, and the Ascon family of cryptographic algorithms for authenticated encryption. Where possible, we pinpoint areas where AI can be used to help improve their security. Full article

With the rise of quantum technologies, data security increasingly relies on quantum cryptography and its most notable application, quantum key distribution (QKD). Yet, current technological limitations, in particular, the unavailability of quantum repeaters, cause relatively low key distribution rates in practical QKD implementations. Here, we demonstrate a remarkable improvement in the QKD performance using end-to-end line tomography for the wide class of relevant protocols. Our approach is based on the real-time detection of interventions in the transmission channel, enabling an adaptive response that modifies the QKD setup and post-processing parameters, leading, thereby, to a substantial increase in the key distribution rates. Our findings provide everlastingly secure efficient quantum cryptography deployment potentially overcoming the repeaterless rate-distance limit. Full article

In this paper, we propose a new scheme based on ephemeral elliptic curves over a finite ring with an RSA modulus. The new scheme is a variant of both the RSA and the KMOV cryptosystems and can be used for both signature and encryption. We study the security of the new scheme and show that it is immune to factorization attacks, discrete-logarithm-problem attacks, sum-of-two-squares attacks, sum-of-four-squares attacks, isomorphism attacks, and homomorphism attacks. Moreover, we show that the private exponents can be much smaller than the ordinary exponents in RSA and KMOV, which makes the decryption phase in the new scheme more efficient. Full article

As medical technology advances, there is an increasing need for healthcare providers all over the world to securely share a growing volume of data. Blockchain is a powerful technology that allows multiple parties to securely access and share data. Given the enormous challenge that healthcare systems face in digitizing and sharing health records, it is not unexpected that many are attempting to improve healthcare processes by utilizing blockchain technology. By systematically examining articles published from 2017 to 2022, this review addresses the existing gap by methodically discussing the state, research trends, and challenges of blockchain in medical data exchange. The number of articles on this issue has increased, reflecting the growing importance and interest in blockchain research for medical data exchange. Recent blockchain-based medical data sharing advances include safe healthcare management systems, health data architectures, smart contract frameworks, and encryption approaches. The evaluation examines medical data encryption, blockchain networks, and how the Internet of Things (IoT) improves hospital workflows. The findings show that blockchain can improve patient care and healthcare services by securely sharing data. Full article

Cryptanalysis has been studied and gradually improved with the evolution of cryptosystems over past decades. Recently, deep learning (DL) has started to be used in cryptanalysis to attack digital cryptosystems. As computing power keeps growing, deploying DL-based cryptanalysis becomes feasible in practice. However, since these studies can analyze only one cipher type for one DL model learning, it takes a lot of time to analyze multi ciphers. In this paper, we propose a unified cipher generative adversarial network (UC-GAN), which can perform ciphertext-to-plaintext translations among multiple domains (ciphers) using only a single DL model. In particular, the proposed model is based on unified unsupervised DL for the analysis of classical substitutional ciphers. Simulation results have indicated the feasibility and good performance of the proposed approach. In addition, we compared our experimental results with the findings of conditional GAN, where plaintext and ciphertext pairs in only the single domain are given as training data, and with CipherGAN, which is cipher mapping between unpaired ciphertext and plaintext in the single domain, respectively. The proposed model showed more than 97% accuracy by learning only data without prior knowledge of three substitutional ciphers. These findings could open a new possibility for simultaneously cracking various block ciphers, which has a great impact on the field of cryptography. To the best of our knowledge, this is the first study of the cryptanalysis of multiple cipher algorithms using only a single DL model Full article

The development of Distributed Ledger Technology (DLT) is pushing toward automating decentralized data exchange processes. One of the key components of this evolutionary step is facilitating smart contracts that, in turn, come with several additional vulnerabilities. Despite the existing tools for analyzing smart contracts, keeping these systems running and preserving performance while maintaining a decent level of security in a constantly increasing number of contracts becomes challenging. Machine Learning (ML) methods could be utilized for analyzing and detecting vulnerabilities in DLTs. This work proposes a new ML-based two-phase approach for the detection and classification of vulnerabilities in smart contracts. Firstly, the system’s operation is set up to filter the valid contracts. Secondly, it focuses on detecting a vulnerability type, if any. In contrast to existing approaches in this field of research, our algorithm is more focused on vulnerable contracts, which allows to save time and computing resources in the production environment. According to the results, it is possible to detect vulnerability types with an accuracy of 0.9921, F1 score of 0.9902, precision of 0.9883, and recall of 0.9921 within reasonable execution time, which could be suitable for integrating existing DLTs. Full article

This paper presents a new threshold signature scheme based on Damgaard’s work. The proposed scheme allows for changing the message signature threshold, thereby improving the flexibility of the original Damgaard scheme. This scheme can be applied as a user authentication system using wearable devices. Based on the hardness of lattice problems, this scheme is resistant to attacks on a quantum computer, which is an advantage over the currently used multi-factor authentication schemes. The scheme’s security relies on the computational complexity of the Module-LWE and Module-SIS problems, as well as the Shamir secret sharing scheme’s security. Full article

In the blockchain network, the communication delay between different nodes is a great threat to the distributed ledger consistency of each miner. Blockchain is the core technology of Bitcoin. At present, some research has proven the security of the PoW protocol when the number of delay rounds is small, but in complex asynchronous networks, the research is insufficient on the security of the PoW protocol when the number of delay rounds is large. This paper improves the proposed blockchain main chain record model under the PoW protocol and then proposes the T_OD model, which makes the main chain record in the model more close to the actual situation and reduces the errors caused by the establishment of the model in the analysis process. By comparing the differences between the T_OD model and the original model, it is verified that the improved model has a higher success rate of attack when the probability of mining the delayable block increases. Then, the long delay attack is improved on the balance attack in this paper, which makes the adversary control part of the computing power and improves the success rate of the adversary attack within a certain limit. Full article

Inspired by the advancements in (fully) homomorphic encryption in recent decades and its practical applications, we conducted a preliminary study on the underlying mathematical structure of the corresponding schemes. Hence, this paper focuses on investigating the challenge of deducing bivariate polynomials constructed using homomorphic operations, namely repetitive additions and multiplications. To begin with, we introduce an approach for solving the previously mentioned problem using Lagrange interpolation for the evaluation of univariate polynomials. This method is well-established for determining univariate polynomials that satisfy a specific set of points. Moreover, we propose a second approach based on modular knapsack resolution algorithms. These algorithms are designed to address optimization problems in which a set of objects with specific weights and values is involved. Finally, we provide recommendations on how to run our algorithms in order to obtain better results in terms of precision. Full article

The pervasiveness of IoT and embedded devices allows the deployment of services that were unthinkable only few years ago. Such devices are typically small, run unattended, possibly on batteries and need to have a low cost of production. As all software systems, this type of devices need to be updated for different reasons, e.g., introducing new features, improving/correcting existing functionalities or fixing security flaws. At the same time, because of their low-complexity, standard software distribution platforms and techniques cannot be used to update the software. In this paper we review the current limitations posed to software distribution systems for embedded/IoT devices, consider challenges that the researchers in this area have been identifying and propose the corresponding solutions. Full article

The advent of quantum computing with high processing capabilities will enable brute force attacks in short periods of time, threatening current secure communication channels. To mitigate this situation, post-quantum cryptography (PQC) algorithms have emerged. Among the algorithms evaluated by NIST in the third round of its PQC contest was the NTRU cryptosystem. The main drawback of this algorithm is the enormous amount of time required for the multiplication of polynomials in both the encryption and decryption processes. Therefore, the strategy of speeding up this algorithm using hardware/software co-design techniques where this operation is executed on specific hardware arises. Using these techniques, this work focuses on the acceleration of polynomial multiplication in the encryption process for resource-constrained devices. For this purpose, several hardware multiplications are analyzed following different strategies, taking into account the fact that there are no possible timing information leaks and that the available resources are optimized as much as possible. The designed multiplier is encapsulated as a fully reusable and parametrizable IP module with standard AXI4-Stream interconnection buses, which makes it easy to integrate into embedded systems implemented on programmable devices from different manufacturers. Depending on the resource constraints imposed, accelerations of up to 30–45 times with respect to the software-level multiplication runtime can be achieved using dedicated hardware, with a device occupancy of around 5%. Full article

Currently, cloud computing has become increasingly popular and thus, many people and institutions choose to put their data into the cloud instead of local environments. Given the massive amount of data and the fidelity of cloud servers, adequate security protection and efficient retrieval mechanisms for stored data have become critical problems. Attribute-based encryption brings the ability of fine-grained access control and can achieve a direct encrypted data search while being combined with searchable encryption algorithms. However, most existing schemes only support single-keyword or provide no ranking searching results, which could be inflexible and inefficient in satisfying the real world’s actual needs. We propose a flexible multi-keyword ranked searchable attribute-based scheme using search trees to overcome the above-mentioned problems, allowing users to combine their fuzzy searching keywords with AND–OR logic gates. Moreover, our enhanced scheme not only improves its privacy protection but also goes a step further to apply a semantic search to boost the flexibility and the searching experience of users. With the proposed index-table method and the tree-based searching algorithm, we proved the efficiency and security of our schemes through a series of analyses and experiments. Full article

Since its appearance in 2008, blockchain technology has found multiple uses in fields such as banking, supply chain management, and healthcare. One of the most intriguing uses of blockchain is in voting systems, where the technology can overcome the security and transparency concerns that plague traditional voting systems. This paper provides a thorough examination of the implementation of a blockchain-based voting system. The proposed system employs cryptographic methods to protect voters’ privacy and anonymity while ensuring the verifiability and integrity of election results. Digital signatures, homomorphic encryption (He), zero-knowledge proofs (ZKPs), and the Byzantine fault-tolerant consensus method underpin the system. A review of the literature on the use of blockchain technology for voting systems supports the analysis and the technical and logistical constraints connected with implementing the suggested system. The study suggests solutions to problems such as managing voter identification and authentication, ensuring accessibility for all voters, and dealing with network latency and scalability. The suggested blockchain-based voting system can provide a safe and transparent platform for casting and counting votes, ensuring election results’ privacy, anonymity, and verifiability. The implementation of blockchain technology can overcome traditional voting systems’ security and transparency shortcomings while also delivering a high level of integrity and traceability. Full article

The generation of random numbers is crucial for practical implementations of cryptographic algorithms. In this sense, hardware security modules (HSMs) include true random number generators (TRNGs) implemented in hardware to achieve good random number generation. In the case of cryptographic algorithms implemented on FPGAs, the hardware implementation of RNGs is limited to the programmable cells in the device. Among the different proposals to obtain sources of entropy and process them to implement TRNGs, those based in ring oscillators (ROs), operating in parallel and combined with XOR gates, present good statistical properties at the cost of high area requirements. In this paper, these TRNGs are revisited, showing a method for area optimization independently of the FPGA technology used. Experimental results show that three ring oscillators requiring only three LUTs are enough to build a TRNG on Artix 7 devices from Xilinx with a throughput of 33.3 Kbps, which passes NIST tests. A throughput of 50 Kbps can be achieved with four ring oscillators, also requiring three LUTs in Artix 7 devices, while 100 Kbps can be achieved using an structure with four ring oscillators requiring seven LUTs. Full article

Cryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack, encryption modes can also provide partial protection against bit-flipping. PudgyTurtle is a stream-cipher mode which uses keystream to encode (via an error-correcting code) and to encipher (via modulo-2 addition). Here, we describe the behavior of this mode during bit-flipping attacks and demonstrate how it creates uncertainty about the number, positions, and identities of decrypted bits that will be affected. Full article

A “confidential monetary value” carries information about the real monetary value but does not disclose it. Post-quantum private blockchains with confidential monetary values—large-sized blockchains with large verification times—have the least scalability because they need to save and verify more information than those with “plain-text monetary values”. High scalability is an essential security requirement for decentralized blockchain payment systems because the more honest peers who can afford to verify the blockchain copies are, the higher the security. We propose a quantum-safe transaction protocol for confidential monetary blockchains, LACT+ (Lattice-based Aggregable Confidential Transactions), which is more scalable than previous post-quantum confidential blockchains, i.e., many input/output transactions with logarithmic sized complexity. Full article

The cloud provides on-demand, high-quality services to its users without the burden of managing hardware and software. Though the users benefit from the remote services provided by the cloud, they do not have their personal data in their physical possession. This certainly poses new security threats for personal and confidential data, bringing the focus back on trusting the use of the cloud for sensitive data. The benefits of the cloud outweigh the concerns raised earlier, and with an increase in cloud usage, it becomes more important for security services to evolve in order to address the ever-changing threat landscape. Advanced encryption standard (AES), being one of the most widely used encryption techniques, has inherent disadvantages related to the secret key that is shared, and predictable patterns in subkey generation. In addition, since cloud storage involves data transfer over a wireless channel, it is important to address the effect of noise and multipath propagation on the transmitted data. Catering to this problem, we propose a new approach—the secure and reliable neural cryptcoding (SARNC) technique—which provides a superior algorithm, dealing with better encryption techniques combined with channel coding. A chain is as strong as the weakest link and, in the case of symmetric key encryption, the weakest link is the shared key. In order to overcome this limitation, we propose an approach wherein the key used for cryptographic purposes is different from the key shared between the sender and the receiver. The shared key is used to derive the secret private key, which is generated by the neural key exchange protocol. In addition, the proposed approach emphasizes strengthening the sub-key generation process and integrating advanced encryption standard (AES) with low-density parity check (LDPC) codes to provide end-to-end security and reliability over wireless channels. The proposed technique was tested against research done in related areas. A comparative study shows a significant improvement in PSNR, MSE, and the structural similarity index (SSIM). The key strength analysis was carried out to understand the strength and weaknesses of the keys generated. Full article