Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computat...Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computational overhead may result in a significant performance reduction compared with conventional TLS.In this paper,we present a systematic evaluation of PQ-TLS performance across diverse deployment scenarios to address the following critical research questions.(1)What is the performance behavior of PQ-TLS across different TLS modes?(2)How does PQ-TLS perform across varying client scales?(3)Which network topology is most suitable for PQ-TLS?(4)How does PQ-TLS perform on personal computers(PCs)compared to embedded IoT devices?To the best of our knowledge,this is the first work to comprehensively address these issues,offering implementers some insights into PQ-TLS performance and guidance for optimizing it across diverse scenarios.展开更多
This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relat...This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).展开更多
Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if dat...Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.展开更多
Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a n...Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a novel one-dimensional discontinuous chaotic system integrating polynomial and sine functions,leveraging a piecewise function to achieve a broad chaotic range()and a high Lyapunov exponent(5.04).Validated through nine benchmarks,including standard randomness tests,Diehard tests,and Shannon entropy(3.883),SPCM demonstrates superior randomness and high sensitivity to initial conditions.Applied to image encryption,SPCM achieves 0.152582 s(39%faster than some techniques)and 433.42 KB/s throughput(134%higher than some techniques),setting new benchmarks for chaotic map-based methods in WSNs.Chaos-based permutation and exclusive or(XOR)diffusion yield near-zero correlation in encrypted images,ensuring strong resistance to Statistical Attacks(SA)and accurate recovery.SPCM also exhibits a strong avalanche effect(bit difference),making it an efficient,secure solution for WSNs in domains like healthcare and smart cities.展开更多
With the accelerated growth of the Internet of Things(IoT),real-time data processing on edge devices is increasingly important for reducing overhead and enhancing security by keeping sensitive data local.Since these d...With the accelerated growth of the Internet of Things(IoT),real-time data processing on edge devices is increasingly important for reducing overhead and enhancing security by keeping sensitive data local.Since these devices often handle personal information under limited resources,cryptographic algorithms must be executed efficiently.Their computational characteristics strongly affect system performance,making it necessary to analyze resource impact and predict usage under diverse configurations.In this paper,we analyze the phase-level resource usage of AES variants,ChaCha20,ECC,and RSA on an edge device and develop a prediction model.We apply these algorithms under varying parallelism levels and execution strategies across key generation,encryption,and decryption phases.Based on the analysis,we train a unified Random Forest model using execution context and temporal features,achieving R2 values up to 0.994 for power and 0.988 for temperature.Furthermore,the model maintains practical predictive performance even for cryptographic algorithms not included during training,demonstrating its ability to generalize across distinct computational characteristics.Our proposed approach reveals how execution characteristics and resource usage interacts,supporting proactive resource planning and efficient deployment of cryptographic workloads on edge devices.As our approach is grounded in phase-level computational characteristics rather than in any single algorithm,it provides generalizable insights that can be extended to a broader range of cryptographic algorithms that exhibit comparable phase-level execution patterns and to heterogeneous edge architectures.展开更多
As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)system...As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)systems.These systems are essential for monitoring and controlling industrial operations,making their security paramount.A key threat arises from Shor’s algorithm,a powerful quantum computing tool that can compromise current hash functions,leading to significant concerns about data integrity and confidentiality.To tackle these issues,this article introduces a novel Quantum-Resistant Hash Algorithm(QRHA)known as the Modular Hash Learning Algorithm(MHLA).This algorithm is meticulously crafted to withstand potential quantum attacks by incorporating advanced mathematical and algorithmic techniques,enhancing its overall security framework.Our research delves into the effectiveness ofMHLA in defending against both traditional and quantum-based threats,with a particular emphasis on its resilience to Shor’s algorithm.The findings from our study demonstrate that MHLA significantly enhances the security of SCADA systems in the context of quantum technology.By ensuring that sensitive data remains protected and confidential,MHLA not only fortifies individual systems but also contributes to the broader efforts of safeguarding industrial and infrastructure control systems against future quantumthreats.Our evaluation demonstrates that MHLA improves security by 38%against quantumattack simulations compared to traditional hash functionswhilemaintaining a computational efficiency ofO(m⋅n⋅k+v+n).The algorithm achieved a 98%success rate in detecting data tampering during integrity testing.These findings underline MHLA’s effectiveness in enhancing SCADA system security amidst evolving quantum technologies.This research represents a crucial step toward developing more secure cryptographic systems that can adapt to the rapidly changing technological landscape,ultimately ensuring the reliability and integrity of critical infrastructure in an era where quantum computing poses a growing risk.展开更多
Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we...Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.展开更多
针对目前格上环签名方案在环成员数量较多的情况下,签名效率低下且签名尺寸和公钥尺寸过大的问题,基于零知识证明,使用E-MLWE(extended module learning with errors)和MSIS(module short interger solution)问题降低了公钥大小,结合拒...针对目前格上环签名方案在环成员数量较多的情况下,签名效率低下且签名尺寸和公钥尺寸过大的问题,基于零知识证明,使用E-MLWE(extended module learning with errors)和MSIS(module short interger solution)问题降低了公钥大小,结合拒绝采样算法和追踪机制设计了一种可追踪环签名方案,签名算法中使用递归算法压缩了承诺的大小,进一步降低了签名尺寸,在随机预言机模型下证明方案满足可链接性、匿名性和抗陷害性。性能分析表明,签名尺寸与环成员数量为对数大小关系,在环成员数量较多时,公钥的存储开销和签名的通信开销具有明显优势。展开更多
随着神经密码学的出现,越来越多研究使用神经网络来训练加解密算法,其中采用对抗网络可实现端到端的高安全加解密,但存在开销大、速度慢等问题。通过对运算单元核心、数据存储架构和数据流行为进行协同优化设计,提出一种面向神经网络的...随着神经密码学的出现,越来越多研究使用神经网络来训练加解密算法,其中采用对抗网络可实现端到端的高安全加解密,但存在开销大、速度慢等问题。通过对运算单元核心、数据存储架构和数据流行为进行协同优化设计,提出一种面向神经网络的可配置加解密硬件设计方案。该方案首先对加解密模型进行硬件友好型优化,完成网络训练和量化;然后,采用Winograd+DSP48的卷积加速方法,将所需96个乘法器降低到32个;最后,设计CPU控制与调度系统架构,结合动态控制加速器的操作模式,实现高性能可配置加解密硬件电路。实验结果表明,所提方案最高工作频率为133 MHz,功耗为32.4 m W,吞吐量为17.06 GOPs。加解密网络的正确率达100%,破解网络正确率接近50%,硬件电路具备可配置和高安全特性。展开更多
基金Special Fund for Key Technologies in Blockchain of Shanghai Scientific and Technological Committee(23511100300)。
文摘Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computational overhead may result in a significant performance reduction compared with conventional TLS.In this paper,we present a systematic evaluation of PQ-TLS performance across diverse deployment scenarios to address the following critical research questions.(1)What is the performance behavior of PQ-TLS across different TLS modes?(2)How does PQ-TLS perform across varying client scales?(3)Which network topology is most suitable for PQ-TLS?(4)How does PQ-TLS perform on personal computers(PCs)compared to embedded IoT devices?To the best of our knowledge,this is the first work to comprehensively address these issues,offering implementers some insights into PQ-TLS performance and guidance for optimizing it across diverse scenarios.
文摘This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).
基金This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(NRF2019R1A2C1085718)was supported by the Soonchunhyang University Research Fund.
文摘Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korean government Ministry of Science and ICT(MIST)(RS-2022-00165225).
文摘Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a novel one-dimensional discontinuous chaotic system integrating polynomial and sine functions,leveraging a piecewise function to achieve a broad chaotic range()and a high Lyapunov exponent(5.04).Validated through nine benchmarks,including standard randomness tests,Diehard tests,and Shannon entropy(3.883),SPCM demonstrates superior randomness and high sensitivity to initial conditions.Applied to image encryption,SPCM achieves 0.152582 s(39%faster than some techniques)and 433.42 KB/s throughput(134%higher than some techniques),setting new benchmarks for chaotic map-based methods in WSNs.Chaos-based permutation and exclusive or(XOR)diffusion yield near-zero correlation in encrypted images,ensuring strong resistance to Statistical Attacks(SA)and accurate recovery.SPCM also exhibits a strong avalanche effect(bit difference),making it an efficient,secure solution for WSNs in domains like healthcare and smart cities.
基金supported in part by the National Research Foundation of Korea(NRF)(No.RS-2025-00554650)supported by the Chung-Ang University research grant in 2024。
文摘With the accelerated growth of the Internet of Things(IoT),real-time data processing on edge devices is increasingly important for reducing overhead and enhancing security by keeping sensitive data local.Since these devices often handle personal information under limited resources,cryptographic algorithms must be executed efficiently.Their computational characteristics strongly affect system performance,making it necessary to analyze resource impact and predict usage under diverse configurations.In this paper,we analyze the phase-level resource usage of AES variants,ChaCha20,ECC,and RSA on an edge device and develop a prediction model.We apply these algorithms under varying parallelism levels and execution strategies across key generation,encryption,and decryption phases.Based on the analysis,we train a unified Random Forest model using execution context and temporal features,achieving R2 values up to 0.994 for power and 0.988 for temperature.Furthermore,the model maintains practical predictive performance even for cryptographic algorithms not included during training,demonstrating its ability to generalize across distinct computational characteristics.Our proposed approach reveals how execution characteristics and resource usage interacts,supporting proactive resource planning and efficient deployment of cryptographic workloads on edge devices.As our approach is grounded in phase-level computational characteristics rather than in any single algorithm,it provides generalizable insights that can be extended to a broader range of cryptographic algorithms that exhibit comparable phase-level execution patterns and to heterogeneous edge architectures.
基金Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2025R343),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabiathe Deanship of Scientific Research at Northern Border University,Arar,Saudi Arabia for funding this research work through the project number NBU-FFR-2025-1092-10.
文摘As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)systems.These systems are essential for monitoring and controlling industrial operations,making their security paramount.A key threat arises from Shor’s algorithm,a powerful quantum computing tool that can compromise current hash functions,leading to significant concerns about data integrity and confidentiality.To tackle these issues,this article introduces a novel Quantum-Resistant Hash Algorithm(QRHA)known as the Modular Hash Learning Algorithm(MHLA).This algorithm is meticulously crafted to withstand potential quantum attacks by incorporating advanced mathematical and algorithmic techniques,enhancing its overall security framework.Our research delves into the effectiveness ofMHLA in defending against both traditional and quantum-based threats,with a particular emphasis on its resilience to Shor’s algorithm.The findings from our study demonstrate that MHLA significantly enhances the security of SCADA systems in the context of quantum technology.By ensuring that sensitive data remains protected and confidential,MHLA not only fortifies individual systems but also contributes to the broader efforts of safeguarding industrial and infrastructure control systems against future quantumthreats.Our evaluation demonstrates that MHLA improves security by 38%against quantumattack simulations compared to traditional hash functionswhilemaintaining a computational efficiency ofO(m⋅n⋅k+v+n).The algorithm achieved a 98%success rate in detecting data tampering during integrity testing.These findings underline MHLA’s effectiveness in enhancing SCADA system security amidst evolving quantum technologies.This research represents a crucial step toward developing more secure cryptographic systems that can adapt to the rapidly changing technological landscape,ultimately ensuring the reliability and integrity of critical infrastructure in an era where quantum computing poses a growing risk.
文摘Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.
文摘针对目前格上环签名方案在环成员数量较多的情况下,签名效率低下且签名尺寸和公钥尺寸过大的问题,基于零知识证明,使用E-MLWE(extended module learning with errors)和MSIS(module short interger solution)问题降低了公钥大小,结合拒绝采样算法和追踪机制设计了一种可追踪环签名方案,签名算法中使用递归算法压缩了承诺的大小,进一步降低了签名尺寸,在随机预言机模型下证明方案满足可链接性、匿名性和抗陷害性。性能分析表明,签名尺寸与环成员数量为对数大小关系,在环成员数量较多时,公钥的存储开销和签名的通信开销具有明显优势。
文摘随着神经密码学的出现,越来越多研究使用神经网络来训练加解密算法,其中采用对抗网络可实现端到端的高安全加解密,但存在开销大、速度慢等问题。通过对运算单元核心、数据存储架构和数据流行为进行协同优化设计,提出一种面向神经网络的可配置加解密硬件设计方案。该方案首先对加解密模型进行硬件友好型优化,完成网络训练和量化;然后,采用Winograd+DSP48的卷积加速方法,将所需96个乘法器降低到32个;最后,设计CPU控制与调度系统架构,结合动态控制加速器的操作模式,实现高性能可配置加解密硬件电路。实验结果表明,所提方案最高工作频率为133 MHz,功耗为32.4 m W,吞吐量为17.06 GOPs。加解密网络的正确率达100%,破解网络正确率接近50%,硬件电路具备可配置和高安全特性。
