The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to secur...The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.展开更多
This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinea...This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinear analytical tools to thoroughly investigate the dynamics of the chaotic map,which allows us to select optimal parameter configurations for the encryption process.Our findings indicate that the proposed sine-cosine map is capable of generating a rich variety of chaotic attractors,an essential characteristic for effective encryption.The encryption technique is based on bit-plane decomposition,wherein a plain image is divided into distinct bit planes.These planes are organized into two matrices:one containing the most significant bit planes and the other housing the least significant ones.The subsequent phases of chaotic confusion and diffusion utilize these matrices to enhance security.An auxiliary matrix is then generated,comprising the combined bit planes that yield the final encrypted image.Experimental results demonstrate that our proposed technique achieves a commendable level of security for safeguarding sensitive patient information in medical images.As a result,image quality is evaluated using the Structural Similarity Index(SSIM),yielding values close to zero for encrypted images and approaching one for decrypted images.Additionally,the entropy values of the encrypted images are near 8,with a Number of Pixel Change Rate(NPCR)and Unified Average Change Intensity(UACI)exceeding 99.50%and 33%,respectively.Furthermore,quantitative assessments of occlusion attacks,along with comparisons to leading algorithms,validate the integrity and efficacy of our medical image encryption approach.展开更多
The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protec...The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protect those links,as the hardware node tends to be resource-constrained.Then Pseudo Random Number Generators are employed to produce random keys,whose final behavior depends on the initial seed.To guarantee good mathematical behavior,most key generators need an unpredictable voltage signal as input.However,physical signals evolve slowly and have a significant autocorrelation,so they do not have enough entropy to support highrandomness seeds.Then,electronic mechanisms to generate those high-entropy signals artificially are required.This paper proposes a robust hyperchaotic circuit to obtain such unpredictable electric signals.The circuit is based on a hyperchaotic dynamic system,showing a large catalog of structures,four different secret parameters,and producing four high entropy voltage signals.Synchronization schemes for the correct secret key calculation and distribution among all remote communicating modules are also analyzed and discussed.Security risks and intruder and attacker models for the proposed solution are explored,too.An experimental validation based on circuit simulations and a real hardware implementation is provided.The results show that the random properties of PRNG improved by up to 11%when seeds were calculated through the proposed circuit.展开更多
Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to ave...Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to average-case reductions. The first lattice-based group signature scheme with verifier-local revocation(VLR) is treated as the first quantum-resistant scheme supported member revocation, and was put forward by Langlois et al. This VLR group signature(VLR-GS) has group public key size of O(nm log N log q), and a signature size of O(tm log N log q log β). Nguyen et al. constructed a simple efficient group signature from lattice, with significant advantages in bit-size of both the group public key and the signature. Based on their work, we present a VLR-GS scheme with group public key size of O(nm log q) and signature size of O(tm log q). Our group signature has notable advantages: support of membership revocation, and short in both the public key size and the signature size.展开更多
Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential....Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential.In this paper,a novel Fibonacci sine exponential map is designed,the hyperchaotic performance of which is particularly suitable for image encryption algorithms.An encryption algorithm tailored for handling the multi-band attributes of remote sensing images is proposed.The algorithm combines a three-dimensional synchronized scrambled diffusion operation with chaos to efficiently encrypt multiple images.Moreover,the keys are processed using an elliptic curve cryptosystem,eliminating the need for an additional channel to transmit the keys,thus enhancing security.Experimental results and algorithm analysis demonstrate that the algorithm offers strong security and high efficiency,making it suitable for remote sensing image encryption tasks.展开更多
In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any mod...In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any modern company. A companys operational and historical data contains strategic and operational knowledge of ever-increasing added value. The emergence of a new paradigm: big data. Today, the value of the data scattered throughout this mother of knowledge is calculated in billions of dollars, depending on its size, scope and area of intervention. With the rise of computer networks and distributed systems, the threats to these sensitive resources have steadily increased, jeopardizing the existence of the company itself by drying up production and losing the interest of customers and suppliers. These threats range from sabotage to bankruptcy. For several decades now, most companies have been using encryption algorithms to protect and secure their information systems against the threats and dangers posed by the inherent vulnerabilities of their infrastructure and the current economic climate. This vulnerability requires companies to make the right choice of algorithms to implement in their management systems. For this reason, the present work aims to carry out a comparative study of the reliability and effectiveness of symmetrical and asymmetrical cryptosystems, in order to identify one or more suitable for securing academic data in the DRC. The analysis of the robustness of commonly used symmetric and asymmetric cryptosystems will be the subject of simulations in this article.展开更多
针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,...针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,既可保障隐私信息安全,亦可使得消息具备新鲜性和不确定性。对所设计协议进行安全性分析、基于GNY逻辑形式化证明、性能分析,结果表明该协议具备良好的安全要求、严谨的推理、性能优于其他对比协议。展开更多
The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital ...The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital identity verification.This paper proposes a quantum-resilient,blockchain-based identity verification framework designed to address critical challenges in privacy preservation,scalability,and post-quantum security.The proposed model integrates Post-quantum Cryptography(PQC),specifically lattice-based cryptographic primitives,with Decentralized Identifiers(DIDs)and Zero-knowledge Proofs(ZKPs)to ensure verifiability,anonymity,and resistance to quantum attacks.A dual-layer architecture is introduced,comprising an identity layer for credential generation and validation,and an application layer for DeFi protocol integration.To evaluate its performance,the framework is tested on multiple real-world DeFi platforms using metrics such as verification latency,throughput,attack resistance,energy efficiency,and quantum attack simulation.The results demonstrate that the proposed framework achieves 90%latency reduction and over 35%throughput improvement compared to traditional blockchain identity solutions.It also exhibits a high quantum resistance score(95/100),with successful secure verification under simulated quantum adversaries.The revocation mechanism—implemented using Merkle-tree-based proofs—achieves average response times under 40 ms,and the system maintains secure operations with energy consumption below 9 J per authentication cycle.Additionally,the paper presents a security and cost tradeoff analysis using ZKP schemes such as Bulletproofs and STARKs,revealing superior bits-per-byte efficiency and reduced proof sizes.Real-world adoption scenarios,including integration with six major DeFi protocols,indicate a 25%increase in verified users and a 15%improvement in Total Value Locked(TVL).The proposed solution is projected to remain secure until 2041(basic version)and 2043(advanced version),ensuring long-term sustainability and future-proofing against evolving quantum threats.This work establishes a scalable,privacy-preserving identity model that aligns with emerging post-quantum security standards for decentralized ecosystems.展开更多
With the recent advances in quantum computing,the key agreement algorithm based on traditional cryptography theory,which is applied to the Internet of Things(IoT)scenario,will no longer be secure due to the possibilit...With the recent advances in quantum computing,the key agreement algorithm based on traditional cryptography theory,which is applied to the Internet of Things(IoT)scenario,will no longer be secure due to the possibility of information leakage.In this paper,we propose a anti-quantum dynamic authenticated group key agreement scheme(AQDA-GKA)according to the ring-learning with errors(RLWE)problem,which is suitable for IoT environments.First,the proposed AQDA-GKA scheme can implement a group key agreement against quantum computing attacks by leveraging an RLWE-based key agreement mechanism.Second,this scheme can achieve dynamic node management,ensuring that any node can freely join or exit the current group.Third,we formally prove that the proposed scheme can resist quantum computing attacks as well as collusion attacks.Finally,the performance and security analysis reveals that the proposed AQDA-GKA scheme is secure and effective.展开更多
This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. ...This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the CanettiHalevi-Katz(CHK) transformation to transform it into a fully secure system in the traditional public key setting.Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.展开更多
文摘The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.
文摘This paper presents a high-security medical image encryption method that leverages a novel and robust sine-cosine map.The map demonstrates remarkable chaotic dynamics over a wide range of parameters.We employ nonlinear analytical tools to thoroughly investigate the dynamics of the chaotic map,which allows us to select optimal parameter configurations for the encryption process.Our findings indicate that the proposed sine-cosine map is capable of generating a rich variety of chaotic attractors,an essential characteristic for effective encryption.The encryption technique is based on bit-plane decomposition,wherein a plain image is divided into distinct bit planes.These planes are organized into two matrices:one containing the most significant bit planes and the other housing the least significant ones.The subsequent phases of chaotic confusion and diffusion utilize these matrices to enhance security.An auxiliary matrix is then generated,comprising the combined bit planes that yield the final encrypted image.Experimental results demonstrate that our proposed technique achieves a commendable level of security for safeguarding sensitive patient information in medical images.As a result,image quality is evaluated using the Structural Similarity Index(SSIM),yielding values close to zero for encrypted images and approaching one for decrypted images.Additionally,the entropy values of the encrypted images are near 8,with a Number of Pixel Change Rate(NPCR)and Unified Average Change Intensity(UACI)exceeding 99.50%and 33%,respectively.Furthermore,quantitative assessments of occlusion attacks,along with comparisons to leading algorithms,validate the integrity and efficacy of our medical image encryption approach.
基金supported by Comunidad de Madrid within the framework of the Multiannual Agreement with Universidad Politecnica de Madrid to encourage research by young doctors(PRINCE).
文摘The Industry 4.0 revolution is characterized by distributed infrastructures where data must be continuously communicated between hardware nodes and cloud servers.Specific lightweight cryptosystems are needed to protect those links,as the hardware node tends to be resource-constrained.Then Pseudo Random Number Generators are employed to produce random keys,whose final behavior depends on the initial seed.To guarantee good mathematical behavior,most key generators need an unpredictable voltage signal as input.However,physical signals evolve slowly and have a significant autocorrelation,so they do not have enough entropy to support highrandomness seeds.Then,electronic mechanisms to generate those high-entropy signals artificially are required.This paper proposes a robust hyperchaotic circuit to obtain such unpredictable electric signals.The circuit is based on a hyperchaotic dynamic system,showing a large catalog of structures,four different secret parameters,and producing four high entropy voltage signals.Synchronization schemes for the correct secret key calculation and distribution among all remote communicating modules are also analyzed and discussed.Security risks and intruder and attacker models for the proposed solution are explored,too.An experimental validation based on circuit simulations and a real hardware implementation is provided.The results show that the random properties of PRNG improved by up to 11%when seeds were calculated through the proposed circuit.
基金the National Natural Science Foundations of China(Nos.61472309,61672412,61572390and 61402353)the 111 Project(No.B08038)Research Program of Anhui Education Committee(Nos.KJ2016A626,KJ2016A627)
文摘Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to average-case reductions. The first lattice-based group signature scheme with verifier-local revocation(VLR) is treated as the first quantum-resistant scheme supported member revocation, and was put forward by Langlois et al. This VLR group signature(VLR-GS) has group public key size of O(nm log N log q), and a signature size of O(tm log N log q log β). Nguyen et al. constructed a simple efficient group signature from lattice, with significant advantages in bit-size of both the group public key and the signature. Based on their work, we present a VLR-GS scheme with group public key size of O(nm log q) and signature size of O(tm log q). Our group signature has notable advantages: support of membership revocation, and short in both the public key size and the signature size.
基金supported by the National Natural Science Foundation of China(Grant No.91948303)。
文摘Remote sensing images carry crucial ground information,often involving the spatial distribution and spatiotemporal changes of surface elements.To safeguard this sensitive data,image encryption technology is essential.In this paper,a novel Fibonacci sine exponential map is designed,the hyperchaotic performance of which is particularly suitable for image encryption algorithms.An encryption algorithm tailored for handling the multi-band attributes of remote sensing images is proposed.The algorithm combines a three-dimensional synchronized scrambled diffusion operation with chaos to efficiently encrypt multiple images.Moreover,the keys are processed using an elliptic curve cryptosystem,eliminating the need for an additional channel to transmit the keys,thus enhancing security.Experimental results and algorithm analysis demonstrate that the algorithm offers strong security and high efficiency,making it suitable for remote sensing image encryption tasks.
文摘In the digital age, the data exchanged within a company is a wealth of knowledge. The survival, growth and influence of a company in the short, medium and long term depend on it. Indeed, it is the lifeblood of any modern company. A companys operational and historical data contains strategic and operational knowledge of ever-increasing added value. The emergence of a new paradigm: big data. Today, the value of the data scattered throughout this mother of knowledge is calculated in billions of dollars, depending on its size, scope and area of intervention. With the rise of computer networks and distributed systems, the threats to these sensitive resources have steadily increased, jeopardizing the existence of the company itself by drying up production and losing the interest of customers and suppliers. These threats range from sabotage to bankruptcy. For several decades now, most companies have been using encryption algorithms to protect and secure their information systems against the threats and dangers posed by the inherent vulnerabilities of their infrastructure and the current economic climate. This vulnerability requires companies to make the right choice of algorithms to implement in their management systems. For this reason, the present work aims to carry out a comparative study of the reliability and effectiveness of symmetrical and asymmetrical cryptosystems, in order to identify one or more suitable for securing academic data in the DRC. The analysis of the robustness of commonly used symmetric and asymmetric cryptosystems will be the subject of simulations in this article.
文摘针对现有大多数协议无法实现服务器、电子标签及读写器三方之间相互认证的缺陷,提出一种基于R-LWE(Learning with Errors over Ring)密码体制下可实现三方认证的协议。协议采用理想格对重要隐私信息进行加密,且加密同时混入不同随机数,既可保障隐私信息安全,亦可使得消息具备新鲜性和不确定性。对所设计协议进行安全性分析、基于GNY逻辑形式化证明、性能分析,结果表明该协议具备良好的安全要求、严谨的推理、性能优于其他对比协议。
文摘The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital identity verification.This paper proposes a quantum-resilient,blockchain-based identity verification framework designed to address critical challenges in privacy preservation,scalability,and post-quantum security.The proposed model integrates Post-quantum Cryptography(PQC),specifically lattice-based cryptographic primitives,with Decentralized Identifiers(DIDs)and Zero-knowledge Proofs(ZKPs)to ensure verifiability,anonymity,and resistance to quantum attacks.A dual-layer architecture is introduced,comprising an identity layer for credential generation and validation,and an application layer for DeFi protocol integration.To evaluate its performance,the framework is tested on multiple real-world DeFi platforms using metrics such as verification latency,throughput,attack resistance,energy efficiency,and quantum attack simulation.The results demonstrate that the proposed framework achieves 90%latency reduction and over 35%throughput improvement compared to traditional blockchain identity solutions.It also exhibits a high quantum resistance score(95/100),with successful secure verification under simulated quantum adversaries.The revocation mechanism—implemented using Merkle-tree-based proofs—achieves average response times under 40 ms,and the system maintains secure operations with energy consumption below 9 J per authentication cycle.Additionally,the paper presents a security and cost tradeoff analysis using ZKP schemes such as Bulletproofs and STARKs,revealing superior bits-per-byte efficiency and reduced proof sizes.Real-world adoption scenarios,including integration with six major DeFi protocols,indicate a 25%increase in verified users and a 15%improvement in Total Value Locked(TVL).The proposed solution is projected to remain secure until 2041(basic version)and 2043(advanced version),ensuring long-term sustainability and future-proofing against evolving quantum threats.This work establishes a scalable,privacy-preserving identity model that aligns with emerging post-quantum security standards for decentralized ecosystems.
基金Supported by the National Engineering Research Center of Classified Protection and Safeguard Technology for Cybersecurity(No.C23640-XD-07)the Open Foundation of Key Laboratory of Cyberspace Security of Ministry of Education of China and Henan Key Laboratory of Network Cryptography(No.KLCS20240301)。
文摘With the recent advances in quantum computing,the key agreement algorithm based on traditional cryptography theory,which is applied to the Internet of Things(IoT)scenario,will no longer be secure due to the possibility of information leakage.In this paper,we propose a anti-quantum dynamic authenticated group key agreement scheme(AQDA-GKA)according to the ring-learning with errors(RLWE)problem,which is suitable for IoT environments.First,the proposed AQDA-GKA scheme can implement a group key agreement against quantum computing attacks by leveraging an RLWE-based key agreement mechanism.Second,this scheme can achieve dynamic node management,ensuring that any node can freely join or exit the current group.Third,we formally prove that the proposed scheme can resist quantum computing attacks as well as collusion attacks.Finally,the performance and security analysis reveals that the proposed AQDA-GKA scheme is secure and effective.
基金the National Natural Science Foundation of China(Nos.61202023,60903189 and 61133014)
文摘This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the CanettiHalevi-Katz(CHK) transformation to transform it into a fully secure system in the traditional public key setting.Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.
