Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computat...Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computational overhead may result in a significant performance reduction compared with conventional TLS.In this paper,we present a systematic evaluation of PQ-TLS performance across diverse deployment scenarios to address the following critical research questions.(1)What is the performance behavior of PQ-TLS across different TLS modes?(2)How does PQ-TLS perform across varying client scales?(3)Which network topology is most suitable for PQ-TLS?(4)How does PQ-TLS perform on personal computers(PCs)compared to embedded IoT devices?To the best of our knowledge,this is the first work to comprehensively address these issues,offering implementers some insights into PQ-TLS performance and guidance for optimizing it across diverse scenarios.展开更多
TheIndustrial Internet of Things(IIoT)has emerged as a cornerstone of Industry 4.0,enabling large-scale automation and data-driven decision-making across factories,supply chains,and critical infrastructures.However,th...TheIndustrial Internet of Things(IIoT)has emerged as a cornerstone of Industry 4.0,enabling large-scale automation and data-driven decision-making across factories,supply chains,and critical infrastructures.However,the massive interconnection of resource-constrained devices also amplifies the risks of eavesdropping,data tampering,and device impersonation.While digital signatures are indispensable for ensuring authenticity and non-repudiation,conventional schemes such as RSA and ECCare vulnerable to quantumalgorithms,jeopardizing long-termtrust in IIoT deployments.This study proposes a lightweight,stateless,hash-based signature scheme that achieves post-quantum security while addressing the stringent efficiency demands of IIoT.The design introduces two key optimizations:(1)Forest ofRandomSubsets(FORS)onDemand,where subset secret keys are generated dynamically via a PseudoRandom Function(PRF),thereby minimizing storage overhead and eliminating key-reuse risks;and(2)Winternitz One-Time Signature Plus(WOTS+)partial hash-chain caching,which precomputes intermediate hash values at edge gateways,reducing device-side computations,latency,and energy consumption.The architecture integrates a multi-layerMerkle authentication tree(Merkle tree)and role-based delegation across sensors,gateways,and a Signature Authority Center(SAC),supporting scalable cross-site deployment and key rotation.Froma theoretical perspective,we establish a formal(Existential Unforgeability under Chosen Message Attack)EUF-CMA security proof using a game-based reduction framework.The proof demonstrates that any successful forgerymust reduce to breaking the underlying assumptions of PRF indistinguishability,(second)preimage resistance,or collision resistance,thus quantifying adversarial advantage and ensuring unforgeability.On the implementation side,our design achieves a balanced trade-off between postquantum security and lightweight performance,offering concrete deployment guidelines for real-time industrial systems.In summary,the proposed method contributes both practical system design and formal security guarantees,providing IIoT with a deployable signature substrate that enhances resilience against quantum-era threats and supports future extensions such as device attestation,group signatures,and anomaly detection.展开更多
The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreser...The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.展开更多
Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective ...Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.展开更多
With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these t...With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these technologies face critical security challenges,exacerbated by the emergence of quantum computing,which threatens traditional encryption methods.The rise in cyber-attacks targeting IoT and Edge/Fog networks underscores the need for robust,quantum-resistant security solutions.To address these challenges,researchers are focusing on Quantum Key Distribution and Post-Quantum Cryptography,which utilize quantum-resistant algorithms and the principles of quantum mechanics to ensure data confidentiality and integrity.This paper reviews the current security practices in IoT and Edge/Fog environments,explores the latest advancements in QKD and PQC technologies,and discusses their integration into distributed computing systems.Additionally,this paper proposes an enhanced QKD protocol combining the Cascade protocol and Kyber algorithm to address existing limitations.Finally,we highlight future research directions aimed at improving the scalability,efficiency,and practicality of QKD and PQC for securing IoT and Edge/Fog networks against evolving quantum threats.展开更多
Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematica...Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematical and computer modeling of a novel two-dimensional(2D)chaotic system for secure key generation in quantum image encryption(QIE).The proposed map employs trigonometric perturbations in conjunction with rational-saturation functions and hence,named as Trigonometric-Rational-Saturation(TRS)map.Through rigorous mathematical analysis and computational simulations,the map is extensively evaluated for bifurcation behaviour,chaotic trajectories,and Lyapunov exponents.The security evaluation validates the map’s non-linearity,unpredictability,and sensitive dependence on initial conditions.In addition,the proposed TRS map has further been tested by integrating it in a QIE scheme.The QIE scheme first quantum-encodes the classic image using the Novel Enhanced Quantum Representation(NEQR)technique,the TRS map is used for the generation of secure diffusion key,which is XOR-ed with the quantum-ready image to obtain the encrypted images.The security evaluation of the QIE scheme demonstrates superior security of the encrypted images in terms of statistical security attacks and also against Differential attacks.The encrypted images exhibit zero correlation and maximum entropy with demonstrating strong resilience due to 99.62%and 33.47%results for Number of Pixels Change Rate(NPCR)and Unified Average Changing Intensity(UACI).The results validate the effectiveness of TRS-based quantum encryption scheme in securing digital images against emerging quantum threats,making it suitable for secure image encryption in IoT and edge-based applications.展开更多
In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the...In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the pixels of the plain-text are scanned one by one. Four logistic maps are used to generate the encryption key stream and the new place in the cipher image of plain image pixels, including the row and column of the block which the pixel belongs to and the place where the pixel would be placed in the block. After encrypting each pixel, the initial conditions of logistic maps would be changed ac- cording to the encrypted pixel's value; after encrypting each row of plain image, the initial condition would also be changed by the skew tent map. At last, it is illustrated that this algorithm has a faster speed, big key space, and better properties in withstanding differential attacks, statistical analysis, known plaintext, and chosen plaintext attacks.展开更多
We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same...We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same key length of 80 bits. On the basis of the bit-oriented faulty model and the differential analysis principle, we describe the attack that combines differential fault attack with the meet-in-the-middle (MITM) attack on the KATAN32. More precisely, inducing a fault at a bit, we can recover some linear differential fault equations on the key bits. During solving equations, without the help of computer, we need only algebraic deduction to obtain relations of some key bits. The complexity in this process is neglectable. The secret key of the full cipher can be recovered faster than exhaustive search for all three block sizes in the KATAN family. Our result describes that KATAN32 is vulnerable.展开更多
This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the...This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the fault location and the fault-propagation path.It shows that FPP-DFA is very effective on SPN structure block ciphers using bitwise permutation,which is applied to two block ciphers.The first is PRESENT with the substitution permutation sequence.With the fault model of injecting one nibble fault into the r-2nd round,on average 8 and 16 faults can reduce the key search space of PRESENT-80/128 to 214.7 and 221.1,respectively.The second is PRINTcipher with the permutation substitution sequence.For the first time,it shows that although the permutation of PRINTcipher is secret key dependent,FPP-DFA still works well on it.With the fault model of injecting one nibble fault into the r-2nd round,12 and 24 effective faults can reduce the key search space of PRINTcipher-48/96 to 213.7 and 222.8,respectively.展开更多
基金Special Fund for Key Technologies in Blockchain of Shanghai Scientific and Technological Committee(23511100300)。
文摘Post-quantum transport layer security(PQ-TLS)is capable of effectively defending against quantum threats to current network communications,whereas its larger public key and certificate sizes as well as higher computational overhead may result in a significant performance reduction compared with conventional TLS.In this paper,we present a systematic evaluation of PQ-TLS performance across diverse deployment scenarios to address the following critical research questions.(1)What is the performance behavior of PQ-TLS across different TLS modes?(2)How does PQ-TLS perform across varying client scales?(3)Which network topology is most suitable for PQ-TLS?(4)How does PQ-TLS perform on personal computers(PCs)compared to embedded IoT devices?To the best of our knowledge,this is the first work to comprehensively address these issues,offering implementers some insights into PQ-TLS performance and guidance for optimizing it across diverse scenarios.
文摘TheIndustrial Internet of Things(IIoT)has emerged as a cornerstone of Industry 4.0,enabling large-scale automation and data-driven decision-making across factories,supply chains,and critical infrastructures.However,the massive interconnection of resource-constrained devices also amplifies the risks of eavesdropping,data tampering,and device impersonation.While digital signatures are indispensable for ensuring authenticity and non-repudiation,conventional schemes such as RSA and ECCare vulnerable to quantumalgorithms,jeopardizing long-termtrust in IIoT deployments.This study proposes a lightweight,stateless,hash-based signature scheme that achieves post-quantum security while addressing the stringent efficiency demands of IIoT.The design introduces two key optimizations:(1)Forest ofRandomSubsets(FORS)onDemand,where subset secret keys are generated dynamically via a PseudoRandom Function(PRF),thereby minimizing storage overhead and eliminating key-reuse risks;and(2)Winternitz One-Time Signature Plus(WOTS+)partial hash-chain caching,which precomputes intermediate hash values at edge gateways,reducing device-side computations,latency,and energy consumption.The architecture integrates a multi-layerMerkle authentication tree(Merkle tree)and role-based delegation across sensors,gateways,and a Signature Authority Center(SAC),supporting scalable cross-site deployment and key rotation.Froma theoretical perspective,we establish a formal(Existential Unforgeability under Chosen Message Attack)EUF-CMA security proof using a game-based reduction framework.The proof demonstrates that any successful forgerymust reduce to breaking the underlying assumptions of PRF indistinguishability,(second)preimage resistance,or collision resistance,thus quantifying adversarial advantage and ensuring unforgeability.On the implementation side,our design achieves a balanced trade-off between postquantum security and lightweight performance,offering concrete deployment guidelines for real-time industrial systems.In summary,the proposed method contributes both practical system design and formal security guarantees,providing IIoT with a deployable signature substrate that enhances resilience against quantum-era threats and supports future extensions such as device attestation,group signatures,and anomaly detection.
文摘The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.
基金National Natural Science Foundation of China(62272147,12471492,62072161,12401687)Shandong Provincial Natural Science Foundation(ZR2024QA205)+1 种基金Science and Technology on Communication Security Laboratory Foundation(6142103012207)Innovation Group Project of the Natural Science Foundation of Hubei Province of China(2023AFA021)。
文摘Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.
基金supported by the National Research Foundation of Korea(NRF)funded by theMinistry of Science and ICT(2022K1A3A1A61014825)。
文摘With the rapid advancement of ICT and IoT technologies,the integration of Edge and Fog Computing has become essential to meet the increasing demands for real-time data processing and network efficiency.However,these technologies face critical security challenges,exacerbated by the emergence of quantum computing,which threatens traditional encryption methods.The rise in cyber-attacks targeting IoT and Edge/Fog networks underscores the need for robust,quantum-resistant security solutions.To address these challenges,researchers are focusing on Quantum Key Distribution and Post-Quantum Cryptography,which utilize quantum-resistant algorithms and the principles of quantum mechanics to ensure data confidentiality and integrity.This paper reviews the current security practices in IoT and Edge/Fog environments,explores the latest advancements in QKD and PQC technologies,and discusses their integration into distributed computing systems.Additionally,this paper proposes an enhanced QKD protocol combining the Cascade protocol and Kyber algorithm to address existing limitations.Finally,we highlight future research directions aimed at improving the scalability,efficiency,and practicality of QKD and PQC for securing IoT and Edge/Fog networks against evolving quantum threats.
基金funded by Deanship of Research and Graduate Studies at King Khalid University.The authors extend their appreciation to the Deanship of Research and Graduate Studies at King Khalid University for funding this work through Large Group Project under grant number(RGP.2/556/45).
文摘Ensuring information security in the quantum era is a growing challenge due to advancements in cryptographic attacks and the emergence of quantum computing.To address these concerns,this paper presents the mathematical and computer modeling of a novel two-dimensional(2D)chaotic system for secure key generation in quantum image encryption(QIE).The proposed map employs trigonometric perturbations in conjunction with rational-saturation functions and hence,named as Trigonometric-Rational-Saturation(TRS)map.Through rigorous mathematical analysis and computational simulations,the map is extensively evaluated for bifurcation behaviour,chaotic trajectories,and Lyapunov exponents.The security evaluation validates the map’s non-linearity,unpredictability,and sensitive dependence on initial conditions.In addition,the proposed TRS map has further been tested by integrating it in a QIE scheme.The QIE scheme first quantum-encodes the classic image using the Novel Enhanced Quantum Representation(NEQR)technique,the TRS map is used for the generation of secure diffusion key,which is XOR-ed with the quantum-ready image to obtain the encrypted images.The security evaluation of the QIE scheme demonstrates superior security of the encrypted images in terms of statistical security attacks and also against Differential attacks.The encrypted images exhibit zero correlation and maximum entropy with demonstrating strong resilience due to 99.62%and 33.47%results for Number of Pixels Change Rate(NPCR)and Unified Average Changing Intensity(UACI).The results validate the effectiveness of TRS-based quantum encryption scheme in securing digital images against emerging quantum threats,making it suitable for secure image encryption in IoT and edge-based applications.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61370145,61173183,and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China(Grant No.20070141014)+2 种基金the Program for Liaoning Excellent Talents in University,China(Grant No.LR2012003)the National Natural Science Foundation of Liaoning Province,China(Grant No.20082165)the Fundamental Research Funds for the Central Universities,China(Grant No.DUT12JB06)
文摘In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the pixels of the plain-text are scanned one by one. Four logistic maps are used to generate the encryption key stream and the new place in the cipher image of plain image pixels, including the row and column of the block which the pixel belongs to and the place where the pixel would be placed in the block. After encrypting each pixel, the initial conditions of logistic maps would be changed ac- cording to the encrypted pixel's value; after encrypting each row of plain image, the initial condition would also be changed by the skew tent map. At last, it is illustrated that this algorithm has a faster speed, big key space, and better properties in withstanding differential attacks, statistical analysis, known plaintext, and chosen plaintext attacks.
基金the National Natural Science Foundation of China (No. 61272434)the Natural Science Foundation of Shandong Province (Nos. ZR2011FQ032 and ZR2012FM004)+1 种基金the Project of Shandong Province Higher Educational Science and Technology Program(No. J11LG33)the Project of Senior Visiting Scholar of Shandong Province
文摘We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same key length of 80 bits. On the basis of the bit-oriented faulty model and the differential analysis principle, we describe the attack that combines differential fault attack with the meet-in-the-middle (MITM) attack on the KATAN32. More precisely, inducing a fault at a bit, we can recover some linear differential fault equations on the key bits. During solving equations, without the help of computer, we need only algebraic deduction to obtain relations of some key bits. The complexity in this process is neglectable. The secret key of the full cipher can be recovered faster than exhaustive search for all three block sizes in the KATAN family. Our result describes that KATAN32 is vulnerable.
基金Supported by the National Natural Science Foundation ofChina (60772082,61173191,and 61272491)
文摘This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the fault location and the fault-propagation path.It shows that FPP-DFA is very effective on SPN structure block ciphers using bitwise permutation,which is applied to two block ciphers.The first is PRESENT with the substitution permutation sequence.With the fault model of injecting one nibble fault into the r-2nd round,on average 8 and 16 faults can reduce the key search space of PRESENT-80/128 to 214.7 and 221.1,respectively.The second is PRINTcipher with the permutation substitution sequence.For the first time,it shows that although the permutation of PRINTcipher is secret key dependent,FPP-DFA still works well on it.With the fault model of injecting one nibble fault into the r-2nd round,12 and 24 effective faults can reduce the key search space of PRINTcipher-48/96 to 213.7 and 222.8,respectively.
