Search Results (378)

Substitution boxes (S-Boxes) function as essential nonlinear elements in contemporary cryptographic systems, offering robust protection against cryptanalytic attacks. This study presents a novel technique for generating compact 8-bit S-Boxes based on multiplication in the Galois Field $GF\left(2^4\right)$. The goal of this method is to create S-Boxes with low hardware implementation cost while ensuring cryptographic properties. Experimental results indicate that the suggested S-Boxes achieve a nonlinearity value of 112, matching the AES S-Box. They also maintain other cryptographic properties, such as the Bit Independence Criterion (BIC), the Strict Avalanche Criterion (SAC), Differential Approximation Probability, and Linear Approximation Probability, within acceptable security thresholds. Notably, compared to existing studies, the proposed S-Box architecture demonstrates enhanced hardware efficiency, significantly reducing resource utilization in implementations. Specifically, the implementation cost of the S-Box consists of 31 XOR gates, 32 two-input AND gates, 6 two-input OR gates, and 2 MUX21s. Moreover, this work provides a thorough assessment of the S-Box, covering cryptographic properties, side channel attacks, and implementation aspects. Furthermore, the study estimates the quantum resource requirements for implementing the S-Box, including an analysis of CNOT, Toffoli, and NOT gate counts. Full article

Popular technologies such as blockchain and zero-knowledge proof, which have already entered the enterprise space, heavily use cryptography as the core of their protocol stack. One of the most used systems in this regard is Elliptic Curve Cryptography, precisely the point multiplication operation, which provides the security assumption for all applications that use this system. As this operation is computationally intensive, one solution is to offload it to specialized accelerators to provide better throughput and increased efficiency. In this paper, we explore the use of Field Programmable Gate Arrays (FPGAs) and the High-Level Synthesis framework of AMD Vitis in designing an elliptic curve point arithmetic unit (point adder) for the secp256k1 curve. We show how task-level parallel programming and data streaming are used in designing a RISC processor-like architecture to provide pipeline parallelism and increase the throughput of the point adder unit. We also show how to efficiently use the proposed processor architecture by designing a point multiplication scheduler capable of scheduling multiple batches of elliptic curve points to utilize the point adder unit efficiently. Finally, we evaluate our design on an AMD-Xilinx Alveo-family FPGA and show that our point arithmetic processor has better throughput and frequency than related work. Full article

CRYSTALS-Kyber has been standardized as a general public-key post-quantum algorithm under the name of ML-KEM after NIST released its first three final post-quantum standards in August 2024. The resilience of post-quantum cryptography to side-channel attacks has been an important research endeavor, and there have been many attacks designed, including basic Correlation Power Analysis. This paper adapts existing Correlation Power Analysis attacks to the most recent ARM Cortex M4 optimized implementation that uses Plantard arithmetic. It also demonstrates an improved version of a CPA that results in a 50% speedup compared to the original attack. Data are gathered and the mathematical model is tested using a ChipWhisperer-Lite board. Full article

Authenticated encryption with associated data (AEAD) schemes based on stream ciphers, such as ASCON and MORUS, typically use nonlinear feedback shift registers (NFSRs) and linear feedback shift registers (LFSRs) to generate variable-length key streams. While these methods ensure message confidentiality and authenticity, they present challenges in security analysis, especially when automated evaluation is involved. In this paper, we present MLOL, a novel AEAD algorithm based on the LOL framework. MLOL combines authenticated encryption with optimizations to the LFSR structure to enhance both security and efficiency. The cost evaluation demonstrates that on specialized CPU platforms without SIMD instruction set support, MLOL achieves better performance in authenticated encryption speed compared to LOL-MINI with GHASH. Our security analysis confirms that MLOL provides 256-bit security against current cryptanalytic techniques. Experimental results demonstrate that MLOL not only inherits the excellent performance of LOL but also reduces the time complexity of the authenticated encryption process, providing more reliable security guarantees. It significantly simplifies security evaluation, making it suitable for automated analysis tools, and offers a feasible new approach for AEAD algorithm design. Full article

With the rise in applications of artificial intelligence (AI) across various sectors, security concerns have become paramount. Traditional AI systems often lack robust security measures, making them vulnerable to adversarial attacks, data breaches, and privacy violations. Cryptography has emerged as a crucial component in enhancing AI security by ensuring data confidentiality, authentication, and integrity. This paper presents a comprehensive bibliometric review to understand the intersection between cryptography, AI, and security. A total of 495 journal articles and reviews were identified using Scopus as the primary database. The results indicate a sharp increase in research interest between 2020 and January 2025, with a significant rise in publications in 2023 and 2024. The key application areas include computer science, engineering, and materials science. Key cryptographic techniques such as homomorphic encryption, secure multiparty computation, and quantum cryptography have gained prominence in AI security. Blockchain has also emerged as an essential technology for securing AI-driven applications, particularly in data integrity and secure transactions. This paper highlights the crucial role of cryptography in safeguarding AI systems and provides future research directions to strengthen AI security through advanced cryptographic solutions. Full article

The formal study of computer malware was initiated in the seminal work of Fred Cohen in the mid-80s, who applied elements of Computation Theory in the investigation of the theoretical limits of using the Turing Machine formal model of computation in detecting viruses. Cohen gave a simple but realistic formal definition of the characteristic actions of a computer virus as a Turing Machine that replicates itself and proved that detecting this behaviour, in general, is an undecidable problem. In this paper, we complement Cohen’s approach by providing a simple generalization of his definition of a computer virus so as to model any type of malware behaviour and showing that the malware/non-malware classification problem is, again, undecidable. Most importantly, beyond Cohen’s work, our work provides a generic theoretical framework for studying anti-malware applications and identifying, at an early stage, before their deployment, several of their inherent vulnerabilities which may lead to the construction of zero-day exploits and malware strains with stealth properties. To this end, we show that for any given formal system, which can be seen as an anti-malware formal model, there are infinitely many, effectively constructible programs for which no proof can be produced by the formal system that they are either malware or non-malware programs. Moreover, infinitely many of these programs are, indeed, malware programs which evade the detection powers of the given formal system. Full article

Field-programmable gate arrays (FPGAs) are widely used in cloud servers as an acceleration solution for compute-intensive tasks. Cloud FPGAs are typically multi-tenant, enabling resource sharing among multiple users but are vulnerable to power side-channel analysis (SCA) attacks due to their programmability and runtime dynamic reconfigurability. It is well-known that the clock frequencies of the circuits on multi-tenant FPGAs affect power consumption, but their impact on remote correlation power analysis (CPA) attacks has largely been ignored in the literature. This work systematically evaluates how clock frequency variations influence the effectiveness of remote CPA attacks on multi-tenant FPGAs. We develop a theoretical model to quantify this impact and validate our findings through the CPA attacks on processors running AES-128 and SM4 cryptographic algorithms. Our results demonstrate that the runtime clock frequency significantly affects the performance of remote CPA attacks. Our work provides valuable insights into the security implications of frequency scaling in multi-tenant FPGAs and offers guidance on selecting clock frequencies to mitigate power side-channel risks. Full article

This paper explores advancements in the Gentry-Sahai-Waters (GSW) fully homomorphic encryption scheme (FHE), addressing challenges related to message data range limitations and ciphertext size constraints. We leverage the well-known parallelizing technology—the Chinese Remainder Theorem (CRT)—to tackle the message decomposition, significantly expanding the allowable input message range to the entire plaintext space. This approach enables unrestricted message selection in the GSW scheme and supports parallel homomorphic operations without intermediate decryption. Additionally, we adapt existing ciphertext compression techniques, such as the PVW-like scheme, to reduce the memory overhead associated with ciphertexts. Our experimental results demonstrate the effectiveness of combining the proposed CRT-based decomposition with the PVW-like compression in increasing the upper bound of message values and improving the scheme’s capacity for consecutive homomorphic operations. However, compression introduces a trade-off, necessitating a reduced message range due to error accumulation in successive HE operations. This research contributes to enhancing the practicality and efficiency of the GSW encryption scheme for complex computational scenarios while managing the balance between expanded message range, computational complexity, and storage requirements. Full article

Private information retrieval (PIR) enables a client to retrieve a specific element from a server’s database without disclosing the index that was queried. This work introduces three improvements to the efficient single-server PIR protocol Spiral. We found that performing a modulus switching towards expanded ciphertexts can improve the server throughput. Secondly, we apply two techniques called the composite $\mathsf{NTT}$ algorithm and approximate decomposition to Spiral to further improve it. We conduct comprehensive experiments to evaluate the concrete performance of our protocol, and the results confirm an approximately 1.7 times faster overall throughput than Spiral. Full article

A group signature scheme allows a user to sign a message anonymously on behalf of a group and provides accountability by using an opening authority who can “open” a signature and reveal the signer’s identity. Group signature schemes have been widely used in privacy-preserving applications, including anonymous attestation and anonymous authentication. Fully dynamic group signature schemes allow new members to join the group and existing members to be revoked if needed. Symmetric-key based group signature schemes are post-quantum group signatures whose security rely on the security of symmetric-key primitives, and cryptographic hash functions. In this paper, we design a symmetric-key based fully dynamic group signature scheme, called DGMT, that redesigns DGM (Buser et al. ESORICS 2019) and removes its two important shortcomings that limit its application in practice: (i) interaction with the group manager for signature verification, and (ii) the need for storing and managing an unacceptably large amount of data by the group manager. We prove security of DGMT (unforgeability, anonymity, and traceability) and give a full implementation of the system. Compared to all known post-quantum group signature schemes with the same security level, DGMT has the shortest signature size. We also analyze DGM signature revocation approach and show that despite its conceptual novelty, it has significant hidden costs that makes it much more costly than using the traditional revocation list approach. Full article

We propose a new quantum-assisted digital signature (Q-DS) protocol based on the composite of truly random symmetric keys generated by quantum key distribution with secure standardized hash functions, which allows for high parameterization to provide different security levels. The protocol is demonstrated to be secure, it is implemented, and its performance is tested for several system configurations. A comparative evaluation of the results obtained for Q-DS is carried out with 6 pre-quantum and 12 post-quantum digital signature algorithms. The results show that the Q-DS overperforms during the signature generation and verification processes, while its performance is affected by the key generation process. However, using more efficient QKD devices, this process can be highly improved, making the Q-DS protocol comparable to the most efficient post-quantum solution, i.e., CRYSTALS-Dilithium. Full article

Chebyshev polynomials define a rather canonical chaotic cryptosystem and some strong attacks have been designed to that cryptosystem. We report the numerical experiments performed with multiple precision arithmetic using conventional software as gmp and mpfr to test the Chebyshev cryptosystem and Bergamo’s attack. As a conclusion, we point out the relevance in the cryptosystem robustness of the number of significant digits (length) of plaintexts and the number of correct digits (precision) of the arithmetical calculations. Furthermore, after the observed experimental results, we use techniques of Numerical Analysis to explain the occurrences of the observed results and to reinforce the importance of the above-mentioned parameters ℓ and m. Full article

In recent years, with the development of blockchain technology and increased awareness of personal privacy, Self-Sovereign Identity (SSI) has become a hot topic. SSI gives customers more autonomy over their personal information, allowing them to control who can access and use their personal information. This provides customers with higher levels of privacy protection, as their data are no longer controlled by centralized institutions. To address the credit assessment needs of financial institutions, this paper proposes a Customer Self-Sovereign Identity and access-control framework (CSSI) based on SSI technology. Customers can securely store assessable assets and credit data on the blockchain using this framework. These data are then linked to a digital account address. With customer authorization, financial institutions processing loan applications can comprehensively evaluate customers’ repayment capabilities and conduct risk management by accessing this credit data. CSSI assists financial institutions in optimizing complex and repetitive processes involved in customer credit assessment and loan origination through SSI and access control, thereby reducing unnecessary risks. Full article

Anonymous credential (AC) systems are privacy-preserving authentication mech-anisms that allow users to prove that they have valid credentials anonymously. These systems provide a powerful tool for several practical applications, such as anonymous pay-ment systems in e-commerce, preserving robust privacy protection for users. Most existing AC systems are constructed using traditional number-theoretic approaches, making them insecure under quantum attacks. With four decades of research in anonymous credential systems, there is a need for a comprehensive review that identifies the design structures of AC systems, organizes the research trends, and highlights unaddressed gaps for the future development of AC, especially bringing AC to post-quantum cryptography. This work is a complete study describing AC systems, as well as their architecture, components, security, and performance. Additionally, real-world implementations of various applications are identified, analyzed, and compared according to the design structure. Lastly, the challenges hindering the shift toward the quantumly secure lattice-based AC designs are discussed. Full article

Intelligent precision agriculture incorporates a number of Internet of Things (IoT) devices and drones to supervise agricultural activities and surroundings. The collected data are then forwarded to processing centers to facilitate crucial decisions. This can potentially help optimize the usage of agricultural resources and thwart disasters, enhancing productivity and profitability. To facilitate monitoring and decision, the smart devices in precision agriculture must exchange massive amounts of data across the open wireless communication channels. This inadvertently introduces a number of vulnerabilities, exposing the collected data to numerous security and privacy threats. To address these issues, massive security solutions have been introduced to secure the communication process in precision agriculture. However, most of the current security solutions either fail to offer perfect protection or are inefficient. In this paper, a scheme deploying efficient cryptographic primitives such as hashing, exclusive OR and random number generators is presented. We utilize the Burrows–Abadi–Needham (BAN) logic to demonstrate the verifiable security of the negotiated session keys. In addition, we execute an extensive semantic analysis which reveals the robustness of our scheme against a myriad of threats. Moreover, comparative performance evaluations demonstrate its computation overheads and energy consumption efficiency. Full article