The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to secur...The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.展开更多
Due to the rapid advancements in network technology,blockchain is being employed for distributed data storage.In the Internet of Things(IoT)scenario,different participants manage multiple blockchains located in differ...Due to the rapid advancements in network technology,blockchain is being employed for distributed data storage.In the Internet of Things(IoT)scenario,different participants manage multiple blockchains located in different trust domains,which has resulted in the extensive development of cross-domain authentication techniques.However,the emergence of many attackers equipped with quantum computers has the potential to launch quantum computing attacks against cross-domain authentication schemes based on traditional cryptography,posing a significant security threat.In response to the aforementioned challenges,our paper demonstrates a post-quantum cross-domain identity authentication scheme to negotiate the session key used in the cross-chain asset exchange process.Firstly,our paper designs the hiding and recovery process of user identity index based on lattice cryptography and introduces the identity-based signature from lattice to construct a post-quantum cross-domain authentication scheme.Secondly,our paper utilizes the hashed time-locked contract to achieves the cross-chain asset exchange of blockchain nodes in different trust domains.Furthermore,the security analysis reduces the security of the identity index and signature to Learning With Errors(LWE)and Short Integer Solution(SIS)assumption,respectively,indicating that our scheme has post-quantum security.Last but not least,through comparison analysis,we display that our scheme is efficient compared with the cross-domain authentication scheme based on traditional cryptography.展开更多
The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the br...The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.展开更多
With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA)....With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.展开更多
Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations ...Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.展开更多
Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in ...Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in quantum computing technology,the security of conventional key-based SSL/TLS protocols faces vulnerabilities.In this paper,we propose a scheme by integrating the quantum key into the SSL/TLS framework.Furthermore,the application of post-quantum algorithms is used to enhance and complement the existing encryption suites.Experimental results show that the proposed SSL/TLS communication system based on quantum keys exhibits high performance in latency and throughput.Moreover,the proposed system showcases good resilience against quantum attacks.展开更多
Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such a...Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such attacks,and therefore has been receiving a significant amount of attention in recent years.Lattice-based cryptography,built on the mathematical hard problems in(high-dimensional)lattice theory,is a promising post-quantum cryptography family due to its excellent efficiency,moderate size and strong security.This survey aims to give a general overview on lattice-based cryptography.To this end,the authors begin with the introduction of the underlying mathematical lattice problems.Then they introduce the fundamental cryptanalytic algorithms and the design theory of lattice-based cryptography.展开更多
With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested fo...With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested for various uses because of their remarkable ability to offer decentralization,high autonomy,full process traceability,and tamper resistance.Blockchain enables the exchange of information and value in an untrusted environment.There has been a significant increase in attention to the confidentiality and privacy preservation of blockchain technology.Ensuring data privacy is a critical concern in cryptography,and one of the most important protocols used to achieve this is the secret-sharing method.By dividing the secret into shares and distributing them among multiple parties,no one can access the secret without the cooperation of the other parties.However,Attackers with quantum computers in the future can execute Grover’s and Shor’s algorithms on quantum computers that can break or reduce the currently widely used cryptosystems.Furthermore,centralized management of keys increases the risk of key leakage.This paper proposed a post-quantum threshold algo-rithm to reduce the risk of data privacy leakage in blockchain Systems.This algorithm uses distributed key management technology to reduce the risk of individual node private key leakage and provide post-quantum security.The proposed privacy-preserving cryptographic algorithm provides a post-quantum threshold architecture for managing data,which involves defining users and interaction processes within the system.This paper applies a linear secret-sharing solution to partition the private key of the Number Theory Research Unit(NTRU)algorithm into n parts.It constructs a t–n threshold that allows recovery of the plaintext only when more than t nodes participate in decryption.The characteristic of a threshold makes the scheme resistant to collusion attacks from members whose combined credibility is less than the threshold.This mitigates the risk of single-point private key leakage.During the threshold decryption process,the private key information of the nodes will not be leaked.In addition,the fact that the threshold algorithm is founded on the NTRU lattice enables it to withstand quantum attacks,thus enhancing its security.According to the analysis,the proposed scheme provides superior protection compared to currently availablemethods.This paper provides postquantum security solutions for data security protection of blockchain,which will enrich the use of blockchain in scenarios with strict requirements for data privacy protection.展开更多
The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing s...The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing services that rely on an IoT infrastructure. Thus, ensuring the security of devices during operation and information exchange becomes a fundamental requirement inherent in providing safe and reliable IoT services. NIST requires hardware implementations that are protected against SCAs for the lightweight cryptography standardization process. These attacks are powerful and non-invasive and rely on observing the physical properties of IoT hardware devices to obtain secret information. In this paper, we present a survey of research on hardware security for the IoT. In addition, the challenges of IoT in the quantum era with the first results of the NIST standardization process for post-quantum cryptography are discussed.展开更多
This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are dis...This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are discussed, along with quantum vulnerabilities in public key infrastructure and symmetric cryptographic algorithms. Other relevant non-encryption-specific areas within cybersecurity are similarly raised. The evolution and expansion of cyberwarfare as well as new developments in cyber defense beyond post-quantum cryptography and quantum key distribution are subsequently explored, with an emphasis on public and private sector awareness and vigilance in maintaining strong security posture.展开更多
Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In C...Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In CL- PKC, the key generation center (KGC) does not know the private keys of all users, and their public keys need not be cer- tificated by certification authority (CA). At present, however, most certificateless encryption schemes are based on large in- teger factorization and discrete logarithms that are not secure in a quantum environment and the computation complexity is high. To solve these problems, we propose a new certificate- less encryption scheme based on lattices, more precisely, us- ing the hardness of the learning with errors (LWE) problem. Compared with schemes based on large integer factoriza- tion and discrete logarithms, the most operations are matrix- vector multiplication and inner products in our scheme, our approach has lower computation complexity. Our scheme can be proven to be indistinguishability chosen ciphertext attacks (IND-CPA) secure in the random oracle model.展开更多
In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Inf...In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.展开更多
This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete l...This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete logarithm based systems, the security of the construction relies on worst-case lattice problem, namely, under the small integer solution (SIS) assumption. Generally speaking, SAS schemes enable any group of signers ordered in a chain to sequentially combine their signatures such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Unlike prior such proposals, the new scheme does not require a signer to retrieve the keys of other signers and verify the aggregate-so-far before adding its own signature, and the signer can add its own signature to an unverified aggregate and forward it along immediately, postponing verification until load permits or the necessary public keys are obtained. Indeed, the new scheme does not even require a signer to know the public keys of other signers.展开更多
Because of the concise functionality of oblivious transfer (OT) protocols, they have been widely used as building blocks in secure multiparty computation and high-level protocols. The security of OT protocols built ...Because of the concise functionality of oblivious transfer (OT) protocols, they have been widely used as building blocks in secure multiparty computation and high-level protocols. The security of OT protocols built upon classical number theoretic problems, such as the discrete logarithm and factoring, however, is threatened as a result of the huge progress in quantum computing. Therefore, post-quantum cryptography is needed for protocols based on classical problems, and several proposals for post-quantum OT protocols exist. However, most post-quantum cryptosystems present their security proof only in the context of classical adversaries, not in the quantum setting. In this paper, we close this gap and prove the security of the lattice-based OT protocol proposed by Peikert et al. (CRYPTO, 2008), which is universally composably secure under the assumption of learning with errors hardness, in the quantum setting. We apply three general quantum security analysis frameworks. First, we apply the quantum lifting theorem proposed by Unruh (EUROCRYPT, 2010) to prove that the security of the lattice-based OT protocol can be lifted into the quantum world. Then, we apply two more security analysis frameworks specified for post-quantum cryptographic primitives, i.e., simple hybrid arguments (CRYPTO, 2011) and game-preserving reduction (PQCrypto, 2014).展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Lattice-based hierarchical identity-based broadcast encryption(H-IBBE)schemes have broad application prospects in the quantum era,because it reduces the burden of private key generator(PKG)and is suitable for one-to-m...Lattice-based hierarchical identity-based broadcast encryption(H-IBBE)schemes have broad application prospects in the quantum era,because it reduces the burden of private key generator(PKG)and is suitable for one-to-many communication.However,previous lattice-based H-IBBE schemes are mostly constructed in the random oracle model with more complex trapdoor delegation process and have lower practical application.A lattice-based H-IBBE is proposed in the fixed dimension under the standard model,which mainly consists of binary tree encryption(BTE)system,MP12 trapdoor function and ABB10b trapdoor delegation algorithm.First,this paper uses BTE system to eliminate the random oracle so that the scheme can be implemented under the standard model,and it also uses MP12 trapdoor function to reduce trapdoor generation complexity and obtains a safe and efficient trapdoor matrix;Second,this paper uses ABB10b trapdoor delegation algorithm to delegate user爷s private key,and the trapdoor matrices'dimensions are the same before and after the trapdoor delegation.Comparative analysis shows that trapdoor delegation process reduces complexity,and the size of cipher-text and trapdoor matrix does not increase with deeper trapdoor delegation process.This paper achieves indistinguishability of cipher-texts under a selective chosen-cipher-text and chosen-identity attack(INDr-sID-CCA)security in the standard model based on learning with errors(LWE)hard assumption.展开更多
Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Insp...Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.展开更多
This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential...This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively,and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures.Because of the aggregation of many signatures into a single short signature,AS and SAS schemes can reduce bandwidth and save storage;moreover,when a SAS is verified,not only the valid but also the order in which each signer signed can be verified.AS and SAS schemes can be applied to traffic control,banking transaction and military applications.Most of the existing AS and SAS schemes are based either on pairing or Rivest-Shamir-Adleman(RSA),and hence,can be broken by Shor’s quantum algorithm for Integer Factoring Problem(IFP)and Discrete Logarithm Problem(DLP).There are no quantum algorithms to solve syndrome decoding problems.Hence,code-based cryptography is seen as one of the promising candidates for post-quantum cryptography.This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory.Specifically,we construct our scheme with the first code based signature scheme proposed by Courtois,Finiasz and Sendrier(CFS).Compared to the CFS signature scheme without aggregation,the proposed sequential aggregate signature scheme can save about 90%storage when the number of signers is asymptotically large.展开更多
McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternativ...McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternative codes have been adopted to replace Goppa codes.In this paper,we propose a ring signature using low-density generator-matrix codes.Our new scheme satisfies anonymity and existential unforgeability under chosen message attacks(EUFCMA).As for efficiency,the number of decoding operations has been reduced largely compared with ZLC ring signature,and the size of the public key is about 0.2%of the ZLC展开更多
This work is the first to determine that a real quantum computer(including generalized and specialized)can decipher million-scale RSA relying solely on quantum algorithms,showing the real attack potential of D-Wave ma...This work is the first to determine that a real quantum computer(including generalized and specialized)can decipher million-scale RSA relying solely on quantum algorithms,showing the real attack potential of D-Wave machines.The influence of different column widths on RSA factorization results is studied on the basis of a multiplication table,and the optimal column method is determined by traversal experiments.The traversal experiment of integer factorization within 10000 shows that the local field and coupling coefficients are 75%–93%lower than the research of Shanghai University in 2020 and more than 85%lower than that of Purdue University in 2018.Extremely low Ising model parameters are crucial to reducing the hardware requirements,prompting factoring 1245407 on the D-Wave 2000Q real machine.D-Wave advantage already has more than 5000 qubits and will be expanded to 7000 qubits during 2023–2024,with remarkable improvements in decoherence and topology.This machine is expected to promote the solution of large-scale combinatorial optimization problems.One of the contributions of this paper is the discussion of the long-term impact of D-Wave on the development of post-quantum cryptography standards.展开更多
文摘The Internet of Things(IoT)has taken the interconnected world by storm.Due to their immense applicability,IoT devices are being scaled at exponential proportions worldwide.But,very little focus has been given to securing such devices.As these devices are constrained in numerous aspects,it leaves network designers and administrators with no choice but to deploy them with minimal or no security at all.We have seen distributed denial-ofservice attacks being raised using such devices during the infamous Mirai botnet attack in 2016.Therefore we propose a lightweight authentication protocol to provide proper access to such devices.We have considered several aspects while designing our authentication protocol,such as scalability,movement,user registration,device registration,etc.To define the architecture we used a three-layered model consisting of cloud,fog,and edge devices.We have also proposed several pre-existing cipher suites based on post-quantum cryptography for evaluation and usage.We also provide a fail-safe mechanism for a situation where an authenticating server might fail,and the deployed IoT devices can self-organize to keep providing services with no human intervention.We find that our protocol works the fastest when using ring learning with errors.We prove the safety of our authentication protocol using the automated validation of Internet security protocols and applications tool.In conclusion,we propose a safe,hybrid,and fast authentication protocol for authenticating IoT devices in a fog computing environment.
基金This work was supported by the Defense Industrial Technology Development Program(Grant No.JCKY2021208B036).
文摘Due to the rapid advancements in network technology,blockchain is being employed for distributed data storage.In the Internet of Things(IoT)scenario,different participants manage multiple blockchains located in different trust domains,which has resulted in the extensive development of cross-domain authentication techniques.However,the emergence of many attackers equipped with quantum computers has the potential to launch quantum computing attacks against cross-domain authentication schemes based on traditional cryptography,posing a significant security threat.In response to the aforementioned challenges,our paper demonstrates a post-quantum cross-domain identity authentication scheme to negotiate the session key used in the cross-chain asset exchange process.Firstly,our paper designs the hiding and recovery process of user identity index based on lattice cryptography and introduces the identity-based signature from lattice to construct a post-quantum cross-domain authentication scheme.Secondly,our paper utilizes the hashed time-locked contract to achieves the cross-chain asset exchange of blockchain nodes in different trust domains.Furthermore,the security analysis reduces the security of the identity index and signature to Learning With Errors(LWE)and Short Integer Solution(SIS)assumption,respectively,indicating that our scheme has post-quantum security.Last but not least,through comparison analysis,we display that our scheme is efficient compared with the cross-domain authentication scheme based on traditional cryptography.
文摘The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.
文摘With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.
文摘Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.
基金supported by ZTE IndustryUniversityInstitute Cooperation Funds under Grant No.HCCN20221029003.
文摘Secure Sockets Layer(SSL)and Transport Layer Security(TLS)protocols facilitates a secure framework for identity authentication,data encryption,and message integrity verification.However,with the recent development in quantum computing technology,the security of conventional key-based SSL/TLS protocols faces vulnerabilities.In this paper,we propose a scheme by integrating the quantum key into the SSL/TLS framework.Furthermore,the application of post-quantum algorithms is used to enhance and complement the existing encryption suites.Experimental results show that the proposed SSL/TLS communication system based on quantum keys exhibits high performance in latency and throughput.Moreover,the proposed system showcases good resilience against quantum attacks.
基金supported by the National Key Research and Development Program of China(No.2018YFA0704701)the National Natural Science Foundation of China(Nos.12271306,62102216,12226006)+2 种基金the Major Program of Guangdong Basic and Applied Research(No.2019B030302008)the Major Scientific and Technological Innovation Project of Shandong Province(No.2019JZZY010133)Shandong Key Research and Development Program(No.2020ZLYS09)。
文摘Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such attacks,and therefore has been receiving a significant amount of attention in recent years.Lattice-based cryptography,built on the mathematical hard problems in(high-dimensional)lattice theory,is a promising post-quantum cryptography family due to its excellent efficiency,moderate size and strong security.This survey aims to give a general overview on lattice-based cryptography.To this end,the authors begin with the introduction of the underlying mathematical lattice problems.Then they introduce the fundamental cryptanalytic algorithms and the design theory of lattice-based cryptography.
基金supported by the National Key R&D Program of China(2022YFB2703400).
文摘With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested for various uses because of their remarkable ability to offer decentralization,high autonomy,full process traceability,and tamper resistance.Blockchain enables the exchange of information and value in an untrusted environment.There has been a significant increase in attention to the confidentiality and privacy preservation of blockchain technology.Ensuring data privacy is a critical concern in cryptography,and one of the most important protocols used to achieve this is the secret-sharing method.By dividing the secret into shares and distributing them among multiple parties,no one can access the secret without the cooperation of the other parties.However,Attackers with quantum computers in the future can execute Grover’s and Shor’s algorithms on quantum computers that can break or reduce the currently widely used cryptosystems.Furthermore,centralized management of keys increases the risk of key leakage.This paper proposed a post-quantum threshold algo-rithm to reduce the risk of data privacy leakage in blockchain Systems.This algorithm uses distributed key management technology to reduce the risk of individual node private key leakage and provide post-quantum security.The proposed privacy-preserving cryptographic algorithm provides a post-quantum threshold architecture for managing data,which involves defining users and interaction processes within the system.This paper applies a linear secret-sharing solution to partition the private key of the Number Theory Research Unit(NTRU)algorithm into n parts.It constructs a t–n threshold that allows recovery of the plaintext only when more than t nodes participate in decryption.The characteristic of a threshold makes the scheme resistant to collusion attacks from members whose combined credibility is less than the threshold.This mitigates the risk of single-point private key leakage.During the threshold decryption process,the private key information of the nodes will not be leaked.In addition,the fact that the threshold algorithm is founded on the NTRU lattice enables it to withstand quantum attacks,thus enhancing its security.According to the analysis,the proposed scheme provides superior protection compared to currently availablemethods.This paper provides postquantum security solutions for data security protection of blockchain,which will enrich the use of blockchain in scenarios with strict requirements for data privacy protection.
文摘The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing services that rely on an IoT infrastructure. Thus, ensuring the security of devices during operation and information exchange becomes a fundamental requirement inherent in providing safe and reliable IoT services. NIST requires hardware implementations that are protected against SCAs for the lightweight cryptography standardization process. These attacks are powerful and non-invasive and rely on observing the physical properties of IoT hardware devices to obtain secret information. In this paper, we present a survey of research on hardware security for the IoT. In addition, the challenges of IoT in the quantum era with the first results of the NIST standardization process for post-quantum cryptography are discussed.
文摘This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are discussed, along with quantum vulnerabilities in public key infrastructure and symmetric cryptographic algorithms. Other relevant non-encryption-specific areas within cybersecurity are similarly raised. The evolution and expansion of cyberwarfare as well as new developments in cyber defense beyond post-quantum cryptography and quantum key distribution are subsequently explored, with an emphasis on public and private sector awareness and vigilance in maintaining strong security posture.
基金This work was supported by the National Natural Science Foundations of China (Grant Nos. 61173151, 61173152 and 61100229) and Huawei Technologies Co., Ltd., (YBCB2011116).
文摘Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In CL- PKC, the key generation center (KGC) does not know the private keys of all users, and their public keys need not be cer- tificated by certification authority (CA). At present, however, most certificateless encryption schemes are based on large in- teger factorization and discrete logarithms that are not secure in a quantum environment and the computation complexity is high. To solve these problems, we propose a new certificate- less encryption scheme based on lattices, more precisely, us- ing the hardness of the learning with errors (LWE) problem. Compared with schemes based on large integer factoriza- tion and discrete logarithms, the most operations are matrix- vector multiplication and inner products in our scheme, our approach has lower computation complexity. Our scheme can be proven to be indistinguishability chosen ciphertext attacks (IND-CPA) secure in the random oracle model.
基金This work was supported by the National Natural Science Foundation of China (Grant Nos. 61272057, 61202434, 61170270, 61100203, 61003286, 61121061), the Fundamental Research Funds for the Central Universities (2012RC0612, 2011YB01), Langfang Teachers University Youth Fund (LSZQ200804), Hebei Education Funds for Youth Project (Q2012020, QN20131077).
文摘In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.
基金supported by the National Natural Science Foundations of China (61173151, 61472309)
文摘This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete logarithm based systems, the security of the construction relies on worst-case lattice problem, namely, under the small integer solution (SIS) assumption. Generally speaking, SAS schemes enable any group of signers ordered in a chain to sequentially combine their signatures such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Unlike prior such proposals, the new scheme does not require a signer to retrieve the keys of other signers and verify the aggregate-so-far before adding its own signature, and the signer can add its own signature to an unverified aggregate and forward it along immediately, postponing verification until load permits or the necessary public keys are obtained. Indeed, the new scheme does not even require a signer to know the public keys of other signers.
基金Project supported by the National Key R&D Program of China(No.2017YFB0802000)the National Natural Science Foundation of China(Nos.61672412,61472309,and 61572390)the China Scholarship Council(No.201406960041)
文摘Because of the concise functionality of oblivious transfer (OT) protocols, they have been widely used as building blocks in secure multiparty computation and high-level protocols. The security of OT protocols built upon classical number theoretic problems, such as the discrete logarithm and factoring, however, is threatened as a result of the huge progress in quantum computing. Therefore, post-quantum cryptography is needed for protocols based on classical problems, and several proposals for post-quantum OT protocols exist. However, most post-quantum cryptosystems present their security proof only in the context of classical adversaries, not in the quantum setting. In this paper, we close this gap and prove the security of the lattice-based OT protocol proposed by Peikert et al. (CRYPTO, 2008), which is universally composably secure under the assumption of learning with errors hardness, in the quantum setting. We apply three general quantum security analysis frameworks. First, we apply the quantum lifting theorem proposed by Unruh (EUROCRYPT, 2010) to prove that the security of the lattice-based OT protocol can be lifted into the quantum world. Then, we apply two more security analysis frameworks specified for post-quantum cryptographic primitives, i.e., simple hybrid arguments (CRYPTO, 2011) and game-preserving reduction (PQCrypto, 2014).
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金supported by the National Natural Science Foundation of China (61300216)the ‘13th Five-Year’ National Crypto Development Foundation (MMJJ20170122)+2 种基金the Project of Education Department of Henan Province (16A520013,18A413001)the Natural Science Foundation of Henan Polytechnic University (T2018-1)the Doctoral Fund of Henan Polytechnic University (B2014-044,B2016-36)
文摘Lattice-based hierarchical identity-based broadcast encryption(H-IBBE)schemes have broad application prospects in the quantum era,because it reduces the burden of private key generator(PKG)and is suitable for one-to-many communication.However,previous lattice-based H-IBBE schemes are mostly constructed in the random oracle model with more complex trapdoor delegation process and have lower practical application.A lattice-based H-IBBE is proposed in the fixed dimension under the standard model,which mainly consists of binary tree encryption(BTE)system,MP12 trapdoor function and ABB10b trapdoor delegation algorithm.First,this paper uses BTE system to eliminate the random oracle so that the scheme can be implemented under the standard model,and it also uses MP12 trapdoor function to reduce trapdoor generation complexity and obtains a safe and efficient trapdoor matrix;Second,this paper uses ABB10b trapdoor delegation algorithm to delegate user爷s private key,and the trapdoor matrices'dimensions are the same before and after the trapdoor delegation.Comparative analysis shows that trapdoor delegation process reduces complexity,and the size of cipher-text and trapdoor matrix does not increase with deeper trapdoor delegation process.This paper achieves indistinguishability of cipher-texts under a selective chosen-cipher-text and chosen-identity attack(INDr-sID-CCA)security in the standard model based on learning with errors(LWE)hard assumption.
基金supported by the National Natural Science Foundation of China(61802117)Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province(20IRTSTHN013)the Youth Backbone Teacher Support Program of Henan Polytechnic University under Grant(2018XQG-10).
文摘Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.
基金This work was supported in part by the National Natural Science Foundation of China under Grant 62072240by the Natural Science Foundation of Jiangsu Province under Grant BK20210330by the National Key Research and Development Program of China under Grant 2020YFB1804604.
文摘This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively,and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures.Because of the aggregation of many signatures into a single short signature,AS and SAS schemes can reduce bandwidth and save storage;moreover,when a SAS is verified,not only the valid but also the order in which each signer signed can be verified.AS and SAS schemes can be applied to traffic control,banking transaction and military applications.Most of the existing AS and SAS schemes are based either on pairing or Rivest-Shamir-Adleman(RSA),and hence,can be broken by Shor’s quantum algorithm for Integer Factoring Problem(IFP)and Discrete Logarithm Problem(DLP).There are no quantum algorithms to solve syndrome decoding problems.Hence,code-based cryptography is seen as one of the promising candidates for post-quantum cryptography.This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory.Specifically,we construct our scheme with the first code based signature scheme proposed by Courtois,Finiasz and Sendrier(CFS).Compared to the CFS signature scheme without aggregation,the proposed sequential aggregate signature scheme can save about 90%storage when the number of signers is asymptotically large.
文摘McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternative codes have been adopted to replace Goppa codes.In this paper,we propose a ring signature using low-density generator-matrix codes.Our new scheme satisfies anonymity and existential unforgeability under chosen message attacks(EUFCMA).As for efficiency,the number of decoding operations has been reduced largely compared with ZLC ring signature,and the size of the public key is about 0.2%of the ZLC
基金supported by the Special Zone Project of National Defense Innovation.
文摘This work is the first to determine that a real quantum computer(including generalized and specialized)can decipher million-scale RSA relying solely on quantum algorithms,showing the real attack potential of D-Wave machines.The influence of different column widths on RSA factorization results is studied on the basis of a multiplication table,and the optimal column method is determined by traversal experiments.The traversal experiment of integer factorization within 10000 shows that the local field and coupling coefficients are 75%–93%lower than the research of Shanghai University in 2020 and more than 85%lower than that of Purdue University in 2018.Extremely low Ising model parameters are crucial to reducing the hardware requirements,prompting factoring 1245407 on the D-Wave 2000Q real machine.D-Wave advantage already has more than 5000 qubits and will be expanded to 7000 qubits during 2023–2024,with remarkable improvements in decoherence and topology.This machine is expected to promote the solution of large-scale combinatorial optimization problems.One of the contributions of this paper is the discussion of the long-term impact of D-Wave on the development of post-quantum cryptography standards.