The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the br...The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.展开更多
With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA)....With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.展开更多
With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested fo...With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested for various uses because of their remarkable ability to offer decentralization,high autonomy,full process traceability,and tamper resistance.Blockchain enables the exchange of information and value in an untrusted environment.There has been a significant increase in attention to the confidentiality and privacy preservation of blockchain technology.Ensuring data privacy is a critical concern in cryptography,and one of the most important protocols used to achieve this is the secret-sharing method.By dividing the secret into shares and distributing them among multiple parties,no one can access the secret without the cooperation of the other parties.However,Attackers with quantum computers in the future can execute Grover’s and Shor’s algorithms on quantum computers that can break or reduce the currently widely used cryptosystems.Furthermore,centralized management of keys increases the risk of key leakage.This paper proposed a post-quantum threshold algo-rithm to reduce the risk of data privacy leakage in blockchain Systems.This algorithm uses distributed key management technology to reduce the risk of individual node private key leakage and provide post-quantum security.The proposed privacy-preserving cryptographic algorithm provides a post-quantum threshold architecture for managing data,which involves defining users and interaction processes within the system.This paper applies a linear secret-sharing solution to partition the private key of the Number Theory Research Unit(NTRU)algorithm into n parts.It constructs a t–n threshold that allows recovery of the plaintext only when more than t nodes participate in decryption.The characteristic of a threshold makes the scheme resistant to collusion attacks from members whose combined credibility is less than the threshold.This mitigates the risk of single-point private key leakage.During the threshold decryption process,the private key information of the nodes will not be leaked.In addition,the fact that the threshold algorithm is founded on the NTRU lattice enables it to withstand quantum attacks,thus enhancing its security.According to the analysis,the proposed scheme provides superior protection compared to currently availablemethods.This paper provides postquantum security solutions for data security protection of blockchain,which will enrich the use of blockchain in scenarios with strict requirements for data privacy protection.展开更多
With the rapid development of quantum computers capable of realizing Shor’s algorithm,existing public key-based algorithms face a significant security risk.Crystals-Kyber has been selected as the only key encapsulati...With the rapid development of quantum computers capable of realizing Shor’s algorithm,existing public key-based algorithms face a significant security risk.Crystals-Kyber has been selected as the only key encapsulation mechanism(KEM)algorithm in the National Institute of Standards and Technology(NIST)Post-Quantum Cryptography(PQC)competition.In this study,we present a portable and efficient implementation of a Crystals-Kyber post-quantum KEM based on WebAssembly(Wasm),a recently released portable execution framework for high-performance web applications.Until now,most Kyber implementations have been developed with native programming languages such as C and Assembly.Although there are a few previous Kyber implementations based on JavaScript for portability,their performance is significantly lower than that of implementations based on native programming languages.Therefore,it is necessary to develop a portable and efficient Kyber implementation to secure web applications in the quantum computing era.Our Kyber software is based on JavaScript and Wasm to provide portability and efficiency while ensuring quantum security.Namely,the overall software is written in JavaScript,and the performance core parts(secure hash algorithm-3-based operations and polynomial multiplication)are written in Wasm.Furthermore,we parallelize the number theoretic transform(NTT)-based polynomial multiplication using single instruction multiple data(SIMD)functionality,which is available in Wasm.The three steps in the NTT-based polynomial multiplication have been parallelized with Wasm SIMD intrinsic functions.Our software outperforms the latest reference implementation of Kyber developed in JavaScript by×4.02(resp.×4.32 and×4.1),×3.42(resp.×3.52 and×3.44),and×3.41(resp.×3.44 and×3.38)in terms of key generation,encapsulation,and decapsulation on Google Chrome(resp.Firefox,and Microsoft Edge).As far as we know,this is the first software implementation of Kyber with Wasm technology in the web environment.展开更多
This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are dis...This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are discussed, along with quantum vulnerabilities in public key infrastructure and symmetric cryptographic algorithms. Other relevant non-encryption-specific areas within cybersecurity are similarly raised. The evolution and expansion of cyberwarfare as well as new developments in cyber defense beyond post-quantum cryptography and quantum key distribution are subsequently explored, with an emphasis on public and private sector awareness and vigilance in maintaining strong security posture.展开更多
The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing s...The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing services that rely on an IoT infrastructure. Thus, ensuring the security of devices during operation and information exchange becomes a fundamental requirement inherent in providing safe and reliable IoT services. NIST requires hardware implementations that are protected against SCAs for the lightweight cryptography standardization process. These attacks are powerful and non-invasive and rely on observing the physical properties of IoT hardware devices to obtain secret information. In this paper, we present a survey of research on hardware security for the IoT. In addition, the challenges of IoT in the quantum era with the first results of the NIST standardization process for post-quantum cryptography are discussed.展开更多
This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential...This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively,and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures.Because of the aggregation of many signatures into a single short signature,AS and SAS schemes can reduce bandwidth and save storage;moreover,when a SAS is verified,not only the valid but also the order in which each signer signed can be verified.AS and SAS schemes can be applied to traffic control,banking transaction and military applications.Most of the existing AS and SAS schemes are based either on pairing or Rivest-Shamir-Adleman(RSA),and hence,can be broken by Shor’s quantum algorithm for Integer Factoring Problem(IFP)and Discrete Logarithm Problem(DLP).There are no quantum algorithms to solve syndrome decoding problems.Hence,code-based cryptography is seen as one of the promising candidates for post-quantum cryptography.This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory.Specifically,we construct our scheme with the first code based signature scheme proposed by Courtois,Finiasz and Sendrier(CFS).Compared to the CFS signature scheme without aggregation,the proposed sequential aggregate signature scheme can save about 90%storage when the number of signers is asymptotically large.展开更多
Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such a...Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such attacks,and therefore has been receiving a significant amount of attention in recent years.Lattice-based cryptography,built on the mathematical hard problems in(high-dimensional)lattice theory,is a promising post-quantum cryptography family due to its excellent efficiency,moderate size and strong security.This survey aims to give a general overview on lattice-based cryptography.To this end,the authors begin with the introduction of the underlying mathematical lattice problems.Then they introduce the fundamental cryptanalytic algorithms and the design theory of lattice-based cryptography.展开更多
McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternativ...McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternative codes have been adopted to replace Goppa codes.In this paper,we propose a ring signature using low-density generator-matrix codes.Our new scheme satisfies anonymity and existential unforgeability under chosen message attacks(EUFCMA).As for efficiency,the number of decoding operations has been reduced largely compared with ZLC ring signature,and the size of the public key is about 0.2%of the ZLC展开更多
The Learning With Errors(LWE)problem is widely used in lattice-based cryptography,which is the most promising post-quantum cryptography direction.There are a variety of LWE-solving methods,which can be classified into...The Learning With Errors(LWE)problem is widely used in lattice-based cryptography,which is the most promising post-quantum cryptography direction.There are a variety of LWE-solving methods,which can be classified into four groups:lattice methods,algebraic methods,combinatorial methods,and exhaustive searching.The Blum–Kalai–Wasserman(BKW)algorithm is an important variety of combinatorial algorithms,which was first presented for solving the Learning Parity With Noise(LPN)problem and then extended to solve LWE.In this paper,we give an overview of BKW algorithms for solving LWE.We introduce the framework and key techniques of BKW algorithms and make comparisons between different BKW algorithms and also with lattice methods by estimating concrete security of specific LWE instances.We also briefly discuss the current problems and potential future directions of BKW algorithms.展开更多
As a candidate of the standard of post-quantum cryptography for NIST,Liu,et al.submitted a new public-key encryption scheme Compact-LWE,whose structure is similar to LWE,but with different distribution of errors.They ...As a candidate of the standard of post-quantum cryptography for NIST,Liu,et al.submitted a new public-key encryption scheme Compact-LWE,whose structure is similar to LWE,but with different distribution of errors.They thought that the special error distribution would protect Compact-LWE from known lattice-based attacks.Furthermore,they recommended a set of small parameters to improve the efficiency of Compact-LWE and claimed it can offer 192-bit security.However,in this paper,the authors show that Compact-LWE is not secure under recommended parameters by presenting two ciphertext-only attacks.First,the authors show that the message can be recovered efficiently from the ciphertext.Then the authors go further to recover an equivalent private key efficiently from the public key by exploiting the special structure of Compact-LWE.展开更多
Advances in quantum computers threaten to break public-key cryptosystems (e.g., RSA, ECC, and EIGamal), based on the hardness of factoring or taking a discrete logarithm. However, no quantum algorithms have yet been...Advances in quantum computers threaten to break public-key cryptosystems (e.g., RSA, ECC, and EIGamal), based on the hardness of factoring or taking a discrete logarithm. However, no quantum algorithms have yet been found for solving certain mathematical problems in non-commutative algebraic structures. Recently, two novel public-key encryption schemes, BKT-B cryptosystem and BKT-FO cryptosystem, based on factorization problems have been proposed at Security and Communication Networks in 2013. In this paper we show that these two schemes are vulnerable to structural attacks and linearization equations attacks, and that they only require polynomial time complexity to obtain messages from associated public keys. We conduct a detailed analysis of the two attack methods and show corresponding algorithmic descriptions and efficiency analyses. In addition, we provide some improvement suggestions for the two public-key encryption schemes.展开更多
Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In C...Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In CL- PKC, the key generation center (KGC) does not know the private keys of all users, and their public keys need not be cer- tificated by certification authority (CA). At present, however, most certificateless encryption schemes are based on large in- teger factorization and discrete logarithms that are not secure in a quantum environment and the computation complexity is high. To solve these problems, we propose a new certificate- less encryption scheme based on lattices, more precisely, us- ing the hardness of the learning with errors (LWE) problem. Compared with schemes based on large integer factoriza- tion and discrete logarithms, the most operations are matrix- vector multiplication and inner products in our scheme, our approach has lower computation complexity. Our scheme can be proven to be indistinguishability chosen ciphertext attacks (IND-CPA) secure in the random oracle model.展开更多
With the development of quantum computer, multivariate public key cryptography withstanding quantum attack has became one of the research focus. The existed signcryption schemes from discrete logarithm and bilinear pa...With the development of quantum computer, multivariate public key cryptography withstanding quantum attack has became one of the research focus. The existed signcryption schemes from discrete logarithm and bilinear paring are facing the serious threats. Based on multivariate public key cryptography, a new certificateless multi-receiver hybrid signcryption scheme has been proposed. The proposal reduced the cipher text and could handle arbitrary length messages by employing randomness reusing and hybrid encryption, as well as keeping security. In the random oracle model, the scheme's confidentiality could withstand the IND-CCA2 adversary and its unforgeability could withstand the UF-CMA adversary under the hardness of multivariat quadratic (MQ) problem and isomorphism of polynomials (IP) assumption. It has less computation overhead and higher transmission efficiency than others. It reduced 33% cipher data compared with the existed similar scheme.展开更多
Asymmetric cryptographic schemes, represe nted by RSA, have bee n show n to be in secure un der quantum computing conditions. Correspondingly, there is a need to study whether the symmetric cryptosystem can still guar...Asymmetric cryptographic schemes, represe nted by RSA, have bee n show n to be in secure un der quantum computing conditions. Correspondingly, there is a need to study whether the symmetric cryptosystem can still guarantee high security with the advent of quantum computers. In this paper, based on the basic principles of classical slide attacks and Simon's algorithm, we take LED-like lightweight block ciphers as research objects to present a security analysis under both classical and quantum attacks, fully considering the influence on the security of the ciphers of adding the round constants. By analyzing the information leakage of round constants, we can introduce the differential of the round constants to propose a classical slide attack on full-round LED-64 with a probability of 1. The analysis result shows that LED-64 is unable to resist this kind of classical slide attack, but that attack method is not applicable to LED-128. As for quantum attacks, by improving on existing quantum attack methods we dem on strate a qua ntum single-key slide attack on LED-64 and a quantum related-key attack on LED- 128, and indicators of the two attack algorithms are analyzed in detail. The attack results show that adding round consta nts does not completely improve the security of the ciphers, and quantum attacks can provide an exp on ential speed-up over the same attacks in the classical model. It further illustrates that the block cipher that is proved to be safe under classical settings is not necessarily secure under quantum conditions.展开更多
Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal ...Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal services even when certain proxy servers are paralyzed or damaged.A non-interactive identity-based TPRE(IB-TPRE)scheme over lattices is proposed which removes the public key certificates.To accomplish this scheme,Shamir’s secret sharing is employed twice,which not only effectively hides the delegator’s private key information,but also decentralizes the proxy power by splitting the re-encryption key.Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share.This property is achieved by lattice-based fully homomorphic signatures.As a result,the whole scheme is thoroughly capable of resisting quantum attacks even when they are available.The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model.Two typical application scenarios,including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography,are presented.展开更多
文摘The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm<sup>3</sup>. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.
文摘With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.
基金This work is partly financed via National Key Research and Development Program of China(2020AAA0107700)National Natural Science Foundation of China(62227805,62072398)+6 种基金SUTD-ZJU IDEA Grant for visiting professors(SUTD-ZJUVP201901)Alibaba-Zhejiang University Joint Institute of Frontier TechnologiesNational Key Laboratory of Science and Technology on Information System Security(6142111210301)State Key Laboratory of Mathematical Engineering and Advanced ComputingKey Laboratory of Cyberspace Situation Awareness of Henan Province(HNTS2022001)RISQ(http://risq.fr/)PIA ProjectBRAINE Project from European Union’s Horizon 2020/ECSEL research and innovation program(N◦876967)。
基金supported by the National Key R&D Program of China(2022YFB2703400).
文摘With the rapid increase in demand for data trustworthiness and data security,distributed data storage technology represented by blockchain has received unprecedented attention.These technologies have been suggested for various uses because of their remarkable ability to offer decentralization,high autonomy,full process traceability,and tamper resistance.Blockchain enables the exchange of information and value in an untrusted environment.There has been a significant increase in attention to the confidentiality and privacy preservation of blockchain technology.Ensuring data privacy is a critical concern in cryptography,and one of the most important protocols used to achieve this is the secret-sharing method.By dividing the secret into shares and distributing them among multiple parties,no one can access the secret without the cooperation of the other parties.However,Attackers with quantum computers in the future can execute Grover’s and Shor’s algorithms on quantum computers that can break or reduce the currently widely used cryptosystems.Furthermore,centralized management of keys increases the risk of key leakage.This paper proposed a post-quantum threshold algo-rithm to reduce the risk of data privacy leakage in blockchain Systems.This algorithm uses distributed key management technology to reduce the risk of individual node private key leakage and provide post-quantum security.The proposed privacy-preserving cryptographic algorithm provides a post-quantum threshold architecture for managing data,which involves defining users and interaction processes within the system.This paper applies a linear secret-sharing solution to partition the private key of the Number Theory Research Unit(NTRU)algorithm into n parts.It constructs a t–n threshold that allows recovery of the plaintext only when more than t nodes participate in decryption.The characteristic of a threshold makes the scheme resistant to collusion attacks from members whose combined credibility is less than the threshold.This mitigates the risk of single-point private key leakage.During the threshold decryption process,the private key information of the nodes will not be leaked.In addition,the fact that the threshold algorithm is founded on the NTRU lattice enables it to withstand quantum attacks,thus enhancing its security.According to the analysis,the proposed scheme provides superior protection compared to currently availablemethods.This paper provides postquantum security solutions for data security protection of blockchain,which will enrich the use of blockchain in scenarios with strict requirements for data privacy protection.
基金This work was supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2022-0-01019,Development of eSIM security platform technology for edge devices to expand the eSIM ecosystem)This was partly supported by the MSIT(Ministry of Science and ICT)Korea,under the ITRC(Information Technology Research Center)support program(IITP-2022-RS-2022-00164800)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation).
文摘With the rapid development of quantum computers capable of realizing Shor’s algorithm,existing public key-based algorithms face a significant security risk.Crystals-Kyber has been selected as the only key encapsulation mechanism(KEM)algorithm in the National Institute of Standards and Technology(NIST)Post-Quantum Cryptography(PQC)competition.In this study,we present a portable and efficient implementation of a Crystals-Kyber post-quantum KEM based on WebAssembly(Wasm),a recently released portable execution framework for high-performance web applications.Until now,most Kyber implementations have been developed with native programming languages such as C and Assembly.Although there are a few previous Kyber implementations based on JavaScript for portability,their performance is significantly lower than that of implementations based on native programming languages.Therefore,it is necessary to develop a portable and efficient Kyber implementation to secure web applications in the quantum computing era.Our Kyber software is based on JavaScript and Wasm to provide portability and efficiency while ensuring quantum security.Namely,the overall software is written in JavaScript,and the performance core parts(secure hash algorithm-3-based operations and polynomial multiplication)are written in Wasm.Furthermore,we parallelize the number theoretic transform(NTT)-based polynomial multiplication using single instruction multiple data(SIMD)functionality,which is available in Wasm.The three steps in the NTT-based polynomial multiplication have been parallelized with Wasm SIMD intrinsic functions.Our software outperforms the latest reference implementation of Kyber developed in JavaScript by×4.02(resp.×4.32 and×4.1),×3.42(resp.×3.52 and×3.44),and×3.41(resp.×3.44 and×3.38)in terms of key generation,encapsulation,and decapsulation on Google Chrome(resp.Firefox,and Microsoft Edge).As far as we know,this is the first software implementation of Kyber with Wasm technology in the web environment.
文摘This research paper analyzes the urgent topic of quantum cybersecurity and the current federal quantum-cyber landscape. Quantum-safe implementations within existing and future Internet of Things infrastructure are discussed, along with quantum vulnerabilities in public key infrastructure and symmetric cryptographic algorithms. Other relevant non-encryption-specific areas within cybersecurity are similarly raised. The evolution and expansion of cyberwarfare as well as new developments in cyber defense beyond post-quantum cryptography and quantum key distribution are subsequently explored, with an emphasis on public and private sector awareness and vigilance in maintaining strong security posture.
文摘The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing services that rely on an IoT infrastructure. Thus, ensuring the security of devices during operation and information exchange becomes a fundamental requirement inherent in providing safe and reliable IoT services. NIST requires hardware implementations that are protected against SCAs for the lightweight cryptography standardization process. These attacks are powerful and non-invasive and rely on observing the physical properties of IoT hardware devices to obtain secret information. In this paper, we present a survey of research on hardware security for the IoT. In addition, the challenges of IoT in the quantum era with the first results of the NIST standardization process for post-quantum cryptography are discussed.
文摘由于量子计算机的飞速发展,现代密码学面临着巨大的挑战。为了实现抗量子计算机攻击的加密,人们提出了许多新的加密方案,并对后量子密码学(Post-Quantum Cryptography,PQC)开展了标准化进程。Leighton-Micali签名(Leighton-Micali sig-nature,LMS)是一种基于哈希的后量子签名方案,其私钥和公钥尺寸都较小,且安全性已被充分研究。LMS被互联网工程小组(Internet Engineering Task Force,IETF)选为PQC签名协议的标准方案,同时被美国国家标准技术局(National Institute of Standards and Technology,NIST)选为一种PQC过渡方案。然而,密钥生成过程中的效率低下,成为了LMS实际应用中的瓶颈。在本文中,我们首次对LMS进行基于FPGA的硬件实现与加速。首先,在不损失安全性的基础上,我们将LMS中的主要哈希函数由SHA2替换为SHA3函数。其次,我们设计了一个软硬件协同系统,将核心的哈希运算用硬件进行实现,该系统在消耗较少资源的前提下,可完成LMS协议的所有过程:密钥生成、签名与验证。该系统为物联网(Internet of things,IoT)场景下资源受限的LMS应用提供了参考。接着,我们提出了一个高速的密钥生成架构来加速LMS。该架构中具有可配置性,支持LMS的所有参数集,内部的哈希模块根据使用场景进行设计与部署,且并行度经过精心设计,以使得架构同时达到低延迟和高硬件利用率。此外,设计中的控制逻辑被设计为在适应不同参数集的情况下保持一定程度的恒定功率,以抵御功率分析攻击。该架构使用Verilog实现,并在Xilinx Zynq UltraScale+MPSoC ZCU104 FPGA平台上实验。实验结果表明,与在Intel(R)Core(TM)i7-6850K 3.60GHz CPU上启用多线程的目前较优软件实现相比,本文中的设计在不同参数配置下可实现55x~2091x的加速;与最新的各平台LMS工作相比,本文中设计可实现超过17x的加速;与相近方案的FPGA工作相比,本文中设计可实现约70x的加速。
基金This work was supported in part by the National Natural Science Foundation of China under Grant 62072240by the Natural Science Foundation of Jiangsu Province under Grant BK20210330by the National Key Research and Development Program of China under Grant 2020YFB1804604.
文摘This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively,and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures.Because of the aggregation of many signatures into a single short signature,AS and SAS schemes can reduce bandwidth and save storage;moreover,when a SAS is verified,not only the valid but also the order in which each signer signed can be verified.AS and SAS schemes can be applied to traffic control,banking transaction and military applications.Most of the existing AS and SAS schemes are based either on pairing or Rivest-Shamir-Adleman(RSA),and hence,can be broken by Shor’s quantum algorithm for Integer Factoring Problem(IFP)and Discrete Logarithm Problem(DLP).There are no quantum algorithms to solve syndrome decoding problems.Hence,code-based cryptography is seen as one of the promising candidates for post-quantum cryptography.This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory.Specifically,we construct our scheme with the first code based signature scheme proposed by Courtois,Finiasz and Sendrier(CFS).Compared to the CFS signature scheme without aggregation,the proposed sequential aggregate signature scheme can save about 90%storage when the number of signers is asymptotically large.
基金supported by the National Key Research and Development Program of China(No.2018YFA0704701)the National Natural Science Foundation of China(Nos.12271306,62102216,12226006)+2 种基金the Major Program of Guangdong Basic and Applied Research(No.2019B030302008)the Major Scientific and Technological Innovation Project of Shandong Province(No.2019JZZY010133)Shandong Key Research and Development Program(No.2020ZLYS09)。
文摘Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such attacks,and therefore has been receiving a significant amount of attention in recent years.Lattice-based cryptography,built on the mathematical hard problems in(high-dimensional)lattice theory,is a promising post-quantum cryptography family due to its excellent efficiency,moderate size and strong security.This survey aims to give a general overview on lattice-based cryptography.To this end,the authors begin with the introduction of the underlying mathematical lattice problems.Then they introduce the fundamental cryptanalytic algorithms and the design theory of lattice-based cryptography.
文摘McEliece cryptosystem is a public key cryptosystem that combines channel coding and encryption,and the oldest PKC that is conjectured to be postquantum secure.To decrease the key size of the original scheme,alternative codes have been adopted to replace Goppa codes.In this paper,we propose a ring signature using low-density generator-matrix codes.Our new scheme satisfies anonymity and existential unforgeability under chosen message attacks(EUFCMA).As for efficiency,the number of decoding operations has been reduced largely compared with ZLC ring signature,and the size of the public key is about 0.2%of the ZLC
基金supported by National Natural Science Foundation of China(No.U1936209).
文摘The Learning With Errors(LWE)problem is widely used in lattice-based cryptography,which is the most promising post-quantum cryptography direction.There are a variety of LWE-solving methods,which can be classified into four groups:lattice methods,algebraic methods,combinatorial methods,and exhaustive searching.The Blum–Kalai–Wasserman(BKW)algorithm is an important variety of combinatorial algorithms,which was first presented for solving the Learning Parity With Noise(LPN)problem and then extended to solve LWE.In this paper,we give an overview of BKW algorithms for solving LWE.We introduce the framework and key techniques of BKW algorithms and make comparisons between different BKW algorithms and also with lattice methods by estimating concrete security of specific LWE instances.We also briefly discuss the current problems and potential future directions of BKW algorithms.
基金supported by the National Natural Science Foundation of China under Grant No.61572490the National Key Research and Development Project under Grant No.2018YFA0704705the National Center for Mathematics and Interdisciplinary Sciences,CAS。
文摘As a candidate of the standard of post-quantum cryptography for NIST,Liu,et al.submitted a new public-key encryption scheme Compact-LWE,whose structure is similar to LWE,but with different distribution of errors.They thought that the special error distribution would protect Compact-LWE from known lattice-based attacks.Furthermore,they recommended a set of small parameters to improve the efficiency of Compact-LWE and claimed it can offer 192-bit security.However,in this paper,the authors show that Compact-LWE is not secure under recommended parameters by presenting two ciphertext-only attacks.First,the authors show that the message can be recovered efficiently from the ciphertext.Then the authors go further to recover an equivalent private key efficiently from the public key by exploiting the special structure of Compact-LWE.
基金supported by the National Natural Science Foundation of China (Nos.61303212,61170080,61202386,61332019,U1135004,and 91018008)the National Key Basic Research and Development (973) Program of China (No.2014CB340600)the Natural Science Foundation of Hubei Province (Nos.2011CDB453 and 2014CFB440)
文摘Advances in quantum computers threaten to break public-key cryptosystems (e.g., RSA, ECC, and EIGamal), based on the hardness of factoring or taking a discrete logarithm. However, no quantum algorithms have yet been found for solving certain mathematical problems in non-commutative algebraic structures. Recently, two novel public-key encryption schemes, BKT-B cryptosystem and BKT-FO cryptosystem, based on factorization problems have been proposed at Security and Communication Networks in 2013. In this paper we show that these two schemes are vulnerable to structural attacks and linearization equations attacks, and that they only require polynomial time complexity to obtain messages from associated public keys. We conduct a detailed analysis of the two attack methods and show corresponding algorithmic descriptions and efficiency analyses. In addition, we provide some improvement suggestions for the two public-key encryption schemes.
基金This work was supported by the National Natural Science Foundations of China (Grant Nos. 61173151, 61173152 and 61100229) and Huawei Technologies Co., Ltd., (YBCB2011116).
文摘Certificateless public key cryptography (CL- PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In CL- PKC, the key generation center (KGC) does not know the private keys of all users, and their public keys need not be cer- tificated by certification authority (CA). At present, however, most certificateless encryption schemes are based on large in- teger factorization and discrete logarithms that are not secure in a quantum environment and the computation complexity is high. To solve these problems, we propose a new certificate- less encryption scheme based on lattices, more precisely, us- ing the hardness of the learning with errors (LWE) problem. Compared with schemes based on large integer factoriza- tion and discrete logarithms, the most operations are matrix- vector multiplication and inner products in our scheme, our approach has lower computation complexity. Our scheme can be proven to be indistinguishability chosen ciphertext attacks (IND-CPA) secure in the random oracle model.
基金Supported by the National Natural Science Foundation of China(61103231,61103230,61272492,61202492)the Project Funded by China Postdoctoral Science Foundation and Natural Science Basic Research Plan in Shaanxi Province of China(2014JQ8358,2014JQ8307,2014JM8300)
文摘With the development of quantum computer, multivariate public key cryptography withstanding quantum attack has became one of the research focus. The existed signcryption schemes from discrete logarithm and bilinear paring are facing the serious threats. Based on multivariate public key cryptography, a new certificateless multi-receiver hybrid signcryption scheme has been proposed. The proposal reduced the cipher text and could handle arbitrary length messages by employing randomness reusing and hybrid encryption, as well as keeping security. In the random oracle model, the scheme's confidentiality could withstand the IND-CCA2 adversary and its unforgeability could withstand the UF-CMA adversary under the hardness of multivariat quadratic (MQ) problem and isomorphism of polynomials (IP) assumption. It has less computation overhead and higher transmission efficiency than others. It reduced 33% cipher data compared with the existed similar scheme.
基金supported by the Foundation of Science and Technology on Information Assurance Laboratory(No.KJ-17-003)
文摘Asymmetric cryptographic schemes, represe nted by RSA, have bee n show n to be in secure un der quantum computing conditions. Correspondingly, there is a need to study whether the symmetric cryptosystem can still guarantee high security with the advent of quantum computers. In this paper, based on the basic principles of classical slide attacks and Simon's algorithm, we take LED-like lightweight block ciphers as research objects to present a security analysis under both classical and quantum attacks, fully considering the influence on the security of the ciphers of adding the round constants. By analyzing the information leakage of round constants, we can introduce the differential of the round constants to propose a classical slide attack on full-round LED-64 with a probability of 1. The analysis result shows that LED-64 is unable to resist this kind of classical slide attack, but that attack method is not applicable to LED-128. As for quantum attacks, by improving on existing quantum attack methods we dem on strate a qua ntum single-key slide attack on LED-64 and a quantum related-key attack on LED- 128, and indicators of the two attack algorithms are analyzed in detail. The attack results show that adding round consta nts does not completely improve the security of the ciphers, and quantum attacks can provide an exp on ential speed-up over the same attacks in the classical model. It further illustrates that the block cipher that is proved to be safe under classical settings is not necessarily secure under quantum conditions.
基金Project supported by the National Natural Science Foundation of China(Nos.U1636114,61572521,and 61772550)the Innovative Research Team in Engineering University of People’s Armed Police,China(No.KYTD201805)+1 种基金the Natural Science Foundation of Shaanxi Province,China(No.2021JM-252)the Basic Research Project of Engineering University of People’s Armed Police,China(No.WJY201914)。
文摘Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal services even when certain proxy servers are paralyzed or damaged.A non-interactive identity-based TPRE(IB-TPRE)scheme over lattices is proposed which removes the public key certificates.To accomplish this scheme,Shamir’s secret sharing is employed twice,which not only effectively hides the delegator’s private key information,but also decentralizes the proxy power by splitting the re-encryption key.Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share.This property is achieved by lattice-based fully homomorphic signatures.As a result,the whole scheme is thoroughly capable of resisting quantum attacks even when they are available.The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model.Two typical application scenarios,including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography,are presented.