Journal Description
Cryptography
Cryptography
is an international, scientific, peer-reviewed, open access journal on cryptography published quarterly online by MDPI.
- Open Access— free for readers, with article processing charges (APC) paid by authors or their institutions.
- High Visibility: indexed within Scopus, ESCI (Web of Science), dblp, and other databases.
- Journal Rank: JCR - Q2 (Computer Science, Theory and Methods) / CiteScore - Q1 (Applied Mathematics)
- Rapid Publication: manuscripts are peer-reviewed and a first decision is provided to authors approximately 23.9 days after submission; acceptance to publication is undertaken in 3.7 days (median values for papers published in this journal in the first half of 2024).
- Recognition of Reviewers: reviewers who provide timely, thorough peer-review reports receive vouchers entitling them to a discount on the APC of their next publication in any MDPI journal, in appreciation of the work done.
Impact Factor:
1.8 (2023);
5-Year Impact Factor:
2.1 (2023)
Latest Articles
Lattice-Based Post-Quantum Public Key Encryption Scheme Using ElGamal’s Principles
Cryptography 2024, 8(3), 31; https://doi.org/10.3390/cryptography8030031 - 8 Jul 2024
Abstract
►
Show Figures
Modern technologies like quantum and cloud computing have reshaped computing, offering immense power and scalability. While beneficial, they also challenge the security of traditional cryptographic systems. Quantum computing threatens RSA and ECC with algorithms like Shor’s algorithm, which can accelerate computations exponentially. This
[...] Read more.
Modern technologies like quantum and cloud computing have reshaped computing, offering immense power and scalability. While beneficial, they also challenge the security of traditional cryptographic systems. Quantum computing threatens RSA and ECC with algorithms like Shor’s algorithm, which can accelerate computations exponentially. This risks exposing these systems to attacks, necessitating quantum-resistant cryptography. Cloud computing poses data security concerns, requiring robust cryptographic mechanisms and access controls. Lattice-based cryptography, leveraging problems like the Short Integer Solution (SIS), emerges as a solution. This paper presents a novel quantum-resistant public key encryption scheme based on ElGamal and SIS, ensuring security against quantum and classical threats in modern cryptographic environments.
Full article
Open AccessArticle
Improve Parallel Resistance of Hashcash Tree
by
Mario Alviano and Giada Gabriele
Cryptography 2024, 8(3), 30; https://doi.org/10.3390/cryptography8030030 - 8 Jul 2024
Abstract
►▼
Show Figures
Denial of Service (DoS) attacks remain a persistent threat to online systems, necessitating continual innovation in defense mechanisms. In this work, we present an improved algorithm for mitigating DoS attacks through the augmentation of client puzzle protocols. Building upon the foundation of hashcash
[...] Read more.
Denial of Service (DoS) attacks remain a persistent threat to online systems, necessitating continual innovation in defense mechanisms. In this work, we present an improved algorithm for mitigating DoS attacks through the augmentation of client puzzle protocols. Building upon the foundation of hashcash trees, a recently proposed data structure combining hashcash and Merkle trees, we introduce a new version of the data structure that enhances resistance against parallel computation (a common tactic employed by attackers). By incorporating the labels of children and the next node in a breadth-first traversal into the hash function, we establish a sequential processing order that inhibits parallel node evaluation. The added dependency on the next node significantly elevates the complexity of constructing hashcash trees, introducing a linear number of synchronization points and fortifying resilience against potential attacks. Empirical evaluation demonstrates the efficacy of our approach, showcasing its ability to accurately control puzzle difficulty while bolstering system security against DoS threats.
Full article
Figure 1
Open AccessArticle
Public Key Protocols from Twisted-Skew Group Rings
by
Javier de la Cruz, Edgar Martínez-Moro, Steven Muñoz-Ruiz and Ricardo Villanueva-Polanco
Cryptography 2024, 8(3), 29; https://doi.org/10.3390/cryptography8030029 - 5 Jul 2024
Abstract
This article studies some algebraic structures known as twisted-skew group rings in the context of public key cryptography. We first present some background related to these structures to then specifically introduce particular twisted-skew group rings and show how to utilize them as the
[...] Read more.
This article studies some algebraic structures known as twisted-skew group rings in the context of public key cryptography. We first present some background related to these structures to then specifically introduce particular twisted-skew group rings and show how to utilize them as the underlying algebraic structure to build cryptographic protocols. We closely follow an incremental-like methodology to construct these protocols by putting parts together. As as result, we first introduce a key-agreement protocol and then generalize it to a group key-agreement protocol. We then proceed to construct a probabilistic public key encryption from our two-party key agreement and, finally, introduce a key-encapsulation mechanism from a well-known generic construction applied to probabilistic public encryption. Furthermore, we provide an in-depth security analysis for each cryptographic construction under new related algebraic assumptions and supply a proof-of-concept implementation for various candidate chosen groups.
Full article
Open AccessArticle
Efficient and Universal Merkle Tree Inclusion Proofs via OR Aggregation
by
Oleksandr Kuznetsov, Alex Rusnak, Anton Yezhov, Dzianis Kanonik, Kateryna Kuznetsova and Oleksandr Domin
Cryptography 2024, 8(3), 28; https://doi.org/10.3390/cryptography8030028 - 5 Jul 2024
Abstract
Zero-knowledge proofs have emerged as a powerful tool for enhancing privacy and security in blockchain applications. However, the efficiency and scalability of proof systems remain a significant challenge, particularly in the context of Merkle tree inclusion proofs. Traditional proof aggregation techniques based on
[...] Read more.
Zero-knowledge proofs have emerged as a powerful tool for enhancing privacy and security in blockchain applications. However, the efficiency and scalability of proof systems remain a significant challenge, particularly in the context of Merkle tree inclusion proofs. Traditional proof aggregation techniques based on AND logic suffer from a high verification complexity and data communication overhead, limiting their practicality for large-scale applications. In this paper, we propose a novel proof aggregation approach based on OR logic, which enables the generation of compact and universally verifiable proofs for Merkle tree inclusion. By adapting and extending the concept of OR composition from Sigma protocols, we achieve a proof size that is independent of the number of leaves in the tree, and verification can be performed using any single valid leaf hash. This represents a significant improvement over AND aggregation, which requires the verifier to process all leaf hashes. We formally define the OR aggregation logic; describe the process of generating universal proofs; and provide a comparative analysis that demonstrates the advantages of our approach in terms of proof size, verification data, and universality. Furthermore, we discuss the potential of combining OR and AND aggregation logics to create complex acceptance functions, enabling the development of expressive and efficient proof systems for various blockchain applications. The proposed techniques have the potential to significantly enhance the scalability, efficiency, and flexibility of zero-knowledge proof systems, paving the way for more practical and adaptive solutions in large-scale blockchain ecosystems.
Full article
(This article belongs to the Special Issue Advances in Authentication, Authorization and Privacy for Securing Smart Communications)
►▼
Show Figures
Figure 1
Open AccessArticle
The Emerging Challenges of Wearable Biometric Cryptosystems
by
Khalid Al Ajlan, Tariq Alsboui, Omar Alshaikh, Isa Inuwa-Dute, Saad Khan and Simon Parkinson
Cryptography 2024, 8(3), 27; https://doi.org/10.3390/cryptography8030027 - 21 Jun 2024
Abstract
Cryptographic key generation and data encryption and decryption using wearable biometric technologies is an emerging research area with significant potential for authentication and communication security. The research area is rapidly developing, and a comprehensive review of recently published literature is necessary to establish
[...] Read more.
Cryptographic key generation and data encryption and decryption using wearable biometric technologies is an emerging research area with significant potential for authentication and communication security. The research area is rapidly developing, and a comprehensive review of recently published literature is necessary to establish emerging challenges. This research article aims to critically investigate and synthesize current research using biometric cryptosystems that use behavior or medico-chemical characteristics, ranging from gate analysis to gaze tracking. The study will summarize the state of knowledge, identify critical research gaps, and provide insight into promising future implications and applications that can enable the realization of user-specific and resilient solutions for authentication and secure communication demands.
Full article
(This article belongs to the Special Issue Security, Privacy and Trust Aspects of Wearable and Resource Constrained Devices)
Open AccessArticle
“Whispers from the Wrist”: Wearable Health Monitoring Devices and Privacy Regulations in the U.S.: The Loopholes, the Challenges, and the Opportunities
by
Asma Sifaoui and Matthew S. Eastin
Cryptography 2024, 8(2), 26; https://doi.org/10.3390/cryptography8020026 - 19 Jun 2024
Abstract
The growth of wearable technology has enabled the collection of even more personalized information on individuals. New health-related devices marketed to consumers collect health information that might not fall under the traditional category of Protected Health Information, and thus, HIPAA protections do not
[...] Read more.
The growth of wearable technology has enabled the collection of even more personalized information on individuals. New health-related devices marketed to consumers collect health information that might not fall under the traditional category of Protected Health Information, and thus, HIPAA protections do not fully apply. Meaning, commercial wearable health devices do not fall under FDA oversight, and data not paired with a doctor–patient relationship do not fall under HIPAA privacy protection; thus, much of the gathered health-related metrics are left without regulation and open to be sold to data brokers. As such, these data can be leveraged by health insurance, law enforcement, and employers, to name a few. This manuscript explores the loopholes in current regulations and suggests a framework that categorizes wearable data and addresses challenges in data transfer. Furthermore, taking a user perspective, the suggested framework offers solutions that aim to guide users and policymakers in navigating privacy issues in wearable technology.
Full article
(This article belongs to the Special Issue Security, Privacy and Trust Aspects of Wearable and Resource Constrained Devices)
►▼
Show Figures
Figure 1
Open AccessReview
A Survey on Complexity Measures for Pseudo-Random Sequences
by
Chunlei Li
Cryptography 2024, 8(2), 25; https://doi.org/10.3390/cryptography8020025 - 13 Jun 2024
Abstract
Since the introduction of the Kolmogorov complexity of binary sequences in the 1960s, there have been significant advancements on the topic of complexity measures for randomness assessment, which are of fundamental importance in theoretical computer science and of practical interest in cryptography. This
[...] Read more.
Since the introduction of the Kolmogorov complexity of binary sequences in the 1960s, there have been significant advancements on the topic of complexity measures for randomness assessment, which are of fundamental importance in theoretical computer science and of practical interest in cryptography. This survey reviews notable research from the past four decades on the linear, quadratic and maximum-order complexities of pseudo-random sequences, and their relations with Lempel–Ziv complexity, expansion complexity, 2-adic complexity and correlation measures.
Full article
(This article belongs to the Collection Survey of Cryptographic Topics)
►▼
Show Figures
Figure 1
Open AccessArticle
The Security Evaluation of an Efficient Lightweight AES Accelerator
by
Abdullah Aljuffri, Ruoyu Huang, Laura Muntenaar, Georgi Gaydadjiev, Kezheng Ma, Said Hamdioui and Mottaqiallah Taouil
Cryptography 2024, 8(2), 24; https://doi.org/10.3390/cryptography8020024 - 4 Jun 2024
Abstract
The Advanced Encryption Standard (AES) is widely recognized as a robust cryptographic algorithm utilized to protect data integrity and confidentiality. When it comes to lightweight implementations of the algorithm, the literature mainly emphasizes area and power optimization, often overlooking considerations related to performance
[...] Read more.
The Advanced Encryption Standard (AES) is widely recognized as a robust cryptographic algorithm utilized to protect data integrity and confidentiality. When it comes to lightweight implementations of the algorithm, the literature mainly emphasizes area and power optimization, often overlooking considerations related to performance and security. This paper evaluates two of our previously proposed lightweight AES implementations using both profiled and non-profiled attacks. One is an unprotected implementation, and the other one is a protected version using Domain-Oriented Masking (DOM). The findings of this study indicate that the inclusion of DOM in the design enhances its resistance to attacks at the cost of doubling the area.
Full article
(This article belongs to the Special Issue Hardware Security and Cryptographic Implementations)
►▼
Show Figures
Figure 1
Open AccessArticle
Securing Data Exchange with Elliptic Curve Cryptography: A Novel Hash-Based Method for Message Mapping and Integrity Assurance
by
Younes Lahraoui, Saiida Lazaar, Youssef Amal and Abderrahmane Nitaj
Cryptography 2024, 8(2), 23; https://doi.org/10.3390/cryptography8020023 - 2 Jun 2024
Abstract
►▼
Show Figures
To ensure the security of sensitive data, elliptic curve cryptography (ECC) is adopted as an asymmetric method that balances security and efficiency. Nevertheless, embedding messages into elliptic curve (EC) points poses a significant challenge. The intricacies of this process can greatly affect the
[...] Read more.
To ensure the security of sensitive data, elliptic curve cryptography (ECC) is adopted as an asymmetric method that balances security and efficiency. Nevertheless, embedding messages into elliptic curve (EC) points poses a significant challenge. The intricacies of this process can greatly affect the overall security and efficiency of the cryptosystem, reflecting security vulnerabilities observed in many existing schemes that utilize ElGamal ECC-based encryption. In this paper, we introduce an innovative hash-based technique for securely embedding messages into EC points before encryption. A random parameter and a shared secret point generated through the EC Diffie–Hellman protocol are used to bolster the scheme’s security. The security of the proposed method is evaluated against various attack models; moreover, the complexity, and sensitivity of the encryption scheme, as well as its inputs, are analyzed. The randomness assessment of the ciphertext was performed using the NIST statistical test suite. Additionally, we propose a mechanism to ensure the integrity of the message by securely appending a tag to the ciphertext. As a consequence, a comprehensive analysis of our scheme demonstrates its effectiveness in maintaining data security and integrity against various attack models. The algorithm also meets more criteria such as the strict avalanche criterion, linear complexity, and operability.
Full article
Figure 1
Open AccessArticle
Defence against Side-Channel Attacks for Encrypted Network Communication Using Multiple Paths
by
Gregor Tamati Haywood and Saleem Noel Bhatti
Cryptography 2024, 8(2), 22; https://doi.org/10.3390/cryptography8020022 - 28 May 2024
Abstract
►▼
Show Figures
As more network communication is encrypted to provide data privacy for users, attackers are focusing their attention on traffic analysis methods for side-channel attacks on user privacy. These attacks exploit patterns in particular features of communication flows such as interpacket timings and packet
[...] Read more.
As more network communication is encrypted to provide data privacy for users, attackers are focusing their attention on traffic analysis methods for side-channel attacks on user privacy. These attacks exploit patterns in particular features of communication flows such as interpacket timings and packet sizes. Unsupervised machine learning approaches, such as Hidden Markov Models (HMMs), can be trained on unlabelled data to estimate these flow attributes from an exposed packet flow, even one that is encrypted, so it is highly feasible for an eavesdropper to perform this attack. Traditional defences try to protect specific side channels by modifying the packet transmission for the flow, e.g., by adding redundant information (padding of packets or use of junk packets) and perturbing packet timings (e.g., artificially delaying packet transmission at the sender). Such defences incur significant overhead and impact application-level performance metrics, such as latency, throughput, end-to-end delay, and jitter. Furthermore, these mechanisms can be complex, often ineffective, and are not general solutions—a new profile must be created for every application, which is an infeasible expectation to place on software developers. We show that an approach exploiting multipath communication can be effective against HMM-based traffic analysis. After presenting the core analytical background, we demonstrate the efficacy of this approach with a number of diverse, simulated traffic flows. Based on the results, we define some simple design rules for software developers to adopt in order to exploit the mechanism we describe, including a critical examination of existing communication protocol behavior.
Full article
Figure 1
Open AccessArticle
Constrained Device Performance Benchmarking with the Implementation of Post-Quantum Cryptography
by
Gregory Fitzgibbon and Carlo Ottaviani
Cryptography 2024, 8(2), 21; https://doi.org/10.3390/cryptography8020021 - 23 May 2024
Abstract
►▼
Show Figures
Advances in quantum computers may pose a significant threat to existing public-key encryption methods, which are crucial to the current infrastructure of cyber security. Both RSA and ECDSA, the two most widely used security algorithms today, may be (in principle) solved by the
[...] Read more.
Advances in quantum computers may pose a significant threat to existing public-key encryption methods, which are crucial to the current infrastructure of cyber security. Both RSA and ECDSA, the two most widely used security algorithms today, may be (in principle) solved by the Shor algorithm in polynomial time due to its ability to efficiently solve the discrete logarithm problem, potentially making present infrastructures insecure against a quantum attack. The National Institute of Standards and Technology (NIST) reacted with the post-quantum cryptography (PQC) standardization process to develop and optimize a series of post-quantum algorithms (PQAs) based on difficult mathematical problems that are not susceptible to being solved by Shor’s algorithm. Whilst high-powered computers can run these PQAs efficiently, further work is needed to investigate and benchmark the performance of these algorithms on lower-powered (constrained) devices and the ease with which they may be integrated into existing protocols such as TLS. This paper provides quantitative benchmark and handshake performance data for the most recently selected PQAs from NIST, tested on a Raspberry Pi 4 device to simulate today’s IoT (Internet of Things) devices, and provides quantitative comparisons with previous benchmarking data on a range of constrained systems. CRYSTALS-Kyber and CRYSTALS-Dilithium are shown to be the most efficient PQAs in the key encapsulation and signature algorithms, respectively, with Falcon providing the optimal TLS handshake size.
Full article
Figure 1
Open AccessArticle
A Provably Secure Anonymous Authentication Protocol for Consumer and Service Provider Information Transmissions in Smart Grids
by
Zahraa Abdullah Ali, Zaid Ameen Abduljabbar, Hamid Ali Abed AL-Asadi, Vincent Omollo Nyangaresi, Iman Qays Abduljaleel and Abdulla J. Y. Aldarwish
Cryptography 2024, 8(2), 20; https://doi.org/10.3390/cryptography8020020 - 9 May 2024
Abstract
►▼
Show Figures
Smart grids integrate information technology, decision support systems, communication networks, and sensing technologies. All these components cooperate to facilitate dynamic power adjustments based on received client consumption reports. Although this brings forth energy efficiency, the transmission of sensitive data over the public internet
[...] Read more.
Smart grids integrate information technology, decision support systems, communication networks, and sensing technologies. All these components cooperate to facilitate dynamic power adjustments based on received client consumption reports. Although this brings forth energy efficiency, the transmission of sensitive data over the public internet exposes these networks to numerous attacks. To this end, numerous security solutions have been presented recently. Most of these techniques deploy conventional cryptographic systems such as public key infrastructure, blockchains, and physically unclonable functions that have either performance or security issues. In this paper, a fairly efficient authentication scheme is developed and analyzed. Its formal security analysis is carried out using the Burrows–Abadi–Needham (BAN) logic, which shows that the session key negotiated is provably secure. We also execute a semantic security analysis of this protocol to demonstrate that it can resist typical smart grid attacks such as privileged insider, guessing, eavesdropping, and ephemeral secret leakages. Moreover, it has the lowest amount of computation costs and relatively lower communication overheads as well as storage costs.
Full article
Figure 1
Open AccessArticle
Auditable Anonymous Electronic Examination
by
Ádám Vécsi and Attila Pethő
Cryptography 2024, 8(2), 19; https://doi.org/10.3390/cryptography8020019 - 1 May 2024
Abstract
Ensuring security in electronic examination systems represents a significant challenge, particularly when practical considerations dictate that most involved parties cannot be fully trusted due to self-interest. To enhance the security, we introduce auditability to e-exam systems, enabling an auditing authority to verify the
[...] Read more.
Ensuring security in electronic examination systems represents a significant challenge, particularly when practical considerations dictate that most involved parties cannot be fully trusted due to self-interest. To enhance the security, we introduce auditability to e-exam systems, enabling an auditing authority to verify the system integrity. This auditability not only ensures system robustness but also creates an opportunity to grant communication between candidates and examiners, allowing for clarification on unclear questions during exams. Additionally, the implementation of attribute-based certifications ensures anonymity for both candidates and examiners throughout all stages of the exam, with the option for revocation in case of audit-detected fraud.
Full article
(This article belongs to the Special Issue Privacy-Enhancing Technologies for the Digital Age)
►▼
Show Figures
Figure 1
Open AccessArticle
An Efficient Homomorphic Argmax Approximation for Privacy-Preserving Neural Networks
by
Peng Zhang, Ao Duan and Hengrui Lu
Cryptography 2024, 8(2), 18; https://doi.org/10.3390/cryptography8020018 - 1 May 2024
Abstract
►▼
Show Figures
Privacy-preserving neural networks offer a promising solution to train and predict without user privacy leakage, and fully homomorphic encryption (FHE) stands out as one of the key technologies, as it enables homomorphic operations over encrypted data. However, only addition and multiplication homomorphisms are
[...] Read more.
Privacy-preserving neural networks offer a promising solution to train and predict without user privacy leakage, and fully homomorphic encryption (FHE) stands out as one of the key technologies, as it enables homomorphic operations over encrypted data. However, only addition and multiplication homomorphisms are supported by FHE, and thus, it faces huge challenges when implementing non-linear functions with ciphertext inputs. Among the non-linear functions in neural networks, one may refer to the activation function, the argmax function, and maximum pooling. Inspired by using a composition of low-degree minimax polynomials to approximate sign and argmax functions, this study focused on optimizing the homomorphic argmax approximation, where argmax is a mathematical operation that identifies the index of the maximum value within a given set of values. For the method that uses compositions of low-degree minimax polynomials to approximate argmax, in order to further reduce approximation errors and improve computational efficiency, we propose an improved homomorphic argmax approximation algorithm that includes rotation accumulation, tree-structured comparison, normalization, and finalization phases. And then, the proposed homomorphic argmax algorithm was integrated into a neural network structure. Comparative experiments indicate that the network with our proposed argmax algorithm achieved a slight increase in accuracy while significantly reducing the inference latency by , as the homomorphic sign and rotation operations were rapidly reduced.
Full article
Figure 1
Open AccessArticle
Enhancing Smart Communication Security: A Novel Cost Function for Efficient S-Box Generation in Symmetric Key Cryptography
by
Oleksandr Kuznetsov, Nikolay Poluyanenko, Emanuele Frontoni and Sergey Kandiy
Cryptography 2024, 8(2), 17; https://doi.org/10.3390/cryptography8020017 - 25 Apr 2024
Cited by 1
Abstract
In the realm of smart communication systems, where the ubiquity of 5G/6G networks and IoT applications demands robust data confidentiality, the cryptographic integrity of block and stream cipher mechanisms plays a pivotal role. This paper focuses on the enhancement of cryptographic strength in
[...] Read more.
In the realm of smart communication systems, where the ubiquity of 5G/6G networks and IoT applications demands robust data confidentiality, the cryptographic integrity of block and stream cipher mechanisms plays a pivotal role. This paper focuses on the enhancement of cryptographic strength in these systems through an innovative approach to generating substitution boxes (S-boxes), which are integral in achieving confusion and diffusion properties in substitution–permutation networks. These properties are critical in thwarting statistical, differential, linear, and other forms of cryptanalysis, and are equally vital in pseudorandom number generation and cryptographic hashing algorithms. The paper addresses the challenge of rapidly producing random S-boxes with desired cryptographic attributes, a task notably arduous given the complexity of existing generation algorithms. We delve into the hill climbing algorithm, exploring various cost functions and their impact on computational complexity for generating S-boxes with a target nonlinearity of 104. Our contribution lies in proposing a new cost function that markedly reduces the generation complexity, bringing down the iteration count to under 50,000 for achieving the desired S-box. This advancement is particularly significant in the context of smart communication environments, where the balance between security and performance is paramount.
Full article
(This article belongs to the Special Issue Advances in Authentication, Authorization and Privacy for Securing Smart Communications)
►▼
Show Figures
Figure 1
Open AccessArticle
An Engineered Minimal-Set Stimulus for Periodic Information Leakage Fault Detection on a RISC-V Microprocessor
by
Idris O. Somoye, Jim Plusquellic, Tom J. Mannos and Brian Dziki
Cryptography 2024, 8(2), 16; https://doi.org/10.3390/cryptography8020016 - 22 Apr 2024
Abstract
Recent evaluations of counter-based periodic testing strategies for fault detection in Microprocessor (μP) have shown that only a small set of counters is needed to provide complete coverage of severe faults. Severe faults are defined as faults that leak sensitive information,
[...] Read more.
Recent evaluations of counter-based periodic testing strategies for fault detection in Microprocessor (μP) have shown that only a small set of counters is needed to provide complete coverage of severe faults. Severe faults are defined as faults that leak sensitive information, e.g., an encryption key on the output of a serial port. Alternatively, fault detection can be accomplished by executing instructions that periodically test the control and functional units of the μP. In this paper, we propose a fault detection method that utilizes an ’engineered’ executable program combined with a small set of strategically placed counters in pursuit of a hardware Periodic Built-In-Self-Test (PBIST). We analyze two distinct methods for generating such a binary; the first uses an Automatic Test Generation Pattern (ATPG)-based methodology, and the second uses a process whereby existing counter-based node-monitoring infrastructure is utilized. We show that complete fault coverage of all leakage faults is possible using relatively small binaries with low latency to fault detection and by utilizing only a few strategically placed counters in the μP.
Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
►▼
Show Figures
Figure 1
Open AccessArticle
Investigating CRYSTALS-Kyber Vulnerabilities: Attack Analysis and Mitigation
by
Maksim Iavich and Tamari Kuchukhidze
Cryptography 2024, 8(2), 15; https://doi.org/10.3390/cryptography8020015 - 19 Apr 2024
Abstract
►▼
Show Figures
Significant advancements have been achieved in the field of quantum computing in recent years. If somebody ever creates a sufficiently strong quantum computer, many of the public-key cryptosystems in use today might be compromised. Kyber is a post-quantum encryption technique that depends on
[...] Read more.
Significant advancements have been achieved in the field of quantum computing in recent years. If somebody ever creates a sufficiently strong quantum computer, many of the public-key cryptosystems in use today might be compromised. Kyber is a post-quantum encryption technique that depends on lattice problem hardness, and it was recently standardized. Despite extensive testing by the National Institute of Standards and Technology (NIST), new investigations have demonstrated the effectiveness of CRYSTALS-Kyber attacks and their applicability in non-controlled environments. We investigated CRYSTALS-Kyber’s susceptibility to side-channel attacks. In the reference implementation of Kyber512, additional functions can be compromised by employing the selected ciphertext. The implementation of the selected ciphertext allows the attacks to succeed. Real-time recovery of the entire secret key is possible for all assaults.
Full article
Figure 1
Open AccessArticle
Analysis of Biometric-Based Cryptographic Key Exchange Protocols—BAKE and BRAKE
by
Maksymilian Gorski and Wojciech Wodo
Cryptography 2024, 8(2), 14; https://doi.org/10.3390/cryptography8020014 - 6 Apr 2024
Abstract
Biometric authentication methods offer high-quality mechanisms to confirm the identity of individuals in security systems commonly used in the modern world, such as physical access control, online banking, or mobile device unlocking. They also find their application in cryptographic solutions, which allow the
[...] Read more.
Biometric authentication methods offer high-quality mechanisms to confirm the identity of individuals in security systems commonly used in the modern world, such as physical access control, online banking, or mobile device unlocking. They also find their application in cryptographic solutions, which allow the biometrically authenticated exchange of cryptographic keys between users and services on the internet, despite the fuzziness of biometric data. Such solutions are BAKE (biometrics-authenticated key exchange) and BRAKE (biometric-resilient authenticated key exchange) protocols, upon which our work is based. However, the direct application of fuzzy biometrics in cryptography, which relies heavily on the accuracy of single-bit secret values, is not trivial. Therefore, this paper is devoted to analyzing the security of this idea and the feasibility of implementing biometric AKE (authenticated key exchange) protocols, with an emphasis on the BRAKE protocol. As the results of our analysis, we discuss BRAKE’s limitations and vulnerabilities, which need to be appropriately addressed to implement the protocol in modern systems.
Full article
(This article belongs to the Topic Trends and Prospects in Security, Encryption and Encoding)
►▼
Show Figures
Figure 1
Open AccessArticle
Detour-RS: Reroute Attack Vulnerability Assessment with Awareness of the Layout and Resource
by
Minyan Gao, Liton Kumar Biswas, Navid Asadi and Domenic Forte
Cryptography 2024, 8(2), 13; https://doi.org/10.3390/cryptography8020013 - 6 Apr 2024
Abstract
Recent decades have witnessed a remarkable pace of innovation and performance improvements in integrated circuits (ICs), which have become indispensable in an array of critical applications ranging from military infrastructure to personal healthcare. Meanwhile, recent developments have brought physical security to the forefront
[...] Read more.
Recent decades have witnessed a remarkable pace of innovation and performance improvements in integrated circuits (ICs), which have become indispensable in an array of critical applications ranging from military infrastructure to personal healthcare. Meanwhile, recent developments have brought physical security to the forefront of concern, particularly considering the valuable assets handled and stored within ICs. Among the various invasive attack vectors, micro-probing attacks have risen as a particularly menacing threat. These attacks leverage advanced focused ion beam (FIB) systems to enable post-silicon secret eavesdropping and circuit modifications with minimal traceability. As an evolved variant of micro-probing attacks, reroute attacks possess the ability to actively disable built-in shielding measures, granting access to the security-sensitive signals concealed beneath. To address and counter these emerging challenges, we introduce a layout-level framework known as Detour-RS. This framework is designed to automatically assess potential vulnerabilities, offering a systematic approach to identifying and mitigating exploitable weaknesses. Specifically, we employed a combination of linear and nonlinear programming-based approaches to identify the layout-aware attack costs in reroute attempts given specific target assets. The experimental results indicate that shielded designs outperform non-shielded structures against reroute attacks. Furthermore, among the two-layer shield configurations, the orthogonal layout exhibits better performance compared to the parallel arrangement. Furthermore, we explore both independent and dependent scenarios, where the latter accounts for potential interference among circuit edit locations. Notably, our results demonstrate a substantial near 50% increase in attack cost when employing the more realistic dependent estimation approach. In addition, we also propose time and gas consumption metrics to evaluate the resource consumption of the attackers, which provides a perspective for evaluating reroute attack efforts. We have collected the results for different categories of target assets and also the average resource consumption for each via, required during FIB reroute attack.
Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
►▼
Show Figures
Figure 1
Open AccessArticle
A Survey of Consortium Blockchain and Its Applications
by
Xiaotong Chen, Songlin He, Linfu Sun, Yangxin Zheng and Chase Q. Wu
Cryptography 2024, 8(2), 12; https://doi.org/10.3390/cryptography8020012 - 22 Mar 2024
Cited by 1
Abstract
Blockchain is a revolutionary technology that has reshaped the trust model among mutually distrustful peers in a distributed network. While blockchain is well-known for its initial usage in a public manner, such as the cryptocurrency of Bitcoin, consortium blockchain, which requires authentication of
[...] Read more.
Blockchain is a revolutionary technology that has reshaped the trust model among mutually distrustful peers in a distributed network. While blockchain is well-known for its initial usage in a public manner, such as the cryptocurrency of Bitcoin, consortium blockchain, which requires authentication of all involved participants, has also been widely adopted in various domains. Nevertheless, there is a lack of comprehensive study of consortium blockchain in terms of its architecture design, consensus mechanisms, comparative performance, etc. In this study, we aim to fill this gap by surveying the most popular consortium blockchain platforms and assessing their core designs in a layered fashion. Particularly, Byzantine fault tolerant (BFT) state machine replication (SMR) is introduced to act as a basic computational model of consortium blockchain. Then the consortium blockchain is split into the hardware layer, layer-0 (network layer), layer-I (data layer, consensus layer and contract layer), layer-II protocols, and application layer. Each layer is presented with closely related discussion and analysis. Furthermore, with the extraction of the core functionalities, i.e., robust storage and guaranteed execution, that a consortium blockchain can provide, several typical consortium blockchain-empowered decentralized application scenarios are introduced. With these thorough studies and analyses, this work aims to systematize the knowledge dispersed in the consortium blockchain, highlight the unsolved challenges, and also indicate the propitious avenues of future work.
Full article
(This article belongs to the Section Blockchain Security)
►▼
Show Figures
Figure 1
Highly Accessed Articles
Latest Books
E-Mail Alert
News
Topics
Topic in
Applied Sciences, Cryptography, JCP, JSAN, Sci, Symmetry
Trends and Prospects in Security, Encryption and Encoding
Topic Editors: Ki-Hyun Jung, Luis Javier García VillalbaDeadline: 31 December 2024
Topic in
Electronics, JCP, Mathematics, Sustainability, Remote Sensing, IJGI, Cryptography, Blockchains
Recent Advances in Security, Privacy, and Trust
Topic Editors: Jun Feng, Changqing Luo, Mamoun AlazabDeadline: 31 December 2025
Conferences
Special Issues
Special Issue in
Cryptography
Privacy-Enhancing Technologies for the Digital Age
Guest Editors: Hanlin Zhang, Zengpeng Li, Dou AnDeadline: 31 October 2024
Special Issue in
Cryptography
Role of Cryptography in Network Security
Guest Editors: Krzysztof Szczypiorski, Borislav StoyanovDeadline: 30 November 2024
Special Issue in
Cryptography
Emerging Topics in Hardware Security
Guest Editor: Jim PlusquellicDeadline: 10 December 2024
Special Issue in
Cryptography
Advances in Authentication, Authorization and Privacy for Securing Smart Communications
Guest Editors: Cheng-Chi Lee, Tuan-Vinh Le, Chun-Ta Li, Dinh-Thuan Do, Agbotiname Lucky ImoizeDeadline: 31 December 2024