Next Issue
Volume 7, December
Previous Issue
Volume 7, June
 
 

Cryptography, Volume 7, Issue 3 (September 2023) – 13 articles

Cover Story (view full-size image): The rise of Artificial Intelligence, particularly Artificial Neural Networks (ANNs), which are enabled by a significant increase in computational power, opens up the exploration of their applications in cryptanalysis. Indeed, as excellent approximators for arbitrary non-linear functions and aggregators of latent information, ANNs have the potential to model and learn salient non-linear layers that are at the heart of symmetric encryption processes. This is equally true for asymmetric post-quantum encryption that is based on lattices, which resemble the architecture of ANNs. In this paper, we review four major algorithms, namely AES, RSA, LWE, and the ASCON family of authenticated encryption algorithms, and pinpoint encryption transformations that can benefit from ANNs to help improve their security parameters. View this paper
  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Select all
Export citation of selected articles as:
25 pages, 539 KiB  
Article
A New Idea for RSA Backdoors
by Marco Cesati
Cryptography 2023, 7(3), 45; https://doi.org/10.3390/cryptography7030045 - 21 Sep 2023
Viewed by 1924
Abstract
This article proposes a new method to inject backdoors in RSA (the public-key cryptosystem invented by Rivest, Shamir, and Adleman) and other cryptographic primitives based on the integer factorization problem for balanced semi-primes. The method relies on mathematical congruences among the factors of [...] Read more.
This article proposes a new method to inject backdoors in RSA (the public-key cryptosystem invented by Rivest, Shamir, and Adleman) and other cryptographic primitives based on the integer factorization problem for balanced semi-primes. The method relies on mathematical congruences among the factors of the semi-primes based on a large prime number, which acts as a “designer key” or “escrow key”. In particular, two different backdoors are proposed, one targeting a single semi-prime and the other one a pair of semi-primes. This article also describes the results of tests performed on a SageMath implementation of the backdoors. Full article
Show Figures

Figure 1

20 pages, 5308 KiB  
Article
A Novel and Secure Fake-Modulus Based Rabin-Ӡ Cryptosystem
by Raghunandan Kemmannu Ramesh, Radhakrishna Dodmane, Surendra Shetty, Ganesh Aithal, Monalisa Sahu and Aditya Kumar Sahu
Cryptography 2023, 7(3), 44; https://doi.org/10.3390/cryptography7030044 - 19 Sep 2023
Cited by 6 | Viewed by 2437
Abstract
Electronic commerce (E-commerce) transactions require secure communication to protect sensitive information such as credit card numbers, personal identification, and financial data from unauthorized access and fraud. Encryption using public key cryptography is essential to ensure secure electronic commerce transactions. RSA and Rabin cryptosystem [...] Read more.
Electronic commerce (E-commerce) transactions require secure communication to protect sensitive information such as credit card numbers, personal identification, and financial data from unauthorized access and fraud. Encryption using public key cryptography is essential to ensure secure electronic commerce transactions. RSA and Rabin cryptosystem algorithms are widely used public key cryptography techniques, and their security is based on the assumption that it is computationally infeasible to factorize the product of two large prime numbers into its constituent primes. However, existing variants of RSA and Rabin cryptosystems suffer from issues like high computational complexity, low speed, and vulnerability to factorization attacks. To overcome the issue, this article proposes a new method that introduces the concept of fake-modulus during encryption. The proposed method aims to increase the security of the Rabin cryptosystem by introducing a fake-modulus during encryption, which is used to confuse attackers who attempt to factorize the public key. The fake-modulus is added to the original modulus during encryption, and the attacker is unable to distinguish between the two. As a result, the attacker is unable to factorize the public key and cannot access the sensitive information transmitted during electronic commerce transactions. The proposed method’s performance is evaluated using qualitative and quantitative measures. Qualitative measures such as visual analysis and histogram analysis are used to evaluate the proposed system’s quality. To quantify the performance of the proposed method, the entropy of a number of occurrences for the pixels of cipher text and differential analysis of plaintext and cipher text is used. When the proposed method’s complexity is compared to a recent variant of the Rabin cryptosystem, it can be seen that it is more complex to break the proposed method—represented as O(ɲ× τ) which is higher than Rabin-P (O(ɲ)) algorithms. Full article
Show Figures

Figure 1

28 pages, 426 KiB  
Article
Divisions and Square Roots with Tight Error Analysis from Newton–Raphson Iteration in Secure Fixed-Point Arithmetic
by Stan Korzilius and Berry Schoenmakers
Cryptography 2023, 7(3), 43; https://doi.org/10.3390/cryptography7030043 - 12 Sep 2023
Cited by 1 | Viewed by 1987
Abstract
In this paper, we present new variants of Newton–Raphson-based protocols for the secure computation of the reciprocal and the (reciprocal) square root. The protocols rely on secure fixed-point arithmetic with arbitrary precision parameterized by the total bit length of the fixed-point numbers and [...] Read more.
In this paper, we present new variants of Newton–Raphson-based protocols for the secure computation of the reciprocal and the (reciprocal) square root. The protocols rely on secure fixed-point arithmetic with arbitrary precision parameterized by the total bit length of the fixed-point numbers and the bit length of the fractional part. We perform a rigorous error analysis aiming for tight accuracy claims while minimizing the overall cost of the protocols. Due to the nature of secure fixed-point arithmetic, we perform the analysis in terms of absolute errors. Whenever possible, we allow for stochastic (or probabilistic) rounding as an efficient alternative to deterministic rounding. We also present a new protocol for secure integer division based on our protocol for secure fixed-point reciprocals. The resulting protocol is parameterized by the bit length of the inputs and yields exact results for the integral quotient and remainder. The protocol is very efficient, minimizing the number of secure comparisons. Similarly, we present a new protocol for integer square roots based on our protocol for secure fixed-point square roots. The quadratic convergence of the Newton–Raphson method implies a logarithmic number of iterations as a function of the required precision (independent of the input value). The standard error analysis of the Newton–Raphson method focuses on the termination condition for attaining the required precision, assuming sufficiently precise floating-point arithmetic. We perform an intricate error analysis assuming fixed-point arithmetic of minimal precision throughout and minimizing the number of iterations in the worst case. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
17 pages, 358 KiB  
Article
Enhanced Authentication for Decentralized IoT Access Control Architecture
by Jeong Hwa Kang and Minhye Seo
Cryptography 2023, 7(3), 42; https://doi.org/10.3390/cryptography7030042 - 21 Aug 2023
Viewed by 3083
Abstract
The internet of things (IoT) enables a hyperconnected society, offering intelligent services and convenience through various connections between people, objects, and services. However, the current state of the IoT still faces limitations in security. Security issues in the IoT are of significant concern, [...] Read more.
The internet of things (IoT) enables a hyperconnected society, offering intelligent services and convenience through various connections between people, objects, and services. However, the current state of the IoT still faces limitations in security. Security issues in the IoT are of significant concern, leading to the proposal of numerous security frameworks and solutions to address these challenges. Authentication and authorization are crucial security requirements in the IoT environment, considering the potential risks posed by inadequate authentication and incorrect authorization. To comprehensively mitigate these issues, we presents a novel IoT access control architecture in this paper. The proposed architecture leverages the OAuth framework for authorization and the decentralized identity technology to enhance the authentication and authorization processes. Full article
(This article belongs to the Special Issue Blockchain for Internet of Things Security and Privacy)
Show Figures

Figure 1

19 pages, 1028 KiB  
Article
Matrix Encryption Walks for Lightweight Cryptography
by Aeryn Dunmore, Juliet Samandari and Julian Jang-Jaccard
Cryptography 2023, 7(3), 41; https://doi.org/10.3390/cryptography7030041 - 16 Aug 2023
Cited by 3 | Viewed by 3542
Abstract
In this paper, we propose a new symmetric stream cipher encryption algorithm based on Graph Walks and 2-dimensional matrices, called Matrix Encryption Walks (MEW). We offer example Key Matrices and show the efficiency of the proposed method, which operates in linear complexity with [...] Read more.
In this paper, we propose a new symmetric stream cipher encryption algorithm based on Graph Walks and 2-dimensional matrices, called Matrix Encryption Walks (MEW). We offer example Key Matrices and show the efficiency of the proposed method, which operates in linear complexity with an extremely large key space and low-resource requirements. We also provide the Proof of Concept code for the encryption algorithm and a detailed analysis of the security of our proposed MEW. The MEW algorithm is designed for low-resource environments such as IoT or smart devices and is therefore intended to be simple in operation. The encryption, decryption, and key generation time, along with the bytes required to store the key, are all discussed, and similar proposed algorithms are examined and compared. We further discuss the avalanche effect, key space, frequency analysis, Shannon entropy, and chosen/known plaintext-ciphertext attacks, and how MEW remains robust against these attacks. We have also discussed the potential for future research into algorithms such as MEW, which make use of alternative structures and graphic methods for improving encryption models. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Privacy)
Show Figures

Figure 1

18 pages, 1191 KiB  
Article
A Survey of Post-Quantum Cryptography: Start of a New Race
by Duc-Thuan Dam, Thai-Ha Tran, Van-Phuc Hoang, Cong-Kha Pham and Trong-Thuc Hoang
Cryptography 2023, 7(3), 40; https://doi.org/10.3390/cryptography7030040 - 14 Aug 2023
Cited by 27 | Viewed by 16334
Abstract
Information security is a fundamental and urgent issue in the digital transformation era. Cryptographic techniques and digital signatures have been applied to protect and authenticate relevant information. However, with the advent of quantum computers and quantum algorithms, classical cryptographic techniques have been in [...] Read more.
Information security is a fundamental and urgent issue in the digital transformation era. Cryptographic techniques and digital signatures have been applied to protect and authenticate relevant information. However, with the advent of quantum computers and quantum algorithms, classical cryptographic techniques have been in danger of collapsing because quantum computers can solve complex problems in polynomial time. Stemming from that risk, researchers worldwide have stepped up research on post-quantum algorithms to resist attack by quantum computers. In this review paper, we survey studies in recent years on post-quantum cryptography (PQC) and provide statistics on the number and content of publications, including a literature overview, detailed explanations of the most common methods so far, current implementation status, implementation comparisons, and discussion on future work. These studies focused on essential public cryptography techniques and digital signature schemes, and the US National Institute of Standards and Technology (NIST) launched a competition to select the best candidate for the expected standard. Recent studies have practically implemented the public key encryption/key encapsulation mechanism (PKE/KEM) and digital signature schemes on different hardware platforms and applied various optimization measures based on other criteria. Along with the increasing number of scientific publications, the recent trend of PQC research is increasingly evident and is the general trend in the cryptography industry. The movement opens up a promising avenue for researchers in public key cryptography and digital signatures, especially on algorithms selected by NIST. Full article
(This article belongs to the Collection Survey of Cryptographic Topics)
Show Figures

Figure 1

26 pages, 496 KiB  
Article
Applications of Neural Network-Based AI in Cryptography
by Abderrahmane Nitaj and Tajjeeddine Rachidi
Cryptography 2023, 7(3), 39; https://doi.org/10.3390/cryptography7030039 - 11 Aug 2023
Cited by 6 | Viewed by 10796
Abstract
Artificial intelligence (AI) is a modern technology that allows plenty of advantages in daily life, such as predicting weather, finding directions, classifying images and videos, even automatically generating code, text, and videos. Other essential technologies such as blockchain and cybersecurity also benefit from [...] Read more.
Artificial intelligence (AI) is a modern technology that allows plenty of advantages in daily life, such as predicting weather, finding directions, classifying images and videos, even automatically generating code, text, and videos. Other essential technologies such as blockchain and cybersecurity also benefit from AI. As a core component used in blockchain and cybersecurity, cryptography can benefit from AI in order to enhance the confidentiality and integrity of cyberspace. In this paper, we review the algorithms underlying four prominent cryptographic cryptosystems, namely the Advanced Encryption Standard, the Rivest–Shamir–Adleman, Learning with Errors, and the Ascon family of cryptographic algorithms for authenticated encryption. Where possible, we pinpoint areas where AI can be used to help improve their security. Full article
(This article belongs to the Collection Survey of Cryptographic Topics)
Show Figures

Figure 1

18 pages, 1170 KiB  
Article
Boosting Quantum Key Distribution via the End-to-End Loss Control
by Aleksei D. Kodukhov, Valeria A. Pastushenko, Nikita S. Kirsanov, Dmitry A. Kronberg, Markus Pflitsch and Valerii M. Vinokur
Cryptography 2023, 7(3), 38; https://doi.org/10.3390/cryptography7030038 - 2 Aug 2023
Cited by 6 | Viewed by 2599
Abstract
With the rise of quantum technologies, data security increasingly relies on quantum cryptography and its most notable application, quantum key distribution (QKD). Yet, current technological limitations, in particular, the unavailability of quantum repeaters, cause relatively low key distribution rates in practical QKD implementations. [...] Read more.
With the rise of quantum technologies, data security increasingly relies on quantum cryptography and its most notable application, quantum key distribution (QKD). Yet, current technological limitations, in particular, the unavailability of quantum repeaters, cause relatively low key distribution rates in practical QKD implementations. Here, we demonstrate a remarkable improvement in the QKD performance using end-to-end line tomography for the wide class of relevant protocols. Our approach is based on the real-time detection of interventions in the transmission channel, enabling an adaptive response that modifies the QKD setup and post-processing parameters, leading, thereby, to a substantial increase in the key distribution rates. Our findings provide everlastingly secure efficient quantum cryptography deployment potentially overcoming the repeaterless rate-distance limit. Full article
Show Figures

Figure 1

16 pages, 324 KiB  
Article
A New RSA Variant Based on Elliptic Curves
by Maher Boudabra and Abderrahmane Nitaj
Cryptography 2023, 7(3), 37; https://doi.org/10.3390/cryptography7030037 - 19 Jul 2023
Viewed by 2272
Abstract
In this paper, we propose a new scheme based on ephemeral elliptic curves over a finite ring with an RSA modulus. The new scheme is a variant of both the RSA and the KMOV cryptosystems and can be used for both signature and [...] Read more.
In this paper, we propose a new scheme based on ephemeral elliptic curves over a finite ring with an RSA modulus. The new scheme is a variant of both the RSA and the KMOV cryptosystems and can be used for both signature and encryption. We study the security of the new scheme and show that it is immune to factorization attacks, discrete-logarithm-problem attacks, sum-of-two-squares attacks, sum-of-four-squares attacks, isomorphism attacks, and homomorphism attacks. Moreover, we show that the private exponents can be much smaller than the ordinary exponents in RSA and KMOV, which makes the decryption phase in the new scheme more efficient. Full article
20 pages, 1035 KiB  
Review
The Role of Blockchain in Medical Data Sharing
by Hamed Taherdoost
Cryptography 2023, 7(3), 36; https://doi.org/10.3390/cryptography7030036 - 12 Jul 2023
Cited by 14 | Viewed by 5344
Abstract
As medical technology advances, there is an increasing need for healthcare providers all over the world to securely share a growing volume of data. Blockchain is a powerful technology that allows multiple parties to securely access and share data. Given the enormous challenge [...] Read more.
As medical technology advances, there is an increasing need for healthcare providers all over the world to securely share a growing volume of data. Blockchain is a powerful technology that allows multiple parties to securely access and share data. Given the enormous challenge that healthcare systems face in digitizing and sharing health records, it is not unexpected that many are attempting to improve healthcare processes by utilizing blockchain technology. By systematically examining articles published from 2017 to 2022, this review addresses the existing gap by methodically discussing the state, research trends, and challenges of blockchain in medical data exchange. The number of articles on this issue has increased, reflecting the growing importance and interest in blockchain research for medical data exchange. Recent blockchain-based medical data sharing advances include safe healthcare management systems, health data architectures, smart contract frameworks, and encryption approaches. The evaluation examines medical data encryption, blockchain networks, and how the Internet of Things (IoT) improves hospital workflows. The findings show that blockchain can improve patient care and healthcare services by securely sharing data. Full article
Show Figures

Figure 1

21 pages, 5229 KiB  
Article
Automated Classical Cipher Emulation Attacks via Unified Unsupervised Generative Adversarial Networks
by Seonghwan Park, Hyunil Kim and Inkyu Moon
Cryptography 2023, 7(3), 35; https://doi.org/10.3390/cryptography7030035 - 11 Jul 2023
Viewed by 2228
Abstract
Cryptanalysis has been studied and gradually improved with the evolution of cryptosystems over past decades. Recently, deep learning (DL) has started to be used in cryptanalysis to attack digital cryptosystems. As computing power keeps growing, deploying DL-based cryptanalysis becomes feasible in practice. However, [...] Read more.
Cryptanalysis has been studied and gradually improved with the evolution of cryptosystems over past decades. Recently, deep learning (DL) has started to be used in cryptanalysis to attack digital cryptosystems. As computing power keeps growing, deploying DL-based cryptanalysis becomes feasible in practice. However, since these studies can analyze only one cipher type for one DL model learning, it takes a lot of time to analyze multi ciphers. In this paper, we propose a unified cipher generative adversarial network (UC-GAN), which can perform ciphertext-to-plaintext translations among multiple domains (ciphers) using only a single DL model. In particular, the proposed model is based on unified unsupervised DL for the analysis of classical substitutional ciphers. Simulation results have indicated the feasibility and good performance of the proposed approach. In addition, we compared our experimental results with the findings of conditional GAN, where plaintext and ciphertext pairs in only the single domain are given as training data, and with CipherGAN, which is cipher mapping between unpaired ciphertext and plaintext in the single domain, respectively. The proposed model showed more than 97% accuracy by learning only data without prior knowledge of three substitutional ciphers. These findings could open a new possibility for simultaneously cracking various block ciphers, which has a great impact on the field of cryptography. To the best of our knowledge, this is the first study of the cryptanalysis of multiple cipher algorithms using only a single DL model Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

20 pages, 494 KiB  
Article
Detecting Smart Contract Vulnerabilities with Combined Binary and Multiclass Classification
by Anzhelika Mezina and Aleksandr Ometov
Cryptography 2023, 7(3), 34; https://doi.org/10.3390/cryptography7030034 - 7 Jul 2023
Cited by 2 | Viewed by 2587
Abstract
The development of Distributed Ledger Technology (DLT) is pushing toward automating decentralized data exchange processes. One of the key components of this evolutionary step is facilitating smart contracts that, in turn, come with several additional vulnerabilities. Despite the existing tools for analyzing smart [...] Read more.
The development of Distributed Ledger Technology (DLT) is pushing toward automating decentralized data exchange processes. One of the key components of this evolutionary step is facilitating smart contracts that, in turn, come with several additional vulnerabilities. Despite the existing tools for analyzing smart contracts, keeping these systems running and preserving performance while maintaining a decent level of security in a constantly increasing number of contracts becomes challenging. Machine Learning (ML) methods could be utilized for analyzing and detecting vulnerabilities in DLTs. This work proposes a new ML-based two-phase approach for the detection and classification of vulnerabilities in smart contracts. Firstly, the system’s operation is set up to filter the valid contracts. Secondly, it focuses on detecting a vulnerability type, if any. In contrast to existing approaches in this field of research, our algorithm is more focused on vulnerable contracts, which allows to save time and computing resources in the production environment. According to the results, it is possible to detect vulnerability types with an accuracy of 0.9921, F1 score of 0.9902, precision of 0.9883, and recall of 0.9921 within reasonable execution time, which could be suitable for integrating existing DLTs. Full article
Show Figures

Figure 1

16 pages, 369 KiB  
Article
Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices
by Anton Leevik, Vadim Davydov and Sergey Bezzateev
Cryptography 2023, 7(3), 33; https://doi.org/10.3390/cryptography7030033 - 4 Jul 2023
Cited by 1 | Viewed by 3003
Abstract
This paper presents a new threshold signature scheme based on Damgaard’s work. The proposed scheme allows for changing the message signature threshold, thereby improving the flexibility of the original Damgaard scheme. This scheme can be applied as a user authentication system using wearable [...] Read more.
This paper presents a new threshold signature scheme based on Damgaard’s work. The proposed scheme allows for changing the message signature threshold, thereby improving the flexibility of the original Damgaard scheme. This scheme can be applied as a user authentication system using wearable devices. Based on the hardness of lattice problems, this scheme is resistant to attacks on a quantum computer, which is an advantage over the currently used multi-factor authentication schemes. The scheme’s security relies on the computational complexity of the Module-LWE and Module-SIS problems, as well as the Shamir secret sharing scheme’s security. Full article
Show Figures

Figure 1

Previous Issue
Next Issue
Back to TopTop