Next Issue
Volume 6, December
Previous Issue
Volume 6, June
 
 

Cryptography, Volume 6, Issue 3 (September 2022) – 17 articles

Cover Story (view full-size image): A periodic, built-in self-test countermeasure is proposed for detecting faults in microprocessors that can lead to information leakage. Information leakage is defined as sensitive information, e.g., encryption keys, that is inadvertently sent to I/O ports when a fault occurs. A counter is proposed that flags errors when the number of execution cycles of an encryption algorithm differs from a fault-free value. The counter is shown to detect all leakage faults when placed in the branch compare logic of the microprocessor. View this paper
  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Select all
Export citation of selected articles as:
20 pages, 4794 KiB  
Article
Connected Blockchain Federations for Sharing Electronic Health Records
Cryptography 2022, 6(3), 47; https://doi.org/10.3390/cryptography6030047 - 16 Sep 2022
Cited by 6 | Viewed by 2664
Abstract
With the growing utility of blockchain technology, the desire for reciprocal interactions among different blockchains is growing. However, most operational blockchain networks currently operate in a standalone setting. This fragmentation in the form of isolated blockchains creates interoperability difficulties, inhibiting the adoption of [...] Read more.
With the growing utility of blockchain technology, the desire for reciprocal interactions among different blockchains is growing. However, most operational blockchain networks currently operate in a standalone setting. This fragmentation in the form of isolated blockchains creates interoperability difficulties, inhibiting the adoption of blockchains in various ecosystems. Interoperability is a key factor in the healthcare domain for sharing EHRs of patients registered in independent blockchain networks. Each blockchain network could have its own rules and regulations, obstructing the exchange of EHRs for improving diagnosis and treatments. Examples include patients being treated by healthcare providers in different countries or regions, or within one country but with a different set of rules per state or emirate. By contrast, a federation of blockchain networks can provide better communication and service to stakeholders in healthcare. Thus, solutions for facilitating inter-blockchain communication in such a blockchain federation are needed. However, this possibility has not been fully explored, and further investigations are still being conducted. Hence, the present study proposes a transaction-based smart contract triggering system for inter-blockchain communication, enabling EHR sharing among independent blockchains. We use local and global smart contracts that will be executed once a transaction is created in the blockchain. Local smart contracts are used for EHR sharing within the blockchain, whereas global smart contracts are used for EHR sharing among independent blockchains. The experimental setup is conducted using the Hyperledger Fabric blockchain platform. Inter-blockchain communication between two independent fabric networks is conducted through a global smart contract using Hyperledger Cactus for EHR sharing in a health federation setup. To the best of our knowledge, our study is the first to implement an inter-blockchain communication model in the healthcare domain. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

21 pages, 2463 KiB  
Article
Subliminal Channels in Visual Cryptography
Cryptography 2022, 6(3), 46; https://doi.org/10.3390/cryptography6030046 - 16 Sep 2022
Cited by 4 | Viewed by 2178
Abstract
This paper describes three methods of creating a subliminal channel in visual cryptography that are defined for a (2,2) sharing scheme. They work by hiding additional covert information besides the original encrypted image. The first channel is revealed when the user folds the [...] Read more.
This paper describes three methods of creating a subliminal channel in visual cryptography that are defined for a (2,2) sharing scheme. They work by hiding additional covert information besides the original encrypted image. The first channel is revealed when the user folds the share along the specific axis. The second channel encodes subpixels on the basis of the encrypted message bits. It is designed to hide a wide range of data types. The third channel may be applied to a single share or multiple shares and is revealed when the proper parts of the shares are stacked. Fold and overlapping algorithms are adequate for printed shares, but the encryption method is only suitable for digital shares. The capacity of these methods ranges from half of the image size to the whole image size. The presented algorithms work on black-and-white images but are expandable to color visual cryptography. They may find applications in steganography and other data-hiding techniques. The created subliminal channels do not interfere with regular images that may still be revealed by stacking the shares. In short, this article introduces subliminal channels in visual cryptography, presents three algorithms for both binary and colorful images, shows examples of use with the results obtained, and discusses features of each method. Full article
Show Figures

Figure 1

13 pages, 518 KiB  
Article
Hardware Limitations of Lightweight Cryptographic Designs for IoT in Healthcare
Cryptography 2022, 6(3), 45; https://doi.org/10.3390/cryptography6030045 - 01 Sep 2022
Cited by 5 | Viewed by 3356
Abstract
Security is an important aspect of healthcare applications that employ Internet of Things (IoT) technology. More specifically, providing privacy and ensuring the confidentiality, integrity and authenticity of IoT-based designs are crucial in the health domain because the collected data are sensitive, and the [...] Read more.
Security is an important aspect of healthcare applications that employ Internet of Things (IoT) technology. More specifically, providing privacy and ensuring the confidentiality, integrity and authenticity of IoT-based designs are crucial in the health domain because the collected data are sensitive, and the continuous availability of the system is critical for the user’s wellbeing. However, the IoT consists of resource-constrained devices that increase the difficulty of implementing high-level-security schemes. Therefore, in the current paper, renowned lightweight cryptographic primitives and their most recent architecture, to the best of the authors’ knowledge, are investigated. Their security, architecture characteristics and overall hardware limitations are analyzed and collected in tables. Finally, all the algorithms are compared based on their effectiveness in securing healthcare applications, the utilized device and the overall implementation efficiency. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

33 pages, 7851 KiB  
Article
Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems
Cryptography 2022, 6(3), 44; https://doi.org/10.3390/cryptography6030044 - 29 Aug 2022
Cited by 11 | Viewed by 2315
Abstract
This paper suggests a strategy (C5) for assessing cloud and IoT system (CIS) dependability, availability, and cybersecurity based on the continuous collection, comparison, choice, and combination of Markov and semi-Markov models (MMs and SMMs). It proposes the systematic building of an adequate and [...] Read more.
This paper suggests a strategy (C5) for assessing cloud and IoT system (CIS) dependability, availability, and cybersecurity based on the continuous collection, comparison, choice, and combination of Markov and semi-Markov models (MMs and SMMs). It proposes the systematic building of an adequate and accurate model to evaluate CISs considering (1) continuous evolution of the model(s) together with systems induced by changes in the CIS or physical and cyber environment parameters; (2) the necessity of collecting data on faults, failures, vulnerabilities, cyber-attacks, privacy violations, and patches to obtain actual data for assessment; (3) renewing the model set based on analysis of CIS operation; (4) the possibility of choice and utilizing “off-the-shelf” models with understandable techniques for their development to assure improved accuracy of assessment; (5) renewing the models during application of CIS by time, component or mixed combining, taking into consideration different operation and maintenance events. The results obtained were algorithms for data collection and analysis, choice, and combining appropriate MM and SMMs and their different types, such as multi-fragmental and multiphase models, considering changing failure rates, cyber-attack parameters, periodical maintenance, etc. To provide and verify the approach, several private and public clouds and IoT systems were researched and discussed in the context of C5 and proposed algorithms. Full article
(This article belongs to the Special Issue Privacy-Preserving Techniques in Cloud/Fog and Internet of Things)
Show Figures

Figure 1

19 pages, 639 KiB  
Article
A Security Analysis of Circuit Clock Obfuscation
Cryptography 2022, 6(3), 43; https://doi.org/10.3390/cryptography6030043 - 22 Aug 2022
Viewed by 2378
Abstract
Key-based circuit obfuscation or logic-locking is a technique that can be used to hide the full design of an integrated circuit from an untrusted foundry or end-user. The technique is based on creating ambiguity in the original circuit by inserting “key” input bits [...] Read more.
Key-based circuit obfuscation or logic-locking is a technique that can be used to hide the full design of an integrated circuit from an untrusted foundry or end-user. The technique is based on creating ambiguity in the original circuit by inserting “key” input bits into the circuit such that the circuit is unintelligible absent a correct secret key. Clock signals have traditionally been avoided in locking in order to not corrupt the timing behavior of the locked circuit. In this paper, we explore the case where the clock signal itself may be obfuscated by ambiguating its frequency or pattern. Along with discussing formal notions of security in this context, we present practical ways to deobfuscate such designs using techniques from multi-rate model-checking. We present experimental data on deobfuscation runtime on a set of sequential benchmark circuits. Our results show that naive random clock obfuscation may not provide more security per overhead than traditional random keyed-gate insertion. We discuss how clock obfuscation may be a more attractive choice for special circuit designs that are inherently multi-clock/asynchronous. Full article
(This article belongs to the Section Hardware Security)
Show Figures

Figure 1

18 pages, 425 KiB  
Article
How Hard Is It to Detect Surveillance? A Formal Study of Panopticons and Their Detectability Problem
Cryptography 2022, 6(3), 42; https://doi.org/10.3390/cryptography6030042 - 20 Aug 2022
Viewed by 1453
Abstract
The Panopticon (which means “watcher of everything”) is a well-known prison structure of continuous surveillance and discipline studied by Bentham in 1785. Today, where persistent, massive scale, surveillance is immensely facilitated by new technologies, the term Panopticon vaguely characterizes institutions with a power [...] Read more.
The Panopticon (which means “watcher of everything”) is a well-known prison structure of continuous surveillance and discipline studied by Bentham in 1785. Today, where persistent, massive scale, surveillance is immensely facilitated by new technologies, the term Panopticon vaguely characterizes institutions with a power to acquire and process, undetectably, personal information. In this paper we propose a theoretical framework for studying Panopticons and their detectability status. We show, based on the Theory of Computation, that detecting Panopticons, modelled either as a simple Turing Machine or as an Oracle Turing Machine, is an undecidable problem. Furthermore, we show that for each sufficiently expressive formal system, we can effectively construct a Turing Machine for which it is impossible to prove, within the formal system, its Panopticon status. Finally, we discuss how Panopticons can be physically detected by the heat they dissipate each time they acquire, effortlessly, information in the form of an oracle and we investigate their detectability status with respect to a more powerful computational model than classical Turing Machines, the Infinite Time Turing Machines (ITTMs). Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

29 pages, 3350 KiB  
Review
Symmetric Cryptography on RISC-V: Performance Evaluation of Standardized Algorithms
Cryptography 2022, 6(3), 41; https://doi.org/10.3390/cryptography6030041 - 10 Aug 2022
Cited by 2 | Viewed by 3308
Abstract
The ever-increasing need for securing computing systems using cryptographic algorithms is spurring interest in the efficient implementation of common algorithms. While the algorithms can be implemented in software using base instruction sets, there is considerable potential to reduce memory cost and improve speed [...] Read more.
The ever-increasing need for securing computing systems using cryptographic algorithms is spurring interest in the efficient implementation of common algorithms. While the algorithms can be implemented in software using base instruction sets, there is considerable potential to reduce memory cost and improve speed using specialized instructions and associated hardware. However, there is a need to assess the benefits and costs of software implementations and new instructions that implement key cryptographic algorithms in fewer cycles. The primary aim of this paper is to improve the understanding of the performance and cost of implementing cryptographic algorithms for the RISC-V instruction set architecture (ISA) in two cases: software implementations of the algorithms using the rv32i instruction set and using cryptographic instructions supported by dedicated hardware in additional functional units. For both cases, we describe a RISC-V processor with cryptography hardware extensions and hand-optimized RISC-V assembly language implementations of eleven cryptographic algorithms. Compared to implementations with only the rv32i instruction set, implementations with the cryptography set extension provide a 1.5× to 8.6× faster execution speed and 1.2× to 5.8× less program memory for five of the eleven algorithms. Based on our performance analyses, a new instruction is proposed to increase the implementation efficiency of the algorithms. Full article
Show Figures

Figure 1

15 pages, 313 KiB  
Review
Attribute-Based Encryption in Securing Big Data from Post-Quantum Perspective: A Survey
Cryptography 2022, 6(3), 40; https://doi.org/10.3390/cryptography6030040 - 05 Aug 2022
Cited by 6 | Viewed by 3152
Abstract
Attribute-based encryption (ABE) cryptography is widely known for its potential to solve the scalability issue of recent public key infrastructure (PKI). It provides a fine-grained access control system with high flexibility and efficiency by labeling the secret key and ciphertext with distinctive attributes. [...] Read more.
Attribute-based encryption (ABE) cryptography is widely known for its potential to solve the scalability issue of recent public key infrastructure (PKI). It provides a fine-grained access control system with high flexibility and efficiency by labeling the secret key and ciphertext with distinctive attributes. Due to its fine-grained features, the ABE scheme is a protection layer in securing users’ data and privacy in big data processing and analytics. However, quantum computing, new technology on the horizon that will transform the security and privacy environment, has begun to appear. Like the conventional ABE schemes, present cryptography is not excluded from the impacts of quantum technology as they are not made to be quantum-resistant. While most recent surveys generally touched on the generic features of attribute-based encryption schemes such as user revocation, scalability, flexibility, data confidentiality, and scope in pairing-based ABE schemes, this survey investigated quantum-resistant ABE schemes in securing big data. This survey reviews the challenges faced by the recent ABE cryptography in the post-quantum era and highlights its differences from the conventional pairing-based ABE schemes. Subsequently, we defined the criteria of an ideal quantum-resistant ABE scheme. Additionally, existing works on quantum-resistant ABE schemes are reviewed based on their algorithms design, security and functionalities. Lastly, we summarized quantum-resistant ABE schemes’ ongoing challenges and future works. Full article
22 pages, 999 KiB  
Article
Multiverse of HawkNess: A Universally-Composable MPC-Based Hawk Variant
Cryptography 2022, 6(3), 39; https://doi.org/10.3390/cryptography6030039 - 04 Aug 2022
Cited by 2 | Viewed by 2495
Abstract
The evolution of smart contracts in recent years inspired a crucial question: do smart contract evaluation protocols provide the required level of privacy when executing contracts on the blockchain? The Hawk (IEEE S&P ’16) paper introduces a way to solve the problem of [...] Read more.
The evolution of smart contracts in recent years inspired a crucial question: do smart contract evaluation protocols provide the required level of privacy when executing contracts on the blockchain? The Hawk (IEEE S&P ’16) paper introduces a way to solve the problem of privacy in smart contracts by evaluating the contracts off-chain, albeit with the trust assumption of a manager. To avoid the partially trusted manager altogether, a novel approach named zkHawk (IEEE BRAINS ’21) explains how we can evaluate the contracts privately off-chain using a multi-party computation (MPC) protocol instead of trusting said manager. This paper dives deeper into the detailed construction of a variant of the zkHawk protocol titled V-zkHawk using formal proofs to construct the said protocol and model its security in the universal composability (UC) framework (FOCS ’01). The V-zkHawk protocol discussed here does not support immediate closure, i.e., all the parties (n) have to send a message to inform the blockchain that the contract has been executed with corruption allowed for up to t parties, where t<n. In the most quintessential sense, the V-zkHawk is a variant because the outcome of the protocol is similar (i.e., execution of smart contract via an MPC function evaluation) to zkHawk, but we modify key aspects of the protocol, essentially creating a small trade-off (removing immediate closure) to provide UC (stronger) security. The V-zkHawk protocol leverages joint Schnorr signature schemes, encryption schemes, Non-Interactive Zero-Knowledge Proofs (NIZKs), and commitment schemes with Common Reference String (CRS) assumptions, MPC function evaluations, and assumes the existence of asynchronous, authenticated broadcast channels. We achieve malicious security in a dishonest majority setting in the UC framework. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

24 pages, 1656 KiB  
Article
Node Monitoring as a Fault Detection Countermeasure against Information Leakage within a RISC-V Microprocessor
Cryptography 2022, 6(3), 38; https://doi.org/10.3390/cryptography6030038 - 03 Aug 2022
Cited by 1 | Viewed by 2182
Abstract
Advanced, superscalar microprocessors (μP) are highly susceptible to wear-out failures because of their highly complex, densely packed circuit structure and extreme operational frequencies. Although many types of fault detection and mitigation strategies have been proposed, none have addressed the specific [...] Read more.
Advanced, superscalar microprocessors (μP) are highly susceptible to wear-out failures because of their highly complex, densely packed circuit structure and extreme operational frequencies. Although many types of fault detection and mitigation strategies have been proposed, none have addressed the specific problem of detecting faults that lead to information leakage events on I/O channels of the μP. Information leakage can be defined very generally as any type of output that the executing program did not intend to produce. In this work, we restrict this definition to output that represents a security concern, and in particular, to the leakage of plaintext or encryption keys, and propose a counter-based countermeasure to detect faults that cause this type of leakage event. Fault injection (FI) experiments are carried out on two RISC-V microprocessors emulated as soft cores on a Xilinx multi-processor System-on-chip (MPSoC) FPGA. The μP designs are instrumented with a set of counters that records the number of transitions that occur on internal nodes. The transition counts are collected from all internal nodes under both fault-free and faulty conditions, and are analyzed to determine which counters provide the highest fault coverage and lowest latency for detecting leakage faults. We show that complete coverage of all leakage faults is possible using only a single counter strategically placed within the branch compare logic of the μPs. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

15 pages, 2849 KiB  
Article
Light Weight Authentication Scheme for Smart Home IoT Devices
Cryptography 2022, 6(3), 37; https://doi.org/10.3390/cryptography6030037 - 20 Jul 2022
Cited by 13 | Viewed by 3455
Abstract
In today’s world, the use of computer networks is everywhere, and to access the home network we use the Internet. IoT networks are the new range of these networks in which we try to connect different home appliances and try to give commands [...] Read more.
In today’s world, the use of computer networks is everywhere, and to access the home network we use the Internet. IoT networks are the new range of these networks in which we try to connect different home appliances and try to give commands from a remote place. Access to any device over an insecure network invites various types of attacks. User authentication can be performed using some password or biometric technique. However, when it comes to authenticating a device, it becomes challenging to maintain data security over a secure network such as the Internet. Many encryptions and decryption algorithms assert confidentiality, and hash code or message authentication code MAC is used for authentication. Traditional cryptographic security methods are expensive in terms of computational resources such as memory, processing capacity, and power consumption. They are incompatible with the Internet of Things devices that have limited resources. Although automatic Device-to-Device communication enables new potential applications, the limited resources of the networks’ machines and devices impose various constraints. This paper proposes a home device authentication scheme when these are accessed from a remote place. An authentication device is used for the home network and controller device to control home appliances. Our scheme can prevent various attacks such as replay attacks, server spoofing, and man-in-the-middle attack. The proposed scheme maintains the confidentiality and authenticity of the user and devices in the network. At the same time, we check the system in a simulated environment, and the results show that the network’s performance does not degrade much in terms of delay, throughput, and energy consumed. Full article
(This article belongs to the Special Issue Privacy-Preserving Techniques in Cloud/Fog and Internet of Things)
Show Figures

Figure 1

25 pages, 1948 KiB  
Article
Multi-Wavelength Quantum Key Distribution Emulation with Physical Unclonable Function
Cryptography 2022, 6(3), 36; https://doi.org/10.3390/cryptography6030036 - 06 Jul 2022
Cited by 3 | Viewed by 2179
Abstract
This work details the theory and implementation of a multi-wavelength quantum key distribution (QKD) emulation system with a physical unclonable function (PUF). Multi-wavelength QKD can eliminate the need to share a subsection of the final key for eavesdropper detection and allow for ternary [...] Read more.
This work details the theory and implementation of a multi-wavelength quantum key distribution (QKD) emulation system with a physical unclonable function (PUF). Multi-wavelength QKD can eliminate the need to share a subsection of the final key for eavesdropper detection and allow for ternary and quaternary data transmission. The inclusion of the PUF adds an additional layer of security. We provide preliminary error analysis of our emulation system. To support this work, we introduce a bitwise transform operator that enables binary output of the PUF to satisfy the ternary and quaternary input requirements of the QKD system. Full article
Show Figures

Figure 1

16 pages, 552 KiB  
Article
Physical Layer Security Design for Polar Code Construction
Cryptography 2022, 6(3), 35; https://doi.org/10.3390/cryptography6030035 - 04 Jul 2022
Cited by 1 | Viewed by 2290
Abstract
In contrast to the network security that relies on upper-layer encryption for the confidentiality and authenticity of communications, physical layer security (PLS) exploits the uniqueness and randomness of the physical channel to encrypt information and enhance the security of the system. In this [...] Read more.
In contrast to the network security that relies on upper-layer encryption for the confidentiality and authenticity of communications, physical layer security (PLS) exploits the uniqueness and randomness of the physical channel to encrypt information and enhance the security of the system. In this paper, we study the PLS of a polar-coded wireless communication system. To be more specific, we leverage the unique properties in polar code construction and propose a channel quality indicator (CQI)-based frozen-bit pattern generation scheme. The transmitter employs the Gaussian approximation algorithm to generate the corresponding frozen bit pattern according to the instantaneous CQI of the legitimate link. At the receiver, by leveraging the full channel reciprocity in the time-division duplex (TDD) mode, we can map the CQI to the corresponding frozen bit pattern and correctly decode the received bits. By contrast, the eavesdropper was unable to have the knowledge of the legal channel, and hence cannot determine the frozen bit pattern of the polar-coded bit sequence. Our simulation results demonstrate that by adopting the proposed PLS key generation scheme, Eve was hardly able to correctly decode a complete frame, leading to a high block error rate (BLER), while Bob was able to attain a 105 BLER. Full article
(This article belongs to the Special Issue Security, Privacy, and Robustness of Future Wireless Networks)
Show Figures

Figure 1

14 pages, 857 KiB  
Article
BFV-Based Homomorphic Encryption for Privacy-Preserving CNN Models
Cryptography 2022, 6(3), 34; https://doi.org/10.3390/cryptography6030034 - 01 Jul 2022
Cited by 7 | Viewed by 4785
Abstract
Medical data is frequently quite sensitive in terms of data privacy and security. Federated learning has been used to increase the privacy and security of medical data, which is a sort of machine learning technique. The training data is disseminated across numerous machines [...] Read more.
Medical data is frequently quite sensitive in terms of data privacy and security. Federated learning has been used to increase the privacy and security of medical data, which is a sort of machine learning technique. The training data is disseminated across numerous machines in federated learning, and the learning process is collaborative. There are numerous privacy attacks on deep learning (DL) models that attackers can use to obtain sensitive information. As a result, the DL model should be safeguarded from adversarial attacks, particularly in medical data applications. Homomorphic encryption-based model security from the adversarial collaborator is one of the answers to this challenge. Using homomorphic encryption, this research presents a privacy-preserving federated learning system for medical data. The proposed technique employs a secure multi-party computation protocol to safeguard the deep learning model from adversaries. The proposed approach is tested in terms of model performance using a real-world medical dataset in this paper. Full article
(This article belongs to the Special Issue Privacy-Preserving Techniques in Cloud/Fog and Internet of Things)
Show Figures

Figure 1

26 pages, 1497 KiB  
Article
A Batch Processing Technique for Wearable Health Crowd-Sensing in the Internet of Things
Cryptography 2022, 6(3), 33; https://doi.org/10.3390/cryptography6030033 - 29 Jun 2022
Cited by 3 | Viewed by 2537
Abstract
The influx of wearable sensor devices has influenced a new paradigm termed wearable health crowd-sensing (WHCS). WHCS enables wearable data collection through active sensing to provide health monitoring to users. Wearable sensing devices capture data and transmit it to the cloud for data [...] Read more.
The influx of wearable sensor devices has influenced a new paradigm termed wearable health crowd-sensing (WHCS). WHCS enables wearable data collection through active sensing to provide health monitoring to users. Wearable sensing devices capture data and transmit it to the cloud for data processing and analytics. However, data sent to the cloud is vulnerable to on-path attacks. The bandwidth limitation issue is also another major problem during large data transfers. Moreover, the WHCS faces several anonymization issues. In light of this, this article presents a batch processing method to solve the identified issues in WHCS. The proposed batch processing method provides an aggregate authentication and verification approach to resolve bandwidth limitation issues in WHCS. The security of our scheme shows its resistance to forgery and replay attacks, as proved in the random oracle (ROM), while offering anonymity to users. Our performance analysis shows that the proposed scheme achieves a lower computational and communication cost with a reduction in the storage overhead compared to other existing schemes. Finally, the proposed method is more energy-efficient, demonstrating that it is suitable for the WHCS system. Full article
(This article belongs to the Special Issue Privacy-Preserving Techniques in Cloud/Fog and Internet of Things)
Show Figures

Figure 1

13 pages, 341 KiB  
Article
Adaptable Cryptographic Primitives in Blockchains via Smart Contracts
Cryptography 2022, 6(3), 32; https://doi.org/10.3390/cryptography6030032 - 29 Jun 2022
Cited by 3 | Viewed by 2931
Abstract
Blockchain-based platforms utilise cryptographic protocols to enforce the correct behaviour of users, as well as to guarantee a sufficient level of protection against malicious adversaries. Cryptography is, however, an ever-evolving discipline, and any breakthrough would have immediate consequences on the security of blockchain-based [...] Read more.
Blockchain-based platforms utilise cryptographic protocols to enforce the correct behaviour of users, as well as to guarantee a sufficient level of protection against malicious adversaries. Cryptography is, however, an ever-evolving discipline, and any breakthrough would have immediate consequences on the security of blockchain-based applications. A possible threat currently under investigation is given by the development of quantum computers, since several wide-adopted cryptographic protocols have been proved to be unsafe against quantum-capable adversaries. In this work, we propose a novel approach for the management of cryptographic primitives in smart-contract-based ledgers, discussing how it fits in both a (partially) permissioned and a fully permissionless setting. The cryptographic protocols are managed in a flexible manner via a set of smart-contracts defined on the ledger itself, in this way the choice of algorithms and parameters can change quickly. Among the advantages of this approach, we remark how it allows designing an adaptive post-quantum-based blockchain that keeps up with ongoing technological advances. In general, the introduction of new features and the application of fixes to a blockchain cause forks in the chain, which may cause major disruptions. The use of smart contracts in blockchain management allows to avoid this problem, dynamically introducing new protocols or deprecating old ones without compromising previous data. The Cryptographic Kernel approach has been adopted by Quadrans, an open-source, public, decentralised smart-contract-based blockchain with a specific focus on the needs of industry, complex supply chains, and IOT devices. Full article
(This article belongs to the Special Issue Emerging Topics in Blockchain Security and Privacy)
Show Figures

Figure 1

22 pages, 1751 KiB  
Article
Side-Channel Attacks on Masked Bitsliced Implementations of AES
Cryptography 2022, 6(3), 31; https://doi.org/10.3390/cryptography6030031 - 28 Jun 2022
Viewed by 2542
Abstract
In this paper, we provide a detailed analysis of CPA and Template Attacks on masked implementations of bitsliced AES, targeting a 32-bit platform through the ChipWhisperer side-channel acquisition tool. Our results show that Template Attacks can recover the full AES key successfully within [...] Read more.
In this paper, we provide a detailed analysis of CPA and Template Attacks on masked implementations of bitsliced AES, targeting a 32-bit platform through the ChipWhisperer side-channel acquisition tool. Our results show that Template Attacks can recover the full AES key successfully within 300 attack traces even on the masked implementation when using a first-order attack (no pre-processing). Furthermore, we confirm that the SubBytes operation is overall a better target for Template Attacks due to its non-linearity, even in the case of bitsliced implementations, where we can only use two bits per key byte target. However, we also show that targeting the AddRoundKey can be used to attack bitsliced implementations and that, in some cases, it can be more efficient than the SubBytes attack. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

Previous Issue
Next Issue
Back to TopTop