Recent Advances in Information Security and Privacy

A special issue of Cryptography (ISSN 2410-387X).

Deadline for manuscript submissions: closed (20 November 2023) | Viewed by 6822

Special Issue Editors

1. Data61, CSIRO (The Commonwealth Scientific and Industrial Research Organisation), Sydney, NSW 2000, Australia
2. Insitute of Computer Science, Polish Academy of Science, 02-668 Warszawa, Poland
Interests: algorithms and complexity; cryptography; information security; security of computer networks
Special Issues, Collections and Topics in MDPI journals
Faculty of Science, School of Computer Science, Queensland University of Technology, Brisbane, QLD 4000, Australia
Interests: cryptology; cryptanalysis; cryptography; symmetric ciphers; stream ciphers; authenticated encryption
Special Issues, Collections and Topics in MDPI journals
Faculty of Science, School of Computer Science, Queensland University of Technology, Brisbane, QLD 4000, Australia
Interests: applied cryptography; information security; communications security; cyber-physical systems security; privacy and anonymity

Special Issue Information

Dear Colleagues,

This Special Issue will comprise mainly extended versions of papers presented at the 28th Australasian Conference on Information Security and Privacy (ACISP 2023, in Brisbane, Australia on 5–7 July 2023, https://www.qut.edu.au/about/faculty-of-science/school-of-computer-science/acisp). This Special Issue seeks original papers presenting novel research results on all aspects of information security and privacy.

Submitted manuscripts should not have been previously published, nor be under consideration for publication elsewhere. Extended versions of ACISP-2023 papers should cite the original paper and contain at least 50% new content (e.g., in the form of technical extensions, more in-depth evaluations, or additional use cases). Further, these extended papers should not exceed 30% copy/paste from the original conference paper.

This Special Issue also welcomes original papers (not accepted for ACISP 2023) presenting theories, techniques, implementations, applications and practical experiences on a variety of topics. Topics of interest include but are not limited to:

  • Access control;
  • Authentication;
  • Blockchain technology;
  • Cryptocurrency;
  • Cryptology;
  • IoT security;
  • Key management;
  • Lightweight security;
  • Post-quantum cryptography;
  • Privacy issues in applications;
  • Security protocols.

Prof. Dr. Josef Pieprzyk
Dr. Leonie Ruth Simpson
Dr. Mir Ali Rezazadeh Baee
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Cryptography is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

24 pages, 493 KiB  
Article
Practical Certificate-Less Infrastructure with Application in TLS
Cryptography 2023, 7(4), 63; https://doi.org/10.3390/cryptography7040063 - 14 Dec 2023
Viewed by 1067
Abstract
We propose highly efficient certificate-less (CL) protocols for the infrastructure used by authenticated key exchange (AKE). The construction is based on elliptic curves (EC) without pairing, which means it can be easily supported by most industrial cryptography libraries on constrained devices. Compared with [...] Read more.
We propose highly efficient certificate-less (CL) protocols for the infrastructure used by authenticated key exchange (AKE). The construction is based on elliptic curves (EC) without pairing, which means it can be easily supported by most industrial cryptography libraries on constrained devices. Compared with other pairing-free CL solutions, the new CL-AKE protocol enjoys the least number of scalar multiplications over EC groups. We use a unified game-based model to formalize the security of each protocol, while most previous works only assess the security against a list of attacks, provide informal theorems without proper modeling, or use separate models for protocols in different stages. We also present an efficient integration of the core protocols into the TLS cipher suites and a stand-alone implementation for constrained devices. The performance is evaluated on constrained devices in real-world settings, which further confirms the efficiency of our proposal. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Privacy)
Show Figures

Figure 1

24 pages, 2067 KiB  
Article
On the Security of Quantum Key Distribution Networks
Cryptography 2023, 7(4), 53; https://doi.org/10.3390/cryptography7040053 - 20 Oct 2023
Viewed by 2119
Abstract
The main purpose of a quantum key distribution network is to provide secret keys to any users or applications requiring a high level of security, ideally such as to offer the best protection against any computational attack, even of a quantum nature. The [...] Read more.
The main purpose of a quantum key distribution network is to provide secret keys to any users or applications requiring a high level of security, ideally such as to offer the best protection against any computational attack, even of a quantum nature. The keys shared through a point-to-point link between a source and a detector using a quantum key distribution protocol can be proven information-theoretically secure based on the quantum information theory. However, evaluating the security of a quantum key distribution network, especially if it is based on relay nodes, goes far beyond the quantum security of its single quantum links, involving aspects of conventional security for devices and their communication channels. In this contribution, we perform a rigorous threat analysis based on the most recent recommendations and practical network deployment security issues. We show that, at least in the current state of our understanding of quantum cryptography, quantum key distribution networks can only offer computational security and that their security in practical implementations in the shorter term requires resorting to post-quantum cryptography. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Privacy)
Show Figures

Figure 1

19 pages, 1028 KiB  
Article
Matrix Encryption Walks for Lightweight Cryptography
Cryptography 2023, 7(3), 41; https://doi.org/10.3390/cryptography7030041 - 16 Aug 2023
Cited by 1 | Viewed by 2089
Abstract
In this paper, we propose a new symmetric stream cipher encryption algorithm based on Graph Walks and 2-dimensional matrices, called Matrix Encryption Walks (MEW). We offer example Key Matrices and show the efficiency of the proposed method, which operates in linear complexity with [...] Read more.
In this paper, we propose a new symmetric stream cipher encryption algorithm based on Graph Walks and 2-dimensional matrices, called Matrix Encryption Walks (MEW). We offer example Key Matrices and show the efficiency of the proposed method, which operates in linear complexity with an extremely large key space and low-resource requirements. We also provide the Proof of Concept code for the encryption algorithm and a detailed analysis of the security of our proposed MEW. The MEW algorithm is designed for low-resource environments such as IoT or smart devices and is therefore intended to be simple in operation. The encryption, decryption, and key generation time, along with the bytes required to store the key, are all discussed, and similar proposed algorithms are examined and compared. We further discuss the avalanche effect, key space, frequency analysis, Shannon entropy, and chosen/known plaintext-ciphertext attacks, and how MEW remains robust against these attacks. We have also discussed the potential for future research into algorithms such as MEW, which make use of alternative structures and graphic methods for improving encryption models. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Privacy)
Show Figures

Figure 1

Review

Jump to: Research

25 pages, 684 KiB  
Review
Pervasive User Data Collection from Cyberspace: Privacy Concerns and Countermeasures
Cryptography 2024, 8(1), 5; https://doi.org/10.3390/cryptography8010005 - 31 Jan 2024
Viewed by 602
Abstract
The increasing use of technologies, particularly computing and communication paradigms, has significantly influenced our daily lives. Interconnecting devices and networks provides convenient platforms for information exchange and facilitates pervasive user data collection. This new environment presents serious privacy challenges. User activities can be [...] Read more.
The increasing use of technologies, particularly computing and communication paradigms, has significantly influenced our daily lives. Interconnecting devices and networks provides convenient platforms for information exchange and facilitates pervasive user data collection. This new environment presents serious privacy challenges. User activities can be continuously monitored in both digital and physical realms. Gathered data can be aggregated and analysed, revealing aspects of user behaviour that may not be apparent from a single data point. The very items that facilitate connectivity simultaneously increase the risk of privacy breaches. The data gathered to provide services can also be used for monitoring and surveillance. This paper discerns three novel categories of privacy concerns relating to pervasive user data collection: privacy and user activity in cyberspace, privacy in personal cyber–physical systems, and privacy in proactive user-driven data collection. We emphasise the primary challenges, ranging from identity tracking in browsing histories to intricate issues in opportunistic networks, situating each within practical, real-world scenarios. Furthermore, we assess the effectiveness of current countermeasures, investigating their strengths and limitations. This paper explores the challenges in preserving privacy in user interactions with dynamic interconnected systems and suggests countermeasures to mitigate identified privacy risks. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Privacy)
Show Figures

Figure 1

Back to TopTop