Biblio

Considered sensitive information by the ISO/IEC 24745, biometric data should be stored and used in a protected way. If not, privacy and security of end-users can be compromised. Also, the advent of quantum computers demands quantum-resistant solutions. This work proposes the use of Kyber and Saber public key encryption (PKE) algorithms together with homomorphic encryption (HE) in a face recognition system. Kyber and Saber, both based on lattice cryptography, were two finalists of the third round of NIST post-quantum cryptography standardization process. After the third round was completed, Kyber was selected as the PKE algorithm to be standardized. Experimental results show that recognition performance of the non-protected face recognition system is preserved with the protection, achieving smaller sizes of protected templates and keys, and shorter execution times than other HE schemes reported in literature that employ lattices. The parameter sets considered achieve security levels of 128, 192 and 256 bits.

Modern hardware systems are composed of a variety of third-party Intellectual Property (IP) cores to implement their overall functionality. Since hardware design is a globalized process involving various (untrusted) stakeholders, a secure management of the valuable IP between authors and users is inevitable to protect them from unauthorized access and modification. To this end, the widely adopted IEEE standard 1735-2014 was created to ensure confidentiality and integrity. In this paper, we outline structural weaknesses in IEEE 1735 that cannot be fixed with cryptographic solutions (given the contemporary hardware design process) and thus render the standard inherently insecure. We practically demonstrate the weaknesses by recovering the private keys of IEEE 1735 implementations from major Electronic Design Automation (EDA) tool vendors, namely Intel, Xilinx, Cadence, Siemens, Microsemi, and Lattice, while results on a seventh case study are withheld. As a consequence, we can decrypt, modify, and re-encrypt all allegedly protected IP cores designed for the respective tools, thus leading to an industry-wide break. As part of this analysis, we are the first to publicly disclose three RSA-based white-box schemes that are used in real-world products and present cryptanalytical attacks for all of them, finally resulting in key recovery.

Homomorphic encryption allows users to perform mathematical operations on open data in encrypted form by performing homomorphically appropriate operations on encrypted data without knowing the decryption function (key). Nowadays such possibilities for cryptoalgorithm are very important in many areas such as data storage, cloud computing, cryptocurrency, and mush more. In 2009 a system of fully homomorphic encryption was constructed, in the future, many works were done based on it. In this work, is performed the implementation of ideal lattices for constructing homomorphic operations over ciphertexts. The idea, presented in this work, allows to separate relations between homomorphic and security parts of a lattice-based homomorphic encryption system.

A new method for judging degree sequence is shown by means of perfect ice-flower systems made by operators - stars (particular complete bipartite graphs), and moreover this method can be used to build up degree sequences and perfect ice-flower systems. Graphic lattice, graph-graphic lattice, caterpillar-graphic lattice and topological coding lattice are defined. We establish some connections between traditional lattices and graphic lattices trying to provide new techniques for Lattice-based cryptosystem and post-quantum cryptography, and trying to enrich the theoretical knowledge of topological coding.

The impending threat of large-scale quantum computers to classical RSA and ECC-based public-key cryptographic schemes prompted NIST to initiate a global level standardization process for post-quantum cryptography. This process which started in 2017 with 69 submissions is currently in its third and final round with seven main candidates and eight alternate candidates, out of which seven (7) out of the fifteen (15) candidates are schemes based on hard problems over structured lattices, known as lattice-based cryptographic schemes. Among the various parameters such as theoretical post-quantum (PQ) security guarantees, implementation cost and performance, resistance against physical attacks such as Side-Channel Analysis (SCA) and Fault Injection Analysis (FIA) has also emerged as an important criterion for standardization in the final round [1]. This is especially relevant for adoption of PQC in embedded devices, which are most likely used in environments where an attacker can have unimpeded physical access to the device.

With the emergence of quantum computers, traditional digital signature schemes based on problems such as large integer solutions and discrete logarithms will no longer be secure, and it is urgent to find effective digital signature schemes that can resist quantum attacks. Lattice cryptography has the advantages of computational simplicity and high security. In this paper, we propose an identity-based digital signature scheme based on the rejection sampling algorithm. Unlike most schemes that use a common Gaussian distribution, this paper uses a bimodal Gaussian distribution, which improves efficiency. The identity-based signature scheme is more convenient for practical application than the traditional certificate-based signature scheme.

With meteoric advancement in quantum computing, the traditional data integrity verifying schemes are no longer safe for cloud data storage. A large number of the current techniques are dependent on expensive Public Key Infrastructure (PKI). They cost computationally and communicationally heavy for verification which do not stand with the advantages when quantum computing techniques are applied. Hence, a quantum safe and efficient integrity verification protocol is a research hotspot. Lattice-based signature constructions involve matrix-matrix or matrix vector multiplications making computation competent, simple and resistant to quantum computer attacks. Study in this paper uses Bloom Filter which offers high efficiency in query and search operations. Further, we propose an Identity-Based Integrity Verification (IBIV) protocol for cloud storage from Lattice and Bloom filter. We focus on security against attacks from Cloud Service Provider (CSP), data privacy attacks against Third Party Auditor (TPA) and improvement in efficiency.

Physical security is essential to safeguarding critical areas. Here, we focus on the physical security problem in three-dimensional (3D) stealthy lattice wireless sensor networks using a 3D sensor belt around a critical space. Specifically, we propose a theoretical framework to investigate the 3D k-barrier coverage problem, where any path crossing this belt intersects with the sensing range of at least k sensors. Precisely, we study this problem from a tiling viewpoint, where the sensing ranges of the sensors are touching (or kissing) each other. We analyze various 3D deterministic sensor deployment methods yielding simple cubic, body centered cubic, face centered cubic, and hexagonal close-packed lattice wireless sensor networks. First, using the concept of the unit cell covered volume ratio, we prove that none of these 3D lattices guarantee k-barrier coverage. Second, to remedy this problem, we consider the great rhombicuboctahedron (GR), a polyhedral space-filler. We introduce the concept of intruder's abstract paths along a 3D k-barrier covered belt, and compute their number. Also, we propose a polynomial representation for all abstract paths. In addition, we compute the number of sensors deployed over a 3D k-barrier covered belt using GR. Third, we corroborate our analysis with numerical and simulation results.

Simulating quantum field theories on a quantum computer is one of the most exciting fundamental physics applications of quantum information science. Dynamical time evolution of quantum fields is a challenge that is beyond the capabilities of classical computing, but it can teach us important lessons about the fundamental fabric of space and time. Whether we may answer scientific questions of interest using near-term quantum computing hardware is an open question that requires a detailed simulation study of quantum noise. Here we present a large scale simulation study powered by a multi-node implementation of qsim using the Google Cloud Platform. We additionally employ newly-developed GPU capabilities in qsim and show how Tensor Processing Units — Application-specific Integrated Circuits (ASICs) specialized for Machine Learning — may be used to dramatically speed up the simulation of large quantum circuits. We demonstrate the use of high performance cloud computing for simulating ℤ2 quantum field theories on system sizes up to 36 qubits. We find this lattice size is not able to simulate our problem and observable combination with sufficient accuracy, implying more challenging observables of interest for this theory are likely beyond the reach of classical computation using exact circuit simulation.

With the rapid advancements in information technology, data security has become an indispensable component. Cryptography performs a significant role in establishing information security. Computational problems have been utilized extensively by cryptographers to construct digital signature schemes. Digital signature schemes offer security services such as confidentiality, authenticity, integrity, and non-repudiation of a message. This paper proposes a modification of the Dilithium signature scheme that is secure against unforgeability attack based on the hardness of lattice problems such as Learning With Errors and Short Integer Solution over lattices. Using the rejection sampling technique, data is sampled from a uniform distribution to generate keys that are expanded into a matrix. The keys are hashed and signed by the sender to generate a message, which is then accepted by the receiver upon verification. Finally, the security analysis for the proposed signature scheme is provided with a strong emphasis on the security of the secret key. We prove that the attacker cannot forge a signature on a message, and recommended parameters are proposed.

Lattice-based Attribute-based encryption is a well-known cryptographic mechanism that can resist quantum attacks and has the ability of fine-grained access control, and it has a wide range of application scenarios in current Internet of Thing (IoT) era. However, lack of efficiency and existing the problem of large ciphertext expansion rate are the main disadvantages impede the applications of this mechanism. Thus, we propose an efficient and practical ciphertext policy attribute-based encryption (CP-ABE) scheme from lattices in the paper. In this scheme, to make the secret key reusable, we adjust access tree and propose a basic access tree structure, which can be converted from disjunctive normal form, and combine it with a light post-quantum scheme of Kyber. In addition, the compression method and plaintext expansion method are introduced to optimize the scheme. Our CP-ABE scheme is secure against chosen plaintext attack under the hardness of module learning with errors problem. We implement our scheme and compare it with three recent related schemes in terms of security, function and communication cost. Experiments and comparisons show that our CP-ABE scheme has advantages in high encryption efficiency, small matrix dimension, small key sizes, and low ciphertext expansion rate, which has some merit in practice.

The cipher-text homomorphism encryption algorithm (homomorphic encryption) are used for the cloud safe and to solve the integrity, availability and controllability of information. For homomorphic encryption, we, by Topsnut-gpw technique, design: degree-sequence homomorphisms and their inverses, degree-sequence homomorphic chain, graph-set homomorphism, colored degree-sequence matrices and every-zero Cds-matrix groups, degree-coinciding degree-sequence lattice, degree-joining degree-sequence lattice, as well as degree-sequence lattice homomorphism, since number-based strings made by Topsnut-gpws of topological coding are irreversible, and Topsnut-gpws can realize: one public-key corresponds two or more privatekeys, and more public-key correspond one or more private-keys for asymmetric encryption algorithm.

Blockchain is a decentralized technology that provides untampered and anonymous security service to users. Without relying on trusted third party, it can establish the value transfer between nodes and reduce the transaction costs. Mature public key cryptosystem and signature scheme are important basis of blockchain security. Currently, most of the public key cryptosystems are based on classic difficult problems such as RSA and ECC. However, the above asymmetric cryptosystems are no longer secure with the development of quantum computing technology. To resist quantum attacks, researchers have proposed encryption schemes based on lattice recently. Although existing schemes have theoretical significance in blockchain, they are not suitable for the practical application due to the large size of key and signature. To tackle the above issues, this paper proposes an anti-quantum signature scheme over ideal lattice in blockchain. First, we transfer the signature scheme from the standard lattice to the ideal lattice, which reduces the size of public key. Afterwards, a novel signature scheme is proposed to reduce both the size of the private and public key significantly. Finally, we theoretically prove the security of our ideal lattice-based signature scheme with a reduction to the hardness assumption of Ideal Small Integer Sulotion problem which can resist quantum attacks. The efficiency analysis demonstrates that our signature scheme can be practically used in blockchain.

Robot networks are susceptible to fail under the presence of malicious or defective robots. Resilient networks in the literature require high connectivity and large communication ranges, leading to high energy consumption in the communication network. This paper presents robot formations with guaranteed resiliency that use smaller communication ranges than previous results in the literature. The formations can be built on triangular and square lattices in the plane, and cubic lattices in the three-dimensional space. We support our theoretical framework with simulations.

Negative curvature hollow core fibers (NC-HCFs) realize great research attention due to their comparatively low losses with simplified design and fabrication simplicity. Recently, revolver type fibers that combine the NC-HCF and conventional lattice structured photonic crystal fiber (PCF) have opened up a new era in communications due to their low loss, power confinement capacity, and multi-bandwidth applications. In this study, we present a customized optical fiber design that comprises the PCF with the NC-HCF to get lowest confinement loss. Extensive numerical simulations are performed and a noteworthy low loss of 4.47×10-05dB/m at a wavelength of 0.85 μm has been recorded for the designed fiber, which is almost 4600 times lower than annular revolver type fibers. In addition, a conspicuous low loss transmission bandwidth ranging from 0.6 μm to 1.8 μm has found in this study. This may have potential applications in spectroscopy, material processing, chemical and bio-molecular sensing, security, and industry applications.

For the last two decades, a wide spectrum of interpretations of non-interference11The notion of non-interference discussed in this paper enforces flow security in a program and is different from the concept of non-interference used for establishing functional correctness of parallel programs [1] have been used in the security analysis of programs, starting with the notion proposed by Goguen & Meseguer along with arguments of its impact on security practice. While the majority of works deal with sequential programs, several researchers have extended the notion of non-interference to enforce information flow-security in non-deterministic and concurrent programs. Major efforts of generalizations are based on (i) considering input sequences as a basic unit for input/output with semantic interpretation on a two-point information flow lattice, or (ii) typing of expressions as values for reading and writing, or (iii) typing of expressions along with its limited effects. Such approaches have limited compositionality and, thus, pose issues while extending these notions for concurrent programs. Further, in a general multi-point lattice, the notion of a public observer (or attacker) is not unique as it depends on the level of the attacker and the one attacked. In this paper, we first propose a compositional variant of non-interference for sequential systems that follow a general information flow lattice and place it in the context of earlier definitions of non-interference. We show that such an extension leads to the capturing of violations of information flow security in a concrete setting of a sequential language. Finally, we generalize non-interference for concurrent programs and illustrate its use for security analysis, particularly in the cases where information is transmitted through shared variables.

The security of lattice-based cryptosystems that are secure for the post-quantum period is based on the difficulty of the shortest vector problem (SVP) and the closest vector problem (CVP). In the literature, many sieving algorithms are proposed to solve these hard problems. In this paper, efficient implementation of HashSieve sieving algorithm is discussed. A modular software library to have an efficient implementation of HashSieve algorithm is developed. Modular software library is used as an infrastructure in order for the HashSieve efficient implementation to be better than the sample in the literature (Laarhoven's standard HashSieve implementation). According to the experimental results, it is observed that HashSieve efficient implementation has a better running time than the example in the literature. It is concluded that both implementations are close to each other in terms of the memory space used.

Public key encryption with equality test (PKEET) enables the testing whether two ciphertexts encrypt the same message. Identity-based encryption with equality test (IBEET) simplify the certificate management of PKEET, which leads to many potential applications such as in smart city applications or Wireless Body Area Networks. Lee et al. (ePrint 2016) proposed a generic construction of IBEET scheme in the standard model utilising a 3-level hierachy IBE together with a one-time signature scheme, which can be instantiated in lattice setting. Duong et al. (ProvSec 2019) proposed the first direct construction of IBEET in standard model from lattices. However, their scheme achieve CPA security only. In this paper, we improve the Duong et al.'s construction by proposing an IBEET in standard model which achieves CCA2 security and with smaller ciphertext and public key size.

Language-based information flow control (IFC) aims to provide guarantees about information propagation in computer systems having multiple security levels. Existing IFC systems extend the lattice model of Denning's, enforcing transitive security policies by tracking information flows along with a partially ordered set of security levels. They yield a transitive noninterference property of either confidentiality or integrity. In this paper, we explore IFC for security policies that are not necessarily transitive. Such nontransitive security policies avoid unwanted or unexpected information flows implied by transitive policies and naturally accommodate high-level coarse-grained security requirements in modern component-based software. We present a novel security type system for enforcing nontransitive security policies. Unlike traditional security type systems that verify information propagation by subtyping security levels of a transitive policy, our type system relaxes strong transitivity by inferring information flow history through security levels and ensuring that they respect the nontransitive policy in effect. Such a type system yields a new nontransitive noninterference property that offers more flexible information flow relations induced by security policies that do not have to be transitive, therefore generalizing the conventional transitive noninterference. This enables us to directly reason about the extent of information flows in the program and restrict interactions between security-sensitive and untrusted components.

Information Flow Control (IFC) is a collection of techniques for ensuring a no-write-down no-read-up style security policy known as noninterference. Traditional methods for both static (e.g. type systems) and dynamic (e.g. runtime monitors) IFC suffer from untenable numbers of false alarms on real-world programs. Secure Multi-Execution (SME) promises to provide secure information flow control without modifying the behaviour of already secure programs, a property commonly referred to as transparency. Implementations of SME exist for the web in the form of the FlowFox browser and as plug-ins to several programming languages. Furthermore, SME can in theory work in a black-box manner, meaning that it can be programming language agnostic, making it perfect for securing legacy or third-party systems. As such SME, and its variants like Multiple Facets (MF) and Faceted Secure Multi-Execution (FSME), appear to be a family of panaceas for the security engineer. The question is, how come, given all these advantages, that these techniques are not ubiquitous in practice? The answer lies, partially, in the issue of runtime and memory overhead. SME and its variants are prohibitively expensive to deploy in many non-trivial situations. The natural question is why is this the case? On the surface, the reason is simple. The techniques in the SME family all rely on the idea of multi-execution, running all or parts of a program multiple times to achieve noninterference. Naturally, this causes some overhead. However, the predominant thinking in the IFC community has been that these overheads can be overcome. In this paper we argue that there are fundamental reasons to expect this not to be the case and prove two key theorems: (1) All transparent enforcement is polynomial time equivalent to multi-execution. (2) All black-box enforcement takes time exponential in the number of principals in the security lattice. Our methods also allow us to answer, in the affirmative, an open question about the possibility of secure and transparent enforcement of a security condition known as Termination Insensitive Noninterference.

We propose a multipartite quantum communication network (QCN) based on surface codes (SCs). We describe how simultaneously to entangle multiple nodes in an arbitrary network topology by employing the SCs. We further describe how to extend the transmission distance between arbitrary two nodes by using the SCs as well. Finally, we describe how to operate the proposed QCN by employing the SDN concept.

Public-key cryptography is a ubiquitous buildingblock of modern telecommunication technology. Among the most historically important, the knapsack-based encryption schemes, from the early years of public-key cryptography, performed particularly well in computational resources (time and memory), and mathematical and algorithmic simplicity. Although effective cryptanalyses readily curtailed their widespread adoption to several different attempts, the possibility of actual usage of knapsack-based asymmetric encryption schemes remains unsettled. This paper aims to present a novel construction that offers consistent security improvements on knapsack-based cryptography. We propose two improvements upon the original knapsack cryptosystem that address the most important types of attacks: the Diophantine approximationsbased attacks and the lattice problems oracle attacks. The proposed defences demonstrably preclude the types of attacks mentioned above, thus contributing to revive knapsack schemes or settle the matter negatively. Finally, we present the http://t3infosecurity.com/nepsecNep.Sec, a contest that is offering a prize for breaking our proposed cryptosystem.

Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology that provides fine-grained access control as well as data confidentiality. It enables one sender to encrypt the data for more receivers, and to specify a policy on who can decrypt the ciphertext using his/her attributes alone. However, most existing ABE schemes are constructed on bilinear maps and they cannot resist quantum attacks. In this paper, we propose a multi-authority CP-ABE (MA-CPABE) scheme on ideal lattices which is still secure in post-quantum era. On one hand, multiple attribute authorities are required when user's attributes cannot be managed by a central authority. On the other hand, compared with generic lattice, the ideal lattice has extra algebraic structure and can be used to construct more efficient cryptographic applications. By adding some virtual attributes for each authority, our scheme can support flexible threshold access policy. Security analysis shows that the proposed scheme is secure against chosen plaintext attack (CPA) in the standard model under the ring learning with errors (R-LWE) assumption.

Cyber adversaries employ a variety of malware and exploits to attack computer systems, usually via sequential or “chained” attacks, that take advantage of vulnerability dependencies. In this paper, we introduce a formalism to model such attacks. We show that the determination of the set of capabilities gained by an attacker, which also translates to extent to which the system is compromised, corresponds with the convergence of a simple fixed-point operator. We then address the problem of determining the optimal/most-dangerous strategy for a cyber-adversary with respect to this model and find it to be an NP-Complete problem. To address this complexity we utilize an A*-based approach with an admissible heuristic, that incorporates the result of the fixed-point operator and uses memoization for greater efficiency. We provide an implementation and show through a suite of experiments, using both simulated and actual vulnerability data, that this method performs well in practice for identifying adversarial courses of action in this domain. On average, we found that our techniques decrease runtime by 82%.

In this work, we will present a new hybrid cryptography method based on two hard problems: 1- The problem of the discrete logarithm on an elliptic curve defined on a finite local ring. 2- The closest vector problem in lattice and the conjugate problem on square matrices. At first, we will make the exchange of keys to the Diffie-Hellman. The encryption of a message is done with a bad basis of a lattice.