Biblio

We discuss the performance of a new quantumsafe multivariate digital signature scheme proposed recently, called the Multivariate Polynomial Public Key Digital Signature (MPPK DS) scheme. Leveraging MPPK KEM or key exchange mechanism, the MPPK DS scheme is established using modular exponentiation with a randomly chosen secret base from a prime field. The security of the MPPK DS algorithm largely benefits from a generalized safe prime associated with the said field and the Euler totient function. We can achieve NIST security levels I, III, and V over a 64-bit prime field, with relatively small public key sizes of 128 bytes, 192 bytes, and 256 bytes for security levels I, III, and V, respectively. The signature sizes are 80 bytes for level I, 120 bytes for level III, and 160 bytes for level V. The MPPK DS scheme offers probabilistic procedures for signing and verification. That is, for each given signing message, a signer can randomly pick a base integer to be used for modular exponentiation with a private key, and a verifier can verify the signature with the digital message, based on the verification relationship, using any randomly selected noise variables. The verification process can be repeated as many times as the verifier wishes for different noise values, however, for a true honest signature, the verification will always pass. This probabilistic feature largely restricts an adversary to perform spoofing attacks. In this paper, we conduct some performance analyses by implementing MPPK DS in Java. We compare its performance with benchmark performances of NIST PQC Round 3 finalists: Rainbow, Dilithium, and Falcon. Overall, the MPPK DS scheme demonstrates equivalent or better performance, and much smaller public key, as well as signature sizes, compared to the three NIST PQC Round 3 finalists.

The Multivariate Polynomial Public Key (MPPK) algorithm, over a prime Galois field, takes a multiplier multivariate polynomial and two multiplicand univariate solvable polynomials to create two product multivariate polynomials. One of variables is for secret message and all others are for noises. The public key consists of all coefficients of the product multivariate polynomials, except the two constant terms for the message variable. The private key is made of both multiplicands. Encryption takes a list of random numbers, over the prime Galois field. The first number is the secret to exchange. The other random numbers generate noise automatically cancelled by decryption. The secret is easily extracted from the evaluation of a solvable equation. The level of security provided by MPPK is adaptable. The algorithm can be used in several different ways. In this paper, we review the performance achieved by MPPK for several combinations of polynomial configurations and Galois field sizes. For every combination, we calculated key generation time, encryption time and decryption time. We also compare the effectiveness of MPPK with the performance of all four NIST PQC finalists. For MPPK, the data has been collected from the execution of an implementation in Java. In comparison to the NIST PQC finalists, MPPK key generation, encryption and decryption performance is excellent.

A database is an organized collection of data. Though a number of techniques, such as encryption and electronic signatures, are currently available for the protection of data when transmitted across sites. Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks. In this paper, we create 6 types of method for more secure ways to store and retrieve database information that is both convenient and efficient. Confidentiality, integrity, and availability, also known as the CIA triad, is a model designed to guide policies for information security within the database. There are many cryptography techniques available among them, ECC is one of the most powerful techniques. A user wants to the data stores or request, the user needs to authenticate. When a user who is authenticated, he will get key from a key generator and then he must be data encrypt or decrypt within the database. Every keys store in a key generator and retrieve from the key generator. We use 256 bits of AES encryption for rows level encryption, columns level encryption, and elements level encryption for the database. Next two method is encrypted AES 256 bits random key by using 521 bits of ECC encryption and signature for rows level encryption and column level encryption. Last method is most secure method in this paper, which method is element level encryption with AES and ECC encryption for confidentiality and ECC signature use for every element within the database for integrity. As well as encrypting data at rest, it's also important to ensure confidential data are encrypted in motion over our network to protect against database signature security. The advantages of elements level are difficult for attack because the attacker gets a key that is lose only one element. The disadvantages need to thousands or millions of keys to manage.