Cryptographic Algorithms Research Articles

Analysis of Cybersecurity Vulnerabilities in Mobile Payment Applications

Skepticism about security of mobile payment applications has plagued user adoption of such platforms in some countries. Software developers have generally de-emphasized core principles guiding delivering safe mobile applications since for mobile payment applications, movement of monetary value is their priority. We find in surveyed literature that this situation is prevalent in low economy/low financial inclusion countries. Selected were 50 Fintech and traditional banks m-payment applications in both high and lower economic and technological advancement (high E&T apps and lower E&T apps respectively) countries in Africa. This work may have significance in finance or economy, but it is mainly to unravel cybersecurity concerns. The analyses (static and dynamic) of the applications targeted top ten vulnerabilities on 2023 Common Weakness Enumeration (CWE) and Open Worldwide Application Security Project (OWASP) lists. The study employed Mobile Security Framework (MobSF) as the primary tool for both Android and iOS application while Automated Security Risk Assessment (AUSERA) tool was used to validate the vulnerabilities reported by MobSF. Results show that traditional m-payment apps were generally more secure than Fintech m-payment apps. In the later category, vulnerabilities under information leakage and cryptography category were the most prevalent. On the average, no marked difference was observed in security performance between high E&T apps and lower E&T apps. Incorrect default permission, cleartext storage of sensitive information, use of risky cryptographic algorithm, use of insufficiently random values and information exposure were the most prevalent vulnerabilities. Conversely, insecure implementation of SSL and trusting all certificates or accepting self-signed certificates had fewest occurrences. Poor code quality was the highest source of security vulnerabilities in the study. Declining statistics of SMS leakage in recent studies was confirmed in this work. The most implemented security measure was certificate pinning for preventing or detecting man-in-the-middle attack.

BPS-V: A blockchain-based trust model for the Internet of Vehicles with privacy-preserving

The trust system is widely used to prevent malicious behaviors, and it is a key element for vehicles to establish interactions in the Internet of Vehicles (IoV). Nevertheless, trust and privacy remain unresolved concerns stemming from the distinctive features of the IoV. The IoV must thwart malicious attackers from spreading false data while ensuring that the vehicle’s evaluation data is not leaked, which is of utmost importance. In this paper, we propose a blockchain-based trust model (BPS-V), which supports ciphertext computation of trust evaluation data submitted by different vehicles. Design a cooperative update method for vehicle trust, which utilizes an improved distributed two-trapdoor public-key cryptography algorithm to achieve cooperative computing of trust and reduce the risk of privacy leakage of evaluation data. On this basis, BPS-V introduces blockchain sharding technology to realize cross-domain storage and sharing of the trust. Simulation results show that our scheme can effectively protect the privacy of evaluation data and maintain a high detection rate and low false alarm rate in different road environments. Compared with traditional schemes, BPS-V can improve the efficiency of trust updates and the detection of malicious vehicles by 9.5% and 32%.

Effective Identification and Authentication of Healthcare IoT Using Fog Computing with Hybrid Cryptographic Algorithm

Currently, Internet of Things (IoT)-based cloud systems face several problems such as privacy leakage, failure in centralized operation, managing IoT devices, and malicious attacks. The data transmission between the cloud and healthcare IoT needs trust and secure transmission of Electronic Health Records (EHRs). IoT-enabled healthcare equipment is seen in hospitals that have been implementing the technology for many years. Nonetheless, medical agencies fail to consider the security risk associated with healthcare IoT devices, which are readily compromised and cause potential threats to authentication and encryption procedures. Existing cloud computing methods like homomorphic encryption and the elliptic curve cryptography are unable to meet the security, identity, authentication, and security needs of healthcare IoT devices. The majority of conventional healthcare IoT algorithms lack secure data transmission. Therefore, fog computing is introduced to overcome the problems of IoT device verification, authentication, and identification for scalable and secure transmission of data. In this research manuscript, fog computing includes a hybrid mathematical model: Elliptic Curve Cryptography (ECC) and Proxy Re-encryption (PR) with Enhanced Salp Swarm Algorithm (ESSA) for IoT device verification, identification, and authentication of EHRs. ESSA is incorporated into the PR algorithm to determine the optimal key size and parameters of the PR algorithm. Specifically, in the ESSA, a Whale Optimization Algorithm (WOA) is integrated with the conventional Salp Swarm Algorithm (SSA) to enhance its global and local search processes. The primary objective of the proposed mathematical model is to further secure data sharing in the real time services. The extensive experimental analysis shows that the proposed model approximately reduced 60 Milliseconds (ms) to 18 milliseconds of processing time and improved 25% to 3% of reliability, compared to the traditional cryptographic algorithms. Additionally, the proposed model obtains a communication cost of 4260 bits with a memory usage of 680 bytes in the context of security analysis.

Symmetry-Enabled Resource-Efficient Systolic Array Design for Montgomery Multiplication in Resource-Constrained MIoT Endpoints

In today’s TEST interconnected world, the security of 5G Medical IoT networks is of paramount concern. The increasing number of connected devices and the transmission of vast amounts of data necessitate robust measures to protect information integrity and confidentiality. However, securing Medical IoT edge nodes poses unique challenges due to their limited resources, making the implementation of cryptographic protocols a complex task. Within these protocols, modular multiplication assumes a crucial role. Therefore, careful consideration must be given to its implementation. This study focuses on developing a resource-efficient hardware implementation of the Montgomery modular multiplication algorithm over GF(2l), which is a critical operation in cryptographic algorithms. The proposed solution introduces a bit-serial systolic array layout with a modular structure and local connectivity between processing elements. This design, inspired by the principles of symmetry, allows for efficient utilization of resources and optimization of area and delay management. This makes it well-suited for deployment in compact Medical IoT edge nodes with limited resources. The suggested bit-serial processor structure was evaluated through ASIC implementation, which demonstrated substantial improvements over competing designs. The results showcase an average area reduction of 24.5% and significant savings in the area–time product of 26.2%.

Performance Evaluation of Laguerre Transform and Neural Network-based Cryptographic Techniques for Network Security

As the world evolves day by day with new technologies, there is a need to design a secure network in such a way that intruders and unauthorized persons should not have access to the network as well as information regarding the personnel in any firm. In this study, a new cryptographic technique for securing data transmission based on the LaplaceLaguerre polynomial (LLP) is developed and compared to an existing auto-associative neural network technique (AANNT).The performance of the LLPT and AANNT was tested with some selected files in a MATLAB environment and the results obtained provided comparative information (in respect of AANNT versus LLPT) as follows: encryption time (1.67 ms versus 3.9931s), decryption time (1.833 ms versus 2.1172s), throughput (26.2975 Kb/s versus 0.01098 Kb/s), memory consumption (3.349 KB versus 15.958 KB). From the compared results, it shows that AANNT offers a faster processing time, higher throughput, and takes up less memory space than the LLPT. However, cryptanalysis of the AANNT is possible if the network's weight and design are known; hence, the technique is unreliable for ensuring the data integrity and confidentiality of encrypted data. The proposed LLP cryptographic algorithm is designed to provide a higher security level by making the LLP algorithm computationally tedious to invert using the standard Laplace transform inversion method. When compared to the AANN-based cryptographic technique, cracking the algorithm to uncover the encryption key takes time. This shows the strength and robustness of the proposed LLP cryptographic algorithm against attacks, as well as its suitability for solving the problem of data privacy and security when compared to the AANN-based cryptographic algorithm.

Performance Analysis of Post-Quantum Cryptography Algorithms for Digital Signature

In the face of advancing quantum computing capabilities posing significant threats to current cryptographic protocols, the need for post-quantum cryptography has become increasingly urgent. This paper presents a comprehensive analysis of the performance of various post-quantum cryptographic algorithms specifically applied to digital signatures. It focuses on the implementation and performance analysis of selected algorithms, including CRYSTALS-Dilithium, Falcon, and SPHINCS+, using the liboqs library. Performance tests reveal insights into key pair generation, file signing, and signature verification processes. Comparative tests with the well-known and popular RSA algorithm highlight the trade-offs between security and time efficiency. The results can help to select secure and efficient ciphers for specific 5G/6G services.

RAB: A lightweight block cipher algorithm with variable key length

RAB: A lightweight block cipher algorithm with variable key length

Application of the DCT Algorithm to Protect Image Files with Key Symbols

Image file protection is an important aspect in managing and transmitting visual data in today's digital era. One effective method for protecting images is to use the Discrete Cosine Transformation (DCT) algorithm based on the principle of randomization with key symbols. This research aims to describe the application of the DCT algorithm in the context of image protection using key symbols as a security method. This research includes the main stages, namely randomization of the original image using predetermined key symbols, transformation of the image to the DCT domain, and storage of the scrambled image. By scrambling the image using key symbols known only to authorized parties, the original image can be changed significantly so that it is difficult to reconstruct by unauthorized parties. In addition, the results of this DCT transformation can also be encrypted using a strong cryptographic algorithm, thereby increasing the security level of image protection. The research results show that this method is effective in protecting image files from unauthorized access and unwanted surveillance. The final result of implementing the DCT algorithm with this key symbol is an image that is protected with a high level of security and can be restored correctly by authorized parties using the appropriate key symbol. This research has broad potential application in a variety of contexts, including data security, confidential image storage, and secure image transmission over communications networks. Thus, this method can make a positive contribution in overcoming information security challenges in an increasingly complex digital era.

Machine learning cryptography methods for IoT in healthcare

BackgroundThe increased application of Internet of Things (IoT) in healthcare, has fueled concerns regarding the security and privacy of patient data. Lightweight Cryptography (LWC) algorithms can be seen as a potential solution to address this concern. Due to the high variation of LWC, the primary objective of this study was to identify a suitable yet effective algorithm for securing sensitive patient information on IoT devices.MethodsThis study evaluates the performance of eight LWC algorithms—AES, PRESENT, MSEA, LEA, XTEA, SIMON, PRINCE, and RECTANGLE—using machine learning models. Experiments were conducted on a Raspberry Pi 3 microcontroller using 16 KB to 2048 KB files. Machine learning models were trained and tested for each LWC algorithm and their performance was evaluated based using precision, recall, F1-score, and accuracy metrics.ResultsThe study analyzed the encryption/decryption execution time, energy consumption, memory usage, and throughput of eight LWC algorithms. The RECTANGLE algorithm was identified as the most suitable and efficient LWC algorithm for IoT in healthcare due to its speed, efficiency, simplicity, and flexibility.ConclusionsThis research addresses security and privacy concerns in IoT healthcare and identifies key performance factors of LWC algorithms utilizing the SLR research methodology. Furthermore, the study provides insights into the optimal choice of LWC algorithm for enhancing privacy and security in IoT healthcare environments.

The Security Evaluation of an Efficient Lightweight AES Accelerator

The Advanced Encryption Standard (AES) is widely recognized as a robust cryptographic algorithm utilized to protect data integrity and confidentiality. When it comes to lightweight implementations of the algorithm, the literature mainly emphasizes area and power optimization, often overlooking considerations related to performance and security. This paper evaluates two of our previously proposed lightweight AES implementations using both profiled and non-profiled attacks. One is an unprotected implementation, and the other one is a protected version using Domain-Oriented Masking (DOM). The findings of this study indicate that the inclusion of DOM in the design enhances its resistance to attacks at the cost of doubling the area.

A Method for Optimal Value Measurement of Some Parameters of Fault Attacks on Cryptographic Algorithms

A Method for Optimal Value Measurement of Some Parameters of Fault Attacks on Cryptographic Algorithms

Finite algebras in the design of multivariate cryptography algorithms

A new approach to the design of multivariate public-key cryptalgorithms is introduced. It envisages using non-linear mappings defined as squaring and cubic operations in finite fields represented as finite algebras. The developed approach allows significant reduction of the size of public key and thereby make post-quantum algorithms of multivariate cryptography much more practical. In the developed algorithms, the secret key includes a set of values of structural constants that determine the modifications of the finite fields used and the coefficients in the set of sixth degree polynomials that make up the public key

Enhancing Data Security through Machine Learning-based Key Generation and Encryption

In an era marked by growing concerns about data security and privacy, the need for robust encryption techniques has become a matter of paramount importance. The primary goal of this study is to protect sensitive information during transmission while ensuring efficient and reliable decryption at the receiver's side. To generate robust and unique cryptographic keys, the proposed approach trains an autoencoder neural network based on hashing and optionally generated prime numbers in the MNIST dataset. The key serves as the foundation for secure communication. An additional security layer to the cryptographic algorithm passing through the first ciphertext, was employed utilizing the XORed and Blum-Blum-Shub (BBS) generators to make the system resistant to various types of attacks. This approach offers a robust and innovative solution for secure data transmission, combining the strengths of autoencoder-based key generation and cryptographic encryption. Its effectiveness is demonstrated through testing and simulations.

An Efficient Lightweight Crypto Security Module for Protecting Data Transmission Through IOT Based Electronic Sensors

The Internet of Things (IoT) devices are advanced nanoelectronics devices which has recently witnessed an explosive expansion in the field of communication and electronics, becoming ubiquitous in various applications. However, the rapid growth of IoT applications makes them prone to security threats and data breaches. Hence, cryptographic techniques are developed to ensure data confidentiality and integrity in IoT and many of the applications from optoelectronics. However, the existing cryptographic algorithms face challenges in securing the data from threats during transmission, as they lack effective key management. Therefore, we proposed a novel optimized lightweight cryptography (LWC) to resolve this challenge using the combined benefits of Grey Wolf Optimization and Hyper Elliptic Curve Cryptography (GW-HECC). The proposed LWC algorithm protects the data from attacks during data exchange by optimizing the key management process and aims to deliver greater Quality of Service (QoS) in IoT networks. An IoT network was initially created with multiple sensor devices, IoT gateways, and data aggregators. The proposed framework includes a Quantum Neural Network (QNN)-based attack prediction module to predict the malicious data entry in the IoT network. The QNN learns the attack patterns from the historical IoT data and prevents incoming malicious data entries, ensuring that only normal data is transmitted to the cloud. For secure data transmission, the sensed data from the IoT network are encrypted using the proposed GW-HECC. The presented work was designed and implemented in Python software; the experimental results demonstrate that the proposed method offers greater data confidentiality of 97.9%, improved attack prediction accuracy of 99.8%, and a reduced delay of 0.37 s. Furthermore, a comparative analysis was made with existing cryptographic algorithms, manifesting that the proposed algorithm acquired improved results.

Cryptosystems based on isomorphic transformations of elliptic curve points.

The article presents research in the field of development and improvement of cryptographic systems based on elliptic curves isomorphic transformations potentially resistant to quantum cryptanalysis. Analysis results of existing asymmetric cryptosystems disadvantages and advantages, including those based on isomorphic transformations, are presented. The approaches to the construction of cryptographic algorithms based on isogenies of elliptic curves, which can become the basis for creating cryptosystems resistant to quantum attacks, are investigated. In the course of the research, program functions were developed to implement operations on elliptic curves isogenies of different orders, which will ensure the security levels specified in the standard: 256, 384, 512. A software implementation of the operations of a curve point scalar multiplication and operations on elliptic curve isogenies has been developed, on the basis of which experimental values of the time to perform the scalar product using parallelization have been obtained. Experiments have been conducted to compare the classical multiplication of a curve point with the representation of the scalar k as a sequence of 4-bit words, which made it possible to speed up the scalar multiplication operation by 30 times, for 8-bit words the speedup was 18.8 times. The direction of further research is the development of methods for the generation and verification of a digital signature, based on transformations over the isogeny points of the elliptic curve using the parallelization of operations of scalar multiplication of the curve point.

Securing Decentralized Storage in Blockchain: A Hybrid Cryptographic Framework

Abstract The evolution of decentralized storage, propelled by blockchain advancements, has revolutionized data management. This paper focuses on content security in the InterPlanetary File System (IPFS), a leading decentralized storage network lacking inherent content encryption. To address this vulnerability, we propose a novel hybrid cryptographic algorithm, merging AES 128-bit encryption with Elliptic Curve Cryptography (ECC) key generation. The algorithm includes ECC key pairs, random IV generation, and content/AES key encryption using ECC public keys. Benchmarking against standard AES 256-bit methods shows a significant 20% acceleration in encryption speed and a 16% increase in decryption efficiency, affirming practicality for enhancing IPFS content security. This research contributes to securing decentralized storage and provides a performance-driven solution. The promising results highlight the viability of the proposed approach, advancing understanding and mitigating security concerns in IPFS and similar systems.

Machine learning-based lightweight block ciphers for resource-constrained internet of things networks: a review

The increasing number of internet of things (IoT) devices, wearable technologies, and embedded systems has experienced a significant increase in recent years. This surge has brought attention to the necessity for cryptographic algorithms that are lightweight and capable of providing security in resource-constrained environments. The primary objective of lightweight block ciphers is to provide encryption capabilities with minimal computational overhead and decreased power consumption. As a result, they are particularly well-suited for use on devices that have limited resources. At the same time, machine learning methodologies have evolved into powerful mechanisms for the purposes of prediction, categorization, and system optimization. This study introduces a challenges and issues involved in integrating machine learning techniques with the development of lightweight block ciphers.

Investigation of crypto-algorithms for Stability Assessment

Performance evaluation plays a vital role in the field of cryptography. It is essential to assess the security, efficiency, and suitability of different algorithms in various applications. By evaluating the performance of cryptography algorithms, we can identify vulnerabilities, weaknesses, and strengths, which are crucial for ensuring the integrity and confidentiality of sensitive data. Moreover, performance evaluation allows for benchmarking, algorithm selection, and continuous improvement in the field, driving advancements in cryptography techniques and enhancing the overall security of systems that rely on cryptography. This paper implements a test algorithm that can evaluate the performance of different parameters for a range of cryptography algorithms. The performance of input is evaluated using parameters such as the Avalanche effect, Correlation coefficient, Bit independence test, Frequency test, Encryption and decryption execution time, Throughput, Brute Force attack, and Information entropy. By comparing results obtained from the performance tests, we can gain valuable insights into the relative strengths and weaknesses of the algorithms. This aids in making informed decisions regarding algorithm selection and improvement, ultimately contributing to the advancement of secure communication and data protection.

Comparative Analysis of AES, Blowfish, Twofish, Salsa20, and ChaCha20 for Image Encryption

Nowadays, cybersecurity has grown into a more significant and difficult sci-entific issue. The recognition of threats and attacks meant for knowledge and safety on the internet is growing harder to detect. Since cybersecurity guar-antees the privacy and security of data sent via the Internet, it is essential, while also providing protection against malicious attacks. Encrypt has grown into an answer that has become an essential element of information security systems. To ensure the security of shared data, including text, images, or videos, it is essential to employ various methods and strategies. This study delves into the prevalent cryptographic methods and algorithms utilized for prevention and stream encryption, examining their encoding techniques such as advanced encryption standard (AES), Blowfish, Twofish, Salsa20, and ChaCha20. The primary objective of this research is to identify the optimal times and throughputs (speeds) for data encryption and decryption processes. The methodology of this study involved selecting five distinct types of images to compare the outcomes of the techniques evaluated in this research. The as-sessment focused on processing time and speed parameters, examining visual encoding and decoding using Java as the primary platform. A comparative analysis of several symmetric key ciphers was performed, focusing on handling large datasets. Despite this limitation, comparing different images helped evaluate the techniques' novelty. The results showed that ChaCha20 had the best average time for both encryption and decryption, being over 50% faster than some other algorithms. However, the Twofish algorithm had lower throughput during testing. The paper concludes with findings and suggestions for future improvements.

SMART LOCK SYSTEM USING IOT AND SOLANA BLOCKCHAIN

This project explores the integration of Solana blockchain technology with smart locking systems to revolutionize access control and security. Leveraging the decentralized and immutable nature of the Solana blockchain, the intelligent system provides a powerful platform to manage access permissions and monitor lock transactions in real-time. With integrated management and remote control, users can grant or revoke access from any mobile or web application. The scalability and efficiency of the Solana blockchain enable the system to process large volumes of transactions without sacrificing performance, making it suitable for widespread use in the field, workplace, and office. Overall, the integration of the Solana blockchain into smart registration systems represents a significant advance in access control, providing a secure, transparent and user-friendly solution to the problems of the digital age. This project presents the design and implementation of a smart lock system empowered by Solana blockchain technology, aimed at enhancing security, transparency, and efficiency in access control. Leveraging a distributed ledger framework, the system facilitates decentralized access management, allowing users to remotely authorize and monitor door access through a user-friendly mobile/web interface. The integration of Solana blockchain ensures immutability and transparency in access permissions, while also offering scalability and low-latency transaction processing capabilities. Hardware components, including smart lock mechanisms and gateway devices, are seamlessly integrated with software modules such as firmware, gateway software, and blockchain integration layers to enable secure communication and interoperability. Robust security measures, including encryption protocols and cryptographic algorithms, safeguard data integrity and privacy. Through meticulous testing, deployment, and documentation processes, this project delivers a reliable and future-ready smart lock solution poised to redefine access management paradigms in various settings, from residential homes to commercial establishments. Key Words: Solana, Smart locking systems, Security, Blockchain, Immutability