Cryptosystem Research Articles

Design and Enhancing Security Performance of Image Cryptography System Based on Fixed Point Chaotic Maps Stream Ciphers in FPGA

تقترح هذه الورقة البحثية نظامًا جديدًا لتصميم تشفير الصور باستخدام الخرائط الفوضوية ذات النقطة الثابتة ومولدات التشفير المتسلسل (PN). يتكون النظام من خرائط فوضوية ثابتة مدمجة برقم إفتراضي (PN) مكون من 32 بت، يتم تنفيذها جميعًا باستخدام مصفوفات البوابات المنطقية القابلة للبرمجة ميدانيًا (FPGA) من خلال بيئة مولد النظام (XSG) . خرائط التشفير المعتادة المستخدمة في هذا العمل هي خرائط (Logistic) و (Lozi) وTent . تحدد متغيرات كل نوع من الخرائط حجم المفتاح المطلوبة لفك تشفير البكسل الأصلي للصورة الأصلية، حيث تحتوي خريطة (Logistic) على متغير واحد (r)، وتحتوي خريطة (Lozi) على متغيرين α و β، وتحتوي خريطة (Tent) على متغير واحد µ كانت الفكرة الرئيسية هي دمج متغير أخر وهو الرقم الإفتراضي (PN) لزيادة مساحة المفتاح، والتي تعد المقياس الرئيسي لتحسين الأمن ضد هجمات القوة القاهرة. تم اقتراح مولد بت عشوائي زائف (PRBG) مبتكر يعتمد على عملية XOR بين الخرائط الفوضوية هذه وأطلق عليه اسم FPCCM-PRBG (مولد بت عشوائي زائف بخرائط فوضوية متتالية ذات نقطة ثابتة). كما تم اقتراح طريقة أخرى تعتمد على أقل 8 بتات ذات دلالة من مولد الرقم الإفتراضي 32 بت وأطلق عليها اسم FPCCM-PRNBG (مولد بت عشوائي غير ثابتة بخرائط فوضوية متتالية ذات نقطة ثابتة). تم إختبار عشوائية المفاتيح المتولدة باستخدام اختبارات المعهد الوطني للمعايير والتكنولوجيا (NIST)، بما في ذلك اختبارات التردد والتردد أحادي البت والاختبار التنفيذي. كما تم تقييم أداء الأمن من خلال تحليل الهستوغرام، وتحليل معامل الارتباط، وإنتروبيا المعلومات، ومعدل تغيير البكسل، والتشابه البنيوي. يعتبر مولد النظام (XSG) أداة فعالة مضمنة في بيئة MATLAB/SIMULINK وتم استخدامها لتنفيذ العمل. تم تنفيذ النظام باستخدام طريقة المحاكاة المشتركة على لوحة ZYNQ 7000 SoC ZC702، مع مساحة مفتاح تبلغ (2^288) وسرعة تبلغ 269.32 ميجابايت/ثانية..

Challenges and opportunities on the horizon of post-quantum cryptography

Large quantum computers have the potential to break many cryptographic systems, e.g., Rivest–Shamir–Adleman, Diffie–Hellman key exchange, and the elliptical curve cryptosystem. The Department of Defense (DoD) is aware of this threat, and the National Institute of Standards and Technology is preparing a set of approved encryption and signature schemes that are not susceptible to these attacks by quantum computers, the so-called Post-Quantum Cryptography (PQC). The task of substituting older encryption and signature schemes raises a number of questions, to which there are not yet clear answers. In this research, we investigate the transition to PQC on existing networks, explain the approved PQC schemes, describe the likely path to an adaptation of PQC, and offer forward guidance on challenges and threats that may be encountered in the process of transition to PQC. This paper discusses the impacts of the new PQC schemes on network performance and speculates on possible side-channel attacks on the new encryption scheme. This paper offers hardware/software solutions based on the Split-protocol.

PYTHON-МОДЕЛЬ ПРОТОКОЛУ УЗГОДЖЕННЯ СЕКРЕТНОГО КЛЮЧА У ГРУПІ З ДОВІЛЬНОЇ КІЛЬКОСТІ УЧАСНИКІВ

The article is devoted to the problem of common secret key agreement in a group of an arbitrary number of participants. Data is exchanged between participants through open data channels. The problem of sharing a secret key over open data channels arose due to the need for a secure exchange of information between two or more parties that may be remote from each other and do not have a common confidential communication channel. Reliable methods of secret key exchange, such as transferring the key in person or using a secure channel, are not practical in remote or scalable scenarios. In the process of developing and modelling cryptographic systems, in which there is a need of cryptographic keys agreement in a group of two or more participants, it is very convenient to have a model that implements these algorithms. The agreement protocol is based on the Diffie-Hellman protocol on elliptic curves (ECDH). The paper contains theoretical justifications, a flow chart of the algorithm, and a Python implementation of the algorithm that performs the secret key agreement in a group of an arbitrary number of participants. To implement cryptographic operations on elliptic curves, the Python library Cryptography is used, in particular, the X25519 algorithms that use the elliptic curve Curve25519. The results of the work are shown on an example for a group of four participants, which demonstrate the correct operation of the model and the same secret key obtained as a result of agreement process. The paper also contains the link to a GitHub repository with the full program. The multi_participant_ecdh.py file contains a secret key agreement program for N participants written in Python. The file two_participant_ecdh.py demonstrates a typical two-participant Diffie-Hellman protocol. Both programs use the X25519 algorithm implemented in the Cryptography Python library. Thus, this work makes it possible to better understand the principles of secret key exchange algorithms between two and an arbitrary number of participants, to compare the results with other implementations, to apply the developed model for educational and demonstration purposes, and may be useful for a number of other scientific and engineering tasks.

Enhancing Field Multiplication in IoT Nodes with Limited Resources: A Low-Complexity Systolic Array Solution

Enhancing Field Multiplication in IoT Nodes with Limited Resources: A Low-Complexity Systolic Array Solution

Security augmenting of optical cryptosystem based on linear canonical transform domain using a full phase encoding technique

For the purpose of alleviating the vulnerability of double random phase encryption system in the linear canonical transform domain, a novel approach for optical security and cryptographic systems is presented. This proposed system uses a fully phase encoding technique to augment the security of encryption system in the linear canonical transform. The first step in this system involves phase encoding of the initial amplitude image to be ciphered and then modulated by the phase masks. The decryption process of image is the reversal operation of the encryption method. The effectiveness and sensitivity of our proposed cryptosystem for the encryption secret keys are verified. The resistance of our method against occlusion attacks is investigated. Moreover, the results demonstrate that the fully phase-based optical cryptosystem is more secure and robust than the amplitude-based scheme in a linear canonical domain.

Leveraging statistical-spectral correlations of random metasurfaces for steganography and multi-wavelength cryptography

The ability to tailor the spectral response of photonic devices is paramount to the advancement of a broad range of applications. The vast design space offered by disordered optical media provides enhanced functionality for spectral tailoring while also making it challenging to map the spectral properties of such complex systems to their structural attributes. In this work, we investigate correlations between the configuration statistics of random metasurfaces and their spectral transmissivity in the visible, and leverage those to develop a reduced phase space. In the latter part of the manuscript, we use this reduced phase space to design a pixelated color filter that hides visual data within a preselected cover image for steganography. Furthermore, we design a pair of color filters that can collectively encrypt a given grayscale image in their spectral transmissivities. We envision such devices to create opportunities for the development of compact, next-generation cryptographic systems. More broadly, the results presented in this manuscript provide new, to the best of our knowledge, avenues for optimizing large-scale random metasurfaces to achieve enhanced optical functionalities for a wide variety of applications.

A Provably Secure Anonymous Authentication Protocol for Consumer and Service Provider Information Transmissions in Smart Grids

Smart grids integrate information technology, decision support systems, communication networks, and sensing technologies. All these components cooperate to facilitate dynamic power adjustments based on received client consumption reports. Although this brings forth energy efficiency, the transmission of sensitive data over the public internet exposes these networks to numerous attacks. To this end, numerous security solutions have been presented recently. Most of these techniques deploy conventional cryptographic systems such as public key infrastructure, blockchains, and physically unclonable functions that have either performance or security issues. In this paper, a fairly efficient authentication scheme is developed and analyzed. Its formal security analysis is carried out using the Burrows–Abadi–Needham (BAN) logic, which shows that the session key negotiated is provably secure. We also execute a semantic security analysis of this protocol to demonstrate that it can resist typical smart grid attacks such as privileged insider, guessing, eavesdropping, and ephemeral secret leakages. Moreover, it has the lowest amount of computation costs and relatively lower communication overheads as well as storage costs.

On the use of dynamical systems in cryptography

Ever since the link between nonlinear science and cryptography became apparent, the problem of applying chaotic dynamics to the construction of cryptographic systems has gained a broad audience and has been the subject of thousands of papers. Yet, the field has not found its place in mainstream cryptography, largely due to persistent weaknesses in the presented systems. The goal of this paper is to help remedy this problem in two ways. The first is by providing a new algorithm that can be used to attack – and hence test the security of – stream ciphers based on the iteration of a chaotic map of the interval. The second is to cast discrete dynamical systems problems in a modern cryptographic and complexity theoretic language, so that researchers working in chaos-based cryptography can begin designing cryptographic protocols that have a better chance of meeting the extreme standards of modern cryptography.

Software and hardware realizations for different designs of chaos-based secret image sharing systems

Secret image sharing (SIS) conveys a secret image to mutually suspicious receivers by sending meaningless shares to the participants, and all shares must be present to recover the secret. This paper proposes and compares three systems for secret sharing, where a visual cryptography system is designed with a fast recovery scheme as the backbone for all systems. Then, an SIS system is introduced for sharing any type of image, where it improves security using the Lorenz chaotic system as the source of randomness and the generalized Arnold transform as a permutation module. The second SIS system further enhances security and robustness by utilizing SHA-256 and RSA cryptosystem. The presented architectures are implemented on a field programmable gate array (FPGA) to enhance computational efficiency and facilitate real-time processing. Detailed experimental results and comparisons between the software and hardware realizations are presented. Security analysis and comparisons with related literature are also introduced with good results, including statistical tests, differential attack measures, robustness tests against noise and crop attacks, key sensitivity tests, and performance analysis.

Performance Evaluation of Genetic Algorithm-Driven Blockchain Encryption for EHR Management and Validation

In the realm of electronic health record (EHR) management, ensuring robust security and validation mechanisms is paramount due to the sensitive nature of healthcare data. This research focuses on the performance evaluation of a genetic algorithm-driven blockchain encryption approach for enhancing EHR security and validation. The proposed method leverages genetic algorithms to optimize encryption parameters within a blockchain framework, aiming to safeguard patient privacy and prevent unauthorized access. By integrating advanced cryptographic techniques like Elliptic Curve Cryptography (ECC) and Keyed-Hash Message Authentication Code (HMAC)-based authentication, along with machine learning for data classification. The evaluation of the approach holds significant promise in advancing secure EHR management practices, addressing critical challenges in data privacy and integrity within healthcare environments. Finally, as a result, this study presents a comparative analysis of cryptographic systems genetic algorithm-driven blockchain encryption (GADBE)+ECC and GADBE+ Advanced Encryption Standard (AES), focusing on the scaling of encryption and decryption times relative to key sizes and data volumes. Results show that both systems exhibit increasing times with larger key sizes and data sizes. ECC consistently demonstrates superior speed over AES, with decryption times ranging from 0.4 to 3.5 seconds for key sizes from 128 to 512 bits, indicating potential performance advantages of ECC in cryptographic applications.

Local bit-level image encryption algorithm based on one dimensional zero excluded chaotic map

The exchange of digital images on the internet has become more convenient, but it has also led to increasing security concerns. Image encryption differs from text encryption, as inherent features such as massive data volume and high pixel correlation make it challenging to apply traditional AES and DES methods to images. This paper introduces a novel local bit-level image encryption algorithm based on chaos. Firstly, a new one-dimensional chaos system named the One-Dimensional Zero Excluded Chaotic Map (1D-ZECM) is designed, possessing features such as approximate global chaos, a broad chaos range, and high Lyapunov exponents, making it well-suited for cryptography. To resist brute force attacks, a hash function is employed to generate the encryption system’s key, further enhanced by using the 1D-ZECM to derive the key stream for the cryptographic system. Unlike traditional encryption methods that encrypt all 8 bits of a pixel, this algorithm focuses on the first six bits of each pixel during the encryption process, as the lower two bits contain less image information. In the diffusion process, the key stream generated by the 1D-ZECM is combined with mod and XOR operations to diffuse the rearranged image. Experimental results demonstrate that the proposed encryption algorithm exhibits high security and can resist common attacks. Moreover, when compared to representative algorithms, the proposed algorithm demonstrates better security and efficiency. The encryption algorithm presented in this paper provides a high-quality encrypted output.

Software implementation of systematic polar encoding based PKC-SPE cryptosystem for quantum cybersecurity

The ever-growing threats in cybersecurity growing with the rapid development of quantum computing, necessitates the development of robust and quantum-resistant cryptographic systems. This paper introduces a novel cryptosystem, Public Key Cryptosystem based on Systematic Polar Encoding (PKC-SPE), based on the combination of systematic polar encoding and public-key cryptographic principles. The Systematic Polar Encoding (SPE), derived from the well-established field of polar codes, serves as the foundation for this proposed cryptographic scheme. Here, we have used MATLAB Software to introduce and implement the PKC-SPE Cryptosystem. The paper examines key generation, encryption, and decryption algorithms, providing insights into the adaptability and efficiency of systematic polar encoding in public-key cryptography. We assess the efficiency of the PKC-SPE Cryptosystem in three aspects: key size, computational complexity, and system implementation timings. In addition, we compare the PKC-SPE Cryptosystem with PKC-PC cryptosystem and find that it has reduced key sizes (Pr\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$P_{r}$$\\end{document} = 0.8436 kbytes). The results obtained through simulations validate the effectiveness of the proposed cryptosystem and highlighting its potential for integration into real-world communication systems. Thus, in the paradigm shift to quantum computing, the PKC-SPE cryptosystem emerges as a promising candidate to secure digital communication in the quantum computing era.

Design of a High-Performance Iterative Barrett Modular Multiplier for Crypto Systems

Design of a High-Performance Iterative Barrett Modular Multiplier for Crypto Systems

A Survey on the Advanced Encryption Standard (AES): A Pillar of Modern Cryptography

As the digital landscape expands and our reliance on secure data transmission grows, the adoption of encryption technologies has become paramount. Over time, we have witnessed a progression from rudimentary ciphering methods, like substitution ciphers, to the sophisticated algorithms of today, epitomized by the Advanced Encryption Standard (AES). AES’s ascendancy to the forefront of encryption can be attributed to its unparalleled security features, surpassing its predecessors such as the Data Encryption Standard (DES). AES boasts robust security measures, rendering it virtually impervious to conventional cryptographic attacks. Its resilience against decryption is underscored by its intricate encryption process, which involves intricate operations such as byte substitution, row shifting, column mixing and round key addition. Conversely, decryption reverses these steps, ensuring the confidentiality of encrypted data remains intact. Despite the emergence of various cryptographic attacks, none have posed a significant threat to a properly implemented Full-AES algorithm. Most attacks target incomplete implementations, highlighting the importance of proper implementation practices in maximizing AES’s security benefits. Beyond its security prowess, AES stands out for its efficiency, sustainability and simplicity. Despite its widespread adoption and robustness against cryptanalytic attacks, AES exhibits an intriguing phenomenon known as error propagation. Through theoretical analysis and empirical investigations, we elucidate the mechanisms by which errors propagate within AES, shedding light on the vulnerabilities they introduce. Additionally, we explore the implications of error propagation in practical scenarios, including its impact on cryptographic protocols, error correction mechanisms and overall system reliability. Our findings underscore the importance of comprehensively understanding and mitigating the effects of error propagation in AES implementations, offering insights into enhancing the resilience of cryptographic systems against unforeseen adversities.

An Improved Algebraic Structure of Nonlinear Dynamical Systems

A substitution box is regarded as an eminent source of nonlinearity and perplexity in most of the block ciphers. In this work, we propose that the involvement of a local ring has a favorable influence on the highly desirable features of this nonlinear cryptographic system. We deploy the unit group of a local ring by considering its correspondence with the Galois field and design an algorithm that utilizes the algebraic properties of the local ring [Formula: see text], to synthesize a highly efficient S-box.

Recovery of the secret on Binary Ring-LWE problem using random known bits - Extended Version

There are cryptographic systems that are secure against attacks by both quantum and classical computers. Some of these systems are based on the Binary Ring-LWE problem which is presumed to be difficult to solve even on a quantum computer. This problem is considered secure for IoT (Internet of things) devices with limited resources. In Binary Ring-LWE, a polynomial a is selected randomly and a polynomial b is calculated as b = a.s + e where the secret s and the noise e are polynomials with binary coefficients. The polynomials b and a are public and the secret s is hard to find. However, there are Side Channel Attacks that can be applied to retrieve some coefficients (random known bits) of s and e. In this work, we analyze that the secret s can be retrieved successfully having at least 50% of random known bits of s and e.

Python - Powered Hybrid Visual Cryptography for Secure Cloud Transmission in the Banking Sector

This paper proposes a novel method to enhance security in cloud transmission within the banking sector by leveraging Python to implement a hybrid visual cryptography system. The approach combines visual cryptography with the robust RC4 algorithm to ensure the security of banking data. Sensitive banking information is divided into QR code shares to prevent any individual share from revealing information during encryption and decryption. These encrypted shares are then uploaded to cloud storage, enhancing security and confidentiality while facilitating proper information transmission. The system is designed to address security concerns in the banking industry, promoting effective data management and secure cloud transmission practices.

Co-design based FPGA implementation of an efficient new speech hyperchaotic cryptosystem in the transform domain

In this paper a new encryption system has been designed and implemented for real-time speech transmission to reduce bandwidth requirements, increase security and minimize residual intelligibility. To guarantee robustness and lightweight computation, the developed cryptosystem has been carried out in the wavelet transform domain based on a hyperchaotic model to generate mask and permutation keys. The cryptographic system has been designed using a hardware-software (HW/SW) co-design approach by developing several IP-cores in a relatively short development time. The performances and security evaluation of the system have been validated through simulation results followed by an experimental validation through the implementation of an encrypted speech signal transmission between two low cost Nexys-4 DDR FPGA platforms, operating in real-time for both wired and wireless communications. Compared to similar works, high performances have been obtained in terms of bandwidth efficiency due to the use of DWT, limited area of FPGA resources, low power consumption and high security level with a large keyspace that is sufficient to resist against brute force attacks. The designed system can be a very useful solution for many real-time secure integrated voice communication systems, multiple communication purposes, military, professional or personal high level of conversations security.

Revealing IoT Cryptographic Settings through Electromagnetic Side-Channel Analysis

The advancement of cryptographic systems presents both opportunities and challenges in the realm of digital forensics. In an era where the security of digital information is crucial, the ability to non-invasively detect and analyze cryptographic configurations has become significant. As cryptographic algorithms become more robust with longer key lengths, they provide higher levels of security. However, non-invasive side channels, specifically through electromagnetic (EM) emanations, can expose confidential cryptographic details, thus presenting a novel solution to the pressing forensic challenge. This research delves into the capabilities of EM side-channel analysis (EM-SCA), specifically focusing on detecting both cryptographic key lengths and the algorithms employed utilizing a machine-learning-based approach, which can be instrumental for digital forensic experts during their investigations. Through meticulous data processing and analysis, the Support Vector Machine (SVM) model, among others, demonstrated a notable accuracy of 94.55% in distinguishing between AES and ECC cryptographic operations. This capability significantly enhances digital forensic methodologies, offering a novel avenue for noninvasively uncovering encrypted data’s cryptographic settings. By identifying key lengths and algorithms without invasive procedures, this research contributes substantially to the advancement of forensic investigations in encrypted environments.

Asymmetric Cryptography Based on the Tropical Jones Matrix

In recent years, the tropical polynomial factorization problem, the tropical matrix decomposition problem, and the tropical multivariate quadratic equation solving problem have been proved to be NP-hard. Some asymmetric cryptographic systems based on tropical semirings have been proposed, but most of them are insecure and have been successfully attacked. In this paper, a new key exchange protocol and a new encryption protocol are proposed based on the difficulty of finding the multiple exponentiation problem of the tropical Jones matrices. The analysis results indicate that our protocol can resist various existing attacks. The complexity of attacking an MEP by adversaries is raised due to the larger number of combinations in the tropical Jones matrices compared to regular matrix polynomials. Furthermore, the index semiring is the non-negative integer cyclic matrix semiring, leading to a higher efficiency in key generation.