Modern Encryption Research Articles

Enhancing MQTT-SN Security with a Lightweight PUF-Based Authentication and Encrypted Channel Establishment Scheme

The communication of Industrial Internet of Things (IIoT) devices faces important security and privacy challenges. With the rapid increase in the number of devices, it is difficult for traditional security mechanisms to balance performance and security. Although schemes based on encryption and authentication exist, there are still difficulties in achieving lightweight security. In this paper, an authentication and key exchange scheme combining hardware security features and modern encryption technology is proposed for the MQTT-SN protocol, which is not considered security. The scheme uses Physical Unclonable Functions (PUFs) to generate unpredictable responses, and combines random numbers, time stamps, and shared keys to achieve two-way authentication and secure communication between devices and broker, effectively preventing network threats such as replay and man-in-the-middle attacks. Through verification, the proposed scheme has proved effective in terms of security and robustness, has computational and communication cost advantages compared with recent schemes, and provides higher availability.

ACM and rectangular images: Overlapping partitions, implementation, and periodicity analysis.

The Arnold Cat Map (ACM) is a popular chaotic map used in image encryption. Chaotic maps are known for their sensitivity to initial conditions and their ability to permute, or rearrange, pixels. However, ACM is periodic, and its period is relatively short. This periodicity decreases the effective key-space and security of a cryptosystem using ACM. Further, ACM is typically only able to be performed on square images. To solve the low periodicity and typical limitation to square images, this paper proposes performing ACM on overlapping square partitions which cover the entirety of an image. The presence of overlap results in a greatly increased image period. The resulting system will be referred to as overlapping ACM or OACM. Several papers have already discussed systems involving overlapping ACM. However, they did not discuss the implementation or periodicity of such a system in detail. This paper does cover the implementation and periodicity analysis of OACM and proposes a simple symmetric encryption system which uses OACM. The proposed encryption system is not as sophisticated or secure as other modern encryption schemes, since it is mainly intended as an initial test of OACM's utility. Histogram and sensitivity analyses did however indicate a level of security against various cryptographic attacks, and OACM performed reasonably in both the permutation and diffusion stages of the cryptosystem.

Ensuring confidentiality and data security in economic analysis of business entities: Challenges and solutions

In today's world, where digitization permeates all spheres of our lives, the issue of confidentiality and data security becomes particularly relevant. The significant dependence of businesses on the processing and analysis of large volumes of data necessitates a complete understanding of the risks associated with their storage and processing. Given this circumstance, the present investigation focuses on identifying and scrutinizing the primary obstacles and measures to guarantee data confidentiality and security within the economic analysis of business entities. The topic's relevance is enhanced by the constant development of technologies and the increasingly palpable growth of cyber threats, which require the development of innovative approaches and methods of information protection. The analysis conducted in this study allows us to establish that the main challenges for ensuring data security include not only technical aspects but also the need to balance confidentiality and usability, as well as between centralized and decentralized data storage. It has been revealed that adequate confidentiality requires a comprehensive approach, including modern encryption technologies and authentication and the development of internal security policies and employee training programs. The study's conclusions underscore that ensuring data confidentiality and security requires coordinated interaction between technical solutions and organizational measures. Emphasis is placed on the importance of innovative technologies, such as artificial intelligence and blockchain, for enhancing security levels. The obtained results have significant practical implications for business entities, enabling them to develop and implement effective data protection strategies. For further research, it is proposed to focus on developing adaptive protection models capable of resisting the changing conditions of the digital environment.

Physical Unclonable Functions with Hyperspectral Imaging System for Ultrafast Storage and Authentication Enabled by Random Structural Color Domains.

Physical unclonable function (PUF) is attractive in modern encryption technologies. Addressing the disadvantage of slow data storage/authentication in optical PUF is paramount for practical applications but remains an on-going challenge. Here, a highly efficient PUF strategy based on random structural color domains (SCDs) of cellulose nanocrystal (CNC) is proposed for the first time, combing with hyperspectral imaging system (HIS) for ultrafast storage and authentication. By controlling the growth and fusion behavior of the tactoids of CNC, the SCDs display an irregular and random distribution of colors, shapes, sizes, and reflectance spectra, which grant unique and inherent fingerprint-like characteristics that are non-duplicated. Based on images and spectra, these fingerprint features are used to develop two sets of PUF key generation methods, which can be respectively authenticated at the user-end and the manufacturer-front-end that achieving a high coding capacity of at least 22304. Notably, the use of HIS greatly shortens the time of key reading and generation (≈5s for recording, 0.5-0.7s for authentication). This new optical PUF labels can not only solve slow data storage and complicated authentication in optical PUF, but also impulse the development of CNC in industrial applications by reducing color uniformity requirement.

An innovative design of substitution-box using Trigonometric-Multiplicative Functions Using Square Root Arguments: A Data-driven study.

In the evolving landscape of digital technology, the imperative for robust data security mechanisms has escalated, given the increasing sophistication of cyber threats. This abstract delineates a study focused on enhancing cryptographic defenses through the innovation of a Substitution box (S-Box), which is pivotal in the architecture of modern encryption algorithms. The proposed S-Box, deriving its foundation from chaotic maps integrated with trigonometric-multiplicative functions, represents a novel approach in cryptographic design, utilizing square root arguments to instigate dynamic characteristics. The evaluation of the proposed S-Box was methodically conducted using a comprehensive set of cryptographic benchmarks including Nonlinearity (NL), Strict Avalanche Criterion (SAC), Bit Independence Criterion (BIC), Linear Approximation Probability (LP), and Differential Approximation Probability (DP), to ascertain its defensive robustness against cryptanalytic attacks. The comparative analysis delineated in this study reveals that the cryptographic strength of the proposed S-Box transcends that of other contemporaneously designed S-Boxes thereby underscoring its potential applicability in real-world security scenarios. The findings of this research not only contribute to the theoretical underpinnings of cryptographic security but also have practical implications in the development of more secure digital environments fortifying data against unauthorized access and ensuring the integrity of confidential information in digital communications.

Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum

AbstractThe recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full‐mesh VPN solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three VPN solutions for further tests: Headscale, Netbird, and ZeroTier. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod‐to‐pod TCP and UDP throughput as well as Kubernetes application programming interface (API) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred VPN solution depending on the use‐case at hand, striking a balance between usability and performance.

CONSTRUCTION OF SUBSTITUTION BOX (S-BOX) BASED ON IRREDUCIBLE POLYNOMIALS ON GF(2^8)

In the field of modern encryption algorithms, the creation of S-Box is an essential element that plays an important role in maintaining data security in various industries. This article provides a comprehensive review of various S-Box designs, with particular emphasis on essential parameters such as “Average ”, “Average ” and “Non-linearity value”. The main goal is to determine the most optimal S-Box structure to minimize correlation, thereby improving the security and unpredictability of the cryptographic system. Research results indicate that the S-Box characterized by the 1BD hexadecimal code is superior to its counterparts. It has an average value of 4.1953 and an average value of 0.4756. In contrast, the S-Box represented by hexadecimal code 169 displays a relatively lower level of security, with an average d value of 3.8750 and an average value of 0.5156. These results enable security experts and cryptographers to make the correct choice when selecting the S-Box with the minimum correlation value, thereby strengthening cryptographic systems against emerging cyber threats.

Software implementation of the data encryption module on the BeagleBone platform for data transmission systems with increased cryptoresistance

In today's digital world, where the exchange of information is an integral part of our daily lives, ensuring information security becomes a criticaltask. This work aimsto develop an information protection module for data encryption on the BeagleBone platform for data transmission systems with increased crypto resistance. Itis a hardware system based on a BeagleBone AI 64 microcomputer with antennas for transmitting/receiving data. Since the information is transmitted over a physically unprotected channel, developing a module that will encrypt the data is necessary. The information protection module ensures the confidentiality of the transmitted data in the system using the AES symmetric encryption algorithm with a variable key length (128/192/256 bits). Regardless of the hardware platform, it is characterized by universality, as it can be run on the Linux kernel adapted for use on embedded systems. Providesoptions for configuring protocols and encryption algorithms. In the process of developing the security module, modern encryption methods and algorithms were used (AES 128/192/256 –for data encryption, RSA –for the distribution of secret keys), in addition, a lightweight protocol for secure data transmission Scplight was implemented as an alternative to OpenSSL, which improves transfer speed on low-power hardware platforms. The developed information protection module has undergone thorough testing on a real system. Thedevelopment of the information protection module is based on the need for a universal component that provides high-quality data protection in wireless communication systems. This module will accelerate the development of relatively affordable physical means of secure communication, a critical partofsuch projects. The module is implemented as a library written in the C language, which implements an API for establishing a secure connection and further forwarding information over an unprotected transmissionchannel. In addition, a configurator programallows you to change the module settings even in real-time when client applications use it. This ensures continuous, seamless, and secure data exchangeandconvenient configuration of the module. Many supporting libraries were used in the development process, including Crypton, Libgcrypt, Openssl, Ncurses and Sqlite3.

Issues of Practical Application of Cryptography to Ensure Data Security

In modern society, digital technologies have become embedded in everyday life, increasing the risk of data leakage. Cryptography is becoming a key means of ensuring the confidentiality, integrity and authenticity of information. However, the application of cryptography faces challenges such as threats to data security systems and the constant development of hacking techniques. Lack of user awareness of the importance of security, use of weak passwords, the advent of quantum computers and inattention to data protection increase vulnerability. To solve the problems, a comprehensive approach has been proposed, including education, improving security standards, developing quantum-resistant methods, improving authentication technologies and actively updating encryption methods. Modern encryption methods are reviewed, including symmetric and asymmetric algorithms and examples of their use in everyday life, covering areas from banking transactions to instant messengers and email.

A medical image encryption scheme based on Mobius transformation and Galois field

Data security and privacy are considered to be the biggest problems faced by service providers who have worked with public data for a long time. A key element of modern encryption that is utilized to increase textual confusion is the Substitution box (S-box) and the algebraic strength of the S-box has a significant impact on how secure the encryption method is. In this article, we present a unique method that uses a linear fractional transformation on a finite field to produce cryptographically robust S-boxes. Firstly, we choose a specific irreducible polynomial of degree 8 in Z2[x] to construct GF(28). Later, we used the action of PGL(2,GF(28)) on GF(28) to generate a robust S-box. The effectiveness of the built-in S-box was evaluated using several criteria including non-linearity, differential uniformity, strict avalanche criteria, linear approximation probability, and bit independence criterion. The proposed S-box's characteristics are compared to those of most recent S-boxes to confirm the higher performance. Additionally, the S box was used to encrypt images to show its usefulness for multimedia security applications. We performed several tests, including contrast, correlation, homogeneity, entropy, and energy, to evaluate the success of the encryption technique. The proposed method for ciphering an image is very effective, as proven by its comparison with several S boxes.

Logistic regression-based side-channel analysis attacks

Advanced Encryption Standard (AES) is a modern concept in cryptography. Most of modern encryption schemes and devises are built based on this standard. Those encryption systems have really high resistance to most of modern attacking methods. However, this passage will introduce the most powerful way of attacking: Side-Channel Analysis (SCA). By performing such attacking by artificial intelligence model, it shows that they can break the encryption system in a very efficient and effective way. By using ASCAD database, this passage analysis some properties when using logistic regression to perform Side-Channel-Attack on the traces of the encryption system. Since in the original article, the authors only analysis the performance of multilayer perceptron (MLP) and convolution neural network (CNN), this passage aims to apply similar methodology to logistic regression and analyse its performance in different circumstances. Moreover, some interesting properties about logistic regression was found, and it can sometimes perform better than systems in the original passage in certain situation.

Neural Network Based Data Encryption: A Comparison Study among DES, AES, and HE Techniques

With the improvement of technology and the continuous expansion and deepening of neural network technology, its application in computer network security plays an important role. However, the development of neural networks is accompanied by new threats and challenges. This paper proposes to encrypt the weight data using encryption algorithms and embed image encryption algorithms to improve protected data security further. The purpose is to address the feasibility and effectiveness of using modern encryption algorithms for data encryption in machine learning in response to data privacy breaches. The approach consists of training a neural network to simulate a model of machine learning and then encrypting it using Data Encryption Standard (DES), Advanced Encryption Standard (AES), and Homomorphic Encryption (HE) techniques, respectively. Its performance is evaluated based on the encryption/decryption accuracy and computational efficiency. The results indicate that combining DES with Blowfish offers moderate encryption and decryption speeds but is less secure than AES and HE. AES provides a practical solution, balancing security and performance, offering a relatively swift encryption and decryption process while maintaining high security. However, Fernet and HE present a viable alternative if data privacy is a top priority. Encryption and decryption times increase with file size and require sufficient computational resources. Future research should explore image encryption techniques to balance security and accurate image retrieval during decryption. Advanced privacy-preserving approaches, such as differential privacy and secure multi-party computation, may enhance security and confidentiality in digital encryption and decryption processes.

DCDRO:A true random number generator based on dynamically configurable dual-output ring oscillator

As an essential component of modern encryption systems, a true random number generator (TRNG) has made significant contributions to information security. A configurable true random number generator with low hardware overhead and high throughput is presented in this paper. The structure utilizes an odd number of NAND gates and XOR gates to create a dynamically configurable dual-output ring oscillator. By increasing the phase noise in a short period, the time jitter range is expanded, thereby improving the randomness of the entropy source. Additionally, the XOR post-processing reduces the bias of the random sequence. The structure has undergone several tests and validations on the Xilinx Kintex-7, and the experimental results demonstrate that the proposed TRNG has strong robustness under varying environmental conditions, including different temperatures (0 °C–80 °C) and output voltages (0.8 V–1.2 V). It only consumes 28 LUTS and 5 DFFs in hardware resources and achieves a throughput of up to 200 Mb/s.

IMPLEMENTATION OF TRAFFIC PROTECTION BASED ON IPSEC VPN TECHNOLOGY AND NETWORK MODELING ON ENSP SOFTWARE ENVIRONMENT

The article is devoted to the study of such technology as IPsec VPN. The role of this technology in the field of information and communication technologies is quite significant. Firstly, IPsec VPN supports many modern encryption algorithms and authentication methods. Secondly, IPsec VPN is supported by many vendors, which allows you to deploy this technology based on equipment from different manufacturers. Thirdly, IPsec VPN does not require much performance from the hardware. Fourth, IPsec VPN is easy to use and easy to monitor. This article shows an example of IPsec VPN implementation on eNSP software environment based on Huawei equipment. As can be seen from the practical part of the article, the creation and implementation of this technology consists of only four steps.

Comparisons of Conventional Computing and Quantum Computing Approaches

Quantum computers are capable of ultra fast computation in the fields where classical computers fail. Even though quantum computers are nowhere near commercialization, many researchers have developed quantum algorithms in fields such as modern encryption and molecular simulation, which, in theory, are exponentially faster than their classical counterparts. In this case, this paper will discuss the advantages of quantum computers over classical computers in those fields by examining and analyzing the various quantum algorithms. To be specific, the develop routine as well as detail examples will be exhibited to illustrate the differences and preferences. In addition, this study will also fully aware of the challenges that quantum computing researchers are facing. On this basis, possible limitations of quantum computers are also presented. The aim is to promote interest in quantum computing by introducing their supremacy in modern encryption and biological science. These results shed light on guiding further exploration of quantum computing algorithms.

A new authentication scheme based on monogenic semigroup

The reduction of constrained mathematical structures leads us to generalize any abstract structures. Using minimum conditions to construct a secure and robust component of the modern encryption algorithm is one crucial problem in multimedia security. With this understanding, we have proposed a new algebraic structure, namely monogenic semigroup, to construct a digital information authentication scheme. Authentication is always completed at the beginning of the application, before any throttling or approval checks are performed, and before any other code is allowed to begin running in the background. Many authentication schemes offer a complex structure for implementation in cryptosystems and applications. The anticipated mechanism uses a simple mathematical structure having the least conditions as compared to other mathematical structures. The suggested scheme provides structures for the authentication of text messages and images.

An Integrated Image Encryption Scheme Based on Elliptic Curve

Due to the extensive demand for digital images across all fields, the security of multimedia data over insecure networks is a challenging task. The majority of the existing modern encryption schemes are merely developed that ensure the confidentiality of the image data. This manuscript presents a new image encryption scheme that ensures confidentiality, user authentications, and secure key sharing among the communicating parties. Initially, the users share a secret parameter using Diffie-Hellman over the elliptic curve and pass it through SHA-256. Afterwards, the proposed scheme uses the first 128-bits for the confidentiality of the data, while the remaining 128-bits are for authentication. In the encryption algorithm, the confusion module is achieved by affine power affine transformation. At the same time, the diffusion module is attained through highly nonlinear sequences, which are generated through the elliptic curve. Experimental testing and the latest available security tools are used to verify the effectiveness of the proposed algorithm. The simulation findings and the comparison of the proposed scheme with the existing image encryption techniques reveal that the suggested scheme offers a sufficient degree of security. Furthermore, the outcome of the simulation results divulges several advantages of the proposed scheme, including a large key space, resistance to differential attacks, high efficiency, and strong statistical performance.

Financial market of Ukraine: analysis of the current state, threats, problems and prospects

The financial market of Ukraine is undergoing significant challenges due to martial law, but these difficult conditions also encourage radical changes and innovation in the sector. One of the new development vectors is digitization, which becomes a necessary tool for conducting operations and exchange of information in war. The use of digital technologies and electronic payment systems helps to ensure the safety, convenience and efficiency of financial transactions. Increasing the availability of financial services is another important area of development in the financial market during martial law. In order to facilitate the financial situation of people who are undergoing financial difficulties, it is important to provide access to various financial services for all segments of the population. The use of virtual communication technologies can reduce geographical and physical restrictions, giving people the opportunity to receive financial services in a convenient way for them. Despite all the challenges, there are factors that contribute to the functioning of the financial market in the conditions of martial law. Understanding the problems and needs of the market allows financial institutions to adapt to new conditions and look for effective solutions. An important role is given to the adaptation of the legislation to new realities and to promote innovations in the financial sector. In order to ensure the successful functioning of the financial market in war, it is necessary to create a favorable regulatory and regulatory framework that would support the introduction of the latest technologies and innovation. In addition, the creation of partnerships between different industries, such as the financial sector, technological companies and government bodies, is an important element of the development of the financial market. Joint work and knowledge exchange allow you to create innovative solutions and put them into practice. For example, creating specialized financial companies that combine financial and technological knowledge can contribute to the rapid development and implementation of new financial products and services. In the light of martial law in Ukraine, it is important to pay attention to the creation of financial systems from cyber attacks and abuse. Cybersecurity development and the use of modern encryption and identification technologies can help prevent financial crimes and maintain confidence in the financial system. The war in Ukraine has become a catalyst for changes in the financial sector. Digitalization, automation, increased availability of financial services and inclusivity are key vectors of development. Success factors include understanding the needs of the market, adaptation of legislation, innovation and creating favorable conditions for financial intermediaries. All these changes are aimed at improving the efficiency, safety and availability of financial services for the population during the war.

Problems of AES encryption without hardware acceleration on BROADCOM BCM2711chips

In today’s world, information security plays a critical role in various aspects of our lives. Over the past decade, data encryption has become the primary means of ensuring confidentiality, integrity, and availability of information. Using modern encryption algorithms, we can protect our data from unauthorized access and malicious use. With the development of technology, single-board computers are becoming more popular and functional. The use of single-board computers can significantly increase the functionality of UAVs. For example, using a single-board computer with real-time video processing capabilities can enable UAVs to perform tasks such as monitoring territories, tracking objects, or even performing search and rescue operations. However, devices such as unmanned aerial vehicles (UAVs), which require high data processing speeds and low energy consumption, are often limited by the lack of hardware acceleration for encryption algorithms such as AES [1]. This leads to a sharp decrease in encryption and decryption speeds. Such a limitation requires us to search for effective alternatives to the AES algorithm for such devices. Considering these limitations and the need for alternatives, the purpose of this article is to compare the performance of different encryption algorithms on the Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC [2]. We analyze the encryption and decryption speeds for AES-256, AES-512, ChaCha12, and ChaCha20 algorithms. This will allow us to understand which algorithm is most effective for use in UAV control systems and other devices built on Bcm2711 that do not have AES hardware acceleration. I hope that this analysis will help developers and engineers choose the optimal encryption algorithm for their systems, considering factors such as speed, security, and hardware limitations.

Combined Pseudo-Random Sequence Generator for Cybersecurity

Random and pseudo-random number and bit sequence generators with a uniform distribution law are the most widespread and in demand in the market of pseudo-random generators. Depending on the specific field of application, the requirements for their implementation and the quality of the generator's output sequence change. In this article, we have optimized the structures of the classical additive Fibonacci generator and the modified additive Fibonacci generator when they work together. The ranges of initial settings of structural elements (seed) of these generators have been determined, which guarantee acceptable statistical characteristics of the output pseudo-random sequence, significantly expanding the scope of their possible application, including cybersecurity. When studying the statistical characteristics of the modified additive Fibonacci generator, it was found that they significantly depend on the signal from the output of the logic circuit entering the structure. It is proved that acceptable statistical characteristics of the modified additive Fibonacci generator, and the combined generator realized on its basis, are provided at odd values of the module of the recurrent equation describing the work of such generator. The output signal of the combined generator has acceptable characteristics for a wide range of values of the initial settings for the modified additive Fibonacci generator and the classic additive Fibonacci generator. Regarding the use of information security, it is worth noting the fact that for modern encryption and security programs, generators of random numbers and bit sequences and approaches to their construction are crucial and critical.