Public Key Cryptographic Algorithms Research Articles

Optimization of SM2 Algorithm Based on Polynomial Segmentation and Parallel Computing

The SM2 public key cryptographic algorithm is widely utilized for secure communication and data protection due to its strong security and compact key size. However, the intensive large integer operations it requires pose significant computational challenges, which can limit the performance of Internet of Things (IoT) terminal devices. This paper introduces an optimized implementation of the SM2 algorithm specifically designed for IoT contexts. By segmenting large integers as polynomials within a modified Montgomery modular multiplication algorithm, the proposed method enables parallel modular multiplication and reduction, thus addressing storage constraints and reducing computational redundancy. For scalar multiplication, a Co-Z Montgomery ladder algorithm is employed alongside Single Instruction Multiple Data (SIMD) instructions to enhance parallelism, significantly improving efficiency. Experimental results demonstrate that the proposed scheme reduces the computation time for the SM2 algorithm’s digital signature by approximately 20% and enhances data encryption and decryption efficiency by about 15% over existing methods, marking a substantial performance gain for IoT applications.

Generalized NTRU Algorithms on Algebraic Rings

The NTRU (Number Theory Research Unit) is a prominent post-quantum public key cryptography algorithm and a current focus of research. Although many NTRU variants have been proposed, a comprehensive generalization of these variants is still lacking. To address this issue, we propose the G-NTRU (Generalized NTRU), an algorithmic framework for NTRU variants on algebraic rings. This framework generalizes specific ring extensions to more general algebraic structures, allowing the unification of various NTRU variants. We then analyze the key properties of the G-NTRU, including correctness, lattice-based characteristics, and security. The semantic security of the G-NTRU is demonstrated through the introduction of the G-AGCD (Generalized Approximate Greatest Common Divisor). To validate the generality of the G-NTRU framework, we introduce the CNTRU (Complex Number NTRU), a variant of the NTRU over the ring of complex numbers. The CNTRU shares the same properties as the G-NTRU, further confirming the versatility of the G-NTRU in studying NTRU variants over algebraic rings.

A quantum-safe authentication scheme for IoT devices using homomorphic encryption and weak physical unclonable functions with no helper data

Physical Unclonable Functions (PUFs) are widely used to authenticate electronic devices because they take advantage of random variations in the manufacturing process that are unique to each device and cannot be cloned. Therefore, each device can be uniquely identified and counterfeit devices can be detected. Weak PUFs, which support a relatively small number of challenge-response pairs (CRPs), are simple and easy to construct. Device authentication with weak PUFs typically uses helper data to obfuscate and recover a cryptographic key that is then required by a cryptographic authentication scheme. However, these schemes are vulnerable to helper-data attacks and many of them do not protect conveniently the PUF responses, which are sensitive data, as well as are not resistant to attacks performed by quantum computers. This paper proposes an authentication scheme that avoids the aforementioned weaknesses by not using helper data, protecting the PUF response with a quantum-safe homomorphic encryption, and by using a two-server setup. Specifically, the CRYSTALS-Kyber public key cryptographic algorithm is used for its quantum resistance and suitability for resource-constrained Internet-of-Things (IoT) devices. The practicality of the proposal was tested on an ESP32 microcontroller using its internal SRAM as a SRAM PUF. For PUF responses of 512 bits, the encryption execution time ranges from 16.41 ms to 41.08 ms, depending on the desired level of security. In terms of memory, the device only needs to store between 800 and 1,568 bytes. This makes the solution post-quantum secure, lightweight and affordable for IoT devices with limited computing, memory, and power resources.

No Sum (NS) Sequence: A Tool for Quantum-Safe Cryptography

Quantum computing is emerging as a promising technology that can solve the world’s most complex and computationally intensive problems, including cryptography. Conventional cryptography is now facing a severe threat because of the speed of computation offered by quantum computers. There is a need for the standardization of novel quantum-resistant public-key cryptographic algorithms. In this article, the No-Sum (NS) sequence-based public key cryptosystem is proposed, increasing the computational resource requirement against the quantum computer-assisted bruteforce attack. In this paper, we demonstrate an elevation of security of the public key cryptosystem with NS sequence. The proposed methodology works in two phases; in the first phase, the conventional RSA algorithm is used to share the first element and offset parameter between the receiver and sender. In the second phase, prime numbers are generated from the NS sequence and used for encryption/ decryption of messages/ciphers. This paper illustrates the potential of the NS sequence in developing a quantum-resistant cryptosystem, contributing to the advancement of secure communication in the quantum computing era.

An Improved Multi-Chaotic Public Key Algorithm Based on Chebyshev Polynomials

Due to the similar characteristics of chaotic systems and cryptography, public key encryption algorithms based on chaotic systems are worth in-depth research and have high value for the future. Chebyshev polynomials have good properties and are often used in the design of public key algorithms. This paper improves the Bose Multi-Chaotic Public Key Cryptographic Algorithm (BMPKC) by applying Chebyshev polynomials. The proposed algorithm (CMPKC-) introduces the selective coefficient based on the properties of Chebyshev polynomials, allowing the special functions that need to be negotiated in the original system to be freely and randomly chosen as Chebyshev polynomials, and can also be expanded to m levels. The improved cryptographic algorithm also utilizes chaotic hash functions and logistic mapping to generate pseudo-random sequences and overcomes shortcomings of the Bose algorithm by iteratively iterating the selected Chebyshev polynomials based on the number of 0s or 1s in the pseudo-random sequence, thus providing better security. Analysis and software testing results indicate that this algorithm has strong robustness against brute force attacks, achieving a higher attack time for breaking the private key compared to the CEPKC, BMPKC, and CMPKC algorithms. Compared to the CMPKC algorithm, our proposal algorithm achieves better performance in the encryption and decryption phases. Furthermore, we combine this Multi-Chaotic System Key Exchange Protocol with the Advanced Encryption Standard (AES) algorithm, while providing a demonstration, offering more possibilities for practical applications of this system.

Compact and Low-Latency FPGA-Based Number Theoretic Transform Architecture for CRYSTALS Kyber Postquantum Cryptography Scheme

In the modern era of the Internet of Things (IoT), especially with the rapid development of quantum computers, the implementation of postquantum cryptography algorithms in numerous terminals allows them to defend against potential future quantum attack threats. Lattice-based cryptography can withstand quantum computing attacks, making it a viable substitute for the currently prevalent classical public-key cryptography technique. However, the algorithm’s significant time complexity places a substantial computational burden on the already resource-limited chip in the IoT terminal. In lattice-based cryptography algorithms, the polynomial multiplication on the finite field is well known as the most time-consuming process. Therefore, investigations into efficient methods for calculating polynomial multiplication are essential for adopting these quantum-resistant lattice-based algorithms on a low-profile IoT terminal. Number theoretic transform (NTT), a variant of fast Fourier transform (FFT), is a technique widely employed to accelerate polynomial multiplication on the finite field to achieve a subquadratic time complexity. This study presents an efficient FPGA-based implementation of number theoretic transform for the CRYSTAL Kyber, a lattice-based public-key cryptography algorithm. Our hybrid design, which supports both forward and inverse NTT, is able run at high frequencies up to 417 MHz on a low-profile Artix7-XC7A100T and achieve a low latency of 1.10μs while achieving state-of-the-art hardware efficiency, consuming only 541-LUTs, 680 FFs, and four 18 Kb BRAMs. This is made possible thanks to the newly proposed multilevel pipeline butterfly unit architecture in combination with employing an effective coefficient accessing pattern.

BPS-V: A blockchain-based trust model for the Internet of Vehicles with privacy-preserving

The trust system is widely used to prevent malicious behaviors, and it is a key element for vehicles to establish interactions in the Internet of Vehicles (IoV). Nevertheless, trust and privacy remain unresolved concerns stemming from the distinctive features of the IoV. The IoV must thwart malicious attackers from spreading false data while ensuring that the vehicle’s evaluation data is not leaked, which is of utmost importance. In this paper, we propose a blockchain-based trust model (BPS-V), which supports ciphertext computation of trust evaluation data submitted by different vehicles. Design a cooperative update method for vehicle trust, which utilizes an improved distributed two-trapdoor public-key cryptography algorithm to achieve cooperative computing of trust and reduce the risk of privacy leakage of evaluation data. On this basis, BPS-V introduces blockchain sharding technology to realize cross-domain storage and sharing of the trust. Simulation results show that our scheme can effectively protect the privacy of evaluation data and maintain a high detection rate and low false alarm rate in different road environments. Compared with traditional schemes, BPS-V can improve the efficiency of trust updates and the detection of malicious vehicles by 9.5% and 32%.

An Improved Public Key Cryptographic Algorithm Based on Chebyshev Polynomials and RSA

Due to its very desirable properties, Chebyshev polynomials are often used in the design of public key cryptographic systems. This paper discretizes the Chebyshev mapping, generalizes the properties of Chebyshev polynomials, and proposes an improved public key encryption algorithm based on Chebyshev chaotic mapping and RSA, i.e., CRPKC−Ki. This algorithm introduces alternative multiplication coefficients Ki, the selection of which is determined by the size of TrTdxmod N=TdTrxmod N, and the specific value selection rules are shared secrets among participants, overcoming the shortcomings of previous schemes. In the key generation and encryption/decryption stages, more complex intermediate processes are used to achieve higher algorithm complexity, making the algorithm more robust against ordinary attacks. The algorithm is also compared with other RSA-based algorithms to demonstrate its effectiveness in terms of performance and security.

The Application of Fermat’s Little Theorem in Cryptography

This article aims to demonstrate the application of Fermat’s theorem in cryptography. With the development of technology, we have access to more and more information, and the necessity of encryption has also increased. As a mainstream public key cryptography algorithm, RSA encryption will demonstrate the application of Fermat’s theorem in RSA encryption in this article. To achieve this, I will introduce cryptography and Fermat’s theorem separately. Then, I will explain how the RSA encryption algorithm and Fermat’s theorem are applied to the RSA encryption algorithm. Finally, I will demonstrate it using Python. The theoretical proof and encryption process were elaborated on through empirical Python programming examples. Then, I will discuss whether RSA encryption is safe. Finally, I will give my conclusion.

Стандартизація еліптичних кривих: аналіз та впровадження в криптографічні протоколи

The purpose of the article is to consider the current state of elliptic cryptography, the prerequisites for its use, as well as the requirements of modern standards related to the use of elliptic cryptography The use of elliptic curves in cryptography is considered one of the most promising areas of development of modern security algorithms. This mathematical approach is based on the complexity of solving the discrete logarithm problem in a group of points of an elliptic curve over a finite field. The use of cryptography on elliptic curves allows you to ensure the security of data exchange using effective encryption algorithms and the creation of digital signatures (DI). This study examines elliptic curves for cryptographic purposes, and provides basic operations on the point group of elliptic curves. Special attention is paid to Elliptic curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA) key exchange algorithms. The standards regulating the use of elliptic curves in cryptographic systems are also analyzed, and the advantages of this cryptographic paradigm compared to the main asymmetric algorithms are considered. Potential threats and vulnerabilities of cryptographic algorithms based on elliptic curves are investigated. Examples of popular standardized curves recommended by relevant organizations, such as NIST, used in real-world cryptographic applications are also provided. Elliptic curve cryptography (ECC) is currently one of the foundations for the development of modern public-key cryptographic algorithms. ECC has gained recognition in cryptography for providing a high level of security with shorter key lengths (compared to other cryptographic approaches), high speed, resource savings, and versatility, giving it an advantage over other methods such as RSA and others. It provides a secure network connection, generates secret keys for TLS servers and their clients, and is also used to create digital signatures that guarantee the authenticity of transactions in cryptocurrency systems.

A comparative analysis of public key cryptographic algorithms: RSA, ELGamal, and elliptic curve encryption

Cryptography stands as an indispensable and efficient facet within the expansive field of information security. It offers a reliable method for ensuring the confidentiality and integrity of data during the complex process of information transmission between a sender and a recipient. Beyond this, exclusive decryption privileges are meticulously reserved for the designated recipient. This individual holds the exclusive authority to decipher the transmitted information, which has been encrypted by the key holder beforehand. This scholarly investigation introduces and delves into three prevalent cryptographic algorithms: RSA, El-Gamal, and Elliptic Curve Cryptography. It offers a discerning examination and contrast of the underlying mathematical challenges associated with each sophisticated method. The discourse unfolds a detailed comparative analysis of these three pivotal algorithms, zeroing in on their crucial aspects such as key size length and operational running time. The in-depth exploration within this study aims to shed light on the intricate workings, strengths, and potential limitations of RSA, El-Gamal, and Elliptic Curve Cryptography. By unraveling these aspects, the study contributes to a richer understanding and more informed choices in the practical application of cryptographic algorithms, enhancing the overarching realm of information security in an increasingly digital and interconnected world.

An Analysis of the Performance and Randomness of Lattice-based Public Key Cryptography Algorithms

An Analysis of the Performance and Randomness of Lattice-based Public Key Cryptography Algorithms

Analysis of Elliptic Curve Cryptography & RSA

In today’s digital world, the Internet is an essential component of communication networks. It provides a platform for quickly exchanging information among communicating parties. There is a risk of unauthorized persons gaining access to our sensitive information while it is being transmitted. Cryptography is one of the most effective and efficient strategies for protecting our data and it are utilized all around the world. The efficiency of a cryptography algorithm is determined by a number of parameters, one of which is the length of the key. For cryptography, key (public/private) is an essential part. To provide robust security, RSA takes larger key size. If we use larger key size, the processing performance will be slowed. As a result, processing speed will decrease and memory consumption will increase. Due to this, cryptographic algorithms with smaller key size and higher security are becoming more popular. Out of the cryptographic algorithms, Elliptic Curve Cryptography (ECC) provides equivalent level of safety which RSA provides, but it takes smaller key size. On the basis of key size, our work focused on, studied, and compared the efficacy in terms of security among the well-known public key cryptography algorithms, namely ECC (Elliptic Curve Cryptography) and RSA (Rivets Shamir Adelman).

A Novel JSF-Based Fast Implementation Method for Multiple-Point Multiplication

ECC is a popular public-key cryptographic algorithm, but it lacks an effective solution to multiple-point multiplication. This paper proposes a novel JSF-based fast implementation method for multiple-point multiplication. The proposed method requires a small storage space and has high performance, making it suitable for resource-constrained IoT application scenarios. This method stores and encodes the required coordinates in the pre-computation phase and uses table lookup operations to eliminate the conditional judgment operations in JSF-5, which improves the efficiency by about 70% compared to the conventional JSF-5 in generating the sparse form. This paper utilizes Co-Z combined with safegcd to achieve low computational complexity for curve coordinate pre-computation, which further reduces the complexity of multiple-point multiplication in the execution phase of the algorithm. The experiments were performed with two short Weierstrass elliptic curves, nistp256r1 and SM2. In comparison to the various CPU architectures used in the experiments, our proposed method showed an improvement of about 3% over 5-NAF.

Error Detection Schemes Assessed on FPGA for Multipliers in Lattice-Based Key Encapsulation Mechanisms in Post-Quantum Cryptography

Advances in quantum computing have brought the need for developing public-key cryptosystems secure against attacks potentially enabled by quantum computers. In late 2017, the National Institute of Standards and Technology (NIST) launched a project to standardize one or more quantum computer-resistant public-key cryptographic algorithms. Among the main post-quantum algorithm classes, lattice-based cryptography is believed to be quantum-resistant. The standardization efforts including that of the NIST which will be concluded in 2022-2024 also affirm the importance of such algorithms. In this work, we propose error detection schemes for lattice-based key encapsulation mechanisms (KEMs). As our case study, we apply such schemes to the hardware accelerators for three post-quantum cryptographic algorithms that have advanced to the third round of the NIST PQC standardization process, i.e., FrodoKEM, Saber, and NTRU. The merit of the proposed schemes is that they can be applied to other applications and cryptographic algorithms that use multiplications in their hardware accelerators. The schemes proposed in this paper are based on recomputing with shifted, negated, and scaled operands. Moreover, we implement our fault detection schemes on field-programmable gate array (FPGA) family Kintex Ultrascale+ device xcku5p-sfvb784-1LV-i to benchmark the overheads induced and the performance degradation of the proposed approaches when added to the original architectures. The results show acceptable overhead and high error coverage for all three studied NIST PQC finalists.

THE STATE OF STANDARDIZATION OF POST-QUANTUM CRYPTO-ALGORITHMS AT THE GLOBAL LEVEL

Abstract. In the digital age, cryptography is widely used in various important systems such as financial, military and government ones, medical records etc. The life of modern people is closely connected with the cryptography. We send messages via instant messengers without even considering in which way the security of communications and data is ensured. We buy things both online and transfer money with confidence in transaction security. The level of digitization of our society is constantly increasing, and the digital data needs a reliable protection, which makes cryptography a current topic. Cryptographic systems ensure our security and the basic properties of information, such as privacy, integrity, availability. However, with the beginning of the development of quantum computers, the field of cryptography has developed in a new direction. Quantum cryptography is a science that studies the methods of communication systems protection. It is based on the idea that patterns of quantum physics (physical properties described by the laws of quantum optics, quantum electrodynamics, or quantum field theory) are inviolable. The current state of development and usage of powerful quantum computers, as well as their mathematical and software, is strictly confidential and securely protected. Only clear-cut information about quantum computers and their usage in cryptography is provided. NIST has announced an open competition to select quantum-resistant public-key cryptographic algorithms. After the third round, CRYSTALS-KYBER, CRYSTALS Dilithium, FALCON, and SPHINCS+ were proposed to be standardized. NIST has already recommended moving from the sizes of keys and algorithms that provide 80 security bits to the sizes of keys and algorithms that provide 112 or 128 security bits in order to protect against classic attacks. Post-quantum cryptography, which with its complexities still requires a more detailed study, challenge science once more. However, it is unknown when the changes will occur and when the quantum era will begin, as well as what consequences they will have. It is only possible to predict how many advantages will have quantum calculations compared to usual, and how different the new quantum models will be from classic ones.

A Comparative Study of RSA and ELGAMAL Cryptosystems

Purpose: In this research, a comparative analysis of the RSA and ELGAMAL algorithms is presented using their encryption and decryption speed with different key sizes. ElGamal and RSA are two popular public-key cryptographic algorithms that depend on the mathematical difficulty of computing discrete logarithms in finite fields and factoring large integers, respectively.
 Methodology: In this study, the speed at which messages of various sizes can be encrypted and decrypted using various key sizes is used to gauge how well these algorithms work.
 Findings: RSA usually outperforms ElGamal in terms of encryption and decryption speed, according to the results. However, as the key sizes grow, the performance gap between the two algorithms narrows.
 Unique Contribution to Theory, Policy and Practice: These findings can aid in selecting the appropriate algorithm and key size for different applications that require secure communication and data encryption.

A SM2 based efficient and lightweight batch verification approach for IC cards

With the rapid development of the Internet of Things (IoT), IoT security has become more and more important. A large number of IoT tasks use digital signatures to ensure authenticity, integrity, and non-repudiation. However, verifying lots of signatures reduces the performance of the IoT system. Batch verification can verify multiple digital signatures at the same time, which reduces the computational overhead and verification time compared with consecutive respective verification. Thus it is suitable for IoT systems. SM2(Shangyong Mima 2) digital signature algorithm is a public key cryptographic algorithm based on elliptic curve cryptography(ECC), and is widely used in IoT applications. We propose SM2Verifi in this paper, a batch verification approach for SM2 digital signatures. SM2Verifi calculates fewer scalar multiplications than consecutive respective verification and uses the KGLP algorithm and the multi-parameter inversion algorithm to speed up scalar multiplications and inversions. Therefore, SM2Verifi greatly reduces the computational overhead and verification time. SM2Verifi generates a set of random integers through the addition chain seminumeric computation to resist possible forged signatures and determines whether to accept a batch of signatures by calculating congruence equations and resultants. Our extensive experiments on NXP smart cards show that SM2Verifi can significantly improve verification efficiency. Specifically, without randomization, batch verification of nine signatures belonging to one signer is 6.41 times faster than respective verification. Considering the verification performance, security, and hardware overhead, SM2Verifi achieves the comprehensive optimum when verifying seven signatures signed either by one signer or seven signers with 32-bit randomization.

DEVELOPMENT AND SOFTWARE IMPLEMENTATION OF AN ALGORITHMIC MODEL FOR BROADCASTING DOCUMENTS ON VARIOUS DEVICES

The work designed, developed and implemented a web application intended for the transmission of electronic documents on various devices among the audience located at a distance from each other. The work is devoted to the development of approaches, algorithms and services for broadcasting documents of various formats on various devices without the use of a projector. Classical methods of data compression and encryption and parallelism were used to build the algorithms. The software is implemented in the JavaScript language using the Node.js and Vue.js frameworks. The MongoDB database is also used to store user data. To display the results of the work, a service was developed for broadcasting documents of various formats through a mobile device to other devices. A convenient software architecture has been developed, which allows you to easily maintain and improve the service in the future. A convenient and clear graphical interface for interaction with the user has been implemented. As you know, the direct use of classical methods and algorithms of data compression and encryption enables reliable use and storage of user data. Among many algorithms, the RSA method was used. The RSA method is a public-key cryptographic algorithm based on the computational complexity of the problem of multiplying large integers. Also, for greater efficiency in the service, parallelism methods and microservice architecture were developed. Their purpose is to distribute the load of the service on different subservices for greater efficiency of the program.

A Scalable Montgomery Modular Multiplication Architecture with Low Area-Time Product Based on Redundant Binary Representation

The Montgomery modular multiplication is an integral operation unit in the public key cryptographic algorithm system. Previous work achieved good performance at low input widths by combining Redundant Binary Representation (RBR) with Montgomery modular multiplication, but it is difficult to strike a good balance between area and time as input bit widths increase. To solve this problem, based on the redundant Montgomery modular multiplication, in this paper, we propose a flexible and pipeline hardware implementation of the Montgomery modular multiplication. Our proposed structure guarantees a single-cycle delay between two-stage pipeline units and reduces the length of the critical path by redistributing the data paths between the pipelines and preprocessing the input in the loop. By analyzing the structure and comparing the related work in this paper, our structure ensures a lower area-time product while achieving a controllable and small area consumption. The comprehensive results under different Taiwan Semiconductor Manufacturing Company (TSMC) processes demonstrate the advantages of our structure in terms of flexibility and area-time product.