Quantum Attacks Research Articles

Post-Quantum Secure ID-Based (Threshold) Linkable Dual-Ring Signature and Its Application in Blockchain Transactions

Ring signatures are widely used in e-voting, anonymous whistle-blowing systems, and blockchain transactions. However, due to the anonymity of ring signatures, a signer can sign the same message multiple times, potentially leading to repeated voting or double spending in blockchain transactions. To address these issues in blockchain transactions, this work constructs an identity-based linkable ring signature scheme based on the hardness of the lattice-based Module Small Integer Solution (M-SIS) assumption, which is hard even for quantum attackers. The proposed scheme is proven to be anonymous, unforgeable, linkable, and nonslanderable in the random oracle model. Compared to existing identity-based linkable ring signature (IBLRS) schemes of linear size, our signature size is relatively smaller, and this advantage is more pronounced when the number of ring members is small. We provide approximate signature size data for ring members ranging from 2 to 2048. When the number of ring members is 16 (or 512. resp.), the signature size of our scheme is 11.40 KB (or 24.68 KB, respectively). Finally, a threshold extension is given as an additional scheme with specifications and security analysis.

Leveraging quantum blockchain for secure multiparty space sharing and authentication on specialized metaverse platform

In the era of digital transformation, securing data on metaverse platforms poses significant challenges. This paper proposes Multiparty Space Sharing and Authentication (MSSA), a novel approach for secure user login and location access control within specialized metaverse platforms. MSSA leverages Quantum Multiparty Secret Computation (QMSC) integrated with a quantum blockchain network. This integration facilitates user verification within the presence of potentially untrusted metaverse authority. The underlying quantum blockchain employs a Delegated Proof-of-Stake (DPoS) consensus mechanism with a Borda voting scheme for authority node selection. By harnessing the principles of quantum cryptography, MSSA offers enhanced security against both classical and anticipated future quantum attacks. This research demonstrates the feasibility and potential of quantum blockchain for securing metaverse platforms, paving the way for secure and decentralized digital ecosystems.

Exploring AES Encryption Implementation Through Quantum Computing Techniques

A coming great revolution in technology is quantum computing, which opens new attacks on most of the developed cryptographic algorithms, including AES. These emerging quantum capabilities risk weakening cryptographic techniques, which safeguard a vast amount of data across the globe. This research uses Grover's algorithm to explore the vulnerabilities of the Advanced Encryption Standard to quantum attacks. By implementing quantum cryptographic algorithms and Quantum Error Correction on simulators and quantum hardware, the study evaluates the effectiveness of these techniques in mitigating noise and improving the reliability of quantum computations. The study shows that while AES is theoretically at risk due to Grover’s algorithm, which demonstrates a theoretical reduction in AES key search complexity, current hardware limitations and noise levels encountered in today’s quantum computers reduce the immediate threat and limit practical exploitation. The research also examines NTRU encryption, a quantum-resistant alternative, highlighting its robustness in quantum environments. The findings emphasize the need for further development in QEC and quantum-resistant cryptography to secure digital communications against future quantum threats. Future work will focus on advancing QEC techniques and refining quantum algorithms, addressing both hardware and theoretical advancements, including the potential use of high-capacity processors like Jiuzhang 3.0. These improvements will ensure the scalability of quantum-resistant systems to practical key sizes and usage scenarios.

Quantum Procedures for Nested Search Problems

In this paper we study search problems that arise very often in cryptanalysis: nested search problems, where each search layer has known degrees of freedom and/or constraints. A generic quantum solution for such problems consists of nesting Grover's quantum search algorithm or amplitude amplification (QAA) by Brassard et al., obtaining up to a square-root speedup on classical algorithms. However, the analysis of nested Grover or QAA is complex and introduces technicalities that in previous works are handled in a case-by-case manner. Moreover, straightforward nesting of l layers multiplies the complexity by a constant factor (pi/2)^l. In this paper, we aim to remedy both these issues and introduce a generic framework and tools to transform a classical nested search into a quantum procedure. It improves the state-of-the-art in three ways: 1) our framework results in quantum procedures that are significantly simpler to describe and analyze; 2) it reduces the overhead factor from (pi/2)^l to sqrt(l); 3) it is simpler to apply and optimize, without needing manual quantum analysis. We give generic complexity formulas and show that for concrete instances, numerical optimizations enable further improvements, reducing even more the gap to an exact quadratic speedup. We demonstrate our framework by giving a tighter analysis of quantum attacks on reduced-round AES.

Post-quantum XML and SAML Single Sign-On

Extensible Markup Language (XML) is one of the most popular serialization languages. Since many security protocols are built using XML, it also provides cryptographic functionality. A central framework in this area is the Security Assertion Markup Language (SAML). This standard is one of the most widely used options for implementing Single Sign-On (SSO), which allows users to authenticate to different service providers using the credentials from a single identity provider. Like all other security protocols currently in use, the security and privacy of XML-based frameworks such as SAML is threatened by the development of increasingly powerful quantum computers. In fact, future attackers with access to scalable quantum computers will be able to break the currently used cryptographic building blocks and thus undermine the security of the SAML SSO to illegally access sensitive private information. Post-quantum cryptography algorithms have been developed to protect against such quantum attackers. While many security protocols have been migrated into the quantum age by using post-quantum cryptography, no such solutions for XML and the security protocols based on it have been developed, let alone tested. We make the following contributions to fill this gap. We have designed post-quantum solutions for the cryptographic building blocks in XML and integrated them into the SAML SSO protocol. We implemented our solutions in the OpenSAML, Apache Santuario, and BouncyCastle libraries and extensively tested their performance for various post-quantum instantiations. As a result, we have created a comprehensive and solid foundation for post-quantum XML and post-quantum SAML SSO migration.

CLLS: Efficient certificateless lattice-based signature in VANETs

The rapid development of Vehicular Ad-hoc Network (VANETs) has improved road safety and traffic management, and brought great convenience to intelligent transportation system (ITS). However, the transmission of data over open channels caused many security issues. Certificateless cryptography solves the certificate management and key escrow problems, which makes it the primary method for message authentication in VANETs. However, with the emergence of quantum computing, traditional cryptography faces a significant challenge. Lattice-based cryptography are regarded as effective post-quantum ciphers. Nevertheless, nearly all existing lattice-based certificateless signature schemes rely on Gaussian sampling or trapdoor techniques, resulting in computational inefficiencies and large key and signature sizes that are impractical for VANETs. To address these issues, we proposed the first efficient algebraic lattice-based certificateless signature scheme in VANETs based on the Dilithium signature algorithm. The security of our certificateless lattice-based signature(CLLS) scheme is based on the MSIS and MLWE hardness assumption, which makes the scheme resistant to quantum attacks and easy to implement. Our scheme did not use Gaussian sampling or trapdoor techniques, which improve the computational and storage efficiency. As a result, the public key of our scheme is 1X smaller than the previous scheme and the size of signature is 2X smaller than the previous efficient algebraic lattice scheme. In addition, compared to the most efficient existing CLLS scheme, the signing and verification computation cost of our scheme are reduced by 20% and 55% respectively and our proposed CLLS scheme has low power consumption. Furthermore, the security of our scheme achieves strong unforgeability against chosen-message attacks(SUF-CMA) in the random oracle model(ROM), which surpasses that of existing lattice-based certificateless signature schemes.

Quantum computing in cyber security: Emerging threats, mitigation strategies, and future implications for data protection

Quantum computing is a quantum step forward in computing technology that can transform many industries, including cybersecurity. With the development of quantum computers, they bring a lot of threats to traditional cryptographic systems, which is a concern in ensuring the security of data and communications. This paper seeks to discuss the threats of quantum computing, particularly on cryptographic systems like the RSA and elliptic curve cryptography. It also looks into measures of protection from quantum attacks, such as establishing post-quantum cryptography and hybrid encryption. Further, this paper provides a brief insight into the future of data protection with a view that organizations must prepare for this continuously advancing world. The material looks into the interaction of quantum computing and cybersecurity to enable stakeholders to develop anticipations and expectations of the future in providing secure data in a quantum world.

Quantum Computing and the Implications on Online Security

Over the past year, quantum computing has seen many advancements due to contributions from UC Berkeley in collaboration with IBM’s laboratories. Although these breakthroughs seem promising, they introduce new security concerns regarding the potential for quantum attacks to become a major threat in future data breaches. This research investigates the efficiency of many quantum cryptographic techniques. These algorithms include Quantum Key Distribution (QKD), Lattice-Based Cryptography, and Multivariate Cryptography. Utilizing IBM’s Qiskit Python extensions, we were able to test these methods against quantum attack algorithms, including Shor's Algorithm, Grover's Algorithm, and the BB84 protocol. Our results indicate that, although current cryptographic methods provide some level of defense against quantum attacks, there needs to be advancements to protect our digital infrastructure for the future. This study puts emphasis on the need for more development in cryptographic algorithms to ensure proper security in the era of quantum computing.

Post-Quantum Delegated Proof of Luck for Blockchain Consensus Algorithm

The advancements in quantum computing and the potential for polynomial-time solutions to traditional public key cryptography (i.e., Rivest–Shamir–Adleman (RSA) and elliptic-curve cryptography (ECC)) using Shor’s algorithm pose a serious threat to the security of pre-quantum blockchain technologies. This paper proposes an efficient quantum-safe blockchain that incorporates new quantum-safe consensus algorithms. We integrate post-quantum signature schemes into the blockchain’s transaction signing and verification processes to enhance resistance against quantum attacks. Specifically, we employ the Falcon signature scheme, which was selected during the NIST post-quantum cryptography (PQC) standardization process. Although the integration of the post-quantum signature scheme results in a reduction in the blockchain’s transactions per second (TPSs), we introduce efficient approaches to mitigate this performance degradation. Our proposed post-quantum delegated proof of luck (PQ-DPoL) combines a proof of luck (PoL) mechanism with a delegated approach, ensuring quantum resistance, energy efficiency, and fairness in block generation. Experimental results demonstrate that while post-quantum cryptographic algorithms like Falcon introduce larger signature sizes and slower processing times, the PQ-DPoL algorithm effectively balances security and performance, providing a viable solution for secure blockchain operations in a post-quantum era.

An MLWE-Based Cut-and-Choose Oblivious Transfer Protocol.

The existing lattice-based cut-and-choose oblivious transfer protocol is constructed based on the learning-with-errors (LWE) problem, which generally has the problem of inefficiency. An efficient cut-and-choose oblivious transfer protocol is proposed based on the difficult module-learning-with-errors (MLWE) problem. Compression and decompression techniques are introduced in the LWE-based dual-mode encryption system to improve it to an MLWE-based dual-mode encryption framework, which is applied to the protocol as an intermediate scheme. Subsequently, the security and efficiency of the protocol are analysed, and the security of the protocol can be reduced to the shortest independent vector problem (SIVP) on the lattice, which is resistant to quantum attacks. Since the whole protocol relies on the polynomial ring of elements to perform operations, the efficiency of polynomial modulo multiplication can be improved by using fast Fourier transform (FFT). Finally, this paper compares the protocol with an LWE-based protocol in terms of computational and communication complexities. The analysis results show that the protocol reduces the computation and communication overheads by at least a factor of n while maintaining the optimal number of communication rounds under malicious adversary attacks.

Single-Query Quantum Hidden Shift Attacks

Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the security of the modes themselves, since they rely on a strong adversary model, they help us to draw limits on their provable security.Typically these attacks use the structure of the mode (stream cipher, MAC or authenticated encryption scheme) to embed a period-finding problem, which can be solved with a dedicated quantum algorithm. The hidden period can be recovered with a few superposition queries (e.g., O(n) for Simon’s algorithm), leading to state or key-recovery attacks. However, this strategy breaks down if the period changes at each query, e.g., if it depends on a nonce.In this paper, we focus on this case and give dedicated state-recovery attacks on the authenticated encryption schemes Rocca, Rocca-S, Tiaoxin-346 and AEGIS- 128L. These attacks rely on a procedure to find a Boolean hidden shift with a single superposition query, which overcomes the change of nonce at each query. This approach has the drawback of a lower success probability, meaning multiple independent (and parallelizable) runs are needed.We stress that these attacks do not break any security claim of the authors, and do not threaten the schemes if the adversary only makes classical queries.

Quantum Attacks on MIBS Block Cipher Based on Bernstein–Vazirani Algorithm

Because of the substantial progress in quantum computing technology, the safety of traditional cryptologic schemes is facing serious challenges. In this study, we explore the quantum safety of the lightweight cipher MIBS and propose quantum key-recovery attacks on the MIBS cipher by utilizing Grover’s algorithm and Bernstein–Vazirani algorithm. We first construct linear-structure functions based on the 5-round MIBS cipher according to the characteristics of the linear transformations, and then we obtain a quantum distinguisher of the 5-round MIBS cipher by applying Bernstein–Vazirani algorithm to the constructed functions. Finally, utilizing this distinguisher and Grover’s algorithm, we realize a 7-round key-recovery attack on the MIBS cipher, and then we expand the attack to more rounds of MIBS based on a similar idea. The quantum attack on the 7-round MIBS requires 156 qubits and has a time complexity of 210.5. An 8-round attack requires 179 qubits and has a time complexity of 222. Compared with existing quantum attacks, our attacks have better time complexity when attacking the same number of rounds.

Designing a Robust Quantum Signature Protocol Based on Quantum Key Distribution for E-Voting Applications

The rapid advancement of internet technology has raised attention to the importance of electronic voting in maintaining democracy and fairness in elections. E-voting refers to the use of electronic technology to facilitate the casting and counting of votes in elections. The need for designated verification arises from concerns about voter privacy, auditability, and the prevention of manipulation. Traditional e-voting systems use cryptographic techniques for security but lack verifiable proof of integrity. Integrating e-voting with a quantum designated verifier could address these challenges by leveraging the principles of quantum mechanics to enhance security and trustworthiness. In light of this, we propose a quantum e-voting scheme that uses a designated verifier signature. To ensure the confidentiality and authenticity of the voting process, the scheme uses quantum features like the no-cloning theorem and quantum key distribution. The proposed scheme has security properties like source hiding, non-transferability, and message anonymity. The proposed scheme is resistant to many quantum attacks, such as eavesdropping and impersonation. Due to designated verification, the scheme minimizes the risk of tempering. This paper provides a detailed description of the proposed scheme and analyzes its security properties. Therefore, the proposed scheme is efficient, practical, and secure.

APPS: Authentication-enabled privacy protection scheme for secure data transfer in Internet of Things

The Internet of Things (IoT) is an emerging field that encompasses several heterogeneous devices and smart objects that are integrated with the network. In open platforms, these objects are deployed to present advanced services in numerous applications. Innumerable security-sensitive data is generated by the IoT device and therefore, the security of these devices is an important task. This work formulates a secure data transfer technique in IoT, named Authentication enabled Privacy Protection (APPS) scheme for resource-constrained IoT devices. The proposed scheme demonstrates resilience against various attacks; such as resisting reply attacks, device anonymity, untracebility, session key establishment, quantum attacks and resisting MITM attacks. For the privacy protection scheme, the secured data transfer is initiated between the entities, like IoT devices, servers, and registration centers, by using various phases, namely registration phase, key generation phase, data encryption, authentication, verification, and data retrieval phase. Here, a mathematical model is designed for protecting data privacy using hashing, encryption, secret keys, etc. Finally, performance of proposed APPS model is analyzed; wherein the outcomes reveal that the proposed APPS model attained the maximum detection rate of 0.85, minimal memory usage of 0.497MB, and minimal computational time of 112. 79 sec and minimal turnaround time 131.91 sec.

Quantum resource estimation for large scale quantum algorithms

Quantum algorithms are often represented in terms of quantum circuits operating on ideal (logical) qubits. However, the practical implementation of these algorithms poses significant challenges. Many quantum algorithms require a substantial number of logical qubits, and the inherent susceptibility to errors of quantum computers require quantum error correction. The integration of error correction introduces overhead in terms of both space (physical qubits required) and runtime (how long the algorithm needs to be run for). This paper addresses the complexity of comparing classical and quantum algorithms, primarily stemming from the additional quantum error correction overhead. We propose a comprehensive framework that facilitates a direct and meaningful comparison between classical and quantum algorithms. By acknowledging and addressing the challenges introduced by quantum error correction, our framework aims to provide a clearer understanding of the comparative performance of classical and quantum computing approaches. This work contributes to understanding the practical viability and potential advantages of quantum algorithms in real-world applications.We apply our framework to quantum cryptanalysis, since it is well known that quantum algorithms can break factoring and discrete logarithm based cryptography and weaken symmetric cryptography and hash functions. In order to estimate the real-world impact of these attacks, apart from tracking the development of fault-tolerant quantum computers it is important to have an estimate of the resources needed to implement these quantum attacks. This analysis provides state-of-the art snap-shot estimates of the realistic costs of implementing quantum attacks on these important cryptographic algorithms, assuming quantum fault-tolerance is achieved using surface code methods, and spanning a range of potential error rates. These estimates serve as a guide for gauging the realistic impact of these algorithms and for benchmarking the impact of future advances in quantum algorithms, circuit synthesis and optimization, fault-tolerance methods and physical error rates.

Use of Nash equilibrium in finding game theoretic robust security bound on quantum bit error rate

Nash equilibrium is employed to find a game theoretic robust security bound on quantum bit error rate (QBER) for DL04 protocol which is a scheme for quantum secure direct communication that has been experimentally realized recently. The receiver, sender and eavesdropper (Eve) are considered to be quantum players (players having the capability to perform quantum operations). Specifically, Eve is considered to have the capability of performing quantum attacks (e.g., Wójcik’s original attack, Wójcik’s symmetrized attack and Pavičić attack) and classical intercept and resend attack. Game theoretic analysis of the security of DL04 protocol in the above scenario is performed by considering several game scenarios. The analysis revealed the absence of a Pareto optimal Nash equilibrium point within these game scenarios. Consequently, mixed strategy Nash equilibrium points are identified and employed to establish both upper and lower bounds for QBER. Further, the vulnerability of the DL04 protocol to Pavičić attack in the message mode is established. In addition, it is observed that the quantum attacks performed by Eve are more powerful than the classical attack, as the QBER value and the probability of detecting Eve’s presence are found to be lower in quantum attacks compared to classical ones.

Exploration of PQC-Based Digital Signature Schemes in TLS Certificates

The rapid development in quantum computers brings huge risks to traditional cryptographic systems. This paper talks about the integration of PQC-based digital signature schemes to solve challenges posed on Transport Layer Security certificates. In this paper, we give an analysis of the efficacy, security, and performance implications of various schemes in PQC—particularly lattice-based, hash-based, and multivariate polynomial-based algorithms. We detail more closely the challenges of the real deployment, directly connected with these digital signatures, considering communication overhead and computational costs. Our findings indicate that hybrid certificate chains, which integrate multiple PQC schemes, offer a feasible solution for a seamless transition to quantum-resistant standards with manageable performance trade-offs. Moreover, our study extends to the quantification of security benefits these PQC schemes provide against both quantum and classical computational attacks, underscoring their potential in enhancing the resilience of digital communication systems. This paper aims to contribute valuable insights to ongoing standardization discussions and support the broader adoption of PQC, thereby ensuring robust and future-proof security in digital communications amidst the advancing quantum computing era.

A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm

Unmanned aerial vehicles (UAVs) play a critical role in various fields, including logistics, agriculture, and rescue operations. Effective identity authentication and key agreement schemes are vital for UAV networks to combat threats. Current schemes often employ algorithms like elliptic curve cryptography (ECC) and Rivest–Shamir–Adleman (RSA), which are vulnerable to quantum attacks. To address this issue, we propose LIGKYX, a novel scheme combining the quantum-resistant Kyber algorithm with the hash-based message authentication code (HMAC) for enhanced security and efficiency. This scheme enables the mutual authentication between UAVs and ground stations and supports secure session key establishment protocols. Additionally, it facilitates robust authentication and key agreement among UAVs through control stations, addressing the critical challenge of quantum-resistant security in UAV networks. The proposed LIGKYX scheme operates based on the Kyber algorithm and elliptic curve Diffie–Hellman (ECDH) key exchange protocol, employing the HMAC and pre-computation techniques. Furthermore, a formal verification tool validated the security of LIGKYX under the Dolev–Yao threat model. Comparative analyses on security properties, communication overhead, and computational overhead indicate that LIGKYX not only matches or exceeds existing schemes but also uniquely counters quantum attacks effectively, ensuring the security of UAV communication networks with a lower time overhead for authentication and communication.

Quantum AI for cybersecurity in financial supply chains: Enhancing cryptography using random security generators

Securing the financial supply chains of the United States against sophisticated cyber threats is crucial in the digital age. This research integrates Quantum Random Number Generators (QRNGs) and Artificial Intelligence (AI) to enhance cybersecurity in financial supply chains. QRNGs leverage quantum mechanics to generate truly random numbers, essential for creating secure cryptographic keys, addressing the vulnerabilities of traditional deterministic RNGs. Our results demonstrate the superior performance of the QRNG-based system compared to classical RNG systems. The QRNG showed high entropy and unpredictability, passing NIST SP800-22 and Diehard tests with significantly higher rates. The AI component achieved high precision and recall in detecting cyber threats, enhancing the system's real-time security capabilities. The combined QRNG and AI system exhibited faster encryption and decryption speeds, lower latency, and higher resistance to predictive, quantum, and brute-force attacks. This research underscores the critical importance of adopting QRNGs and AI to secure financial supply chains. The integrated system offers robust cryptographic protection and real-time threat detection, providing a comprehensive solution to mitigate cyber threats. These findings highlight the potential of QRNG and AI technologies to revolutionize cybersecurity in the financial sector, ensuring the integrity and confidentiality of financial transactions and protecting critical financial infrastructure.

Tightly-Secure Two-Tier Signatures on Code-Based Digital Signatures with Chameleon Hash Functions

In the current landscape where quantum algorithms pose a significant threat to conventional digital signature algorithms, code-based digital signature algorithms have emerged as the primary focus of ongoing research in post-quantum cryptography. Digital signatures play a pivotal role in ensuring non-repudiation and authentication, making them an indispensable cryptographic technique. The vulnerability of most digital signature algorithms to quantum attacks have prompted a significant surge in research on code-based digital signature algorithms, which have emerged as a prominent field within post-quantum cryptography. There are generally three distinct approaches to constructing code-based digital signature algorithms: (1) Developing an algorithm that follows the inverse process of the code-based public-key encryption algorithm; (2) Utilizing zero-knowledge identification algorithms in conjunction with the Fiat–Shamir paradigm to formulate a signature algorithm; (3) Constructing a specialized subset of the syndrome space as the foundation for the digital signature algorithm. Chameleon Signature is a non-interactive signature that operates on the hash and signature paradigm, exhibiting comparable efficiency to conventional schemes. Its distinct advantage lies in the fact that the owner of the public key does not necessarily require access to the corresponding secret key within the Chameleon hash algorithm. Notably, Chameleon signatures possess an inherent characteristic of non-transferability, with their validity ascertainable solely by designated recipients. This paper introduces the first Chameleon hash function based on both KKS and HFE schemes, showcasing its superiority over traditional schemes through rank metrics and big fields for enhanced security. The deployment of Chameleon hash functions within hash-and-sign signature schemes introduces a nuanced layer of security and verification flexibility. This study elucidates the implications of integrating Chameleon hash functions into the recipient’s public key infrastructure, highlighting the dual capability it affords authorized parties for secure and adaptable verification processes, alongside mechanisms for the detection of unauthorized alterations.