On the low hamming weight discrete logarithm problem for nonadjacent representations

So-called nonadjacent representations are commonly used in elliptic curve cryptography to facilitate computing a scalar multiple of a point on an elliptic curve. A nonadjacent representation having few non-zero coefficients would further speed up the computations. However, any attempt to use these techniques must also consider the impact on the security of the cryptosystem. The security is studied by examining a related discrete logarithm problem, the topic of this paper. We describe an algorithm to solve the relevant discrete logarithm problem in time that is approximately the square root of the search space. This algorithm is of the familiar ``baby-step giant-step' type. In developing our algorithm we use two tools of independent interest; namely, a combinatorial set system called a ``splitting system' and a new type of combinatorial Gray code.     

Design of ECC based Secured Cloud Storage Mechanism for Transaction Rich Applications

Cloud computing is the highly demanded technology nowadays. Due to the service oriented architecture, seamless accessibility and other advantages of this advent technology, many transaction rich applications are making use of it. At the same time, it is vulnerable to hacks and threats. Hence securing this environment is of at most important and many research works are being reported focusing on it. This paper proposes a safe storage mechanism using Elliptic curve cryptography (ECC) for the Transaction Rich Applications (TRA). With ECC based security scheme, the security level of the protected system will be increased and it is more suitable to secure the delivered data in the portable devices. The proposed scheme shields the aligning of different kind of data elements to each provider using an ECC algorithm. Analysis, comparison and simulation prove that the proposed system is more effective and secure for the Transaction rich applications in Cloud.     

NTRU_ SSS: Anew Method Signcryption Post Quantum Cryptography Based on Shamir’s Secret Sharing

With the advent of quantum computing, numerous efforts have been made to standardize post-quantum cryptosystems with the intention of (eventually) replacing Elliptic Curve Cryptography (ECC) and Rivets-Shamir-Adelman (RSA). A modified version of the traditional N-Th Degree Truncated Polynomial Ring (NTRU) cryptosystem called NTRU Prime has been developed to reduce the attack surface. In this paper, the Signcryption scheme was proposed, and it is most efficient than others since it reduces the complexity and runs the time of the code execution, and at the same time, provides a better security degree since it ensures the integrity of the sent message, confidentiality of the data, forward secrecy when using refreshed parameters for each session. Unforgeability to prevent the man-in-the-middle attack from being active or passive, and non-repudiation when the sender can’t deny the recently sent message. This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems. The proposed algorithm combines the (NTRU Prime) and Shamir's Secret Sharing (SSS) features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation. Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU, this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU. It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.     

Improved Software Implementation for Montgomery Elliptic Curve Cryptosystem

The last decade witnessed rapid increase in multimedia and other applications that require transmitting and protecting huge amount of data streams simultaneously. For such applications, a high-performance cryptosystem is compulsory to provide necessary security services. Elliptic curve cryptosystem (ECC) has been introduced as a considerable option. However, the usual sequential implementation of ECC and the standard elliptic curve (EC) form cannot achieve required performance level. Moreover, the widely used Hardware implementation of ECC is costly option and may be not affordable. This research aims to develop a high-performance parallel software implementation for ECC. To achieve this, many experiments were performed to examine several factors affecting ECC performance including the projective coordinates, the scalar multiplication algorithm, the elliptic curve (EC) form, and the parallel implementation. The ECC performance was analyzed using the different factors to tune-up them and select the best choices to increase the speed of the cryptosystem. Experimental results illustrated that parallel Montgomery ECC implementation using homogenous projection achieves the highest performance level, since it scored the shortest time delay for ECC computations. In addition, results showed that NAF algorithm consumes less time to perform encryption and scalar multiplication operations in comparison with Montgomery ladder and binary methods. Java multi-threading technique was adopted to implement ECC computations in parallel. The proposed multithreaded Montgomery ECC implementation significantly improves the performance level compared to previously presented parallel and sequential implementations.     

Parallel RSA encryption based on tree architecture

Parallelism is a technique to accelerate various applications. Nowadays, parallel operations are used to solve computer problems such as sort, search, and cryptography, which result in a reasonable speed. Sequential algorithms can be parallelized by being implemented on parallel architectures. Cryptography is the science of hiding information, which by the increase in the applications on insecure communication environments, has become one of the most important aspects of the digital world. In this article, we propose a parallel RSA utilizing parallel processing on RSA using tree architecture. RSA is a well-known public key cryptography which is not as fast as symmetric cryptographies. Parallelizing it, we can achieve speedup and more security. We also investigate the state of the art methods of RSA and figure out that their low speed can be faster with reasonable security using parallel architecture.     

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.     

Hyper Elliptic Curve Based Certificateless Signcryption Scheme for Secure IIoT Communications

Industrial internet of things (IIoT) is the usage of internet of things (IoT) devices and applications for the purpose of sensing, processing and communicating real-time events in the industrial system to reduce the unnecessary operational cost and enhance manufacturing and other industrial-related processes to attain more profits. However, such IoT based smart industries need internet connectivity and interoperability which makes them susceptible to numerous cyber-attacks due to the scarcity of computational resources of IoT devices and communication over insecure wireless channels. Therefore, this necessitates the design of an efficient security mechanism for IIoT environment. In this paper, we propose a hyperelliptic curve cryptography (HECC) based IIoT Certificateless Signcryption (IIoT-CS) scheme, with the aim of improving security while lowering computational and communication overhead in IIoT environment. HECC with 80-bit smaller key and parameters sizes offers similar security as elliptic curve cryptography (ECC) with 160-bit long key and parameters sizes. We assessed the IIoT-CS scheme security by applying formal and informal security evaluation techniques. We used Real or Random (RoR) model and the widely used automated validation of internet security protocols and applications (AVISPA) simulation tool for formal security analysis and proved that the IIoT-CS scheme provides resistance to various attacks. Our proposed IIoT-CS scheme is relatively less expensive compared to the current state-of-the-art in terms of computational cost and communication overhead. Furthermore, the IIoT-CS scheme is 31.25% and 51.31% more efficient in computational cost and communication overhead, respectively, compared to the most recent protocol.     

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature (SAS) scheme and proves the security of the proposed scheme in the random oracle model. Aggregate signature (AS) schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively, and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Because of the aggregation of many signatures into a single short signature, AS and SAS schemes can reduce bandwidth and save storage; moreover, when a SAS is verified, not only the valid but also the order in which each signer signed can be verified. AS and SAS schemes can be applied to traffic control, banking transaction and military applications. Most of the existing AS and SAS schemes are based either on pairing or Rivest–Shamir–Adleman (RSA), and hence, can be broken by Shor’s quantum algorithm for Integer Factoring Problem (IFP) and Discrete Logarithm Problem (DLP). There are no quantum algorithms to solve syndrome decoding problems. Hence, code-based cryptography is seen as one of the promising candidates for post-quantum cryptography. This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory. Specifically, we construct our scheme with the first code based signature scheme proposed by Courtois, Finiasz and Sendrier (CFS). Compared to the CFS signature scheme without aggregation, the proposed sequential aggregate signature scheme can save about 90% storage when the number of signers is asymptotically large.     

Secure Cloud Data Storage System Using Hybrid Paillier–Blowfish Algorithm

Cloud computing utilizes enormous clusters of serviceable and manageable resources that can be virtually and dynamically reconfigured in order to deliver optimum resource utilization by exploiting the pay-per-use model. However, concerns around security have been an impediment in the extensive adoption of the cloud computing model. In this regard, advancements in cryptography, accelerated by the wide usage of the internet worldwide, has emerged as a key area in addressing some of these security concerns. In this document, a hybrid cryptographic protocol deploying Blowfish and Paillier encryption algorithms has been presented and its strength compared with the existing hybrid Advanced Encryption Standard (AES) and Rivest Shamir Adleman (RSA) techniques. Algorithms for secure data storage protocol in two phases have been presented. The proposed hybrid protocol endeavors to improve the power of cloud storage through a decrease in computation time and cipher-text size. Simulations have been carried out with Oracle Virtual Box and Fog server used on an Ubuntu 16.04 platform. This grouping of asymmetric and homomorphic procedures has demonstrated enhanced security. Compression usage has helped in decreasing the storage space and computation time. Performance analysis in terms of computation overhead and quality of service parameters like loads of parameters with and without attacks, throughput, and stream length for different modes of block cipher mode has been carried out. Security analysis has been carried out by utilizing the Hardening Index as an audit parameter using Lynis 2.7.1. Similarly, for halting the aforementioned approaches and for regulating traffic, firewall protection has been generated in the chosen hybrid algorithms. Finally, enhancements in the performance of the Paillier and Blowfish hybrid scheme with and without compression compared to the existing schemes using RSA and AES procedures have been demonstrated.     

A Novel Anonymous Authentication Scheme Based on Edge Computing in Internet of Vehicles

The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying traffic management applications. However, cloud computing has disadvantages such as high delay, low privacy and high communication cost, which can not meet the needs of real-time interactive information of Internet of vehicles. Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges. Therefore, in order to ensure the user information security and improve the real-time of vehicle information interaction, this paper proposes an anonymous authentication scheme based on edge computing. In this scheme, the concept of edge computing is introduced into the Internet of vehicles, which makes full use of the redundant computing power and storage capacity of idle edge equipment. The edge vehicle nodes are determined by simple algorithm of defining distance and resources, and the improved RSA encryption algorithm is used to encrypt the user information. The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters . Compared with the traditional RSA algorithm, it can resist more attacks, so it is used to ensure the security of user information. It can not only protect the privacy of vehicles, but also avoid anonymous abuse. Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.     

New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

Efficient and side-channel-aware implementations of elliptic curve cryptosystems over prime fields

Elliptic curve cryptosystems (ECCs) are utilised as an alternative to traditional public-key cryptosystems, and are more suitable for resource-limited environments because of smaller parameter size. In this study, the authors carry out a thorough investigation of side-channel attack aware ECC implementations over finite fields of prime characteristic including the recently introduced Edwards formulation of elliptic curves. The Edwards formulation of elliptic curves is promising in performance with built-in resiliency against simple side-channel attacks. To our knowledge the authors present the first hardware implementation for the Edwards formulation of elliptic curves. The authors also propose a technique to apply non-adjacent form (NAF) scalar multiplication algorithm with side-channel security using the Edwards formulation. In addition, the authors implement Joye's highly regular add-always scalar multiplication algorithm both with the Weierstrass and Edwards formulation of elliptic curves. Our results show that the Edwards formulation allows increased area-time performance with projective coordinates. However, the Weierstrass formulation with affine coordinates results in the simplest architecture, and therefore has the best area-time performance as long as an efficient modular divider is available.     

An Access Control Scheme Using Heterogeneous Signcryption for IoT Environments

When the Wireless Sensor Network (WSN) is combined with the Internet of Things (IoT), it can be employed in a wide range of applications, such as agriculture, industry 4.0, health care, smart homes, among others. Accessing the big data generated by these applications in Cloud Servers (CSs), requires higher levels of authenticity and confidentiality during communication conducted through the Internet. Signcryption is one of the most promising approaches nowadays for overcoming such obstacles, due to its combined nature, i.e., signature and encryption. A number of researchers have developed schemes to address issues related to access control in the IoT literature, however, the majority of these schemes are based on homogeneous nature. This will be neither adequate nor practical for heterogeneous IoT environments. In addition, these schemes are based on bilinear pairing and elliptic curve cryptography, which further requires additional processing time and more communication overheads that is inappropriate for real-time communication. Consequently, this paper aims to solve the above-discussed issues, we proposed an access control scheme for IoT environments using heterogeneous signcryption scheme with the efficiency and security hardiness of hyperelliptic curve. Besides the security services such as replay attack prevention, confidentiality, integrity, unforgeability, non-repudiations, and forward secrecy, the proposed scheme has very low computational and communication costs, when it is compared to existing schemes. This is primarily because of hyperelliptic curve lighter nature of key and other parameters. The AVISPA tool is used to simulate the security requirements of our proposed scheme and the results were under two backbends (Constraint Logic-based Attack Searcher (CL-b-AtSER) and On-the-Fly Model Checker (ON-t-FL-MCR)) proved to be SAFE when the presented scheme is coded in HLPSL language. This scheme was proven to be capable of preventing a variety of attacks, including confidentiality, integrity, unforgeability, non-repudiation, forward secrecy, and replay attacks.

     

一种自适应EPF算法及其在光纤水听器中的应用

基于椭圆拟合的相位生成载波(Phase Generated Carrier,PGC)解调方法是消除非线性因素对光纤水听器PGC解调结果影响的一种有效手段,椭圆曲线参数的最优估计问题是实现该方法的关键。扩展卡尔曼粒子滤波(Extended Kalman Particle Filter,EPF)是解决此类非线性估计问题的一种常用的最优估计算法。但传统的EPF算法在用于常参数过程方程的参数或状态估计问题时,过程噪声的方差通常设置为一个常量,这使得算法难以兼顾收敛速度和估计精度,一定程度上限制了算法的整体性能。为了解决这个问题,文章对现有的EPF进行了改进,提出了一种自适应扩展卡尔曼粒子滤波(Adaptive Extended Kalman Particle Filter,AEPF)算法。模拟仿真和实验结果表明,文中所提出的AEPF算法能根据基于椭圆拟合的PGC解调方法有效地解调出待测声信号,相比EKF算法和EPF算法,AEPF算法的收敛速度和估计精度都得到了提升。此外,文章所提出的AEPF算法也适用于其他具有常参数过程方程的参数或状态估计问题,具有一定的通用性。     

Improved Identification Schemes Based on Error-Correcting Codes

As it is often the case in public-key cryptography, the first practical identification schemes were based on hard problems from number theory (factoring, discrete logarithms). The security of the proposed scheme depends on an NP-complete problem from the theory of error correcting codes:the syndrome decoding problem which relies on the hardness of decoding a binary word of given weight and given syndrome. Starting from Stern’s scheme [18], we define a dual version which, unlike the other schemes based on the SD problem, uses a generator matrix of a random linear binary code. This allows, among other things, an improvement of the transmission rate with regards to the other schemes. Finally, by using techniques of computation in a finite field, we show how it is possible to considerably reduce: — the complexity of the computations done by the prover (which is usually a portable device with a limited computing power), — the size of the data stored by the latter. Received March 10, 1995; revised version December 1, 1995     

Mordell Elliptic Curve Based Design of Nonlinear Component of Block Cipher

Elliptic curves (ECs) are deemed one of the most solid structures against modern computational attacks because of their small key size and high security. In many well-known cryptosystems, the substitution box (S-box) is used as the only nonlinear portion of a security system. Recently, it has been shown that using dynamic S-boxes rather than static S-boxes increases the security of a cryptosystem. The conferred study also extends the practical application of ECs in designing the nonlinear components of block ciphers in symmetric key cryptography. In this study, instead of the Mordell elliptic curve (MEC) over the prime field, the Galois field has been engaged in constructing the S-boxes, the main nonlinear component of the block ciphers. Also, the proposed scheme uses the coordinates of MEC and the operation of the Galois field to generate a higher number of S-boxes with optimal nonlinearity, which increases the security of cryptosystems. The proposed S-boxes resilience against prominent algebraic and statistical attacks is evaluated to determine its potential to induce confusion and produce acceptable results compared to other schemes. Also, the majority logic criteria (MLC) are used to assess the new S-boxes usage in the image encryption application, and the outcomes indicate that they have significant cryptographic strength.     

Improved identification schemes based on error-correcting codes

As it is often the case in public-key cryptography, the first practical identification schemes were based on hard problems from number theory (factoring, discrete logarithms). The security of the proposed scheme depends on an NP-complete problem from the theory of error correcting codes: the syndrome decoding problem which relies on the hardness of decoding a binary word of given weight and given syndrome. Starting from Stern’s scheme [18], we define a dual version which, unlike the other schemes based on the SD problem, uses a generator matrix of a random linear binary code. This allows, among other things, an improvement of the transmission rate with regards to the other schemes. Finally, by using techniques of computation in a finite field, we show how it is possible to considerably reduce:

- the complexity of the computations done by the prover (which is usually a portable device with a limited computing power).

- the size of the data stored by the latter.

     

A Secure NDN Framework for Internet of Things Enabled Healthcare

Healthcare is a binding domain for the Internet of Things (IoT) to automate healthcare services for sharing and accumulation patient records at anytime from anywhere through the Internet. The current IP-based Internet architecture suffers from latency, mobility, location dependency, and security. The Named Data Networking (NDN) has been projected as a future internet architecture to cope with the limitations of IP-based Internet. However, the NDN infrastructure does not have a secure framework for IoT healthcare information. In this paper, we proposed a secure NDN framework for IoT-enabled Healthcare (IoTEH). In the proposed work, we adopt the services of Identity-Based Signcryption (IBS) cryptography under the security hardness Hyperelliptic Curve Cryptosystem (HCC) to secure the IoTEH information in NDN. The HCC provides the corresponding level of security using minimal computational and communicational resources as compared to bilinear pairing and Elliptic Curve Cryptosystem (ECC). For the efficiency of the proposed scheme, we simulated the security of the proposed solution using Automated Validation of Internet Security Protocols and Applications (AVISPA). Besides, we deployed the proposed scheme on the IoTEH in NDN infrastructure and compared it with the recent IBS schemes in terms of computation and communication overheads. The simulation results showed the superiority and improvement of the proposed framework against contemporary related works.     

Point Multiplication on Ordinary Elliptic Curves over Fields of Characteristic Three

 In this paper we investigate the efficiency of cryptosystems based on ordinary elliptic curves over fields of characteristic three. We look at different representations for curves and consider some of the algorithms necessary to perform efficient point multiplication. We give example timings for our operations and compare them with timings for curves in characteristic two of a similar level of security. We show that using the Hessian form in characteristic three produces a point multiplication algorithm under 50 percent slower than the equivalent system in characteristic two. Thus it is conceivable that curves in characteristic three, could offer greater performance than currently perceived by the community. Received: August 9, 2002; revised version: December 5, 2002 Keywords: Elliptic curve cryptography, Hessian form, Characteristic three.     

A Simple Point Counting Algorithm for Hessian Elliptic Curves in Characteristic Three

Given an ordinary elliptic curve on Hesse form over a finite field of characteristic three, we give a sequence of elliptic curves which leads to an effective construction of the canonical lift, and obtain an algorithm for computing the number of points. Our methods are based on the study of an explicitly and naturally given 3-isogeny between elliptic curves on Hesse form.