Nothing Special   »   [go: up one dir, main page]
You seem to have javascript disabled. Please note that many of the page functionalities won't work as expected without javascript enabled.
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.4
2.2
Journals
Symmetry
Special Issues
Symmetry and Asymmetry in Cryptography
share announcement

Symmetry and Asymmetry in Cryptography

A special issue of Symmetry (ISSN 2073-8994). This special issue belongs to the section "Computer".

Deadline for manuscript submissions: closed (1 July 2023) | Viewed by 28510

Special Issue Editors

Prof. Dr. Takeshi Koshiba

E-Mail Website
Guest Editor
Faculty of Education and Integrated Arts and Sciences, Waseda University, Shinjuku, Tokyo 169-8050, Japan
Interests: theory of cryptography; randomness and computation; quantum computation; computational complexity
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Milan Milosavljević

E-Mail Website
Guest Editor
1. Vlatacom Institute of High Technology, Milutina Milankovica 5, 11070 Belgrade, Serbia
2. Technical Faculty, Singidunum University, Belgrade, Serbia
Interests: Artificial Intelligence; signal processing; cryptology; machine learning; cryptanalysis
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Yuan Ping

E-Mail Website
Guest Editor
School of Information Engineering, Xuchang University, Xuchang 461000, China
Interests: data privacy and security; machine learning; public key cryptography; network security
Dr. Yuri Borissov

E-Mail Website
Guest Editor
Department of Mathematical Foundations of Informatics, Institute of Mathematics and Informatics, Bulgarian Academy of Sciences, 1113 Sofia, Bulgaria
Interests: cryptographic boolean functions; reed-Muller codes; finite fields; information-theoretic aspects of cryptology; cryptanalysis

Special Issue Information

Dear Colleagues,

Symmetry and asymmetry represent the basic nature of cryptography. Therefore, the additional symmetric/asymmetric properties of cryptographic schemes should be discussed. Alternatively, the essential usage of techniques based on symmetry or asymmetry should be considered. We solicit contributions not only on computational cryptography, but also information-theoretic or quantum cryptography.

Prof. Dr. Takeshi Koshiba
Prof. Dr. Milan Milosavljević
Prof. Dr. Yuan Ping
Dr. Yuri Borissov
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cryptosystems
  • cryptanalysis
  • cryptographic protocols
  • quantum cryptography
  • information theoretic cryptography
  • machine learning over encrypted data
  • data security with cryptography
  • cloud computing security

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Related Special Issue

Published Papers (14 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

21 pages, 592 KiB  
Article
Three-Party Password Authentication and Key Exchange Protocol Based on MLWE
by Songhui Guo, Yunfan Song, Song Guo, Yeming Yang and Shuaichao Song
Symmetry 2023, 15(9), 1750; https://doi.org/10.3390/sym15091750 - 13 Sep 2023
Cited by 1 | Viewed by 1320
Abstract
With the rapid development of quantum theory, the discrete logarithm problem and significant integer factorization problem have polynomial solution algorithms under quantum computing, and their security is seriously threatened. Therefore, a three-party password-authenticated key agreement scheme based on module learning with errors problem [...] Read more.
With the rapid development of quantum theory, the discrete logarithm problem and significant integer factorization problem have polynomial solution algorithms under quantum computing, and their security is seriously threatened. Therefore, a three-party password-authenticated key agreement scheme based on module learning with errors problem was proposed, and its security was proved in the BPR model. Compared with other password-authenticated key agreement protocols, the proposed protocol has higher efficiency and a shorter key length, which can resist quantum attacks. Therefore, the protocol is efficient and secure and suitable for large-scale network communication. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Authentication and key exchange phase.</p> Full article ">
25 pages, 7399 KiB  
Article
Steganographic Method in Selected Areas of the Stego-Carrier in the Spatial Domain
by Predrag Milosav, Milan Milosavljević and Zoran Banjac
Symmetry 2023, 15(5), 1015; https://doi.org/10.3390/sym15051015 - 2 May 2023
Cited by 6 | Viewed by 1637
Abstract
The main goal of this paper is the proposal of a key-based steganographic system in which the ratio of capacity and image quality metrics that represents the stego object while reducing the detectability of hidden content was improved. The main contribution of the [...] Read more.
The main goal of this paper is the proposal of a key-based steganographic system in which the ratio of capacity and image quality metrics that represents the stego object while reducing the detectability of hidden content was improved. The main contribution of the proposed steganographic system is a new algorithm for selecting stego areas. The area selection algorithm is based on clustering the pixels of the cover object into a predetermined number of clusters. The goal of this selection of areas (clusters) is to group as many homogeneous parts of the image as possible in order to cover these areas with as few rectangular shapes as possible. Since the data on the defined rectangles represent the key of the system, the capacity of the additional secret channel is minimized in this way. On the obtained stego-carriers, an embedding of test random content is performed in order to estimate its detectability. By combining the proposed area selection method with the Minimal Decimal Difference steganographic method, a system was created with an optimal trade-off between detectability of secret content, quality and capacity of the carrier, and the length of the stego-key. Finally, a comparison of the obtained results with relevant adaptive steganographic methods is presented. The proposed concept obtains its verification in one practical system for secure file transfer of controlled cryptographic strength. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>The block diagram of the system.</p> Full article ">Figure 2
<p>Detailed System Block Diagram.</p> Full article ">Figure 3
<p>Original image; Distribution of pixels in RGB space, divided into two clusters.</p> Full article ">Figure 4
<p>Lena.png original and generated black and white images for N = four dominant colors, intermediate processing result in point “C” of the algorithm.</p> Full article ">Figure 5
<p>Type 2 pixel clustering method using filtering coefficients.</p> Full article ">Figure 6
<p>Type 2 pixel clustering method–(<b>a</b>) original image, (<b>b</b>,<b>c</b>) generated black-and-white images where pixels belonging to clusters C1 and C2, respectively, are represented in white color, (<b>d</b>) generated black-and-white image where pixels that do not belong to the clusters C1 and C2 are represented in white color.</p> Full article ">Figure 7
<p>(<b>a</b>–<b>d</b>) Cover-object Nature2.png; generated black and white images for Type 1, DC = 2; rectangles selected in white zones, presented in additional layer over the grayscale version of original picture.</p> Full article ">Figure 8
<p>Block diagram of extraction procedure.</p> Full article ">Figure 9
<p>(<b>a</b>) Baboon.png; (<b>b</b>) Lena.png; (<b>c</b>) Nature1.png; (<b>d</b>) Nature2.png.</p> Full article ">Figure 10
<p>Pixels to Impact for different values of input parameter DC, for Type 1.</p> Full article ">Figure 11
<p>Pixels to Impact for different values of input parameter FC (DC = 2), for Type 2.</p> Full article ">Figure 12
<p>Carrier Capacity for Different Steganographic Methods, Type 1.</p> Full article ">Figure 13
<p>Carrier Capacity for Different Steganographic Methods, Type 2.</p> Full article ">Figure 14
<p>Diagrams of RS steganalysis for MDD stego-objects obtained from stego-carrier Lena.png.</p> Full article ">Figure 15
<p>Histograms (RGB channels) for carrier Baboon.png: (<b>a</b>) Original Image; (<b>b</b>) Stego-Object generated using LSB method; (<b>c</b>) Stego-Object generated using MDD method; (<b>d</b>) Stego-Object generated using PVD method for Type 1, DC = 8, K = 3.</p> Full article ">Figure 16
<p>Pixel differencing histograms for carrier Lena.png: Blue Line–Original Cover Picture; Red Line–MDD Stego Object Complete Image K = 3; Yellow Line–MDD Stego Object Areas, T1, DC = 8, K = 3; Violet Line–MDD Stego Object Areas, T2, DC = 2, FC = 3, K = 3, L = 3.</p> Full article ">
15 pages, 10137 KiB  
Article
A Novel Phishing Website Detection Model Based on LightGBM and Domain Name Features
by Jingxian Zhou, Haibin Cui, Xina Li, Wenjin Yang and Xi Wu
Symmetry 2023, 15(1), 180; https://doi.org/10.3390/sym15010180 - 7 Jan 2023
Cited by 10 | Viewed by 2612
Abstract
Phishing attacks have evolved in terms of sophistication and have increased in sheer number in recent years. This has led to corresponding developments in the methods used to evade the detection of phishing attacks, which pose daunting challenges to the privacy and security [...] Read more.
Phishing attacks have evolved in terms of sophistication and have increased in sheer number in recent years. This has led to corresponding developments in the methods used to evade the detection of phishing attacks, which pose daunting challenges to the privacy and security of the users of smart systems. This study uses LightGBM and features of the domain name to propose a machine-learning-based method to identify phishing websites and maintain the security of smart systems. Domain name features, often known as symmetry, are the property wherein multiple domain-name-generation algorithms remain constant. The proposed model of detection is first used to extract features of the domain name of the given website, including character-level features and information on the domain name. The features are filtered to improve the model’s accuracy and are subsequently used for classification. The results of experimental comparisons showed that the proposed model of detection, which integrates two types of features for training, significantly outperforms the model that uses a single type of feature. The proposed method also has a higher detection accuracy than other methods and is suitable for the real-time detection of many phishing websites. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Framework of phishing website detection model.</p> Full article ">Figure 2
<p>Morpheme-related-feature extraction algorithm flowchart.</p> Full article ">Figure 3
<p>Domain-name information-extraction crawler program steps.</p> Full article ">Figure 4
<p>Leaf-wise growth strategy.</p> Full article ">Figure 5
<p>Dataset partition.</p> Full article ">Figure 6
<p>Relationship between feature dimension and the classification effect.</p> Full article ">Figure 7
<p>The relationship between feature types and detection effects.</p> Full article ">Figure 8
<p>Detection efficiency of different models.</p> Full article ">
16 pages, 550 KiB  
Article
LILP: A Lightweight Enciphering Algorithm to Encrypt Arbitrary-Length Messages
by Xing Zhang, Jian Chen, Tianning Li, Gang Dai and Changda Wang
Symmetry 2023, 15(1), 177; https://doi.org/10.3390/sym15010177 - 7 Jan 2023
Viewed by 1377
Abstract
The advancement of the Internet of Things (IoT) has promoted the development of embedded devices. It is important to ensure data transmission security on embedded devices with limited computing power and storage space. However, the traditional block encryption algorithm cannot run efficiently on [...] Read more.
The advancement of the Internet of Things (IoT) has promoted the development of embedded devices. It is important to ensure data transmission security on embedded devices with limited computing power and storage space. However, the traditional block encryption algorithm cannot run efficiently on embedded devices because of the large amount of computation. In this paper, a lightweight length-preserving-encryption algorithm (LILP) is proposed to convert an n-bit block cipher into a special block cipher that supports an arbitrary length of no less than 2n bits as input. LILP adopts the involution design method based on a Lai–Massey structure and lightweight components to adapt to the limited computing power of embedded devices. In particular, a lightweight compression function (LCF) is designed to process the data during iteration, which improves security without reducing the efficiency of the algorithm. The experimental results show that LILP is more efficient than traditional similar algorithms in encrypting data for resource-constrained devices while ensuring data security in the IoT. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Application of a wireless sensor network in IoT.</p> Full article ">Figure 2
<p>The encryption process of LILP.</p> Full article ">Figure 3
<p>The key schedule of LILP.</p> Full article ">Figure 4
<p>The execution flow of LCF.</p> Full article ">Figure 5
<p>Diffusion analysis of the proposed LILP.</p> Full article ">Figure 6
<p>Confusion analysis of the proposed LILP.</p> Full article ">Figure 7
<p>Comparisons of the execution time of LILP and XCB.</p> Full article ">Figure 8
<p>Comparison of the execution time of ABL, HCTR, XCB and LILP.</p> Full article ">Figure 9
<p>Comparison of the execution time of key schedules.</p> Full article ">
25 pages, 1245 KiB  
Article
Implication of Lightweight and Robust Hash Function to Support Key Exchange in Health Sensor Networks
by Mishall Al-Zubaidie
Symmetry 2023, 15(1), 152; https://doi.org/10.3390/sym15010152 - 4 Jan 2023
Cited by 17 | Viewed by 2168
Abstract
Internet of Things (IoT) applications are critical for the fast delivery of health information/data in different environments. The wireless sensor network (WSN) can be used within IoT applications to collect this information in the electronic-health sector. However, the essential drawback of WSN and [...] Read more.
Internet of Things (IoT) applications are critical for the fast delivery of health information/data in different environments. The wireless sensor network (WSN) can be used within IoT applications to collect this information in the electronic-health sector. However, the essential drawback of WSN and health applications is ensuring that patient and healthcare provider data/information is protected. In addition, exchanging keys and joining the network is the first/most important line of defense to protect health information. Amid all this, the previous search has introduced many key exchange protocols but still suffers from security and performance issues for WSNs and user devices. In this research, we propose a new protocol for exchanging keys and joining the network using security algorithms that are Elliptic-curve Diffie–Hellman (ECDH) and QUARK hash (qh). We focused on applying lightweight and high-security techniques to reduce the burden on WSN resources, by adopting a solid methodological approach to support security first and performance second. The security analysis is simulated with the Scyther tool, and the results indicate that our protocol is able to block key exchange attacks known in the existing research. Furthermore, we carried out a comparison with the results of the recent search in terms of performance, our protocol provides better performance results than the results of the existing search. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>ECDH protocol.</p> Full article ">Figure 2
<p>Using ECDH protocol in hospital WSN.</p> Full article ">Figure 3
<p>QUARK permutation function.</p> Full article ">Figure 4
<p>Power and energy consumption in QUARK, SPONGENT and PHOTON.</p> Full article ">Figure 5
<p>Proposed network model.</p> Full article ">Figure 6
<p>User and sensor registration phase.</p> Full article ">Figure 7
<p>User and sensor key update phase.</p> Full article ">Figure 8
<p>User and sensor session key distribution phase.</p> Full article ">Figure 9
<p>Proposed ECDH-QUARK results by SYTHER checker.</p> Full article ">
12 pages, 312 KiB  
Article
New Differentially 4-Uniform Piecewise Permutations over F22k from the Inverse Function
by Shuai Li and Li Miao
Symmetry 2023, 15(1), 131; https://doi.org/10.3390/sym15010131 - 2 Jan 2023
Viewed by 1489
Abstract
Permutations with low differential uniformity, high nonlinearity and high algebraic degree over F22k are preferred substitution boxes in modern block ciphers. In this paper, we study the bijectivity and the difference uniformity of piecewise function with the help of permutation [...] Read more.
Permutations with low differential uniformity, high nonlinearity and high algebraic degree over F22k are preferred substitution boxes in modern block ciphers. In this paper, we study the bijectivity and the difference uniformity of piecewise function with the help of permutation group theory. Based on our results, We found many at least differentially 6-uniform and differentially 4-uniform permutations over F22k, which can be chosen as the substitution boxes. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>The relation <math display="inline"><semantics> <mrow> <mi>c</mi> <mo>∈</mo> <msub> <mi mathvariant="double-struck">F</mi> <msup> <mn>2</mn> <mn>6</mn> </msup> </msub> <mo>\</mo> <mrow> <mo stretchy="false">{</mo> <mn>0</mn> <mo>,</mo> <mn>1</mn> <mo stretchy="false">}</mo> </mrow> </mrow> </semantics></math> and the number of orbits under <math display="inline"><semantics> <msub> <mi>G</mi> <mi>c</mi> </msub> </semantics></math>.</p> Full article ">Figure 2
<p>The relation <math display="inline"><semantics> <mrow> <mi>c</mi> <mo>∈</mo> <msub> <mi mathvariant="double-struck">F</mi> <msup> <mn>2</mn> <mn>8</mn> </msup> </msub> <mo>\</mo> <mrow> <mo stretchy="false">{</mo> <mn>0</mn> <mo>,</mo> <mn>1</mn> <mo stretchy="false">}</mo> </mrow> </mrow> </semantics></math> and the number of orbits under <math display="inline"><semantics> <msub> <mi>G</mi> <mi>c</mi> </msub> </semantics></math>.</p> Full article ">
33 pages, 4253 KiB  
Article
Application of DNA Coding, the Lorenz Differential Equations and a Variation of the Logistic Map in a Multi-Stage Cryptosystem
by Mohamed Gabr, Hana Younis, Marwa Ibrahim, Sara Alajmy, Ijaz Khalid, Eman Azab, Rimon Elias and Wassim Alexan
Symmetry 2022, 14(12), 2559; https://doi.org/10.3390/sym14122559 - 4 Dec 2022
Cited by 37 | Viewed by 2987
Abstract
The need for information security has become urgent due to the constantly changing nature of the Internet and wireless communications, as well as the daily generation of enormous volumes of multimedia. In this paper, a 3-stage image cryptosystem is developed and proposed. A [...] Read more.
The need for information security has become urgent due to the constantly changing nature of the Internet and wireless communications, as well as the daily generation of enormous volumes of multimedia. In this paper, a 3-stage image cryptosystem is developed and proposed. A tan variation of the logistic map is utilized to carry out deoxyribonucleic acid (DNA) encoding in the first stage. For the second encryption stage, the numerical solution of the Lorenz differential equations and a linear descent algorithm are jointly employed to build a robust S-box. The logistic map in its original form is utilized in the third stage. Diffusion is guaranteed through the first and third encryption stages, while confusion is guaranteed through the application of the S-box in the second encryption stage. Carrying out both confusion- and diffusion-inducing stages results in encrypted images that are completely asymmetric to their original (plain) counterparts. An extensive numerical analysis is carried out and discussed, showcasing the robustness and efficacy of the proposed algorithm in terms of resistance to visual, statistical, entropy, differential, known plaint text and brute-force attacks. Average values for the computed metrics are: Information entropy of 7.99, MSE of 9704, PSNR of 8.3 dB, MAE of 80.8, NPCR of 99.6 and UACI of 33. The proposed algorithm is shown to exhibit low computational complexity, encrypting images at an average rate of 1.015 Mbps. Moreover, it possesses a large key space of 2372, and is demonstratd to successfully pass all the tests of the NIST SP 800 suite. In order to demonstrate the superior performance of the proposed algorithm, a comparison with competing image encryption schemes from the literature is also provided. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Bifurcation diagram of the proposed tan variation of the logistic map.</p> Full article ">Figure 2
<p>Lyapunov exponent diagram of the proposed tan variation of the logistic map.</p> Full article ">Figure 3
<p>3D plot of a DNA sequence.</p> Full article ">Figure 4
<p>3D plot of the numerical solution of the Lorenz system of partial differential equations.</p> Full article ">Figure 5
<p>The first 100 points from the 1D array obtained from the 3D coordinates of the Lorenz system solution for the values <math display="inline"><semantics> <mrow> <mi>σ</mi> <mo>=</mo> <mn>10</mn> <mo>,</mo> <mo> </mo> <mi>β</mi> <mo>=</mo> <mn>8</mn> <mo>/</mo> <mn>3</mn> </mrow> </semantics></math> and <math display="inline"><semantics> <mrow> <mi>ρ</mi> <mo>=</mo> <mn>28</mn> </mrow> </semantics></math>.</p> Full article ">Figure 6
<p>Flowchart of the proposed image encryption algorithm.</p> Full article ">Figure 7
<p>Flowchart of the proposed image decryption algorithm.</p> Full article ">Figure 8
<p>Mandrill image and histogram comparison before and after encryption.</p> Full article ">Figure 9
<p>Tree image and histogram comparison before and after encryption.</p> Full article ">Figure 10
<p>Sailboat image and histogram comparison before and after encryption.</p> Full article ">Figure 11
<p>House image and histogram comparison before and after encryption.</p> Full article ">Figure 12
<p>House2 image and histogram comparison before and after encryption.</p> Full article ">Figure 13
<p>Peppers image alongside its Fourier transformation and 3D plot of its co-occurrence matrix before and after encryption.</p> Full article ">Figure 14
<p>Peppers 3D plot of its co-occurrence matrix before and after encryption for red channel.</p> Full article ">Figure 15
<p>Peppers 3D plot of its co-occurrence matrix before and after encryption for green channel.</p> Full article ">Figure 16
<p>Peppers 3D plot of its co-occurrence matrix before and after encryption for blue channel.</p> Full article ">
12 pages, 1136 KiB  
Article
Efficient Sequential and Parallel Prime Sieve Algorithms
by Hazem M. Bahig, Mohamed A. G. Hazber, Khaled Al-Utaibi, Dieaa I. Nassr and Hatem M. Bahig
Symmetry 2022, 14(12), 2527; https://doi.org/10.3390/sym14122527 - 30 Nov 2022
Cited by 3 | Viewed by 2686
Abstract
Generating prime numbers less than or equal to an integer number m plays an important role in many asymmetric key cryptosystems. Recently, a new sequential prime sieve algorithm was proposed based on set theory. The main drawback of this algorithm is that the [...] Read more.
Generating prime numbers less than or equal to an integer number m plays an important role in many asymmetric key cryptosystems. Recently, a new sequential prime sieve algorithm was proposed based on set theory. The main drawback of this algorithm is that the running time and storage are high when the size of m is large. This paper introduces three new algorithms for a prime sieve based on two approaches. The first approach develops a fast sequential prime sieve algorithm based on set theory and some structural improvements to the recent prime sieve algorithm. The second approach introduces two new parallel algorithms in the shared memory parallel model based on static and dynamic strategies. The analysis of the experimental studies shows the following results. (1) The proposed sequential algorithm outperforms the recent prime sieve algorithm in terms of running time by 98% and memory consumption by 80%, on average. (2) The two proposed parallel algorithms outperform the proposed sequential algorithm by 72% and 67%, respectively, on average. (3) The maximum speedups achieved by the dynamic and static parallel algorithms using 16 threads are 7 and 4.5, respectively. As a result, the proposed algorithms are more effective than the recent algorithm in terms of running time, storage and scalability in generating primes. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Memory consumption for the AE and MAE algorithms.</p> Full article ">Figure 2
<p>Time comparisons among MAE, PMAE-1, and PMAE-2 algorithms. (<b>a</b>) The running times of MAE using t = 1, and PMAE-1 and PMAE-2 using t = 2. (<b>b</b>) The running times of PMAE-1 and PMAE-2 using t = 4. (<b>c</b>) The running times of PMAE-1 and PMAE-2 using t = 8. (<b>d</b>) The running times of PMAE-1 and PMAE-2 using t = 16.</p> Full article ">Figure 3
<p>Run times for the PMAE-1 algorithm using different threads for different data n. (<b>a</b>) n = 10<sup>8</sup>, 2 × 10<sup>8</sup>, 3 × 10<sup>8</sup>, 4 × 10<sup>8</sup>, and 5 × 10<sup>8</sup>. (<b>b</b>) n = 6 × 10<sup>8</sup>, 7 × 10<sup>8</sup>, 8 × 10<sup>8</sup>, 9 × 10<sup>8</sup>, and 10<sup>9</sup>.</p> Full article ">Figure 4
<p>Run times for the PMAE-2 algorithm using different threads for different data n. (<b>a</b>) n = 10<sup>8</sup>, 2 × 10<sup>8</sup>, 3 × 10<sup>8</sup>, 4 × 10<sup>8</sup>, and 5 × 10<sup>8</sup>. (<b>b</b>) n = 6 × 10<sup>8</sup>, 7 × 10<sup>8</sup>, 8 × 10<sup>8</sup>, 9 × 10<sup>8</sup>, and 10<sup>9</sup>.</p> Full article ">Figure 5
<p>Percentage of Step 3 compared with the total time of the PMAE-1 algorithm.</p> Full article ">
11 pages, 278 KiB  
Article
Cryptosystems Based on Tropical Congruent Transformation of Symmetric Matrices
by Huawei Huang
Symmetry 2022, 14(11), 2378; https://doi.org/10.3390/sym14112378 - 10 Nov 2022
Cited by 3 | Viewed by 1282
Abstract
Recently, public-key cryptography based on tropical semi-rings have been proposed. However, the majority of them are damaged. The main reason is that they use a public matrix to construct commutative matrix semi-rings. New public-key cryptosystems are proposed in this paper. They are based [...] Read more.
Recently, public-key cryptography based on tropical semi-rings have been proposed. However, the majority of them are damaged. The main reason is that they use a public matrix to construct commutative matrix semi-rings. New public-key cryptosystems are proposed in this paper. They are based on tropical congruent transformation of symmetric matrix by circular matrix. The NP-hard problem of solving a tropical system of nonlinear equations underlies the cryptosystem’s security. Since a known matrix cannot express the used commutative subsemi-rings of circular matrices and there is no tropical matrix addition operation and power of matrix, the cryptosystems can withstand known attacks, including the KU attack, RM attack, and IK attack. The length of the public key and private key of the new cryptosystems is half that of those described in the literature. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
14 pages, 796 KiB  
Article
Optimized Implementation of Simpira on Microcontrollers for Secure Massive Learning
by Minjoo Sim, Siwoo Eum, Hyeokdong Kwon, Kyungbae Jang, Hyunjun Kim, Hyunji Kim, Gyeongju Song, Waikong Lee and Hwajeong Seo
Symmetry 2022, 14(11), 2377; https://doi.org/10.3390/sym14112377 - 10 Nov 2022
Viewed by 1341
Abstract
Internet of Things (IoT) technology, in which numerous devices cooperate, has a significant impact on existing industries, such as smart factories, smart cars, and smart cities. Massive learning and computing using data collected through the IoT are also being actively performed in these [...] Read more.
Internet of Things (IoT) technology, in which numerous devices cooperate, has a significant impact on existing industries, such as smart factories, smart cars, and smart cities. Massive learning and computing using data collected through the IoT are also being actively performed in these industries. Therefore, the security of low-end microcontrollers used in the Internet of Things should be highly considered due to their importance. Simpira Permutation is a Permutation design using the AES algorithm designed to run efficiently on 64-bit high-end processors. With the efficient implementation of Simpira algorithm, we can ensure secure massive learning in IoT devices without performance bottleneck. In nature, Simpira exploited the part of AES algorithm. The AES algorithm is the most widely used in the world, and Intel has developed hardware accelerated AES instruction set (AES-NI) to improve the performance of encryption. By using AES-NI modules, Simpira can be improved further on high-end devices. On the other hand, low-end processors do not support AES-NI modules. For this reason, an optimized implementation of efficient Simpira should be considered. In this paper, we present an optimized implementation of Simpira on 8-bit AVR microcontrollers and 32-bit RISC-V processors, which are low-end processors that do not support AES-NI features. There are three new techniques applied. First, Addroundkey is computed efficiently through pre-computation. Second, it takes advantage of the characteristics of round keys to omit some of the operations. Third, we omit unnecessary operations added to use AES-NI features. We have carried out performance evaluations on 8-bit ATmega128 microcontrollers and 32-bit RISC-V processors, which show up-to 5.76× and 37.01× better performance enhancements than the-state-of-art reference C codes for the Simpira, respectively. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Structure of Simpira about <math display="inline"><semantics> <mrow> <mi>b</mi> <mo>=</mo> <mn>1</mn> </mrow> </semantics></math>; <span class="html-italic">c</span> is a counter that is initialized by one, and incremented after every use of <math display="inline"><semantics> <msub> <mi>F</mi> <mrow> <mi>c</mi> <mo>,</mo> <mi>b</mi> </mrow> </msub> </semantics></math>. Every <math display="inline"><semantics> <msub> <mi>F</mi> <mrow> <mi>c</mi> <mo>,</mo> <mi>b</mi> </mrow> </msub> </semantics></math> consists of two AES round, where the round constants that are determined from (<math display="inline"><semantics> <mrow> <mi>c</mi> <mo>,</mo> <mi>b</mi> </mrow> </semantics></math>) where <span class="html-italic">b</span> is number of blocks.</p> Full article ">Figure 2
<p>Values of each roundkey; RK = Roundkey, <span class="html-italic">c</span> is a counter that is initialized by one, and incremented after every use of F<math display="inline"><semantics> <msub> <mrow/> <mrow> <mi>c</mi> <mo>,</mo> <mi>b</mi> </mrow> </msub> </semantics></math>, Every F<math display="inline"><semantics> <msub> <mrow/> <mrow> <mi>c</mi> <mo>,</mo> <mi>b</mi> </mrow> </msub> </semantics></math> consists of two AES round, where the round constants that are determined from (<span class="html-italic">c</span>, <span class="html-italic">b</span>), <span class="html-italic">b</span> is number of blocks.</p> Full article ">Figure 3
<p>(<b>Top</b>) original Simpira structure/(<b>Bottom</b>) optimized Simpira structure.</p> Full article ">
18 pages, 3225 KiB  
Article
Instruction-Fetching Attack and Practice in Collision Fault Attack on AES
by Huilong Jiang, Xiang Zhu and Jianwei Han
Symmetry 2022, 14(10), 2201; https://doi.org/10.3390/sym14102201 - 19 Oct 2022
Cited by 2 | Viewed by 1803
Abstract
A Fault Attack (FA) is performed mainly under the data corruption model and poses a threat to security chips. Instruction corruption can enact the same purpose at the behavioral level, which is produced by interfering with the instruction system. Laser Fault Injection (LFI) [...] Read more.
A Fault Attack (FA) is performed mainly under the data corruption model and poses a threat to security chips. Instruction corruption can enact the same purpose at the behavioral level, which is produced by interfering with the instruction system. Laser Fault Injection (LFI) on program memory during the instruction-fetching process, which we refer to as an instruction-fetching attack, is studied in this paper. This process bears the ability to produce a controllable instruction-fetching fault. Our work shows the implementation of the attack and its specific application case on an 8-bit microcontroller. The main contributions of this paper include: (1) We have mapped the sensitive areas precisely to the faulted instructions via laser injection and implemented controllable instruction tampering. (2) A Collision Fault Attack (CFA) scheme based on instruction-fetching fault is proposed. (3) The impacts of the faulted instructions are fully explored, including the influence on subsequent operations and key recovery. (4) The fault mechanism of the on-chip Flash is further investigated. Instruction-fetching fault means that the controller fetches a tampered instruction from the program memory under external interference, which likely gives rise to an invalid or incorrect operation. The experiment confirms that this specific fault can induce particular types of faults that are different to realize, e.g., the byte-fault model in CFA. The realization, application and mechanism of instruction-fetching fault are discussed in detail. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Collision detection of the first AddRoundKey operation of AES.</p> Full article ">Figure 2
<p>The experimental system of pulsed laser fault injection.</p> Full article ">Figure 3
<p>The ATmega163L microcontroller and its back-side layout. The back photo is taken via infrared imaging, and certain important parts have been highlighted.</p> Full article ">Figure 4
<p>The power curve of instruction execution (blue) and the laser trigger signal (red). The oscilloscope is used to detect the working state, so as to accurately control the laser signal timing.</p> Full article ">Figure 5
<p>Implementing the attack on the LPM instruction by analyzing timing and power leakage. (<b>a</b>) Reveals the power curve of instruction execution and the laser trigger signal. The timing of the LPM instruction should be confirmed before the attack. (<b>b</b>) Shows the correlation analysis of stored data and address data with power consumption. These peaks are associated with points in time for instruction and data processing.</p> Full article ">Figure 6
<p>Experimental results of laser attack during Flash data-accessing operation. (<b>a</b>) Shows the scanning scheme, and the bottom left corner is set as the coordinate origin. (<b>c</b>) Shows a scanning area covering the whole Flash, and the sensitive areas of all bits have been highlighted. In addition, (<b>b</b>) also shows the photon leak imaging of the Flash area. The 16 bright spots may correspond to 16 sensitive positions on the upper right of (<b>c</b>), respectively.</p> Full article ">Figure 7
<p>Sensitive areas of laser-induced instruction-fetching fault for three instructions: (<b>a</b>–<b>c</b>) shows the sensitive areas of the LD, EOR and ST instructions separately. Due to the scanning granularity, some sensitive areas may not be fully covered. Each sensitive area corresponds exactly to a bit-1. Note that not all bits of each instruction can produce effective modifications by laser injection.</p> Full article ">Figure 8
<p>The number of ciphertexts to obtain the first key byte under the fault model. The figure shows the attack results on all possible key byte values (0~255) by performing a total of 25,600 fault injections: (<b>a</b>) Shows that the key byte candidate space decreases rapidly with the increase in available fault ciphertexts produced by fault injections. As the number of fault injections increases, only the unique correct key bytes will be retained. (<b>b</b>) Shows the probability of the number of ciphertexts required to obtain the correct key byte under multiple experiments. The number of plaintexts or ciphertexts corresponding to a higher blue bar is more likely to reduce the candidate space to 1, and the average number required is about 4.54.</p> Full article ">Figure 9
<p>Flash memory structure and its sensitive areas under laser injection when accessing the <span class="html-italic">i</span>th bit cell. (<b>a</b>) Shows the main modules of NOR Flash, including storage array, decoder, sensitive amplifier and control circuit. (<b>b</b>) Shows the sensitive areas, and a total of three areas are included: areas near the storage cells, decoder and sense amplifier.</p> Full article ">
26 pages, 5450 KiB  
Article
Privacy Amplification Strategies in Sequential Secret Key Distillation Protocols Based on Machine Learning
by Jelica Radomirović, Milan Milosavljević, Branko Kovačević and Miloš Jovanović
Symmetry 2022, 14(10), 2028; https://doi.org/10.3390/sym14102028 - 27 Sep 2022
Cited by 3 | Viewed by 1738
Abstract
It is well known that Renyi’s entropy of order 2 determines the maximum possible length of the distilled secret keys in sequential secret key distillation protocols so that no information is leaked to the eavesdropper. There have been no attempts to estimate this [...] Read more.
It is well known that Renyi’s entropy of order 2 determines the maximum possible length of the distilled secret keys in sequential secret key distillation protocols so that no information is leaked to the eavesdropper. There have been no attempts to estimate this key quantity based on information available to the legitimate parties to this protocol in the literature. We propose a new machine learning system, which estimates the lower bound of conditional Renyi entropy with high accuracy, based on 13 characteristics locally measured on the side of legitimate participants. The system is based on a prediction intervals deep neural network, trained for a given source of common randomness. We experimentally evaluated this result for two different sources, namely 14 and 6-dimensional EEG signals, of 50 participants, with varying advantage distillation and information reconciliation strategies with and without additional lossless compression block. Across all proposed systems and analyzed sources on average, the best machine learning strategy, called the hybrid strategy, increases the quantity of generated keys 2.77 times compared to the classical strategy. By introducing the Huffman lossless coder before the PA block, the loss of potential source randomness was reduced from 68.48% to a negligible 0.75%, while the leakage rate per one bit remains in the order of magnitude 10−4. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Source model for secret key agreement.</p> Full article ">Figure 2
<p>PA with hash functions.</p> Full article ">Figure 3
<p>Proposed machine learning system for predicting the lower bound of ECRE2. AD—advantage distillation block, IR—information reconciliation block, LLC—lossless compression block, PA—privacy amplification block, ML—machine learning block.</p> Full article ">Figure 4
<p>Prediction interval deep neural network (PIDNN) for ECRE2.</p> Full article ">Figure 5
<p>Block diagram of proposed PA strategy.</p> Full article ">Figure 6
<p>Illustration of the raw EEG source.</p> Full article ">Figure 7
<p>Illustration of the EEG metrics source.</p> Full article ">Figure 8
<p>BP AD vs. BP ADD algorithm. It can be seen that the BP ADD algorithm more significantly increases the correlation between (Alice, Bob) sequences than the BP AD algorithm.</p> Full article ">Figure 9
<p>Architecture of PIDNN for System A (obtained from the keras API, [<a href="#B36-symmetry-14-02028" class="html-bibr">36</a>]).</p> Full article ">Figure 10
<p>Architecture of PIDNN for System B and C (obtained from the keras API, [<a href="#B36-symmetry-14-02028" class="html-bibr">36</a>]).</p> Full article ">Figure 11
<p>Typical behavior of model loss (19) on training and test set during training of PIDNN.</p> Full article ">Figure 12
<p>Illustrative sample of output of PIDNN before functional transformation (15).</p> Full article ">Figure 13
<p><span class="html-italic">Blue:</span> ECRE2 histograms of the sources raw EEG and EEG metrics. It is also a histogram of generated keys by optimal PA strategy (12). <span class="html-italic">Yellow:</span> histogram of key lengths generated by ML PA strategies (21). <span class="html-italic">Brown:</span> histogram of key lengths generated by global lower bound PA strategy (9). The areas of these histograms are proportional to the total length of the generated keys of the corresponding PA strategies.</p> Full article ">Figure 14
<p><span class="html-italic">Blue:</span> ECRE2 histograms of the sources raw EEG and EEG metrics. It is also a histogram of generated keys by optimal PA strategy (12). <span class="html-italic">Yellow:</span> histogram of key lengths generated by hybrid PA strategies (22). <span class="html-italic">Brown:</span> histogram of key lengths generated by global lower bound PA strategy with bound <math display="inline"><semantics> <mrow> <msub> <mi>R</mi> <mrow> <mrow> <mn>2</mn> <mi>δ</mi> </mrow> </mrow> </msub> </mrow> </semantics></math> according to (24). The areas of these histograms are proportional to the total length of the generated keys of the corresponding PA strategies.</p> Full article ">
18 pages, 385 KiB  
Article
On (Unknowingly) Using Near-Square RSA Primes
by Wan Nur Aqlili Ruzai, Amir Hamzah Abd Ghafar, Nur Raidah Salim and Muhammad Rezal Kamel Ariffin
Symmetry 2022, 14(9), 1898; https://doi.org/10.3390/sym14091898 - 11 Sep 2022
Cited by 1 | Viewed by 2231
Abstract
The invention in 1978 of the first practical asymmetric cryptosystem known as RSA was a breakthrough within the long history of secret communications. Since its inception, the RSA cryptosystem has become embedded in millions of digital applications with the objectives of ensuring confidentiality, [...] Read more.
The invention in 1978 of the first practical asymmetric cryptosystem known as RSA was a breakthrough within the long history of secret communications. Since its inception, the RSA cryptosystem has become embedded in millions of digital applications with the objectives of ensuring confidentiality, integrity, authenticity, and disallowing repudiation. However, the generation of the RSA modulus, N=pq which requires p and q to be random primes, may accidentally entail the choice of a special type of prime called a near-square prime. This structure of N may be used unknowingly en masse in real-world applications since no current cryptographic implementation prevents its generation. In this study, we show that use of this type of prime will potentially lead to total destruction of RSA. We present three cases of near-square primes used as RSA primes, set in the form of (i) N=pq=(amra)(bmrb); (ii) N=pq=(am+ra)(bmrb); and (iii) N=pq=(amra)(bm+rb). Although (ii) and (iii) are quite similar, p and q must be within the same size range of n-bits, which results in different conditions for both cases. We formulate attacks using three different algorithms to better understand their feasibility. We also provide an efficient countermeasure that it is recommended is adopted by current cryptographic libraries with RSA implementation. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Distinct structures of near-square prime factors are covered in [<a href="#B16-symmetry-14-01898" class="html-bibr">16</a>] and <a href="#sec3-symmetry-14-01898" class="html-sec">Section 3</a> of this paper. This means that we have enclosed all the remaining cases left for using near-square primes as RSA primes. (<b>a</b>) The case when <math display="inline"><semantics> <mrow> <mi>N</mi> <mo>=</mo> <mi>p</mi> <mi>q</mi> <mo>=</mo> <mrow> <mo>(</mo> <msup> <mi>a</mi> <mi>m</mi> </msup> <mo>+</mo> <msub> <mi>r</mi> <mi>a</mi> </msub> <mo>)</mo> </mrow> <mrow> <mo>(</mo> <msup> <mi>b</mi> <mi>m</mi> </msup> <mo>+</mo> <msub> <mi>r</mi> <mi>b</mi> </msub> <mo>)</mo> </mrow> </mrow> </semantics></math> is presented in [<a href="#B16-symmetry-14-01898" class="html-bibr">16</a>]. (<b>b</b>) The case when <math display="inline"><semantics> <mrow> <mi>N</mi> <mo>=</mo> <mi>p</mi> <mi>q</mi> <mo>=</mo> <mrow> <mo>(</mo> <msup> <mi>a</mi> <mi>m</mi> </msup> <mo>−</mo> <msub> <mi>r</mi> <mi>a</mi> </msub> <mo>)</mo> </mrow> <mrow> <mo>(</mo> <msup> <mi>b</mi> <mi>m</mi> </msup> <mo>−</mo> <msub> <mi>r</mi> <mi>b</mi> </msub> <mo>)</mo> </mrow> </mrow> </semantics></math> is presented in <a href="#sec3dot1-symmetry-14-01898" class="html-sec">Section 3.1</a>. (<b>c</b>) The case when <math display="inline"><semantics> <mrow> <mi>N</mi> <mo>=</mo> <mi>p</mi> <mi>q</mi> <mo>=</mo> <mrow> <mo>(</mo> <msup> <mi>a</mi> <mi>m</mi> </msup> <mo>+</mo> <msub> <mi>r</mi> <mi>a</mi> </msub> <mo>)</mo> </mrow> <mrow> <mo>(</mo> <msup> <mi>b</mi> <mi>m</mi> </msup> <mo>−</mo> <msub> <mi>r</mi> <mi>b</mi> </msub> <mo>)</mo> </mrow> </mrow> </semantics></math> is presented in <a href="#sec3dot2-symmetry-14-01898" class="html-sec">Section 3.2</a>. (<b>d</b>) The case when <math display="inline"><semantics> <mrow> <mi>N</mi> <mo>=</mo> <mi>p</mi> <mi>q</mi> <mo>=</mo> <mrow> <mo>(</mo> <msup> <mi>a</mi> <mi>m</mi> </msup> <mo>−</mo> <msub> <mi>r</mi> <mi>a</mi> </msub> <mo>)</mo> </mrow> <mrow> <mo>(</mo> <msup> <mi>b</mi> <mi>m</mi> </msup> <mo>+</mo> <msub> <mi>r</mi> <mi>b</mi> </msub> <mo>)</mo> </mrow> </mrow> </semantics></math> is presented in <a href="#sec3dot3-symmetry-14-01898" class="html-sec">Section 3.3</a>.</p> Full article ">
13 pages, 463 KiB  
Article
Small Private Exponent Attacks on RSA Using Continued Fractions and Multicore Systems
by Hatem M. Bahig, Dieaa I. Nassr, Mohammed A. Mahdi and Hazem M. Bahig
Symmetry 2022, 14(9), 1897; https://doi.org/10.3390/sym14091897 - 10 Sep 2022
Cited by 6 | Viewed by 2220
Abstract
The RSA (Rivest–Shamir–Adleman) asymmetric-key cryptosystem is widely used for encryptions and digital signatures. Let (n,e) be the RSA public key and d be the corresponding private key (or private exponent). One of the attacks on RSA is to find [...] Read more.
The RSA (Rivest–Shamir–Adleman) asymmetric-key cryptosystem is widely used for encryptions and digital signatures. Let (n,e) be the RSA public key and d be the corresponding private key (or private exponent). One of the attacks on RSA is to find the private key d using continued fractions when d is small. In this paper, we present a new technique to improve a small private exponent attack on RSA using continued fractions and multicore systems. The idea of the proposed technique is to find an interval that contains ϕ(n), and then propose a method to generate different points in the interval that can be used by continued fraction and multicore systems to recover the private key, where ϕ is Euler’s totient function. The practical results of three small private exponent attacks on RSA show that we extended the previous bound of the private key that is discovered by continued fractions. When n is 1024 bits, we used 20 cores to extend the bound of d by 0.016 for de Weger, Maitra-Sarkar, and Nassr et al. attacks in average times 7.67 h, 2.7 h, and 44 min, respectively. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Figure 1
<p>Generating test points in a round i.</p> Full article ">Figure 2
<p>Generating test points in <math display="inline"><semantics> <mrow> <mi>I</mi> <mo>=</mo> <mo>[</mo> <mn>800218</mn> <mo>,</mo> <mn>800323</mn> <mo>]</mo> <mo>,</mo> </mrow> </semantics></math> with rounds <math display="inline"><semantics> <mrow> <mn>0</mn> <mo>,</mo> <mn>1</mn> <mo>,</mo> </mrow> </semantics></math> and <math display="inline"><semantics> <mrow> <mn>2</mn> <mo>.</mo> </mrow> </semantics></math></p> Full article ">Figure 3
<p>The scatter of test points.</p> Full article ">
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-14
Back to TopTop