Nasser Alsalami,Bingsheng Zhang

DOI: https://doi.org/10.1109/iwqos49365.2020.9213064

2020-01-01

Abstract:Public blockchains can be abused to covertly store and disseminate potentially harmful digital content which poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs; we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, we present a generic framework to immunize blockchains against these attacks.

Chao-Hsien Hsieh,Xinyu Yao,Qing Zhang,Mengchen Lv,Ruobing Wang,Bingxue Ni

DOI: https://doi.org/10.1109/access.2022.3206450

IF: 3.9

2022-09-27

IEEE Access

Abstract:Random numbers are widely used in numerical computing, statistical simulation, random sampling, etc. At present, the mechanism for generating random numbers by computers is at risk of being attacked. The generated random numbers may be predicted in some cases,. However, current RNGs used in blockchain are not sufficient enough to handle attacks. Therefore, it is necessary to improve the security of random numbers. This paper improves the random number generator and designs a secure random number generator based on blockchain (BCsRNG). In practice, an encapsulated function algorithm of the secure random number is developed with the smart contract. Moreover, an API is provided to facilitate input and output. The experimental results show that the random numbers generated by BCsRNG are difficult to decipher and have higher randomness and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Eldon Chung

2024-06-24

Abstract:In this thesis, we study extensions of statistical cryptographic primitives. In particular we study leakage-resilient secret sharing, non-malleable extractors, and immunized ideal one-way functions. The thesis is divided into three main chapters. In the first chapter, we show that 2-out-of-2 leakage resilient (and also non-malleable) secret sharing requires randomness sources that are also extractable. This rules out the possibility of using min-entropic sources. In the second, we introduce collision-resistant seeded extractors and show that any seeded extractor can be made collision resistant at a small overhead in seed length. We then use it to give a two-source non-malleable extractor with entropy rate 0.81 in one source and polylogarithmic in the other. The non-malleable extractor lead to the first statistical privacy amplification protocol against memory tampering adversaries. In the final chapter, we study the hardness of the data structure variant of the 3SUM problem which is motivated by a recent construction to immunise random oracles against pre-processing adversaries. We give worst-case data structure hardness for the 3SUM problem matching known barriers in data structures for adaptive adversaries. We also give a slightly stronger lower bound in the case of non-adaptivity. Lastly, we give a novel result in the bit-probe setting.

Cryptography and Security

Muhammad Fahad Khan,Khalid Saleem,Tariq Shah,Mohammad Mazyad Hazzazi,Ismail Bahkali,Piyush Kumar Shukla

DOI: https://doi.org/10.1155/2022/8338508

2022-05-20

Abstract:The protection of confidential information is a global issue, and block encryption algorithms are the most reliable option for securing data. The famous information theorist, Claude Shannon, has given two desirable characteristics that should exist in a strong cipher which are substitution and permutation in their fundamental research on "Communication Theory of Secrecy Systems." block ciphers strictly follow the substitution and permutation principle in an iterative manner to generate a ciphertext. The actual strength of the block ciphers against several attacks is entirely based on its substitution characteristic, which is gained by using the substitution box (S-box). In the current literature, algebraic structure-based and chaos-based techniques are highly used for the construction of S-boxes because both these techniques have favourable features for S-box construction but also various attacks of these techniques have been identified including SAT solver, linear and differential attacks, Gröbner-based attacks, XSL attacks, interpolation attacks, XL-based attacks, finite precision effect, chaotic systems degradation, predictability, weak randomness, chaotic discontinuity, and limited control parameters. The main objective of this research is to design a novel technique for the dynamic generation of S-boxes that are safe against the cryptanalysis techniques of algebraic structure-based and chaos-based approaches. True randomness has been universally recognized as the ideal method for cipher primitives design because true random numbers are unpredictable, irreversible, and unreproducible. The biggest challenge we faced during this research was how can we generate the true random numbers and how can true random numbers utilized for strengthening the S-box construction technique. The basic concept of the proposed technique is the extraction of true random bits from underwater acoustic waves and to design a novel technique for the dynamic generation of S-boxes using the chain of knight's tour. Rather than algebraic structure- and chaos-based techniques, our proposed technique depends on inevitable high-quality randomness which exists in underwater acoustics waves. The proposed method satisfies all standard evaluation tests of S-boxes construction and true random numbers generation. Two million bits have been analyzed using the NIST randomness test suite, and the results show that underwater sound waves are an impeccable entropy source for true randomness. Additionally, our dynamically generated S-boxes have better or equal strength, over the latest published S-boxes (2020 to 2021). According to our knowledge first time, this type of research has been conducted, in which natural randomness of underwater acoustic waves has been used for the construction of block cipher's substitution box.

Muhammad Fahad Khan,Khalid Saleem,Tariq Shah,Mohammad Mazyad Hazzazi,Ismail Bahkali,Piyush Kumar Shukla

DOI: https://doi.org/10.48550/arXiv.2205.13593

2022-05-26

Cryptography and Security

Abstract:The protection of confidential information is a global issue and block encryption algorithms are the most reliable option. The famous information theorist, Claude Shannon has given two desirable characteristics that should exist in a strong cipher which are substitution and permutation in their fundamental research on Communication Theory of Secrecy Systems. block ciphers strictly follow the substitution and permutation principle to generate a ciphertext. The actual strength of the block ciphers against several attacks is entirely based on its substitution characteristic, which is gained by using the S-Box. In the current literature, algebraic structure-based and chaos-based techniques are highly used for the construction of S-boxes because both these techniques have favourable features for S-box construction, but also various attacks of these techniques have been identified. True randomness has been universally recognized as the ideal method for cipher primitives design because true random numbers are unpredictable, irreversible, and unreproducible. The basic concept of the proposed technique is the extraction of true random bits from underwater acoustic waves and to design a novel technique for the dynamic generation of S-boxes using the chain of knights tour. The proposed method satisfies all standard evaluation tests of S-boxes construction and true random numbers generation. Two million bits have been analyzed using the NIST randomness test suite, and the results show that underwater sound waves are an impeccable entropy source for true randomness. Additionally, our dynamically generated S-boxes have better or equal strength, over the latest published S-boxes (2020 to 2021). According to our knowledge first time, this type of research has been done, in which natural randomness of underwater acoustic waves has been used for the construction of block cipher's S-Box

Bong Gon Kim,Dennis Wong,Yoon Seok Yang

DOI: https://doi.org/10.5121/csit.2023.132104

2024-02-07

Abstract:We present a secure and private blockchain-based Verifiable Random Function (VRF) scheme addressing some limitations of classical VRF constructions. Given the imminent quantum computing adversarial scenario, conventional cryptographic methods face vulnerabilities. To enhance our VRF's secure randomness, we adopt post-quantum Ring-LWE encryption for synthesizing pseudo-random sequences. Considering computational costs and resultant on-chain gas costs, we suggest a bifurcated architecture for VRF design, optimizing interactions between on-chain and off-chain. Our approach employs a secure ring signature supported by NIZK proof and a delegated key generation method, inspired by the Chaum-Pedersen equality proof and the Fiat-Shamir Heuristic. Our VRF scheme integrates multi-party computation (MPC) with blockchain-based decentralized identifiers (DID), ensuring both security and randomness. We elucidate the security and privacy aspects of our VRF scheme, analyzing temporal and spatial complexities. We also approximate the entropy of the VRF scheme and detail its implementation in a Solidity contract. Also, we delineate a method for validating the VRF's proof, matching for the contexts requiring both randomness and verification. Conclusively, using the NIST SP800-22 of the statistical randomness test suite, our results exhibit a 98.86% pass rate over 11 test cases, with an average p-value of 0.5459 from 176 total tests.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Longjiang Li,Jie Wang,Rui Zhang,Yuanchen Gao,Yonggang Li,Yuming Mao

DOI: https://doi.org/10.1109/jsyst.2022.3149186

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:The exposure possibility of keys poses a great threat to almost all modern cryptography, especially in wireless communications. From the adversarys point of view, a cryptographic key can be considered as a random variable in its key space, whose security level can be measured in terms of randomness. In this article, we propose a highly exposure-resilient framework, which incorporates redundant randomness of key sources into the design of cryptographic systems to resist key exposure in encrypted communications. As hardware costs continue to decrease, the deployment of redundant randomness at the same time to achieve a better security level is affordable in the future. The framework offers a way to protect the privacy of a single key by fusing multiple redundant keys. Analysis and results demonstrate that the proposed scheme can dramatically reduce the secrecy outage probability, and provides an extensible way to enhance the encrypted communication systems resistance to unknown eavesdropping or key exposure.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Aein Rezaei Shahmirzadi,Amir Moradi

DOI: https://doi.org/10.46586/tches.v2021.i3.708-755

2021-07-09

IACR Transactions on Cryptographic Hardware and Embedded Systems

Abstract:Masking schemes are among the most popular countermeasures against Side-Channel Analysis (SCA) attacks. Realization of masked implementations on hardware faces several difficulties including dealing with glitches. Threshold Implementation (TI) is known as the first strategy with provable security in presence of glitches. In addition to the desired security order d, TI defines the minimum number of shares to also depend on the algebraic degree of the target function. This may lead to unaffordable implementation costs for higher orders.For example, at least five shares are required to protect the smallest nonlinear function against second-order attacks. By cuttingsuch a dependency, the successor schemes are able to achieve the same security level by just d + 1 shares, at the cost of high demand for fresh randomness, particularly at higher orders. In this work, we provide a methodology to realize the second-order glitch-extended probing-secure implementation of a group of quadratic functions with three shares and no fresh randomness. This allows us to construct second-order secure implementations of several cryptographic primitives with very limited number of fresh masks, including Keccak, SKINNY, Midori, PRESENT, and PRINCE.

Adnan Gutub,Faiza Al-Shaarani,Khoulood Alharthi

DOI: https://doi.org/10.1007/s11042-024-19027-9

IF: 2.577

2024-04-21

Multimedia Tools and Applications

Abstract:In the face of malicious cyberattacks, classic security approaches like cryptography and steganography are becoming not sufficient. Secrecy are normally maintained by single party holding control over data causing it possibly being lost or revealed, with or without consciousness. Secret sharing can provide assistance unifying decisions by multi-authorized individuals distributing the target-key over several authorized participants, requested to interact for reconstructing the keys to reveal the privacy. Lately, counting-based secret sharing (CBSS) has been under focus being optimistic, as potential secret sharing scheme that is fast, intuitive, and practical. A primary limitation with this scheme is its restricted number of generated key-shares, which was deployed in the matrix-based secret sharing scheme. Unfortunately, the simple intuition behind these schemes made them prone to smart cyberattacks that can make uncovering the target-key dishonestly possible. In this paper, we demonstrate significant cyberattack weakness in the CBSS scheme, that also applies to the matrix-based scheme making them both unsafely vulnerable to selected key-shares integration. We introduce a novel algorithm that can defend this speculating existence of target-key suffering via exploring the problem deeply and advising appropriate protection procedure. The study enhances the structure secrecy to ensure that the key-shares are fully safeguarded. Our work further tests the security of the CBSS scheme protection strategy experimentations demonstrating remarked organisation robustness as well as possibility of producing sophisticated, versatile security system, to overcome breaching weaknesses of key-shares components for current ongoing developing IT utilizations.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Jiayuan Zhang,Rongxin Guo,Yifan Shi,Wanting Tang

DOI: https://doi.org/10.3934/mbe.2024271

2024-06-03

Abstract:Many current electronic medical record (EMR) sharing schemes that use proxy re-encryption and blockchain do not fully consider the potential threat of malicious node impersonation attacks. This oversight could lead to data leakage as attackers masquerade as legitimate users or proxy nodes during the sharing process. To deal with this problem, we propose an EMR sharing scheme based on proxy re-encryption and blockchain to protect against impersonation attacks. First, we prevent the potential threat of impersonation attacks by generating a shared temporary key and assigning tasks to multiple proxy nodes. Second, we use a random function to ensure that the selection of encrypted proxy nodes is fair. Third, we use a combination of blockchain and the InterPlanetary File System to solve the problem of insufficient storage capacity of shared processes and ensure the storage security of EMRs. Through the security proof, our scheme guarantees anti-impersonation, anti-collusion, and anti-chosen plaintext attack capability in the sharing process of EMRs. Additionally, experiments on the blockchain platform, namely Chain33, show that our scheme significantly increases efficiency.

Zhao Feixiang,Liu Mingzhe,Wang Kun,Zhang Hong

DOI: https://doi.org/10.1016/j.optlastec.2020.106610

2021-03-01

Abstract:<p>A color image encryption algorithm using the Hénon-zigzag map and chaotic restricted Boltzmann machine (CRBM) is proposed in this paper. The proposed pseudo-random number generator, chaotic restricted Boltzmann machine (CRBM), can simultaneously generate three pseudo-random number sequences. The algorithm includes the permutation phase and the diffusion phase. In the Hénon-zigzag map-based permutation phase, zigzag map is used to modulate two pseudo-random number sequences generated by Hénon map to obtain two new pseudo-random number sequences. The mixing of these two chaotic maps makes the security of the permutation phase significantly improve. Subsequently the two pseudo-random number sequences are used for row permutation and column permutation, respectively. In the diffusion phase, through multiple iterations of CRBM of the 3 <span class="math"><math>×</math></span> 3 architecture, three pseudo-random number sequences are generated by the state values of three neurons in the visible layer. Then these three pseudo-random number sequences are used for bitxor operation with the R, G and B components of the scrambled image, respectively. A series of numerical experiments and analyses on encrypted images prove that the proposed algorithm is more secure than state-of-the-art algorithms. Furthermore, based on the combined use of blockchain and the proposed algorithm, a novel image encryption/decryption system is proposed. The system has two features: asymmetric encryption/decryption of images and authoritative verification of the integrity of encrypted images. It may provide a better understanding of blockchain in digital image encryption.</p>

optics,physics, applied

Ignacio Cascudo,Bernardo David

DOI: https://doi.org/10.1007/978-3-030-64840-4_11

2020-01-01

Abstract:In this paper we present ALBATROSS, a family of multiparty randomness generation protocols with guaranteed output delivery and public verification that allows to trade off corruption tolerance for a much improved amortized computational complexity. Our basic stand alone protocol is based on publicly verifiable secret sharing (PVSS) and is secure under in the random oracle model under the decisional Diffie-Hellman (DDH) hardness assumption. We also address the important issue of constructing Universally Composable randomness beacons, showing two UC versions of Albatross: one based on simple UC NIZKs and another one based on novel efficient “designated verifier” homomorphic commitments. Interestingly this latter version can be instantiated from a global random oracle under the weaker Computational Diffie-Hellman (CDH) assumption. An execution of ALBATROSS with n parties, out of which up to t=(1/2-ϵ)·n$$t=(1/2-\epsilon )\cdot n$$ are corrupt for a constant ϵ&gt;0$$\epsilon &gt;0$$, generates Θ(n2)$$\varTheta (n^2)$$ uniformly random values, requiring in the worst case an amortized cost per party of Θ(logn)$$\varTheta (\log n)$$ exponentiations per random value. We significantly improve on the SCRAPE protocol (Cascudo and David, ACNS 17), which required Θ(n2)$$\varTheta (n^2)$$ exponentiations per party to generate one uniformly random value. This is mainly achieved via two techniques: first, the use of packed Shamir secret sharing for the PVSS; second, the use of linear t-resilient functions (computed via a Fast Fourier Transform-based algorithm) to improve the randomness extraction.

Wenbo Zheng,Kunfeng Wang,Fei-Yue Wang

DOI: https://doi.org/10.1109/tcyb.2019.2963138

IF: 11.8

2021-01-01

IEEE Transactions on Cybernetics

Abstract:In this article, we propose a key secret-sharing technology based on generative adversarial networks (GANs) to address three major problems in the blockchain: 1) low security; 2) hard recovery of lost keys; and 3) low communication efficiency. In our scheme, the proposed network plays the role of a dealer and treats the secret-sharing process as a classification issue. The key idea is to view the secret as an image during the secret-sharing process. If the user's private key is text, we can covert the key text into an image called the original image. Specifically, we first divide the original image into original subimages by the image segmentation. Next, we encode each original subimage by DNA coding. Finally, we train the proposed network to find the key secret-sharing results. Our proposed scheme is not only a significant extension of the GANs but also a new direction for the key secret-sharing technology. The simulation results show that the scheme is secure, and both flexible and efficient in communication.

automation & control systems,computer science, cybernetics, artificial intelligence

Ferhat Erata,TingHung Chiu,Anthony Etim,Srilalith Nampally,Tejas Raju,Rajashree Ramu,Ruzica Piskac,Timos Antonopoulos,Wenjie Xiong,Jakub Szefer

2024-05-09

Abstract:This work presents a novel, black-box software-based countermeasure against physical attacks including power side-channel and fault-injection attacks. The approach uses the concept of random self-reducibility and self-correctness to add randomness and redundancy in the execution for protection. Our approach is at the operation level, is not algorithm-specific, and thus, can be applied for protecting a wide range of algorithms. The countermeasure is empirically evaluated against attacks over operations like modular exponentiation, modular multiplication, polynomial multiplication, and number theoretic transforms. An end-to-end implementation of this countermeasure is demonstrated for RSA-CRT signature algorithm and Kyber Key Generation public key cryptosystems. The countermeasure reduced the power side-channel leakage by two orders of magnitude, to an acceptably secure level in TVLA analysis. For fault injection, the countermeasure reduces the number of faults to 95.4% in average.

Cryptography and Security

M. Mohideen AbdulKader,S. Ganesh Kumar

DOI: https://doi.org/10.1007/978-3-030-92600-7_19

2021-01-01

Abstract:Blockchain is a peer to peer network that is decentralized in nature. It has immutable and persistent property which make this technology more secured. Blockchain is not only suited for crypto currencies but also used for many applications like identity protection, smart contracts, health care, online polling system and much more. In addition, blockchain network holds a distributed ledger which makes all data available to every node in the network. Due to this, security and privacy protection becomes a major concern in blockchain technology. Some of existing solutions to blockchain privacy issues are homomorphice encryption, zero knowledge proofs, ring signature and multiparty computations. Though existing privacy preservation mechanisms secures the blockchain network from privacy leakage. It has limitations when implemented in large scale applications. In this paper, a three layered protection scheme is proposed to enhance the privacy of blockchain technology. This idea of three layered protection integrates randomized address generation, content erasure mechanism and IntelSGX together and forms a secure architecture. It will enhance the security and privacy of blockchain network to a greater extent.

C. Vijesh Joe,Jennifer S. Raj

DOI: https://doi.org/10.36548/jaicn.2021.3.008

2021-09-03

September 2021

Abstract:Cloud applications that work on medical data using blockchain is used by managers and doctors in order to get the image data that is shared between various healthcare institutions. To ensure workability and privacy of the image data, it is important to verify the authenticity of the data, retrieve cypher data and encrypt plain image data. An effective methodology to encrypt the data is the use of a public key authenticated encryption methodology which ensures workability and privacy of the data. But, there are a number of such methodologies available that have been formulated previously. However, the drawback with those methodologies is their inadequacy in protecting the privacy of the data. In order to overcome these disadvantages, we propose a searchable encryption algorithm that can be used for sharing blockchain- based medical image data. This methodology provides traceability, unforgettable and non-tampered image data using blockhain technology, overcoming the drawbacks of blockchain such as computing power and storage. The proposed work will also sustain keyword guessing attacks apart from verification of authenticity and privacy protection of the image data. Taking these factors into consideration, it is determine that there is much work involved in providing stronger security and protecting privacy of data senders. The proposed methodology also meets the requirement of indistinguishability of trapdoor and ciphertext. The highlights of the proposed work are its capability in improving the performance of the system in terms of security and privacy protection.

Shengmin Xu,Jianting Ning,Xiaoguo Li,Jiaming Yuan,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tsc.2024.3356595

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry&#x27;s interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this article, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoor-based chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.

computer science, information systems, software engineering

Abdelrahman Desoky,Hany Ammar,Gamal Fahmy,Shaker El-Sappagh,Abdeltawab Hendawi,Sameh Hassanien Basha,Shaker El Sappagh

DOI: https://doi.org/10.1504/ijact.2024.138437

2024-05-05

International Journal of Applied Cryptography

Abstract:The recent advances in cryptanalysis techniques and the leakage of information about the cryptosystem used are major threats to information systems. An adversary may succeed in decrypting ciphertexts, while users of a particular cryptosystem unknowingly continue using the compromised cryptosystem. Therefore, this paper presents a novel cryptosystem based on Latin square and cognitive AI/ML for blockchain and covert communications. This cryptosystem is capable of operating in quadruple modes keyless, symmetric, asymmetric, and hybrid encryption to cipher in cipher, and hence we call it CipherInCipher. Unlike all contemporary techniques including obscurity, CipherInCipher is a public-based approach that does not depend on the secrecy of any of its related components. It attains a high level of security that protects private information not only by having strong ciphertext but also by preventing an adversary from obtaining the actual ciphertext. The presented validation study demonstrates the robust CipherInCipher capabilities of achieving the cryptographic goal.

Yuh-Min Tseng,Tung-Tso Tsai,Sen-Shan Huang,Ting-Chieh Ho

DOI: https://doi.org/10.1109/access.2024.3368442

IF: 3.9

2024-03-02

IEEE Access

Abstract:By side-channel attacks, a fraction part of secret keys used in cryptographic schemes could be leaked to adversaries. Recently, adversaries have realized practical side-channel attacks so that these existing cryptographic schemes could be broken. Indeed, researchers have invested and proposed a good approach to withstand such attacks, called as leakage-resilient cryptography. Very recently, several leakage-resilient anonymous multi-receiver encryption (LR-AMRE) schemes based on various public-key systems were also proposed. However, these LR-AMRE schemes are not suitable for a heterogeneous public-key environment under which an authorized receiver group includes heterogeneous receivers under various PKS settings and these receivers have various types of secret/public key pairs. In this article, we propose the leakage-resilient anonymous heterogeneous multi-receiver hybrid encryption (LR-AHMR-HE) scheme for the heterogeneous public-key system settings. A new framework and associated adversary games of the LR-AHMR-HE scheme are defined. In the adversary games, adversaries are admitted to continuously intercept a fraction part of secret keys. Under the adversary games, formal security proofs are provided to show that the proposed scheme is secure against two types of adversaries (illegitimate user and malicious authority). Comparisons with several related previous schemes are demonstrated to present the merits of our scheme.

computer science, information systems,telecommunications,engineering, electrical & electronic