Cryptography

22 pages, 37583 KB

Open AccessArticle

Moving-Skewness Preprocessing for Simple Power Analysis on Cryptosystems: Revealing Asymmetry in Leakage

by Zhen Li, Kexin Qiang, Yiming Yang, Zongyue Wang and An Wang

Cryptography 2026, 10(2), 23; https://doi.org/10.3390/cryptography10020023 - 3 Apr 2026

Viewed by 150

In side-channel analysis, simple power analysis (SPA) is a widely used technique for recovering secret information by exploiting differences between operations in traces. However, in realistic measurement environments, SPA is often hindered by noise, temporal misalignment, and weak or transient leakage, which obscure [...] Read more.

In side-channel analysis, simple power analysis (SPA) is a widely used technique for recovering secret information by exploiting differences between operations in traces. However, in realistic measurement environments, SPA is often hindered by noise, temporal misalignment, and weak or transient leakage, which obscure secret-dependent features in single or very few power traces. In this paper, we provide a systematic analysis of moving-skewness-based trace preprocessing for enhancing asymmetric leakage characteristics relevant to SPA. The method computes local skewness within a moving window along the trace, transforming the original signal into a skewness trace that emphasizes distributional asymmetry while suppressing noise. Unlike conventional smoothing-based preprocessing techniques, the proposed approach preserves and can even amplify subtle leakage patterns and spike-like transient events that are often attenuated by low-pass filtering or moving-average methods. To further improve applicability under different leakage conditions, we introduce feature-driven window-selection strategies that align preprocessing parameters with various leakage characteristics. Both simulated datasets and real measurement traces collected from multiple cryptographic platforms are used to evaluate the effectiveness of the approach. The experimental results indicate that moving-skewness preprocessing improves leakage visibility and achieves higher SPA success rates compared to commonly used preprocessing methods. Full article

(This article belongs to the Section Hardware Security)

► Show Figures

Figure 1

14 pages, 770 KB

Open AccessArticle

A Searchable Encryption Scheme Based on CRYSTALS-Dilithium

by Minghui Zheng, Anqi Xiao, Shicheng Huang and Deju Kong

Cryptography 2026, 10(2), 22; https://doi.org/10.3390/cryptography10020022 - 27 Mar 2026

Viewed by 240

Abstract

With the advancement in quantum computing technology, the number theory-based hard problems underlying traditional searchable encryption algorithms are now vulnerable to efficient quantum attacks. To address this challenge, this paper proposes Dilithium-PAEKS (Dilithium-Public Authenticated Encryption with Keyword Search), a searchable encryption scheme based [...] Read more.

With the advancement in quantum computing technology, the number theory-based hard problems underlying traditional searchable encryption algorithms are now vulnerable to efficient quantum attacks. To address this challenge, this paper proposes Dilithium-PAEKS (Dilithium-Public Authenticated Encryption with Keyword Search), a searchable encryption scheme based on the post-quantum cryptographic algorithm CRYSTALS-Dilithium. By transforming the verification relationship of digital signatures into a matching relationship between trapdoors and ciphertexts, the scheme not only meets the functional requirements of searchable encryption but also demonstrates quantum resistance. The implementation enhances algorithm efficiency through keyword-based signatures and dynamic matching testing mechanisms. The security of the scheme is defined by the MLWE and MSIS hard problems, with proofs of keyword ciphertext indistinguishability and trapdoor indistinguishability under the random oracle model. Additionally, the scheme provides strong resistance against both outside and insider keyword guessing attacks through sender–receiver binding mechanisms and trapdoor indistinguishability properties. Experimental results show that, compared to the post-quantum schemes CP-Absel and LB-FSSE, the proposed scheme demonstrates superior overall computational efficiency while maintaining stronger quantum resistance than the traditional scheme SM9-PAEKS. Full article

► Show Figures

Figure 1

24 pages, 1813 KB

Open AccessArticle

Homomorphic ReLU with Full-Domain Bootstrapping

by Yuqun Lin, Yi Huang, Xiaomeng Tang, Jingjing Fan, Qifei Xu, Zoe-Lin Jiang, Xiaosong Zhang and Junbin Fang

Cryptography 2026, 10(2), 21; https://doi.org/10.3390/cryptography10020021 - 24 Mar 2026

Viewed by 275

Abstract

Fully homomorphic encryption (FHE) offers a promising solution for privacy-preserving machine learning by enabling arbitrary computations on encrypted data. However, the efficient evaluation of non-linear functions—such as the ReLU activation function over large integers—remains a major obstacle in practical deployments, primarily due to [...] Read more.

Fully homomorphic encryption (FHE) offers a promising solution for privacy-preserving machine learning by enabling arbitrary computations on encrypted data. However, the efficient evaluation of non-linear functions—such as the ReLU activation function over large integers—remains a major obstacle in practical deployments, primarily due to high bootstrapping overhead and limited precision support in existing schemes. In this paper, we propose

LargeIntReLU

, a novel framework that enables efficient homomorphic ReLU evaluation over large integers (7–11 bits) via full-domain bootstrapping. Central to our approach is a signed digit decomposition algorithm,

SignedDecomp

, that partitions a large integer ciphertext into signed 6-bit segments using three new low-level primitives:

LeftShift

,

HomMod

, and

CipherClean

. This decomposition preserves arithmetic consistency, avoids cross-segment carry propagation, and allows parallelized bootstrapping. By segmenting the large integer and processing each chunk independently with optimized small-integer bootstrapping, we achieve homomorphic ReLU with full-domain bootstrapping, which significantly reduces the total number of sequential bootstrapping operations required. The security of our scheme is guaranteed by TFHE. Experimental results demonstrate that the proposed method reduces the bootstrapping cost by an average of 28.58% compared to state-of-the-art approaches while maintaining 95.2% accuracy. With execution times ranging from 1.16 s to 1.62 s across 7–11 bit integers, our work bridges a critical gap toward a scalable and efficient homomorphic ReLU function, which is useful in privacy-preserving machine learning. Furthermore, an end-to-end encrypted inference test on a CNN model with the MNIST dataset confirms its practicality, achieving 88.85% accuracy and demonstrating a complete pipeline for privacy-preserving neural network evaluation. Full article

(This article belongs to the Special Issue Information Security and Privacy—ACISP 2025)

► Show Figures

Figure 1

32 pages, 1091 KB

Open AccessArticle

Securely Scaling Autonomy: The Role of Cryptography in Future Unmanned Aircraft Systems (UASs)

by Paul Rochford, William J. Buchanan, Rich Macfarlane and Madjid Tehrani

Cryptography 2026, 10(2), 20; https://doi.org/10.3390/cryptography10020020 - 20 Mar 2026

Viewed by 293

Abstract

The decentralisation of autonomous Unmanned Aircraft Systems (UASs) introduces significant challenges in terms of establishing secure communication and consensus in contested, resource-constrained environments. This research addresses these challenges by conducting a comprehensive performance evaluation of two cryptographic technologies: Messaging Layer Security (MLS) for [...] Read more.

The decentralisation of autonomous Unmanned Aircraft Systems (UASs) introduces significant challenges in terms of establishing secure communication and consensus in contested, resource-constrained environments. This research addresses these challenges by conducting a comprehensive performance evaluation of two cryptographic technologies: Messaging Layer Security (MLS) for group key exchange, and threshold signatures (FROST and BLS) for decentralised consensus. Seven leading open-source libraries were methodically assessed through a series of static, network-simulated, and novel bulk-signing benchmarks to measure their computational efficiency and practical resilience. This paper confirms that MLS is a viable solution, capable of supporting the group sizes and throughput requirements of a UAS swarm. It corroborates prior work by identifying the Cisco MLSpp library as unsuitable for dynamic environments due to poorly scaling group management functions, while demonstrating that OpenMLS is a highly performant and scalable alternative. Furthermore, the findings show that operating MLS in a ‘key management’ mode offers a dramatic increase in performance and resilience, a critical trade-off for UAS operations. For consensus, the benchmarks reveal a range of compromises for developers to consider, while identifying the Zcash FROST implementation as the most effective all-around performer for sustained, high-volume use cases due to its balance of security features and efficient verification. Full article

► Show Figures

Figure 1

28 pages, 1682 KB

Open AccessReview

A Scoping Analysis of the Literature on the Use of Hybrid Cryptographic Systems for Data Hiding in Cloud Storage

by Luthando Mletshe, Mnoneleli Nogwina and Colin Chibaya

Cryptography 2026, 10(2), 19; https://doi.org/10.3390/cryptography10020019 - 13 Mar 2026

Viewed by 491

Abstract

Organizations have been moving on-premises data functionalities to cloud storage environments. The need for advanced hybrid cryptography is deemed a promising solution for securing data on cloud storage. This scoping review explores the application of hybrid cryptographic systems for data hiding in cloud [...] Read more.

Organizations have been moving on-premises data functionalities to cloud storage environments. The need for advanced hybrid cryptography is deemed a promising solution for securing data on cloud storage. This scoping review explores the application of hybrid cryptographic systems for data hiding in cloud storage. It focuses on identifying global research trends, technological approaches, and contextual gaps in implementation. The review systematically examines the literature from major scholarly databases to identify existing models that combine traditional and modern cryptographic techniques to enhance data confidentiality, integrity, and authenticity against cloud-based security threats. Out of the 8250 eligible papers, 24 were included in the review. The findings reveal that the majority of scholarly contributions originate from Asia, averaging 87.5%, as reflected in the distribution of included articles by continent. Particularly, India and China dominate in the space, with a complete absence of studies from Africa, including South Africa. This geographical disparity underscores a significant research gap in the contextualization of hybrid cryptographic frameworks suited to Africa’s unique infrastructural and regulatory environments. The review further reveals a limited focus on the development of lightweight, scalable, and adaptable hybrid cryptographic schemes. Such approaches are essential for addressing challenges related to bandwidth limitations, computational efficiency, and regulatory compliance in developing regions. Consequently, this study contributes by establishing a comprehensive knowledge map of hybrid cryptography for cloud security, emphasizing the necessity for region-specific, context-aware frameworks. The findings provide a foundation for future investigations aimed at developing robust efficient hybrid cryptographic models that can strengthen data security in African cloud infrastructures. Full article

(This article belongs to the Collection Survey of Cryptographic Topics)

► Show Figures

Figure 1

33 pages, 637 KB

Open AccessReview

Cryptographic Foundations of Pseudonymisation for Personal Data Protection

by Konstantinos Limniotis

Cryptography 2026, 10(2), 18; https://doi.org/10.3390/cryptography10020018 - 11 Mar 2026

Viewed by 423

Abstract

Pseudonymisation constitutes an essential technical and organisational measure for implementing personal data-protection safeguards. Its main goal is to hide identities of individuals, thus reducing data protection and privacy risks through facilitating the fulfilment of several principles such as data minimisation and security. However, [...] Read more.

Pseudonymisation constitutes an essential technical and organisational measure for implementing personal data-protection safeguards. Its main goal is to hide identities of individuals, thus reducing data protection and privacy risks through facilitating the fulfilment of several principles such as data minimisation and security. However, selecting and deploying appropriate pseudonymisation mechanisms in a risk-based approach, tailored to the specific data processing context, remains a non-trivial task. This survey paper aims to present especially how cryptography can be used at the service of pseudonymisation, putting emphasis not only on traditional approaches but also on advanced cryptographic techniques that have been proposed to address special pseudonymisation challenges. To this end, we systematically classify existing approaches according to a taxonomy that captures key design dimensions that are relevant to specific data-protection challenges. Finally, since the notion of pseudonymisation adopted in this work is grounded in European data-protection law, we also discuss recent legal developments, in particular the CJEU’s latest judgment, which refined the interpretation of pseudonymous data. Full article

(This article belongs to the Collection Survey of Cryptographic Topics)

► Show Figures

Figure 1

25 pages, 449 KB

Open AccessReview

A Survey on Classical Lattice Algorithms

by Tongchen Shen and Xiangxue Li

Cryptography 2026, 10(2), 17; https://doi.org/10.3390/cryptography10020017 - 6 Mar 2026

Viewed by 761

Abstract

The rapid advancement of quantum computing poses a severe threat to traditional public key cryptosystems. Lattice-based cryptography has emerged as a core candidate for post-quantum cryptography due to its presumed quantum resistance, robust security foundations, and functional versatility, with its concrete security relying [...] Read more.

The rapid advancement of quantum computing poses a severe threat to traditional public key cryptosystems. Lattice-based cryptography has emerged as a core candidate for post-quantum cryptography due to its presumed quantum resistance, robust security foundations, and functional versatility, with its concrete security relying on the computational hardness of lattice problems. Existing lattice-based cryptography surveys mainly focus on cryptosystem design, scheme comparisons, and post-quantum cryptography standardization progress, with only cursory coverage of classical lattice algorithms that underpin the concrete security of lattice-based cryptography. We present the first systematic survey of classical lattice algorithms, focusing on two core categories of algorithms for solving lattice problems: approximate algorithms and exact algorithms. The approximate algorithms cover mainstream lattice basis reduction methods such as Lenstra–Lenstra–Lovász (LLL), Block Korkine–Zolotarev (BKZ), and General Sieve Kernel (G6K) algorithms, as well as alternative frameworks. The exact algorithms encompass dominant techniques like enumeration and sieving algorithms, along with alternative strategies. We systematically trace the evolutionary trajectory and inherent logical connections of various algorithms, clarify their core mechanisms, and identify promising future research directions. This survey not only serves as an introductory guide for beginners but also provides a valuable reference for seasoned researchers, facilitating the concrete security evaluation of lattice-based cryptosystems and the design of novel lattice algorithms. Full article

(This article belongs to the Section Cryptography Reviews)

► Show Figures

Figure 1

34 pages, 13258 KB

Open AccessArticle

A Robust Image Encryption Framework Using Deep Feature Extraction and AES Key Optimization

by Sahara A. S. Almola, Hameed A. Younis and Raidah S. Khudeyer

Cryptography 2026, 10(2), 16; https://doi.org/10.3390/cryptography10020016 - 2 Mar 2026

Viewed by 580

Abstract

This article presents a novel framework for encrypting color images to enhance digital data security using deep learning and artificial intelligence techniques. The system employs a two-model neural architecture: the first, a Convolutional Neural Network (CNN), verifies sender authenticity during user authentication, while [...] Read more.

This article presents a novel framework for encrypting color images to enhance digital data security using deep learning and artificial intelligence techniques. The system employs a two-model neural architecture: the first, a Convolutional Neural Network (CNN), verifies sender authenticity during user authentication, while the second extracts unique fingerprint features. These features are converted into high-entropy encryption keys using Particle Swarm Optimization (PSO), minimizing key similarity and ensuring that no key is reused or transmitted. Keys are generated in real time simultaneously at both the sender and receiver ends, preventing interception or leakage and providing maximum confidentiality. Encrypted images are secured using the Advanced Encryption Standard (AES-256) with keys uniquely bound to each user’s biometric identity, ensuring personalized privacy. Evaluation using security and encryption metrics yielded strong results: entropy of 7.9991, correlation coefficient below 0.00001, NPCR of 99.66%, UACI of 33.9069%, and key space of 2²⁵⁶. Although the final encryption employs an AES-256 key (key space of 2²⁵⁶), this key is derived from a much larger deep-key space of 2⁸¹⁹² generated by multi-layer neural feature extraction and optimized via PSO, thereby significantly enhancing the overall cryptographic strength. The system also demonstrated robustness against common attacks, including noise and cropping, while maintaining recoverable original content. Furthermore, the neural models achieved classification accuracy exceeding 99.83% with an error rate below 0.05%, confirming the framework’s reliability and practical applicability. This approach provides a secure, dynamic, and efficient image encryption paradigm, combining biometric authentication and AI-based feature extraction for advanced cybersecurity applications. Full article

► Show Figures

Figure 1

22 pages, 1052 KB

Open AccessArticle

Performance Evaluation of NIST-Standardized Post-Quantum and Symmetric Ciphers for Mitigating Deepfakes

by Mohammad Alkhatib

Cryptography 2026, 10(2), 15; https://doi.org/10.3390/cryptography10020015 - 26 Feb 2026

Viewed by 560

Abstract

Deepfake technology can produce highly realistic manipulated media which pose as significant cybersecurity threats, including fraud, misinformation, and privacy violations. This research proposes a deepfake prevention approach based on symmetric and asymmetric ciphers. Post-quantum asymmetric ciphers were utilized to perform digital signature operations, [...] Read more.

Deepfake technology can produce highly realistic manipulated media which pose as significant cybersecurity threats, including fraud, misinformation, and privacy violations. This research proposes a deepfake prevention approach based on symmetric and asymmetric ciphers. Post-quantum asymmetric ciphers were utilized to perform digital signature operations, which offer essential security services, including integrity, authentication, and non-repudiation. Symmetric ciphers were also employed to provide confidentiality and authentication. Unlike classical ciphers that are vulnerable to quantum attacks, this study adopts quantum-resilient ciphers to offer long-term security. The proposed approach enables entities to digitally sign media content before public release on other platforms. End users can subsequently verify the authenticity of content using the public keys of the media creators. To identify the most efficient ciphers to perform cryptography operations required for deepfake prevention, the study explores the implementation of quantum-resilient symmetric and asymmetric ciphers standardized by NIST, including Dilithium, Falcon, SPHINCS+, and Ascon-80pq. Additionally, this research provides comprehensive comparisons between the various classical and post-quantum ciphers in both categories: symmetric and asymmetric. Experimental results revealed that Dilithium-5 and Falcon-512 algorithms outperform other post-quantum ciphers, with a time delay of 2.50 and 251 ms, respectively, for digital signature operations. The Falcon-512 algorithm also demonstrates superior resource efficiency, making it a cost-effective choice for digital signature operations. With respect to symmetric ciphers, Ascon-80pq achieved the lowest time consumption, taking just 0.015 ms to perform encryption and decryption operations. Also, it is a significant option for constrained devices, since it consumes fewer resources compared to standard symmetric ciphers, such as AES. Through comprehensive evaluations and comparisons of various symmetric and asymmetric ciphers, this study serves as a blueprint to identify the most efficient ciphers to perform the cryptography operations necessary for deepfake prevention. Full article

► Show Figures

Figure 1

Journal Menu

Journal Browser

Cryptography, Volume 10, Issue 2 (April 2026) – 9 articles

Further Information

Guidelines

MDPI Initiatives

Follow MDPI