Cryptography

39 pages, 538 KB

Open AccessArticle

Universally Composable Traceable Ring Signature with Verifiable Random Function in Logarithmic Size

by Kwan Yin Chan, Tsz Hon Yuen and Siu Ming Yiu

Cryptography 2025, 9(3), 59; https://doi.org/10.3390/cryptography9030059 - 12 Sep 2025

Viewed by 244

Traceable ring signatures (TRSs) allow a signer to create a signature that maintains anonymity while enabling traceability if needed. It merges the characteristics of traditional ring signatures with the ability to trace signers, making it ideal for applications that demand both confidentiality and [...] Read more.

Traceable ring signatures (TRSs) allow a signer to create a signature that maintains anonymity while enabling traceability if needed. It merges the characteristics of traditional ring signatures with the ability to trace signers, making it ideal for applications that demand both confidentiality and accountability. In a TRS scheme, a ring of potential signers generates a signature on a message without disclosing the actual signer’s identity. However, the identity can be traced if the signer uses the same tag for multiple signatures. This paper introduces a novel formal construction of TRS under universally composable (UC) security. We integrate verifiable random functions (VRFs) and zero-knowledge proofs for membership, employing Pedersen commitments. Our signature schemes maintain a logarithmic size while preserving the UC security guarantees. Additionally, we explore the potential to extend the property of one-time anonymity in TRS to K-time anonymity. Full article

(This article belongs to the Special Issue Cryptography and Network Security—CANS 2024)

► Show Figures

Figure 1

16 pages, 1287 KB

Open AccessArticle

From Chaos to Security: A Comparative Study of Lorenz and Rössler Systems in Cryptography

by Alexandru Dinu

Cryptography 2025, 9(3), 58; https://doi.org/10.3390/cryptography9030058 - 12 Sep 2025

Viewed by 263

Abstract

Chaotic systems, governed by deterministic nonlinear equations yet exhibiting highly complex and unpredictable behaviors, have emerged as valuable tools at the intersection of mathematics, engineering, and information security. This paper presents a comparative study of the Lorenz and Rössler systems, focusing on their [...] Read more.

Chaotic systems, governed by deterministic nonlinear equations yet exhibiting highly complex and unpredictable behaviors, have emerged as valuable tools at the intersection of mathematics, engineering, and information security. This paper presents a comparative study of the Lorenz and Rössler systems, focusing on their dynamic complexity and statistical independence—two critical properties for applications in chaos-based cryptography. By integrating techniques from nonlinear dynamics (e.g., Lyapunov exponents, KS entropy, Kaplan–Yorke dimension) and statistical testing (e.g., chi-square and Gaussian transformation-based independence tests), we provide a quantitative framework to evaluate the pseudo-randomness potential of chaotic trajectories. Our results show that the Lorenz system offers faster convergence to chaos and superior statistical independence over time, making it more suitable for rapid encryption schemes. In contrast, the Rössler system provides complementary insights due to its simpler attractor and longer memory. These findings contribute to a multidisciplinary methodology for selecting and optimizing chaotic systems in secure communication and signal processing contexts. Full article

(This article belongs to the Special Issue Interdisciplinary Cryptography)

► Show Figures

Figure 1

28 pages, 8109 KB

Open AccessArticle

A Face Image Encryption Scheme Based on Nonlinear Dynamics and RNA Cryptography

by Xiyuan Cheng, Tiancong Cheng, Xinyu Yang, Wenbin Cheng and Yiting Lin

Cryptography 2025, 9(3), 57; https://doi.org/10.3390/cryptography9030057 - 4 Sep 2025

Viewed by 359

Abstract

With the rapid development of big data and artificial intelligence, the problem of image privacy leakage has become increasingly prominent, especially for images containing sensitive information such as faces, which poses a higher security risk. In order to improve the security and efficiency [...] Read more.

With the rapid development of big data and artificial intelligence, the problem of image privacy leakage has become increasingly prominent, especially for images containing sensitive information such as faces, which poses a higher security risk. In order to improve the security and efficiency of image privacy protection, this paper proposes an image encryption scheme that integrates face detection and multi-level encryption technology. Specifically, a multi-task convolutional neural network (MTCNN) is used to accurately extract the face area to ensure accurate positioning and high processing efficiency. For the extracted face area, a hierarchical encryption framework is constructed using chaotic systems, lightweight block permutations, RNA cryptographic systems, and bit diffusion, which increases data complexity and unpredictability. In addition, a key update mechanism based on dynamic feedback is introduced to enable the key to change in real time during the encryption process, effectively resisting known plaintext and chosen plaintext attacks. Experimental results show that the scheme performs well in terms of encryption security, robustness, computational efficiency, and image reconstruction quality. This study provides a practical and effective solution for the secure storage and transmission of sensitive face images, and provides valuable support for image privacy protection in intelligent systems. Full article

(This article belongs to the Special Issue Advanced Techniques in Watermarking, Encryption and Steganography for Secure Communication)

► Show Figures

Figure 1

21 pages, 390 KB

Open AccessArticle

Novel Approach to Degree, Balancedness, and Affine Equivalence of Boolean Functions and Construction of a Special Class of Non-Quadratic Balanced Boolean Functions

by Sunil Kumar, Dharminder Chaudhary, S. A. Lakshmanan and Cheng-Chi Lee

Cryptography 2025, 9(3), 56; https://doi.org/10.3390/cryptography9030056 - 29 Aug 2025

Viewed by 390

Abstract

In several stream cipher designs, Boolean functions (BFs) play a crucial role as non-linear components, either serving as filtering functions or being used within the combining process. The overall strength of stream ciphers mainly depends on certain cryptographic properties of BFs, including their [...] Read more.

In several stream cipher designs, Boolean functions (BFs) play a crucial role as non-linear components, either serving as filtering functions or being used within the combining process. The overall strength of stream ciphers mainly depends on certain cryptographic properties of BFs, including their balancedness, non-linearity, resistance to correlation, and algebraic degrees. In this paper, we present novel findings related to the algebraic degrees of BFs, which play an important role in the design of symmetric cryptographic systems, and propose a novel algorithm to directly deduce the algebraic degree of a Boolean function (BF) from its truth table. We also explore new results concerning balanced Boolean functions, specifically characterizing them by establishing new results regarding their support. Additionally, we propose a new approach for a subclass of affine equivalent Boolean functions and discuss well-known cryptographic properties in a very simple and lucid manner using this newly introduced approach. Moreover, we propose the first algorithm in the literature to construct non-quadratic balanced Boolean functions (NQBBFs) that possess no linear structure where their derivative equals 1. Finally, we discuss the complexity of this algorithm and present a table that shows the time taken by this algorithm, after its implementation in SageMath, for the generation of Boolean functions corresponding to different values of n (i.e., number of variables). Full article

29 pages, 611 KB

Open AccessArticle

Enhancing the Multikey GSW Scheme with CRT Decomposition and Ciphertext Compression for Efficient Distributed Decryption

by Kung-Wei Hu, Wun-Ting Lin, Huan-Chih Wang and Ja-Ling Wu

Cryptography 2025, 9(3), 55; https://doi.org/10.3390/cryptography9030055 - 27 Aug 2025

Viewed by 352

Abstract

This paper enhances the multikey scenario in the Gentry–Sahai–Waters (GSW) fully homomorphic encryption scheme to increase its real-world applicability. We integrate the advantages of two existing GSW multikey approaches: one enabling distributed decryption and the other reducing memory requirements. We also apply the [...] Read more.

This paper enhances the multikey scenario in the Gentry–Sahai–Waters (GSW) fully homomorphic encryption scheme to increase its real-world applicability. We integrate the advantages of two existing GSW multikey approaches: one enabling distributed decryption and the other reducing memory requirements. We also apply the CRT decomposition and ciphertext compression techniques to the multikey settings. While leveraging the effectiveness of decomposition, we adapt the compression technique for practical cryptographic applications, as demonstrated through simulations in federated learning and multiparty communication scenarios. Our work’s potential impact on the cryptography field is significant, as it offers a more efficient and secure solution for distributed data processing in real-world scenarios, thereby advancing the state of the art in secure communication systems. Full article

► Show Figures

Figure 1

25 pages, 1670 KB

Open AccessArticle

Reliability of LEON3 Processor’s Program Counter Against SEU, MBU, and SET Fault Injection

by Afef Kchaou, Sehmi Saad, Hatem Garrab and Mohsen Machhout

Cryptography 2025, 9(3), 54; https://doi.org/10.3390/cryptography9030054 - 27 Aug 2025

Viewed by 489

Abstract

This paper presents a comprehensive register transfer-level (RTL) fault injection study targeting the program counter (PC) of the LEON3 processor, a SPARC V8-compliant core widely used in safety-critical and radiation-prone embedded applications. Using the enhanced NETFI+ framework, over four million faults, including single-event [...] Read more.

This paper presents a comprehensive register transfer-level (RTL) fault injection study targeting the program counter (PC) of the LEON3 processor, a SPARC V8-compliant core widely used in safety-critical and radiation-prone embedded applications. Using the enhanced NETFI+ framework, over four million faults, including single-event upsets (SEUs), multiple-bit upsets (MBUs), and single-event transients (SETs), were systematically injected into the PC across all pipeline stages. The analysis reveals that early stages, particularly Fetch (FE), Decode (DE), Register Access (RA), and Execute (EX), are highly sensitive to SEU and MBU faults. The propagation of errors detected in the two early stages of the pipeline (FE and DE) is classified with an important percentage of halt execution and timeout traps. Intermediate stages, such as RA and EX, exhibited a higher incidence of silent data corruption and halt execution, while the Memory (ME) and Exception (XC) stages demonstrated greater resilience through fault masking. SET faults were mostly transient and masked, though they occasionally resulted in control flow anomalies. In addition to error classification, detailed trap and exception analysis was performed to characterize fault-induced failure mechanisms. The findings underscore the need for pipeline-stage-specific hardening strategies and highlight the value of simulation-based fault injection for early design validation in safety-critical embedded processors. Full article

► Show Figures

Figure 1

24 pages, 762 KB

Open AccessArticle

A New Code-Based Identity-Based Signature Scheme from the Ternary Large-Weight SDP

by Sana Challi, Mukul Kulkarni and Taoufik Serraj

Cryptography 2025, 9(3), 53; https://doi.org/10.3390/cryptography9030053 - 4 Aug 2025

Viewed by 559

Abstract

Identity-based cryptography introduced by Shamir (Crypto’84) has seen many advances through the years. In the context of post-quantum identity-based schemes, most of the efficient designs are based on lattices. In this work, we propose an identity-based identification (IBI) scheme and an identity-based signature [...] Read more.

Identity-based cryptography introduced by Shamir (Crypto’84) has seen many advances through the years. In the context of post-quantum identity-based schemes, most of the efficient designs are based on lattices. In this work, we propose an identity-based identification (IBI) scheme and an identity-based signature (IBS) scheme based on codes. Our design combines the hash-and-sign signature scheme, Wave, with a Stern-like signature scheme, BGKM-SIG1, instantiated over a ternary field using the large-weight Syndrome Decoding Problem (SDP). Our scheme significantly outperforms existing code-based identity-based signature constructions. Full article

► Show Figures

Figure 1

24 pages, 921 KB

Open AccessArticle

Towards Empowering Stakeholders Through Decentralized Trust and Secure Livestock Data Sharing

by Abdul Ghafoor, Iraklis Symeonidis, Anna Rydberg, Cecilia Lindahl and Abdul Qadus Abbasi

Cryptography 2025, 9(3), 52; https://doi.org/10.3390/cryptography9030052 - 23 Jul 2025

Viewed by 587

Abstract

Cybersecurity represents a critical challenge for data-sharing platforms involving multiple stakeholders, particularly within complex and decentralized systems such as livestock supply chain networks. These systems demand novel approaches, robust security protocols, and advanced data management strategies to address key challenges such as data [...] Read more.

Cybersecurity represents a critical challenge for data-sharing platforms involving multiple stakeholders, particularly within complex and decentralized systems such as livestock supply chain networks. These systems demand novel approaches, robust security protocols, and advanced data management strategies to address key challenges such as data consistency, transparency, ownership, controlled access or exposure, and privacy-preserving analytics for value-added services. In this paper, we introduced the Framework for Livestock Empowerment and Decentralized Secure Data eXchange (FLEX), as a comprehensive solution grounded on five core design principles: (i) enhanced security and privacy, (ii) human-centric approach, (iii) decentralized and trusted infrastructure, (iv) system resilience, and (v) seamless collaboration across the supply chain. FLEX integrates interdisciplinary innovations, leveraging decentralized infrastructure-based protocols to ensure trust, traceability, and integrity. It employs secure data-sharing protocols and cryptographic techniques to enable controlled information exchange with authorized entities. Additionally, the use of data anonymization techniques ensures privacy. FLEX is designed and implemented using a microservices architecture and edge computing to support modularity and scalable deployment. These components collectively serve as a foundational pillar of the development of a digital product passport. The FLEX architecture adopts a layered design and incorporates robust security controls to mitigate threats identified using the STRIDE threat modeling framework. The evaluation results demonstrate the framework’s effectiveness in countering well-known cyberattacks while fulfilling its intended objectives. The performance evaluation of the implementation further validates its feasibility and stability, particularly as the volume of evidence associated with animal identities increases. All the infrastructure components, along with detailed deployment instructions, are publicly available as open-source libraries on GitHub, promoting transparency and community-driven development for wider public benefit. Full article

(This article belongs to the Special Issue Emerging Trends in Blockchain and Its Applications)

► Show Figures

Figure 1

21 pages, 423 KB

Open AccessArticle

Multi-Line Prefetch Covert Channel with Huge Pages

by Xinyao Li and Akhilesh Tyagi

Cryptography 2025, 9(3), 51; https://doi.org/10.3390/cryptography9030051 - 18 Jul 2025

Viewed by 596

Abstract

Modern x86 processors incorporate performance-enhancing features such as prefetching mechanisms, cache coherence protocols, and support for large memory pages (e.g., 2 MB huge pages). While these architectural innovations aim to reduce memory access latency, boost throughput, and maintain cache consistency across cores, they [...] Read more.

Modern x86 processors incorporate performance-enhancing features such as prefetching mechanisms, cache coherence protocols, and support for large memory pages (e.g., 2 MB huge pages). While these architectural innovations aim to reduce memory access latency, boost throughput, and maintain cache consistency across cores, they can also expose subtle microarchitectural side channels that adversaries may exploit. This study investigates how the combination of prefetching techniques and huge pages can significantly enhance the throughput and accuracy of covert channels in controlled computing environments. Building on prior work that examined the impact of the MESI cache coherence protocol using single-cache-line access without huge pages, our approach expands the attack surface by simultaneously accessing multiple cache lines across all 512 L1 lines under a 2 MB huge page configuration. As a result, our 9-bit covert channel achieves a peak throughput of 4940 KB/s—substantially exceeding previously reported benchmarks. We further validate our channel on AMD SEV-SNP virtual machines, achieving up to an 88% decoding accuracy using write-access encoding with 2 MB huge pages, demonstrating feasibility even under TEE-enforced virtualization environments. These findings highlight the need for careful consideration and evaluation of the security implications of common performance optimizations with respect to their side-channel potential. Full article

► Show Figures

Figure 1

21 pages, 360 KB

Open AccessArticle

Efficient Secure Multi-Party Computation for Multi-Dimensional Arithmetics and Its Applications

by Dongyu Wu, Bei Liang, Zijie Lu and Jintai Ding

Cryptography 2025, 9(3), 50; https://doi.org/10.3390/cryptography9030050 - 3 Jul 2025

Viewed by 793

Abstract

Over years of development in secure multi-party computation (MPC), many sophisticated functionalities have been made practical, and multi-dimensional operations occur more and more frequently in MPC protocols, especially in protocols involving datasets of vector elements, such as privacy-preserving biometric identification and privacy-preserving machine [...] Read more.

Over years of development in secure multi-party computation (MPC), many sophisticated functionalities have been made practical, and multi-dimensional operations occur more and more frequently in MPC protocols, especially in protocols involving datasets of vector elements, such as privacy-preserving biometric identification and privacy-preserving machine learning. In this paper, we introduce a new kind of correlation, called tensor triples, which is designed to make multi-dimensional MPC protocols more efficient. We will discuss the generation process, the usage, and the applications of tensor triples and show that they can accelerate privacy-preserving biometric identification protocols, such as FingerCode, Eigenfaces, and FaceNet, by more than 1000 times, with reasonable offline costs, and grant pre-computability for the secure matrix multiplication process in privacy-preserving machine learning protocols, such as SecureML and SecureNN, while achieving similar efficiency. Full article

(This article belongs to the Special Issue Cryptography and Network Security—CANS 2024)

► Show Figures

Figure 1

25 pages, 7476 KB

Open AccessArticle

Image Encryption with Dual Watermark Based on Chaotic Map

by Ran Chu, Jun Mou and Yuanhui Cui

Cryptography 2025, 9(3), 49; https://doi.org/10.3390/cryptography9030049 - 1 Jul 2025

Viewed by 908

Abstract

A dual watermark and DNA image encryption based on a chaotic map is proposed. Firstly, a new discrete chaotic map is proposed, and the dynamic characteristics are analyzed. Then, the hash value changes initial conditions, and the pseudo-random sequence is generated. The encrypted [...] Read more.

A dual watermark and DNA image encryption based on a chaotic map is proposed. Firstly, a new discrete chaotic map is proposed, and the dynamic characteristics are analyzed. Then, the hash value changes initial conditions, and the pseudo-random sequence is generated. The encrypted copyright image is fused with the feature value of the original image and then encrypted again to form zero-watermarking, which is registered with the copyright certification authority. The zero-watermarking is taken as a robust watermark and embedded into the original image based on a chaotic sequence to ensure its invisibility. Finally, a cross-mutation DNA encryption is proposed. The experimental results verify the performance of encryption and dual watermark copyright authentication, and the ability to resist attacks. Full article

(This article belongs to the Special Issue Advanced Techniques in Watermarking, Encryption and Steganography for Secure Communication)

► Show Figures

Figure 1

31 pages, 1262 KB

Open AccessArticle

Composable Privacy-Preserving Framework for Stakes-Based Online Peer-to-Peer Applications

by Nikola Hristov-Kalamov, Raúl Fernández-Ruiz, Agustín Álvarez-Marquina, Julio Guillén-García, Roberto Gallardo-Cava and Daniel Palacios-Alonso

Cryptography 2025, 9(3), 48; https://doi.org/10.3390/cryptography9030048 - 1 Jul 2025

Viewed by 633

Abstract

As the demand for expansive back-end systems in online applications continues to grow, novel frameworks are necessitated to address the escalating operational demands, energy consumption, and associated costs. Traditional Client–Server models, while offering centralized security and reliability, are characterized by their high deployment [...] Read more.

As the demand for expansive back-end systems in online applications continues to grow, novel frameworks are necessitated to address the escalating operational demands, energy consumption, and associated costs. Traditional Client–Server models, while offering centralized security and reliability, are characterized by their high deployment and maintenance expenses. Conversely, Peer-to-Peer (P2P) models, despite being cost-effective and scalable, are hindered by inherent security and data integrity challenges. Moreover, the lack of a central authority in P2P systems complicates a definitive resolution of scenarios involving stakes, where users cannot withdraw without incurring a tangible loss. In this research work, a hybrid back-end framework is introduced, combining the advantages of both models through the utilization of cryptographic algorithms and Secure Multi-Party Computation (MPC) protocols. The baseline solution is lightweight and fully composable, making it capable of utilizing different more complex slot-in MPC techniques. The proposed framework’s effectiveness is demonstrated through a simplified two-player Spades game, although it is fully generalizable to any application. Evaluations across multiple case studies reveal substantial performance enhancements compared to conventional approaches, particularly post-initialization, highlighting the scheme’s potential as a cost-effective, energy-efficient, and secure solution for modern online applications. Full article

► Show Figures

Figure 1

26 pages, 784 KB

Open AccessArticle

The Eye-Opening Arbiter-PUF FPGA Implementation with Auto Error Detection

by Holger Mandry, Julian Spiess, Bjoern Driemeyer, Joachim Becker and Maurits Ortmanns

Cryptography 2025, 9(3), 47; https://doi.org/10.3390/cryptography9030047 - 1 Jul 2025

Viewed by 764

Abstract

We present the first implementation of an FPGA-based PUF that leverages the usually contradictory requirements of stability and response time. Many state-of-the-art implementations of PUFs are either slow with a low error rate, like the ring oscillator-PUF, or fast with a higher error [...] Read more.

We present the first implementation of an FPGA-based PUF that leverages the usually contradictory requirements of stability and response time. Many state-of-the-art implementations of PUFs are either slow with a low error rate, like the ring oscillator-PUF, or fast with a higher error rate, like the arbiter-PUF. The presented implementation of an eye-opening PUF uses the phase-integrating effect of a ring oscillator to realize the shortest possible response for the required stability of the readout. This principle also allows for new automatic detection of unstable bits based on counting the number of oscillations required until an arbitration is conducted. This first implementation of an eye-opening PUF reduces the bit error rate to a number under our measurement limits, while the readout time is simultaneously kept as low as ≤1.54 μs, with an average of 0.85 μs. In addition, environmental temperature changes are evaluated, and methods for limiting these effects are discussed. Full article

(This article belongs to the Special Issue Emerging Topics in Hardware Security)

► Show Figures

Figure 1

Journal Menu

Journal Browser

Cryptography, Volume 9, Issue 3 (September 2025) – 13 articles

Further Information

Guidelines

MDPI Initiatives

Follow MDPI