Search Results (66)

The security of financial messaging systems is critical to maintaining trust in digital financial platforms. Despite advances in cryptography, many contemporary systems remain vulnerable to channel-based and cryptographic threats, including eavesdropping, interception, tampering, and unauthorized access. Hybrid cryptographic models that combine asymmetric encryption for secure key exchange with symmetric encryption for efficient data protection have emerged as effective approaches for strengthening confidentiality, integrity, and authenticity in financial message communications. This study presents a scoping review of literature published between 2015 and 2025, mapping research on user vulnerabilities in financial messaging systems and examining the role of hybrid cryptographic models in mitigating these risks. Guided by the PRISMA-ScR reporting standards, 615 articles were identified across nine scholarly databases. Forty-four studies met the inclusion criteria after systematic screening. The findings reveal a growing emphasis on hybrid encryption strategies, particularly RSA–AES and ECC–AES combinations, due to their balance of security strength and computational efficiency. However, significant gaps persist in empirical validation, real-world deployment, and user-centred security design, especially in mobile-first and resource-constrained environments. Existing research largely prioritizes theoretical performance and algorithmic efficiency, with limited attention to practical integration, usability, and operational constraints. This review highlights the need for holistic security frameworks that integrate cryptographic robustness with usability, regulatory compliance, and contextual deployment considerations. It provides a structured foundation for future research focused on developing scalable, user-centric, and resilient security solutions for financial messaging systems. Full article

Deepfake technology can produce highly realistic manipulated media which pose as significant cybersecurity threats, including fraud, misinformation, and privacy violations. This research proposes a deepfake prevention approach based on symmetric and asymmetric ciphers. Post-quantum asymmetric ciphers were utilized to perform digital signature operations, which offer essential security services, including integrity, authentication, and non-repudiation. Symmetric ciphers were also employed to provide confidentiality and authentication. Unlike classical ciphers that are vulnerable to quantum attacks, this study adopts quantum-resilient ciphers to offer long-term security. The proposed approach enables entities to digitally sign media content before public release on other platforms. End users can subsequently verify the authenticity of content using the public keys of the media creators. To identify the most efficient ciphers to perform cryptography operations required for deepfake prevention, the study explores the implementation of quantum-resilient symmetric and asymmetric ciphers standardized by NIST, including Dilithium, Falcon, SPHINCS+, and Ascon-80pq. Additionally, this research provides comprehensive comparisons between the various classical and post-quantum ciphers in both categories: symmetric and asymmetric. Experimental results revealed that Dilithium-5 and Falcon-512 algorithms outperform other post-quantum ciphers, with a time delay of 2.50 and 251 ms, respectively, for digital signature operations. The Falcon-512 algorithm also demonstrates superior resource efficiency, making it a cost-effective choice for digital signature operations. With respect to symmetric ciphers, Ascon-80pq achieved the lowest time consumption, taking just 0.015 ms to perform encryption and decryption operations. Also, it is a significant option for constrained devices, since it consumes fewer resources compared to standard symmetric ciphers, such as AES. Through comprehensive evaluations and comparisons of various symmetric and asymmetric ciphers, this study serves as a blueprint to identify the most efficient ciphers to perform the cryptography operations necessary for deepfake prevention. Full article

This paper presents a novel architecture for creating light agents embedded on Internet of Things (IoT) devices, specifically addressing challenges such as security, scalability, and adaptability. Despite the increasing adoption of agent-based approaches in IoT systems, security and robustness mechanisms are often treated as external or ad hoc components in many existing solutions. This limits their effectiveness in dynamic environments that transmit sensitive and personal data and are, by nature, potentially untrusted. The proposed architecture applies Pyro4 for efficient communication among agents and implements a multi-level security scheme that combines symmetric, asymmetric, and hybrid encryption with Time-Based One-Time Passwords (TOTP)-based authentication. This ensures the data confidentiality and integrity within dynamic IoT environments. A case study validates the “agent of things” concept by confirming key security mechanisms such as agent authentication, multi-factor access control, secure communication, and fault resilience. Qualitative testing proved the architecture effective in mitigating common vulnerabilities in distributed agent environments, achieving high reliability scores in terms of security and performance. Experimental results show that over 75% of agent operations were completed in under 2 milliseconds, with a success rate above 99%, confirming the architecture’s lightweight execution and real-time readiness of the architecture for IoT environments. Therefore, the proposed architecture is particularly useful for researchers and practitioners working on secure IoT systems, embedded multi-agent architectures, and intelligent edge computing environments. Full article

Unmanned Aerial Vehicles (UAVs) are increasingly integrated into Internet of Things (IoT) ecosystems for applications such as surveillance, disaster response, environmental monitoring, and logistics. These missions demand reliable and secure communication between UAVs and cloud platforms for command, control, and data storage. However, UAV communication channels are highly vulnerable to eavesdropping, spoofing, and man-in-the-middle attacks due to their wireless and often long-range nature. Traditional cryptographic schemes either impose excessive computational overhead on resource-constrained UAVs or lack sufficient robustness for cloud-level security. To address this challenge, we propose a dual-layer encryption architecture that balances lightweight efficiency with strong cryptographic guarantees. Unlike prior dual-layer approaches, the proposed framework introduces a context-aware adaptive lightweight layer for UAV-to-gateway communication and a hybrid post-quantum layer for gateway-to-cloud security, enabling dynamic cipher selection, energy-aware key scheduling, and quantum-resilient key establishment. In the first layer, UAV-to-gateway communication employs a lightweight symmetric encryption scheme optimized for low latency and minimal energy consumption. In the second layer, gateway-to-cloud communication uses post-quantum asymmetric encryption to ensure resilience against emerging quantum threats. The architecture is further reinforced with optional multi-path hardening and blockchain-assisted key lifecycle management to enhance scalability and tamper-proof auditability. Experimental evaluation using a UAV testbed and cloud integration shows that the proposed framework achieves 99.85% confidentiality preservation, reduces computational overhead on UAVs by 42%, and improves end-to-end latency by 35% compared to conventional single-layer encryption schemes. These results confirm that the proposed adaptive and hybridized dual-layer design provides a scalable, secure, and resource-aware solution for UAV-to-cloud communication, offering both present-day practicality and future-proof cryptographic resilience. Full article

While tremendous progress has been made towards achieving highly efficient and practical Private Set Intersection (PSI) protocols during the last decade, the development of post-quantum PSI is still far from satisfactory. Existing post-quantum PSI protocols encounter a dilemma: while those based on fully homomorphic encryption (FHE) achieve low online communication, they suffer from significant online computation; conversely, protocols based on post-quantum Oblivious Pseudorandom Functions (OPRFs) exhibit excellent online computational performance but incur substantially high online communication. To overcome this dilemma, we present a lattice-based PSI protocol that achieves optimal online performance in both communication and computation. Our solution introduces two core innovations: a robust signal comparison algorithm based on RLWE key exchange, which determines the intersection through signal consistency rather than direct shared key comparison, and an optimized Oblivious Key–Value Stores (OKVS) implementation featuring a composite key–value mapping for efficient handling of high-dimensional RLWE polynomials. We implement the protocol and conduct extensive benchmarks in both symmetric and asymmetric set-size settings. The results show that our construction achieves the lowest online overhead in both computation and communication among all tests. For example, with asymmetric set sizes $(2^{12},11041)$, the online phase requires only $0.132$ s, yielding $19\times$ and $282\times$ improvements over FHE-based (CCS’21) and OPRF-based (EUROCRYPT’25) protocols, respectively. Even at $(2^{24},11041)$, our online communication time is only 0.201 s, which is $226\times$ and $184\times$ that of FHE-based and OPRF-based PSI, respectively. Additionally, our online communication overhead is the lowest in all tests; however, this comes at the cost of heavy offline communication overhead for very large set sizes, revealing a clear trade-off between pre-computation and online efficiency. This work addresses a critical gap in post-quantum PSI by delivering a protocol that achieves balanced online communication and computational overhead, thereby enabling broader practical deployment. Full article

Recently, the record-level rise in Internet of Things (IoT) devices has produced unparalleled security challenges, particularly for resource-constrained devices operating under limited computational resources, memory, and power. In this context, traditional cryptographic methods not only fail but are also expensive and require extensive resources, given their static nature. In this article, an Adaptive Hybrid Cryptographic Framework (AHCF) is proposed to address the security challenges of resource-constrained IoT devices by adaptively balancing performance and protection levels, which can adaptively adjust cryptographic parameters based on the state of the device at a given time under a specific network environment and security needs. It also effectively balances security level and resource usage and employs low-overhead asymmetric key management with lightweight symmetric cryptography and machine learning-based predictors for the optimal selection of encryption schemes. Experimental testing on multiple IoT platforms has demonstrated its significant benefits, namely 42% less energy consumption, a 38% increase in processor speed, and improved security responsiveness over static deployments. This solution can be applied on boards with as little as 2 KB RAM and 16 KB flash and outperforms existing IoT standards and protocols. Full article

The rapid convergence of the Internet of Things (IoT), quantum computing, and artificial intelligence (AI) has amplified the urgency for lightweight yet resilient data protection mechanisms, particularly within unmanned aerial vehicles (UAV). Traditional cryptographic approaches, while mathematically secure, often fail to reconcile the competing requirements of robustness, computational efficiency, and energy sustainability when deployed on resource-constrained platforms such as drones. To address this gap, this paper proposes a novel hybrid lightweight cryptographic model that strategically integrates symmetric and asymmetric primitives in a dual-layer design. The model leverages the efficiency of lightweight authenticated encryption for high-throughput data protection, while incorporating elliptic-curve and lattice-based key exchange mechanisms to ensure both forward secrecy and post-quantum resilience. Experimental evaluation demonstrates that the proposed scheme achieves superior performance compared to conventional methods, offering reduced computational overhead, lower energy consumption, and enhanced resistance to cyber threats. Crucially, the model maintains high levels of confidentiality, integrity, and authenticity while extending operational endurance, making it particularly well-suited for next-generation UAV operating within the broader IoT ecosystem. Full article

The emergence of quantum computing poses significant threats to conventional public-key cryptography, driving the urgent need for quantum-resistant cryptographic solutions. While quantum key distribution addresses secure key exchange, its dependency on symmetric keys and point-to-point limitations present scalability constraints. Quantum Asymmetric Encryption (QAE) offers a promising alternative by leveraging quantum mechanical principles for security. This paper presents the first practical implementation of a QAE protocol on IBM Quantum devices, building upon the theoretical framework originally proposed by Yoon et al. We develop a generalized Grover Search Algorithm (GSA) framework that supports non-standard initial quantum states through novel diffusion operator designs, extending its applicability beyond idealized conditions. The complete QAE protocol, including key generation, encryption, and decryption stages, is translated into executable quantum circuits and evaluated on both IBM Quantum simulators and real quantum hardware. Experimental results demonstrate significant scalability challenges, with success probabilities deteriorating considerably for larger systems. The 2-qubit implementation achieves near-perfect accuracy (100% on the simulator, and 93.88% on the hardware), while performance degrades to 78.15% (simulator) and 45.84% (hardware) for 3 qubits, and declines critically to 48.08% (simulator) and 7.63% (hardware) for 4 qubits. This degradation is primarily attributed to noise and decoherence effects in current Noisy Intermediate-Scale Quantum (NISQ) devices, highlighting the limitations of single-iteration GSA approaches. Our findings underscore the critical need for enhanced hardware fidelity and algorithmic optimization to advance the practical viability of quantum cryptographic systems, providing valuable insights for bridging the gap between theoretical quantum cryptography and real-world implementations. Full article

This study surveys some cryptographic algorithms in a detailed manner; it mainly focuses on symmetric key cryptography and asymmetric key cryptography with hash functions following them. Regarding the importance of cryptography for securing communications and data integrity in the digital era, we show—using practical examples with Python 3.10 and Crypto 2 tool—how a few implementations of such encryption techniques work. To clarify this further, Caesar Cipher represents a very simple varying key, and each round of stream ciphers or block ciphers exhibits highly advanced symmetric techniques. Then, we discuss asymmetric cryptography using RSA encryption with public–private key pairs for a secure communication. Furthermore, research has been conducted into the hash functions SHA-1 and SHA-2, which form unique digital fingerprints of the information provided. This approach allows us to highlight all the positive and negative aspects of the above tools and to identify the comparative characteristics of their degree of security. This fact is highly important in determining the applicability of the security tools described above, depending on the conditions of work and threats. Full article

With the rapid evolution of smart grids, secure and efficient data communication among hierarchical sensor devices has become critical to ensure privacy and system integrity. However, existing protocols often fail to balance security strength and resource constraints of terminal sensors. In this paper, we propose a novel identity-based secure data communication protocol tailored for hierarchical sensor groups in smart grid environments. The protocol integrates symmetric and asymmetric encryption to enable secure and efficient data sharing. To reduce computational overhead, a Bloom filter is employed for lightweight identity encoding, and a cloud-assisted pre-authentication mechanism is introduced to enhance access efficiency. Furthermore, we design a dynamic group key update scheme with minimal operations to maintain forward and backward security in evolving sensor networks. Security analysis proves that the protocol is resistant to replay and impersonation attacks, while experimental results demonstrate significant improvements in computational and communication efficiency compared to state-of-the-art methods—achieving reductions of 73.94% in authentication computation cost, 37.77% in encryption, and 55.75% in decryption, along with a 79.98% decrease in communication overhead during authentication. Full article

The Internet of Vehicles (IoV) operates in an environment characterized by asymmetric security threats, where centralized vulnerabilities create a critical imbalance that can be disproportionately exploited by attackers. This study addresses this imbalance by proposing a symmetrical security framework that integrates Blockchain and Federated Learning (FL) to restore equilibrium in the Vehicle–Road–Cloud ecosystem. The evolution toward sixth-generation (6G) technologies amplifies both the potential of vehicle-to-everything (V2X) communications and its inherent security risks. The proposed framework achieves a delicate balance between robust security and operational efficiency. By leveraging blockchain’s symmetrical and decentralized distribution of trust, the framework ensures data and model integrity. Concurrently, the privacy-preserving approach of FL balances the need for collaborative intelligence with the imperative of safeguarding sensitive vehicle data. A novel Cloud Proxy Re-Encryption Offloading (CPRE-IoV) algorithm is introduced to facilitate efficient model updates. The architecture employs a partitioned blockchain and a smart contract-driven FL pipeline to symmetrically neutralize threats from malicious nodes. Finally, extensive simulations validate the framework’s effectiveness in establishing a resilient and symmetrically secure foundation for next-generation IoV networks. Full article

Federated learning promotes the development of cross-domain intelligent applications under the premise of protecting data privacy, but there are still problems of sensitive parameter information leakage of multi-party data temporal alignment and resource scheduling process, and traditional symmetric encryption schemes suffer from low efficiency and poor security. To this end, in this paper, based on the modified NTRU-type multi-key fully homomorphic encryption scheme, an asymmetric algorithm, a secure computation scheme of multi-party least common multiple and greatest common divisor without full set under the semi-honest model is proposed. Participants strictly follow the established process. Nevertheless, considering that malicious participants may engage in poisoning attacks such as tampering with or uploading incorrect data to disrupt the protocol process and cause incorrect results, a scheme against malicious spoofing is further proposed, which resists malicious spoofing behaviors and not all malicious attacks, to verify the correctness of input parameters or data through hash functions and zero-knowledge proof, ensuring it can run safely and stably. Experimental results show that our semi-honest model scheme improves the efficiency by 39.5% and 45.6% compared to similar schemes under different parameter conditions, and it is able to efficiently process small and medium-sized data in real time under high bandwidth; although there is an average time increase of 1.39 s, the anti-malicious spoofing scheme takes into account both security and efficiency, achieving the design expectations. Full article

Ratchet protocols are a class of secure protocols based on ratcheting encryption mechanisms, widely employed in instant messaging. Against the backdrop of frequent incidents of communication privacy breaches, ratchet protocols have become a vital technology for ensuring secure end-to-end communication. This paper presents a formal analysis framework for ratchet protocols grounded in Logic of Events theory (LoET). We further extend LoET by introducing dedicated Diffie–Hellman (DH) and ratchet event classes, along with tailored axioms and inference rules, to support precise modeling of ratcheted encryption. Using the Signal protocol as a case study, we construct a bidirectional authentication model and rigorously prove that both its symmetric and asymmetric ratchet phases satisfy strong authentication properties. Compared with existing formal approaches, our method enables more expressive modeling of key update sequences and supports structured reasoning over causality and authentication flows. The proposed framework lays a theoretical foundation for analyzing the security of modern ratcheted protocols and holds potential for future automated verification. Full article

Virtual reality (VR)/the metaverse is transforming into a ubiquitous technology by leveraging smart devices to provide highly immersive experiences at an affordable price. Cryptographically securing such augmented reality schemes is of paramount importance. Securely transferring the same secret key, i.e., obfuscated, between several parties is the main issue with symmetric cryptography, the workhorse of modern cryptography, because of its ease of use and quick speed. Typically, asymmetric cryptography establishes a shared secret between parties, after which the switch to symmetric encryption can be made. However, several SoTA (State-of-The-Art) security research schemes lack flexibility and scalability for industrial Internet-of-Things (IoT)-sized applications. In this paper, we present the full architecture of the PRIVocular framework. PRIVocular (i.e., PRIV(acy)-ocular) is a VR-ready hardware–software integrated system that is capable of visually transmitting user data over three versatile modes of encapsulation, encrypted—without loss of generality—using an asymmetric-key cryptosystem. These operation modes can be optical character-based or QR-tag-based. Encryption and decryption primarily depend on each mode’s success ratio of correct encoding and decoding. We investigate the most efficient means of ocular (encrypted) data transfer by considering several designs and contributing to each framework component. Our pre-prototyped framework can provide such privacy preservation (namely virtual proof of privacy (VPP)) and visually secure data transfer promptly (<1000 ms), as well as the physical distance of the smart glasses (∼50 cm). Full article

During the last five years, spiking neural P (SN P) systems have attracted a lot of attention in the field of cryptography since these systems can more efficiently support advanced and complex cryptographic algorithms due to their high computational capabilities. Specifically, these systems can be seen as a potential solution to efficiently performing asymmetric algorithms, which are more demanding than symmetric systems. This factor becomes critical, especially in resource-constrained single-board computer systems, since many of these systems are currently used to ensure the security of IoT applications in portable systems. In this work, we present for the first time the implementation of an asymmetric encryption algorithm called ElGamal based on spiking neural P systems and their cutting-edge variants. The proposed design involves the encryption and decryption processes. Specifically, we propose the design of a neural network to efficiently perform the extended Euclidean algorithm used in the decryption task. Here, we exert major efforts to create a compact and high-performance circuit to perform the extended Euclidean algorithm since the calculation of this algorithm is the most demanding when the decryption process is required. Finally, we perform several tests to show the computational capabilities of our proposal in comparison to conventional implementations on single-board computer systems. Our results show that the proposed encryption/decryption scheme potentially allows its use to ensure confidentiality, data integrity, and secure authentication, among other applications for resource-constrained embedded systems. Full article