Previous Issue
Volume 10, April
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
6.4
2.1
Journals
Cryptography
Volume 10
Issue 3
share announcement

Cryptography, Volume 10, Issue 3 (June 2026) – 9 articles

  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
41 pages, 3933 KB  
Article
Hybrid Architecture for Protected Data Communication Inside the Private Cloud
by Biswaranjan Senapati, Lalit Narayan Mishra, Awad Bin Naeem and Amit J. Rangari
Cryptography 2026, 10(3), 36; https://doi.org/10.3390/cryptography10030036 - 2 Jun 2026
Viewed by 228
Abstract
Private cloud object stores provide infrastructure isolation but leave application-layer data exposed to insider threats and compromised credentials. This paper presents an engineering integration of an Add-Rotate-XOR (ARX) block cipher and multi-bit Least Significant Bit (LSB) steganography into an end-to-end pipeline for private [...] Read more.
Private cloud object stores provide infrastructure isolation but leave application-layer data exposed to insider threats and compromised credentials. This paper presents an engineering integration of an Add-Rotate-XOR (ARX) block cipher and multi-bit Least Significant Bit (LSB) steganography into an end-to-end pipeline for private MinIO object storage. The cipher, KREA v2, is a SPECK-64/128 derived ARX construction with three application-driven choices: CRC32 key whitening, byte-aligned rotations (α=7, β=2), and deterministic CTR-mode nonces. Mixed Integer Linear Programming (MILP) trail analysis matches SPECK-64/128’s minimum-trail weights through rounds 1–4. KREA v2 ciphertext meets standard keystream-quality preconditions (NIST SP 800-22 battery, 49.98% mean avalanche, Shannon entropy 7.9992–7.9998 bits/byte across realistic XML, JSON, video, and HTTP/2 payloads). Modified LSB (MLSB) embeds 3 bits per RGB channel with an XOR watermark at 37–38 dB Peak Signal-to-Noise Ratio (PSNR), providing 3× standard-LSB capacity. Steganalysis uses chi-square and RS detectors plus a Convolutional Neural Network (CNN) detector (Yedroudj-Net) trained on 8000 BOSSBase-1.01 cover/stego pairs; CNN area under the ROC curve is ≥0.999 against the watermarked variant. The MinIO pipeline runs at 355.1 ms (68.6% network I/O) with 100% message fidelity. The XOR watermark increases RS detectability above 75% capacity; a 200-image ablation cuts median RS detection (0.289 to 0.000) and mean (0.342 to 0.130) in a sparse-keystream variant, prioritised for follow-on full-scale evaluation. The architecture is offered as a documented engineering integration with explicit security caveats and threat-model boundaries, not as a production-hardened cryptographic primitive. Full article
(This article belongs to the Special Issue Emerging Topics in Hardware Security (2nd Edition))
Show Figures

Figure 1

26 pages, 501 KB  
Article
MPC-in-the-Head Zero-Knowledge Proof for Rank Syndrome Decoding via Mixed-Field Secret Sharing
by Xueyi Tang, Kexin Qiao, Qinghao Wu and Licheng Wang
Cryptography 2026, 10(3), 35; https://doi.org/10.3390/cryptography10030035 - 29 May 2026
Viewed by 131
Abstract
Quantum computing poses significant challenges to traditional zero-knowledge proof schemes based on number-theoretic assumptions. As a result, code-based cryptography has attracted increasing attention for its resistance against quantum computing. In this paper, we study the Rank Syndrome Decoding problem (RSD) and investigate its [...] Read more.
Quantum computing poses significant challenges to traditional zero-knowledge proof schemes based on number-theoretic assumptions. As a result, code-based cryptography has attracted increasing attention for its resistance against quantum computing. In this paper, we study the Rank Syndrome Decoding problem (RSD) and investigate its ZK proof formulation within the MPC-in-the-Head framework. To prove the possession of a secret witness, we reformulate the secret witness as a mixed-field matrix multiplication preserving the rank constraint, and then obtain a representation that aligns naturally with the local-view paradigm of MPC-in-the-Head. Utilizing this value-to-calculation technique, we introduce the RSD relation into a ZKBoo-style (2, 3)-secret-sharing MPC-in-the-Head framework and obtain an RSD-based zero-knowledge proof scheme via mixed-field secret sharing. The resulting scheme reduces the proof size relative to generic formulations while preserving completeness, soundness, and zero-knowledge for the interactive protocol. The Fiat–Shamir non-interactive extension is analyzed only in the classical random oracle model; we do not claim QROM security for this variant. Full article
Show Figures

Figure 1

35 pages, 1110 KB  
Article
A Parameterizable Research Framework for Electronic Voting Based on Cryptographic Protocols and Blockchain Audit
by Tolegen Aidynov, Dina Satybaldina, Gulsipat Abisheva and Eldor Egamberdiyev
Cryptography 2026, 10(3), 34; https://doi.org/10.3390/cryptography10030034 - 27 May 2026
Viewed by 176
Abstract
Electronic voting requires the simultaneous admission of only legitimate participants, ballot uniqueness, vote confidentiality, storage integrity, and result verifiability. Blockchain alone does not solve these problems, since ledger immutability does not guarantee anonymity, ballot correctness, or reduced trust concentration. The purpose of this [...] Read more.
Electronic voting requires the simultaneous admission of only legitimate participants, ballot uniqueness, vote confidentiality, storage integrity, and result verifiability. Blockchain alone does not solve these problems, since ledger immutability does not guarantee anonymity, ballot correctness, or reduced trust concentration. The purpose of this work is to develop a parameterizable research framework for electronic voting scenarios with enhanced cryptographic protection, allowing the security level to be varied according to the requirements of a voting scenario. The main contribution of the work is a parameterizable research architecture for composing and experimentally comparing electronic voting configurations with different security and computational profiles. The cryptographic and audit mechanisms integrated into this architecture include blind-signature-based anonymous authorization, encrypted ballot submission, blockchain-style audit, receipt verification, homomorphic tally publication, and threshold-supported tally artifacts. These mechanisms are not proposed as new cryptographic primitives; rather, they are integrated into a reproducible prototype to study how their combination affects verifiability, privacy support, auditability, and computational cost. Compared with basic blockchain-based voting prototypes, this architecture explicitly separates security, privacy, and verifiability profiles and makes their computational cost observable. The implemented prototype is used as an experimental platform for analyzing supported security properties, threat modeling, and computational cost estimation. The results show that authentication, anonymous token issuance, and receipt verification maintain an almost constant cost at the studied scale, while the main cryptographic burden is associated with encrypted ballot submission and threshold-supported tally publication. The scientific novelty of the work lies in constructing a parameterizable architecture that integrates several cryptographic mechanisms and a blockchain audit layer into one reproducible research prototype. At the same time, the proposed approach retains prototype-level limitations associated with the absence of a full zero-knowledge proof stack, independently deployed threshold authorities, and coercion-resistance mechanisms. Full article
Show Figures

Figure 1

23 pages, 1341 KB  
Article
DPS: A Post-Quantum Proxy Signature Scheme from Dilithium for IoT Applications
by Yuteng Wang, Ruoyu Ding, Tianrun Yu, Zhen Han, Jian Weng and Jiasi Weng
Cryptography 2026, 10(3), 33; https://doi.org/10.3390/cryptography10030033 - 15 May 2026
Viewed by 363
Abstract
Proxy signatures enable the secure delegation of signing authority, which is particularly useful in resource-constrained Internet of Things (IoT) environments. However, most existing schemes rely on classical hardness assumptions and therefore cannot resist quantum attacks. To address the challenge, we propose a post-quantum [...] Read more.
Proxy signatures enable the secure delegation of signing authority, which is particularly useful in resource-constrained Internet of Things (IoT) environments. However, most existing schemes rely on classical hardness assumptions and therefore cannot resist quantum attacks. To address the challenge, we propose a post-quantum proxy signature scheme based on Dilithium for IoT scenarios. We first propose an asynchronous remote key generation (ARKG) scheme based on CRYSTALS-Kyber, enabling the delegator and proxy signer to generate proxy keys of Dilithium without real-time interaction. We further integrate ARKG with the Dilithium signature scheme to construct a proxy signature scheme called DPS while ensuring the unlinkability of proxy signatures. Additionally, our proposed DPS achieves post-quantum security and provides unforgeability, distinguishability, verifiability, and undeniability with formal proofs. Experimental performance evaluation shows that our scheme yields significant efficiency gains over existing quantum-safe proxy signature solutions, with 10× speedup for both the delegation and proxy signing phases, as well as a 2.4× improvement in the verification phase. Full article
(This article belongs to the Special Issue Advances in Post-Quantum Cryptography)
Show Figures

Figure 1

13 pages, 351 KB  
Article
Relaxation of Strict Avalanche Criterion on All SHA-256 Sub-Function Combinations
by Riley Vaughn and Mike Borowczak
Cryptography 2026, 10(3), 32; https://doi.org/10.3390/cryptography10030032 - 13 May 2026
Viewed by 212
Abstract
A cryptographic hash function should dissipate patterns, such that highly related inputs are transformed into unrelated outputs. This property, known as diffusion, has been effectively measured on SHA-256 via the Strict Avalanche Criterion (SAC) throughout the 64 rounds of compression. Additionally, variants of [...] Read more.
A cryptographic hash function should dissipate patterns, such that highly related inputs are transformed into unrelated outputs. This property, known as diffusion, has been effectively measured on SHA-256 via the Strict Avalanche Criterion (SAC) throughout the 64 rounds of compression. Additionally, variants of SHA-256 with individual sub-functions removed have previously been tested. In this study, the previous work is expanded; all combinations of the seven SHA-256 sub-functions are tested for SAC, throughout the 64 rounds of compression. The threshold as to whether a variant passes the SAC is calculated with the Bonferroni Method, which results in a relaxed threshold as compared to previous measures. The SAC of each sub-function variant is compared with the SAC of variants with shared sub-functions. The sub-functions Σ1, Integer Addition, Choose, and Message Scheduler are found to consistently contribute to SAC at the earliest rounds, throughout all combinations. Full article
Show Figures

Figure 1

28 pages, 1515 KB  
Article
Q-DP-GAN: Improving EEG Data Privacy Through Quantum-Inspired Differential Privacy-Based GAN
by Shouvik Paul and Garima Bajwa
Cryptography 2026, 10(3), 31; https://doi.org/10.3390/cryptography10030031 - 11 May 2026
Viewed by 447
Abstract
Electroencephalography (EEG)-based brain–computer interface (BCI) systems pose significant privacy risks, as EEG data remain vulnerable to inference and reconstruction attacks. Conventional privacy-preserving techniques, including data anonymization, encryption, and perturbation, frequently compromise data utility or prove ineffective against advanced adversaries. To address these limitations [...] Read more.
Electroencephalography (EEG)-based brain–computer interface (BCI) systems pose significant privacy risks, as EEG data remain vulnerable to inference and reconstruction attacks. Conventional privacy-preserving techniques, including data anonymization, encryption, and perturbation, frequently compromise data utility or prove ineffective against advanced adversaries. To address these limitations and balance utility and privacy, we propose a quantum-inspired, differential privacy-based generative adversarial network (Q-DP-GAN). Unlike classical GANs, which lack adaptive privacy mechanisms during training, our method uses quantum-inspired stochasticity to dynamically calibrate noise and the privacy budget. The experimental results demonstrate that Q-DP-GAN is more robust to membership inference and reconstruction attacks than existing approaches. Evaluation on the widely used BCI Competition IV Datasets 2A and 2B indicates that our framework produces high-quality synthetic EEG data while maintaining utility and data confidentiality for BCI classification tasks. Full article
Show Figures

Figure 1

68 pages, 5976 KB  
Article
A Hybrid Module-LWE and Hash-Based Framework for Memory-Efficient Post-Quantum Key Encapsulation
by Elmin Marevac, Esad Kadušić, Nataša Živić, Sanela Nesimović and Christoph Ruland
Cryptography 2026, 10(3), 30; https://doi.org/10.3390/cryptography10030030 - 3 May 2026
Viewed by 468
Abstract
Deploying post-quantum cryptography on highly constrained devices remains challenging due to the large key sizes and substantial storage and memory-traffic demands of leading lattice-based schemes. Although constructions such as Kyber, Dilithium, and NTRU offer strong resistance against quantum adversaries, their multi-kilobyte public keys [...] Read more.
Deploying post-quantum cryptography on highly constrained devices remains challenging due to the large key sizes and substantial storage and memory-traffic demands of leading lattice-based schemes. Although constructions such as Kyber, Dilithium, and NTRU offer strong resistance against quantum adversaries, their multi-kilobyte public keys and intensive memory access patterns limit practical adoption in microcontrollers, smart cards, and low-power edge environments. This work proposes a hybrid key-encapsulation mechanism that integrates a compact, seed-generated Module-LWE structure with a quantum-secure hash-based authentication layer. The design employs a small public seed to instantiate lattice matrices on demand via a lightweight pseudorandom generator and incorporates a Merkle-tree commitment to represent compressed auxiliary error information. Additional design considerations—including sparsity-aware secret keys, SIMD-friendly polynomial operations, and cache-efficient decryption paths—are intended to reduce runtime memory usage and computational overhead. The security of the proposed construction is analysed under both Module-LWE and hash-based one-way assumptions, with further consideration of constant-time execution and cache-line alignment to mitigate side-channel risks. This hybrid approach outlines a design pathway toward post-quantum key-encapsulation mechanisms suitable for deployment on memory-limited and energy-constrained platforms. Full article
(This article belongs to the Special Issue Advances in Post-Quantum Cryptography)
Show Figures

Figure 1

18 pages, 373 KB  
Article
Space-Efficient Secret Sharing Based on Matrix Normal Forms
by Eckhard Pfluegel, Razi Arshad and Mark Jones
Cryptography 2026, 10(3), 29; https://doi.org/10.3390/cryptography10030029 - 30 Apr 2026
Viewed by 353
Abstract
Secret sharing schemes distribute a secret among participants so that only authorised subsets can reconstruct it. In this paper, we focus on space-efficient secret sharing and show that matrix normal forms can significantly reduce share sizes while achieving computational security properties. Our scheme [...] Read more.
Secret sharing schemes distribute a secret among participants so that only authorised subsets can reconstruct it. In this paper, we focus on space-efficient secret sharing and show that matrix normal forms can significantly reduce share sizes while achieving computational security properties. Our scheme is implemented within an online secret sharing architecture, where authenticated public data P is maintained and shares of private data Q are issued over a secure channel. We study an existing probabilistic matrix-based approach to share size reduction and prove that the expected number of iterations of the underlying cyclic vector algorithm is small, yielding an expected polynomial runtime. We then design a novel deterministic method based on the Frobenius canonical normal form, avoiding reliance on cyclic vector techniques, and derive its runtime complexity. This yields a space-efficient secret sharing scheme that is computationally secure under a suitably defined adversary model. We have implemented our algorithm in the computer algebra system Maple as an Open Source project and provide an evaluation of its performance. Our results demonstrate that matrix normal forms can provide a suitable mathematical framework for secure and practical secret sharing. Full article
Show Figures

Figure 1

21 pages, 439 KB  
Article
A Post-Quantum End-to-End Secure Protocol for Instant Messaging Applications
by Alfonso F. De Abiega-L’Eglisse, Kevin A. Delgado-Vargas, Humberto A. Ortega Alcocer, Gina Gallegos-García and Eliseo Sarmiento-Rosales
Cryptography 2026, 10(3), 28; https://doi.org/10.3390/cryptography10030028 - 23 Apr 2026
Viewed by 582
Abstract
Modern instant messaging systems require end-to-end (E2E) security guarantees while operating over server-mediated infrastructures that cannot be fully trusted. At the same time, the impending transition to post-quantum cryptography raises nontrivial challenges for the design of secure messaging protocols that preserve these guarantees. [...] Read more.
Modern instant messaging systems require end-to-end (E2E) security guarantees while operating over server-mediated infrastructures that cannot be fully trusted. At the same time, the impending transition to post-quantum cryptography raises nontrivial challenges for the design of secure messaging protocols that preserve these guarantees. In this work, we present the design of a post-quantum end-to-end secure protocol for instant messaging applications under an untrusted relay model. The proposed construction relies on lattice-based primitives standardized by NIST, namely ML-KEM for key establishment and ML-DSA for authentication, and follows a Double-KEM pattern combined with explicit context binding to derive an E2E session key known only to the communicating clients. The server acts solely as an authenticated relay and never gains access to plaintext messages or session keys. In addition to the protocol design, we complement the protocol description with an automated symbolic verification using ProVerif, establishing injective mutual authentication and session-key secrecy under a Dolev–Yao adversary model. Finally, we characterize the computational cost of different authentication and verification policies and evaluate the performance of the handshake on heterogeneous cloud-based architectures. The results provide practical insight into the feasibility of deploying post-quantum end-to-end secure protocols within existing instant messaging infrastructures. Full article
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-9
Previous Issue
Back to TopTop