Next Issue
Volume 10, February
Previous Issue
Volume 9, September
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.0
2.1
Journals
Cryptography
Volume 9
Issue 4
share announcement

Cryptography, Volume 9, Issue 4 (December 2025) – 21 articles

  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
20 pages, 809 KB  
Article
Role-Based Efficient Proactive Secret Sharing with User Revocation
by Yixuan He, Yuta Kodera, Yasuyuki Nogami and Samsul Huda
Cryptography 2025, 9(4), 80; https://doi.org/10.3390/cryptography9040080 - 11 Dec 2025
Viewed by 171
Abstract
Proactive secret sharing (PSS), an extension of secret-sharing schemes, safeguards sensitive data in dynamic distributed networks by periodically refreshing shares to counter adversarial attacks. In our previous work, we constructed a non-interactive proactive secret scheme by integrating threshold homomorphic encryption (ThHE) while reducing [...] Read more.
Proactive secret sharing (PSS), an extension of secret-sharing schemes, safeguards sensitive data in dynamic distributed networks by periodically refreshing shares to counter adversarial attacks. In our previous work, we constructed a non-interactive proactive secret scheme by integrating threshold homomorphic encryption (ThHE) while reducing the communication complexity to O(n). Not only is refreshing shares important but revoking the shares of users who have left the system is also essential in practical dynamic membership scenarios. However, the previous work was insufficient for supporting explicit user revocation. This study strengthens the description of roles for authorized users and proposes a scheme to achieve non-interactive share refresh and dynamic user management. In each epoch, authorized users are classified into three roles: retain, newly join, and rejoin, and they receive a broadcast of the compact ciphertext encoding both the refresh information and the revocation instructions from the trusted center (dealer). Authorized users independently derive new shares through homomorphic computations, whereas revoked users are unable to generate new shares. Hash functions are used to bind revocation parameters to the cryptographic hashes of valid users in order to guarantee integrity during revocation, allowing for effective verification without compromising non-interactivity. Our new scheme not only extends the revocation structure but also preserves the O(n) communication complexity. Full article
Show Figures

Figure 1

23 pages, 442 KB  
Article
Efficient CCA2-Secure IBKEM from Lattices in the Standard Model
by Ngoc Ai Van Nguyen, Dung Hoang Duong and Minh Thuy Truc Pham
Cryptography 2025, 9(4), 79; https://doi.org/10.3390/cryptography9040079 - 10 Dec 2025
Viewed by 99
Abstract
Recent work at SCN 2020 by Boyen, Izabachène, and Li introduced a lattice-based key-encapsulation mechanism (KEM) that achieves CCA2-security in the standard model without relying on generic transformations. Their proof, however, leaves a few gaps that prevent a fully rigorous security justification. Building [...] Read more.
Recent work at SCN 2020 by Boyen, Izabachène, and Li introduced a lattice-based key-encapsulation mechanism (KEM) that achieves CCA2-security in the standard model without relying on generic transformations. Their proof, however, leaves a few gaps that prevent a fully rigorous security justification. Building on the same design rationale, we revisit that construction and refine it to obtain a more compact and provably secure KEM under the Learning With Errors assumption. Furthermore, we extend this framework to derive an identity-based variant (IBKEM) whose security is established in the same model. The resulting schemes combine conceptual simplicity with improved efficiency and complete proofs of adaptive-ciphertext security. Full article
16 pages, 434 KB  
Article
Flexible and Area-Efficient Codesign Implementation of AES on FPGA
by Oussama Azzouzi, Mohamed Anane, Mohamed Chahine Ghanem, Yassine Himeur and Dominik Wojtczak
Cryptography 2025, 9(4), 78; https://doi.org/10.3390/cryptography9040078 - 1 Dec 2025
Cited by 1 | Viewed by 290
Abstract
As embedded and IoT systems demand secure and compact encryption, developing cryptographic solutions that are both lightweight and efficient remains a major challenge. Many existing AES implementations either lack flexibility or consume excessive hardware resources. This paper presents an area-efficient and flexible AES-128 [...] Read more.
As embedded and IoT systems demand secure and compact encryption, developing cryptographic solutions that are both lightweight and efficient remains a major challenge. Many existing AES implementations either lack flexibility or consume excessive hardware resources. This paper presents an area-efficient and flexible AES-128 implementation based on a hardware/software (HW/SW) co-design, specifically optimized for platforms with limited hardware resources, resulting in reduced power consumption. In this approach, key expansion is performed in software on a lightweight MicroBlaze processor, while encryption and decryption are accelerated by dedicated hardware IP cores optimized at the Look-up Table (LuT) level. The design is implemented on a Xilinx XC5VLX50T Virtex-5 FPGA, synthesized using Xilinx ISE 14.7, and tested at a 100 MHz system clock. It achieves a throughput of 13.3 Gbps and an area efficiency of 5.44 Gbps per slice, requiring only 2303 logic slices and 7 BRAMs on a Xilinx FPGA. It is particularly well-suited for resource-constrained applications such as IoT nodes, secure mobile devices, and smart cards. Since key expansion is executed only once per session, the runtime is dominated by AES core operations, enabling efficient processing of large data volumes. Although the present implementation targets AES-128, the HW/SW partitioning allows straightforward extension to AES-192 and AES-256 by modifying only the software Key expansion module, ensuring practical scalability with no hardware changes. Moreover, the architecture offers a balanced trade-off between performance, flexibility and resource utilization without relying on complex pipelining. Experimental results demonstrate the effectiveness and flexibility of the proposed lightweight design. Full article
Show Figures

Figure 1

25 pages, 857 KB  
Article
Evaluation of the Impact of AES Encryption on Query Read Performance Across Oracle, MySQL, and SQL Server Databases
by Márcio Carvalho, Filipe Sá and Jorge Bernardino
Cryptography 2025, 9(4), 77; https://doi.org/10.3390/cryptography9040077 - 29 Nov 2025
Viewed by 618
Abstract
Data security is essential for protecting sensitive information that could compromise both the sender and the receiver. Encryption mechanisms, such as the Advanced Encryption Standard (AES), play a key role in this protection. However, encrypting or decrypting data can significantly impact the performance [...] Read more.
Data security is essential for protecting sensitive information that could compromise both the sender and the receiver. Encryption mechanisms, such as the Advanced Encryption Standard (AES), play a key role in this protection. However, encrypting or decrypting data can significantly impact the performance of the database. This study aims to evaluate the impact of AES on the performance of SQL Server, Oracle, and MySQL when using Transparent Data Encryption (TDE) with the Transaction Processing Performance Council-H (TPC-H) benchmark at different Scale Factors. Performance was assessed using metrics such as elapsed time and system resource usage. In terms of scalability and performance efficiency, SQL Server proved to be the best among the databases tested. However, TDE introduced performance overhead compared to non-encryption test cases. Full article
Show Figures

Figure 1

27 pages, 5275 KB  
Article
Verifiable Multi-Authority Attribute-Based Encryption with Keyword Search Based on MLWE
by Saba Karimani and Taraneh Eghlidos
Cryptography 2025, 9(4), 76; https://doi.org/10.3390/cryptography9040076 - 28 Nov 2025
Viewed by 244
Abstract
Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often [...] Read more.
Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often suffer from limited security and functionality, such as lack of verifiability, vulnerability to collusion, and insider keyword-guessing attacks (IKGA), or inefficiency in multi-authority and post-quantum settings, restricting their practical deployment in real-world distributed systems. In this paper, we propose a verifiable ciphertext-policy multi-authority ABKS (MA-CP-ABKS) scheme based on the Module Learning with Errors (MLWE) problem, which provides post-quantum security, verifiability, and resistance to both collusion and IKGA. Moreover, the proposed scheme supports multi-keyword searchability and forward security, enabling secure and efficient keyword search in dynamic environments. We formally prove the correctness, verifiability, completeness, and security of the scheme under the MLWE assumption against selective chosen-keyword attacks (SCKA) in the standard model and IKGA in the random oracle model. The scheme also maintains efficient computation and manageable communication overhead. Implementation results confirm its practical performance, demonstrating that the proposed MA-CP-ABKS scheme offers a secure, verifiable, and efficient solution for multi-organizational cloud environments. Full article
Show Figures

Figure 1

16 pages, 720 KB  
Article
STAR: Self-Training Assisted Refinement for Side-Channel Analysis on Cryptosystems
by Yuheng Qian, Jing Gao, Yuhan Qian, Yaoling Ding and An Wang
Cryptography 2025, 9(4), 75; https://doi.org/10.3390/cryptography9040075 - 27 Nov 2025
Viewed by 246
Abstract
Reconstructing cryptographic operation sequences through side-channel analysis is essential for recovering private keys, but practical attacks are hindered by unlabeled, noisy, and high-dimensional power traces that challenge accurate classification. To address this, we propose STAR, a two-stage unsupervised clustering correction framework. First, a [...] Read more.
Reconstructing cryptographic operation sequences through side-channel analysis is essential for recovering private keys, but practical attacks are hindered by unlabeled, noisy, and high-dimensional power traces that challenge accurate classification. To address this, we propose STAR, a two-stage unsupervised clustering correction framework. First, a Gaussian Mixture Model (GMM) performs an initial clustering to generate reliable pseudo-labels from high-confidence samples. Next, a self-training mechanism uses these pseudo-labels to train a Convolutional Neural Network (CNN), which then iteratively reclassifies low-confidence samples to refine the entire dataset. Validated on standard ECC, RSA, and SM2 datasets, our framework achieved 100% classification accuracy, demonstrating a significant improvement of 12% to 48% over state-of-the-art methods. These findings confirm that STAR is an effective and robust framework for enhancing the precision of unsupervised side-channel analysis, thereby strengthening key recovery attacks. Full article
(This article belongs to the Section Hardware Security)
Show Figures

Figure 1

34 pages, 1196 KB  
Review
A Review on Blockchain-Based Trust and Reputation Schemes in Metaverse Environments
by Firdous Kausar, Hafiz M. Asif, Sajid Hussain and Shahid Mumtaz
Cryptography 2025, 9(4), 74; https://doi.org/10.3390/cryptography9040074 - 25 Nov 2025
Viewed by 775
Abstract
The metaverse represents a transformative integration of virtual and physical worlds, offering unprecedented opportunities for social interaction, commerce, education, healthcare, and entertainment. Establishing trust in these expansive and decentralized environments remains a critical challenge. Blockchain technology, with its decentralized, secure, and immutable nature, [...] Read more.
The metaverse represents a transformative integration of virtual and physical worlds, offering unprecedented opportunities for social interaction, commerce, education, healthcare, and entertainment. Establishing trust in these expansive and decentralized environments remains a critical challenge. Blockchain technology, with its decentralized, secure, and immutable nature, is emerging as an essential pillar of trust and digital asset ownership within the metaverse. This paper provides an extensive review of blockchain-enabled trust and reputation frameworks specifically tailored to metaverse ecosystems. We present an in-depth analysis of existing blockchain solutions across diverse metaverse domains, including gaming, virtual real estate, healthcare, and education. Our core contributions include a comprehensive taxonomy that classifies current trust and reputation schemes by their underlying mechanisms, threat models addressed, and their architectural strategies. We provide a comparative benchmark analysis evaluating key performance metrics such as security robustness, scalability, user privacy, and cross-platform interoperability, revealing critical trade-offs inherent in current designs. Our analysis finds that score-based designs trade scalability for nuanced reputation representation, while SSI- and SBT-based approaches improve Sybil-resistance but introduce significant privacy governance challenges. Finally, we outline unresolved research challenges, including cross-platform reputation portability, privacy-preserving computation, real-time trust management, and standardized governance structures. Full article
(This article belongs to the Section Blockchain Security)
Show Figures

Figure 1

24 pages, 1028 KB  
Article
Post-Quantum Key Exchange in TLS 1.3: Further Analysis on Performance of New Cryptographic Standards
by Konstantina Souvatzidaki and Konstantinos Limniotis
Cryptography 2025, 9(4), 73; https://doi.org/10.3390/cryptography9040073 - 21 Nov 2025
Viewed by 1246
Abstract
The emergence of quantum computing presents a significant threat to classical cryptographic primitives, particularly those employed in securing internet communications via widely used protocols such as Transport Layer Security (TLS). As conventional key exchange mechanisms will become increasingly vulnerable in the post-quantum era, [...] Read more.
The emergence of quantum computing presents a significant threat to classical cryptographic primitives, particularly those employed in securing internet communications via widely used protocols such as Transport Layer Security (TLS). As conventional key exchange mechanisms will become increasingly vulnerable in the post-quantum era, the integration of post-quantum cryptographic (PQC) algorithms into existing security protocols is of utmost importance. This study investigates the impact of incorporating PQC key encapsulation mechanisms—specifically, the recent standards CRYSTALS-Kyber and HQC, in conjunction with the candidate standard BIKE—into the TLS 1.3 handshake. A comprehensive experimental evaluation was conducted to measure handshake latency under emulated network conditions with varying packet loss probabilities. The findings offer useful insights into the performance trade-offs introduced by PQC integration and further highlight the necessity of a timely transition to post-quantum cryptographic standards. Full article
Show Figures

Figure 1

30 pages, 2917 KB  
Article
A Post-Quantum Cryptography Enabled Feature-Level Fusion Framework for Privacy-Preserving Multimodal Biometric Recognition
by David Palma and Pier Luca Montessoro
Cryptography 2025, 9(4), 72; https://doi.org/10.3390/cryptography9040072 - 19 Nov 2025
Viewed by 380
Abstract
As quantum computing continues to advance, it threatens the long-term protection of traditional cryptographic methods, especially in biometric authentication systems where it is important to protect sensitive data. To overcome this challenge, we present a comprehensive, privacy-preserving framework for multimodal biometric authentication that [...] Read more.
As quantum computing continues to advance, it threatens the long-term protection of traditional cryptographic methods, especially in biometric authentication systems where it is important to protect sensitive data. To overcome this challenge, we present a comprehensive, privacy-preserving framework for multimodal biometric authentication that can easily integrate any two binary-encoded modalities through feature-level fusion, ensuring that all sensitive information remains encrypted under a CKKS-based homomorphic encryption scheme resistant to both classical and quantum-enabled attacks. To demonstrate its versatility and effectiveness, we apply this framework to the retinal vascular patterns and palm vein features, which are inherently spoof-resistant and particularly well suited to high-security applications. This method not only ensures the secrecy of the combined biometric sample, but also enables the complete assessment of recognition performance and resilience against adversarial attacks. The results show that our approach provides protection against threats such as data leakage and replay attacks while maintaining high recognition performance and operational efficiency. These findings demonstrate the feasibility of integrating multimodal biometrics with post-quantum cryptography, giving a strong, privacy-oriented authentication solution suitable for mission-critical applications in the post-quantum era. Full article
Show Figures

Figure 1

22 pages, 958 KB  
Article
A Privacy-Preserving Scheme for V2V Double Auction Power Trading Based on Heterogeneous Signcryption and IoV
by Shaomin Zhang, Yiheng Huang and Baoyi Wang
Cryptography 2025, 9(4), 71; https://doi.org/10.3390/cryptography9040071 - 11 Nov 2025
Viewed by 284
Abstract
As electric vehicles (EVs) gain popularity, the existing public charging infrastructure is struggling to keep pace with the rapidly growing demand for the immediate charging needs of EVs. V2V power trading has gradually attracted widespread attention and development. EVs need to transmit sensitive [...] Read more.
As electric vehicles (EVs) gain popularity, the existing public charging infrastructure is struggling to keep pace with the rapidly growing demand for the immediate charging needs of EVs. V2V power trading has gradually attracted widespread attention and development. EVs need to transmit sensitive information, such as transaction plans, through communication entities in the Internet of Vehicles (IoV). This could lead to leaks of sensitive information, thereby threatening the fairness of transactions. In addition, due to the differences in the cryptographic systems of entities, communication between entities faces challenges. Therefore, a privacy-preserving scheme for V2V double auction power trading based on heterogeneous signcryption and IoV is proposed. Firstly, a heterogeneous signcryption algorithm is designed to realize secure communication from certificateless cryptography to identity-based cryptography. Secondly, the scheme employs a pseudonym mechanism to protect the real identities of EVs. Furthermore, a verification algorithm is designed to verify the information sent by EVs and ensure the traceability and revocation of malicious EVs. The theoretical analysis shows that the proposed scheme could serve common security functions, and the experiment demonstrates that the proposed scheme reduces communication costs by about 14.56% and the computational cost of aggregate decryption by 80.51% compared with other schemes in recent years. Full article
Show Figures

Figure 1

28 pages, 415 KB  
Article
A Scalable Symmetric Cryptographic Scheme Based on Latin Square, Permutations, and Reed-Muller Codes for Resilient Encryption
by Hussain Ahmad and Carolin Hannusch
Cryptography 2025, 9(4), 70; https://doi.org/10.3390/cryptography9040070 - 31 Oct 2025
Viewed by 494
Abstract
Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design [...] Read more.
Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design using binary representation with base-n Latin square mappings for non-linear substitutions, it supports any n (Codeword length and Latin square order), k (RM code dimension), d (RM code minimum distance) parameters aligned with the Latin square and RM(n,k,d) codes. The scheme employs 2log2n-round transformations using log2n permutations ρz, where in the additional log2n rounds, row and column pairs are swapped for each pair of rounds, with key-dependent πz permutations for round outputs and fixed ρz permutations for codeword shuffling, ensuring strong diffusion. The scheme leverages dynamic Latin square substitutions for confusion and a vast key space, with permutations ensuring strong diffusion and RM(n,k,d) codes correcting transmission errors and enhancing robustness against fault-based attacks. Precomputed components optimize deployment efficiency. The paper presents mathematical foundations, security primitives, and experimental results, including avalanche effect analysis, demonstrating flexibility and balancing enhanced security with computational and storage overhead. Full article
23 pages, 1008 KB  
Article
A Lightweight Decentralized Medical Data Sharing Scheme with Dual Verification
by Shaobo Zhang, Yijie Yin, Nangui Chen and Honghui Ning
Cryptography 2025, 9(4), 69; https://doi.org/10.3390/cryptography9040069 - 30 Oct 2025
Viewed by 392
Abstract
The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering [...] Read more.
The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering secure, efficient medical data sharing. Therefore, we propose LDDV, a lightweight decentralized medical data sharing scheme with dual verification. LDDV constructs a lightweight multi-authority collaborative key management architecture based on elliptic curve cryptography, which eliminates the risk of single point of failure and balances reliability and efficiency. Meanwhile, a lightweight dual verification mechanism based on elliptic curve digital signature provides identity authentication and data integrity verification. Security analysis and experimental results show that LDDV achieves 28–42% faster decryption speeds compared to existing schemes and resists specific threats such as chosen plaintext attacks. Full article
Show Figures

Figure 1

33 pages, 4531 KB  
Article
Enhancing Multi-Factor Authentication with Templateless 2D/3D Biometrics and PUF Integration for Securing Smart Devices
by Saloni Jain, Amisha Bagri, Maxime Cambou, Dina Ghanai Miandoab and Bertrand Cambou
Cryptography 2025, 9(4), 68; https://doi.org/10.3390/cryptography9040068 - 27 Oct 2025
Viewed by 695
Abstract
Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical [...] Read more.
Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical Unclonable Functions (PUFs) to achieve robust identity assurance. The protocol exhibits zero-knowledge properties, preventing adversaries from identifying whether authentication failure is due to the biometric, password, PUF, or liveness factor. The proposed protocol utilizes advanced facial landmark detection via dlib or mediapipe, capturing multi-angle facial data and mapping it. By applying a double-masking technique and measuring distances between randomized points, stabilized facial landmarks are selected through multiple images captured during enrollment to ensure template stability. The protocol creates high-entropy cryptographic keys, securely erasing all raw biometric data and sensitive keys immediately after processing. All key cryptographic operations and challenge-response exchanges employ post-quantum algorithms, providing resistance to both classical and quantum adversaries. To further enhance reliability, advanced error-correction methods mitigate noise in biometric and PUF responses, resulting in minimal FAR and FRR that meets industrial standards and resilience against spoofing. Our experimental results demonstrate this protocol’s suitability for smart devices and IoT deployments requiring high-assurance, scalable, and quantum-resistant authentication. Full article
(This article belongs to the Topic Recent Advances in Security, Privacy, and Trust)
Show Figures

Figure 1

23 pages, 13031 KB  
Article
Constructing 8 × 8 S-Boxes with Optimal Boolean Function Nonlinearity
by Phuc-Phan Duong and Cong-Kha Pham
Cryptography 2025, 9(4), 67; https://doi.org/10.3390/cryptography9040067 - 21 Oct 2025
Viewed by 1029
Abstract
Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best [...] Read more.
Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best results previously reported in the literature achieved an average nonlinearity of 114.5 across the coordinate Boolean functions of 8 × 8 S-boxes. Our proposed method surpasses this record, producing S-boxes whose coordinate functions exhibit an average nonlinearity of 116. This is a significant achievement as it reaches the best result to date for the nonlinearity of the coordinate Boolean functions of an S-Box. Our S-Box generation method is based on multiplication over the field GF(24) and 4×4 component S-Boxes. The approach is also highly effective, capable of producing a large number of S-Boxes with good cryptographic properties. Other cryptographic criteria, such as BIC, SAC, DAP, and LAP, though not fully optimal, remain within acceptable ranges when compared with other reported designs. In addition, a side-channel attack evaluation is presented, covering both parameter analysis and experimental results on a real system when applying the proposed S-Box in the AES algorithm. These results make it a leading solution for block cipher design. Full article
Show Figures

Figure 1

28 pages, 444 KB  
Article
On the Homomorphic Properties of Kyber and McEliece with Application to Post-Quantum Private Set Intersection
by Anas A. Abudaqa, Khaled Alshehri and Muhamad Felemban
Cryptography 2025, 9(4), 66; https://doi.org/10.3390/cryptography9040066 - 20 Oct 2025
Viewed by 830
Abstract
Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known [...] Read more.
Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known for its exceptional robustness and as one of the finalists of the fourth round of post-quantum cryptography standardization. Private set intersection (PSI) is a privacy-preserving technique that enables two parties, each possessing a dataset, to compute the intersection of their sets without revealing anything else. This can be achieved thanks to homomorphic encryption (HE), which allows computations on encrypted data. In this paper, firstly, we study Kyber and McEliece, apart from being KEMs, as post-quantum public key encryption (PKE), and examine their homomorphic properties. Secondly, we design two different two-party PSI protocols that utilize the homomorphic capabilities of Kyber and McEliece. Thirdly, a practical performance evaluation under NIST’s security levels 1, 3, and 5 is conducted, focusing on three key metrics: storage overhead, communication overhead, and computation cost. Insights indicate that the Kyber-based PSI Protocol, which utilizes the multiplicative homomorphic property, is secure but less efficient. In contrast, the McEliece-based PSI protocol, while efficient in practice, raises concerns regarding its security as a homomorphic encryption scheme. Full article
Show Figures

Figure 1

18 pages, 1647 KB  
Article
A Two-Layer Transaction Network-Based Method for Virtual Currency Address Identity Recognition
by Lingling Xia, Tao Zhu, Zhengjun Jing, Qun Wang, Zhuo Ma, Zimo Huang and Ziyu Yin
Cryptography 2025, 9(4), 65; https://doi.org/10.3390/cryptography9040065 - 11 Oct 2025
Viewed by 1414
Abstract
Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token [...] Read more.
Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token on the Tron blockchain, we propose a two-layer transaction network-based approach for virtual currency address identity recognition for digging out hidden relationships and encrypted assets. Specifically, a two-layer transaction network is constructed: Layer A describes the flow of USDT-TRC20 between on-chain addresses over time, while Layer B represents the flow of TRX between on-chain addresses over time. Subsequently, an identity metric is proposed to determine whether a pair of addresses belongs to the same user or group. Furthermore, transaction records are systematically acquired through blockchain explorers, and the efficacy of the proposed recognition method is empirically validated using dataset from the Key Laboratory of Digital Forensics. Finally, the transaction topology is visualized using Neo4j, providing a comprehensive and intuitive representation of the traced transaction pathways. Full article
(This article belongs to the Section Blockchain Security)
Show Figures

Figure 1

20 pages, 8727 KB  
Article
Comparative Deep Learning-Based Side-Channel Analysis of an FPGA-Based CRYSTALS-Kyber NTT Accelerator
by Munkhbaatar Chinbat, Liji Wu, Xiangmin Zhang, Yifan Yang and Man Wei
Cryptography 2025, 9(4), 64; https://doi.org/10.3390/cryptography9040064 - 9 Oct 2025
Viewed by 1892
Abstract
Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and [...] Read more.
Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and RNN, while systematically optimizing their hyperparameters to achieve the best performance. The paper uses a case study of the Number Theoretic Transform accelerator for the CRYSTALS-Kyber key encapsulation mechanism to show that enhanced deep learning analysis can be used to break security. The best-performing deep learning-based model achieved a 96.64% accuracy in classifying pairwise coefficients of the s vector, which is used to generate the secret key with the NTT accelerator for Kyber768 and Kyber1024. For Kyber512, the model achieved an accuracy of 95.71%. The proposed approach significantly improves average training efficiency, with POIs achieving up to 1.45 times faster performance for MLP models, 10.53 times faster for CNNs, and 10.28 times faster for RNNs compared to deep learning methods without POIs, while maintaining high accuracy in side-channel analysis. Full article
Show Figures

Figure 1

31 pages, 2417 KB  
Article
An Optimized Framework for Detecting Suspicious Accounts in the Ethereum Blockchain Network
by Noha E. El-Attar, Marwa H. Salama, Mohamed Abdelfattah and Sanaa Taha
Cryptography 2025, 9(4), 63; https://doi.org/10.3390/cryptography9040063 - 28 Sep 2025
Viewed by 952
Abstract
Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model [...] Read more.
Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model employs Particle Swarm Optimization (PSO) to select optimal feature subsets. Additionally, three machine learning algorithms—XGBoost, Isolation Forest (IF), and Support Vector Machine (SVM)—are employed to detect suspicious accounts. A Genetic Algorithm (GA) is further applied to determine the optimal hyperparameters for each machine learning model. The evaluations demonstrate the superiority of the XGBoost algorithm over SVM and IF, particularly when enhanced with GA. It achieved accuracy, precision, recall, and F1-score values of 0.98, 0.97, 0.98, and 0.97, respectively. After applying GA, XGBoost’s performance metrics improved to 0.99 across all categories. Full article
(This article belongs to the Section Blockchain Security)
Show Figures

Figure 1

39 pages, 505 KB  
Review
A Survey of Post-Quantum Oblivious Protocols
by Altana Khutsaeva, Anton Leevik and Sergey Bezzateev
Cryptography 2025, 9(4), 62; https://doi.org/10.3390/cryptography9040062 - 27 Sep 2025
Viewed by 2028
Abstract
Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known [...] Read more.
Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known as oblivious protocols, address this issue. They ensure that no party learns more than necessary. This survey analyzes the security and performance of post-quantum oblivious protocols, with a focus on oblivious transfer and oblivious pseudorandom functions. The evaluation assesses resilience against malicious adversaries in the Universal Composability framework. Efficiency is quantified through communication and computational overhead. It identifies optimal scenarios for these protocols. This paper also surveys related primitives, such as oblivious signatures and data structures, along with their applications. Key findings highlight the inherent trade-offs between computational cost and communication complexity in post-quantum oblivious constructions. Open challenges and future research directions are outlined. Emphasis is placed on quantum-resistant designs and formal security proofs in stronger adversarial models. Full article
(This article belongs to the Collection Survey of Cryptographic Topics)
Show Figures

Figure 1

19 pages, 255 KB  
Review
From Black Boxes to Glass Boxes: Explainable AI for Trustworthy Deepfake Forensics
by Hanwei Qian, Lingling Xia, Ruihao Ge, Yiming Fan, Qun Wang and Zhengjun Jing
Cryptography 2025, 9(4), 61; https://doi.org/10.3390/cryptography9040061 - 26 Sep 2025
Viewed by 1925
Abstract
As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. [...] Read more.
As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. To address this gap in trust, explainability has become a key research focus. This paper provides a systematic review of explainable deepfake detection methods, categorizing them into three main approaches: forensic analysis, which identifies physical or algorithmic manipulation traces; model-centric methods, which enhance transparency through post hoc explanations or pre-designed processes; and multimodal and natural language explanations, which translate results into human-understandable reports. The paper also examines evaluation frameworks, datasets, and current challenges, underscoring the necessity for trustworthy, reliable, and interpretable detection technologies in combating digital misinformation. Full article
42 pages, 2989 KB  
Article
Privacy-Driven Classification of Contact Tracing Platforms: Architecture and Adoption Insights
by Sidra Anwar and Jonathan Anderson
Cryptography 2025, 9(4), 60; https://doi.org/10.3390/cryptography9040060 - 24 Sep 2025
Viewed by 1273
Abstract
Digital contact-tracing (CT) systems differ in how they process risk and expose data, and the centralized–decentralized dichotomy obscures these choices. We propose a modular six-model classification and evaluate 18 platforms across 12 countries (July 2020–April 2021) using a 24-indicator rubric spanning privacy, security, [...] Read more.
Digital contact-tracing (CT) systems differ in how they process risk and expose data, and the centralized–decentralized dichotomy obscures these choices. We propose a modular six-model classification and evaluate 18 platforms across 12 countries (July 2020–April 2021) using a 24-indicator rubric spanning privacy, security, functionality, and governance. Methods include double-coding with Cohen’s κ for inter-rater agreement and a 1000-draw weight-sensitivity check; assumptions and adversaries are stated in a concise threat model. Results: No single model dominates; Bulletin Board and Custodian consistently form the top tier on privacy goals, while Fully Centralized eases verification/notification workflows. Timelines show rapid GAEN uptake and near-contemporaneous open-source releases, with one late outlier. Contributions: (i) A practical, generalizable classification that makes compute-locus and data addressability explicit; (ii) a transparent indicator rubric with an evidence index enabling traceable scoring; and (iii) empirically grounded guidance aligning deployments with goals G1–G3 (PII secrecy, notification authenticity, unlinkability). Limitations include reliance on public documentation and architecture-level (not mechanized) verification; future work targets formal proofs and expanded double-coding. The framework and findings generalize beyond COVID-19 to privacy-preserving digital-health workflows. Full article
(This article belongs to the Topic Recent Advances in Security, Privacy, and Trust)
Show Figures

Graphical abstract

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-21
Previous Issue
Next Issue
Back to TopTop