Cryptography

23 pages, 442 KB

Open AccessArticle

Efficient CCA2-Secure IBKEM from Lattices in the Standard Model

by Ngoc Ai Van Nguyen, Dung Hoang Duong and Minh Thuy Truc Pham

Cryptography 2025, 9(4), 79; https://doi.org/10.3390/cryptography9040079 - 10 Dec 2025

Recent work at SCN 2020 by Boyen, Izabachène, and Li introduced a lattice-based key-encapsulation mechanism (KEM) that achieves CCA2-security in the standard model without relying on generic transformations. Their proof, however, leaves a few gaps that prevent a fully rigorous security justification. Building [...] Read more.

Recent work at SCN 2020 by Boyen, Izabachène, and Li introduced a lattice-based key-encapsulation mechanism (KEM) that achieves CCA2-security in the standard model without relying on generic transformations. Their proof, however, leaves a few gaps that prevent a fully rigorous security justification. Building on the same design rationale, we revisit that construction and refine it to obtain a more compact and provably secure KEM under the Learning With Errors assumption. Furthermore, we extend this framework to derive an identity-based variant (IBKEM) whose security is established in the same model. The resulting schemes combine conceptual simplicity with improved efficiency and complete proofs of adaptive-ciphertext security. Full article

16 pages, 434 KB

Open AccessArticle

Flexible and Area-Efficient Codesign Implementation of AES on FPGA

by Oussama Azzouzi, Mohamed Anane, Mohamed Chahine Ghanem, Yassine Himeur and Dominik Wojtczak

Cryptography 2025, 9(4), 78; https://doi.org/10.3390/cryptography9040078 - 1 Dec 2025

Cited by 1

Abstract

As embedded and IoT systems demand secure and compact encryption, developing cryptographic solutions that are both lightweight and efficient remains a major challenge. Many existing AES implementations either lack flexibility or consume excessive hardware resources. This paper presents an area-efficient and flexible AES-128 [...] Read more.

As embedded and IoT systems demand secure and compact encryption, developing cryptographic solutions that are both lightweight and efficient remains a major challenge. Many existing AES implementations either lack flexibility or consume excessive hardware resources. This paper presents an area-efficient and flexible AES-128 implementation based on a hardware/software (HW/SW) co-design, specifically optimized for platforms with limited hardware resources, resulting in reduced power consumption. In this approach, key expansion is performed in software on a lightweight MicroBlaze processor, while encryption and decryption are accelerated by dedicated hardware IP cores optimized at the Look-up Table (LuT) level. The design is implemented on a Xilinx XC5VLX50T Virtex-5 FPGA, synthesized using Xilinx ISE 14.7, and tested at a 100 MHz system clock. It achieves a throughput of 13.3 Gbps and an area efficiency of 5.44 Gbps per slice, requiring only 2303 logic slices and 7 BRAMs on a Xilinx FPGA. It is particularly well-suited for resource-constrained applications such as IoT nodes, secure mobile devices, and smart cards. Since key expansion is executed only once per session, the runtime is dominated by AES core operations, enabling efficient processing of large data volumes. Although the present implementation targets AES-128, the HW/SW partitioning allows straightforward extension to AES-192 and AES-256 by modifying only the software Key expansion module, ensuring practical scalability with no hardware changes. Moreover, the architecture offers a balanced trade-off between performance, flexibility and resource utilization without relying on complex pipelining. Experimental results demonstrate the effectiveness and flexibility of the proposed lightweight design. Full article

► Show Figures

Figure 1

25 pages, 857 KB

Open AccessArticle

Evaluation of the Impact of AES Encryption on Query Read Performance Across Oracle, MySQL, and SQL Server Databases

by Márcio Carvalho, Filipe Sá and Jorge Bernardino

Cryptography 2025, 9(4), 77; https://doi.org/10.3390/cryptography9040077 - 29 Nov 2025

Abstract

Data security is essential for protecting sensitive information that could compromise both the sender and the receiver. Encryption mechanisms, such as the Advanced Encryption Standard (AES), play a key role in this protection. However, encrypting or decrypting data can significantly impact the performance [...] Read more.

Data security is essential for protecting sensitive information that could compromise both the sender and the receiver. Encryption mechanisms, such as the Advanced Encryption Standard (AES), play a key role in this protection. However, encrypting or decrypting data can significantly impact the performance of the database. This study aims to evaluate the impact of AES on the performance of SQL Server, Oracle, and MySQL when using Transparent Data Encryption (TDE) with the Transaction Processing Performance Council-H (TPC-H) benchmark at different Scale Factors. Performance was assessed using metrics such as elapsed time and system resource usage. In terms of scalability and performance efficiency, SQL Server proved to be the best among the databases tested. However, TDE introduced performance overhead compared to non-encryption test cases. Full article

► Show Figures

Figure 1

27 pages, 5275 KB

Open AccessArticle

Verifiable Multi-Authority Attribute-Based Encryption with Keyword Search Based on MLWE

by Saba Karimani and Taraneh Eghlidos

Cryptography 2025, 9(4), 76; https://doi.org/10.3390/cryptography9040076 - 28 Nov 2025

Abstract

Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often [...] Read more.

Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often suffer from limited security and functionality, such as lack of verifiability, vulnerability to collusion, and insider keyword-guessing attacks (IKGA), or inefficiency in multi-authority and post-quantum settings, restricting their practical deployment in real-world distributed systems. In this paper, we propose a verifiable ciphertext-policy multi-authority ABKS (MA-CP-ABKS) scheme based on the Module Learning with Errors (MLWE) problem, which provides post-quantum security, verifiability, and resistance to both collusion and IKGA. Moreover, the proposed scheme supports multi-keyword searchability and forward security, enabling secure and efficient keyword search in dynamic environments. We formally prove the correctness, verifiability, completeness, and security of the scheme under the MLWE assumption against selective chosen-keyword attacks (SCKA) in the standard model and IKGA in the random oracle model. The scheme also maintains efficient computation and manageable communication overhead. Implementation results confirm its practical performance, demonstrating that the proposed MA-CP-ABKS scheme offers a secure, verifiable, and efficient solution for multi-organizational cloud environments. Full article

► Show Figures

Figure 1

16 pages, 720 KB

Open AccessArticle

STAR: Self-Training Assisted Refinement for Side-Channel Analysis on Cryptosystems

by Yuheng Qian, Jing Gao, Yuhan Qian, Yaoling Ding and An Wang

Cryptography 2025, 9(4), 75; https://doi.org/10.3390/cryptography9040075 - 27 Nov 2025

Abstract

Reconstructing cryptographic operation sequences through side-channel analysis is essential for recovering private keys, but practical attacks are hindered by unlabeled, noisy, and high-dimensional power traces that challenge accurate classification. To address this, we propose STAR, a two-stage unsupervised clustering correction framework. First, a [...] Read more.

Reconstructing cryptographic operation sequences through side-channel analysis is essential for recovering private keys, but practical attacks are hindered by unlabeled, noisy, and high-dimensional power traces that challenge accurate classification. To address this, we propose STAR, a two-stage unsupervised clustering correction framework. First, a Gaussian Mixture Model (GMM) performs an initial clustering to generate reliable pseudo-labels from high-confidence samples. Next, a self-training mechanism uses these pseudo-labels to train a Convolutional Neural Network (CNN), which then iteratively reclassifies low-confidence samples to refine the entire dataset. Validated on standard ECC, RSA, and SM2 datasets, our framework achieved 100% classification accuracy, demonstrating a significant improvement of 12% to 48% over state-of-the-art methods. These findings confirm that STAR is an effective and robust framework for enhancing the precision of unsupervised side-channel analysis, thereby strengthening key recovery attacks. Full article

(This article belongs to the Section Hardware Security)

► Show Figures

Figure 1

34 pages, 1196 KB

Open AccessReview

A Review on Blockchain-Based Trust and Reputation Schemes in Metaverse Environments

by Firdous Kausar, Hafiz M. Asif, Sajid Hussain and Shahid Mumtaz

Cryptography 2025, 9(4), 74; https://doi.org/10.3390/cryptography9040074 - 25 Nov 2025

Abstract

The metaverse represents a transformative integration of virtual and physical worlds, offering unprecedented opportunities for social interaction, commerce, education, healthcare, and entertainment. Establishing trust in these expansive and decentralized environments remains a critical challenge. Blockchain technology, with its decentralized, secure, and immutable nature, [...] Read more.

The metaverse represents a transformative integration of virtual and physical worlds, offering unprecedented opportunities for social interaction, commerce, education, healthcare, and entertainment. Establishing trust in these expansive and decentralized environments remains a critical challenge. Blockchain technology, with its decentralized, secure, and immutable nature, is emerging as an essential pillar of trust and digital asset ownership within the metaverse. This paper provides an extensive review of blockchain-enabled trust and reputation frameworks specifically tailored to metaverse ecosystems. We present an in-depth analysis of existing blockchain solutions across diverse metaverse domains, including gaming, virtual real estate, healthcare, and education. Our core contributions include a comprehensive taxonomy that classifies current trust and reputation schemes by their underlying mechanisms, threat models addressed, and their architectural strategies. We provide a comparative benchmark analysis evaluating key performance metrics such as security robustness, scalability, user privacy, and cross-platform interoperability, revealing critical trade-offs inherent in current designs. Our analysis finds that score-based designs trade scalability for nuanced reputation representation, while SSI- and SBT-based approaches improve Sybil-resistance but introduce significant privacy governance challenges. Finally, we outline unresolved research challenges, including cross-platform reputation portability, privacy-preserving computation, real-time trust management, and standardized governance structures. Full article

(This article belongs to the Section Blockchain Security)

► Show Figures

Figure 1

24 pages, 1028 KB

Open AccessArticle

Post-Quantum Key Exchange in TLS 1.3: Further Analysis on Performance of New Cryptographic Standards

by Konstantina Souvatzidaki and Konstantinos Limniotis

Cryptography 2025, 9(4), 73; https://doi.org/10.3390/cryptography9040073 - 21 Nov 2025

Abstract

The emergence of quantum computing presents a significant threat to classical cryptographic primitives, particularly those employed in securing internet communications via widely used protocols such as Transport Layer Security (TLS). As conventional key exchange mechanisms will become increasingly vulnerable in the post-quantum era, [...] Read more.

The emergence of quantum computing presents a significant threat to classical cryptographic primitives, particularly those employed in securing internet communications via widely used protocols such as Transport Layer Security (TLS). As conventional key exchange mechanisms will become increasingly vulnerable in the post-quantum era, the integration of post-quantum cryptographic (PQC) algorithms into existing security protocols is of utmost importance. This study investigates the impact of incorporating PQC key encapsulation mechanisms—specifically, the recent standards CRYSTALS-Kyber and HQC, in conjunction with the candidate standard BIKE—into the TLS 1.3 handshake. A comprehensive experimental evaluation was conducted to measure handshake latency under emulated network conditions with varying packet loss probabilities. The findings offer useful insights into the performance trade-offs introduced by PQC integration and further highlight the necessity of a timely transition to post-quantum cryptographic standards. Full article

► Show Figures

Figure 1

30 pages, 2917 KB

Open AccessArticle

A Post-Quantum Cryptography Enabled Feature-Level Fusion Framework for Privacy-Preserving Multimodal Biometric Recognition

by David Palma and Pier Luca Montessoro

Cryptography 2025, 9(4), 72; https://doi.org/10.3390/cryptography9040072 - 19 Nov 2025

Abstract

As quantum computing continues to advance, it threatens the long-term protection of traditional cryptographic methods, especially in biometric authentication systems where it is important to protect sensitive data. To overcome this challenge, we present a comprehensive, privacy-preserving framework for multimodal biometric authentication that [...] Read more.

As quantum computing continues to advance, it threatens the long-term protection of traditional cryptographic methods, especially in biometric authentication systems where it is important to protect sensitive data. To overcome this challenge, we present a comprehensive, privacy-preserving framework for multimodal biometric authentication that can easily integrate any two binary-encoded modalities through feature-level fusion, ensuring that all sensitive information remains encrypted under a CKKS-based homomorphic encryption scheme resistant to both classical and quantum-enabled attacks. To demonstrate its versatility and effectiveness, we apply this framework to the retinal vascular patterns and palm vein features, which are inherently spoof-resistant and particularly well suited to high-security applications. This method not only ensures the secrecy of the combined biometric sample, but also enables the complete assessment of recognition performance and resilience against adversarial attacks. The results show that our approach provides protection against threats such as data leakage and replay attacks while maintaining high recognition performance and operational efficiency. These findings demonstrate the feasibility of integrating multimodal biometrics with post-quantum cryptography, giving a strong, privacy-oriented authentication solution suitable for mission-critical applications in the post-quantum era. Full article

► Show Figures

Figure 1

22 pages, 958 KB

Open AccessArticle

A Privacy-Preserving Scheme for V2V Double Auction Power Trading Based on Heterogeneous Signcryption and IoV

by Shaomin Zhang, Yiheng Huang and Baoyi Wang

Cryptography 2025, 9(4), 71; https://doi.org/10.3390/cryptography9040071 - 11 Nov 2025

Abstract

As electric vehicles (EVs) gain popularity, the existing public charging infrastructure is struggling to keep pace with the rapidly growing demand for the immediate charging needs of EVs. V2V power trading has gradually attracted widespread attention and development. EVs need to transmit sensitive [...] Read more.

As electric vehicles (EVs) gain popularity, the existing public charging infrastructure is struggling to keep pace with the rapidly growing demand for the immediate charging needs of EVs. V2V power trading has gradually attracted widespread attention and development. EVs need to transmit sensitive information, such as transaction plans, through communication entities in the Internet of Vehicles (IoV). This could lead to leaks of sensitive information, thereby threatening the fairness of transactions. In addition, due to the differences in the cryptographic systems of entities, communication between entities faces challenges. Therefore, a privacy-preserving scheme for V2V double auction power trading based on heterogeneous signcryption and IoV is proposed. Firstly, a heterogeneous signcryption algorithm is designed to realize secure communication from certificateless cryptography to identity-based cryptography. Secondly, the scheme employs a pseudonym mechanism to protect the real identities of EVs. Furthermore, a verification algorithm is designed to verify the information sent by EVs and ensure the traceability and revocation of malicious EVs. The theoretical analysis shows that the proposed scheme could serve common security functions, and the experiment demonstrates that the proposed scheme reduces communication costs by about 14.56% and the computational cost of aggregate decryption by 80.51% compared with other schemes in recent years. Full article

► Show Figures

Figure 1

28 pages, 415 KB

Open AccessArticle

A Scalable Symmetric Cryptographic Scheme Based on Latin Square, Permutations, and Reed-Muller Codes for Resilient Encryption

by Hussain Ahmad and Carolin Hannusch

Cryptography 2025, 9(4), 70; https://doi.org/10.3390/cryptography9040070 - 31 Oct 2025

Abstract

Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design [...] Read more.

Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design using binary representation with base-n Latin square mappings for non-linear substitutions, it supports any n (Codeword length and Latin square order), k (RM code dimension), d (RM code minimum distance) parameters aligned with the Latin square and

RM (n, k, d)

codes. The scheme employs

2 {log}_{2} n

-round transformations using

{log}_{2} n

permutations

ρ_{z}

, where in the additional

{log}_{2} n

rounds, row and column pairs are swapped for each pair of rounds, with key-dependent

π_{z}

permutations for round outputs and fixed

ρ_{z}

permutations for codeword shuffling, ensuring strong diffusion. The scheme leverages dynamic Latin square substitutions for confusion and a vast key space, with permutations ensuring strong diffusion and

RM (n, k, d)

codes correcting transmission errors and enhancing robustness against fault-based attacks. Precomputed components optimize deployment efficiency. The paper presents mathematical foundations, security primitives, and experimental results, including avalanche effect analysis, demonstrating flexibility and balancing enhanced security with computational and storage overhead. Full article

23 pages, 1008 KB

Open AccessArticle

A Lightweight Decentralized Medical Data Sharing Scheme with Dual Verification

by Shaobo Zhang, Yijie Yin, Nangui Chen and Honghui Ning

Cryptography 2025, 9(4), 69; https://doi.org/10.3390/cryptography9040069 - 30 Oct 2025

Abstract

The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering [...] Read more.

The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering secure, efficient medical data sharing. Therefore, we propose LDDV, a lightweight decentralized medical data sharing scheme with dual verification. LDDV constructs a lightweight multi-authority collaborative key management architecture based on elliptic curve cryptography, which eliminates the risk of single point of failure and balances reliability and efficiency. Meanwhile, a lightweight dual verification mechanism based on elliptic curve digital signature provides identity authentication and data integrity verification. Security analysis and experimental results show that LDDV achieves 28–42% faster decryption speeds compared to existing schemes and resists specific threats such as chosen plaintext attacks. Full article

► Show Figures

Figure 1

33 pages, 4531 KB

Open AccessArticle

Enhancing Multi-Factor Authentication with Templateless 2D/3D Biometrics and PUF Integration for Securing Smart Devices

by Saloni Jain, Amisha Bagri, Maxime Cambou, Dina Ghanai Miandoab and Bertrand Cambou

Cryptography 2025, 9(4), 68; https://doi.org/10.3390/cryptography9040068 - 27 Oct 2025

Abstract

Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical [...] Read more.

Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical Unclonable Functions (PUFs) to achieve robust identity assurance. The protocol exhibits zero-knowledge properties, preventing adversaries from identifying whether authentication failure is due to the biometric, password, PUF, or liveness factor. The proposed protocol utilizes advanced facial landmark detection via dlib or mediapipe, capturing multi-angle facial data and mapping it. By applying a double-masking technique and measuring distances between randomized points, stabilized facial landmarks are selected through multiple images captured during enrollment to ensure template stability. The protocol creates high-entropy cryptographic keys, securely erasing all raw biometric data and sensitive keys immediately after processing. All key cryptographic operations and challenge-response exchanges employ post-quantum algorithms, providing resistance to both classical and quantum adversaries. To further enhance reliability, advanced error-correction methods mitigate noise in biometric and PUF responses, resulting in minimal FAR and FRR that meets industrial standards and resilience against spoofing. Our experimental results demonstrate this protocol’s suitability for smart devices and IoT deployments requiring high-assurance, scalable, and quantum-resistant authentication. Full article

(This article belongs to the Topic Recent Advances in Security, Privacy, and Trust)

► Show Figures

Figure 1

23 pages, 13031 KB

Open AccessArticle

Constructing 8 × 8 S-Boxes with Optimal Boolean Function Nonlinearity

by Phuc-Phan Duong and Cong-Kha Pham

Cryptography 2025, 9(4), 67; https://doi.org/10.3390/cryptography9040067 - 21 Oct 2025

Abstract

Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best [...] Read more.

Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best results previously reported in the literature achieved an average nonlinearity of 114.5 across the coordinate Boolean functions of 8 × 8 S-boxes. Our proposed method surpasses this record, producing S-boxes whose coordinate functions exhibit an average nonlinearity of 116. This is a significant achievement as it reaches the best result to date for the nonlinearity of the coordinate Boolean functions of an S-Box. Our S-Box generation method is based on multiplication over the field

G F (2^{4})

and

4 \times 4

component S-Boxes. The approach is also highly effective, capable of producing a large number of S-Boxes with good cryptographic properties. Other cryptographic criteria, such as BIC, SAC, DAP, and LAP, though not fully optimal, remain within acceptable ranges when compared with other reported designs. In addition, a side-channel attack evaluation is presented, covering both parameter analysis and experimental results on a real system when applying the proposed S-Box in the AES algorithm. These results make it a leading solution for block cipher design. Full article

► Show Figures

Figure 1

28 pages, 444 KB

Open AccessArticle

On the Homomorphic Properties of Kyber and McEliece with Application to Post-Quantum Private Set Intersection

by Anas A. Abudaqa, Khaled Alshehri and Muhamad Felemban

Cryptography 2025, 9(4), 66; https://doi.org/10.3390/cryptography9040066 - 20 Oct 2025

Abstract

Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known [...] Read more.

Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known for its exceptional robustness and as one of the finalists of the fourth round of post-quantum cryptography standardization. Private set intersection (PSI) is a privacy-preserving technique that enables two parties, each possessing a dataset, to compute the intersection of their sets without revealing anything else. This can be achieved thanks to homomorphic encryption (HE), which allows computations on encrypted data. In this paper, firstly, we study Kyber and McEliece, apart from being KEMs, as post-quantum public key encryption (PKE), and examine their homomorphic properties. Secondly, we design two different two-party PSI protocols that utilize the homomorphic capabilities of Kyber and McEliece. Thirdly, a practical performance evaluation under NIST’s security levels 1, 3, and 5 is conducted, focusing on three key metrics: storage overhead, communication overhead, and computation cost. Insights indicate that the Kyber-based PSI Protocol, which utilizes the multiplicative homomorphic property, is secure but less efficient. In contrast, the McEliece-based PSI protocol, while efficient in practice, raises concerns regarding its security as a homomorphic encryption scheme. Full article

► Show Figures

Figure 1

18 pages, 1647 KB

Open AccessArticle

A Two-Layer Transaction Network-Based Method for Virtual Currency Address Identity Recognition

by Lingling Xia, Tao Zhu, Zhengjun Jing, Qun Wang, Zhuo Ma, Zimo Huang and Ziyu Yin

Cryptography 2025, 9(4), 65; https://doi.org/10.3390/cryptography9040065 - 11 Oct 2025

Abstract

Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token [...] Read more.

Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token on the Tron blockchain, we propose a two-layer transaction network-based approach for virtual currency address identity recognition for digging out hidden relationships and encrypted assets. Specifically, a two-layer transaction network is constructed: Layer A describes the flow of USDT-TRC20 between on-chain addresses over time, while Layer B represents the flow of TRX between on-chain addresses over time. Subsequently, an identity metric is proposed to determine whether a pair of addresses belongs to the same user or group. Furthermore, transaction records are systematically acquired through blockchain explorers, and the efficacy of the proposed recognition method is empirically validated using dataset from the Key Laboratory of Digital Forensics. Finally, the transaction topology is visualized using Neo4j, providing a comprehensive and intuitive representation of the traced transaction pathways. Full article

(This article belongs to the Section Blockchain Security)

► Show Figures

Figure 1

20 pages, 8727 KB

Open AccessArticle

Comparative Deep Learning-Based Side-Channel Analysis of an FPGA-Based CRYSTALS-Kyber NTT Accelerator

by Munkhbaatar Chinbat, Liji Wu, Xiangmin Zhang, Yifan Yang and Man Wei

Cryptography 2025, 9(4), 64; https://doi.org/10.3390/cryptography9040064 - 9 Oct 2025

Abstract

Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and [...] Read more.

Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and RNN, while systematically optimizing their hyperparameters to achieve the best performance. The paper uses a case study of the Number Theoretic Transform accelerator for the CRYSTALS-Kyber key encapsulation mechanism to show that enhanced deep learning analysis can be used to break security. The best-performing deep learning-based model achieved a 96.64% accuracy in classifying pairwise coefficients of the s vector, which is used to generate the secret key with the NTT accelerator for Kyber768 and Kyber1024. For Kyber512, the model achieved an accuracy of 95.71%. The proposed approach significantly improves average training efficiency, with POIs achieving up to 1.45 times faster performance for MLP models, 10.53 times faster for CNNs, and 10.28 times faster for RNNs compared to deep learning methods without POIs, while maintaining high accuracy in side-channel analysis. Full article

► Show Figures

Figure 1

31 pages, 2417 KB

Open AccessArticle

An Optimized Framework for Detecting Suspicious Accounts in the Ethereum Blockchain Network

by Noha E. El-Attar, Marwa H. Salama, Mohamed Abdelfattah and Sanaa Taha

Cryptography 2025, 9(4), 63; https://doi.org/10.3390/cryptography9040063 - 28 Sep 2025

Abstract

Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model [...] Read more.

Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model employs Particle Swarm Optimization (PSO) to select optimal feature subsets. Additionally, three machine learning algorithms—XGBoost, Isolation Forest (IF), and Support Vector Machine (SVM)—are employed to detect suspicious accounts. A Genetic Algorithm (GA) is further applied to determine the optimal hyperparameters for each machine learning model. The evaluations demonstrate the superiority of the XGBoost algorithm over SVM and IF, particularly when enhanced with GA. It achieved accuracy, precision, recall, and F1-score values of 0.98, 0.97, 0.98, and 0.97, respectively. After applying GA, XGBoost’s performance metrics improved to 0.99 across all categories. Full article

(This article belongs to the Section Blockchain Security)

► Show Figures

Figure 1

39 pages, 505 KB

Open AccessReview

A Survey of Post-Quantum Oblivious Protocols

by Altana Khutsaeva, Anton Leevik and Sergey Bezzateev

Cryptography 2025, 9(4), 62; https://doi.org/10.3390/cryptography9040062 - 27 Sep 2025

Abstract

Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known [...] Read more.

Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known as oblivious protocols, address this issue. They ensure that no party learns more than necessary. This survey analyzes the security and performance of post-quantum oblivious protocols, with a focus on oblivious transfer and oblivious pseudorandom functions. The evaluation assesses resilience against malicious adversaries in the Universal Composability framework. Efficiency is quantified through communication and computational overhead. It identifies optimal scenarios for these protocols. This paper also surveys related primitives, such as oblivious signatures and data structures, along with their applications. Key findings highlight the inherent trade-offs between computational cost and communication complexity in post-quantum oblivious constructions. Open challenges and future research directions are outlined. Emphasis is placed on quantum-resistant designs and formal security proofs in stronger adversarial models. Full article

(This article belongs to the Collection Survey of Cryptographic Topics)

► Show Figures

Figure 1

19 pages, 255 KB

Open AccessReview

From Black Boxes to Glass Boxes: Explainable AI for Trustworthy Deepfake Forensics

by Hanwei Qian, Lingling Xia, Ruihao Ge, Yiming Fan, Qun Wang and Zhengjun Jing

Cryptography 2025, 9(4), 61; https://doi.org/10.3390/cryptography9040061 - 26 Sep 2025

Abstract

As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. [...] Read more.

As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. To address this gap in trust, explainability has become a key research focus. This paper provides a systematic review of explainable deepfake detection methods, categorizing them into three main approaches: forensic analysis, which identifies physical or algorithmic manipulation traces; model-centric methods, which enhance transparency through post hoc explanations or pre-designed processes; and multimodal and natural language explanations, which translate results into human-understandable reports. The paper also examines evaluation frameworks, datasets, and current challenges, underscoring the necessity for trustworthy, reliable, and interpretable detection technologies in combating digital misinformation. Full article

Journal Description

Cryptography

Latest Articles

Journal Menu

Journal Browser

Highly Accessed Articles

Latest Books

E-Mail Alert

News

Topics

Conferences

Special Issues

Topical Collections

Further Information

Guidelines

MDPI Initiatives

Follow MDPI