Cryptography

28 pages, 415 KB

Open AccessArticle

A Scalable Symmetric Cryptographic Scheme Based on Latin Square, Permutations, and Reed-Muller Codes for Resilient Encryption

by Hussain Ahmad and Carolin Hannusch

Cryptography 2025, 9(4), 70; https://doi.org/10.3390/cryptography9040070 - 31 Oct 2025

Abstract

Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design [...] Read more.

Symmetric cryptography is essential for secure communication as it ensures confidentiality by using shared secret keys. This paper proposes a novel substitution-permutation network (SPN) that integrates Latin squares, permutations, and Reed-Muller (RM) codes to achieve robust security and resilience. As an adaptive design using binary representation with base-n Latin square mappings for non-linear substitutions, it supports any n (Codeword length and Latin square order), k (RM code dimension), d (RM code minimum distance) parameters aligned with the Latin square and

RM (n, k, d)

codes. The scheme employs

2 {log}_{2} n

-round transformations using

{log}_{2} n

permutations

ρ_{z}

, where in the additional

{log}_{2} n

rounds, row and column pairs are swapped for each pair of rounds, with key-dependent

π_{z}

permutations for round outputs and fixed

ρ_{z}

permutations for codeword shuffling, ensuring strong diffusion. The scheme leverages dynamic Latin square substitutions for confusion and a vast key space, with permutations ensuring strong diffusion and

RM (n, k, d)

codes correcting transmission errors and enhancing robustness against fault-based attacks. Precomputed components optimize deployment efficiency. The paper presents mathematical foundations, security primitives, and experimental results, including avalanche effect analysis, demonstrating flexibility and balancing enhanced security with computational and storage overhead. Full article

23 pages, 1008 KB

Open AccessArticle

A Lightweight Decentralized Medical Data Sharing Scheme with Dual Verification

by Shaobo Zhang, Yijie Yin, Nangui Chen and Honghui Ning

Cryptography 2025, 9(4), 69; https://doi.org/10.3390/cryptography9040069 - 30 Oct 2025

Abstract

The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering [...] Read more.

The rapid growth of smart healthcare improves medical efficiency through electronic data sharing but introduces security risks like privacy leaks and data tampering. However, existing ciphertext-policy attribute-based encryption faces challenges such as single points of failure, weak authentication, and inadequate integrity protection, hindering secure, efficient medical data sharing. Therefore, we propose LDDV, a lightweight decentralized medical data sharing scheme with dual verification. LDDV constructs a lightweight multi-authority collaborative key management architecture based on elliptic curve cryptography, which eliminates the risk of single point of failure and balances reliability and efficiency. Meanwhile, a lightweight dual verification mechanism based on elliptic curve digital signature provides identity authentication and data integrity verification. Security analysis and experimental results show that LDDV achieves 28–42% faster decryption speeds compared to existing schemes and resists specific threats such as chosen plaintext attacks. Full article

► Show Figures

Figure 1

33 pages, 4531 KB

Open AccessArticle

Enhancing Multi-Factor Authentication with Templateless 2D/3D Biometrics and PUF Integration for Securing Smart Devices

by Saloni Jain, Amisha Bagri, Maxime Cambou, Dina Ghanai Miandoab and Bertrand Cambou

Cryptography 2025, 9(4), 68; https://doi.org/10.3390/cryptography9040068 - 27 Oct 2025

Abstract

Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical [...] Read more.

Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical Unclonable Functions (PUFs) to achieve robust identity assurance. The protocol exhibits zero-knowledge properties, preventing adversaries from identifying whether authentication failure is due to the biometric, password, PUF, or liveness factor. The proposed protocol utilizes advanced facial landmark detection via dlib or mediapipe, capturing multi-angle facial data and mapping it. By applying a double-masking technique and measuring distances between randomized points, stabilized facial landmarks are selected through multiple images captured during enrollment to ensure template stability. The protocol creates high-entropy cryptographic keys, securely erasing all raw biometric data and sensitive keys immediately after processing. All key cryptographic operations and challenge-response exchanges employ post-quantum algorithms, providing resistance to both classical and quantum adversaries. To further enhance reliability, advanced error-correction methods mitigate noise in biometric and PUF responses, resulting in minimal FAR and FRR that meets industrial standards and resilience against spoofing. Our experimental results demonstrate this protocol’s suitability for smart devices and IoT deployments requiring high-assurance, scalable, and quantum-resistant authentication. Full article

(This article belongs to the Topic Recent Advances in Security, Privacy, and Trust)

► Show Figures

Figure 1

23 pages, 13031 KB

Open AccessArticle

Constructing 8 × 8 S-Boxes with Optimal Boolean Function Nonlinearity

by Phuc-Phan Duong and Cong-Kha Pham

Cryptography 2025, 9(4), 67; https://doi.org/10.3390/cryptography9040067 - 21 Oct 2025

Abstract

Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best [...] Read more.

Substitution boxes (S-Boxes) are the core components of modern block ciphers, responsible for introducing the essential nonlinearity that protects against attacks like linear and differential cryptanalysis. For an 8-bit S-Box, the highest possible nonlinearity for a balanced Boolean function is 116. The best results previously reported in the literature achieved an average nonlinearity of 114.5 across the coordinate Boolean functions of 8 × 8 S-boxes. Our proposed method surpasses this record, producing S-boxes whose coordinate functions exhibit an average nonlinearity of 116. This is a significant achievement as it reaches the best result to date for the nonlinearity of the coordinate Boolean functions of an S-Box. Our S-Box generation method is based on multiplication over the field

G F (2^{4})

and

4 \times 4

component S-Boxes. The approach is also highly effective, capable of producing a large number of S-Boxes with good cryptographic properties. Other cryptographic criteria, such as BIC, SAC, DAP, and LAP, though not fully optimal, remain within acceptable ranges when compared with other reported designs. In addition, a side-channel attack evaluation is presented, covering both parameter analysis and experimental results on a real system when applying the proposed S-Box in the AES algorithm. These results make it a leading solution for block cipher design. Full article

► Show Figures

Figure 1

28 pages, 444 KB

Open AccessArticle

On the Homomorphic Properties of Kyber and McEliece with Application to Post-Quantum Private Set Intersection

by Anas A. Abudaqa, Khaled Alshehri and Muhamad Felemban

Cryptography 2025, 9(4), 66; https://doi.org/10.3390/cryptography9040066 - 20 Oct 2025

Abstract

Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known [...] Read more.

Crystals-Kyber and Classic-McEliece are two prominent post-quantum key encapsulation mechanisms (KEMs) designed to address the challenges posed by quantum computing to classical cryptographic schemes. While the former has been standardized by the National Institute of Standards and Technology (NIST), the latter is well-known for its exceptional robustness and as one of the finalists of the fourth round of post-quantum cryptography standardization. Private set intersection (PSI) is a privacy-preserving technique that enables two parties, each possessing a dataset, to compute the intersection of their sets without revealing anything else. This can be achieved thanks to homomorphic encryption (HE), which allows computations on encrypted data. In this paper, firstly, we study Kyber and McEliece, apart from being KEMs, as post-quantum public key encryption (PKE), and examine their homomorphic properties. Secondly, we design two different two-party PSI protocols that utilize the homomorphic capabilities of Kyber and McEliece. Thirdly, a practical performance evaluation under NIST’s security levels 1, 3, and 5 is conducted, focusing on three key metrics: storage overhead, communication overhead, and computation cost. Insights indicate that the Kyber-based PSI Protocol, which utilizes the multiplicative homomorphic property, is secure but less efficient. In contrast, the McEliece-based PSI protocol, while efficient in practice, raises concerns regarding its security as a homomorphic encryption scheme. Full article

► Show Figures

Figure 1

18 pages, 1647 KB

Open AccessArticle

A Two-Layer Transaction Network-Based Method for Virtual Currency Address Identity Recognition

by Lingling Xia, Tao Zhu, Zhengjun Jing, Qun Wang, Zhuo Ma, Zimo Huang and Ziyu Yin

Cryptography 2025, 9(4), 65; https://doi.org/10.3390/cryptography9040065 - 11 Oct 2025

Abstract

Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token [...] Read more.

Digital currencies, led by Bitcoin and USDT, are characterized by decentralization and anonymity, which obscure the identities of traders and create a conducive environment for illicit activities such as drug trafficking, money laundering, cyber fraud, and terrorism financing. Focusing on the USDT-TRC20 token on the Tron blockchain, we propose a two-layer transaction network-based approach for virtual currency address identity recognition for digging out hidden relationships and encrypted assets. Specifically, a two-layer transaction network is constructed: Layer A describes the flow of USDT-TRC20 between on-chain addresses over time, while Layer B represents the flow of TRX between on-chain addresses over time. Subsequently, an identity metric is proposed to determine whether a pair of addresses belongs to the same user or group. Furthermore, transaction records are systematically acquired through blockchain explorers, and the efficacy of the proposed recognition method is empirically validated using dataset from the Key Laboratory of Digital Forensics. Finally, the transaction topology is visualized using Neo4j, providing a comprehensive and intuitive representation of the traced transaction pathways. Full article

(This article belongs to the Section Blockchain Security)

► Show Figures

Figure 1

20 pages, 8727 KB

Open AccessArticle

Comparative Deep Learning-Based Side-Channel Analysis of an FPGA-Based CRYSTALS-Kyber NTT Accelerator

by Munkhbaatar Chinbat, Liji Wu, Xiangmin Zhang, Yifan Yang and Man Wei

Cryptography 2025, 9(4), 64; https://doi.org/10.3390/cryptography9040064 - 9 Oct 2025

Abstract

Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and [...] Read more.

Deep learning-based side-channel analysis is one of the most effective techniques for extracting and classifying sensitive information from a target device. This paper demonstrates the best-performing deep learning model for the target implementation by evaluating various deep learning architectures, including MLP, CNN, and RNN, while systematically optimizing their hyperparameters to achieve the best performance. The paper uses a case study of the Number Theoretic Transform accelerator for the CRYSTALS-Kyber key encapsulation mechanism to show that enhanced deep learning analysis can be used to break security. The best-performing deep learning-based model achieved a 96.64% accuracy in classifying pairwise coefficients of the s vector, which is used to generate the secret key with the NTT accelerator for Kyber768 and Kyber1024. For Kyber512, the model achieved an accuracy of 95.71%. The proposed approach significantly improves average training efficiency, with POIs achieving up to 1.45 times faster performance for MLP models, 10.53 times faster for CNNs, and 10.28 times faster for RNNs compared to deep learning methods without POIs, while maintaining high accuracy in side-channel analysis. Full article

► Show Figures

Figure 1

31 pages, 2417 KB

Open AccessArticle

An Optimized Framework for Detecting Suspicious Accounts in the Ethereum Blockchain Network

by Noha E. El-Attar, Marwa H. Salama, Mohamed Abdelfattah and Sanaa Taha

Cryptography 2025, 9(4), 63; https://doi.org/10.3390/cryptography9040063 - 28 Sep 2025

Abstract

Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model [...] Read more.

Detecting, tracking, and preventing cryptocurrency money laundering within blockchain systems is a major challenge for governments worldwide. This paper presents an anomaly detection model based on blockchain technology and machine learning to identify cryptocurrency money-laundering accounts within Ethereum blockchain networks. The proposed model employs Particle Swarm Optimization (PSO) to select optimal feature subsets. Additionally, three machine learning algorithms—XGBoost, Isolation Forest (IF), and Support Vector Machine (SVM)—are employed to detect suspicious accounts. A Genetic Algorithm (GA) is further applied to determine the optimal hyperparameters for each machine learning model. The evaluations demonstrate the superiority of the XGBoost algorithm over SVM and IF, particularly when enhanced with GA. It achieved accuracy, precision, recall, and F1-score values of 0.98, 0.97, 0.98, and 0.97, respectively. After applying GA, XGBoost’s performance metrics improved to 0.99 across all categories. Full article

(This article belongs to the Section Blockchain Security)

► Show Figures

Figure 1

39 pages, 505 KB

Open AccessReview

A Survey of Post-Quantum Oblivious Protocols

by Altana Khutsaeva, Anton Leevik and Sergey Bezzateev

Cryptography 2025, 9(4), 62; https://doi.org/10.3390/cryptography9040062 - 27 Sep 2025

Abstract

Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known [...] Read more.

Modern distributed computing systems and applications with strict privacy requirements demand robust data confidentiality. A primary challenge involves enabling parties to exchange data or perform joint computations. These interactions must avoid revealing private information about the data. Protocols with the obliviousness property, known as oblivious protocols, address this issue. They ensure that no party learns more than necessary. This survey analyzes the security and performance of post-quantum oblivious protocols, with a focus on oblivious transfer and oblivious pseudorandom functions. The evaluation assesses resilience against malicious adversaries in the Universal Composability framework. Efficiency is quantified through communication and computational overhead. It identifies optimal scenarios for these protocols. This paper also surveys related primitives, such as oblivious signatures and data structures, along with their applications. Key findings highlight the inherent trade-offs between computational cost and communication complexity in post-quantum oblivious constructions. Open challenges and future research directions are outlined. Emphasis is placed on quantum-resistant designs and formal security proofs in stronger adversarial models. Full article

(This article belongs to the Collection Survey of Cryptographic Topics)

► Show Figures

Figure 1

19 pages, 255 KB

Open AccessReview

From Black Boxes to Glass Boxes: Explainable AI for Trustworthy Deepfake Forensics

by Hanwei Qian, Lingling Xia, Ruihao Ge, Yiming Fan, Qun Wang and Zhengjun Jing

Cryptography 2025, 9(4), 61; https://doi.org/10.3390/cryptography9040061 - 26 Sep 2025

Abstract

As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. [...] Read more.

As deepfake technology matures, its risks in spreading false information and threatening personal and societal security are escalating. Despite significant accuracy improvements in existing detection models, their inherent opacity limits their practical application in high-risk areas such as forensic investigations and news verification. To address this gap in trust, explainability has become a key research focus. This paper provides a systematic review of explainable deepfake detection methods, categorizing them into three main approaches: forensic analysis, which identifies physical or algorithmic manipulation traces; model-centric methods, which enhance transparency through post hoc explanations or pre-designed processes; and multimodal and natural language explanations, which translate results into human-understandable reports. The paper also examines evaluation frameworks, datasets, and current challenges, underscoring the necessity for trustworthy, reliable, and interpretable detection technologies in combating digital misinformation. Full article

42 pages, 2989 KB

Open AccessArticle

Privacy-Driven Classification of Contact Tracing Platforms: Architecture and Adoption Insights

by Sidra Anwar and Jonathan Anderson

Cryptography 2025, 9(4), 60; https://doi.org/10.3390/cryptography9040060 - 24 Sep 2025

Abstract

Digital contact-tracing (CT) systems differ in how they process risk and expose data, and the centralized–decentralized dichotomy obscures these choices. We propose a modular six-model classification and evaluate 18 platforms across 12 countries (July 2020–April 2021) using a 24-indicator rubric spanning privacy, security, [...] Read more.

Digital contact-tracing (CT) systems differ in how they process risk and expose data, and the centralized–decentralized dichotomy obscures these choices. We propose a modular six-model classification and evaluate 18 platforms across 12 countries (July 2020–April 2021) using a 24-indicator rubric spanning privacy, security, functionality, and governance. Methods include double-coding with Cohen’s

κ

for inter-rater agreement and a 1000-draw weight-sensitivity check; assumptions and adversaries are stated in a concise threat model. Results: No single model dominates; Bulletin Board and Custodian consistently form the top tier on privacy goals, while Fully Centralized eases verification/notification workflows. Timelines show rapid GAEN uptake and near-contemporaneous open-source releases, with one late outlier. Contributions: (i) A practical, generalizable classification that makes compute-locus and data addressability explicit; (ii) a transparent indicator rubric with an evidence index enabling traceable scoring; and (iii) empirically grounded guidance aligning deployments with goals G1–G3 (PII secrecy, notification authenticity, unlinkability). Limitations include reliance on public documentation and architecture-level (not mechanized) verification; future work targets formal proofs and expanded double-coding. The framework and findings generalize beyond COVID-19 to privacy-preserving digital-health workflows. Full article

(This article belongs to the Topic Recent Advances in Security, Privacy, and Trust)

► Show Figures

Graphical abstract

39 pages, 538 KB

Open AccessArticle

Universally Composable Traceable Ring Signature with Verifiable Random Function in Logarithmic Size

by Kwan Yin Chan, Tsz Hon Yuen and Siu Ming Yiu

Cryptography 2025, 9(3), 59; https://doi.org/10.3390/cryptography9030059 - 12 Sep 2025

Abstract

Traceable ring signatures (TRSs) allow a signer to create a signature that maintains anonymity while enabling traceability if needed. It merges the characteristics of traditional ring signatures with the ability to trace signers, making it ideal for applications that demand both confidentiality and [...] Read more.

Traceable ring signatures (TRSs) allow a signer to create a signature that maintains anonymity while enabling traceability if needed. It merges the characteristics of traditional ring signatures with the ability to trace signers, making it ideal for applications that demand both confidentiality and accountability. In a TRS scheme, a ring of potential signers generates a signature on a message without disclosing the actual signer’s identity. However, the identity can be traced if the signer uses the same tag for multiple signatures. This paper introduces a novel formal construction of TRS under universally composable (UC) security. We integrate verifiable random functions (VRFs) and zero-knowledge proofs for membership, employing Pedersen commitments. Our signature schemes maintain a logarithmic size while preserving the UC security guarantees. Additionally, we explore the potential to extend the property of one-time anonymity in TRS to K-time anonymity. Full article

(This article belongs to the Special Issue Cryptography and Network Security—CANS 2024)

► Show Figures

Figure 1

16 pages, 1287 KB

Open AccessArticle

From Chaos to Security: A Comparative Study of Lorenz and Rössler Systems in Cryptography

by Alexandru Dinu

Cryptography 2025, 9(3), 58; https://doi.org/10.3390/cryptography9030058 - 12 Sep 2025

Cited by 1

Abstract

Chaotic systems, governed by deterministic nonlinear equations yet exhibiting highly complex and unpredictable behaviors, have emerged as valuable tools at the intersection of mathematics, engineering, and information security. This paper presents a comparative study of the Lorenz and Rössler systems, focusing on their [...] Read more.

Chaotic systems, governed by deterministic nonlinear equations yet exhibiting highly complex and unpredictable behaviors, have emerged as valuable tools at the intersection of mathematics, engineering, and information security. This paper presents a comparative study of the Lorenz and Rössler systems, focusing on their dynamic complexity and statistical independence—two critical properties for applications in chaos-based cryptography. By integrating techniques from nonlinear dynamics (e.g., Lyapunov exponents, KS entropy, Kaplan–Yorke dimension) and statistical testing (e.g., chi-square and Gaussian transformation-based independence tests), we provide a quantitative framework to evaluate the pseudo-randomness potential of chaotic trajectories. Our results show that the Lorenz system offers faster convergence to chaos and superior statistical independence over time, making it more suitable for rapid encryption schemes. In contrast, the Rössler system provides complementary insights due to its simpler attractor and longer memory. These findings contribute to a multidisciplinary methodology for selecting and optimizing chaotic systems in secure communication and signal processing contexts. Full article

(This article belongs to the Special Issue Interdisciplinary Cryptography)

► Show Figures

Figure 1

28 pages, 8109 KB

Open AccessArticle

A Face Image Encryption Scheme Based on Nonlinear Dynamics and RNA Cryptography

by Xiyuan Cheng, Tiancong Cheng, Xinyu Yang, Wenbin Cheng and Yiting Lin

Cryptography 2025, 9(3), 57; https://doi.org/10.3390/cryptography9030057 - 4 Sep 2025

Abstract

With the rapid development of big data and artificial intelligence, the problem of image privacy leakage has become increasingly prominent, especially for images containing sensitive information such as faces, which poses a higher security risk. In order to improve the security and efficiency [...] Read more.

With the rapid development of big data and artificial intelligence, the problem of image privacy leakage has become increasingly prominent, especially for images containing sensitive information such as faces, which poses a higher security risk. In order to improve the security and efficiency of image privacy protection, this paper proposes an image encryption scheme that integrates face detection and multi-level encryption technology. Specifically, a multi-task convolutional neural network (MTCNN) is used to accurately extract the face area to ensure accurate positioning and high processing efficiency. For the extracted face area, a hierarchical encryption framework is constructed using chaotic systems, lightweight block permutations, RNA cryptographic systems, and bit diffusion, which increases data complexity and unpredictability. In addition, a key update mechanism based on dynamic feedback is introduced to enable the key to change in real time during the encryption process, effectively resisting known plaintext and chosen plaintext attacks. Experimental results show that the scheme performs well in terms of encryption security, robustness, computational efficiency, and image reconstruction quality. This study provides a practical and effective solution for the secure storage and transmission of sensitive face images, and provides valuable support for image privacy protection in intelligent systems. Full article

(This article belongs to the Special Issue Advanced Techniques in Watermarking, Encryption and Steganography for Secure Communication)

► Show Figures

Figure 1

21 pages, 390 KB

Open AccessArticle

Novel Approach to Degree, Balancedness, and Affine Equivalence of Boolean Functions and Construction of a Special Class of Non-Quadratic Balanced Boolean Functions

by Sunil Kumar, Dharminder Chaudhary, S. A. Lakshmanan and Cheng-Chi Lee

Cryptography 2025, 9(3), 56; https://doi.org/10.3390/cryptography9030056 - 29 Aug 2025

Cited by 1

Abstract

In several stream cipher designs, Boolean functions (BFs) play a crucial role as non-linear components, either serving as filtering functions or being used within the combining process. The overall strength of stream ciphers mainly depends on certain cryptographic properties of BFs, including their [...] Read more.

In several stream cipher designs, Boolean functions (BFs) play a crucial role as non-linear components, either serving as filtering functions or being used within the combining process. The overall strength of stream ciphers mainly depends on certain cryptographic properties of BFs, including their balancedness, non-linearity, resistance to correlation, and algebraic degrees. In this paper, we present novel findings related to the algebraic degrees of BFs, which play an important role in the design of symmetric cryptographic systems, and propose a novel algorithm to directly deduce the algebraic degree of a Boolean function (BF) from its truth table. We also explore new results concerning balanced Boolean functions, specifically characterizing them by establishing new results regarding their support. Additionally, we propose a new approach for a subclass of affine equivalent Boolean functions and discuss well-known cryptographic properties in a very simple and lucid manner using this newly introduced approach. Moreover, we propose the first algorithm in the literature to construct non-quadratic balanced Boolean functions (NQBBFs) that possess no linear structure where their derivative equals 1. Finally, we discuss the complexity of this algorithm and present a table that shows the time taken by this algorithm, after its implementation in SageMath, for the generation of Boolean functions corresponding to different values of n (i.e., number of variables). Full article

29 pages, 611 KB

Open AccessArticle

Enhancing the Multikey GSW Scheme with CRT Decomposition and Ciphertext Compression for Efficient Distributed Decryption

by Kung-Wei Hu, Wun-Ting Lin, Huan-Chih Wang and Ja-Ling Wu

Cryptography 2025, 9(3), 55; https://doi.org/10.3390/cryptography9030055 - 27 Aug 2025

Abstract

This paper enhances the multikey scenario in the Gentry–Sahai–Waters (GSW) fully homomorphic encryption scheme to increase its real-world applicability. We integrate the advantages of two existing GSW multikey approaches: one enabling distributed decryption and the other reducing memory requirements. We also apply the [...] Read more.

This paper enhances the multikey scenario in the Gentry–Sahai–Waters (GSW) fully homomorphic encryption scheme to increase its real-world applicability. We integrate the advantages of two existing GSW multikey approaches: one enabling distributed decryption and the other reducing memory requirements. We also apply the CRT decomposition and ciphertext compression techniques to the multikey settings. While leveraging the effectiveness of decomposition, we adapt the compression technique for practical cryptographic applications, as demonstrated through simulations in federated learning and multiparty communication scenarios. Our work’s potential impact on the cryptography field is significant, as it offers a more efficient and secure solution for distributed data processing in real-world scenarios, thereby advancing the state of the art in secure communication systems. Full article

► Show Figures

Figure 1

25 pages, 1670 KB

Open AccessArticle

Reliability of LEON3 Processor’s Program Counter Against SEU, MBU, and SET Fault Injection

by Afef Kchaou, Sehmi Saad, Hatem Garrab and Mohsen Machhout

Cryptography 2025, 9(3), 54; https://doi.org/10.3390/cryptography9030054 - 27 Aug 2025

Abstract

This paper presents a comprehensive register transfer-level (RTL) fault injection study targeting the program counter (PC) of the LEON3 processor, a SPARC V8-compliant core widely used in safety-critical and radiation-prone embedded applications. Using the enhanced NETFI+ framework, over four million faults, including single-event [...] Read more.

This paper presents a comprehensive register transfer-level (RTL) fault injection study targeting the program counter (PC) of the LEON3 processor, a SPARC V8-compliant core widely used in safety-critical and radiation-prone embedded applications. Using the enhanced NETFI+ framework, over four million faults, including single-event upsets (SEUs), multiple-bit upsets (MBUs), and single-event transients (SETs), were systematically injected into the PC across all pipeline stages. The analysis reveals that early stages, particularly Fetch (FE), Decode (DE), Register Access (RA), and Execute (EX), are highly sensitive to SEU and MBU faults. The propagation of errors detected in the two early stages of the pipeline (FE and DE) is classified with an important percentage of halt execution and timeout traps. Intermediate stages, such as RA and EX, exhibited a higher incidence of silent data corruption and halt execution, while the Memory (ME) and Exception (XC) stages demonstrated greater resilience through fault masking. SET faults were mostly transient and masked, though they occasionally resulted in control flow anomalies. In addition to error classification, detailed trap and exception analysis was performed to characterize fault-induced failure mechanisms. The findings underscore the need for pipeline-stage-specific hardening strategies and highlight the value of simulation-based fault injection for early design validation in safety-critical embedded processors. Full article

► Show Figures

Figure 1

24 pages, 762 KB

Open AccessArticle

A New Code-Based Identity-Based Signature Scheme from the Ternary Large-Weight SDP

by Sana Challi, Mukul Kulkarni and Taoufik Serraj

Cryptography 2025, 9(3), 53; https://doi.org/10.3390/cryptography9030053 - 4 Aug 2025

Abstract

Identity-based cryptography introduced by Shamir (Crypto’84) has seen many advances through the years. In the context of post-quantum identity-based schemes, most of the efficient designs are based on lattices. In this work, we propose an identity-based identification (IBI) scheme and an identity-based signature [...] Read more.

Identity-based cryptography introduced by Shamir (Crypto’84) has seen many advances through the years. In the context of post-quantum identity-based schemes, most of the efficient designs are based on lattices. In this work, we propose an identity-based identification (IBI) scheme and an identity-based signature (IBS) scheme based on codes. Our design combines the hash-and-sign signature scheme, Wave, with a Stern-like signature scheme, BGKM-SIG1, instantiated over a ternary field using the large-weight Syndrome Decoding Problem (SDP). Our scheme significantly outperforms existing code-based identity-based signature constructions. Full article

► Show Figures

Figure 1

24 pages, 921 KB

Open AccessArticle

Towards Empowering Stakeholders Through Decentralized Trust and Secure Livestock Data Sharing

by Abdul Ghafoor, Iraklis Symeonidis, Anna Rydberg, Cecilia Lindahl and Abdul Qadus Abbasi

Cryptography 2025, 9(3), 52; https://doi.org/10.3390/cryptography9030052 - 23 Jul 2025

Abstract

Cybersecurity represents a critical challenge for data-sharing platforms involving multiple stakeholders, particularly within complex and decentralized systems such as livestock supply chain networks. These systems demand novel approaches, robust security protocols, and advanced data management strategies to address key challenges such as data [...] Read more.

Cybersecurity represents a critical challenge for data-sharing platforms involving multiple stakeholders, particularly within complex and decentralized systems such as livestock supply chain networks. These systems demand novel approaches, robust security protocols, and advanced data management strategies to address key challenges such as data consistency, transparency, ownership, controlled access or exposure, and privacy-preserving analytics for value-added services. In this paper, we introduced the Framework for Livestock Empowerment and Decentralized Secure Data eXchange (FLEX), as a comprehensive solution grounded on five core design principles: (i) enhanced security and privacy, (ii) human-centric approach, (iii) decentralized and trusted infrastructure, (iv) system resilience, and (v) seamless collaboration across the supply chain. FLEX integrates interdisciplinary innovations, leveraging decentralized infrastructure-based protocols to ensure trust, traceability, and integrity. It employs secure data-sharing protocols and cryptographic techniques to enable controlled information exchange with authorized entities. Additionally, the use of data anonymization techniques ensures privacy. FLEX is designed and implemented using a microservices architecture and edge computing to support modularity and scalable deployment. These components collectively serve as a foundational pillar of the development of a digital product passport. The FLEX architecture adopts a layered design and incorporates robust security controls to mitigate threats identified using the STRIDE threat modeling framework. The evaluation results demonstrate the framework’s effectiveness in countering well-known cyberattacks while fulfilling its intended objectives. The performance evaluation of the implementation further validates its feasibility and stability, particularly as the volume of evidence associated with animal identities increases. All the infrastructure components, along with detailed deployment instructions, are publicly available as open-source libraries on GitHub, promoting transparency and community-driven development for wider public benefit. Full article

(This article belongs to the Special Issue Emerging Trends in Blockchain and Its Applications)

► Show Figures

Figure 1

Journal Description

Cryptography

Latest Articles

Journal Menu

Journal Browser

Highly Accessed Articles

Latest Books

E-Mail Alert

News

Topics

Conferences

Special Issues

Topical Collections

Further Information

Guidelines

MDPI Initiatives

Follow MDPI