Cyber Security, Cryptology and Machine Learning

A special issue of Cryptography (ISSN 2410-387X).

Deadline for manuscript submissions: closed (31 August 2023) | Viewed by 22105

Special Issue Editor


E-Mail Website
Guest Editor
1. School of Business Administration, University of Haifa, Haifa 3498838, Israel
2. Amazon Web Services Inc., Seattle, WA 98101, USA
Interests: applied cryptography; applied security and privacy; applied algorithms

Special Issue Information

Dear Colleagues,

This Special Issue will present extended versions of papers presented at the 6th International Symposium for Cyber Security, Cryptology, and Machine Learning (CSCML 2022, https://www.cscml.org/), as well as at previous editions of the CSCML. The CSCML is an international forum for researchers and practitioners in the theory, design, analysis, implementation, or application of cyber security, cryptography, and machine learning systems and networks; in particular, of conceptually innovative results.

Authors interested in extending their conference papers should be aware that their final submitted manuscript must provide a minimum of 50% new content and not exceed 30% copy/paste from their respective proceedings paper. Each manuscript will undergo blind review.

Please note that the Special Issue is also seeking original works that address cyber security, cryptology, and machine learning systems and networks across and/or within this range of topics.

Prof. Dr. Shay Gueron
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Cryptography is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cyber security
  • formal methods
  • authentication and identification
  • cryptocurrency
  • blockchain
  • cryptology
  • cryptographic implementation analysis
  • postquantum cryptography and security
  • machine learning and big data
  • anomaly detection and malware identification
  • digital forensics
  • trust management
  • risk analysis
  • DoS

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (9 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

23 pages, 423 KiB  
Article
Secure Groups for Threshold Cryptography and Number-Theoretic Multiparty Computation
by Berry Schoenmakers and Toon Segers
Cryptography 2023, 7(4), 56; https://doi.org/10.3390/cryptography7040056 - 9 Nov 2023
Viewed by 1930
Abstract
In this paper, we introduce secure groups as a cryptographic scheme representing finite groups together with a range of operations, including the group operation, inversion, random sampling, and encoding/decoding maps. We construct secure groups from oblivious group representations combined with cryptographic protocols, implementing [...] Read more.
In this paper, we introduce secure groups as a cryptographic scheme representing finite groups together with a range of operations, including the group operation, inversion, random sampling, and encoding/decoding maps. We construct secure groups from oblivious group representations combined with cryptographic protocols, implementing the operations securely. We present both generic and specific constructions, in the latter case specifically for number-theoretic groups commonly used in cryptography. These include Schnorr groups (with quadratic residues as a special case), Weierstrass and Edwards elliptic curve groups, and class groups of imaginary quadratic number fields. For concreteness, we develop our protocols in the setting of secure multiparty computation based on Shamir secret sharing over a finite field, abstracted away by formulating our solutions in terms of an arithmetic black box for secure finite field arithmetic or for secure integer arithmetic. Secure finite field arithmetic suffices for many groups, including Schnorr groups and elliptic curve groups. For class groups, we need secure integer arithmetic to implement Shanks’ classical algorithms for the composition of binary quadratic forms, which we will combine with our adaptation of a particular form reduction algorithm due to Agarwal and Frandsen. As a main result of independent interest, we also present an efficient protocol for the secure computation of the extended greatest common divisor. The protocol is based on Bernstein and Yang’s constant-time 2-adic algorithm, which we adapt to work purely over the integers. This yields a much better approach for multiparty computation but raises a new concern about the growth of the Bézout coefficients. By a careful analysis, we are able to prove that the Bézout coefficients in our protocol will never exceed 3max(a,b) in absolute value for inputs a and b. We have integrated secure groups in the Python package MPyC and have implemented threshold ElGamal and threshold DSA in terms of secure groups. We also mention how our results support verifiable multiparty computation, allowing parties to jointly create a publicly verifiable proof of correctness for the results accompanying the results of a secure computation. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
20 pages, 2010 KiB  
Article
SigML++: Supervised Log Anomaly with Probabilistic Polynomial Approximation
by Devharsh Trivedi, Aymen Boudguiga, Nesrine Kaaniche and Nikos Triandopoulos
Cryptography 2023, 7(4), 52; https://doi.org/10.3390/cryptography7040052 - 19 Oct 2023
Cited by 2 | Viewed by 2653
Abstract
Security log collection and storage are essential for organizations worldwide. Log analysis can help recognize probable security breaches and is often required by law. However, many organizations commission log management to Cloud Service Providers (CSPs), where the logs are collected, processed, and stored. [...] Read more.
Security log collection and storage are essential for organizations worldwide. Log analysis can help recognize probable security breaches and is often required by law. However, many organizations commission log management to Cloud Service Providers (CSPs), where the logs are collected, processed, and stored. Existing methods for log anomaly detection rely on unencrypted (plaintext) data, which can be a security risk. Logs often contain sensitive information about an organization or its customers. A more secure approach is always to keep logs encrypted (ciphertext). This paper presents “SigML++”, an extension of “SigML” for supervised log anomaly detection on encrypted data. SigML++ uses Fully Homomorphic Encryption (FHE) according to the Cheon–Kim–Kim–Song (CKKS) scheme to encrypt the logs and then uses an Artificial Neural Network (ANN) to approximate the sigmoid (σ(x)) activation function probabilistically for the intervals [10,10] and [50,50]. This allows SigML++ to perform log anomaly detection without decrypting the logs. Experiments show that SigML++ can achieve better low-order polynomial approximations for Logistic Regression (LR) and Support Vector Machine (SVM) than existing methods. This makes SigML++ a promising new approach for secure log anomaly detection. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

28 pages, 426 KiB  
Article
Divisions and Square Roots with Tight Error Analysis from Newton–Raphson Iteration in Secure Fixed-Point Arithmetic
by Stan Korzilius and Berry Schoenmakers
Cryptography 2023, 7(3), 43; https://doi.org/10.3390/cryptography7030043 - 12 Sep 2023
Cited by 1 | Viewed by 2047
Abstract
In this paper, we present new variants of Newton–Raphson-based protocols for the secure computation of the reciprocal and the (reciprocal) square root. The protocols rely on secure fixed-point arithmetic with arbitrary precision parameterized by the total bit length of the fixed-point numbers and [...] Read more.
In this paper, we present new variants of Newton–Raphson-based protocols for the secure computation of the reciprocal and the (reciprocal) square root. The protocols rely on secure fixed-point arithmetic with arbitrary precision parameterized by the total bit length of the fixed-point numbers and the bit length of the fractional part. We perform a rigorous error analysis aiming for tight accuracy claims while minimizing the overall cost of the protocols. Due to the nature of secure fixed-point arithmetic, we perform the analysis in terms of absolute errors. Whenever possible, we allow for stochastic (or probabilistic) rounding as an efficient alternative to deterministic rounding. We also present a new protocol for secure integer division based on our protocol for secure fixed-point reciprocals. The resulting protocol is parameterized by the bit length of the inputs and yields exact results for the integral quotient and remainder. The protocol is very efficient, minimizing the number of secure comparisons. Similarly, we present a new protocol for integer square roots based on our protocol for secure fixed-point square roots. The quadratic convergence of the Newton–Raphson method implies a logarithmic number of iterations as a function of the required precision (independent of the input value). The standard error analysis of the Newton–Raphson method focuses on the termination condition for attaining the required precision, assuming sufficiently precise floating-point arithmetic. We perform an intricate error analysis assuming fixed-point arithmetic of minimal precision throughout and minimizing the number of iterations in the worst case. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
21 pages, 5229 KiB  
Article
Automated Classical Cipher Emulation Attacks via Unified Unsupervised Generative Adversarial Networks
by Seonghwan Park, Hyunil Kim and Inkyu Moon
Cryptography 2023, 7(3), 35; https://doi.org/10.3390/cryptography7030035 - 11 Jul 2023
Viewed by 2311
Abstract
Cryptanalysis has been studied and gradually improved with the evolution of cryptosystems over past decades. Recently, deep learning (DL) has started to be used in cryptanalysis to attack digital cryptosystems. As computing power keeps growing, deploying DL-based cryptanalysis becomes feasible in practice. However, [...] Read more.
Cryptanalysis has been studied and gradually improved with the evolution of cryptosystems over past decades. Recently, deep learning (DL) has started to be used in cryptanalysis to attack digital cryptosystems. As computing power keeps growing, deploying DL-based cryptanalysis becomes feasible in practice. However, since these studies can analyze only one cipher type for one DL model learning, it takes a lot of time to analyze multi ciphers. In this paper, we propose a unified cipher generative adversarial network (UC-GAN), which can perform ciphertext-to-plaintext translations among multiple domains (ciphers) using only a single DL model. In particular, the proposed model is based on unified unsupervised DL for the analysis of classical substitutional ciphers. Simulation results have indicated the feasibility and good performance of the proposed approach. In addition, we compared our experimental results with the findings of conditional GAN, where plaintext and ciphertext pairs in only the single domain are given as training data, and with CipherGAN, which is cipher mapping between unpaired ciphertext and plaintext in the single domain, respectively. The proposed model showed more than 97% accuracy by learning only data without prior knowledge of three substitutional ciphers. These findings could open a new possibility for simultaneously cracking various block ciphers, which has a great impact on the field of cryptography. To the best of our knowledge, this is the first study of the cryptanalysis of multiple cipher algorithms using only a single DL model Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

14 pages, 311 KiB  
Article
Inferring Bivariate Polynomials for Homomorphic Encryption Application
by Diana Maimuţ and George Teşeleanu
Cryptography 2023, 7(2), 31; https://doi.org/10.3390/cryptography7020031 - 5 Jun 2023
Viewed by 1904
Abstract
Inspired by the advancements in (fully) homomorphic encryption in recent decades and its practical applications, we conducted a preliminary study on the underlying mathematical structure of the corresponding schemes. Hence, this paper focuses on investigating the challenge of deducing bivariate polynomials constructed using [...] Read more.
Inspired by the advancements in (fully) homomorphic encryption in recent decades and its practical applications, we conducted a preliminary study on the underlying mathematical structure of the corresponding schemes. Hence, this paper focuses on investigating the challenge of deducing bivariate polynomials constructed using homomorphic operations, namely repetitive additions and multiplications. To begin with, we introduce an approach for solving the previously mentioned problem using Lagrange interpolation for the evaluation of univariate polynomials. This method is well-established for determining univariate polynomials that satisfy a specific set of points. Moreover, we propose a second approach based on modular knapsack resolution algorithms. These algorithms are designed to address optimization problems in which a set of objects with specific weights and values is involved. Finally, we provide recommendations on how to run our algorithms in order to obtain better results in terms of precision. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

18 pages, 797 KiB  
Article
A Multi-Party Functional Signatures Scheme for Private Blockchain
by Quan Zhou, Yulong Zheng, Kaijun Wei, Minhui Chen and Zhikang Zeng
Cryptography 2023, 7(2), 21; https://doi.org/10.3390/cryptography7020021 - 12 Apr 2023
Cited by 3 | Viewed by 2991
Abstract
Digital signature technology is essential for ensuring the authenticity and unforgeability of transactions in a private blockchain framework. In some scenarios, transactions require verification from multiple parties, each of whom needs to authenticate different parts of the transaction. To address this issue, researchers [...] Read more.
Digital signature technology is essential for ensuring the authenticity and unforgeability of transactions in a private blockchain framework. In some scenarios, transactions require verification from multiple parties, each of whom needs to authenticate different parts of the transaction. To address this issue, researchers have developed multi-party ECDSA (Elliptic Curve Digital Signature Algorithm) signature schemes. However, these schemes either need to consider the authentication of different parts of the transaction or generate an aggregated signature. This paper proposes a novel solution that combines functional signatures and multi-party ECDSA signatures to create a multi-party functional signature for private blockchains. Compared to previous constructions, the proposed scheme ensures that each part of the transaction is verified. Furthermore, when the aggregate signature of the entire transaction cannot be verified, this scheme identifies the specific part of the transaction for which the signature authentication fails instead of rejecting the entire transaction. This paper uses a smart contract to securely deploy the proposed scheme and authenticate the f in functional signatures. The constructed scheme also provides security under the existential unforgeability of the ECDSA signature, even if n1 parties are corrupted, assuming a total of n parties. The scheme of this paper successfully conducted experiments on a personal computer, with three users taking approximately 343 ms, six users taking 552 ms, and nine users taking 791 ms. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

14 pages, 292 KiB  
Article
Intrusion Detection System for IoT Using Logical Analysis of Data and Information Gain Ratio
by Sneha Chauhan, Sugata Gangopadhyay and Aditi Kar Gangopadhyay
Cryptography 2022, 6(4), 62; https://doi.org/10.3390/cryptography6040062 - 5 Dec 2022
Cited by 3 | Viewed by 2864
Abstract
The rapidly increasing use of the internet has led to an increase in new devices and technologies; however, attack and security violations have grown exponentially as well. In order to detect and prevent attacks, an Intrusion Detection System (IDS) is proposed using Logical [...] Read more.
The rapidly increasing use of the internet has led to an increase in new devices and technologies; however, attack and security violations have grown exponentially as well. In order to detect and prevent attacks, an Intrusion Detection System (IDS) is proposed using Logical Analysis of Data (LAD). Logical Analysis of Data is a data analysis technique that classifies data as either normal or an attack based on patterns. A pattern generation approach is discussed using the concept of Boolean functions. The IDS model is trained and tested using the Bot-IoT dataset. The model achieves an accuracy of 99.98%, and is able to detect new attacks with good precision and recall. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

16 pages, 395 KiB  
Article
Privacy-Preserving Contrastive Explanations with Local Foil Trees
by Thijs Veugen, Bart Kamphorst and Michiel Marcus
Cryptography 2022, 6(4), 54; https://doi.org/10.3390/cryptography6040054 - 28 Oct 2022
Cited by 2 | Viewed by 1896
Abstract
We present the first algorithm that combines privacy-preserving technologies and state-of-the-art explainable AI to enable privacy-friendly explanations of black-box AI models. We provide a secure algorithm for contrastive explanations of black-box machine learning models that securely trains and uses local foil trees. Our [...] Read more.
We present the first algorithm that combines privacy-preserving technologies and state-of-the-art explainable AI to enable privacy-friendly explanations of black-box AI models. We provide a secure algorithm for contrastive explanations of black-box machine learning models that securely trains and uses local foil trees. Our work shows that the quality of these explanations can be upheld whilst ensuring the privacy of both the training data and the model itself. Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

18 pages, 425 KiB  
Article
How Hard Is It to Detect Surveillance? A Formal Study of Panopticons and Their Detectability Problem
by Vasiliki Liagkou, Panayotis E. Nastou, Paul Spirakis and Yannis C. Stamatiou
Cryptography 2022, 6(3), 42; https://doi.org/10.3390/cryptography6030042 - 20 Aug 2022
Viewed by 1859
Abstract
The Panopticon (which means “watcher of everything”) is a well-known prison structure of continuous surveillance and discipline studied by Bentham in 1785. Today, where persistent, massive scale, surveillance is immensely facilitated by new technologies, the term Panopticon vaguely characterizes institutions with a power [...] Read more.
The Panopticon (which means “watcher of everything”) is a well-known prison structure of continuous surveillance and discipline studied by Bentham in 1785. Today, where persistent, massive scale, surveillance is immensely facilitated by new technologies, the term Panopticon vaguely characterizes institutions with a power to acquire and process, undetectably, personal information. In this paper we propose a theoretical framework for studying Panopticons and their detectability status. We show, based on the Theory of Computation, that detecting Panopticons, modelled either as a simple Turing Machine or as an Oracle Turing Machine, is an undecidable problem. Furthermore, we show that for each sufficiently expressive formal system, we can effectively construct a Turing Machine for which it is impossible to prove, within the formal system, its Panopticon status. Finally, we discuss how Panopticons can be physically detected by the heat they dissipate each time they acquire, effortlessly, information in the form of an oracle and we investigate their detectability status with respect to a more powerful computational model than classical Turing Machines, the Infinite Time Turing Machines (ITTMs). Full article
(This article belongs to the Special Issue Cyber Security, Cryptology and Machine Learning)
Show Figures

Figure 1

Back to TopTop