Cryptography

Recent work at SCN 2020 by Boyen, Izabachène, and Li introduced a lattice-based key-encapsulation mechanism (KEM) that achieves CCA2-security in the standard model without relying on generic transformations. Their proof, however, leaves a few gaps that prevent a fully rigorous security justification. Building on the same design rationale, we revisit that construction and refine it to obtain a more compact and provably secure KEM under the Learning With Errors assumption. Furthermore, we extend this framework to derive an identity-based variant (IBKEM) whose security is established in the same model. The resulting schemes combine conceptual simplicity with improved efficiency and complete proofs of adaptive-ciphertext security.

As embedded and IoT systems demand secure and compact encryption, developing cryptographic solutions that are both lightweight and efficient remains a major challenge. Many existing AES implementations either lack flexibility or consume excessive hardware resources. This paper presents an area-efficient and flexible AES-128 implementation based on a hardware/software (HW/SW) co-design, specifically optimized for platforms with limited hardware resources, resulting in reduced power consumption. In this approach, key expansion is performed in software on a lightweight MicroBlaze processor, while encryption and decryption are accelerated by dedicated hardware IP cores optimized at the Look-up Table (LuT) level. The design is implemented on a Xilinx XC5VLX50T Virtex-5 FPGA, synthesized using Xilinx ISE 14.7, and tested at a 100 MHz system clock. It achieves a throughput of 13.3 Gbps and an area efficiency of 5.44 Gbps per slice, requiring only 2303 logic slices and 7 BRAMs on a Xilinx FPGA. It is particularly well-suited for resource-constrained applications such as IoT nodes, secure mobile devices, and smart cards. Since key expansion is executed only once per session, the runtime is dominated by AES core operations, enabling efficient processing of large data volumes. Although the present implementation targets AES-128, the HW/SW partitioning allows straightforward extension to AES-192 and AES-256 by modifying only the software Key expansion module, ensuring practical scalability with no hardware changes. Moreover, the architecture offers a balanced trade-off between performance, flexibility and resource utilization without relying on complex pipelining. Experimental results demonstrate the effectiveness and flexibility of the proposed lightweight design.

Data security is essential for protecting sensitive information that could compromise both the sender and the receiver. Encryption mechanisms, such as the Advanced Encryption Standard (AES), play a key role in this protection. However, encrypting or decrypting data can significantly impact the performance of the database. This study aims to evaluate the impact of AES on the performance of SQL Server, Oracle, and MySQL when using Transparent Data Encryption (TDE) with the Transaction Processing Performance Council-H (TPC-H) benchmark at different Scale Factors. Performance was assessed using metrics such as elapsed time and system resource usage. In terms of scalability and performance efficiency, SQL Server proved to be the best among the databases tested. However, TDE introduced performance overhead compared to non-encryption test cases.