Search Results (192)

The present study was motivated by the need to enhance indoor air quality and reduce airborne disease transmission in dense urban environments where high-rise residential buildings face challenges in achieving effective natural ventilation. The problem lies in the lack of scalable and convenient tools to optimize natural ventilation rate, particularly in urban settings with varying building heights. To address this, the scientific technique developed with an innovative metric, the urbanized natural ventilation effectiveness factor (uNVeF), integrates regression analysis of wind direction, velocity, air change rate per hour (ACH), window configurations, and building height to quantify ventilation efficiency. By employing a field measurement methodology, the measurements were conducted across 25 window-opening scenarios in a 13.9 m² residential unit on the 35/F of a Hong Kong public housing building, supplemented by the Hellman Exponential Law with a site-specific friction coefficient (0.2907, R² = 0.9232) to estimate the lower floor natural ventilation rate. The results confirm compliance with Hong Kong’s statutory 1.5 ACH requirement (Practice Note for Authorized Persons, Registered Structural Engineers, and Registered Geotechnical Engineers) and achieving a peak ACH at a uNVeF of 0.953 with 75% window opening. The results also revealed that lower floors can maintain 1.5 ACH with adjusted window configurations. Using the Wells–Riley model, the estimation results indicated significant airborne disease infection risk reductions of 96.1% at 35/F and 93.4% at 1/F compared to the 1.5 ACH baseline which demonstrates a strong correlation between ACH, uNVeF and infection risks. The uNVeF framework offers a practical approach to optimize natural ventilation and provides actionable guidelines, together with future research on the scope of validity to refine this technique for residents and developers. The implications in the building industry include setting up sustainable design standards, enhancing public health resilience, supporting policy frameworks for energy-efficient urban planning, and potentially driving innovation in high-rise residential construction and retrofitting globally. Full article

Smart healthcare establishes a safe, reliable, and efficient medical information system for the public with the help of the Internet of Things, cloud storage, and other Internet technologies. To enable secure data sharing and case-matching functions in smart healthcare, we construct a revocable identity-based matchmaking encryption with an equality test (RIBME-ET) scheme for smart healthcare. Our scheme not only ensures the confidentiality and authenticity of messages and protects the privacy of users, but also enables a cloud server to perform equality tests on encrypted ciphertexts from different identities to determine whether they contain the same plaintext and protects the confidentiality of data in the system through a user revocation mechanism. Compared with the existing identity-based encryption with equality test (IBEET) and identity-based matchmaking encryption with equality test (IBME-ET) schemes, we have improved the efficiency of the scheme and reduced communication overhead. In addition, the scheme’s security is proven in the random oracle model under the computational bilinear Diffie–Hellman (CBDH) assumption. Finally, the feasibility and effectiveness of the proposed scheme are verified by performance analysis. Full article

5G addresses user privacy concerns in cellular networking by encrypting a subscriber identifier with elliptic-curve-based encryption and then transmitting it as ciphertext known as a Subscriber Concealed Identifier (SUCI). However, an adversary equipped with a quantum computer can break a discrete-logarithm-based elliptic curve algorithm. Consequently, the user privacy in 5G is at stake against quantum attacks. In this paper, we study the incorporation of the post-quantum ciphers in the SUCI calculation both at the user equipment and at the core network, which involves the shared-key exchange and then using the resulting key for the ID encryption. We experiment on different hardware platforms to analyze the PQC key exchange and encryption using NIST-standardized CRYSTALS-Kyber (which is now called an ML-KEM after the standardization selection by NIST). Our analyses focus on the performances and compare the Kyber-based key exchange and encryption with the current (pre-quantum) elliptic curve Diffie–Hellman (ECDH). The performance analyses are critical because mobile networking involves resource-limited and battery-operating mobile devices. We measure and analyze not only the time and CPU-processing performances but also the energy and power performances. Our analyses show that Kyber-512 is the most efficient and even has better performance (i.e., faster computations and lower energy consumption) than ECDH. Full article

The emergence of quantum computing and Shor’s algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum-robust techniques. The NIST has responded by standardising Post-Quantum Cryptography (PQC) algorithms, with ML-KEM (FIPS-203) slated to replace ECDH (Elliptic Curve Diffie-Hellman) for key exchange. A key practical concern for PQC adoption is energy consumption. This paper introduces a new framework for measuring PQC energy consumption on a Raspberry Pi when performing key generation. The framework uses both the available traditional methods and the newly standardised ML-KEM algorithm via the commonly utilised OpenSSL library. Full article

A fuzzy extractor is a foundational cryptographic component that enables the extraction of reproducible and uniformly random strings from sources with inherent noise, such as biometric traits. Reusable fuzzy extractor guarantees the security of multiple extractions from the same noisy source. In addition, although isogeny-based cryptography has become an important branch in post-quantum cryptography, the study of fuzzy extractors based on isogeny assumptions is still in its early stages and holds much room for improvement. In this paper, we give two reusable fuzzy extractor schemes derived from isogeny-based assumptions: one is based on the linear hidden shift assumption over group actions, while the other is built upon the group-action decisional Diffie–Hellman assumption within the isogeny framework. Both proposed constructions achieve post-quantum security and are capable of correcting a linear proportion of errors. They rely solely on fundamental cryptographic primitives, which ensure simplicity and efficiency. Additionally, the second construction is based on restricted effective group action, which is weaker than the effective group action used in the first construction, thereby offering greater practical applicability. Full article

The Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes Bio-2FA-IoD, a novel biometric-enhanced two-factor authentication protocol designed for secure IoD operations. Drawing on established 2FA principles and fuzzy extractor technology, Bio-2FA-IoD achieves strong mutual authentication between an operator (via an operator device), a drone (as a relay), and a ground control station (GCS), supported by a trusted authority. We detail the protocol’s registration and authentication phases, emphasizing reliable biometric key generation. A formal security analysis using BAN logic demonstrates secure belief establishment and key agreement, while a proof sketch under the Bellare–Pointcheval–Rogaway (BPR) model confirms its security against active adversaries in Authenticated Key Exchange (AKE) contexts. Furthermore, a comprehensive performance evaluation conducted using the Contiki OS and Cooja simulator illustrates Bio-2FA-IoD’s superior efficiency in computational and communication costs, alongside very low latency, high packet delivery rate, and minimal energy consumption. This positions it as a highly viable and lightweight solution for resource-constrained IoD environments. Additionally, this paper conceptually explores potential extensions to Bio-2FA-IoD, including the integration of Diffie–Hellman for enhanced perfect forward secrecy and a Sybil-free pseudonym management scheme for improved user anonymity and unlinkability. Full article

Ratchet protocols are a class of secure protocols based on ratcheting encryption mechanisms, widely employed in instant messaging. Against the backdrop of frequent incidents of communication privacy breaches, ratchet protocols have become a vital technology for ensuring secure end-to-end communication. This paper presents a formal analysis framework for ratchet protocols grounded in Logic of Events theory (LoET). We further extend LoET by introducing dedicated Diffie–Hellman (DH) and ratchet event classes, along with tailored axioms and inference rules, to support precise modeling of ratcheted encryption. Using the Signal protocol as a case study, we construct a bidirectional authentication model and rigorously prove that both its symmetric and asymmetric ratchet phases satisfy strong authentication properties. Compared with existing formal approaches, our method enables more expressive modeling of key update sequences and supports structured reasoning over causality and authentication flows. The proposed framework lays a theoretical foundation for analyzing the security of modern ratcheted protocols and holds potential for future automated verification. Full article

In trans-border data (data transferred or accessed across national jurisdictions) exchange scenarios, identity authentication mechanisms serve as critical components for ensuring data security and privacy protection, with their effectiveness directly impacting the compliance and reliability of transnational operations. However, existing identity authentication systems face multiple challenges in trans-border contexts. Firstly, the transnational transfer of identity data struggles to meet the varying data-compliance requirements across different jurisdictions. Secondly, centralized authentication architectures exhibit vulnerabilities in trust chains, where single points of failure may lead to systemic risks. Thirdly, the inefficiency of certificate verification in traditional Public Key Infrastructure (PKI) systems fails to meet the real-time response demands of globalized business operations. These limitations severely constrain real-time identity verification in international business scenarios. To address these issues, this study proposes a trans-border distributed certificate-free identity authentication framework (STALE). The methodology adopts three key innovations. Firstly, it utilizes email addresses as unique user identifiers combined with a Certificateless Public Key Cryptography (CL-PKC) system for key distribution, eliminating both single-point dependency on traditional Certificate Authorities (CAs) and the key escrow issues inherent in Identity-Based Cryptography (IBC). Secondly, an enhanced Elliptic Curve Diffie–Hellman (ECDH) key-exchange protocol is introduced, employing forward-secure session key negotiation to significantly improve communication security in trans-border network environments. Finally, a distributed identity ledger is implemented, using the FISCO BCOS blockchain, enabling decentralized storage and verification of identity information while ensuring data immutability, full traceability, and General Data Protection Regulation (GDPR) compliance. Our experimental results demonstrate that the proposed method exhibits significant advantages in authentication efficiency, communication overhead, and computational cost compared to existing solutions. Full article

Background: Childhood cancer survivors (CCSs) often experience impaired humoral immunity because of cancer treatments that increase their susceptibility to vaccine-preventable diseases. This study aimed to assess the seroprevalence of tetanus and rubella antibodies in CCSs compared to healthy, age-matched controls. Additionally, we explored the impact of cancer treatments on vaccine-induced immunity, examined the extent of revaccination after treatment completion, and evaluated the effectiveness of revaccination on seroprevalence. Methods: This retrospective study included 180 CCSs previously treated at Astrid Lindgren Children’s Hospital, Stockholm, between March 2019 and January 2023. Patient data were retrieved from electronic medical records. Seroprevalence data for rubella and tetanus antibodies in the 15–19-year age group were also obtained from a national seroprevalence study conducted by the Public Health Agency of Sweden. Results: CCSs exhibited significantly lower seroprevalence for both tetanus (77.7% vs. 92.7%) and rubella (79.1% vs. 97.5%) compared to age-matched controls. Revaccination with DTP-containing vaccines was more frequently administered than with the MMR vaccine. Tetanus and rubella seroprevalence were the lowest in children who had received intense chemotherapy. Among those who were revaccinated with the DTP vaccine after intensive treatment, 81 out of 98 (82.6%) had tetanus IgG levels above the threshold, compared to 24 out of 48 (50%) unvaccinated CCSs. In contrast, among those revaccinated with MMR, 57 out of 73 (78.1%) had positive rubella IgG, compared to 53 out of 73 (72.6%) unvaccinated CCSs with rubella IgG levels above the cut-off. Conclusions: Our findings highlight that vaccines are underutilized in CCSs with a notable gap in immunity, particularly among those who have undergone intensive treatments. Unexpectedly, MMR revaccination did not significantly affect rubella immunity. Given the increasing number of CCSs, it is essential to better understand how to effectively restore vaccine immunity in this population. Full article

This study evaluates the effectiveness of augmented reality (AR), using the Microsoft™ HoloLens™™ 2, for identifying and localizing PCB components compared to traditional PDF-based methods. Two experiments examined the influence of user expertise, viewing angles, and component sizes on accuracy and usability. The results indicate that AR improved identification accuracy and user experience for non-experts, although it was slower than traditional methods for experienced users. Optimal performance was achieved at 90° viewing angles, while accuracy declined significantly at oblique angles. Medium-sized components received the highest confidence scores, suggesting favorable visibility and recognition characteristics within this group, though further evaluation with a broader component distribution is warranted. Participant feedback highlighted the system’s intuitive interface and effective guidance, but also noted challenges with marker stability, visual discomfort, and ergonomic limitations. These findings suggest that AR can enhance training and reduce errors in electronics manufacturing, although refinements in marker rendering and user onboarding are necessary to support broader adoption. This research provides empirical evidence on the role of AR in supporting user-centered design and improving task performance in industrial electronics workflows. Full article

This paper investigates the role of solvable and nilpotent Lie algebras in the domains of cryptography and steganography, emphasizing their potential in enhancing security protocols and covert communication methods. In the context of cryptography, we explore their application in public-key infrastructure, secure data verification, and the resolution of commutator-based problems that underpin data protection strategies. In steganography, we examine how the algebraic properties of solvable Lie algebras can be leveraged to embed confidential messages within multimedia content, such as images and video, thereby reinforcing secure communication in dynamic environments. We introduce a key exchange protocol founded on the structural properties of solvable Lie algebras, offering an alternative to traditional number-theoretic approaches. The proposed Lie Exponential Diffie–Hellman Problem (LEDHP) introduces a novel cryptographic challenge based on Lie group structures, offering enhanced security through the complexity of non-commutative algebraic operations. The protocol utilizes the non-commutative nature of Lie brackets and the computational difficulty of certain algebraic problems to ensure secure key agreement between parties. A detailed security analysis is provided, including resistance to classical attacks and discussion of post-quantum considerations. The algebraic complexity inherent to solvable Lie algebras presents promising potential for developing cryptographic protocols resilient to quantum adversaries, positioning these mathematical structures as candidates for future-proof security systems. Additionally, we propose a method for secure message embedding using the Lie algebra in combination with frame deformation techniques in animated objects, offering a novel approach to steganography in motion-based media. Full article

Distributed power trading is becoming the future development trend of electric energy trading, and virtual power plant (VPP), as a kind of aggregated optimization scheme to enhance energy utilization efficiency, has received more and more attention for studying distributed trading among multiple VPPs. However, how to guarantee the economy, credibility, security, and efficiency of distributed transactions is still a key issue to be overcome. To this end, a multi-VPP power sharing trusted transaction strategy based on dual-chain blockchain is proposed. First, a dual-chain blockchain electric energy transaction architecture is proposed. Then, the VPP-independent operation cost model is constructed, based on which, the decision model of multi-VPP electric energy sharing transaction based on Nash negotiation theory is constructed. Again, an improved-Practical Byzantine Fault Tolerant (I-PBFT) consensus algorithm combining the schnorr protocol with the Diffie–Hellman key exchange algorithm and a smart contract for multi-VPP electricity trading are designed to realize trusted, secure, and efficient distributed transactions. Finally, the example results verify the effectiveness of the strategy proposed in this paper. Full article

The development of Vehicle AD Hoc Networks (VANETs) has significantly enhanced the efficiency of intelligent transportation systems. Through real-time communication between vehicles and roadside units (RSUs), the immediate sharing of traffic information has been achieved. However, challenges such as network congestion, data privacy, and low computing efficiency still exist. Data privacy is at risk of leakage due to the sensitivity of vehicle information, especially in a resource-constrained vehicle environment, where computing efficiency becomes a bottleneck restricting the development of VANETs. To address these challenges, this paper proposes a certificateless aggregated signcryption scheme based on edge computing. This scheme integrates online/offline encryption (OOE) technology and a pseudonym mechanism. It not only solves the problem of key escrow, generating part of the private key through collaboration between the user and the Key Generation Center (KGC), but also uses pseudonyms to protect the real identities of the vehicle and RSU, effectively preventing privacy leakage. This scheme eliminates bilinear pairing operations, significantly improves efficiency, and supports conditional traceability and revocation of malicious vehicles while maintaining anonymity. The completeness analysis shows that under the assumptions of calculating the Diffie–Hellman (CDH) and elliptic curve discrete logarithm problem (ECDLP), this scheme can meet the requirements of IND-CCA2 confidentiality and EUF-CMA non-forgeability. The performance evaluation further confirmed that, compared with the existing schemes, this scheme performed well in both computing and communication costs and was highly suitable for the resource-constrained VANET environment. Full article

The increasing interconnectivity of devices on the Internet of Things (IoT) introduces significant security challenges, particularly around authentication and data management. Traditional centralized approaches are not sufficient to address these risks, requiring more robust and decentralized solutions. This paper presents a decentralized authentication protocol leveraging blockchain technology and the IPFS data management framework to provide secure and real-time communication between IoT devices. Using the Ethereum blockchain, smart contracts, elliptic curve cryptography, and ASCON encryption, the proposed protocol ensures the confidentiality, integrity, and availability of sensitive IoT data. The mutual authentication process involves the use of asymmetric key pairs, public key registration on the blockchain, and the Diffie–Hellman key exchange algorithm to establish a shared secret that, combined with a unique identifier, enables secure device verification. Additionally, IPFS is used for secure data storage, with the content identifier (CID) encrypted using ASCON and integrated into the blockchain for traceability and authentication. This integrated approach addresses current IoT security challenges and provides a solid foundation for future applications in decentralized IoT environments. Full article

Ensuring secure communication for mobile patients in e-healthcare requires an efficient and robust key distribution mechanism. This study introduces a novel hierarchical key distribution architecture inspired by federated learning (FL), enabling seamless authentication for patients moving across different healthcare centers. Unlike existing approaches, the proposed system allows a central healthcare authority to share global security parameters with subordinate units, which then combine these with their own local parameters to generate and distribute symmetric keys to mobile patients. This FL-inspired method ensures that patients only need to store a single key, significantly reducing storage overhead while maintaining security. The architecture was rigorously evaluated using SPAN-AVISPA for formal security verification and BAN logic for authentication protocol analysis. Performance metrics—including storage, computation, and communication costs—were assessed, demonstrating that the system minimizes the computational load and reduces the number of exchanged messages during authentication compared to traditional methods. By leveraging FL principles, the solution enhances scalability and efficiency, particularly in dynamic healthcare environments where patients frequently switch between facilities. This work bridges a critical gap in e-healthcare security, offering a lightweight, scalable, and secure key distribution framework tailored for mobile patient authentication. Full article