Search Results (401)

Quantum network correlations are crucial for long-distance quantum communication, quantum cryptography, and distributed quantum computing. Detecting network steering is particularly challenging in complex network structures. We have studied the steering inequality criteria for a 2-forked 3-layer tree-shaped network. Assuming the first and third layers are trusted and the second layer is untrusted, we derived a steering inequality criterion using the correlation matrix between trusted and untrusted observables. In particular, we apply the steering criterion to three classes of measurements which are of special significance: local orthogonal observables, mutually unbiased measurements, and general symmetric informationally complete measurements. We further illustrate the effectiveness of our method through an example. Full article

The IoE forms the foundation of the modern digital ecosystem by enabling seamless connectivity and data exchange among smart devices, sensors, and systems. However, the inherent nature of this structure, characterized by high heterogeneity, distribution, and resource constraints, renders traditional security approaches insufficient in areas such as data privacy, authentication, access control, and scalable protection. Moreover, centralized security systems face increasing fragility due to single points of failure, various AI-based attacks, including adversarial learning, model poisoning, and deepfakes, and the rising threat of quantum computers to encryption protocols. This study systematically examines the individual and integrated solution potentials of technologies such as Blockchain, Edge Computing, Artificial Intelligence, and Quantum-Resilient Cryptography within the scope of IoE security. Comparative analyses are provided based on metrics such as energy consumption, latency, computational load, and security level, while centralized and decentralized models are evaluated through a multi-layered security lens. In addition to the proposed multi-layered architecture, the study also structures solution methods and technology integrations specific to IoE environments. Classifications, architectural proposals, and the balance between performance and security are addressed from both theoretical and practical perspectives. Furthermore, a future vision is presented regarding federated learning-based privacy-preserving AI solutions, post-quantum digital signatures, and lightweight consensus algorithms. In this context, the study reveals existing vulnerabilities through an interdisciplinary approach and proposes a holistic framework for sustainable, scalable, and quantum-compatible IoE security. Full article

As medical technology develops and digital demands grow, personal health records (PHRs) are becoming more patient-centered than before based on cloud-based health information exchanges. While enhancing data accessibility and sharing, these systems present privacy and security issues, including data breaches and unauthorized access. We developed a post-quantum, group-oriented encryption scheme using the Crystal-Kyber Key encapsulation mechanism (KEM). Leveraging lattice-based post-quantum cryptography, this scheme ensures quantum resilience and chosen ciphertext attack security for layered cloud PHR environments. It supports four encryption modes: individual, group, subgroup-specific, and authorized subgroup decryption, meeting diverse data access needs. With efficient key management requiring only one private key per user, the developed scheme strengthens the privacy and security of PHRs in a future-proof, flexible, and scalable manner. Full article

Today, blockchain technologies are a separate, rapidly developing area. With rapid development, they open up a number of scientific problems. One of these problems is the problem of reliability, which is primarily associated with the use of cryptographic primitives. The threat of the emergence of quantum computers is now widely discussed, in connection with which the direction of post-quantum cryptography is actively developing. Nevertheless, the most popular blockchain platforms (such as Bitcoin and Ethereum) use asymmetric cryptography based on elliptic curves. Here, cryptographic primitives for blockchain systems are divided into four groups according to their functionality: keyless, single-key, dual-key, and hybrid. The main attention in the work is paid to the most significant cryptographic primitives for blockchain systems: keyless and single-key. This manuscript discusses possible scenarios in which, during practical implementation, the mathematical foundations embedded in the algorithms for generating a digital signature and encrypting data using algorithms based on elliptic curves are violated. In this case, vulnerabilities arise that can lead to the compromise of a private key or a substitution of a digital signature. We consider cases of vulnerabilities in a blockchain system due to incorrect use of a cryptographic primitive, describe the problem, formulate the problem statement, and assess its complexity for each case. For each case, strict calculations of the maximum computational costs are given when the conditions of the case under consideration are met. Among other things, we present a new version of the encryption algorithm for data stored in blockchain systems or transmitted between blockchain systems using elliptic curves. This algorithm is not the main blockchain algorithm and is not included in the core of modern blockchain systems. This algorithm allows the use of the same keys that system users have in order to store sensitive user data in an open blockchain database in encrypted form. At the same time, possible vulnerabilities that may arise from incorrect implementation of this algorithm are considered. The scenarios formulated in the article can be used to test the reliability of both newly created blockchain platforms and to study long-existing ones. Full article

Identity-based cryptography introduced by Shamir (Crypto’84) has seen many advances through the years. In the context of post-quantum identity-based schemes, most of the efficient designs are based on lattices. In this work, we propose an identity-based identification (IBI) scheme and an identity-based signature (IBS) scheme based on codes. Our design combines the hash-and-sign signature scheme, Wave, with a Stern-like signature scheme, BGKM-SIG1, instantiated over a ternary field using the large-weight Syndrome Decoding Problem (SDP). Our scheme significantly outperforms existing code-based identity-based signature constructions. Full article

The advent of quantum computing poses an existential threat to the security of cloud services that handle sensitive visual data. Simultaneously, the need for computational privacy requires the ability to process data without exposing it to the cloud provider. This paper introduces and evaluates a hybrid quantum-resistant framework that addresses both challenges by integrating NIST-standardized post-quantum cryptography with optimized fully homomorphic encryption (FHE). Our solution uses CRYSTALS-Kyber for secure channel establishment and the CKKS FHE scheme with SIMD batching to perform image processing tasks on a cloud server without ever decrypting the image. This work provides a comprehensive performance analysis of the complete, end-to-end system. Our empirical evaluation demonstrates the framework’s practicality, detailing the sub-millisecond PQC setup costs and the amortized transfer of 33.83 MB of public FHE materials. The operational performance shows remarkable scalability, with server-side computations and client-side decryption completing within low single-digit milliseconds. By providing a detailed analysis of a viable and efficient architecture, this framework establishes a practical foundation for the next generation of privacy-preserving cloud applications. Full article

This article investigates the Q-Problem, a novel theoretical framework for post-quantum cryptography. It aims to redefine cryptographic hardness by moving away from problems with unique solutions toward problems that admit multiple indistinguishable preimages. This shift is motivated by the structural vulnerabilities that quantum algorithms may exploit in traditional formulations. To support this paradigm, we define new cryptographic primitives and security notions, including Q-Indistinguishability, Long-Term Secrecy, and a spectrum of Q-Secrecy levels. The methodology formalizes the Q-Problem as a system of expressions, called Q-expressions, that must satisfy a set of indistinguishability and reduction properties. We also propose a taxonomy of its models, including Connected/Disconnected, Totally/Partly, Fully/Partially Probabilistic, Perfect, and Ideal Q-Problem variants. These models illustrate the versatility across a range of cryptographic settings. By abstracting hardness through indistinguishability rather than solvability, Q-Problem offers a new direction for designing cryptographic protocols resilient to future quantum attacks. This foundational framework provides the foundations for long-term, composable, and structure-aware security in the quantum era. Full article

With the development of a quantum computer in the near future, classical public-key cryptography will face the challenge of being vulnerable to quantum algorithms, such as Shor’s algorithm. As communication technology advances rapidly, a great deal of personal information is being transmitted over the Internet. Based on our observation that the Kyber algorithm exhibits a significant number of idle cycles during execution when implemented following the conventional software procedure, this paper proposes a high-throughput scheduling for Kyber by parallelizing the SHA-3 function, the sampling algorithm, and the NTT computations to improve hardware utilization and reduce latency. We also introduce the 8-stage pipelined SHA-3 architecture and multi-mode polynomial arithmetic module to increase area efficiency. By also optimizing the hardware architecture of the various computational modules used by Kyber, according to the implementation result, an aggregate throughput of 877.192 kOPS in Kyber KEM can be achieved on TSMC 40 nm. In addition, our design not only achieves the highest throughput among existing studies but also improves the area and power efficiencies. Full article

Secure communication is critically dependent on high-speed and high-security quantum random number generation (QRNG). In this work, we present a responsive approach to enhance the efficiency and security of QRNG by leveraging polarization-controlled heterodyne detection to simultaneously measure the quadrature amplitude and phase fluctuations of vacuum shot noise. To address the practical non-idealities inherent in QRNG systems, we investigate the critical impacts of imbalanced heterodyne detection, amplitude–phase overlap, finite-size effects, and security parameters on quantum conditional min-entropy derived from the entropy uncertainty principle. It effectively mitigates the overestimation of randomness and fortifies the system against potential eavesdropping attacks. For a high-security parameter of ${10}^{-20}$, QRNG achieves a true random bit extraction ratio of 83.16% with a corresponding real-time speed of 37.25 Gbps following a 16-bit analog-to-digital converter quantization and 1.4 GHz bandwidth extraction. Furthermore, we develop a deep convolutional neural network for rapid and accurate entropy evaluation. The entropy evaluation of 13,473 sets of quadrature data is processed in 68.89 s with a mean absolute percentage error of 0.004, achieving an acceleration of two orders of magnitude in evaluation speed. Extracting the shot noise with full detection bandwidth, the generation rate of QRNG using dual-quadrature heterodyne detection exceeds 85 Gbps. The research contributes to advancing the practical deployment of QRNG and expediting rapid entropy assessment. Full article

In device-independent (DI) quantum protocols, security statements are agnostic to the internal workings of the quantum devices—they rely solely on classical interactions with the devices and specific assumptions. Traditionally, such protocols are set in a non-local scenario, where two non-communicating devices exhibit Bell inequality violations. Recently, a new class of DI protocols has emerged that requires only a single device. In this setting, the assumption of no communication is replaced by a computational one: the device cannot solve certain post-quantum cryptographic problems. Protocols developed in this single-device computational setting—such as for randomness certification—have relied on ad hoc techniques, making their guarantees difficult to compare and generalize. In this work, we introduce a modular proof framework inspired by techniques from the non-local DI literature. Our approach combines tools from quantum information theory, including entropic uncertainty relations and the entropy accumulation theorem, to yield both conceptual clarity and quantitative security guarantees. This framework provides a foundation for systematically analyzing DI protocols in the single-device setting under computational assumptions. It enables the design and security proof of future protocols for DI randomness generation, expansion, amplification, and key distribution, grounded in post-quantum cryptographic hardness. Full article

This paper presents the design and implementation of an Internet-based instant messaging application that leverages post-quantum cryptographic algorithms founded on isogenies of elliptic curves. The system employs the CSIDH cryptosystem for key exchange and SeaSign for digital signatures, integrating these with the X3DH and Double-Ratchet protocols to enable end-to-end encryption for both text messages and binary file transfers. Key generation is supported for new users upon registration, ensuring robust cryptographic foundations from the outset. The performance of the CSIDH and SeaSign algorithms is evaluated at various security levels using a Python-based prototype, providing practical benchmarks. By combining isogeny-based cryptographic schemes with widely adopted secure messaging protocols, this work presents an illustration of a selected quantum-resistant communication solution and offers insights into the feasibility and practicality of deploying such protocols in real-world applications. Full article

5G addresses user privacy concerns in cellular networking by encrypting a subscriber identifier with elliptic-curve-based encryption and then transmitting it as ciphertext known as a Subscriber Concealed Identifier (SUCI). However, an adversary equipped with a quantum computer can break a discrete-logarithm-based elliptic curve algorithm. Consequently, the user privacy in 5G is at stake against quantum attacks. In this paper, we study the incorporation of the post-quantum ciphers in the SUCI calculation both at the user equipment and at the core network, which involves the shared-key exchange and then using the resulting key for the ID encryption. We experiment on different hardware platforms to analyze the PQC key exchange and encryption using NIST-standardized CRYSTALS-Kyber (which is now called an ML-KEM after the standardization selection by NIST). Our analyses focus on the performances and compare the Kyber-based key exchange and encryption with the current (pre-quantum) elliptic curve Diffie–Hellman (ECDH). The performance analyses are critical because mobile networking involves resource-limited and battery-operating mobile devices. We measure and analyze not only the time and CPU-processing performances but also the energy and power performances. Our analyses show that Kyber-512 is the most efficient and even has better performance (i.e., faster computations and lower energy consumption) than ECDH. Full article

Off-chain payments in the Internet of Things (IoT) enhance the efficiency and scalability of blockchain transactions. However, existing privacy mechanisms face challenges, such as the disclosure of payment channels and transaction traceability. Additionally, the rise of quantum computing threatens traditional public key cryptography, making the development of post-quantum secure methods for privacy protection essential. This paper proposes a post-quantum ring signature scheme based on hash functions that can be applied to off-chain payments, enhancing both anonymity and linkability. The scheme is designed to resist quantum attacks through the use of hash-based signatures and to prevent double spending via its linkable properties. Furthermore, the paper introduces an improved Hash Time-Locked Contract (HTLC) that incorporates a Signature of Knowledge (SOK) to conceal the payment path and strengthen privacy protection. Security analysis and experimental evaluations demonstrate that the system strikes a favorable balance between privacy, computational efficiency, and security. Notably, the efficiency benefits of basic signature verification are particularly evident, offering new insights into privacy protection for post-quantum secure blockchain. Full article

The multi-factor authentication (MFA) protocol requires users to provide a combination of a password, a smart card and biometric data as verification factors to gain access to the services they need. In a single-server MFA system, users accessing multiple distinct servers must register separately for each server, manage multiple smart cards, and remember numerous passwords. In contrast, an MFA system designed for multi-server architecture allows users to register once at a registration center (RC) and then access all associated servers with a single smart card and one password. MFA with an offline RC addresses the computational bottleneck and single-point failure issues associated with the RC. In this paper, we propose a post-quantum secure MFA protocol for a multi-server architecture with an offline RC. Our MFA protocol utilizes the post-quantum secure Kyber key encapsulation mechanism and an information-theoretically secure fuzzy extractor as its building blocks. We formally prove the post-quantum semantic security of our MFA protocol under the real or random (ROR) model in the random oracle paradigm. Compared to related protocols, our protocol achieves higher efficiency and maintains reasonable communication overhead. Full article

This paper presents a novel approach to enhancing the security of error correction in quantum key distribution by introducing randomization into the update rule of Tree Parity Machines. Two dynamic update algorithms—dynamic_rows and dynamic_matrix—are proposed and tested. These algorithms select the update rule quasi-randomly based on the input vector, reducing the effectiveness of synchronization-based attacks. A series of simulations were conducted to evaluate the security implications under various configurations, including different values of K, N, and L parameters of neural networks. The results demonstrate that the proposed dynamic algorithms can significantly reduce the attacker’s synchronization success rate without requiring additional communication overhead. Both proposed solutions outperformed hebbian, an update rule-based synchronization method utilizing the percentage of attackers synchronization. It has also been shown that when the attacker chooses their update rule randomly, the dynamic approaches work better compared to random walk rule-based synchronization, and that in most cases it is more profitable to use dynamic update rules when an attacker is using random walk. This study contributes to improving QKD’s robustness by introducing adaptive neural-based error correction mechanisms. Full article