Search Results (69)

Hierarchical asynchronous federated learning (HAFL) accommodates more real networking and ensures practical communications and efficient aggregations. However, existing HAFL schemes still face challenges in balancing privacy-preserving and robustness. Malicious training nodes may infer the privacy of other training nodes or poison the global model, thereby damaging the system’s robustness. To address these issues, we propose a secure hierarchical asynchronous federated learning (SHAFL) framework. SHAFL organizes training nodes into multiple groups based on their respective gateways. Within each group, the training nodes prevent inference attacks from the gateways and committee nodes via a mask–DP exchange protocol and employ homomorphic encryption (HE) to prevent collusion attacks from other training nodes. Compared with conventional solutions, SHAFL uses noise that can be eliminated to reduce the impact of noise on the global model’s performance, while employing a shuffle model and subsampling to enhance the local model’s privacy-preserving level. At global model aggregation, SHAFL considers both model accuracy and communication delay, effectively reducing the impact of malicious and stale models on system performance. Theoretical analysis and experimental evaluations demonstrate that SHAFL outperforms state-of-the-art solutions in terms of convergence, security, robustness, and privacy-preserving capabilities. Full article

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology provides fine-grained access control capabilities for P2P networks. However, its long-term development has been constrained by three major challenges: the trade-off between computational efficiency and functional completeness, decentralized trust security issues, and the problems of attribute revocation and traceability. This paper proposes a decentralized CP-ABE scheme based on multiple authorities (R-T-D-ABE). By leveraging three core techniques, including threshold distributed key generation, versioned attribute revocation, and identity-key binding verification, the scheme efficiently achieves both revocation and accountability while ensuring resistance against collusion attacks and forward/backward security. Security analysis demonstrates that the proposed scheme satisfies IND-CPA security under the Generic Group Model (GGM). Experimental results indicate that it not only guarantees efficient decentralized encryption and decryption but also realizes the dual functions of revocation and accountability, thereby providing a functionally complete and efficient access control solution for P2P networks. Full article

Blockchain networks face a critical but understudied threat: wave attacks that exploit difficulty adjustment algorithms through strategic mining participation. Adversaries cyclically withdraw and re-enter mining to create oscillations that degrade network liveness and destabilize honest miners’ revenue. We present the first production-ready framework that maintains network responsiveness while enabling robust, post hoc threat detection. The framework employs a statistically rigorous pipeline featuring controller-aligned anomaly detection, transitive collusion grouping via union-find, and Benjamini–Hochberg False Discovery Rate control. We formally prove the economic viability of this architecture: when penalties on unvested rewards are enabled by governance, wave attacks become asymptotically unprofitable for rational adversaries. Evaluated on a 128-node distributed testbed simulating Bitcoin, Ethereum Classic, and Monacoin networks over 30 independent runs, our framework achieves 92.7% F1-score in detecting attacks, significantly outperforming baseline methods (74.7%). This work provides a complete, theoretically-grounded solution for securing proof-of-work blockchains against difficulty manipulation, forming the foundation for the adaptive AI-driven enhancements presented in our companion paper (Part II). Full article

Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often suffer from limited security and functionality, such as lack of verifiability, vulnerability to collusion, and insider keyword-guessing attacks (IKGA), or inefficiency in multi-authority and post-quantum settings, restricting their practical deployment in real-world distributed systems. In this paper, we propose a verifiable ciphertext-policy multi-authority ABKS (MA-CP-ABKS) scheme based on the Module Learning with Errors (MLWE) problem, which provides post-quantum security, verifiability, and resistance to both collusion and IKGA. Moreover, the proposed scheme supports multi-keyword searchability and forward security, enabling secure and efficient keyword search in dynamic environments. We formally prove the correctness, verifiability, completeness, and security of the scheme under the MLWE assumption against selective chosen-keyword attacks (SCKA) in the standard model and IKGA in the random oracle model. The scheme also maintains efficient computation and manageable communication overhead. Implementation results confirm its practical performance, demonstrating that the proposed MA-CP-ABKS scheme offers a secure, verifiable, and efficient solution for multi-organizational cloud environments. Full article

Federated learning has won a lot of interest in recent years, due to its capability in collaborative learning and privacy preservation. To ensure the accuracy of outsourced training tasks, task publishers prefer to assign tasks to task workers with a high reputation. However, existing reputation-based incentive mechanisms assume that task publishers are honest, and only task workers would probably behave dishonestly to pollute the federated learning model. Different from existing work, we argue that task publishers would also behave dishonestly, where they would benefit from colluding with task workers to help task workers obtain a high reputation. In this paper, we propose a collusion-resistant and reliable incentive mechanism for federated learning. First, to measure the credibility of both task publishers and task workers, we devise a novel metric named reliability. Second, we devise a new method to compute the task publisher reliability, which is obtained by computing the deviation of reputation scores given by different task publishers, i.e., low reliability is assigned to a task publisher once its deviation is far away from that of other publishers. Third, we propose a bidirectional reputation calculation method based on the basic uncertain information model to compute reputation and reputation reliability for task workers. Furthermore, by integrating an incentive mechanism, our proposed scheme not only effectively defends against collusion attacks but also ensures that only task workers with high reputation, reputation reliability, and the capability to accomplish complex tasks can win a high reward. Finally, we conduct extensive experiments to verify the efficiency and efficacy of our proposed schemes. The results demonstrate that our proposed schemes are not only collusion-resistant but also achieve 6.31% higher test accuracy compared with the state of the art on the MNIST dataset. Full article

Multiparty quantum private comparison (MQPC) aims to determine the equality relationship of inputs from multiple participants while maintaining the confidentiality of these inputs. Current MQPC protocols primarily focus on utilizing d-level quantum states, which limits feasible implementation. To address this issue, we introduce an MQPC protocol that utilizes n-particle Greenberger–Horne–Zeilinger (GHZ) state to enable private comparison while preserving the secrecy of individual inputs. A semi-honest third party (TP), adhering to protocol specifications but potentially curious about private data, generates and distributes GHZ state qubits to all participants. Each party encodes their secret input through rotation operations on their allocated qubits and returns the modified state to the TP, which then performs single-particle quantum measurements to derive the outcomes without accessing the raw inputs. The protocol’s sequence distribution method yields a high qubit efficiency of 1/n, outperforming many existing MQPC protocols. Security analysis confirms resilience against external adversaries employing quantum attack strategies and collusion attempts among participants. Simulations using IBM Qiskit validate the feasibility of the protocol, which relies on GHZ state preparation, single-qubit operations, and single-particle quantum measurements. Full article

The Internet of Things (IoT) has transformed multiple industries, providing significant potential for automation, efficiency, and enhanced decision-making. The incorporation of IoT and data analytics in smart grid represents a groundbreaking opportunity for the energy sector, delivering substantial advantages in efficiency, sustainability, and customer empowerment. This integration enables smart grids to autonomously monitor energy flows and adjust to fluctuations in energy demand and supply in a flexible and real-time fashion. Statistical analytics, as a fundamental component of data analytics, provides the necessary tools and techniques to uncover patterns, trends, and insights within datasets. Nevertheless, it is crucial to address privacy and security issues to fully maximize the potential of data analytics in smart grids. This paper makes several significant contributions to the literature on secure, privacy-aware aggregation schemes in smart grids. First, we introduce a Fog-enabled Secure Data Analytics Operations (FESDAO) scheme which offers a distributed architecture incorporating robust security features such as secure aggregation, authentication, fault tolerance and resilience against insider threats. The scheme achieves privacy during data aggregation through a modified Boneh-Goh-Nissim cryptographic scheme along with other mechanisms. Second, FESDAO also supports statistical analytics on metering data at the cloud control center and fog node levels. FESDAO ensures reliable aggregation and accurate data analytical results, even in scenarios where smart meters fail to report data, thereby preserving both analytical operation computation accuracy and latency. We further provide comprehensive security analyses to demonstrate that the proposed approach effectively supports data privacy, source authentication, fault tolerance, and resilience against false data injection and replay attacks. Lastly, we offer thorough performance evaluations to illustrate the efficiency of the suggested scheme in comparison to current state-of-the-art schemes, considering encryption, computation, aggregation, decryption, and communication costs. Moreover, a detailed security analysis has been conducted to verify the scheme’s resistance against insider collusion attacks, replay attack, and false data injection (FDI) attack. Full article

This paper proposes an approach based on a secret sharing scheme with the mandatory participation of predefined subgroups. The proposed scheme allows secret reconstruction only when representatives from each designated group of participants (e.g., cloud providers, legally independent parties, etc.) are present. This mechanism enhances resistance to internal collusion, strengthens access control, and enables distributed management. The structure and mathematical foundations of the proposed scheme are presented, along with an analysis of its properties. A cryptanalysis is conducted, evaluating the scheme’s resilience to various types of attacks, and the results are discussed. The computational complexity of the algorithm is also analyzed, and its resource efficiency is confirmed. Full article

Named Data Networking (NDN) represents a promising Information-Centric Networking architecture that addresses limitations of traditional host-centric Internet protocols by emphasizing content names rather than host addresses for communication. While NDN offers advantages in content distribution, mobility support, and built-in security features, its stateful forwarding plane introduces significant vulnerabilities, particularly Interest Flooding Attacks (IFAs). These IFA attacks exploit the Pending Interest Table (PIT) by injecting malicious interest packets for non-existent or unsatisfiable content, leading to resource exhaustion and denial-of-service attacks against legitimate users. This survey examines research advances in IFA detection and mitigation from 2013 to 2024, analyzing seven relevant published detection and mitigation strategies to provide current insights into this evolving security challenge. We establish a taxonomy of attack variants, including Fake Interest, Unsatisfiable Interest, Interest Loop, and Collusive models, while examining their operational characteristics and network performance impacts. Our analysis categorizes defense mechanisms into five primary approaches: rate-limiting strategies, PIT management techniques, machine learning and artificial intelligence methods, reputation-based systems, and blockchain-enabled solutions. These approaches are evaluated for their effectiveness, computational requirements, and deployment feasibility. The survey extends to domain-specific implementations in resource-constrained environments, examining adaptations for Internet of Things deployments, wireless sensor networks, and high-mobility vehicular scenarios. Five critical research directions are proposed: adaptive defense mechanisms against sophisticated attackers, privacy-preserving detection techniques, real-time optimization for edge computing environments, standardized evaluation frameworks, and hybrid approaches combining multiple mitigation strategies. Full article

The rapid expansion of blockchain-based digital asset trading raises new challenges in security, privacy, and efficiency. Although traditional attribute-based encryption (ABE) provides fine-grained access control, it imposes considerable computational overhead and introduces additional vulnerabilities when decryption is outsourced. To address these limitations, we present EBODS, an efficient outsourced decryption framework that combines an optimized ABE scheme with a decentralized blockchain layer. By applying policy matrix optimization and leveraging edge decryption servers, EBODS reduces the public key size by 8% and markedly accelerates computation. Security analysis confirms the strong resistance of EBODS to collusion attacks, making it suitable for resource-constrained digital asset platforms. Full article

As a core enabler of the emerging low-altitude economy, UAV networks face significant security risks during operation, including malicious node infiltration and data tampering. Existing trust management schemes suffer from deficiencies such as strong reliance on infrastructure, insufficient capability for multi-dimensional trust evaluation, and vulnerability to collusion attacks. To address these issues, this paper proposes a group decision-making (GDM)-enabled dynamic trust management method, termed GDM-DTM, for low-altitude UAV networks. GDM-DTM comprises four core parts: Subjective Consistency Evaluation, Objective Consistency Evaluation, Global Consistency Evaluation, and Self-Proof Consistency Evaluation. Furthermore, the method integrates a Dynamic Trust Adjustment Mechanism with multi-attribute trust computation, enabling efficient trust evaluation independent of ground infrastructure and thereby facilitating effective malicious UAV detection. The experimental results demonstrate that under identical conditions with a malicious node ratio of 30%, GDM-DTM achieves an accuracy of 85.04% and an F-score of 91.66%. Compared to the current state-of-the-art methods, this represents an improvement of 6.04 percentage points in accuracy and 3.71 percentage points in F-score. Full article

To solve the fundamental problem of excessive consumption of classical resources and the simultaneous security vulnerabilities in semi-quantum dialogue systems, a multi-party controlled semi-quantum dialogue protocol based on hyperentangled Bell states is proposed. A single controlling party is vulnerable to information compromise due to tampering or betrayal; the multi-party controlled mechanism (Charlie₁ to Charlie_n) in this protocol establishes a distributed trust model. It mandates collective authorization from all controlling parties, significantly enhancing its robust resilience against untrustworthy controllers or collusion attacks. The classical participant Bob uses an adaptive Huffman compression algorithm to provide a framework for information transmission. This encoding mechanism assigns values to each character by constructing a Huffman tree, generating optimal prefix codes that significantly optimize the storage space complexity for the classical participant. By integrating the “immediate measurement and transmission” mechanism into the multi-party controlled semi-quantum dialogue protocol and coupling it with Huffman compression coding technology, this framework enables classical parties to execute encoding and decoding operations. The security of this protocol is rigorously proven through information-theoretic analysis and shows that it is resistant to common attacks. Furthermore, even in the presence of malicious controlling parties, this protocol robustly safeguards secret information against theft. The efficiency analysis shows that the proposed protocol provides benefits such as high communication efficiency and lower resource consumption for classical participants. Full article

Threshold Multi-Party Private Set Intersection (TMP-PSI) is a cryptographic protocol that enables an element from the receiver’s set to be included in the intersection result if it appears in the sets of at least $t-1$ other participants, where t represents the threshold. This protocol is crucial for a variety of applications, such as anonymous electronic voting, online ride-sharing, and close-contact tracing programs. However, most existing TMP-PSI schemes are designed based on threshold homomorphic encryption, which faces significant challenges, including low computational efficiency and a high number of communication rounds. To overcome these limitations, this study introduces the Threshold Oblivious Pseudo-Random Function (tOPRF) to fulfill the requirements of threshold encryption and decryption. Additionally, we extend the concept of the Oblivious Programmable Pseudo-Random Function (OPPRF) to develop a novel cryptographic primitive termed the Partially OPPRF (P-OPPRF). This new primitive retains the critical properties of obliviousness and randomness, along with the security assurances inherited from the OPPRF, while also offering strong resistance against malicious adversaries. Leveraging this primitive, we propose the first malicious-secure TMP-PSI protocol, named QMP-PSI, specifically designed for applications like anonymous electronic voting systems. The protocol effectively counters collusion attacks among multiple parties, ensuring robust security in multi-party environments. To further enhance voting efficiency, this work presents a cloud-assisted QMP-PSI to outsource the computationally intensive phases. This ensures that the computational overhead for participants is solely dependent on the set size and statistical security parameters, thereby maintaining security while significantly reducing the computational burden on voting participants. Finally, this work validates the protocol’s performance through extensive experiments under various set sizes, participant numbers, and threshold values. The results demonstrate that the protocol surpasses existing schemes, achieving state-of-the-art (SOTA) performance in communication overhead. Notably, in small-scale voting scenarios, it exhibits exceptional performance, particularly when the threshold is small or close to the number of participants. Full article

These days, wireless sensor networks (WSNs) are expanding fast and are used in many fields such as healthcare, battlefields, etc. Depending upon the type of sensor, they are transmitting a considerable amount of data in a short duration, so security is a significant issue while transferring the data. So, it is essential to solve security concerns while transferring data by secure routing in wireless sensor networks. We address this challenge by proposing Trusted Energy-Aware Hierarchical Routing (TEAHR), a new framework for a multi-level trust assessment that raises the security level in WSNs. TEAHR introduces a variety of trust metrics ranging from energy trust to forwarding trust to consistency trust to behavioral trust to anomaly detection, unlike existing models, enabling it to effectively address the challenges of dynamic network topologies and evolving cyber threats. Trust-based routing mechanisms are usually associated with high computation and storage complexity and susceptibility to collusive attacks such as spoofing. The mechanism in TEAHR overcomes these challenges by placing an adaptive trust assessment mechanism that adapts to the background network conditions and real-time activities of the nodes. We show through empirical analysis in this paper that TEAHR not only uses computational and storage resources efficiently but also enhances network performance and security. Our experimental setup presents the simulation approach to prove our proposed protocol of TEAHR in comparison with typical trust models under different scenarios of node mobility, variable node density, and sophisticated security attacks such as Sybil, wormhole, and replay attacks. TEAHR keeps the network connected, even when the nodes are isolated due to trust misbehavior, and demonstrates that widely it reduces the chances of misjudgment in trust evaluation. Moreover, we explore the scalability of TEAHR across large networks as well as its performance in computationally constrained contexts. We have verified through our detailed investigation that the energy metrics used uniquely in TEAHR extend the life of the network while increasing data routing trust and trustworthiness. The comparisons of TEAHR with conventional techniques show that the proposed algorithm reduces total latency by 15%, enhances energy efficiency by around 20%, and maintains a stable packet forwarding rate, which is highly desirable for accurate operation in adversarial environments, as demonstrated through comparative analysis. Through in-depth theoretical and practical analysis, TEAHR is confirmed as a high-performance framework that outperforms currently existing studies for WSN security, making TEAHR a strong candidate for use in industrial IoT applications and urban sensor networks. Full article

As an important branch of machine learning, federated learning still suffers from statistical heterogeneity. Therefore, personalized federated learning (PFL) is proposed to deal with this obstacle. However, the privacy of local and global gradients is still under threat in the scope of PFL. Additionally, the correctness of the aggregated result is unable to be identified. Therefore, we propose a secure and verifiable personalized federated learning protocol that could protect privacy using homomorphic encryption and verify the aggregated result using Lagrange interpolation and commitment. Furthermore, it could resist the collusion attacks performed by servers and clients who try to pass verification. Comprehensive theoretical analysis is provided to verify our protocol’s security. Extensive experiments on MNIST, Fashion-MNIST and CIFAR-10 are carried out to demonstrate the effectiveness of our protocol. Our model achieved accuracies of 88.25% in CIFAR-10, 99.01% in MNIST and 96.29% in Fashion-MNIST. The results show that our protocol could improve security while maintaining the classification accuracy of the training model. Full article