Search Results (64)

Provable data possession (PDP) is a technique that enables the verification of data integrity in cloud storage without the need to download the data. PDP schemes are generally categorized into public and private verification. Public verification allows third parties to assess the integrity of outsourced data, offering good openness and flexibility, but it may lead to privacy leakage and security risks. In contrast, private verification restricts the auditing capability to the data owner, providing better privacy protection but often resulting in higher verification costs and operational complexity due to limited local resources. Moreover, most existing PDP schemes are based on classical number-theoretic assumptions, making them vulnerable to quantum attacks. To address these challenges, this paper proposes an identity-based PDP with a designated verifier over lattices, utilizing a specially leveled identity-based fully homomorphic signature (IB-FHS) scheme. We provide a formal security proof of the proposed scheme under the small-integer solution (SIS) and learning with errors (LWE) within the random oracle model. Theoretical analysis confirms that the scheme achieves security guarantees while maintaining practical feasibility. Furthermore, simulation-based experiments show that for a 1 MB file and lattice dimension of n = 128, the computation times for core algorithms such as TagGen, GenProof, and CheckProof are approximately 20.76 s, 13.75 s, and 3.33 s, respectively. Compared to existing lattice-based PDP schemes, the proposed scheme introduces additional overhead due to the designated verifier mechanism; however, it achieves a well-balanced optimization among functionality, security, and efficiency. Full article

With the increasing integration of augmented reality (AR) in various applications, ensuring secure access and content authenticity has become a critical challenge. This paper proposes an innovative and robust authentication framework for protecting AR multimedia content through a hash-based data-hiding technique. Leveraging the Discrete Wavelet Transform (DWT) in the YCbCr color space, the method embeds multiple cryptographic hash signatures directly into the AR visual data. This design not only utilizes the symmetric property between two consecutive AR contents but also allows users to verify the connectivity between two AR digital contents by checking the embedded hash values. These embedded signatures support hierarchical, multi-level authentication, verifying not only the integrity and authenticity of individual AR objects but also their contextual relationships within the AR environment. The proposed system exhibits exceptional resilience to tampering, effectively identifying whether two consecutive e-pages in the AR content have been altered, while preserving high perceptual quality with PSNR values above 45 dB and SSIM scores consistently exceeding 0.98. This work presents a practical, real-time solution for enhancing AR content security, contributing significantly to the advancement of secure multimedia systems in next-generation interactive platforms. Full article

The k-nearest- neighbor (kNN) algorithm is crucial in data mining and machine learning, yet its deployment on large-scale datasets within cloud environments presents significant security and efficiency challenges. This paper is dedicated to advancing the resolution of these challenges and presents novel contributions to the development of efficient and secure exact kNN query schemes tailored for spatial datasets in cloud-based location services. Addressing existing limitations, our approach focuses on accelerating query processing while ensuring robust privacy preservation and public verifiability. Key contributions include the establishment of a formal framework underpinned by stringent security definitions, providing a solid groundwork for future advancements. Leveraging Paillier’s homomorphic cryptosystem and public-key signature techniques, our design achieves heightened security by safeguarding databases, query access patterns, and result integrity while enabling public verification. Additionally, our scheme enhances computational efficiency through optimized data-packing techniques and simplified Voronoi diagram-based ciphertext index construction, leading to substantial savings in computational and communication overheads. Rigorous and transparent theoretical analysis substantiates the correctness, security, and efficiency of our design, while comprehensive experimental evaluations confirm the effectiveness of our approach, showcasing its practical applicability and scalability across datasets of varying scales. Full article

Multi-signature applications allow multiple signers to collaboratively generate a single signature on the same message, which is widely applied in blockchain to reduce the percentage of signatures in blocks and improve the throughput of transactions. The k-sum attacks are one of the major challenges in designing secure multi-signature schemes. In this work, we address k-sum attacks from a novel angle by defining a Public Third Party (PTP), which is an automatic process that can be verifiable by the public and restricts the signing phase from continuing until receiving commitments from all signers. Further, a two-round multi-signature scheme HEMS with PTP is proposed, which is secure based on the discrete logarithm assumption in the random oracle model. As each signer communicates directly with the PTP instead of other co-signers, the total amount of communication is significantly reduced. In addition, as PTP participates in the computation of the aggregation and signing algorithms, the computation cost left for each signer and verifier remains the same as the basis Schnorr signature. To the best of our knowledge, this is the high efficiency that a Schnorr-based multi-signature scheme can achieve. Further, HEMS is applied in a blockchain platform, e.g., Fabric, to improve transaction efficiency. Full article

How can the shape of biodiversity inform us about cities’ ecoclimatic fitness and guide their development? Can we use species as the harbingers of climatic extremes? Eco-climatically sensitive species carry information about hydroclimatic change in their distribution, fitness, and preferential gradients of habitat suitability. Conversely, environmental features outside of the species’ fitness convey information on potential ecological anomalies in response to extremes to adapt or mitigate, such as through urban parks. Here, to quantify ecosystems’ fitness, we propose a novel computational model to extract multivariate functional ecological networks and their basins, which carry the distributed signature of the compounding hydroclimatic pressures on sentinel species. Specifically, we consider butterflies and their habitat suitability (HS) to infer maximum suitability gradients that are meaningful of potential species networks and flows, with the smallest hydroclimatic resistance across urban landscapes. These flows are compared to the distribution of urban parks to identify parks’ ecological attractiveness, actual and potential connectivity, and park potential to reduce hydroclimatic impacts. The ecosystem fitness index (EFI) is novelly introduced by combining HS and the divergence of the relative species abundance (RSA) from the optimal log-normal Preston plot. In Shenzhen, as a case study, eco-flow networks are found to be spatially very extended, scale-free, and clustering for low HS gradient and EFI areas, where large water bodies act as sources of ecological corridors draining into urban parks. Conversely, parks with higher HS, HS gradients, and EFIs have small-world connectivity non-overlapping with hydrological networks. Diverging patterns of abundance and richness are inferred as increasing and decreasing with HS. HS is largely determined by temperature and precipitation of the coldest quarter and seasonality, which are critical hydrologic variables. Interestingly, a U-shape pattern is found between abundance and diversity, similar to the one in natural ecosystems. Additionally, both abundance and richness are mildly associated with park area according to a power function, unrelated to longitude but linked to the degree of urbanization or park centrality, counterintuitively. The Preston plot’s richness–abundance and abundance-rank patterns were verified to reflect the stationarity or ecological meta-equilibrium with the environment, where both are a reflection of community connectivity. Ecological fitness is grounded on the ecohydrological structure and flows where maximum HS gradients are indicative of the largest eco-changes like climate-driven species flows. These flows, as distributed stress-response functions, inform about the collective eco-fitness of communities, like parks in cities. Flow-based networks can serve as blueprints for designing ecotones that regulate key ecosystem functions, such as temperature and evapotranspiration, while generating cascading ecological benefits across scales. The proposed model, novelly infers HS eco-networks and calculates the EFI, is adaptable to diverse sensitive species and environmental layers, offering a robust tool for precise ecosystem assessment and design. Full article

The growing adoption of smart grid systems presents significant advancements in the efficiency of energy distribution, along with enhanced monitoring and control capabilities. However, the interconnected and distributed nature of these systems also introduces critical security vulnerabilities that must be addressed. This study proposes a secure communication protocol specifically designed for smart grid environments, focusing on authentication, secret key establishment, symmetric encryption, and hash-based message authentication to provide confidentiality and integrity for communication in smart grid environments. The proposed protocol employs the Elliptic Curve Digital Signature Algorithm (ECDSA) for authentication, Elliptic Curve Diffie–Hellman (ECDH) for secure key exchange, and Advanced Encryption Standard 256 (AES-256) encryption to protect data transmissions. The protocol follows a structured sequence: (1) authentication—verifying smart grid devices using digital signatures; (2) key establishment—generating and securely exchanging cryptographic keys; and (3) secure communication—encrypting and transmitting/receiving data. An experimental framework has been established to evaluate the protocol’s performance under realistic operational conditions, assessing metrics such as time, throughput, power, and failure recovery. The experimental results show that the protocol completes one server–client request in 3.469 ms for a desktop client and 41.14 ms for a microcontroller client and achieves a throughput of 288.27 requests/s and 24.30 requests/s, respectively. Furthermore, the average power consumed by the protocol is 37.77 watts. The results also show that the proposed protocol is able to recover from transient network disruptions and sustain secure communication. Full article

The implementation of universal designated verifier signatures proofs (UDVSPs) enhances data privacy and security in various digital communication systems. However, practical applications of UDVSP face challenges such as high computational overhead, onerous certificate management, and complex public key initialization. These issues hinder UDVSP adoption in daily life. To address these limitations, existing solutions attempt to eliminate bilinear pairing operations, but their proposal still involves cumbersome certificate management and inherent interactive operations that can sometimes significantly degrade system efficiency. In this paper, we first utilize the identity-based (ID-based) SM2 digital signature scheme to construct an ID-based UDVSP system which sidesteps the cumbersome certificate management issue. To further remove the interactive requirement, we also employ the OR proof and Fiat–Shamir technologies to design the other ID-based UDVSP system. Our designs not only possess the same bilinear pairing-free advantage as Lin et al.’s proposal, but also achieve the certificate-free or non-interactive goals. Security proofs and performance analysis confirm the viability and efficiency of our systems. Full article

With the increasing emphasis on safeguarding maritime sovereignty and developing marine resources, the security of underwater acoustic communication has risen to a new level of importance. Given the complex environmental challenges faced by underwater acoustic channels, this paper proposes an NTRU-based key encapsulation scheme designed to ensure secure and reliable underwater data transmission, while maintaining privacy and integrity. In the public–private key pair generation phase, a ring sampling technique is employed to generate a compact NTRU trapdoor, which not only guarantees security but also effectively reduces the communication overhead. During the encapsulation phase, underwater acoustic channel characteristics during communication are introduced as temporary identity information to ensure the confidentiality and reliability of the key encapsulation mechanism. Furthermore, the traditional key encapsulation mechanism is extended by integrating a digital signature process, where the encapsulated ciphertext is signed. The use of digital signature technology verifies the authenticity and integrity of the transmitted data, ensuring that communication data remain secure and unaltered in complex underwater acoustic environments. Finally, we conduct a rigorous correctness analysis and security proofs, demonstrating that the proposed scheme achieves chosen ciphertext security, while meeting the demands of low bandwidth and limited computational capacity in underwater acoustic communication. Full article

In the field of bookbinding, accurately and efficiently detecting signature sequences during the binding process is crucial for enhancing quality, improving production efficiency, and advancing industrial automation. Despite significant advancements in object detection technology, verifying the correctness of signature sequences remains challenging due to the small size, dense distribution, and abundance of low-quality signature marks. To tackle these challenges, we introduce the Book Signature Marks Detection (BSMD-YOLOv8) model, specifically designed for scenarios involving small, closely spaced objects such as signature marks. Our proposed backbone, the Lightweight Multi-scale Residual Network (LMRNet), achieves a lightweight network while enhancing the accuracy of small object detection. To address the issue of insufficient fusion of local and global feature information in PANet, we design the Low-stage gather-and-distribute (Low-GD) module and the High-stage gather-and-distribute (High-GD) module to enhance the model’s multi-scale feature fusion capabilities, thereby refining the integration of local and global features of signature marks. Furthermore, we introduce Wise-IoU (WIoU) as a replacement for CIoU, prioritizing anchor boxes with moderate quality and mitigating harmful gradients from low-quality examples. Experimental results demonstrate that, compared to YOLOv8n, BSMD-YOLOv8 reduces the number of parameters by 65%, increases the frame rate by 7 FPS, and enhances accuracy, recall, and mAP50 by 2.2%, 8.6%, and 3.9% respectively, achieving rapid and accurate detection of signature marks. Full article

This paper presents an advanced Controller Area Network (CAN) bus transceiver designed to enhance security using frame-level authentication with the concept of a nonphysical virtual auxiliary data channel. We describe the newly conceived transceiver security features and provide results concerning the design, implementation, fabrication and test of the transceiver to validate its functionality and robust operation in the presence of systemic error sources including Process, Voltage, and Temperature (PVT) variations. The virtual auxiliary channel integrates CAN frame authentication signatures into the primary data payload via phase modulation while also providing compatibility with existing CAN protocols, interoperability with non-enhanced systems and requiring no network or software modifications. Enhanced rail converters are designed to facilitate single-rail to dual-rail data conversion and vice versa, preserving phase information and minimizing phase errors across various nonideal effects such as frequency drift, Process, Voltage, and Temperature (PVT) variations, and cable phase mismatch. This ensures reliable data transmission and robust authentication in the presence of adversarial cyberattacks such as packet injection. The receiver recovers both the CAN frame data and the security signature, comparing the latter with an authorized signature to provide a real-time “GO/NO_GO” signal for verifying packet authenticity and without exceeding the CAN clock jitter specifications. Full article

This research paper explores the CONIKS key management system’s security and efficiency, a system designed to ensure transparency and privacy in cryptographic operations. We conducted a comprehensive analysis of the underlying mathematical principles, focusing on cryptographic hash functions and digital signature schemes, and their implementation in the CONIKS model. Through the use of Merkle trees, we verified the integrity of the system, while zero-knowledge proofs were utilized to ensure the confidentiality of key bindings. We conducted experimental evaluations to measure the performance of cryptographic operations like key generation, signing, and verification with varying key sizes and compared the results against theoretical expectations. Our findings demonstrate that the system performs as predicted by cryptographic theory, with only minor deviations in computational time complexities. The analysis also reveals significant trade-offs between security and efficiency, particularly when larger key sizes are used. These results confirm that the CONIKS system offers a robust framework for secure and efficient key management, highlighting its potential for real-world applications in secure communication systems. Full article

We propose an innovative approach called SMPTC³, designed specifically to enhance security and privacy in cross-chain transaction verification. This approach addresses multi-chain, multi-participant information exchange and large-scale cross-chain transfers, resisting various types of malicious attacks. We leverage the verifiability of cross-chain transactions based on smart contracts and innovatively transform transaction information into confidential sets, organizing them into quadratic secret polynomials. By utilizing secret sharing and random distribution techniques, we construct a secure multiparty computation method, tailored for cross-chain transactions. To enhance the efficiency of cross-chain transactions, we introduce cross-chain batch processing technology, grouping inter-chain transactions into cross-chain transaction sets. Unlike traditional distributed notary technologies, SMPTC³ designates honest participants as a cross-chain notary group, reducing the time required for redundant signature confirmations and significantly lowering the possibility of malicious notaries. Theoretical analysis and empirical experiments demonstrate that SMPTC³ is highly efficient in addressing cross-chain transaction security issues. Full article

The rapid advancement of internet technology has raised attention to the importance of electronic voting in maintaining democracy and fairness in elections. E-voting refers to the use of electronic technology to facilitate the casting and counting of votes in elections. The need for designated verification arises from concerns about voter privacy, auditability, and the prevention of manipulation. Traditional e-voting systems use cryptographic techniques for security but lack verifiable proof of integrity. Integrating e-voting with a quantum designated verifier could address these challenges by leveraging the principles of quantum mechanics to enhance security and trustworthiness. In light of this, we propose a quantum e-voting scheme that uses a designated verifier signature. To ensure the confidentiality and authenticity of the voting process, the scheme uses quantum features like the no-cloning theorem and quantum key distribution. The proposed scheme has security properties like source hiding, non-transferability, and message anonymity. The proposed scheme is resistant to many quantum attacks, such as eavesdropping and impersonation. Due to designated verification, the scheme minimizes the risk of tempering. This paper provides a detailed description of the proposed scheme and analyzes its security properties. Therefore, the proposed scheme is efficient, practical, and secure. Full article

In the process of using structured light technology to obtain indoor point clouds, due to the limited field of view of the device, it is necessary to obtain multiple point clouds of different wall surfaces. Therefore, merging the point cloud is necessary to acquire a complete point cloud. However, due to issues such as the sparse geometric features of the wall point clouds and the high similarity of multiple point clouds, the merging effect of point clouds is poor. In this paper, we leverage artificially enhanced features to improve the accuracy of registration in this scenario. Firstly, we design feature markers and present their layout criteria. Then, the feature information of the marker is extracted based on the Color Signature of Histograms of OrienTations (Color-SHOT) descriptor, and coarse registration is realized through the second-order similarity measure matrix. After that, precise registration is achieved using the Iterative Closest Point (ICP) method based on markers and overlapping areas. Finally, the global error of the point cloud registration is optimized by loop error averaging. Our method enables the high-precision reconstruction of integrated home design scenes lacking significant features at a low cost. The accuracy and validity of the method were verified through comparative experiments. Full article

An important feature of Nyberg-Rueppel type digital signature algorithms is message recovery, this signature algorithm can recover the original information from the signature directly by the verifier in the verification phase after signing the message. However, this algorithm is currently vulnerable to quantum attacks and its security cannot be guaranteed. Number Theory Research Unit (NTRU) is an efficient public-key cryptosystem and is considered to be one of the best quantum-resistant encryption schemes. This paper proposes an NTRU-like message recoverable signature algorithm to meet the key agreement requirements in the post-quantum world. This algorithm, designed for the Internet of Things (IoT), constructs a secure system using the Group-Based Message Recoverable Signature Algorithm (NR-GTRU), by integrating a Group-Based NTRU-Like Public-Key Cryptosystem (GTRU) with an efficient Nyberg-Rueppel type of NTRU digital signature algorithm (NR-NTRU). This signature algorithm, resistant to quantum algorithm attacks, offers higher security at the cost of a slight efficiency reduction compared to traditional NTRU signature algorithms, and features Nyberg-Rueppel message recovery, making it well-suited for IoT applications. Full article