Search Results (1,125)

Wireless medical sensor networks (WMSNs) enable continuous patient monitoring by transmitting sensitive physiological data over open wireless links. Given the resource-constrained nature and large-scale deployment of such networks, authentication mechanisms must be both lightweight and privacy-preserving. Moreover, due to the frequent turnover of patients and devices in hospital environments, timely member revocation is crucial to prevent discharged or compromised entities from injecting forged reports that could mislead medical diagnosis. Although existing pairing-free certificateless aggregate authentication schemes are efficient, they often suffer from critical security and privacy vulnerabilities. Recently, an efficient certificateless authentication scheme with revocation has been proposed. However, our analysis reveals that the scheme presents the following security vulnerabilities: (i) member witnesses can be recovered from public information, (ii) revocation checks can be bypassed via identity grafting attack, and (iii) user identities can be linked due to the long-term use of static pseudonyms. To address these issues, we propose a security-enhanced certificateless aggregate authentication protocol with revocation for WMSNs. Our design enforces strong identity–membership binding to resist grafting attacks, employs a non-interactive zero-knowledge membership proof to preserve witness secrecy, and adopts dynamic pseudonym rotation to achieve unlinkability. We provide formal security proofs and comprehensive performance comparisons. The results indicate that, at the same security level, our protocol achieves more efficient signature verification while maintaining communication overhead comparable to existing schemes. In addition, the overhead introduced by our revocation mechanism remains constant, making it well suited for large-scale WMSNs deployments with frequent membership changes. Full article

Against the global carbon neutrality target, predictive maintenance (PdM) of automotive engines represents a core technical strategy to advance the sustainable development of the automotive industry. Conventional single-modal diagnostic approaches for engine abnormal sound defects suffer from low accuracy and weak anti-interference capability. Existing multi-modal fusion methods fail to deeply mine the physical coupling between cross-modal features and often entail excessive model complexity, hindering deployment on resource-constrained on-board edge devices. To resolve these limitations, this study proposes a Physical Prior-Embedded Cross-Modal Attention (PPE-CMA) mechanism for lightweight multi-modal fusion diagnosis of engine abnormal sound defects. First, wavelet packet decomposition (WPD) and mel-frequency cepstral coefficients (MFCC) are integrated to extract time-frequency features from engine audio signals, while a channel-pruned ResNet18 is employed to extract spatial features from engine thermal imaging and vibration visualization images. Second, the PPE-CMA module is designed to adaptively assign attention weights to audio and image features by exploiting the physical coupling between engine fault acoustic and visual characteristics, enabling efficient cross-modal feature fusion with redundant information suppression. A rigorous theoretical derivation is provided to link cosine similarity with the physical correlation of engine fault acoustic-visual features, justifying the attention weight constraint (β = 1 − α) from the perspective of fault feature physical coupling. Third, an improved lightweight XGBoost classifier is constructed for fault classification, and a hybrid data augmentation strategy customized for engine multi-modal data is proposed to address the small-sample challenge in industrial applications. Ablation experiments on ResNet18 pruning ratios verify the optimal trade-off between diagnostic performance and computational efficiency, while feature distribution analysis validates the authenticity and effectiveness of the hybrid augmentation strategy. Experimental results on a self-constructed multi-modal dataset show that the proposed method achieves 98.7% diagnostic accuracy and a 98.2% F1-score, retaining 96.5% accuracy under 90 dB high-level environmental noise, with an end-to-end inference speed of 0.8 ms per sample (including preprocessing, feature extraction, and classification). Cross-engine and cross-domain validation on a 2.0T diesel engine small-sample dataset and the open-source SEMFault-2024 dataset yield average accuracies of 94.8% and 95.2%, respectively, demonstrating strong generalization. This method effectively enhances the accuracy and robustness of engine abnormal sound defect diagnosis, offering a lightweight technical solution for on-board real-time fault diagnosis and in-plant online quality inspection. By reducing engine fault-induced energy loss and spare parts waste, it further promotes energy conservation and emission reduction in the automotive industry. Quantified experimental data on fuel efficiency improvement and carbon emission reduction are provided to substantiate the ecological benefits of the proposed framework. Full article

Unmanned Aerial Vehicle (UAV)-assisted hierarchical federated learning (HFL) has emerged as a promising architecture for Internet of Things (IoT)-based smart agriculture, which enables scalable model training over large and sparse farmlands. In this setting, UAVs act as mobile edge servers, aggregating local updates from distributed agricultural IoT devices and relaying them to the cloud server. While HFL improves scalability and reduces communication overhead, it still faces critical security threats due to its reliance on public wireless channels and the vulnerability of model aggregation to malicious updates. In this paper, we propose a secure authentication scheme that integrates anomaly detection with elliptic curve cryptography (ECC)-based mutual authentication to protect both the communication and training phases. In the proposed scheme, UAVs authenticate participating clients before receiving their local models, then perform anomaly detection to identify and exclude malicious participants. If a client is found to be malicious, its identity credentials are revoked and broadcast by the cloud server to prevent future participation. The security of the proposed scheme is formally verified using Burrows–Abadi–Needham (BAN) logic, the Real-or-Random (RoR) model, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool, along with informal security analysis. The performance evaluation includes comparisons of security features, computation cost, and communication cost with other related schemes, and an experimental assessment of anomaly detection performance. The results demonstrate that our scheme provides strong security guarantees, low overhead, and effective malicious client detection, making it well suited for UAV-assisted HFL in smart agriculture. Full article

Fifth-generation (5G) networks are facing critical security challenges in device authentication for massive Internet of Things deployments while preserving privacy. Traditional federated learning approaches depend on the computationally expensive homomorphic encryption to protect model gradients, resulting in substantial latency and communication overhead, leading to impractical energy consumption for resource-constrained 5G devices. This paper proposes Zero-Knowledge Federated Learning (ZK-FL), eliminating homomorphic encryption by enabling devices to prove model correctness without revealing gradients. Our approach integrates zero-knowledge proofs with FL updates, where each device generates a proof ${\mathrm{Proof}}_i=\mathrm{ZK}({\mathrm{Gradient}}_i,{\mathrm{Hash}}_i)$, demonstrating computational integrity. The experimental results from 10,000 authentication attempts demonstrate ZK-FL achieves 78.4 ms average authentication latency versus 342.5 ms for homomorphic encryption-based FL (77% reduction), proof sizes of 0.128 kB versus 512 kB (99.97% reduction), and energy consumption of 284.5 mJ versus 6525 mJ (95% reduction), while maintaining 99.3% authentication success rate with formal privacy guarantees. These results demonstrate ZK-FL enables practical privacy-preserving authentication for massive-scale 5G deployment. Full article

Physical Unclonable Functions (PUFs) represent a highly promising hardware security primitive, yet they face constraints of insufficient reliability and threats from modeling attacks. This paper designs a novel Feed-Forward Crossbar Matrix Arbiter PUF (FC-MA PUF). It incorporates an inter-stage crossbar structure, a feed-forward control system, and a mechanism for selecting reliable challenge-response pairs. These features significantly enhance the structural non-linearity and stability, substantially improving security and adaptability to a wider range of operating environments. It provides a high-strength authentication solution with low resource overhead for lightweight security-demanding devices such as IoT devices. The proposed FC-MA PUF has been successfully implemented on a Field-Programmable Gate Array (FPGA) platform. Experimental results for the selected 4-stage FC-MA PUF configuration show a bias, inter-chip uniqueness, and bit error rate (BER) of 49.88%, 49.68%, and 0.018%, respectively. Furthermore, the structure allows for flexible configuration of the number of feed-forward modules based on practical application requirements: a greater number of feed-forward modules enhances security but also leads to an increased BER and a decreased proportion of stable challenge-response pairs. Experimental results based on a training set of 1,000,000 challenge-response pairs demonstrate that: with two feed-forward units, the stable (Challenge Response Pair)CRP ratio is 39.72% and the Covariance Matrix Adaptation Evolutionary Strategies (CMA-ES) attack prediction success rate is 58.20%; with three units, the ratio decreases to 29.12% and the prediction rate drops to 54.91%; with four units, these values further decline to 20.18% and 52.33% respectively. These results confirm that the proposed FC-MA PUF effectively resists multiple modeling attacks, including Logistic Regression (LR), Support Vector Machine (SVM), and CMA-ES. Full article

The Medical Internet of Things (MIoT) has promoted smart healthcare through the deep integration of wearable devices, wireless communication, and cloud services. However, this framework faces security risks, as attackers may exploit public channels to impersonate legitimate devices or services and steal sensitive data. Therefore, establishing authentication between wearable devices and servers prior to data transmission is crucial. Existing schemes suffer from two critical drawbacks: vulnerability to quantum attacks and excessively high communication overhead, highlighting the need for improved solutions. The authors of this paper present a multi-factor identity authentication protocol to achieve post-quantum security and privacy protection. The scheme integrates lattice-based Kyber key encapsulation and a fuzzy commitment mechanism to secure biological templates and enable post-quantum key agreement. Additionally, hash functions and lightweight error correction codes are employed to reduce terminal communication overhead. The security of the scheme is rigorously proved in the Real-or-Random model, and the analysis confirms that the scheme satisfies common security requirements for wireless networks. The proposed scheme is also compared with existing schemes, and the results demonstrate that it achieves a balance between security and overhead. Full article

Radio frequency fingerprint identification (RFFI) based on physical-layer characteristics provides a reliable solution for secure authentication of Internet of Things (IoT) devices. Deep neural networks have demonstrated strong capability in improving RFFI performance; however, their high computational complexity and large parameter size pose significant challenges for deployment on resource-constrained edge devices. In RFFI tasks, existing pruning methods often lack effective performance recovery strategies, which leads to noticeable degradation in identification accuracy after pruning. To address this issue, this paper proposes a pruning method based on adversarial learning and polarization regularization. Polarization regularization is applied to learnable soft masks to effectively distinguish channels to be pruned from those to be retained. In addition, an adversarial learning-based performance recovery strategy is introduced to align the output feature distributions between the baseline network and the pruning network, thereby improving identification accuracy after pruning. Experimental results on multiple RFFI datasets demonstrate that the proposed method can effectively prune ResNet18 and VGG16, achieving substantial reductions in model complexity with only minor losses in identification performance. Full article

Electroencephalography (EEG) has attracted growing interest as a biometric modality because it reflects ongoing brain activity and is inherently difficult to counterfeit. At the same time, EEG signals are influenced by internal conditions such as emotions, which may affect identification stability, particularly when recordings are obtained using portable consumer-grade systems. This study examines how emotional states influence EEG-based biometric performance and evaluates deep learning architectures to determine an effective modeling approach for cross-emotion robustness. EEG data were collected from 65 participants using a 14-channel Emotiv EPOC X headset, with 54 subjects retained after self-reported emotional validation. Recordings were acquired under neutral, positive, and negative visual stimuli. To address variability associated with portable acquisition, preprocessing made use of the device’s internal signal quality metrics to select reliable segments, compensate for degraded regions, and reduce noise. Among the evaluated models, a Bidirectional Long Short-Term Memory (BiLSTM) network enhanced with Convolutional Block Attention Module (CBAM) and Multi-Head Self-Attention (MHSA) achieved highest performance in our experiments. The model was trained on neutral-state data and subsequently evaluated under emotional conditions. It reached 95.91% accuracy in the neutral condition and maintained high performance under positive (94.31%) and negative (92.99%) states. Despite a modest decline under negative stimuli, identification performance remained stable. These findings support the feasibility of robust EEG-based biometric authentication using consumer-grade devices in realistic settings. Full article

Future 6G-enabled smart hospital infrastructures will support latency-critical medical operations such as robotic surgery, autonomous monitoring, and real-time clinical decision systems, which require communication mechanisms that ensure both ultra-low latency and long-term cryptographic security. Existing security solutions either rely on classical cryptographic protocols that are vulnerable to quantum attacks or deploy isolated post-quantum primitives without providing a unified framework for secure real-time medical command transmission. This research presents a latency-aware, multi-layered post-quantum security architecture for 6G-enabled smart hospital environments. The proposed framework establishes an end-to-end secure command transmission pipeline that integrates hardware-rooted device authentication, post-quantum key establishment, hybrid payload protection, dynamic access enforcement, and tamper-evident auditing within a coherent system design. In contrast to existing approaches that focus on individual security mechanisms, the architecture introduces a structured integration of Kyber-based key encapsulation and Dilithium digital signatures with hybrid AES-based encryption and legacy-compatible key transport, while Physical Unclonable Function authentication provides hardware-bound device identity verification. Zero Trust access control, metadata-driven anomaly detection, and blockchain-style audit logging provide continuous verification and traceability, while threshold cryptography distributes cryptographic authority to eliminate single points of compromise. The proposed architecture is evaluated using a discrete-event simulation framework representing adversarial conditions in realistic 6G medical communication scenarios, including replay attacks, payload manipulation, and key corruption attempts. Experimental results demonstrate improved security and operational efficiency, achieving a 48% reduction in detection latency, a 68% reduction in false-positive anomaly detection rate, and a 39% improvement in end-to-end round-trip latency compared to conventional RSA-AES-based architectures. These results demonstrate that the proposed framework provides a practical and scalable approach for achieving post-quantum secure and low-latency command transmission in next-generation 6G smart hospital systems. Full article

Modern computing platforms increasingly rely on random number generators (RNGs) for modeling probabilistic processes in simulation, probabilistic computing, and system validation. They are also essential for cryptographic operations such as key generation, authenticated encryption, and digital signatures. Deterministic Random Bit Generators (DRBGs), as specified in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-90A, provides a standardized method for expanding entropy into cryptographically strong pseudorandom sequences. This work presents the design and Field Programmable Gate Array (FPGA) implementation of a hash-based DRBG using Ascon-Hash256, a lightweight, quantum-resistant hash function from the NIST-standardized Ascon cryptographic suite. It implements hash-based derivation, instantiation, generation, and reseeding of the generator via iterative hash invocations and state updates. Leveraging Ascon’s sponge-based structure, the design achieves efficient entropy absorption and diffusion while maintaining an area-efficient FPGA architecture, making it well suited for resource-constrained platforms. The diffusion properties of the proposed DRBG are evaluated through avalanche and reproducibility analyses, confirming strong sensitivity to input variations and secure, repeatable operation. Moreover, Monte Carlo and stochastic-diffusion evaluation of the generated bitstreams demonstrates correct convergence and statistically consistent behavior. These results confirm that the proposed hash-based DRBG provides reproducible, hardware-efficient, and cryptographically secure random numbers suitable for next-generation neuromorphic, probabilistic computing systems, and Internet of Things (IoT) devices. Full article

The advent of quantum computing poses significant challenges to traditional cryptographic systems, threatening the confidentiality, integrity and authenticity of digital communications. This paper investigates the integration of post-quantum cryptography (PQC) algorithms into mobile communication systems to address these challenges. The study focuses on evaluating key PQC algorithms shortlisted by the National Institute of Standards and Technology (NIST), including CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon and SPHINCS+, within the context of 5G and future mobile network architectures. The research encompasses the design and implementation of an experimental framework involving mobile devices, servers, and cloud-based infrastructure to simulate real-world communication scenarios. Performance metrics such as key generation time, signature generation, encryption and decryption speed, and resource consumption were analyzed across various devices to identify algorithms suitable for mobile environments. The findings reveal that lattice-based algorithms, such as Kyber and Dilithium, offer a promising balance between security and efficiency, making them ideal for resource-constrained devices. In contrast, hash-based algorithms like SPHINCS+ exhibit higher computational demands, limiting their practicality in certain applications. This work highlights the importance of algorithm selection and hardware optimization in ensuring secure and efficient communications in the quantum era. By integrating theoretical advancements in PQC with practical applications, this research lays the foundation for quantum-resistant security in mobile networks, ensuring secure and future-ready digital communications. Full article

The Internet of Medical Things (IoMT) has become a core component of modern healthcare infrastructures, enabling continuous patient monitoring, remote diagnostics, and data-driven clinical decision-making. Despite these advances, authentication in IoMT environments remains a critical security challenge, intensified by strict resource constraints of medical devices and the emerging threat posed by quantum computing to classical cryptographic techniques. This systematic review investigates authentication mechanisms in IoMT from both post-quantum and system-level perspectives. A structured literature review was conducted using a PRISMA-informed methodology across major scientific databases, including IEEE Xplore, ACM Digital Library, SpringerLink, ScienceDirect, and MDPI. From an initial set of 95 records, 63 studies were selected for qualitative synthesis following screening and eligibility assessment. To organise existing research, this study introduces a multi-dimensional classification framework that categorises authentication solutions according to cryptographic paradigm (classical, hybrid, and post-quantum), deployment architecture, system objectives, and clinical operational constraints. The comparative synthesis demonstrates important trade-offs between security strength, latency, computational overhead, and energy consumption that are frequently underexplored in the existing literature. Furthermore, the analysis identifies key research gaps related to scalability in heterogeneous medical environments, trust establishment across administrative and clinical domains, usability under strict timing constraints, and resilience against quantum-capable adversaries. Based on these findings, future research directions are outlined toward adaptive, lightweight, and context-aware post-quantum authentication frameworks designed for real-world IoMT deployments. Limitations of this review include restriction to English-language publications and selected databases. This study received no external funding, and the review protocol was not formally registered. Full article

Targeting resource-constrained Internet of Things (IoT) devices, this paper proposes Stuck-at-Fault Physical Unclonable Function (SAF-PUF), a lightweight Resistive Random-Access Memory (RRAM)-based PUF that exploits the intrinsic addresses of manufacturing-induced SAF defects as a stable entropy source. By using the coordinates of Stuck-at-1 (SA1) cells to seed a 32-bit Linear Feedback Shift Register (LFSR), SAF-PUF generates robust, variable-length responses with zero Bit Error Rate (BER) across a wide temperature range from −40 °C to 125 °C, without any error-correction circuitry. Experimental results based on 100,000 Challenge–Response Pairs (CRPs) demonstrate strong resilience against machine learning (ML) attacks, with prediction accuracies of logistic regression (LR), support vector machines (SVM), neural networks (NN) and convolutional neural networks (CNNs) remaining close to 50%. Moreover, a “use-then-conceal” mechanism is introduced to enhance post-authentication security, enabling response obfuscation with minimal cell reconfiguration. These features make SAF-PUF a high-security, low-overhead hardware root of trust suitable for IoT applications. Full article

This paper explores the value of imperfections and curated decay in the conservation of architecture and public art as vehicles of cultural memory. While conventional heritage practice treats physical degradation as a threat, newer conservation ethics argue for embracing material impermanence within an aesthetics of care. We examine how acknowledging patina, weathering, and even structural decline can become an act of care, maintaining the “spirit” and authenticity of a place. The theoretical framework integrated the aesthetics of imperfection, including concepts like the Japanese wabi-sabi, which finds beauty in the incomplete and impermanent, critical heritage theory (which questions whose memories and values are preserved or excluded) and cultural memory studies (notably Nora’s notion of lieux de mémoire, where material sites become symbolic elements of communal memory). Methodologically, the article is grounded by two case-study video essays, Imperfections (Genoa) and Scars (Nicosia), as instruments of research, which provide visual analyses of decayed architectural environments. These examples illustrate how curated decay can transform abandoned buildings and war-scarred urban zones into powerful mnemonic devices, provoking reflection on history, identity and the ethics of preservation. Despite extensive theorisation of patina/age-value and curated decay, recent heritage debates offer limited operational criteria for distinguishing intentional curated decay from unmanaged neglect in lived urban conservation contexts. Drawing on ethics and aesthetics of care, this article asks if and how care can be operationalised into a decision framework for urban conservation and tests this framework through two selected buildings: Albergo dei Poveri (Genoa) and Home for Cooperation (Nicosia). The authors argue that caring for heritage does not always mean restoring it to an as-new state; curating ageing and traces of time can support remembrance, resilience, and reconciliation, enriching heritage’s role in future urban imaginaries. Full article

The proliferation of Internet of Things (IoT) devices and embedded processors has recently spurred rapid advances in hardware-level security. This paper systematically reviews developments in securing microcontroller units (MCUs) and constrained embedded platforms from 2020 to 2026, a period marked by the finalization of NIST’s post-quantum cryptography standards and accelerated commercial deployment of hardware security primitives. Through analysis of the peer-reviewed literature, industry implementations, and standardization efforts, we survey five critical areas: post-quantum cryptography (PQC) implementations on resource-constrained hardware, physically unclonable functions (PUFs) for device authentication, hardware Roots of Trust and secure boot mechanisms, side-channel attack mitigations, and Trusted Execution Environments (TEEs) for microcontroller-class devices. For each domain, we analyze technical mechanisms, deployment constraints (power, memory, cost), security guarantees, and commercial maturity. Our review distinguishes itself through its integration perspective, examining how these primitives must be composed to secure real-world embedded systems, and its emphasis on post-standardization PQC developments. We highlight critical gaps including PQC memory overhead challenges, ML-resistant PUF designs, and TEE developer friction, while documenting commercial progress such as PSA Level 3 certified components and 500+ million PUF-enabled devices deployed. This synthesis provides practitioners with practical guidance for securing the next generation of IoT and embedded systems. Full article