Search Results (167)

With the rapid development of cloud-based data sharing technologies, enterprises and organizations tend to outsource their local data to cloud servers. They adopt searchable encryption (SE) techniques to access and search encrypted data. However, most existing SE schemes use static ranking strategies based on query–index similarity. These strategies fail to capture users’ personalized retrieval preferences and often result in suboptimal search performance. In this article, we present a privacy-preserving data sharing framework with personalized encrypted retrieval (PP-PER) that combines SE technology with federated learning. PP-PER trains user interest models locally on user devices by utilizing historical query behavior. Only encrypted model parameters are uploaded for aggregation, which avoids the centralized collection of users’ private data. In addition, we design an attention-based user query update algorithm. The learned personalized features are integrated into the ciphertext query process. This design enables personalized ranking results and improves the user retrieval experience. Furthermore, PP-PER combines matrix factorization with ciphertext-policy attribute-based encryption (CP-ABE). This mechanism ensures secure document key distribution and supports fine-grained access control. Finally, we formalize the security model under a practical threat and leakage setting and provide a theoretical analysis of the proposed scheme. Experimental results on real-world datasets further validated its practicality and effectiveness. Full article

Quantum computing offers potential computational advantages, yet its integration into autonomous decision-making systems remains largely unexplored. This paper addresses the need for a unified framework that systematically combines quantum computation with agent-based artificial intelligence. We examine how quantum technologies can enhance the capabilities of autonomous agents and, conversely, how agentic AI can support the advancement of quantum systems. We analyze both directions of this synergy and present conceptual and technical foundations for future quantum–agentic platforms. Our work introduces a formal definition of quantum agents and outlines architectures that integrate quantum computing with agent-based systems. As concrete proof-of-concept implementations, we develop and evaluate three quantum agent prototypes: (i) a Grover-based decision agent for quantum search-driven action selection, (ii) a variational quantum reinforcement learning agent for adaptive policy learning in a multi-armed bandit setting, and (iii) an adaptive quantum image encryption agent that autonomously selects encryption strategies based on entropy-driven feedback. These prototypes demonstrate practical realizations of quantum agency in decision-making, learning, and security contexts under NISQ-era constraints. Furthermore, we discuss application domains including quantum-enhanced optimization, hybrid quantum–classical orchestration, autonomous quantum workflow management, and secure quantum information processing. By bridging these fields, we introduce a structured theoretical and architectural framework for quantum–agentic systems, providing formal definitions, system models, and early operational prototypes that illustrate the feasibility of quantum-enhanced agency under NISQ constraints. Full article

With the rise of smart cities, technology has enabled more efficient urban management. A key part of this is the Internet of Vehicles (IoVs), which connects vehicles to smart city systems to improve transportation safety and efficiency. This integrated system enables wireless connection between vehicles, allowing for the sharing of essential traffic information. However, with all this connectivity, there are growing concerns about IoV security and privacy. This paper presents a new privacy-preserving authentication scheme for Autonomous Vehicles (AVs) in the IoV field using physical unclonable functions (PUFs). This scheme employs a bilinear pairing-based encryption technique that supports search over encrypted data. The primary aim of this scheme is to authenticate AVs inside the IoV architecture. A novel PUF design generates random keys for our authentication technique, hence boosting security. This dual-layer security strategy safeguards against a range of cyber threats, including identity fraud, man-in-the-middle attacks, and unauthorized access to personal user data. The PUF design will guarantee the true randomness of the AVs’ users’ secret keys. To handle the large amount of data involved, we use hardware acceleration with different Field-Programmable Gate Arrays (FPGAs). Our examination of privacy and security demonstrates the achievement of the defined design goals. The proposed authentication framework was fully implemented and validated on FPGA platforms to demonstrate its hardware feasibility and efficiency. The integrated heterogeneous PUF achieves an average reliability exceeding $98.5\%$ across a wide temperature range, while maintaining near-ideal randomness with an average Hamming weight of $49.7\%$ over multiple challenge sets. Furthermore, the uniqueness metric approaches $49.9\%$, confirming strong inter-device distinguishability among different PUF instances. The complete authentication architecture was synthesized on Nexys-100T, Zynq-104, and Kintex-116 devices, where the design utilizes less than $80\%$ of slice Look-Up Tables (LUTs), under $27\%$ of on-chip memory resources, and below $16\%$ of DSP blocks, demonstrating low hardware overhead. Full article

Grayscale-based Encryption-then-Compression (EtC) systems transform RGB images into the YCbCr color space, concatenate the components into a single grayscale image, and apply block permutation, block rotation/flipping, and block-wise negative–positive inversion. Because this pipeline separates color components and disrupts inter-channel statistics, existing extended jigsaw puzzle solvers (JPSs) have been regarded as ineffective, and grayscale-based EtC systems have been considered resistant to ciphertext-only visual reconstruction. In this paper, we present a practical ciphertext-only attack against grayscale-based EtC. The proposed attack introduces three key components: (i) Texture-Based Component Classification (TBCC) to distinguish luminance (Y) and chrominance (Cb/Cr) blocks and focus reconstruction on structure-rich regions; (ii) Regularized Single-Channel Edge Compatibility (R-SCEC), which applies Tikhonov regularization to a single-channel variant of the Mahalanobis Gradient Compatibility (MGC) measure to alleviate covariance rank-deficiency while maintaining robustness under inversion and geometric transforms; and (iii) Adaptive Pruning based on the TBCC-reduced search space that skips redundant boundary matching computations to further improve reconstruction efficiency. Experiments show that, in settings where existing extended JPS solvers fail, our method can still recover visually recognizable semantic content, revealing a potential vulnerability in grayscale-based EtC and calling for a re-evaluation of its security. Full article

This systematic review examines recent advances in blockchain-based electronic voting systems, motivated by the need for more transparent, secure, and verifiable electoral processes. The rapid growth of research between 2022 and 2025 highlights blockchain as a promising foundation for addressing long-standing challenges of integrity, anonymity, and trust in digital elections, particularly in academic contexts where pilot deployments are more feasible. The review followed PRISMA 2020 guidelines and applied the evidence-based methodology proposed by Kitchenham & Charters. Searches were conducted in six major databases, yielding 861 records; after removing duplicates and applying eligibility criteria, 338 studies were retained. Data were extracted using a structured template and synthesised qualitatively due to the conceptual and methodological heterogeneity of the evidence. The included studies reveal significant progress in blockchain architectures, smart contracts, and advanced cryptographic mechanisms—such as blind signatures, zero-knowledge proofs, and homomorphic encryption. Multiple authentication and verification strategies were identified; however, real-world validations remain limited and largely confined to small-scale academic pilots. Overall, blockchain-based voting systems demonstrate conceptual advantages over traditional and conventional electronic models, especially regarding transparency and auditability. Nevertheless, the field requires stronger empirical evaluation, greater scalability, and clearer regulatory alignment to support broader institutional adoption. Full article

Unmanned Aerial Systems (UASs) are playing an increasingly critical role in both civilian and defense applications. However, their heavy reliance on unencrypted Global Navigation Satellite System (GNSS) signals, particularly GPS, makes them highly susceptible to signal spoofing attacks, posing severe operational and safety threats. This paper introduces a comprehensive, AI-driven multi-layer sensor framework that simultaneously enables real-time spoofing detection and secure command-and-control (C2) communication in lightweight UAS platforms. The proposed system enhances telemetry reliability through a refined preprocessing pipeline that includes a novel GPS Drift Index (GDI), robust statistical normalization, cluster-constrained oversampling, Kalman-based noise reduction, and quaternion filtering. These sensing layers improve anomaly separability under adversarial signal manipulation. On this enhanced feature space, a differentiable architecture search (DARTS) approach dynamically generates lightweight neural network architectures optimized for fast, onboard spoofing detection. For secure command and control, the framework integrates a low-latency cryptographic layer utilizing PRESENT-128 encryption and CMAC authentication, achieving confidentiality and integrity with only 1.79 ms latency and a 0.51 mJ energy cost. Extensive experimental evaluations demonstrate the framework’s outstanding detection accuracy (99.99%), near-perfect F1-score (0.999), and AUC (0.9999), validating its suitability for deployment in real-world, resource-constrained UAS environments. This research advances the field of AI-enabled sensor systems by offering a robust, scalable, and secure navigation framework for countering GPS spoofing in autonomous aerial vehicles. Full article

This article presents general methodologies for plaintext attacks on block ciphers using the Tabu Search algorithm. These methods treat the cipher as a black box, with the objective of finding the session key. The primary innovation of our approach is the division of the key space into subsets based on a divisor, enabling the attack to focus on a specific portion of the total space. The following investigation demonstrates the successful application of these methods to a member of a block cipher family that includes the Advanced Encryption Standard (AES) cipher. One of the proposed methodologies, the subregions path attack, enables navigation of the key session space by applying specific predetermined strategies within these subregions. Full article

Background/Objectives: Federated learning (FL) offers a way for healthcare institutions to collaboratively train machine learning models without sharing sensitive patient data. This systematic review aims to comprehensively synthesize the ethical dimensions of FL in healthcare, integrating privacy preservation, algorithmic fairness, governance, and equitable access into a unified analytical framework. The application of FL in healthcare between January 2020 and December 2024 is examined, with a focus on ethical issues such as algorithmic fairness, privacy preservation, governance, and equitable access. Methods: Following PRISMA guidelines, six databases (PubMed, IEEE Xplore, Web of Science, Scopus, ACM Digital Library, and arXiv) were searched. The PROSPERO registration is CRD420251274110. Studies were selected if they described FL implementations in healthcare settings and explicitly discussed ethical considerations. Key data extracted included FL architectures, privacy-preserving mechanisms, such as differential privacy, secure multiparty computation, and encryption, as well as fairness metrics, governance models, and clinical application domains. Results: Out of 3047 records, 38 met the inclusion criteria. The most popular applications were found in medical imaging and electronic health records, especially in radiology and oncology. Through thematic analysis, four key ethical themes emerged: algorithmic fairness, which addresses differences between clients and attributes; privacy protection through formal guarantees and cryptographic techniques; governance models, which emphasize accountability, transparency, and stakeholder engagement; and equitable distribution of computing resources for institutions with limited resources. Considerable variation was observed in how fairness and privacy trade-offs were evaluated, and only a few studies reported real-world clinical deployment. Conclusions: FL has significant potential to promote ethical AI in healthcare, but advancement will require the development of common fairness standards, workable governance plans, and systems to guarantee fair benefit sharing. Future studies should develop standardized fairness metrics, implement multi-stakeholder governance frameworks, and prioritize real-world clinical validation beyond proof-of-concept implementations. Full article

With the rapid development of online aquatic product trading, traditional centralized platforms are facing increasing pressure in terms of data security, privacy protection, and trust. Problems such as tampering with transaction records, weak identity authentication, privacy leakage, and the difficulty of balancing matching efficiency with security limit the further development of these platforms. To address these issues, this paper proposes a blockchain-based identity authentication and access control scheme for online aquatic product trading. The scheme first introduces a dual authentication mechanism that combines a verifiable random function with a Schnorr-based zero-knowledge proof, providing strong decentralized identity verification and resistance to replay attacks. It then designs a dynamic access control strategy based on a multi-dimensional reputation model, which converts user behavior, attributes, and historical transaction performance into a comprehensive trust score used to determine fine-grained access rights. In addition, an AES-PEKS hybrid encryption method is employed to support encrypted keyword search and order matching while protecting the confidentiality of order data. This paper implements a multi-channel architecture for aquatic product trading prototype system on Hyperledger Fabric. This system separates registration, order processing, and reputation management into different channels to improve concurrency and enhance privacy protection. Security analysis shows that the proposed solution effectively defends against replay attacks, key leaks, data tampering, and privacy theft. Performance evaluation further demonstrates that, compared to a single-chain architecture, the multi-channel design, while increasing security mechanisms, maintains a stable throughput of approximately 223 tx/s even when concurrency reaches 600–800 tx/s, ensuring normal operation of the trading system. These results indicate that this solution provides a practical technical approach and system-level reference for building secure, reliable, and efficient online aquatic product trading platforms. Full article

Recent advances in machine learning have enabled highly effective ciphertext-based cryptographic algorithm identification, posing a potential threat to encrypted communication. Inspired by adversarial example techniques, we present CSPM (Class-Specific Perturbation Mask Generation), a novel adversarial-defense framework that enhances ciphertext unidentifiability through misleading machine-learning-based cipher classifiers. CPSM constructs lightweight, reversible bit-level perturbations that alter statistical ciphertext features without affecting legitimate decryption. The method leverages class prototypes to capture representative bit-distribution patterns for each cryptographic algorithm and integrates two complementary mechanisms—mimicry-based perturbing, which steers ciphertexts toward similar cipher classes, and distortion-based perturbing, which disrupts distinctive statistical traits—through a ranking-based greedy search. Extensive experiments on seven widely used cryptographic algorithms and fifteen NIST statistical feature configurations demonstrate that CSPM consistently reduces algorithm-identification accuracy by over 25%. These results confirm that perturbation position selection, rather than magnitude, dominates attack efficacy. CSPM provides a practical defense mechanism, offering a new perspective for safeguarding encrypted communications against statistical and machine-learning-based traffic analysis. Full article

The rapid growth of Internet of Things (IoT) devices and the emergence of 5G/6G networks have created major challenges in secure and reliable data transmission. Traditional cryptographic algorithms, while robust, often suffer from high computational complexity and latency, making them less suitable for large-scale, real-time applications. This paper proposes a chaos-based encryption framework that uses the Sprott chaotic oscillator to generate secure and unpredictable signals for encryption. To achieve accurate synchronization between the transmitter and the receiver, two bio-inspired metaheuristic algorithms—the Pachycondyla Apicalis Algorithm (API) and the Penguin Search Optimization Algorithm (PeSOA)—are employed to identify the optimal control parameters of the Sprott system. This optimization improves synchronization accuracy and reduces computational overhead. Simulation results show that PeSOA-based synchronization outperforms API in convergence speed and Root Mean Square Error (RMSE). The proposed framework provides robust, scalable, and low-latency encryption for IoT and 5G/6G networks, where massive connectivity and real-time data protection are essential. Full article

Dynamic Searchable Encryption (DSE) is essential for enabling confidential search operations over encrypted data in cloud computing. However, all existing single-server DSE schemes are vulnerable to Keyword Pair Result Pattern (KPRP) leakage and fail to simultaneously achieve forward and backward security. To address these challenges, this paper proposes a conjunctive keyword DSE scheme based on a dual-server architecture (DS-CKDSE). By integrating a full binary tree with an Indistinguishable Bloom Filter (IBF), the proposed scheme adopts a secure index: The leaf nodes store the keywords and the associated file identifier, while the information of non-leaf nodes is encoded within the IBF. A random state update mechanism, a dual-state array for each keyword and the timestamp trapdoor designs jointly enable robust forward and backward security while supporting efficient conjunctive queries. The dual-server architecture mitigates KPRP leakage by separating secure index storage from trapdoor verification. The security analysis shows that the new scheme satisfies adaptive security under a defined leakage function. Finally, the performance of the proposed scheme is evaluated through experiments, and the results demonstrate that the new scheme enjoys high efficiency in both update and search operations. Full article

In the context of privacy-preserving face recognition systems, entropy plays a crucial role in determining the efficiency and security of computational processes. However, existing schemes often encounter challenges such as inefficiency and high entropy in their computational models. To address these issues, we propose a privacy-preserving face recognition method based on the Face Feature Coding Method (FFCM) and symmetric homomorphic encryption, which reduces computational entropy while enhancing system efficiency and ensuring facial privacy protection. Specifically, to accelerate the matching speed during the authentication phase, we construct an N-ary feature tree using a neural network-based FFCM, significantly improving ciphertext search efficiency. Additionally, during authentication, the server computes the cosine similarity of the matched facial features in ciphertext form using lightweight symmetric homomorphic encryption, minimizing entropy in the computation process and reducing overall system complexity. Security analysis indicates that critical template information remains secure and resilient against both passive and active attacks. Experimental results demonstrate that the facial authentication efficiency with FFCM classification is 4% to 6% higher than recent state-of-the-art solutions. This method provides an efficient, secure, and entropy-aware approach for privacy-preserving face recognition, offering substantial improvements in large-scale applications. Full article

Searchable Encryption (SE) schemes enable data users to securely search over outsourced encrypted data stored in the cloud. To support fine-grained access control, Attribute-Based Encryption with Keyword Search (ABKS) extends SE by associating access policies with user attributes. However, existing ABKS schemes often suffer from limited security and functionality, such as lack of verifiability, vulnerability to collusion, and insider keyword-guessing attacks (IKGA), or inefficiency in multi-authority and post-quantum settings, restricting their practical deployment in real-world distributed systems. In this paper, we propose a verifiable ciphertext-policy multi-authority ABKS (MA-CP-ABKS) scheme based on the Module Learning with Errors (MLWE) problem, which provides post-quantum security, verifiability, and resistance to both collusion and IKGA. Moreover, the proposed scheme supports multi-keyword searchability and forward security, enabling secure and efficient keyword search in dynamic environments. We formally prove the correctness, verifiability, completeness, and security of the scheme under the MLWE assumption against selective chosen-keyword attacks (SCKA) in the standard model and IKGA in the random oracle model. The scheme also maintains efficient computation and manageable communication overhead. Implementation results confirm its practical performance, demonstrating that the proposed MA-CP-ABKS scheme offers a secure, verifiable, and efficient solution for multi-organizational cloud environments. Full article

Safeguarding data confidentiality and enforcing precise access regulation in cloud platforms continue to be major research concerns. Attribute-based encryption (ABE) offers a versatile framework for policy-driven control, whereas public key encryption with keyword search (PEKS) supports efficient querying of encrypted datasets. However, ABE lacks keyword search support, and PEKS offers limited control over access policies. To overcome these limitations, attribute-based keyword search (ABKS) schemes have been proposed, with recent advances such as ciphertext-policy decryptable ABKS (CP-DABKS) enabling secure channel-free keyword search. Nevertheless, the existing CP-DABKS schemes still face important challenges: the master public key grows linearly with the attribute universe, secure channels are often required to deliver trapdoors, and many designs remain vulnerable to keyword guessing attacks. This work introduces an efficient CP-DABKS scheme built upon a Type-3 pairing framework to directly overcome these limitations. The proposed design employs a commit-to-point mechanism that prevents linear key growth, eliminates the need for secure trapdoor transmission, and resists keyword guessing attacks. We implement and evaluate the proposed scheme using real-world data from the Enron Email dataset and demonstrate its practicality for secure and searchable cloud-based storage. We also discuss implementation considerations and outline directions for future enhancement of privacy-preserving searchable encryption systems. Full article