Search Results (9)

Threshold Attribute-based Encryption has attracted significant attention due to its growing importance in practical applications, such as distributed cloud storage or anonymous access control. In a threshold attribute-based encryption scheme, a sender can select a set of attributes and a corresponding threshold t, which is referred to as an access policy, to encrypt a message. Decryption is successful if and only if a user possesses at least t attributes from the specified attribute set. Existing threshold attribute-based encryption schemes typically consider only the setting in which a single message is encrypted under a single access policy. However, in many practical applications, more flexible encryption scenarios are needed, such as encrypting a single message under multiple access policies or encrypting multiple messages under their corresponding access policies. In this work, we first formalize the notion of threshold attribute-based encryption supporting the encryption of multiple messages under multiple access policies. We then propose the first construction of a threshold attribute-based encryption scheme based on the Key Encapsulation Mechanism paradigm that supports such functionality while achieving constant-size ciphertext. Our proposed scheme relies on bilinear pairings and is proven secure in the Generic Bilinear Group Model. As a classical pairing-based construction, it does not provide post-quantum security and is therefore unsuitable for scenarios requiring long-term confidentiality or resilience against harvest-now, decrypt-later attacks. Full article

We performed a cross-layer, system-level analysis of the post-quantum transition of blockchain architectures through a systematic review. The analysis, based on 108 peer-reviewed studies, moves beyond post-quantum cryptography (PQC) as merely a primitive substitution and examines how quantum pressures cascade through validation, propagation, interoperability, governance, and regulatory layers. Empirical results show that the authenticated payloads for lattice signatures grow from ~65–73 bytes (ECDSA) up to kilobyte-scale sizes, and verification overhead is increased by a factor of 2× to 5× depending on the deployment scenario. Such inflation can narrow block-capacity margins, increase propagation delay under fixed-interval regimes, and shift validator resource thresholds in heterogeneous networks. Moreover, the harvest-now–decrypt-later model creates a temporal asymmetry between the design options and the exposure window. These findings indicate that post-quantum resilience depends more on maintaining a structural balance among the tightly coupled technical and institutional stress channels than on the strength of the algorithm itself, and migration success ultimately depends on the ability to coordinate the management of these constraints, rather than on managing them separately. Full article

The present paper addresses the problem of modeling the resilient operation of a cryptocurrency exchange (CEX) under delayed quantum attacks of the harvest-now-decrypt-later type. The proposed model diverges from extant approaches in its conceptualization of the quantum threat. Whereas extant approaches treat the quantum threat as an external shock, the proposed model conceptualizes the accumulation of cryptographically vulnerable data as an internal state variable of the system. The framework under consideration is formulated as a system of nonlinear differential equations linking the exchange’s liquidity, the intensity of post-quantum cryptography (PQC) adoption, and the volume of accumulated threat. The analytical conditions for asymptotic stability are derived. The resolution of the system enables the identification of a region of admissible defense strategies, which is interpreted in the paper as a “survival dome.” Numerical simulations demonstrate that both delayed and excessively aggressive migration strategies toward post-quantum cryptography may lead to the degradation of the exchange. The findings indicate that a balanced and adaptive transition strategy, aimed at mitigating quantum risks, can preserve liquidity while minimizing long-term losses. The findings establish a theoretical framework for the development of migration strategies for financial platforms undergoing a transition to post-quantum security standards. Full article

Federal post-quantum cryptography migration is scoped around three categories of cryptographic assets: libraries, protocols, and key stores. We argue that this scoping is incomplete. Cryptographic functions and key material can be realized in the parameters of machine-learning models, and the current open-source serialization-focused scanners we evaluated do not detect them. We provide an existence proof: a 30-layer feed-forward ReLU network that realizes AES-128 exactly, with the master key and all eleven round keys resident directly in the layer bias vectors and recoverable by parsing. The construction validates bit-exactly against FIPS 197 and the NIST CAVP AESAVS known-answer subsets across 10⁴ random plaintext-key pairs, including under float32 quantization. We argue analytically—by a sizing analysis rather than empirical construction—that ML-KEM and ML-DSA private keys hide more comfortably in modern weight tensors than AES keys do. The basis is twofold: larger key sizes amortize the construction’s fixed parameter overhead, and the lattice arithmetic underlying these primitives admits more architectural variation than the rigid AES key schedule. Under the harvest-now-decrypt-later threat model, the consequence is direct: any long-lived cryptographic key embedded in an open-weights model artifact distributed today is recoverable by any future party with knowledge of the embedding scheme, with no quantum capability required. We propose an audit primitive—a parameter-space cryptographic recognizer—that screens model artifacts at ingestion through four stages: structural matching against cipher fingerprints, a parametric analysis for bias-and-sign coupling signatures, functional probing for cryptographic input–output behavior, and the integration with cryptographic bill-of-materials tooling as a parameter-resident cryptographic content emission class extending the MBOM-PQC schema. The recognizer is defense-in-depth: it closes the gap for known constructions and architectural fingerprints without claiming completeness against adaptive adversaries. We make no claim that any deployed model contains such an embedding; the contribution is the existence of the capability, the absence of detection in the scanners we evaluated, and the migration-scope consequence. Full article

Advances in quantum computing have created a serious threat to modern asymmetric cryptosystems protecting heterogeneous critical information infrastructures (CIIs). During this transition period, the primary threat is the “Harvest Now, Decrypt Later” (HNDL) temporal strategy of attackers, which requires the forced migration of CIIs to post-quantum cryptography (PQC) algorithms. However, such migration is associated with nonlinear “technological friction.” This will manifest as a drop in the performance of legacy systems, such as SCADA. In the context of deep cross-industry integration, this can trigger avalanche-like cascading CII failures. This article presents a model of a zero-sum differential game between a CII defender and an attacker (APT group). Using Pontryagin’s maximum principle and the Forward–Backward Sweep Method (FBSM) iterative algorithm, a saddle point was found that determines the equilibrium trajectories of limited resource allocation over a given planning horizon for the CII transition to PQC. The results of the computational experiment demonstrated that isolated sectoral migration is ineffective. It is shown that optimal control requires cross-sector synchronization to prevent cascading degradation of the CII. The proposed mathematical framework provides a practical toolkit for strategic IT budget planning and national security risk management in anticipation of quantum supremacy (Q-Day). Full article

Migrating to Post-Quantum Cryptography (PQC) is critical for securing resource-constrained Internet of Things (IoT) devices against the “harvest-now, decrypt-later” threat. While ML-KEM (CRYSTALS-Kyber) has been standardized under FIPS 203 for general encryption, these devices often operate on unreliable networks suffering from high latency and packet loss. Our recent systematic review identified a critical gap that existing research overwhelmingly focuses on Transport Layer Security (TLS). This leaves the resilience of lightweight protocols like MQTT and CoAP under challenging network conditions largely unexplored. This paper introduces PQC-IoTNet, a novel Software-in-the-Loop (SITL) framework to address this gap. Our three-tier architecture integrates a Python-based IoT client with kernel-level emulation to test the full protocol stack. Validation results comparing Kyber and ECC demonstrate the framework’s ability to capture critical performance cliffs caused by TCP retransmissions. Notably, the framework revealed that while Kyber maintained an 18% speed advantage over ECC at 5% packet loss, both protocols experienced nonlinear latency spikes. This work provides a reproducible blueprint to identify operational boundaries and select resilient protocols for secure IoT systems. Full article

Quantum computing threatens the security foundations of global financial systems, exposing long-lived data and signed digital assets to “harvest-now, decrypt-later” attacks. While the timeline for cryptographically relevant quantum computers remains uncertain, regulatory signals from the USA, UK, EU, Canada, and Australia converge: financial institutions and payment infrastructures must begin migrating to post-quantum cryptography (PQC) now to preserve confidentiality, integrity, and systemic stability. This paper maps emerging standards and roadmaps, contrasting binding requirements like the EU’s DORA crypto-agility provisions with non-binding guidance from NIST, ENISA, and ETSI. Despite a shared intent to secure high-risk use cases by 2030–2031 and complete migration by 2035, divergences in enforcement and milestones create uncertainty for cross-border banks and financial market infrastructures. In parallel, technical adoption is advancing: major browsers, cryptographic libraries (OpenSSL/BoringSSL), and CDNs (e.g., AWS CloudFront) have deployed hybrid PQC key exchange in TLS 1.3, proving confidentiality defenses are viable at internet scale. The paper synthesizes historical transition lessons, sector-specific regulatory drivers, and operational constraints in payment infrastructures to derive a new, principle-based migration: crypto-agility, risk-prioritized scoping, hybrid deployment, vendor and supply-chain alignment, independent testing, and proactive supervisory engagement. Acting now reduces long-tail exposure and ensures readiness for imminent compliance and interoperability deadlines. Full article

Telecommunication infrastructures rely on cryptographic protocols designed for long-term confidentiality, yet data exchanged today faces future exposure when adversaries acquire quantum or large-scale computational capabilities. This harvest-now, decrypt-later (HNDL) threat transforms persistent communication records into time-dependent vulnerabilities. We model HNDL as a temporal cybersecurity risk, formalizing the adversarial process of deferred decryption and quantifying its impact across sectors with varying confidentiality requirements. Our framework evaluates how delayed post-quantum cryptography (PQC) migration amplifies exposure and how hybrid key exchange and forward-secure mechanisms mitigate it. Results show that high-retention sectors such as satellite and health networks face exposure windows extending decades under delayed PQC adoption, while hybrid and forward-secure approaches reduce this risk horizon by over two-thirds. We demonstrate that temporal exposure is a measurable function of data longevity and migration readiness, introducing a network-centric model linking quantum vulnerability to communication performance and governance. Our findings underscore the urgent need for crypto-agile infrastructures that maintain confidentiality as a continuous assurance process throughout the quantum transition. Full article

The efficiency of Shor’s and Grover’s algorithms and the advancement of quantum computers implies that the cryptography used until now to protect one’s privacy is potentially vulnerable to retrospective decryption, also known as the harvest now, decrypt later attack in the near future. This dissertation proposes an overview of the cryptographic schemes used by Tor, highlighting the non-quantum-resistant ones and introducing theoretical performance assessment methods of a local Tor network. The measurement is divided into three phases. We start with benchmarking a local Tor network simulation on constrained devices to isolate the time taken by classical cryptography processes. Secondly, the analysis incorporates existing benchmarks of quantum-secure algorithms and compares these performances on the devices. Lastly, the estimation of overhead is calculated by replacing the measured times of traditional cryptography with the times recorded for Post-Quantum Cryptography (PQC) execution within the specified Tor environment. By focusing on the replaceable cryptographic components, using theoretical estimations, and leveraging existing benchmarks, valuable insights into the potential impact of PQC can be obtained without needing to implement it fully. Full article