Search Results (294)

The increasing adoption of digital technologies, robotic systems, and IoT applications in sectors such as medicine, agriculture, and industry drives a surge in data generation and necessitates secure and efficient encryption. For resource-constrained systems, lightweight yet robust cryptographic algorithms are critical. This study addresses the security demands of IoRT systems by proposing an enhanced chaos-based encryption method. The approach integrates the lightweight structure of NIST-standardized Ascon-AEAD128 with the randomness of the Zaslavsky map. Ascon-AEAD128 is widely used on many hardware platforms; therefore, it must robustly resist both passive and active attacks. To overcome these challenges and enhance Ascon’s security, we integrate into Ascon the keys and nonces generated by the Zaslavsky chaotic map, which is deterministic, nonperiodic, and highly sensitive to initial conditions and parameter variations.This integration yields a chaos-based Ascon variant with a higher encryption security relative to the standard Ascon. In addition, we introduce exploratory variants that inject non-repeating chaotic values into the initialization vectors (IVs), the round constants (RCs), and the linear diffusion constants (LCs), while preserving the core permutation. Real-time tests are conducted using Raspberry Pi 3B devices and ROS 2–based IoRT robots. The algorithm’s performance is evaluated over 100 encryption runs on 12 grayscale/color images and variable-length text transmitted via MQTT. Statistical and differential analyses—including histogram, entropy, correlation, chi-square, NPCR, UACI, MSE, MAE, PSNR, and NIST SP 800-22 randomness tests—assess the encryption strength. The results indicate that the proposed method delivers consistent improvements in randomness and uniformity over standard Ascon-AEAD128, while remaining comparable to state-of-the-art chaotic encryption schemes across standard security metrics. These findings suggest that the algorithm is a promising option for resource-constrained IoRT applications. Full article

The burgeoning Internet of Medical Things (IoMT) offers unprecedented opportunities for real-time patient monitoring and predictive diagnostics, yet the current systems struggle with scalability, data confidentiality against quantum threats, and real-time privacy-preserving intelligence. This paper introduces Med-Q Ledger, a novel, multi-layered framework designed to overcome these critical limitations in the Medical IoT domain. Med-Q Ledger integrates a permissioned Hyperledger Fabric for transactional integrity with a scalable Holochain Distributed Hash Table for high-volume telemetry, achieving horizontal scalability and sub-second commit times. To fortify long-term data security, the framework incorporates post-quantum cryptography (PQC), specifically CRYSTALS-Di lithium signatures and Kyber Key Encapsulation Mechanisms. Real-time, privacy-preserving intelligence is delivered through an edge-based federated learning (FL) model, utilizing lightweight autoencoders for anomaly detection on encrypted gradients. We validate Med-Q Ledger’s efficacy through a critical application: the prediction of intestinal complications like necrotizing enterocolitis (NEC) in preterm infants, a condition frequently necessitating emergency colostomy. By processing physiological data from maternal wearable sensors and infant intestinal images, our integrated Random Forest model demonstrates superior performance in predicting colostomy necessity. Experimental evaluations reveal a throughput of approximately 3400 transactions per second (TPS) with ~180 ms end-to-end latency, a >95% anomaly detection rate with <2% false positives, and an 11% computational overhead for PQC on resource-constrained devices. Furthermore, our results show a 0.90 F1-score for colostomy prediction, a 25% reduction in emergency surgeries, and 31% lower energy consumption compared to MQTT baselines. Med-Q Ledger sets a new benchmark for secure, high-performance, and privacy-preserving IoMT analytics, offering a robust blueprint for next-generation healthcare deployments. Full article

The Internet of Things (IoT) has surfaced as a revolutionary technology, enabling ubiquitous connectivity between devices and revolutionizing traditional lifestyles through smart automation. As IoT systems proliferate, securing device-to-device communication and server–client data exchange has become crucial. This paper presents a novel security framework that integrates elliptic curve cryptography (ECC) with artificial neural networks (ANNs) to enhance the Message Queuing Telemetry Transport (MQTT) protocol. Our study evaluated multiple machine learning algorithms, with ANN demonstrating superior performance in anomaly detection and classification. The hybrid approach not only encrypts communications but also employs the optimized ANN model to detect and classify anomalous traffic patterns. The proposed model demonstrates robust security features, successfully identifying and categorizing various attack types with 90.38% accuracy while maintaining message confidentiality through ECC encryption. Notably, this framework retains the lightweight characteristics essential for IoT devices, making it especially relevant for environments where resources are constrained. To our knowledge, this represents the first implementation of an integrated ECC-ANN approach for securing MQTT-based IoT communications, offering a promising solution for next-generation IoT security requirements. Full article

Hash functions are fundamental components in both cryptographic and non-cryptographic systems, supporting secure authentication, data integrity, fingerprinting, and indexing. While the Ascon family, selected by the National Institute of Standards and Technology (NIST) in 2023 for lightweight cryptography, has been extensively evaluated in its authenticated encryption mode, its hashing and extendable-output variants, namely Ascon-Hash256, Ascon-XOF128, and Ascon-CXOF128, have not received the same level of empirical attention. This paper presents a structured benchmarking study of these hash variants using both the SMHasher framework and custom Python-based simulation environments. SMHasher is used to evaluate statistical and structural robustness under constrained, patterned, and low-entropy input conditions, while Python-based experiments assess application-specific performance in Bloom filter-based replay detection at the network edge, Merkle tree aggregation for blockchain transaction integrity, lightweight device fingerprinting for IoT identity management, and tamper-evident logging for distributed ledgers. We compare the performance of Ascon hashes with widely used cryptographic functions such as SHA3 and BLAKE2s, as well as high-speed non-cryptographic hashes including MurmurHash3 and xxHash. We assess avalanche behavior, diffusion consistency, output bias, and keyset sensitivity while also examining Ascon-XOF’s variable-length output capabilities relative to SHAKE for applications such as domain-separated hashing and lightweight key derivation. Experimental results indicate that Ascon hash functions offer strong diffusion, low statistical bias, and competitive performance across both cryptographic and application-specific domains. These properties make them well suited for deployment in resource-constrained systems, including Internet of Things (IoT) devices, blockchain indexing frameworks, and probabilistic authentication architectures. This study provides the first comprehensive empirical evaluation of Ascon hashing modes and offers new insights into their potential as lightweight, structurally resilient alternatives to established hash functions. Full article

In modern industrial control systems (ICSs), communication protocols such as Modbus TCP remain widely used due to their simplicity, interoperability, and real-time performance. However, these communication protocols (e.g., Modbus TCP) were originally designed without security considerations, lacking essential features such as encryption, integrity protection, and authentication. This exposes ICS deployments to severe security threats, including eavesdropping, command injection, and replay attacks, especially when operating over unsecured networks. To address these critical vulnerabilities while preserving the lightweight nature of the protocol, we propose a Modbus TCP security enhancement scheme that integrates ASCON, an NIST-standardized authenticated encryption algorithm, with the CBOR Object Signing and Encryption (COSE) framework. Our design embeds COSE_Encrypt0 structures into Modbus application data, enabling end-to-end confidentiality, integrity, and replay protection without altering the protocol’s semantics or timing behavior. We implement the proposed scheme in C and evaluate it in a simulated embedded environment representative of typical ICS devices. Experimental results show that the solution incurs minimal computational and memory overhead, while providing robust cryptographic guarantees. This work demonstrates a practical pathway for retrofitting legacy ICS protocols with modern lightweight cryptography, enhancing system resilience without compromising compatibility or performance. Full article

Homomorphic encryption solutions tend to be costly in terms of memory and computational resources, making them difficult to implement. In this paper, we present Kyber AHE, a lightweight additive homomorphic encryption scheme for computing the addition modulo 2 of two binary strings in the encrypted domain. It is based on the CRYSTALS-Kyber public key encryption (PKE) scheme, which is the basis of the NIST module-lattice-based key-encapsulation mechanism standard. Apart from being quantum-safe, Kyber PKE has other interesting features such as the use of compressed ciphertexts, reduced sizes of keys, low execution times, and the ability to easily increase the security level. The operations performed in the encrypted domain by Kyber AHE are the decompression of ciphertexts, the component-wise modulo q addition of polynomials, and the compression of the results. A great advantage of Kyber AHE is that it can be easily implemented along with CRYSTALS-Kyber without the need for additional libraries. Among the applications of homomorphic encryption, biometric template protection schemes are a promising solution to provide data privacy by comparing biometric features in the encrypted domain. Therefore, we present the application of Kyber AHE for the protection of biometric templates. Experimental results have been obtained using Kyber AHE in an iris biometric template protection scheme with 256-byte features using Kyber512, Kyber768, and Kyber1024 instances. The sizes of the encrypted iris features are 6.0, 8.5, and 12.5 kB for NIST security levels I, III, and V, respectively. Using a commercial laptop, the encryption ranges from 0.755 to 1.73 ms, the evaluation from 0.096 to 0.161 ms, and the decryption from 0.259 to 0.415 ms, depending on the security level. Full article

With the rapid development of big data and artificial intelligence, the problem of image privacy leakage has become increasingly prominent, especially for images containing sensitive information such as faces, which poses a higher security risk. In order to improve the security and efficiency of image privacy protection, this paper proposes an image encryption scheme that integrates face detection and multi-level encryption technology. Specifically, a multi-task convolutional neural network (MTCNN) is used to accurately extract the face area to ensure accurate positioning and high processing efficiency. For the extracted face area, a hierarchical encryption framework is constructed using chaotic systems, lightweight block permutations, RNA cryptographic systems, and bit diffusion, which increases data complexity and unpredictability. In addition, a key update mechanism based on dynamic feedback is introduced to enable the key to change in real time during the encryption process, effectively resisting known plaintext and chosen plaintext attacks. Experimental results show that the scheme performs well in terms of encryption security, robustness, computational efficiency, and image reconstruction quality. This study provides a practical and effective solution for the secure storage and transmission of sensitive face images, and provides valuable support for image privacy protection in intelligent systems. Full article

The growing demand for autonomous and energy-efficient telemetry systems in Industrial Internet of Things (IIoT) applications highlights the limitations of GSM-dependent infrastructure. This research proposes and validates a secure and infrastructure-independent telemetry transmission architecture based on Raspberry Pi and LoRa technology. The system integrates lightweight symmetric encryption (AES-128 with CRC-8) and local data processing, enabling long-range communication without reliance on cellular networks or cloud platforms. A fully functional prototype was developed and tested in real urban environments with high electromagnetic interference. The experimental evaluation was conducted over distances ranging from 10 to 1100 m, focusing on the Packet Delivery Ratio (PDR), Packet Error Rate (PER), and Packet Loss Rate (PLR). Results demonstrate reliable communication up to 200 m and high long-term stability, with a 24 h continuous transmission test achieving a PDR of 97.5%. These findings confirm the suitability of the proposed architecture for secure, autonomous IIoT deployments in infrastructure-limited and noisy environments. Full article

This work presents an end-to-end encryption–decryption framework for securing electromagnetic signals processed through a nanoantenna. The system integrates amplitude normalization, uniform quantization, and Reed–Solomon forward error correction with key establishment via ECDH and bitwise XOR encryption. Two signal types were evaluated: a synthetic Gaussian pulse and a synthetic voice waveform, representing low- and high-entropy data, respectively. For the Gaussian signal, reconstruction achieved an RMSE = 11.42, MAE = 0.86, PSNR = 26.97 dB, and Pearson’s correlation coefficient = 0.8887. The voice signal exhibited elevated error metrics, with an RMSE = 15.13, MAE = 2.52, PSNR = 24.54 dB, and Pearson correlation = 0.8062, yet maintained adequate fidelity. Entropy analysis indicated minimal changes between the original signal and the reconstructed signal. Furthermore, avalanche testing confirmed strong key sensitivity, with single-bit changes in the key altering approximately 50% of the ciphertext bits. The findings indicate that the proposed pipeline ensures high reconstruction quality with lightweight encryption, rendering it suitable for environments with limited computational resources. Full article

Background: By leveraging advanced wireless technologies, Healthcare Industry 5.0 promotes the continuous monitoring of real-time medical acquisition from the physical environment. These systems help identify early diseases by collecting health records from patients’ bodies promptly using biosensors. The dynamic nature of medical devices not only enhances the data analysis in medical services and the prediction of chronic diseases, but also improves remote diagnostics with the latency-aware healthcare system. However, due to scalability and reliability limitations in data processing, most existing healthcare systems pose research challenges in the timely detection of personalized diseases, leading to inconsistent diagnoses, particularly when continuous monitoring is crucial. Methods: This work propose an adaptive and secure framework for disability identification using the Internet of Medical Things (IoMT), integrating edge computing and artificial intelligence. To achieve the shortest response time for medical decisions, the proposed framework explores lightweight edge computing processes that collect physiological and behavioral data using biosensors. Furthermore, it offers a trusted mechanism using decentralized strategies to protect big data analytics from malicious activities and increase authentic access to sensitive medical data. Lastly, it provides personalized healthcare interventions while monitoring healthcare applications using realistic health records, thereby enhancing the system’s ability to identify diseases associated with chronic conditions. Results: The proposed framework is tested using simulations, and the results indicate the high accuracy of the healthcare system in detecting disabilities at the edges, while enhancing the prompt response of the cloud server and guaranteeing the security of medical data through lightweight encryption methods and federated learning techniques. Conclusions: The proposed framework offers a secure and efficient solution for identifying disabilities in healthcare systems by leveraging IoMT, edge computing, and AI. It addresses critical challenges in real-time disease monitoring, enhancing diagnostic accuracy and ensuring the protection of sensitive medical data. Full article

With the widespread application of 3D models derived from oblique photography, the need for copyright protection and trusted transactions has risen significantly. Traditional transactions often depend on third parties, making it difficult to balance copyright protection with transaction credibility and to safeguard the rights and interests of both parties. To address these challenges, this paper proposes a novel trusted-transaction scheme that integrates smart contracts with zero-watermarking technology. Firstly, the skewness of the oblique-photography 3D model data is employed to construct a zero-watermark identifier, which is stored in the InterPlanetary File System (IPFS) alongside encrypted data for trading. Secondly, smart contracts are designed and deployed. Lightweight information, such as IPFS data addresses, is uploaded to the blockchain by invoking these contracts, and transactions are conducted accordingly. Finally, the blockchain system automatically records the transaction process and results on-chain, providing verifiable transaction evidence. The experimental results show that the proposed zero-watermarking algorithm resists common attacks. The trusted-transaction framework not only ensures the traceability and trustworthiness of the entire transaction process but also safeguards the rights of both parties. This approach effectively protects copyright while ensuring the reliability of the transactions. Full article

Deployment of Unmanned Aerial Vehicles (UAVs) continues to expand rapidly across a wide range of applications, including environmental monitoring, precision agriculture, and disaster response. Despite their increasing ubiquity, UAVs remain inherently vulnerable to security threats due to resource-constrained hardware, energy limitations, and reliance on open wireless communication channels. These factors render traditional cryptographic solutions impractical, thereby necessitating the development of lightweight, UAV-specific security mechanisms. This review article presents a comprehensive analysis of lightweight encryption techniques and key management strategies designed for energy-efficient and secure UAV communication. Special emphasis is placed on recent cryptographic advancements, including the adoption of the ASCON family of ciphers and the emergence of post-quantum algorithms that can secure UAV networks against future quantum threats. Key management techniques such as blockchain-based decentralized key exchange, Physical Unclonable Function (PUF)-based authentication, and hierarchical clustering schemes are evaluated for their performance and scalability. To ensure comprehensive protection, this review introduces a multilayer security framework addressing vulnerabilities from the physical to the application layer. Comparative analysis of lightweight cryptographic algorithms and multiple key distribution approaches is conducted based on energy consumption, latency, memory usage, and deployment feasibility in dynamic aerial environments. Unlike design- or implementation-focused studies, this work synthesizes existing literature across six interconnected security dimensions to provide an integrative foundation. Our review also identifies key research challenges, including secure and efficient rekeying during flight, resilience to cross-layer attacks, and the need for standardized frameworks supporting post-quantum cryptography in UAV swarms. By highlighting current advancements and research gaps, this study aims to guide future efforts in developing secure communication architectures tailored to the unique operational constraints of UAV networks. Full article

The Advanced Encryption Standard (AES) symmetric encryption algorithm plays a crucial role in data encryption. To address the limitations of the fixed Substitution-box (S-box) and static key expansion strategy in AES. This paper proposes an improved AES scheme that integrates a dynamic S-box structure with a key expansion mechanism based on dynamic perturbations. The dynamic S-box is generated by selecting affine transformation pairs and irreducible polynomials, and its cryptographic properties are tested in SageMath9.3 to obtain a set of S-boxes superior to the standard AES. In the key expansion process, the perturbation values generated by the hash function will be incorporated into the round key generation process to reduce the correlation between round keys. The improved AES algorithm, when applied to Over-the-Air (OTA) systems, not only achieves significant savings in storage resources of in-vehicle Electronic Control Units (ECUs) but also enhances the security of OTA communications. Furthermore, it consumes only a small amount of ECU computational resources, thereby effectively meeting the lightweight requirements of in-vehicle electronic control units. Full article

As the Internet of Things (IoT) expands, ensuring secure and efficient image transmission in resource-limited environments has become crucial and important. In this paper, we propose a lightweight image encryption scheme based on Elliptic Curve Cryptography (ECC), tailored for embedded and IoT applications. In this scheme, the image data blocks are mapped into elliptic curve points using a decimal embedding algorithm and shuffled to improve resistance to tampering and noise. Moreover, an OTP-like operation is applied to enhance the security while avoiding expensive point multiplications. The proposed scheme meets privacy and cybersecurity requirements with low computational costs. Classical security metrics such as entropy, correlation, NPCR, UACI, and key sensitivity confirm its strong robustness. Rather than relying solely on direct comparisons with existing benchmarks, we employ rigorous statistical analyses to objectively validate the encryption scheme’s robustness and security. Furthermore, we propose a formal security analysis that demonstrates the resistance of the new scheme to chosen-plaintext attacks and noise and cropping attacks, while the GLCM analysis confirms the visual encryption quality. Our scheme performs the encryption of a $512\times 512$ image in only 0.23 s on a 1 GB RAM virtual machine, showing its efficiency and suitability for real-time IoT systems. Our method can be easily applied to guarantee the security and the protection of lightweight data in future smart environments. Full article

Reversible data hiding in encrypted point clouds presents unique challenges due to their unstructured geometry, absence of mesh connectivity, and high sensitivity to spatial perturbations. In this paper, we propose an efficient and secure reversible data hiding framework for encrypted point clouds, incorporating KD tree-based path planning, adaptive multi-MSB prediction, and a dual-model design. To establish a consistent spatial traversal order, a Hamiltonian path is constructed using a KD tree-accelerated nearest-neighbor algorithm. Guided by this path, a prediction-driven embedding strategy dynamically adjusts the number of most significant bits (MSBs) embedded per point, balancing capacity and reversibility while generating a label map that reflects local predictability. The label map is then compressed using Huffman coding to reduce the auxiliary overhead. For enhanced security and lossless recovery, the encrypted point cloud is divided into two complementary shares through a lightweight XOR-based (2, 2) secret sharing scheme. The Huffman tree and compressed label map are distributed across both encrypted shares, ensuring that neither share alone can reveal the original point cloud or the embedded message. Experimental evaluations on diverse 3D models demonstrate that the proposed method achieves near-optimal embedding rates, perfect reconstruction of the original model, and significant obfuscation of the geometric structure. These results confirm the practicality and robustness of the proposed framework for scenarios involving secure 3D point cloud transmission, storage, and sharing. Full article