Search Results (289)

This paper presents a hardware-accelerated signal processing architecture for OFDM-based vehicular networks that integrates crypto-agile adaptive encryption on a Xilinx Kintex-7 FPGA. The encryption layer is tightly coupled to the OFDM modulation/demodulation pipeline, enabling secure real-time signal processing for V2X communications without disrupting the baseband chain. A context-aware pre-selection unit dynamically selects among hardware cipher primitives based on latency constraints, security requirements, and channel conditions. The current prototype implements and synthesizes AES-128 as the primary block cipher, while ASCON (NIST lightweight AEAD) and Keccak (SHA-3 foundation) are validated through RTL simulation and architectural integration, demonstrating crypto-agility across block, AEAD, and sponge-based primitives. DES is retained solely as a legacy reference for backward-compatibility evaluation and is not recommended for secure V2X deployment. The design adopts a modular decoupling strategy in which cryptographic engines interface with a unified buffering and interleaving subsystem, enabling hardware-based single-cycle cipher switching without partial reconfiguration. FPGA results demonstrate sub-microsecond cryptographic processing latencies with moderate resource utilization, preserving the timing budget of latency-sensitive vehicular services. AES-128 provides standard-strength encryption, while ASCON and Keccak offer lightweight and sponge-based alternatives suited to constrained IoV platforms. Specifically, the implemented AES-128 core achieves a throughput of 1.02 Gbps with a switching latency of 86 ns, verified across 10 randomized transitions with a 99.99% success rate and zero data corruption. The ASCON and Keccak cores attain throughput-to-area efficiencies of 2.01 and 1.47 Mbps/LUT, respectively, at a unified clock frequency of 50 MHz. All acronyms are defined at first use and a complete list of abbreviations is provided prior to the reference section. Full article

GPS GNSS position signal manipulation in shipping can lead to significant navigational challenges. Such disruptions may result from various factors, including atmospheric conditions, satellite malfunctions, or intentional positioning satellite signal disturbance. Impacts on shipping operations include delays, increased operational costs, and safety risks for crews and vessels. Understanding these disturbances and their implications is crucial for enhancing maritime safety and efficiency. Common causes of GNSS disturbances in shipping include atmospheric effects such as ionospheric and tropospheric delays, satellite signal obstructions due to terrain or buildings, satellite malfunctions or failures, and intentional interference like jamming. These factors can lead to inaccuracies in positioning, affecting navigation and safety. GPS signals are vulnerable to various cyber threats, including spoofing, jamming, and signal interference. Spoofing involves sending counterfeit GPS signals to mislead receivers, while jamming disrupts the legitimate signals. Ensuring the integrity and security of GPSs is crucial for applications like navigation, timing, and critical infrastructure. Advanced encryption and authentication methods can help safeguard the security of GPS signals. These vulnerabilities can have profound implications for navigation systems and critical infrastructure. Enhancing GPS security requires a combination of advanced technologies and policies to improve signal integrity and authentication processes. The Global Positioning System (GPS) is the most widely used GNSS positioning method in commercial shipping. Moreover, deliberate disturbance technical birth mechanisms are similar across the field of GNSS systems. Therefore, this study focuses on the deliberate disturbance of the GPS, recognising the ability to upscale the research results to other commonly used GNSSs such as Beidou, Galileo, and Glonass. This paper introduces a behavioural approach to enhancing cybersecurity and preparedness to external threats in commercial shipping through European collaboration in the CyberSEA project. Full article

Resource-constrained IoT systems face a fundamental conflict between cryptographic security and energy efficiency, particularly in critical infrastructure monitoring requiring long-term autonomous operation. This study presents a hybrid framework integrating signal-adaptive compression with hardware-accelerated authenticated encryption to resolve this trade-off. The Dynamic Payload Compression with Selective Encryption framework classifies sensor data into three SNR regimes and applies adaptive compression strategies: 24.15-fold compression for low-SNR backgrounds, 1.77-fold for transitional states, and no compression for high-SNR leak detection events. Experimental validation using 2714 acoustic sensor samples demonstrates 5.91-fold average payload reduction with 100% detection accuracy. The integration with STM32L5 hardware AES acceleration reduces power–data correlation from 0.820 to 0.041, increasing differential power analysis attack complexity from 500 to over 221,000 required traces. Compression-induced timing variance provides additional side-channel masking, burying cryptographic signals beneath a 0.00009 signal-to-noise ratio. Projected on 19,200 mAh lithium thionyl chloride batteries, the system achieves 14-year operational lifetime under realistic duty cycles, exceeding industrial requirements for critical infrastructure protection while maintaining robust security against physical attacks. Full article

With the rapid development of Internet technology, information security has become increasingly important. Cryptographic analysis techniques, especially side-channel analysis (SCA), pose a significant threat to security systems. The latest SCA technology mainly utilizes the physical leakage signals generated during the operation of encryption devices, such as power consumption, temperature and electromagnetic radiation. These signals themselves carry the physical characteristics of the device, which are related to the encryption algorithm. Among them, the power consumption trace remains the main target of modern SCA research. However, such trajectories often bring about some analytical difficulties, such as the data sequence being too long, the feature points being distributed sparsely, and the internal relationships of the data being complex. These challenges hinder effective analysis. While Transformer architectures are good at capturing long-range dependencies in sequential data, their high computational complexity limits practical deployment. To address this, we propose replacing the self-attention (SA) module in Transformers with a focal modulation module. This modification significantly reduces computational complexity and reduces computational operations during feature extraction, enabling efficient and accurate side-channel attacks. Experimental results on benchmark datasets (ASCAD, AES_RD, AES_HD, DPAv4) demonstrate the superiority of our approach. The proposed method achieves a reduction in training time compared to standard Transformer models, and achieves superior key recovery performance, outperforming existing state-of-the-art models. Full article

This paper proposes a novel four-dimensional strongly dissipative nonlinearly coupled hyperchaotic system, investigates its dynamical characteristics, and demonstrates its applicability through Deoxyribonucleic Acid (DNA)-encoded RGB image encryption. First, a four-dimensional nonlinearly coupled hyperchaotic system with strong dissipativity is constructed. Nonlinear dynamics analysis methods, including phase trajectory diagrams, Lyapunov exponent spectra, and bifurcation diagrams, are employed to thoroughly reveal the system’s complex dynamical evolution mechanisms. The analysis indicates that the system not only possesses a wide range of chaotic parameters but also exhibits rich phenomena of multiple coexisting attractors, demonstrating a high degree of multistability. This characteristic offers potential advantages for image encryption, as it increases the diversity of dynamical behaviors and enhances sensitivity to initial conditions. The physical realizability of the chaotic behavior is further verified through an analog circuit implementation. Consequently, the system supports the design of encryption algorithms with larger key spaces, stronger resistance to phase space reconstruction, and improved pseudo-randomness, making it particularly suitable for applications with extremely high security requirements. Subsequently, leveraging the highly random chaotic sequences generated by this system, combined with various DNA coding rules and operations, the RGB image components are scrambled and diffused for encryption. Security analysis demonstrates that the algorithm effectively passes examinations across multiple dimensions, including histogram analysis, information entropy, adjacent pixel correlation, Number of Pixel Change Rate (NPCR), Unified Average Changing Intensity (UACI), and The Peak Signal-to-noise Ratio (PSNR). It achieves favorable encryption results, significantly enhances image resistance against attacks, and provides a reliable technical solution for the secure transmission of remote sensing and military images. Full article

NetworkGuard is a modular edge-based virtual network sensing framework designed for residential smart home security. The system interprets network telemetry—such as DNS queries, firewall events, VPN latency, and connection establishment delay—as structured sensing signals for gateway-level monitoring. Implemented on a Raspberry Pi 4 and managed via an Android interface, NetworkGuard integrates DNS filtering (Pi-hole), firewall enforcement (UFW), encrypted VPN tunneling (WireGuard), and an AI-assisted advisory layer for contextual log interpretation. During a six-week residential deployment, DNS blocking efficiency improved from 81.2% to 97.0% following blocklist refinement, while VPN connection establishment time decreased from approximately 3012 ms to 2410 ms after configuration tuning. ICMP-based measurements indicated a stable tunnel latency under moderate traffic conditions. Controlled validation scenarios—including DNS manipulation attempts, port scanning, and VPN interruption testing—confirmed consistent firewall enforcement and tunnel containment. The results demonstrate that layered security principles can be adapted into a lightweight, reproducible edge architecture suitable for small-scale residential IoT environments without a reliance on enterprise infrastructure. Full article

End-to-end encrypted (E2EE) messaging and the growing use of cryptocurrency create an attribution gap for digital investigators because message content is unavailable and wallet activity is often decoupled from subscriber identities, which makes it difficult to link communication behaviors with wallet activity. We propose a lawful and metadata-driven forensic attribution framework called the Data-Source Association Framework (DSAF). The DSAF links encrypted communication behavior with cryptocurrency wallet activity by correlating only legally obtainable network metadata that are observable under lawful interception (LI) with on-chain traces. By integrating information from communication behaviors and wallet activity, the framework aims to narrow the person–application–wallet attribution gap. The framework integrates two components, where one performs encrypted-application classification using transport-layer signals and flow-level features and the other conducts wallet–identity association by applying controlled decoding to intercepted traffic and extracting relevant transaction traces. Both components operate under a minimum-field schema that is aligned with Taiwanese LI procedures. We implemented the workflow and evaluated it using controlled experiments across multiple wallets and assets, reporting Wilson 95% confidence intervals (CIs). We achieved 91.4% accuracy (181/198) in end-to-end association under a confidence threshold, with high performance across wallet types, including Monero and TronLink. Full article

We propose a probabilistic shaping-assisted base precoding quantum noise stream cipher (PSABP QNSC) scheme to effectively alleviate the encryption penalty in QAM QNSC systems. In contrast to the uniformly distributed bases adopted in traditional QNSC, Gaussian distributed bases can provide shaping gain. We theoretically analyze the underlying gain mechanism of Gaussian distributed bases in the PSABP QNSC scheme. Experimental results of 160 km reveal that the encryption penalties of QPSK and 16QAM are reduced by 0.44 dB and 0.27 dB, in terms of OSNR. Moreover, the security is quantified through the number of masked signals as a primary key metric. To mitigate the impact of base precoding, we propose the effective bases and effective ciphertext symbol points to refine the security evaluation. Moreover, the security is estimated in terms of mutual information leakage, with $2.2\times {10}^{-4}$ bits of QPSK and $1.85\times {10}^{-4}$ bits of 16QAM. The results indicate that the PSABP QNSC scheme provides effective protection against eavesdropping. Full article

Objectives: To investigate the current state of affective computing in healthcare, focusing on its application contexts, algorithmic trends, and the technical–ethical duality involving data privacy and security. Methods and Results: A systematic review was conducted in two phases (2013–2025) following PRISMA guidelines. A total of 170 peer-reviewed articles were selected from PubMed, IEEE Xplore, Scopus, and Web of Science based on predefined inclusion and exclusion criteria, with the sample restricted to full-text studies in English addressing affective computing in healthcare. No formal risk-of-bias tool was applied due to the computational nature of the studies, and the findings were synthesized descriptively. Discussion: The findings reveal a clear shift from classical machine learning (e.g., SVM, k-NN) toward deep learning and hybrid architectures such as CNN–LSTM and attention-based models for processing complex physiological signals. Recent years have shown a growing interest in multimodal data fusion and privacy-preserving mechanisms such as homomorphic encryption. Evidence remains limited by methodological heterogeneity and inconsistent reporting across studies. A significant gap persists in regulatory compliance, as 57% of recent publications do not adequately address data security or ethical risks associated with sensitive biometric footprints. Conclusions: Although affective computing has reached a certain level of technical maturity, future research must prioritize lightweight, secure, and privacy-by-design architectures to enable ethically aligned and trustworthy deployment in real-world healthcare scenarios. Full article

The Galileo Signal Authentication Service (SAS) is the next new feature to be offered by Galileo, the European GNSS. Its signal-in-space initial capability is expected already in the next months of 2025, starting with the L3 (Launch 3) Galileo elliptical-orbit satellites. It is the first-ever navigation signal authentication feature offered globally and openly. Galileo SAS uses the existing Galileo E6-C signal to be encrypted, in combination with OSNMA (Open Service Navigation Message Authentication), through the so-called semi-assisted authentication concept. In this concept, portions of the E6-C are re-encrypted with OSNMA future keys and published in a server. The concept allows signal authentication openly and for free, and without private key management by users. In exchange, the time between authentications is 30 s, inherited from OSNMA, and it introduces a latency between the E6-C signal reception and its authentication down to a few seconds. This work presents the status of Galileo SAS. It outlines its latest technical definition, already shared in previous publications. It will also present the MMARIO (Message and Measurement Authentication Receiver for Initial Operations) project, developing the first SAS server, receiver and testing platform. The paper also outlines the Galileo SAS plans for the near future, up to the Initial Service Declaration. Full article

In this paper, a metasurface-enabled dual-channel optical image authentication based on polarization multiplexing is proposed. During encryption, authentication phases corresponding to dual-channel plaintext images are firstly calculated by using a sparse-constraint-driven authentication-holography (SCDAH) algorithm. Then, target transmission phase and geometric phase of metasurface to be designed are obtained accordingly by the composite phase modulation (CPM) principle. Next, the nanopillar-type metasurface unit is performed with parameter scanning to establish the transmission and geometric phase databases. Finally, the structural parameters of each nanopillar are determined on a pixel-by-pixel basis to complete the construction of polarization-multiplexing authentication metasurface (PMAM). During authentication, the PMAM are respectively illuminated by the left-handed circularly polarized (LCP) and right-handed circularly polarized (RCP) light to obtain pseudo-random images produced by far-field diffraction, and then the nonlinear correlation distribution between diffraction image and corresponding channel plaintext image is calculated, and the final authentication result of each channel is determined based on whether the signal-to-noise ratio of the nonlinear correlation distribution meets the standard. In fact, a new physical-characteristic-driven dual-channel optical image authentication technology is formed, where double identities of the user holding this PMAM can be simultaneously verified, breaking through the rigid constraint of conventional single metasurface-to-single image, meanwhile improving the capacity and efficiency for authentication metasurface from the perspective of physical mechanism. Numerical simulations are performed to demonstrate the feasibility of the proposed method, and the simulation results prove that the proposed method exhibits high feasibility and security as well as strong robustness against cropping attack, showing a promising application potential in the field of identity recognition and authentication. Full article

Quantum Encryption in Phase Space (QEPS) is a physical-layer encryption framework that harnesses the quantum-mechanical properties of coherent states to secure optical communications against both classical and quantum computational threats. By applying randomized phase shifts, displacements, or their dynamic combinations—implemented as unitary transformations in phase space—QEPS disrupts the phase reference essential for coherent detection, establishing aphase synchronization barrier. This review synthesizes the theoretical foundations, security mechanisms, and experimental progress of the QEPS framework, encompassing its three principal variants: the round-trip Quantum Public Key Envelope (QPKE) protocol—a public-key-like scheme built upon phase randomization (QEPS-p), the symmetric phase-only QEPS-p, and the displacement-based QEPS-d. Experimental validations demonstrate that authorized users achieve bit-error rates (BERs) below the forward-error-correction threshold, whereas eavesdroppers are confined to BERs near 50%, equivalent to random guessing—all while utilizing standard coherent optical transceivers at data rates up to 200 Gb/s over 80 km of fiber. We further examine QEPS’s robustness to channel impairments, its seamless compatibility with existing digital signal processing (DSP) pipelines, and its distinctive position within the post-quantum cryptography landscape. Finally, we outline key challenges and future research directions toward deploying QEPS as a practical, quantum-resistant security layer for next-generation optical networks. Full article

The growing need to safeguard sensitive data in various fields, including in relation to education, banking over the phone, private voice conferences, and the military, has grown as dependence on technology in daily life has increased. Encryption schemes based on chaotic systems are among the most commonly utilized approaches in the security field due to their high levels of safety and reliability. This study proposes a secure audio encryption framework based on the Chameleon chaotic algorithm implemented on a Xilinx ZedBoard Zynq-7000 FPGA. The system was designed using a fixed-point arithmetic format with 32-bit precision (eight integers; 24 fractional bits) with the Xilinx System Generator in MATLAB Simulink R2021b and verified using Vivado. The Chameleon Chaotic System, characterized by its transition from self-excited to hidden attractors through parameter variation, adds complexity to the system dynamics and strengthens the encryption algorithm. The Adaptive Feedback Control technique was applied to synchronize the signals. These methods enhance the security of audio data by ensuring robust and fast synchronization during transmission. The performance of the proposed system was assessed using correlation analysis, the mean squared error, histogram analysis, and audio spectrogram analysis. The system demonstrated strong encryption capabilities with low correlation values (−0.0033). In decryption, they achieved high fidelity with a correlation exceeding 0.999 in noise-free conditions and above 0.9933 under 20 dB AWGN. Adaptive Feedback Control showed superior decryption precision with lower MSEU and higher PSNR, confirming its effectiveness under noisy environments. Full article

The emergence of quantum computing poses a significant threat to the security of traditional encryption methods employed in satellite communication. To mitigate this vulnerability and enhance cybersecurity in the next generation of communication systems, a novel physical-layer solution is presented. This approach centers on enhancing satellite link security through the analysis of stochastic atmospheric scintillation, facilitated by machine learning (ML). The proposed method safeguards ground stations against Machine-in-the-Middle (MITM) attacks perpetrated from aerial platforms (AP) such as drones or Unmanned Aerial Vehicles (UAVs). The underlying principle leverages the distinct statistical parameters inherent to received signals. These parameters are contingent upon the specific propagation channel, which is influenced by rapid tropospheric scintillation. As signals from legitimate satellites and malicious drones traverse separate spatial paths within the dynamic atmosphere, they exhibit demonstrably divergent scintillation statistics. Wavelet filtering is employed to extract these statistics from the incoming signal. The extracted data is subsequently processed through an ML algorithm, enabling the differentiation between satellite signals and potential spoofing signals emanating from drones. Extensive simulations have been conducted, illustrating the efficacy and robustness of the proposed architecture, consistently achieving an authentication rate exceeding 98% across diverse scenarios. Additionally, experimental results obtained from measurement data collected from Nilesat and Eutelsat satellites at a ground station in Israel provide empirical validation for this innovative approach. Full article

Signals with flexible control over polarity and frequency provide an essential foundation for reliable and high-speed information transmission. To generate chaotic signals with flexible output characteristics in low-dimensional systems, a novel chaotic system model is proposed by introducing a nonlinear term into the classical Chen chaotic system. Dynamical analysis and MATLAB numerical simulations show that the system is not only highly sensitive to initial conditions but also capable of generating three distinct chaotic attractors. Further simulations confirm that the proposed system demonstrates arbitrary unidirectional and multidirectional offset boosting behaviors, with offset amplitudes in all directions having a wide adjustable range. Furthermore, arbitrary offset constants can effectively control the frequencies of all state variables. This chaotic system, which combines flexible offset control with frequency regulation, is rare in existing research. Additionally, certain parameter ranges in the chaotic regime are relatively narrow. To address this, a method involving control constants to enhance system complexity is proposed, and its effectiveness in increasing system complexity is validated through Lyapunov spectrum and spectral entropy (SE) analysis. Based on the constructed chaotic system, an equivalent circuit model was built using the Multisim 14.0 platform. Experimental results confirm that the system generates chaotic attractors with distinct structures and demonstrates offset boosting behavior in arbitrary directions. Additionally, DSP hardware experiments further validate the physical realizability of the system. To fully exploit the system’s advantages, a synchronization controller was designed for both the drive and response systems, enabling synchronization control of the chaotic system with three offset constants. Based on this, data encryption and transmission experiments were conducted, further establishing the theoretical and experimental foundation for applying the new chaotic system in secure communication. Full article