Post-quantum encryption technology based on BRLWE for internet of things by Yitian GAO, Liquan CHEN, Tianyang TU, Yuan GAO, Qianye CHEN

“…With the development of quantum computers, the classical public key encryption system is not capable enough to guarantee the communication security of internet of things (IoT).Because the mathematical puzzles which post-quantum encryption algorithms are based on cannot yet be broken by quantum computers, these new algorithms have good anti-quantum computing security.In particular, the lattice-based cryptography is expected to become the main technology of the next generation public key cryptosystem.However, post-quantum encryption algorithms have the disadvantages of large amount of computation and high storage space.The communication efficiency of IoT will be affected if post-quantum encryption algorithms are directly applied to the lightweight device under IoT environment.In order to better guarantee the communication security and improve the commutation efficiency of IoT, Sym-BRLWE (symmetrical binary RLWE) encryption scheme was proposed.Sym-BRLWE was improved from the existing post-quantum encryption scheme based on BRLWE (binary ringlearning with errors) problem.Specifically, Sym-BRLWE encryption algorithm met the efficiency requirements of IoT via improving the random number selection on the discrete uniform distribution and the calculation of the polynomial multiplication.Sym-BRLWE encryption algorithm achieved high efficiency and high security via adding encryption security precautions, then it is more suitable for IoT lightweight devices.From the security analysis, the proposed Sym-BRLWE encryption scheme had high security.It could theoretically resist lattice attacks, timing attacks, simple power analysis (SPA) and differential power analysis (DPA).From simulation experiments, which were carried out in a binary computing environment simulating an 8-bit micro-device, the proposed Sym-BRLWE encryption scheme has high efficiency and small key size in encryption and decryption.It could reduce the total encryption time by 30% to 40% when compared with other BRLWE-based encryption schemes with the parameter selection of the 140 bit quantum security level.…”
Get full text

5G-based smart airport network security scheme design and security analysis by Xinxin XING, Qingya ZUO, Jianwei LIU

“…To meet the security requirements of smart airports, a 5G-based smart airport network security solution was proposed.The security characteristics and security requirements of the 5G scenario in smart airport were analyzed, and the pain points of security requirements in the current scenario were summarized in five aspects:unified security management and control, network slicing security, security monitoring and early warning, edge computing security, and IoT-aware node security.And then a 5G network security system was designed for smart airports.The functional components of this system included 5G network unified security management and control functions for ubiquitous networks, lightweight 5G network identity authentication and authentication functions, 5G network slice security protection for multi-service requirements, 5G network security monitoring and early warning based on big data analysis, integrated security protection function based on edge computing, and sensory node security protection function based on device behavior analysis.This comprehensive approach built an all-in-one security platform covering business encryption, network security, terminal trustworthiness, identity trustworthiness, and security management and control.Additionally, the potential counterfeit base station attacks in the existing 5G authentication and key agreement (AKA) were analyzed.Due to the lack of authenticity verification of the messages forwarded by the SN, the attacker can pretend to be the real SN to communicate with the UE and the HN, thus carrying out the base station masquerading attack.This kind of attack may lead to the leakage of smart airport network data, and encounter problems such as tampering and deception by opponents.Aiming at the network security requirements of smart airports and the security issues of 5G authentication and key agreement protocol, an improved 5G authentication and key agreement protocol was designed.Formal security models, security goal definitions, and analysis were performed to ensure the robustness and effectiveness of the protocol against attacks.…”
Get full text

High-performance reconfigurable encryption scheme for distributed storage by Zhihua FENG, Yuxuan ZHANG, Chong LUO, Jianing WANG

“…As the world embraces the digital economy and enters an information society, data has emerged as a critical production factor.The collection, processing, and storage of data have become increasingly prevalent.Distributed storage systems, known for their efficiency, are widely used in various data fields.However, as the scale of data storage continues to expand, distributed storage faces more significant security risks, such as information leakage and data destruction.These challenges drive the need for innovative advancements in big data distributed storage security technology and foster the integration of domestic cryptographic technology with computing storage technology.This work focused on addressing security issues, particularly information leakage, in distributed storage nodes.A dynamic and reconfigurable encryption storage solution was proposed, which considered the requirements for encryption performance and flexibility.A high-performance reconfigurable cryptographic module was designed based on the bio mapping framework.Based on this module, multiple storage pools equipped with different cryptographic algorithms were constructed to facilitate high-performance encryption and decryption operations on hard disk data.The scheme also enabled dynamic switching of cryptographic algorithms within the storage pools.A cryptographic protocol with remote online loading functions for cryptographic algorithms and keys was developed to meet the unified management and convenient security update requirements of reconfigurable cryptographic modules in various storage nodes.Furthermore, the scheme implemented fine-grained data encryption protection and logical security isolation functions based on cryptographic reconstruction technology.Experimental results demonstrate that the performance loss of this scheme for encryption protection and security isolation of stored data is approximately 10%.It provides a technical approach for distributed storage systems to meet the cryptographic application technology requirements outlined in GB/T 39786-2021 “Information Security Technology-Basic Requirements for Cryptography Applications” Level 3 and above in terms of device and computing security, application and data security.…”
Get full text

Securing fog computing in healthcare with a zero-trust approach and blockchain by Navjeet Kaur, Ayush Mittal, Umesh Kumar Lilhore, Sarita Simaiya, Surjeet Dalal, Kashif Saleem, Ehab Seif Ghith

Get full text