The vision and key elements of the 6th generation (6G) ecosystem are being discussed very actively in academic and industrial circles. In this work, we provide a timely update to the 6G security vision presented in our previous publications to contribute to these efforts. We elaborate further on some key security challenges for the envisioned 6G wireless systems, explore recently emerging aspects, and identify potential solutions from an additive perspective. This speculative treatment aims explicitly to complement our previous work through the lens of developments of the last two years in 6G research and development.
Authored by Gürkan Gur, Pawani Porambage, Diana Osorio, Attila Yavuz, Madhusanka Liyanage
The vision and key elements of the 6th generation (6G) ecosystem are being discussed very actively in academic and industrial circles. In this work, we provide a timely update to the 6G security vision presented in our previous publications to contribute to these efforts. We elaborate further on some key security challenges for the envisioned 6G wireless systems, explore recently emerging aspects, and identify potential solutions from an additive perspective. This speculative treatment aims explicitly to complement our previous work through the lens of developments of the last two years in 6G research and development.
Authored by Gürkan Gur, Pawani Porambage, Diana Osorio, Attila Yavuz, Madhusanka Liyanage
Quantum secret sharing (QSS) is a cryptography technique relying on the transmission and manipulation of quantum states to distribute secret information across multiple participants securely. However, quantum systems are susceptible to various types of noise that can compromise their security and reliability. Therefore, it is essential to analyze the influence of noise on QSS to ensure their effectiveness and practicality in real-world quantum communication. This paper studies the impact of various noisy environments on multi-dimensional QSS. Using quantum fidelity, we examine the influence of four noise models: d-phase-flip(dpf), dit-flip(df), amplitude damping(ad), and depolarizing(d). It has been discovered that the fidelity declines with an increase in the noise parameter. Furthermore, the results demonstrate that the efficiency of the QSS protocol differs significantly across distinct noise models.
Authored by Deepa Rathi, Sanjeev Kumar, Reena Grover
Cloud computing has turned into an important technology of our time. It has drawn attention due to its, availability, dynamicity, elasticity and pay as per use pricing mechanism this made multiple organizations to shift onto the cloud platform. It leverages the cloud to reduce administrative and backup overhead. Cloud computing offers a lot of versatility. Quantum technology, on the other hand, advances at a breakneck pace. Experts anticipate a positive outcome and predict that within the next decade, powerful quantum computers will be available. This has and will have a substantial impact on various sciences streams such as cryptography, medical research, and much more. Sourcing applications for business and informational data to the cloud, presents privacy and security concerns, which have become crucial in cloud installation and services adoption. To address the current security weaknesses, researchers and impacted organizations have offered several security techniques in the literature. The literature also gives a thorough examination of cloud computing security and privacy concerns.
Authored by Rajvir Shah
This paper conducts an evaluation of two IBM quantum systems: Quantum Eagle r3 (Sherbrooke, 127 qubits) and Falcon r8 (Peekskill, 27 qubits), with an emphasis on benchmarking these systems and their differing approaches to generating Greenberger-Horne-Zeilinger (GHZ) states, a specific type of multi-partite entangled quantum state. Our primary objective is to augment quantum fidelity via depth-reduction circuit designs. Sherbrooke s larger qubit capacity presents significant opportunities for implementing more complex algorithms, thus benefiting quantum cryptography [4], measurement-based quantum computing (MBQC) [5] and quantum simulation [6]. We introduce the Tree-based and Centred-tree-based approaches, enabling the exploitation of entangled states. Our strategies demonstrate promising potential for increasing quantum fidelity and broadening quantum applications. This work lays a firm foundation for subsequent advancements in quantum computing, highlighting the potential for heightened efficiency and versatility in future quantum systems.
Authored by Kuan-Cheng Chen
This paper offers a thorough investigation into quantum cryptography, a security paradigm based on the principles of quantum mechanics that provides exceptional guarantees for communication and information protection. The study covers the fundamental principles of quantum cryptography, mathematical modelling, practical applications, and future prospects. It discusses the representation of quantum states, quantum operations, and quantum measurements, emphasising their significance in mathematical modelling. The paper showcases the real-world applications of quantum cryptography in secure communication networks, financial systems, government and defence sectors, and data centres. Furthermore, it identifies emerging domains such as IoT, 5G networks, blockchain technology, and cloud computing as promising areas for implementing quantum cryptographic solutions. The paper also presents avenues for further research, including post-quantum cryptography, quantum cryptanalysis, multi-party quantum communication, and device-independent quantum cryptography. Lastly, it underscores the importance of developing robust infrastructure, establishing standards, and ensuring interoperability to facilitate widespread adoption of quantum cryptography. This comprehensive exploration of quantum cryptography contributes to the advancement of secure communication, information protection, and the future of information security in the era of quantum technology.
Authored by Atharva Takalkar, Bahubali Shiragapur
Hybrid authenticated key exchange combines cryptography key material from different sources (classical, quantum and post-quantum cryptography) to build protocols that are resilient to catastrophic failures, technology advances and future cryptanalytic attacks. In this work, we propose and implement a triple-hybrid version of the transport layer security network protocol TLS 1.3, combining classical and post-quantum cryptography, and quantum key distribution. We evaluate the performance of this triple-hybrid TLS in an experimental network scenario and our analysis shows that the quantum-resistant feature comes at an increased communication cost of approximately 68 \% over the total time of the composite handshakes. In exchange, our solution is an enhancement to the TLS 1.3 protocol by adding quantum-resistant cryptography schemes.
Authored by Carlos Garcia, Abraham Aguilera, Juan Olmos, Idelfonso Monroy, Simon Rommel
In this modern era, most cryptographic algorithms work on a basic principle to split integers into their primes. But the problem is that mathematics is also evolving at a very fast pace along with computing power so it is now more vulnerable to decryption, for example, one-way functions can be easily reversed along with factoring big integers. So, to solve this issue Quantum Physics gets involved with cryptography which further led to the concept of Quantum Cryptography. Quantum Cryptography is one of the fastest-growing technology in computer science. So, this paper is more focused on Quantum Cryptography technology and how it can be used to make our modern cryptographic era safeguard from top to bottom procedure related to getting more secure Key-transfer. This paper s scope is to cover all the vulnerabilities of the current cryptosystem, the uses of this technology in the real-world scenario, the limitations when used in real-world situations, and also what will be the future of Quantum Cryptography and the path it should head towards. We have tried to use tools and protocols which is modified to use the quantum key transfer by which the user s using it will not have access to each other s personal information, instead of sharing any private or public key in advance, we transfer an unordered quantum transmission which consists of a very little flash of polarized light.
Authored by Gurkirat Singh, Aman Singh, N Sreenarayanan
In a traditional voting system, voters have to reach the voting system to cast their votes. It is difficult for the elderly and for those living in remote localities to cast a vote. In the era of digital advancements, remote electronic voting has emerged as an efficient means of engaging citizens in decision-making processes. However, ensuring fairness and mitigating fraud in elections remain significant challenges. This research paper proposes a novel approach called Quantum Secret Sharing (QSS) combined with the quantum binary voting protocol, leveraging the capabilities of the IBM Quantum Experience platform. By incorporating established security features and introducing new criteria, this protocol aims to surpass the limitations of classical voting systems. The research involves the creation of communication circuits using IBM Quantum Experience and subsequent analysis through quantum state tomography. By integrating the principles of QSS and the quantum binary voting protocol, the proposed approach addresses the limitations of classical voting systems. The protocol satisfies the standards of traditional voting systems while introducing new criteria to overcome their shortcomings. Through the utilization of IBM Quantum Experience, secure communication circuits are established, and the outcomes are analyzed using quantum state tomography, ensuring the fairness and accuracy of the voting process. It integrates quantum cryptography, quantum communication, and classical cryptography techniques to create a robust and tamper-resistant voting protocol. By employing quantum superposition, the protocol enables voters to cast their votes in multiple states simultaneously, making it extremely difficult for a malicious person to intercept or alter individual votes. Furthermore, quantum entanglement ensures that any unauthorized attempt to measure or manipulate the quantum states would result in detectable changes, enhancing the overall security of the voting process.
Authored by Pragati Bhale, Digambar Padulkar, Jibi Abraham
Over the past decade, we ve witnessed a remarkable and rapid surge in the realm of high-performance computing. The entire computing landscape, encompassing cloud and fog computing, has seen an unprecedented surge in popularity. Cloud computing, a system interconnecting myriad components, delivers application, data, and storage services over the internet. Quantum computing, on the other hand, harnesses the remarkable phenomena of quantum mechanics like superposition and entanglement for computational purposes. This paper serves as an expansive introduction to the fundamental principles, historical evolution, and breakthroughs in quantum computing, shedding light on its applications in network technology and cryptography. Moreover, it delves into the exciting potential for future game development empowered by quantum technology. In particular, we ll uncover the latest strides in cognitive networking and cryptography, drawing attention to the cutting-edge developments. Finally, we ll scrutinize the on-going research endeavours and lingering questions demanding further exploration within the dynamic realm of quantum computing.
Authored by Javed Moazzam, Rahul Pawar, Mayank Khare
The globe is observing the emergence of the Internet of Things more prominently recognized as IoT. In this day and age, there exist numerous technological apparatuses that possess the capability to be interconnected with the internet and can amass, convey, and receive information concerning the users. This technology endeavors to simplify existence, however, when the users information is the central concern for IoT operation, it is necessary to adhere to security measures to guarantee privacy and prevent the exploitation of said information. The customary cryptographic algorithms, such as RSA, AES, and DES, may perform adequately with older technologies such as conventional computers or laptops. Nevertheless, contemporary technologies are heading towards quantum computing, and this latter form possesses a processing capability that can effortlessly jeopardize the aforementioned cryptographic algorithms. Therefore, there arises an imperative necessity for a novel and resilient cryptographic algorithm. To put it differently, there is a requirement to devise a fresh algorithm, impervious to quantum computing, that can shield the information from assaults perpetrated utilizing quantum computing. IoT is one of the domains that must ensure the security of the information against malevolent activities. Besides the conventional cryptography that enciphers information into bits, quantum encryption utilizes qubits, specifically photons and photon polarization, to encode data.
Authored by Modafar Ati
The security of our data is the prime priority as it is said “Data is the new Oil”. Nowadays, most of our communications are either recorded or forged. There are algorithms used under classical encryption, such as Rivest-Shamir-Adleman (RSA), digital signature, elliptic-curve cryptography (ECC), and more, to protect our communication and data. However, these algorithms are breakable with the help of Quantum Cryptography. In addition, this technology provides the most secure form of communication between entities under the fundamental law of Physics. Here, we are abiding to discuss the term “Quantum Cryptography.” The aim of this paper is to explore the knowledge related to the Quantum Cryptography, Quantum Key Distribution; and their elements, implementation, and the latest research. Moreover, exploration of the loopholes and the security of Internet of Things (IoT) infrastructure and current used classical cryptographic algorithms are described in the paper.
Authored by Harshita Jasoliya, Kaushal Shah
Recent advances in quantum computing and quantum information theory represent a severe threat to the current state of the art of data protection. In this context, new quantum-safe techniques have emerged in recent decades, which fall into post-quantum and unconditionally secure cryptographic schemes. The firsts rely on computational problems supposed to be hard also for quantum computers. In contrast, the seconds do not depend on the difficulty of a computational problem and are therefore immune to quantum power. In particular, unconditionally secure techniques include Quantum Key Distribution (QKD) protocols for transmitting secret keys thanks to the quantum properties of light. In this work, we discuss QKD networks and post-quantum algorithms, considering their opportunities and limitations and showing that reconciliation between these two directions of cryptography is feasible and necessary for the quantum era.This work is part of the activities of the PON project “Development of quantum systems and technologies for IT security in communication networks” (QUANCOM) which aims to the realization of a metropolitan quantum communication network through the collaboration between universities, research centers and companies operating in the communication market area.
Authored by Eufemia Lella, Alberto Gatto, Andrea Pazienza, Diego Romano, Pietro Noviello, Felice Vitulano, Giovanni Schmid
Cryptography was introduced to prevent a third party from accessing and learning the contents of private messages sent during a communication process. Quantum Cryptography looks promising to provide a new level of secure communication by applying quantum mechanics concepts to cryptography. The research in the domain emphasizes that such systems can detect eavesdropping and ensure that it does not occur at all. This paper reviews the existing state of quantum cryptography, which includes an introduction to quantum computing and quantum key distribution algorithm, special attention is given to the implementation and working of the BB84 Protocol. It also provides a glimpse of post-quantum cryptography.
Authored by Ishika Giroti, Meenakshi Malhotra
Cryptography and steganography is a method to secure private data. Those methods can also be combined for a more robust data security method. In this paper, we proposed a combination of cryptography and steganography methods that exploit some properties of Deoxyribonucleic Acid (DNA) for securing private data. The proposed work aims to enhance a POST-quantum DNA cryptography method by combining it with the steganography method. There are two parts to the proposed method; the first one is to encrypt private messages using a Kyber-DNA cryptography method. The second one is to embed encrypted private messages into a DNA sequence. The proposed method was then compared to another similar method RSA-DNA, El Gamal-DNA, and ECC-DNA. The proposed method is also compared with a similar POST-quantum method, that is NTRU-DNA. All those methods are compared in embedding speed test and extracting speed test. From those tests, it can be concluded that the proposed method has performance slightly lower than El Gamal-DNA and ECC-DNA but faster than RSA-DNA and NTRU-DNA
Authored by Bambang Harjito, Faisal Rahutomo, U. Satriyo, Heri Prasetyo
Information exchange occurs all the time in today’s internet era. Some of the data are public, and some are private. Asymmetric cryptography plays a critical role in securing private data transfer. However, technological advances caused private data at risk due to the presence of quantum computers. Therefore, we need a new method for securing private data. This paper proposes combining DNA cryptography methods based on the NTRU cryptosystem to enhance security data confidentiality. This method is compared with conventional public key cryptography methods. The comparison shows that the proposed method has a slow encryption and decryption time compared to other methods except for RSA. However, the key generation time of the proposed method is much faster than other methods tested except for ECC. The proposed method is superior in key generation time and considerably different from other tested methods. Meanwhile, the encryption and decryption time is slower than other methods besides RSA. The test results can get different results based on the programming language used.
Authored by U. Satriyo, Faisal Rahutomo, Bambang Harjito, Heri Prasetyo
Counterfeited products are a significant problem in both developed and developing countries and has become more critical as an aftermath of COVID-19, exclusively for drugs and medical equipment’s. In this paper, an innovative approach is proposed to resist counterfeiting which is based on the principles of Synthetic DNA. The proposed encryption approach has employed the distinctive features of synthetic DNA in amalgamation with DNA encryption to provide information security and functions as an anticounterfeiting method that ensures usability. The scheme’s security analysis and proof of concept are detailed. Scyther is used to carry out the formal analysis of the scheme, and all of the modeled assertions are verified without any attacks.
Authored by C.S. Sreeja, Mohammed Misbahuddin
The Internet of Things (IoT) refers to the growing network of connected physical objects embedded with sensors, software and connectivity. While IoT has potential benefits, it also introduces new cyber security risks. This paper provides an overview of IoT security issues, vulnerabilities, threats, and mitigation strategies. The key vulnerabilities arising from IoT s scale, ubiquity and connectivity include inadequate authentication, lack of encryption, poor software security, and privacy concerns. Common attacks against IoT devices and networks include denial of service, ransom-ware, man-in-the-middle, and spoofing. An analysis of recent literature highlights emerging attack trends like swarm-based DDoS, IoT botnets, and automated large-scale exploits. Recommended techniques to secure IoT include building security into architecture and design, access control, cryptography, regular patching and upgrades, activity monitoring, incident response plans, and end-user education. Future technologies like blockchain, AI-enabled defense, and post-quantum cryptography can help strengthen IoT security. Additional focus areas include shared threat intelligence, security testing, certification programs, international standards and collaboration between industry, government and academia. A robust multilayered defense combining preventive and detective controls is required to combat rising IoT threats. This paper provides a comprehensive overview of the IoT security landscape and identifies areas for continued research and development.
Authored by Luis Cambosuela, Mandeep Kaur, Rani Astya
Quantum Computing Security 2022 - Recent advances in quantum computing have highlighted the vulnerabilities in contemporary RSA encryption. Shor’s approach for factoring numbers is becoming more tractable as quantum computing advances. This jeopardizes the security of any cryptographic system that is based on the complexity of factorisation. Many other crypto-systems based on theories like Elliptic Curve Cryptography are also vulnerable. To keep a cryptographic system safe against a quantum adversary, we must develop approaches based on a hard mathematical problem that is not vulnerable to quantum computer attacks, and we must develop Post Quantum Cryptography (PQC). One potential option is the use of lattices in a system called ring Learning with Errors (rLWE). Several techniques for postquantum encryption have been submitted to NIST. This paper studies the different speeds of different lattice-based protocols.
Authored by Mohamed Garrach, Chetan Waghela, Mahima Mathews, L Sreekuttan
Quantum Computing Security 2022 - Cloud computing has turned into an important technology of our time. It has drawn attention due to its, availability, dynamicity, elasticity and pay as per use pricing mechanism this made multiple organizations to shift onto the cloud platform. It leverages the cloud to reduce administrative and backup overhead. Cloud computing offers a lot of versatility. Quantum technology, on the other hand, advances at a breakneck pace. Experts anticipate a positive outcome and predict that within the next decade, powerful quantum computers will be available. This has and will have a substantial impact on various sciences streams such as cryptography, medical research, and much more. Sourcing applications for business and informational data to the cloud, presents privacy and security concerns, which have become crucial in cloud installation and services adoption. To address the current security weaknesses, researchers and impacted organizations have offered several security techniques in the literature. The literature also gives a thorough examination of cloud computing security and privacy concerns.
Authored by Rajvir Shah
Quantum Computing Security 2022 - Quantum computing is a swiftly blooming technology that straps up the process of quantum mechanics to solve problems too complex for conventional computers. Quantum Cryptography applies algorithms to encrypt messages that it is never read by anyone outside of the unauthorized recipient. Using Quantum mechanics, for secure communication, we have to follow either a superposition or entanglement algorithm. When compared to superposition, entanglement algorithms are providing more security. Why because it is difficult for intruders to identify how the qubits maintain the relationship. In the existing system, Quantum Key Distribution for short distances has already implemented its even commercially available using entanglement algorithm (Artur Ekert E91 Protocol). In the proposed system, quantum communication over very long distances. In this paper, using Quantum entanglement; the keys are exchanged securely and identify eavesdropping in the communication channel.
Authored by Vani Geddada, P. Lakshmi
Measurement and Metrics Testing - FIPS 140-3 is the main standard defining security requirements for cryptographic modules in U.S. and Canada; commercially viable hardware modules generally need to be compliant with it. The scope of FIPS 140-3 will also expand to the new NIST Post-Quantum Cryptography (PQC) standards when migration from older RSA and Elliptic Curve cryptography begins. FIPS 140-3 mandates the testing of the effectiveness of “non-invasive attack mitigations”, or side-channel attack countermeasures. At higher security levels 3 and 4, the FIPS 140-3 side-channel testing methods and metrics are expected to be those of ISO 17825, which is based on the older Test Vector Leakage Assessment (TVLA) methodology. We discuss how to apply ISO 17825 to hardware modules that implement lattice-based PQC standards for public-key cryptography – Key Encapsulation Mechanisms (KEMs) and Digital Signatures. We find that simple “random key” vs. “fixed key” tests are unsatisfactory due to the close linkage between public and private components of PQC keypairs. While the general statistical testing approach and requirements can remain consistent with older public-key algorithms, a non-trivial challenge in creating ISO 17825 testing procedures for PQC is the careful design of test vector inputs so that only relevant Critical Security Parameter (CSP) leakage is captured in power, electromagnetic, and timing measurements.
Authored by Markku-Juhani Saarinen
Blockchain as a tamper-proof, non-modifiable and traceable distributed ledger technology has received extensive attention. Although blockchain's immutability provides security guarantee, it prevents the development of new blockchain technology. As we think, there are several arguments to prefer a controlled modifiable blockchain, from the possibility to cancel the transaction and necessity to remove the illicit or harmful documents, to the ability to support the scalability of blockchain. Meanwhile, the rapid development of quantum technology has made the establishment of post-quantum cryptosystems an urgent need. In this paper, we put forward the first lattice-based redactable consortium blockchain scheme that makes it possible to rewrite or repeal the content of any blocks. Our approach uses a consensus-based election and lattice-based chameleon hash function (Cash and Hofheinz etc. EUROCRYPT 2010). With knowledge of secret trapdoor, the participant could find the hash collisions efficiently. And each member of the consortium blockchain has the right to edit the history.
Authored by Chunying Peng, Haixia Xu, Peili Li
When it comes to cryptographic random number generation, poor understanding of the security requirements and “mythical aura” of black-box statistical testing frequently leads it to be used as a substitute for cryptanalysis. To make things worse, a seemingly standard document, NIST SP 800–22, describes 15 statistical tests and suggests that they can be used to evaluate random and pseudorandom number generators in cryptographic applications. The Chi-nese standard GM/T 0005–2012 describes similar tests. These documents have not aged well. The weakest pseudorandom number generators will easily pass these tests, promoting false confidence in insecure systems. We strongly suggest that SP 800–22 be withdrawn by NIST; we consider it to be not just irrelevant but actively harmful. We illustrate this by discussing the “reference generators” contained in the SP 800–22 document itself. None of these generators are suitable for modern cryptography, yet they pass the tests. For future development, we suggest focusing on stochastic modeling of entropy sources instead of model-free statistical tests. Random bit generators should also be reviewed for potential asymmetric backdoors via trapdoor one-way functions, and for security against quantum computing attacks.
Authored by Markku-Juhani Saarinen
With the ever-increasing use of large-scale IoT networks in different sectors of the industry, it has become critical to realise seamless and secure communication between devices in the network. Realising secure group communication in the IoT requires solving the problem of group-key establishment. In this work, we solve the problem by designing a new lattice-based Key Encapsulation Mechanism (KEM) for resource-constrained devices that enable the distribution of a symmetric key or any other data between all the devices in a given network. This is achieved by coupling multiple private keys to a unique public key. Moreover, we present a proof-of-concept implementation based on the GGH algorithm. The results show it is feasible to use lattice-based cryptography to allow for seamless and secure group communications within a decentralised IoT network. It has been bench-marked against other common post-quantum constructs and proven to be more practical with respect to memory consumption and security, although considerably slower due to lack of optimisation in the implementation.
Authored by Nathan Keyaerts, Teklay Gebremichael, Mikael Gidlund