Constructing efficient and secure batch signature schemes

In ordinary signature schemes, such as RSA, DSA, ECDSA, the signing process is performed only for a single message. Due to performance issues, in some contexts, the above solutions will become unsuitable if a party needs to sign multiple messages simultaneously. For example, in the authenticated key exchange protocols based on signatures between client and server, the server is expected to handle multiple key exchange requests from different clients simultaneously. Batch signing is a solution that generates signatures for multi-messages simultaneously with a single (ordinary) signature generation. In this article, we will consider some of the existing batch signing solutions and point out a few of their weakness. To deal with these problems, the paper also proposes two secure types of batch signature schemes, but still ensures the same efficiency as the existing batch signing solution.

Horizontal Side-Channel Vulnerabilities of Post-Quantum Key Exchange and Encapsulation Protocols

Key exchange protocols and key encapsulation mechanisms establish secret keys to communicate digital information confidentially over public channels. Lattice-based cryptography variants of these protocols are promising alternatives given their quantum-cryptanalysis resistance and implementation efficiency. Although lattice cryptosystems can be mathematically secure, their implementations have shown side-channel vulnerabilities. But such attacks largely presume collecting multiple measurements under a fixed key, leaving the more dangerous single-trace attacks unexplored. This article demonstrates successful single-trace power side-channel attacks on lattice-based key exchange and encapsulation protocols. Our attack targets both hardware and software implementations of matrix multiplications used in lattice cryptosystems. The crux of our idea is to apply a horizontal attack that makes hypotheses on several intermediate values within a single execution all relating to the same secret, and to combine their correlations for accurately estimating the secret key. We illustrate that the design of protocols combined with the nature of lattice arithmetic enables our attack. Since a straightforward attack suffers from false positives, we demonstrate a novel extend-and-prune procedure to recover the key by following the sequence of intermediate updates during multiplication. We analyzed two protocols, Frodo and FrodoKEM , and reveal that they are vulnerable to our attack. We implement both stand-alone hardware and RISC-V based software realizations and test the effectiveness of the proposed attack by using concrete parameters of these protocols on physical platforms with real measurements. We show that the proposed attack can estimate secret keys from a single power measurement with over 99% success rate.

ESIKE: An efficient and secure internet key exchange protocol

The use of Internet key exchange protocols in IP Security architecture and in IoT environments has vulnerabilities against various malicious attacks and affects communication efficiency. To address these weaknesses, we propose a novel efficient and secure Internet key exchange protocol (ESIKE), which achieves a high level of security along with low computational cost and energy consumption. ESIKE achieves perfect forward secrecy, anonymity, known-key security and untraceability properties. ESIKE can resist several attacks, such as, replay, DoS, eavesdropping, man-in-the-middle and modification. In addition, the formal security validation using AVISPA tools confirms the superiority of ESIKE in terms of security.

Curve25519 based lightweight end-to-end encryption in resource constrained autonomous 8-bit IoT devices

Robust encryption techniques require heavy computational capability and consume large amount of memory which are unaffordable for resource constrained IoT devices and Cyber-Physical Systems with an inclusion of general-purpose data manipulation tasks. Many encryption techniques have been introduced to address the inability of such devices, lacking in robust security provision at low cost. This article presents an encryption technique, implemented on a resource constrained IoT device (AVR ATmega2560) through utilizing fast execution and less memory consumption properties of curve25519 in a novel and efficient lightweight hash function. The hash function utilizes GMP library for multi-precision arithmetic calculations and pre-calculated curve points to devise a good cipher block using ECDH based key exchange protocols and large random prime number generator function.

Neural Cryptography Based on Generalized Tree Parity Machine for Real-Life Systems

Traditional public key exchange protocols are based on algebraic number theory. In another perspective, neural cryptography, which is based on neural networks, has been emerging. It has been reported that two parties can exchange secret key pairs with the synchronization phenomenon in neural networks. Although there are various models of neural cryptography, called Tree Parity Machine (TPM), many of them are not suitable for practical use, considering efficiency and security. In this paper, we propose a Vector-Valued Tree Parity Machine (VVTPM), which is a generalized architecture of TPM models and can be more efficient and secure for real-life systems. In terms of efficiency and security, we show that the synchronization time of the VVTPM has the same order as the basic TPM model, and it can be more secure than previous results with the same synaptic depth.