Sharif Digital Repository

Public-key plays a significant role in today's communication over the network. However, current state-of-the-art public-key encryption (PKE) schemes are too complex to be efficiently employed in resource-constrained devices. Moreover, they are vulnerable to quantum attacks and soon will not have the required security. In the last decade, lattice-based cryptography has been a progenitor platform of the post-quantum cryptography (PQC) due to its lower complexity, which makes it more suitable for Internet of Things applications. In this article, we propose an efficient implementation of the binary learning with errors over ring (Ring-BinLWE) on the reduced instruction set computer-five (RISC-V)... 

Internet traffic recognition is essential for access providers since it helps them define adapted priorities in order to enhance user experience, e.g., a high priority for an audio conference and a low priority for a file transfer. As internet traffic becomes increasingly encrypted, the main classic traffic recognition technique, payload inspection, is rendered ineffective. Hence this paper uses machine learning techniques looking only at packet size and time of arrival. For the first time, Spiking neural networks (SNNs), which are inspired by biological neurons, were used for this task for two reasons. Firstly, they can recognize time-related data packet features. Secondly, they can be... 

Nowadays, Smooth Projective Hash Functions (SPHFs) play an important role in constructing cryptographic tools such as secure Password-based Authenticated Key Exchange (PAKE) protocol in the standard model, oblivious transfer, and zero-knowledge proofs. Specifically, in this article, we focus on constructing PAKE protocol; that is, a kind of key exchange protocol which needs only a low entropy password to produce a cryptographically strong shared session key. In spite of relatively good progress of SPHFs in applications, it seems there has been little effort to build them upon quantum-resistant assumptions such as lattice-based cryptography and code-based cryptography to make them secure... 

ARX algorithms are a class of symmetric-key algorithms constructed by Addition, Rotation, and XOR. To evaluate the resistance of an ARX cipher against differential and impossible-differential cryptanalysis, the recent automated methods employ constraint satisfaction solvers to search for optimal characteristics or impossible differentials. The main difficulty in formulating this search is finding the differential models of the non-linear operations. While an efficient bit-vector differential model was obtained for the modular addition with two variable inputs, no differential model for the modular addition by a constant has been proposed so far, preventing ARX ciphers including this... 

Multi-party computation (MPC) allows each peer to take part in the execution of a common function with their private share of data without the need to expose it to other participants. The Legendre symbol is a pseudo-random function (PRF) that is suitable for MPC protocols due to their efficient evaluation process compared to other symmetric primitives. Recently, Legendre-based PRFs have also been employed in the construction of a post-quantum signature scheme, namely LegRoast. In this paper, we propose, to the best of our knowledge, the first hardware implementations for the Legendre symbol by three approaches: 1) low-area, 2) high-speed, and 3) high-frequency. The high-speed architecture... 

We present a pipelined Montgomery multiplier tailored for SIKE primes. The latency of this multiplier is far shorter than that of the previous work while its frequency competes with the highest-rated ones. The implementation results on a Virtex-7 FPGA show that this multiplier improves the time, the area-time product (AT), and the throughput of computing modular multiplication by at least 2.30, 1.60, and 1.36 times over SIKE primes respectively. We have also developed a CPU-like architecture to perform SIDH and SIKE using several instances of our modular multiplier. Using four multipliers on a Virtex-7 FPGA, the encapsulation and the decapsulation of SIKE can be performed at least 1.45 times... 

In this paper, we study non-Gaussian discrete-modulated measurement-deviceindependent continuous-variable quantum key distribution protocol equipped with a proposed quantum scissor at the receiver side. Our suggested scissor truncates all multiphoton number states with four or more photons and amplifies remaining photon number states in a probabilistic way. Using exact non-Gaussian calculation, we find that quantum scissor meliorates the fidelity and entanglement between two legitimate parties Alice and Bob, at long distances. Therefore, quantum scissor enhances the continuous-variable quantum key distribution protocol range. Examination of the system for different values of the excess noise... 

This research aims to represent a novel approach to detect malicious nodes in Ad-hoc On-demand Distance Vector (AODV) within the next-generation smart cities. Smart city applications have a critical role in improving public services quality, and security is their main weakness. Hence, a systematic multidimensional approach is required for data storage and security. Routing attacks, especially sinkholes, can direct the network data to an attacker and can also disrupt the network equipment. Communications need to be with integrity, confidentiality, and authentication. So, the smart city and urban Internet of Things (IoT) network, must be secure, and the data exchanged across the network must... 

In this letter, we examine the PHY layer secret key generation (PHY-SKG) scheme in the presence of man-in-the-middle (MiM) adversary, while legitimate parties suffer from hardware impairments (HIs). Different from previous works on PHY-SKG that consider adversaries who simply try to make an interference in the communication link, the MiM aims to deceive legitimate entities about the source of common randomness. To conquer the MiM attack, legitimate parties utilize randomized pilots (RPs) in our proposed scheme. We analyze the effect of HIs on the performance of system by deriving the achievable secret key rate (SKR). Our results highlight a fundamental limit, as a ceiling phenomena, on the... 

It is known that discrete-time controllers, whose state matrices have no non-integer element, are beneficial in homomorphic based encrypted control systems. Nevertheless, it has been recently shown that possessing state matrices with integer elements usually yields unstable discrete-time controllers. In this note, we investigate the problem from a non-minimality perspective. It is shown that non-minimal realizations, in comparison to minimal ones, can theoretically provide a wider framework to obtain controllers having state matrices with integer elements. However, in the case of dealing with BIBO stable controllers, this framework cannot preserve internal stability. But, benefiting from the... 

Database management systems (DBMS) are one of cloud services with major applications in industry and business. In the use of such services, since the cloud service provider cannot be entrusted with the plain data, the databases are typically encrypted prior to outsourcing. One of the most challenging issues in designing these services is supporting SQL join queries on the encrypted database. The multi-adjustable join scheme (M-Adjoin) [Khazaei-Rafiee 2020], an extension of Adjoin [Popa-Zeldovich 2012 and Mironov-Segev-Shahaf 2017], is a symmetric-key primitive that supports the join queries for a list of column labels on an encrypted database. In previous works, the following security... 

Abstract: In this paper, a secure and efficient Blind Source Separation (BSS) based cryptosystem is presented. The use of BSS in audio and image cryptography in wireless networks has attracted more attention. A BSS based cryptosystem consists of three main parts: secret data, secret keys, and mixing matrix. In this paper, we propose a new design to create a proper mixing matrix in BSS based cryptosystem. We offer a mathematical criterion to select mixing matrix elements before encryption. The proposed criterion gives a simple way to attach the secret sources to keys, which makes source separation very hard for the adversary. Versus, we show that using the random mixing matrix can lead to... 

In this paper, we present a one-way relaying scheme in which two wireless nodes create an information flow to each other via a single decode-and-forward (DF) relay. We consider an additional secrecy constraint for protection against an honest-but-curious relay. Indeed, while the relay should decode the source message, it should be fully ignorant about the message content. We provide a secure lattice coding strategy based on random difference families (RDF) lattice codes for unidirectional Gaussian relay channels. RDF lattice codes are carved from infinite RDF lattices using a shaping algorithm. By RDF lattice we mean a Construction A lattice with a QC-LDPC code, which is obtained from random... 

User and device biometrics are proven to be a reliable source for authentication, especially for the Internet-of-Things (IoT) applications. One of the methods to employ biometric data in authentication are fuzzy extractors (FE) that can extract cryptographically secure and reproducible keys from noisy biometric sources with some entropy loss. It has been shown that one can reliably build an FE based on the learning parity with noise (LPN) problem with higher error-tolerance than previous FE schemes. However, the only available LPN-based FE implementation suffers from extreme resource demands that are not practical for IoT devices. This article proposes a lightweight hardware/software (HW/SW)... 

Public key cryptography lies among the most important bases of security protocols. The classic instances of these cryptosystems are no longer secure when a large-scale quantum computer emerges. These cryptosystems must be replaced by post-quantum ones, such as isogeny-based cryptographic schemes. Supersingular isogeny Diffie-Hellman (SIDH) and key encapsulation (SIKE) are two of the most important such schemes. To improve the performance of these protocols, we have designed several modular multipliers. These multipliers have been implemented for all the prime fields used in SIKE round 3, on a Virtex-7 FPGA, showing a time and area-time product improvement of up to 60.1% and 64.5%,... 

We present a pipelined Montgomery multiplier tailored for SIKE primes. The latency of this multiplier is far shorter than that of the previous work while its frequency competes with the highest-rated ones. The implementation results on a Virtex-7 FPGA show that this multiplier improves the time, the area-time product (AT), and the throughput of computing modular multiplication by at least 2.30, 1.60, and 1.36 times over SIKE primes respectively. We have also developed a CPU-like architecture to perform SIDH and SIKE using several instances of our modular multiplier. Using four multipliers on a Virtex-7 FPGA, the encapsulation and the decapsulation of SIKE can be performed at least 1.45 times... 

We study the problem of multi-user dynamic searchable symmetric encryption (DMUSSE) where a data owner stores its encrypted documents on an untrusted remote server and wishes to selectively allow multiple users to access them by issuing keyword search queries. Specifically, we consider the case where some of the users may be corrupted and colluding with the server to extract additional information about the dataset (beyond what they have access to). We provide the first formal security definition for the dynamic setting as well as forward and backward privacy definitions. We then propose SE, the first provably secure DMUSSE scheme and instantiate it in two versions, one based on oblivious... 

Homomorphic (resp. abelian) secret sharing is a generalization of ubiquitous linear secret sharing in which the secret value and the shares are taken from finite (resp. abelian) groups instead of vector spaces over a finite field. Homomorphic secret sharing was first defined by Benaloh and, later in the early nineties, Frankel and Desmedt presented some relevant results. Except for a few other related topics such as black-box secret sharing and secret sharing over rings, the subject has remained dormant for about three decades. The study of homomorphic secret sharing is resumed in this paper and three main results are presented: (1) mixed-linear schemes, a subclass of abelian schemes to be... 

Nowadays, Smooth Projective Hash Functions (SPHFs) play an important role in constructing cryptographic tools such as secure Password-based Authenticated Key Exchange (PAKE) protocol in the standard model, oblivious transfer, and zero-knowledge proofs. Specifically, in this paper, we focus on constructing PAKE protocol; that is, a kind of key exchange protocol which needs only a low entropy password to produce a cryptographically strong shared session key. In spite of relatively good progress of SPHFs in applications, it seems there has been little effort to build them upon quantum-resistant assumptions such as lattice-based cryptography and code-based cryptography to make them secure... 

In this article, we propose a lightweight security scheme for ensuring both information confidentiality and transmission resiliency in the Internet-of-Things (IoT) communication. A single-Antenna transmitter communicates with a half-duplex single-Antenna receiver in the presence of a sophisticated multiple-Antenna-Aided passive eavesdropper and a multiple-Antenna-Assisted hostile jammer (HJ). A low-complexity artificial noise (AN) injection scheme is proposed for drowning out the eavesdropper. Furthermore, for enhancing the resilience against HJ attacks, the legitimate nodes exploit their own local observations of the wireless channel as the source of randomness to agree on shared secret...