In this paper, we propose a new lightweight block cipher named RECTANGLE. The main idea of the design of RECTANGLE is to allow lightweight and fast implementations using bit-slice techniques. RECTANGLE uses an SP-netw...In this paper, we propose a new lightweight block cipher named RECTANGLE. The main idea of the design of RECTANGLE is to allow lightweight and fast implementations using bit-slice techniques. RECTANGLE uses an SP-network. The substitution layer consists of 16 4 × 4 S-boxes in parallel. The permutation layer is composed of 3 rotations. As shown in this paper, RECTANGLE offers great performance in both hardware and software environment, which provides enough flexibility for different application scenario. The following are3 main advantages of RECTANGLE. First, RECTANGLE is extremely hardware-friendly. For the 80-bit key version, a one-cycle-per-round parallel implementation only needs 1600 gates for a throughput of 246 Kbits/s at100 k Hz clock and an energy efficiency of 3.0 p J/bit. Second, RECTANGLE achieves a very competitive software speed among the existing lightweight block ciphers due to its bit-slice style. Using 128-bit SSE instructions,a bit-slice implementation of RECTANGLE reaches an average encryption speed of about 3.9 cycles/byte for messages around 3000 bytes. Last but not least, we propose new design criteria for the RECTANGLE S-box.Due to our careful selection of the S-box and the asymmetric design of the permutation layer, RECTANGLE achieves a very good security-performance tradeoff. Our extensive and deep security analysis shows that the highest number of rounds that we can attack, is 18(out of 25).展开更多
In this paper, we present a new lightweight block cipher named eight-sided fortress(ESF), which is suitable for resource-constrained environments such as sensor networks and low-cost radio rrequency identification(...In this paper, we present a new lightweight block cipher named eight-sided fortress(ESF), which is suitable for resource-constrained environments such as sensor networks and low-cost radio rrequency identification(RFID) tags. Meanwhile, we present the specification, design rationale and evaluation results in terms of the hardware implementation. For realizing both efficiency and security in embedded systems, similar to the other lightweight block ciphers, ESF is 64 bits block length and key size is 80 bits. It is inspired from existing block cipher, PRESENT and LBlock. The encryption algorithm of ESF is based on variant Feistel structure with SPN round function, used Feistel network as an overall structure with the purpose of minimizing computational resources.展开更多
Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations ...Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.展开更多
It is challenging to devise lightweight cryptographic primitives efficient in both hardware and software that can provide an optimum level of security to diverse Internet of Things applications running on low-end cons...It is challenging to devise lightweight cryptographic primitives efficient in both hardware and software that can provide an optimum level of security to diverse Internet of Things applications running on low-end constrained devices.Therefore,an effcient hardware design approach that requires some specific hardware resource may not be effcient if implemented in software.Substitution bit Permutation Network based ciphers such as PRESENT and GIFT are effcient,lightweight cryptographic hardware design approaches.These ciphers introduce confusion and diffu-sion by employing a 4×4 static substitution box and bit permutations.The bit-wise permutation is realised by sim-ple rerouting,which is most cost-effective to implement in hardware,resulting in negligible power consumption.However,this method is highly resource-consuming in software,particularly for large block-sized ciphers,with each single-bit permutation requiring multiple sub-operations.This paper proposes a novel software-based design approach for permutation operation in Substitution bit Permutation Network based ciphers using a bit-banding fea-ture.The conventional permutation using bit rotation and the proposed approach have been implemented,analysed and compared for GIFT and PRESENT ciphers on ARM Cortex-M3-based LPC1768 development platform with KEIL MDK used as an Integrated Development Environment.The real-time performance comparison between conven-tional and the proposed approaches in terms of memory(RAM/ROM)footprint,power,energy and execution time has been carried out using ULINKpro and ULINKplus debug adapters for various code and speed optimisation sce-narios.The proposed approach substantially reduces execution time,energy and power consumption for both PRE-SENT and GIFT ciphers,thus demonstrating the effciency of the proposed method for Substitution bit Permutation Network based symmetric block ciphers.展开更多
The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Tel...The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.展开更多
The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure ...The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure domains like oil and gas supply,intelligent transportation,power grids,and autonomous agriculture,it is essential to guarantee the confidentiality,integrity,and authenticity of data collected and exchanged.However,the limited resources coupled with the heterogeneity of IoT devices make it inefficient or sometimes infeasible to achieve secure data transmission using traditional cryptographic techniques.Consequently,designing a lightweight secure data transmission scheme is becoming essential.In this article,we propose lightweight secure data transmission(LSDT)scheme for IoT environments.LSDT consists of three phases and utilizes an effective combination of symmetric keys and the Elliptic Curve Menezes-Qu-Vanstone asymmetric key agreement protocol.We design the simulation environment and experiments to evaluate the performance of the LSDT scheme in terms of communication and computation costs.Security and performance analysis indicates that the LSDT scheme is secure,suitable for IoT applications,and performs better in comparison to other related security schemes.展开更多
The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There ...The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.展开更多
This paper proposes a new involutive light-weight block cipher for resource-constraint environments called I-PRESENTTM. The design is based on the Present block cipher which is included in the ISO/IEC 29192 standard o...This paper proposes a new involutive light-weight block cipher for resource-constraint environments called I-PRESENTTM. The design is based on the Present block cipher which is included in the ISO/IEC 29192 standard on lightweight cryptography. The advantage of I-PRESENTTM is that the cipher is involutive such that the encryption circuit is identical to decryption. This is an advantage for environments which require the implementation of both circuits. The area requirement of I-PRESENTTM compares reasonably well with other similar ciphers such as PRINCE.展开更多
Since the dawn of the Internet of Things(IoT),data and system security has been the major concern for developers.Because most IoT devices operate on 8-bit controllers with limited storage and computation power,encrypt...Since the dawn of the Internet of Things(IoT),data and system security has been the major concern for developers.Because most IoT devices operate on 8-bit controllers with limited storage and computation power,encryption and decryption need to be implemented at the transmitting and receiving ends,respectively,using lightweight ciphers.We present novel architectures for hardware implementation for the ANU cipher and present results associated with each architecture.The ANU cipher is implemented at 4-,8-,16-,and 32-bit datapath sizes on four different field-programmable gate array(FPGA)platforms under the same implementation condition,and the results are compared on every performance metric.Unlike previous ANU architectures,the new architectures have parallel substitution boxes(S-boxes)for high throughput and hardware optimization.With these different datapath designs,ANU cipher proves to be the obvious choice for implementing security in extremely resourceconstrained systems.展开更多
基金supported by National Natural Science Foundation of China(Grant No.61379138)Research Fund KU Leuven(OT/13/071)+1 种基金"Strategic Priority Research Program"of the Chinese Academy of Sciences(Grant No.XDA06010701)National High-tech R&D Program of China(863 Program)(Grant No.2013AA014002)
文摘In this paper, we propose a new lightweight block cipher named RECTANGLE. The main idea of the design of RECTANGLE is to allow lightweight and fast implementations using bit-slice techniques. RECTANGLE uses an SP-network. The substitution layer consists of 16 4 × 4 S-boxes in parallel. The permutation layer is composed of 3 rotations. As shown in this paper, RECTANGLE offers great performance in both hardware and software environment, which provides enough flexibility for different application scenario. The following are3 main advantages of RECTANGLE. First, RECTANGLE is extremely hardware-friendly. For the 80-bit key version, a one-cycle-per-round parallel implementation only needs 1600 gates for a throughput of 246 Kbits/s at100 k Hz clock and an energy efficiency of 3.0 p J/bit. Second, RECTANGLE achieves a very competitive software speed among the existing lightweight block ciphers due to its bit-slice style. Using 128-bit SSE instructions,a bit-slice implementation of RECTANGLE reaches an average encryption speed of about 3.9 cycles/byte for messages around 3000 bytes. Last but not least, we propose new design criteria for the RECTANGLE S-box.Due to our careful selection of the S-box and the asymmetric design of the permutation layer, RECTANGLE achieves a very good security-performance tradeoff. Our extensive and deep security analysis shows that the highest number of rounds that we can attack, is 18(out of 25).
基金supported by the the National Science Foundation of China(61272434)the Natural Science Foundation of Shandong Province(ZR2012FM004,ZR2013FQ021)the Project of Senior Visiting Scholar of Shandong Province and Foundation of Science and Technology on Information Assume Laboratory(KJ-13-004)
文摘In this paper, we present a new lightweight block cipher named eight-sided fortress(ESF), which is suitable for resource-constrained environments such as sensor networks and low-cost radio rrequency identification(RFID) tags. Meanwhile, we present the specification, design rationale and evaluation results in terms of the hardware implementation. For realizing both efficiency and security in embedded systems, similar to the other lightweight block ciphers, ESF is 64 bits block length and key size is 80 bits. It is inspired from existing block cipher, PRESENT and LBlock. The encryption algorithm of ESF is based on variant Feistel structure with SPN round function, used Feistel network as an overall structure with the purpose of minimizing computational resources.
文摘Ransomware has emerged as a critical cybersecurity threat,characterized by its ability to encrypt user data or lock devices,demanding ransom for their release.Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases,rendering them less effective against evolving ransomware families.This paper introduces TLERAD(Transfer Learning for Enhanced Ransomware Attack Detection),a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains,enabling robust detection of both known and unknown ransomware variants.The proposed method achieves high detection accuracy,with an AUC of 0.98 for known ransomware and 0.93 for unknown ransomware,significantly outperforming baseline methods.Comprehensive experiments demonstrate TLERAD’s effectiveness in real-world scenarios,highlighting its adapt-ability to the rapidly evolving ransomware landscape.The paper also discusses future directions for enhancing TLERAD,including real-time adaptation,integration with lightweight and post-quantum cryptography,and the incorporation of explainable AI techniques.
基金The University Grants Commission,Government of India,supported the research work in the form of a Junior Research Fellowship(190520461818).
文摘It is challenging to devise lightweight cryptographic primitives efficient in both hardware and software that can provide an optimum level of security to diverse Internet of Things applications running on low-end constrained devices.Therefore,an effcient hardware design approach that requires some specific hardware resource may not be effcient if implemented in software.Substitution bit Permutation Network based ciphers such as PRESENT and GIFT are effcient,lightweight cryptographic hardware design approaches.These ciphers introduce confusion and diffu-sion by employing a 4×4 static substitution box and bit permutations.The bit-wise permutation is realised by sim-ple rerouting,which is most cost-effective to implement in hardware,resulting in negligible power consumption.However,this method is highly resource-consuming in software,particularly for large block-sized ciphers,with each single-bit permutation requiring multiple sub-operations.This paper proposes a novel software-based design approach for permutation operation in Substitution bit Permutation Network based ciphers using a bit-banding fea-ture.The conventional permutation using bit rotation and the proposed approach have been implemented,analysed and compared for GIFT and PRESENT ciphers on ARM Cortex-M3-based LPC1768 development platform with KEIL MDK used as an Integrated Development Environment.The real-time performance comparison between conven-tional and the proposed approaches in terms of memory(RAM/ROM)footprint,power,energy and execution time has been carried out using ULINKpro and ULINKplus debug adapters for various code and speed optimisation sce-narios.The proposed approach substantially reduces execution time,energy and power consumption for both PRE-SENT and GIFT ciphers,thus demonstrating the effciency of the proposed method for Substitution bit Permutation Network based symmetric block ciphers.
基金supported through Universiti Sains Malaysia(USM)and the Ministry of Higher Education Malaysia providing the research grant,Fundamental Research Grant Scheme(FRGS-Grant No.FRGS/1/2020/TK0/USM/02/1).
文摘The rapid adoption of Internet of Things(IoT)technologies has introduced significant security challenges across the physical,network,and application layers,particularly with the widespread use of the Message Queue Telemetry Transport(MQTT)protocol,which,while efficient in bandwidth consumption,lacks inherent security features,making it vulnerable to various cyber threats.This research addresses these challenges by presenting a secure,lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things(IoT)networks.The proposed solution builds upon the Dang-Scheme,a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography(ECC).This integration significantly improves device authentication,data confidentiality,and energy efficiency,achieving an 87.68%increase in data confidentiality and up to 77.04%energy savings during publish/subscribe communications in smart homes.The Middleware Broker System dynamically manages transaction keys and session IDs,offering robust defences against common cyber threats like impersonation and brute-force attacks.Penetration testing with tools such as Hydra and Nmap further validated the system’s security,demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.
基金support of the Interdisciplinary Research Center for Intelligent Secure Systems(IRC-ISS)Internal Fund Grant#INSS2202.
文摘The use of the Internet of Things(IoT)is expanding at an unprecedented scale in many critical applications due to the ability to interconnect and utilize a plethora of wide range of devices.In critical infrastructure domains like oil and gas supply,intelligent transportation,power grids,and autonomous agriculture,it is essential to guarantee the confidentiality,integrity,and authenticity of data collected and exchanged.However,the limited resources coupled with the heterogeneity of IoT devices make it inefficient or sometimes infeasible to achieve secure data transmission using traditional cryptographic techniques.Consequently,designing a lightweight secure data transmission scheme is becoming essential.In this article,we propose lightweight secure data transmission(LSDT)scheme for IoT environments.LSDT consists of three phases and utilizes an effective combination of symmetric keys and the Elliptic Curve Menezes-Qu-Vanstone asymmetric key agreement protocol.We design the simulation environment and experiments to evaluate the performance of the LSDT scheme in terms of communication and computation costs.Security and performance analysis indicates that the LSDT scheme is secure,suitable for IoT applications,and performs better in comparison to other related security schemes.
基金supported by project TRANSACT funded under H2020-EU.2.1.1.-INDUSTRIAL LEADERSHIP-Leadership in Enabling and Industrial Technologies-Information and Communication Technologies(Grant Agreement ID:101007260).
文摘The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.
文摘This paper proposes a new involutive light-weight block cipher for resource-constraint environments called I-PRESENTTM. The design is based on the Present block cipher which is included in the ISO/IEC 29192 standard on lightweight cryptography. The advantage of I-PRESENTTM is that the cipher is involutive such that the encryption circuit is identical to decryption. This is an advantage for environments which require the implementation of both circuits. The area requirement of I-PRESENTTM compares reasonably well with other similar ciphers such as PRINCE.
文摘Since the dawn of the Internet of Things(IoT),data and system security has been the major concern for developers.Because most IoT devices operate on 8-bit controllers with limited storage and computation power,encryption and decryption need to be implemented at the transmitting and receiving ends,respectively,using lightweight ciphers.We present novel architectures for hardware implementation for the ANU cipher and present results associated with each architecture.The ANU cipher is implemented at 4-,8-,16-,and 32-bit datapath sizes on four different field-programmable gate array(FPGA)platforms under the same implementation condition,and the results are compared on every performance metric.Unlike previous ANU architectures,the new architectures have parallel substitution boxes(S-boxes)for high throughput and hardware optimization.With these different datapath designs,ANU cipher proves to be the obvious choice for implementing security in extremely resourceconstrained systems.
