搜索结果：Kyber

In emerging environments such as cloud computing and the Internet of Things (IoT), secure authentication and key negotiation play a crucial role in protecting data transmitted over public networks. However, many existing authentication protocols are still designed based on classical public-key cryptography primitives, and quantum computing may threaten their security. To address this challenge, we propose a post-quantum authentication and key agreement protocol that uses the lattice-based Kyber key encapsulation mechanism (KEM). Our proposed protocol integrates cryptographic authentication, smart card protection, and post-quantum key encapsulation mechanisms, enabling mutual authentication between users and servers and securely establishing session keys. The security of the protocol is formally analyzed in the Real-or-Random (ROR) model under the random oracle assumption and the IND-CCA security of the underlying KEM scheme. Furthermore, through informal security analysis, we have further demonstrated that the protocol possesses important security properties, including anonymity, untraceability, perfect forward confidentiality, and resistance to known attacks. In addition, the computational cost and communication overhead of the proposed scheme are evaluated and compared with several representative authentication protocols. The results show that the proposed protocol can provide strong security while maintaining low computational cost and communication overhead.

Reliable and secure transmission of medical images is essential for telemedicine, remote diagnosis, and distributed healthcare systems. However, medical image communication over heterogeneous networks often suffers from packet loss, channel noise, and privacy risks, which may compromise diagnostic accuracy and patient confidentiality. Traditional solutions relying on Reed-Solomon error correction and conventional encryption provide limited resilience and are increasingly inadequate for modern high-resolution medical imaging environments. This study proposes a next-generation AI-assisted communication framework for privacy-preserving medical image transmission that integrates recent advances in hybrid Transformer architectures, neural communication coding, and post-quantum cryptography. First, image corruption detection and restoration are performed using a Restormer/Swin-Transformer hybrid reconstruction network, which demonstrates superior performance in recovering corrupted regions compared with conventional GAN-based repair models. Second, to enhance transmission robustness, the framework incorporates Deep Joint Source-Channel Coding (DeepJSCC) and Neural Error Correction Codes (NECC) that jointly optimize image representation and channel robustness through deep neural networks. Third, communication security is strengthened using lattice-based post-quantum cryptographic primitives, including CRYSTALS-Kyber for key encapsulation and CRYSTALS-Dilithium for authentication, ensuring resilience against quantum computing attacks. To support real-time medical applications, the proposed framework employs a parallel GPU-accelerated processing pipeline with CUDA-based model inference and distributed training strategies. Additionally, federated learning with secure aggregation and differential privacy enables collaborative model training across healthcare institutions while preserving sensitive patient data. Experimental evaluation on benchmark medical imaging datasets demonstrates that the proposed framework significantly improves image reconstruction fidelity, transmission robustness, and cryptographic security compared with traditional ECC-based communication systems and recent AI-assisted transmission methods.

As the recent developments in digital infrastructures have led to increased risk of cyber threats. Among them, quantum technology assisted threats signal an unprecedented and urgent threat type referring to cyberattacks that utilize quantum computing and quantum mechanics to attack traditional cryptographic solutions. For example, algorithms such as Shor's offer the capability to breach RSA and ECC encryption exponentially faster than any classical-based route resulting in the potential for unauthorized access to vast amounts of data and destabilization of sensitive systems over a longer time period. More differently than traditional attacks, quantum empowered threats are uniquely dangerous in that, as quantum hardware becomes sufficiently capable or complex, they can depend on captured data to retroactively decrypt messages. Current security mechanisms that are reactive-based do not anticipate nor defend against these threats, leaving critical networks vulnerable to threats faced by both classical actors and actors capable of quantum-enabled computation. To tackle this massive and dangerous challenge, we propose a new Quantum-Safe Cyber Digital Twin (QS-CDT) architecture that is intended to purposely forecast cyber threats and dynamically orchestrate adaptive defences. QS-CDT maintains a dynamic digital twin of the live network that is always up-to-date and is protected using post-quantum algorithms that are both CRYSTALS-Kyber and Dilithium for end-to-end quantum resilience. State-of-the-art quantum inspired machine learning algorithms in the twin will simulate and consider attack vectors and emerging threats in real-time, thus enabling preventive action through the knowledge of the threats, their impacts and potential mitigation actions. Here, quantum-inspired machine learning refers to classical algorithms executed on conventional hardware that adopt mathematical principles from quantum computing, such as tensor networks and variational optimization, without requiring physical quantum processors. Unlike other digital twin approaches which center on replicating and passively monitoring the system, the proposed approach combines real-time simulation of potential threats with an automated, policy-driven reconfiguration of the network. Our initial simulation trials show a 35% improvement in latency of threat detection and a 40% improvement in adaptive response time to accommodate unpredictable responses than a less efficient, traditional reactive approach. This improves in turn the overall security posture of the network. Future work shall focus on expanding QS-CDT to large, heterogeneous networks, improve the predictive modeling of quantum potential threat scenarios, and assimilate the architecture with existing operational cyber defense networks. These findings represent an important platform for a next-generation proactive cybersecurity model in the post-quantum computing era.

Healthcare IoT systems increasingly rely on interconnected, resource-constrained devices that are vulnerable to both classical and emerging quantum-enabled cyber threats, but introduced heightened cybersecurity risks, particularly from emerging quantum computing threats that can break conventional encryption such as RSA and ECC. This study addresses the urgent need to secure resource-constrained healthcare IoT systems against both classical and post-quantum attacks while maintaining low-latency performance suitable for non-real-time clinical traffic.This study proposed the Post-Quantum Cognitive Zero-Trust Architecture (PQ-CZTA), which integrates NIST-standardized post-quantum cryptography,CRYSTALS-Kyber for key encapsulation and SPHINCS+ for stateless digital signatures,with a lightweight cognitive engine. The engine employs three machine learning classifiers (Random Forest as primary, Logistic Regression, and Multi-Layer Perceptron) trained with SMOTE oversampling and 5-fold cross-validation on six diverse intrusion detection datasets (NSL-KDD, CIC-IDS2017, MedBIoT, Edge-IIoTset, IoT-23, TON_IoT). Intrusion probabilities are converted to dynamic trust scores that drive zero-trust policy decisions (ALLOW, MONITOR, DENY, QUARANTINE) in a layered architecture enforcing least privilege and hop-by-hop re-authentication.Evaluations demonstrate excellent detection performance with F1-scores ranging from 0.972 to 1.000 across datasets, particularly strong on modern IoT traffic. The full post-quantum handshake incurs 3.1-4.4 seconds latency (dominated by SPHINCS+), which remains acceptable for periodic vital-sign reporting, alerts, and firmware updates. An ablation study proves the importance of the components, with SMOTE contributing 5-20% to the F1 score on imbalanced data and cognitive ML providing the advantage of adaptive policies over static policies.PQ-CZTA provides a practical, quantum-resilient framework that enhances patient data privacy (HIPAA compliance via adaptive risk scoring), predicts attacks on limited devices, and supports resilient IoT-enabled healthcare systems against future quantum threats.

Deepfakes are digital-media which may contain audio, videos or images synthesised by usage of Generative Adversarial Networks (GANs) with the aid of Artificial Intelligence (AI) technologies. These deepfakes have the capability to replicate and mimic the behaviour of real people. Although deepfakes are beneficial in filmmaking and in education sector, but they can have serious implications within the other areas or fields such as in politics, social network platforms, human security and law. The deepfakes can mislead several people with false information. By creating false evidence that can behave like real people and damage the reputation of one. There are several ways for deepfake detection. They work on the basis of analysing and discriminating between various features such as facial features, movements, blinking, variations in voice, variation in tones and background noises. However, these detection systems may be vulnerable to quantum adversaries and futuristic adversarial attacks. This may result in an ambiguity within trustworthy detection systems, which creates an overriding necessity for effective and trustworthy detection framework. The paper highlights a reliable deepfake image detection framework based on the ResNeXt architecture optimized with use of lattice-based adversarial training that is learning with errors (LWE) mechanism to make it resilient against several adversarial manipulations. In addition to this, when followed by the unification of Kyber and Dilithium with quantum cryptography methods, these ensure the authenticity and encryption of the detection results. The proposed scheme DeepQShield is quantum-resistant because it incorporates the executions of post cryptography algorithms and is trained and tested on the Deepfake Detection Challenge dataset (DFDC). On the DFDC database it achieved significantly higher accuracy of 99.28% and an impressive AUC value of 0.9997. When compared to the existing systems such as EfficientNet-B7 (accuracy: 97.2% on DFDC), Vision Transformers (ViT) (90 to 98% on Celeb-DF and DFDC), Multi-attentional CNN-LSTM networks (98.2% on DFDC), FuzzyDFD (accuracy: 99% FF++ and 93% on (Celeb-DF). DeepQShield outshines the conventional models in terms of security, scalability, accuracy and robustness making it best suitable for various applications in real-world scenarios like face forensics, social media data authentication.

The evolving nature of the threat landscape against cloud services is outpacing the capabilities of traditional security measures. Current firewall implementations in cloud services may provide a foundational layer of security, but they have significant limitations regarding their ability to respond to recently identify zero day vulnerabilities and to protect sensitive information from potential attacks utilizing quantum computing, as well as validating audit logs in multi-tenanted, shared cloud service landscapes. In this research, we present an innovative integrated approach to addressing each of these limitations by combining AI driven Anomaly detection techniques with post quantum cryptography authentication, a Zero Trust Architecture (ZTA), and blockchain based audit logging. Our proposed AI enhanced cloud firewall uses a Long Short Term Memory (LSTM) deep learning model to analyze and classify traffic patterns across IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) environments and dynamically creates adaptive firewall policies with sub-second response times. Experimental testing on simulated cloud traffic sets demonstrated that our proposed framework achieved a detection rate of 94.7% and a False Positive Rate (FPR) of 2.1%, representing improvements of 24.7% and 12.9%, respectively, when compared to traditional rule-based firewalls. Additionally, the blockchain anchored audit logging mechanism will create tamper proof audit logs, and the post-quantum cryptography layer will prevent attacks using the CRYSTALS-Kyber and CRYSTALS-Dilithium algorithms. These test results demonstrate that our proposed framework is a scalable, resilient, and security hardened solution for future generations of cloud computing landscapes.

The rapid transformation of defense communication ecosystems into distributed, AI-enabled, and multi-domain operational environments has exposed significant vulnerabilities in existing cryptographic infrastructures. These vulnerabilities are particularly critical in light of the imminent advancement of quantum computing, which threatens conventional public-key encryption schemes, and the operational limitations imposed by lightweight encryption mechanisms deployed on resource-constrained battlefield devices. The traditional public-key algorithm like RSA and ECC, could be exploited by quantum attacks, and the resource-efficient ciphers are not always effective to protect against advanced cyber-warfare, interception, and integrity-compromise in high-mobility tactical networks. This paper suggests DEF-CRYPT-Q (Defense Cryptographic Quantum-Enhanced Privacy-Preserving Hybrid Framework) to secure distributed defense communication data because it is motivated by the requirement of having a single, quantum-resilient, and privacy-preserving security architecture that is suitable in the context of heterogeneous defense settings. The suggested architecture will have four synergistic elements, namely (i) a Context-Aware Lightweight Defense Encryption (CALDE) module that is optimized to support constrained soldier wearables, UAV nodes, and edge sensors; (ii) a Quantum-Resistant Cryptographic Layer (QRCL) that uses lattice-based post-quantum primitives, such as CRYSTALS-Kyber to support the encapsulation of secure keys and CRYSTALS-Dilithium to support the generation of digital signatures, providing long-term quantum safety The experimental assessment of a heterogeneous model of a defense communication demonstrates the shortening of the encryption latency, the limited computational costs of the models of constrained platforms, the high level of integrity, and the resistance to classical and quantum adversarial models, which in turn makes it possible to claim that DEF-CRYPT-Q is a scalable and prospective cryptographic paradigm that is consistent with the strategic goals of modernizing its defense. Simulation results demonstrate that Adaptive DDP-QKA reduces encryption latency to 14.83 ms (vs. 18.21 ms classical and 21.48 ms na&#xef;ve PQC) and bandwidth overhead to 13.9% (vs. 124.6% PQC), while maintaining moderate energy use (1.14 units). It achieves high quantum resistance (0.92 score), mission adaptability (0.95), and low residual risk (<&#x2009;0.1 for major threats), verifying appropriateness for latency-sensitive defense communications.

The proliferation of resource-constrained IoT devices has intensified the conflict between robust security requirements and hardware limitations. Conventional lightweight encryption algorithms (e.g., TEA, Speck) often fail to resolve this tension, exhibiting known cryptanalytic vulnerabilities while imposing excessive computational and energy overhead. This paper presents the Two-Stage Encryption Approach (TTEA), an innovative cryptographic framework optimized for IoT ecosystems. TTEA incorporates a [Formula: see text] bit-sliced S-box as a non-linear substitution layer to ensure high diffusion and resistance to differential attacks, together with an adaptive key scheduling mechanism that dynamically adjusts computational complexity based on device power states. Evaluation on standard IoT platforms such as ESP32 and Raspberry Pi demonstrates that TTEA reduces energy consumption by 39% compared to TEA, lowers memory requirements by 40%, and achieves 20% faster execution speeds. Security analysis confirms an avalanche effect of 48.5% and near-ideal ciphertext entropy (7.98 bits for 128B packets). Furthermore, TTEA shows resilience against differential and linear cryptanalysis, side-channel attacks, and quantum threats when integrated with CRYSTALS-Kyber for post-quantum key exchange. By bridging the gap between post-quantum security and energy efficiency, TTEA offers a validated solution for modern IoT deployments.

Electronic health records (EHRs) increasingly anchor clinical decision support and population-scale analytics, yet their concentration of sensitive information amplifies disclosure risk, widens the attack surface, and faces emerging threats from quantum computing. Existing frameworks fail to simultaneously address privacy preservation, quantum-resistant security, and cross-institutional federated learning. We introduce CITADEL (Cryptographically Integrated Temporal Architecture for Distributed EHR Ledger), integrating five co-designed components: NIST-standardized CRYSTALS-Kyber (ML-KEM-768) and CRYSTALS-Dilithium (ML-DSA-65) post-quantum cryptography via the validated pqcrypto library; a genomic-aware privacy engine with beacon query protection and calibrated randomized response; temporally-partitioned federated learning with hospital-specific weighted aggregation; multi-modal health data tokenization; and an adaptive regulatory compliance engine for HIPAA and GDPR. Evaluation used a synthetic EHR dataset comprising 5,000 patients across 10 healthcare institutions, with 30-day hospital readmission as the primary prediction task. CITADEL achieves 84.5% accuracy and 0.866 AUC-ROC, exceeding nine baselines including centralized neural networks and differentially-private federated learning. Privacy metrics include k-anonymity of 13, l-diversity of 2.0, 99.0% linkage attack resistance, 42.2% attribute inference resistance, and 100% correlation preservation. The ledger sustains 285.3 transactions per second with ML-DSA-65 signing in 2.16 ms and verification in 0.46 ms. Multi-seed evaluation confirms robustness (accuracy 0.854 &#xb1; 0.012, AUC-ROC 0.880 &#xb1; 0.014). CITADEL demonstrates that privacy preservation, quantum-resistant security, and usable federated analytics can be reconciled within one cohesive architecture. Results suggest a practical route to healthcare data management that remains credible in a post-quantum computing era and compatible with decentralized governance.

The standardisation of post-quantum cryptography (PQC) by NIST marks a critical transition away from classical public-key schemes towards quantum-resistant successors. As machine learning (ML) applications proliferate, the demand for efficient cryptographic primitives intensifies, requiring implementations that are simultaneously quantum-safe and resource-aware. Recent surveys have investigated the interplay between ML and PQC, with particular focus on ML-assisted parameter optimisation, privacy-preserving ML leveraging lattice-based cryptography, and neural-network implementations of quantum-resistant algorithms. Building on these findings, we propose QSafe-ML, a comprehensive four-stage framework that integrates hardware profiling, surrogate modelling via ML, constrained multi-objective optimisation, and continuous security validation to facilitate the tuning of PQC parameters and implementations. The framework targets NIST-standardised lattice-based schemes CRYSTALS-Kyber, CRYSTALS-Dilithium, Falcon, and NTRU across three heterogeneous hardware platforms. Experimental evaluation with n=30 repeated trials demonstrates mean latency reductions of 27.5-41.9% (95% CI &#xb1;1.1-1.7 pp), memory savings of 13.3-30.2%, and energy savings of 22.8-38.2% over NIST reference baselines, with all configurations maintaining &#x2265;128-bit post-quantum security. An ablation study confirms that surrogate-guided search accounts for the dominant share of these gains. All code, data, and benchmark instructions are released at a public repository (available upon acceptance of this manuscript) to promote reproducibility in evaluating ML-assisted cryptographic systems.

Randomness plays an important role in data communication as well as in cybersecurity. In the simulation of communication systems, randomized bit sequences are often used to model a digital source information stream. Cryptographic outputs should look more random than deterministic in order to provide an attacker with as little information as possible. Therefore, the investigation of randomness, especially in cybersecurity, has attracted a lot of attention and research activities. Common tests regarding randomness are hypothesis-based and focus on analyzing the distribution and independence of zero and non-zero elements in a given random sequence. In this work, a novel approach grounded in a gap-based burst analysis is presented and analyzed. Such approaches have been successfully implemented, e.g., in data communication systems and data networks. The focus of the current work is on detecting deviations from the ideal gap-density function describing randomized bit sequences. For testing and verification purposes, the well-researched post-quantum cryptographic CRYSTALS suite, including its Kyber and Dilithium schemes, is utilized. The proposed technique allows for quickly verifying the level of randomness in given cryptographic outputs. The results for different sequence-generation techniques are presented, thus validating the approach. The results show that key-encapsulation and key-exchange algorithms, such as CRYSTALS-Kyber, achieve a lower level of randomness compared to digital signature algorithms, such as CRYSTALS-Dilithium.

暂无摘要（点击查看详情）

This article proposes a secure, real-time, intelligent, edge-based Internet of Medical Things (IoMT) monitoring framework for intensive care unit (ICU) environments. The system integrates TinyML-powered decision trees with lattice-based post-quantum cryptography (PQC), specifically Kyber 512, to enable low-latency anomaly detection and quantum-resistant data transmission. Although designed for deployment on resource-constrained ESP32 microcontrollers, the entire pipeline is implemented and evaluated within an OMNeT++ simulation environment, including on-device inference and PQC encryption. A synthetically generated ICU dataset, validated by three hospitals, ensures clinical relevance and robustness in diverse patient scenarios. Data fusion techniques improve feature reliability, while Kyber 512 provides lightweight, quantum-safe encryption. OMNeT++ simulations demonstrate end-to-end communication with zero observed packet loss and very low end-to-end latency, under realistic ICU network conditions. The framework addresses key challenges in computational efficiency, data confidentiality, and scalability, offering a future-ready solution for intelligent healthcare systems. The results show 99.4% accuracy in anomaly detection, with strong generalization validated on external datasets (PhysioNet: 98.5%, Kaggle: 99.0%). This work represents one of the first integrations of TinyML and PQC in a simulated IoMT setting, paving the way for secure, scalable, and intelligent ICU monitoring.

With the emergence of quantum computing, traditional cryptographic methods face significant vulnerabilities, particularly in the Industrial Internet of Things (IIoT) environment, where cybersecurity, data privacy, and trust management are critical. In order to address the said problems concerned with post-quantum security, this paper proposes a quantum-secure framework for IIoT applications by integrating multi-agent reinforcement learning (MARL) for optimized blockchain consensus, blockchain-supported federated learning for privacy-preserving AI training, and post-quantum cryptography (PQC) for quantum-resistant security. The MARL-based consensus uses a deep Q-network with explainable AI to enhance transparency and trust. Federated learning employs dynamic participant selection and PQC (e.g., NTRUEncrypt, Kyber) to ensure privacy. Evaluations are carried out on Edge IIoT and Federated EMNIST datasets, which are publicly available datasets and are used in similar studies. The experimental results reveal that the proposed framework demonstrate improvements in scalability, security, and efficiency, hence, offering a robust solution for applications like smart cities and healthcare.