Journal of Systems Architecture最新文献_第8页

Cloud-aided attribute-based encryption with efficient tracing and accountability auditing 云辅助的基于属性的加密，具有高效的跟踪和责任审计

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-04-12 DOI: 10.1016/j.sysarc.2025.103407

Fei Meng , Leixiao Cheng

{"title":"Cloud-aided attribute-based encryption with efficient tracing and accountability auditing","authors":"Fei Meng , Leixiao Cheng","doi":"10.1016/j.sysarc.2025.103407","DOIUrl":"10.1016/j.sysarc.2025.103407","url":null,"abstract":"<div><div>How to ensure data confidentiality and prevent data abuse has been a major challenge of cloud storage services. Attribute-based encryption (ABE) provides a solution for this problem by allowing authorized users with proper attributes to decrypt the ciphertext. Traceability and accountability are indispensable requirements for an ABE system to trace users leaking their private keys and to audit the accountability of authority in framing innocent users. However, in existing related works, user has a typically large private key, the size of which depends on the number of user’s attributes. Accordingly, the tracing and auditing costs are computationally expensive. To alleviate the cost of tracing and auditing, we construct a cloud-aided ABE scheme with efficient tracing and auditing. Specifically, we replace the ABE-type private key in previous works by the “transform key”. Given an ABE ciphertext, if the user is authorized to decrypt it, the cloud could use the transform key to transform the ABE ciphertext to a simpler one related to user’s identity. In this case, the user only needs to keep a fairly short and constant-size private key. As a result, it is much more efficient to trace and audit such a short private key in our scheme.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"163 ","pages":"Article 103407"},"PeriodicalIF":3.7,"publicationDate":"2025-04-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143826410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Configuration-aware approaches for enhancing energy efficiency in FPGA-based deep learning accelerators 在基于fpga的深度学习加速器中提高能效的配置感知方法

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-04-11 DOI: 10.1016/j.sysarc.2025.103410

Chao Qian, Tianheng Ling, Christopher Cichiwskyj, Gregor Schiele

{"title":"Configuration-aware approaches for enhancing energy efficiency in FPGA-based deep learning accelerators","authors":"Chao Qian, Tianheng Ling, Christopher Cichiwskyj, Gregor Schiele","doi":"10.1016/j.sysarc.2025.103410","DOIUrl":"10.1016/j.sysarc.2025.103410","url":null,"abstract":"<div><div>In the rapidly evolving domain of the Internet of Things (IoT), this study focuses on enhancing the energy efficiency of Deep Learning accelerators implemented on FPGA-based heterogeneous platforms aligned with the principles of sustainable computing. Diverging from the conventional focus on the inference phase, this research introduces innovative optimizations aimed at minimizing the overhead associated with the FPGA configuration phase. Our investigation achieved a remarkable 40.13-fold reduction in configuration energy each time the FPGA is powered on through precise fine-tuning of configuration parameters. Furthermore, the implementation of our Idle-Waiting strategy significantly reduced the overall energy consumption across requests. Under scenarios with regular request periods, the enhanced Idle-Waiting strategy augmented with power-saving methods, outperforms the traditional On-Off strategy in duty-cycle mode for request periods extending up to 499.06 ms. This enhancement is most pronounced at a 40 ms request period, where it increases the system’s operational lifetime by a factor of 12.39 within a 4147 J energy budget. Additionally, this paper introduces an adaptive strategy switching approach to manage scenarios with irregular request periods, employing both predefined and learnable threshold methods. This approach is not only more consistently stable than single-strategy methods but also generally outperforms them. Within this approach, our learnable threshold experiences only a 10% performance drop compared to the future-aware strategy and is at least 6% better than using single-strategy methods. These results underscore the significant potential for deploying more energy-efficient and sustainable systems within IoT applications. Future research will explore the application of these power-saving techniques to a broader spectrum of tasks on diverse FPGA platforms.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"163 ","pages":"Article 103410"},"PeriodicalIF":3.7,"publicationDate":"2025-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143839491","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Reducing Errors and Powers in LPDDR for DNN Inference: A Compression and IECC-Based Approach 减少DNN推理中LPDDR的误差和功率：一种基于压缩和iec的方法

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-04-10 DOI: 10.1016/j.sysarc.2025.103409

Jae-Youn Hong , Je-Woo Jang , Sung-Hyuk Cho , Youngbae Kong , Sungkyu Kim , Youngjung Kang , Jaehyung Ko , Jaeyong Chung , Joon-Sung Yang

{"title":"Reducing Errors and Powers in LPDDR for DNN Inference: A Compression and IECC-Based Approach","authors":"Jae-Youn Hong , Je-Woo Jang , Sung-Hyuk Cho , Youngbae Kong , Sungkyu Kim , Youngjung Kang , Jaehyung Ko , Jaeyong Chung , Joon-Sung Yang","doi":"10.1016/j.sysarc.2025.103409","DOIUrl":"10.1016/j.sysarc.2025.103409","url":null,"abstract":"<div><div>In modern edge systems, the demand for data processing, especially for complex DNN tasks, is rapidly increasing. To address this, various compression schemes have been proposed to enable on-device AI while meeting the strict power and storage constraints of edge devices. However, despite these advancements, the compatibility of the compression methods with edge device memory, such as LPDDR, has not been thoroughly investigated. LPDDR operates at low voltage and faces reliability challenges like cell leakage, which is particularly concerning for applications where accuracy is critical, such as Advanced Driver Assistance Systems (ADAS) or medical devices. To address these reliability concerns, an ECC engine, known as IECC, is employed within each LPDDR bank. While IECC improves reliability, it also incurs performance penalties due to Read-Modify-Write (RMW) operations and parity storage overheads. This paper introduces RELIA, a DNN weight compression scheme with three-stage protection, aimed at enabling power-efficient and reliable DNN operations in mobile environments. RELIA reduces the operation granularity of the IECC engine to eliminate RMW overhead. Additionally, it proposes a SEC-FOEC(72,64) scheme (Single Error Correction-Frequently Occurring Error Correction) that can correct 99.97% of LPDDR errors. To mitigate the added storage overhead, a compression scheme based on DNN weight characteristics is introduced. Experimental results show RELIA outperforms traditional IECC schemes, reducing power by 16.12%, cycles by 12.6%, energy by 30.62%, and storage by 22.78%, while offering superior reliability in DNN inference.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"163 ","pages":"Article 103409"},"PeriodicalIF":3.7,"publicationDate":"2025-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143847739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enabling flexible multiple-replica cloud storage integrity auditing for cloud-based IoT data 为基于云的物联网数据提供灵活的多副本云存储完整性审计

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-04-10 DOI: 10.1016/j.sysarc.2025.103404

Guoqing Chen, Rong Hao

{"title":"Enabling flexible multiple-replica cloud storage integrity auditing for cloud-based IoT data","authors":"Guoqing Chen, Rong Hao","doi":"10.1016/j.sysarc.2025.103404","DOIUrl":"10.1016/j.sysarc.2025.103404","url":null,"abstract":"<div><div>With the rapid development of the Internet of Things (IoT), a large amount of data from various IoT devices is generated. The cloud provides high-performance and simple-pricing storage service for these large-scale data generated in IoT. For some important data, the user prefers to store multiple replicas of them in cloud to enhance the reliability. Multiple-replica cloud storage integrity auditing is a technology that checks the integrity of the data with multiple replicas to ensure they are intactly stored in the cloud. Nonetheless, the existing schemes cannot be well applied to IoT scenarios because they incur high computation overhead on the user side. In order to address this problem, we propose a flexible multiple-replica cloud storage integrity auditing scheme for cloud-based IoT data. In our scheme, online/offline signature is used to divide authentication generation into two phases: offline phase and online phase. In the offline phase, complex computations are performed. In the online phase, the user uses the results produced in the offline phase to perform lightweight computations. This design significantly reduces the user’s computation overhead in the online phase, so that IoT devices can complete lightweight computation tasks. What is more, our scheme achieves the flexibility of auditing, which can support both file-based multiple-replica cloud storage integrity auditing and keyword-based multiple-replica cloud storage integrity auditing to meet different auditing requirements. We conducted security analysis and performance analysis for the proposed scheme.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"163 ","pages":"Article 103404"},"PeriodicalIF":3.7,"publicationDate":"2025-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143824304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Managing real-time constraints through monitoring and analysis-driven edge orchestration 通过监控和分析驱动的边缘协调来管理实时限制因素

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-04-04 DOI: 10.1016/j.sysarc.2025.103403

Daniel Casini , Paolo Pazzaglia , Matthias Becker

{"title":"Managing real-time constraints through monitoring and analysis-driven edge orchestration","authors":"Daniel Casini , Paolo Pazzaglia , Matthias Becker","doi":"10.1016/j.sysarc.2025.103403","DOIUrl":"10.1016/j.sysarc.2025.103403","url":null,"abstract":"<div><div>Emerging real-time applications are increasingly moving to distributed heterogeneous platforms, under the promise of more powerful and flexible resource capabilities. This shift inevitably brings new challenges. The design space to deploy chains of threads is more complex, and sound estimates of worst-case execution times are harder to obtain. Additionally, the environment is more dynamic, requiring additional runtime flexibility on the part of the application itself. In this paper, we present an optimization-based approach to this problem. First, we present a model and real-time analysis for modern distributed edge applications. Second, we propose a design-time optimization problem to show how to set the main parameters characterizing such applications from a time-predictability perspective. Then, we present an orchestration and runtime decision-making mechanism that monitors execution times and allows for runtime reconfigurations, spanning from graceful degradation policies to re-distributions of workload. A prototypical implementation of the proposed approach based on the QNX RTOS and its evaluation on a realistic case study based on an edge-based valet parking application conclude the paper.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"163 ","pages":"Article 103403"},"PeriodicalIF":3.7,"publicationDate":"2025-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143776864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A systematic review of multi-factor authentication in digital payment systems: NIST standards alignment and industry implementation analysis 数字支付系统中多因素认证的系统回顾：NIST标准校准和行业实施分析

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-03-26 DOI: 10.1016/j.sysarc.2025.103402

Phat T. Tran-Truong , Minh Q. Pham , Ha X. Son , Dat L.T. Nguyen , Minh B. Nguyen , Khiem L. Tran , Loc C.P. Van , Kiet T. Le , Khanh H. Vo , Ngan N.T. Kim , Triet M. Nguyen , Anh T. Nguyen

{"title":"A systematic review of multi-factor authentication in digital payment systems: NIST standards alignment and industry implementation analysis","authors":"Phat T. Tran-Truong , Minh Q. Pham , Ha X. Son , Dat L.T. Nguyen , Minh B. Nguyen , Khiem L. Tran , Loc C.P. Van , Kiet T. Le , Khanh H. Vo , Ngan N.T. Kim , Triet M. Nguyen , Anh T. Nguyen","doi":"10.1016/j.sysarc.2025.103402","DOIUrl":"10.1016/j.sysarc.2025.103402","url":null,"abstract":"<div><div>This survey presents a systematic evaluation of Multi-Factor Authentication (MFA) practices in digital payment systems, analyzing their alignment with NIST Special Publications 800-63 guidelines. Through a comprehensive review of 70 academic papers published between 2017–2024 and 13 industry-based authentication tools, we examine how current implementations measure against Identity Assurance Level (IAL) and Authentication Assurance Level (AAL) standards. Our analysis reveals a significant gap between theoretical capabilities proposed in academic research and actual industry implementations, with 33% of tools relying primarily on OTP-based authentication despite more advanced methods being available. The survey identifies emerging trends like biometric authentication adoption (60% of analyzed papers) and varying regulatory compliance across sectors, with payment systems demonstrating 77% alignment with standards while IoT and E-Service domains show fragmented approaches. We propose a framework for developing adaptive authentication systems that balance security requirements with user experience through context-aware risk assessment. This work provides valuable insights for researchers, practitioners, and policymakers working to enhance the security and usability of digital payment authentication systems.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103402"},"PeriodicalIF":3.7,"publicationDate":"2025-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143738977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Joint optimization of layering and power allocation for scalable VR video in 6G networks based on Deep Reinforcement Learning 基于深度强化学习的6G网络可扩展VR视频分层与功率分配联合优化

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-03-17 DOI: 10.1016/j.sysarc.2025.103401

Junchao Yang , Hui Zhang , Wenxin Jiao , Zhiwei Guo , Fayez Alqahtani , Amr Tolba , Yu Shen

{"title":"Joint optimization of layering and power allocation for scalable VR video in 6G networks based on Deep Reinforcement Learning","authors":"Junchao Yang , Hui Zhang , Wenxin Jiao , Zhiwei Guo , Fayez Alqahtani , Amr Tolba , Yu Shen","doi":"10.1016/j.sysarc.2025.103401","DOIUrl":"10.1016/j.sysarc.2025.103401","url":null,"abstract":"<div><div>With the advancement and application of virtual reality (VR) technology, there is a growing demand for network bandwidth and computational capabilities. To address the challenges of high bandwidth requirements, low latency demands, and intensive computational tasks in VR video transmission, this paper proposes a joint optimization method for layering and power allocation based on Deep Reinforcement Learning (DRL). The method focuses on the transmission of scalable VR videos in 6G networks, utilizing DRL to achieve a cloud-edge-end collaborative transmission framework, where Tile-based scalable VR video is proactively cached to the MEC nodes, and Asynchronous Advantage Actor-Critic (A3C) algorithm is adopted to jointly optimize dual-connected link resources, edge computing resources, and user terminal computing resources. Through simulation experiments, the effectiveness of the proposed algorithms was validated. The results show that compared to baseline algorithms and state-of-the-art methods, the proposed A3C algorithm effectively improves the average quality of experience (QoE) for VR users and maintains low latency under various sub-6G and millimeter wave link capacities. Furthermore, with increased Mobile Edge Computing (MEC) computing power and User Equipment (UE) computing capabilities, the proposed method can further improve QoE and reduce latency.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103401"},"PeriodicalIF":3.7,"publicationDate":"2025-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143687768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Verifiable decentralized identity-based meta-computing in Industrial Internet of Things (IIoT) 工业物联网（IIoT）中基于身份的可验证分散元计算

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-03-13 DOI: 10.1016/j.sysarc.2025.103391

Kai Ding , Tianxiu Xie , Keke Gai , Chennan Guo , Liangqi Lei , Dongjue Wang , Jing Yu , Liehuang Zhu , Weizhi Meng

{"title":"Verifiable decentralized identity-based meta-computing in Industrial Internet of Things (IIoT)","authors":"Kai Ding , Tianxiu Xie , Keke Gai , Chennan Guo , Liangqi Lei , Dongjue Wang , Jing Yu , Liehuang Zhu , Weizhi Meng","doi":"10.1016/j.sysarc.2025.103391","DOIUrl":"10.1016/j.sysarc.2025.103391","url":null,"abstract":"<div><div>Meta-computing in Industrial Internet of Things (IIoT) has triggered a dramatic advance due to the gigantic supports of computation power for processing complex IIoT tasks. However, users identities are encountering security and verification issues since emerging threats derive from dynamic inter-operations in the cross-organization context. Even though blockchain-based Decentralized Identity (DID) is an alternative for offering a strengthened identity governance, current verifiability of DID documents still encounters vulnerabilities due to the involvement of the less trustful third parties that maintain the storage of binding relationships between DID identifiers and public keys. In this paper, we propose a novel <em><u>V</u>erifiable and <u>S</u>earchable <u>D</u>ecentralized <u>I</u>dentity (VS-DID)</em> model. We focus on the verifiability of DID documents and propose a verifiable registry scheme that ensures verifiable binding relationships. In order to enable efficient queries in large-scale users’ identities in meta-computing IIoT, we develop an on-chain-off-chain query strategy that adopts a slide window accumulator. The experimental results show that our scheme reduces aggregate proof time and commitment time by 93.5% and 96.5%, respectively, compared to the Merkle SNARK scheme, while maintaining reasonable verification time, significantly improving the efficiency of DID registry in large-scale IIoT environments.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103391"},"PeriodicalIF":3.7,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143687769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Balancing I/O and wear-out distribution inside SSDs with optimized cache management 通过优化缓存管理平衡ssd内的I/O和损耗分布

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-03-11 DOI: 10.1016/j.sysarc.2025.103392

Jiaxu Wu, Jiaojiao Wu, Aobo Yang, Fan Yang, Zhigang Cai, Jianwei Liao

{"title":"Balancing I/O and wear-out distribution inside SSDs with optimized cache management","authors":"Jiaxu Wu, Jiaojiao Wu, Aobo Yang, Fan Yang, Zhigang Cai, Jianwei Liao","doi":"10.1016/j.sysarc.2025.103392","DOIUrl":"10.1016/j.sysarc.2025.103392","url":null,"abstract":"<div><div>NAND flash memory-based solid-state drives (SSDs) have been adopted as storage infrastructure in a wide range of computing systems. In order to service an I/O request, the logical page address (<em>LPA</em>) of the request should be mapped to a physical page address (<em>PPA</em>), termed page-level address mapping in SSDs. As a fundamental mapping scheme, static mapping needs a small-scale mapping table and ensures good read parallelism, but it may bring about uneven I/O and wear-out distribution across SSD parallel units (<em>e.g.</em> flash planes), thus resulting in low write efficiency. To mitigate the negative effects of static mapping, this paper proposes a novel cache management scheme to not only guarantee I/O responsiveness but also balance I/O and wear-out distribution. Specifically, we first introduce directly flushing a portion of data pages onto the flash array while they are cold and the target parallel units have endured a small number of erase operations. After that, we present a method for selecting victim data pages from the data cache, by referring to the factors of pending I/O requests and the wear-out level on the flash memory. Through a series of simulation experiments on selected block I/O traces of real-world applications, we show that our approach achieves an average I/O latency reduction of <span>16.1</span>% compared to <em>Baseline</em>, <span>13.6</span>% over <em>GCaR</em>, <span>12.4</span>% over <em>LCR</em>, and <span>6.6</span>% over <em>ARB</em> while simultaneously balancing I/O and wear-out distribution. These results demonstrate its superiority over existing state-of-the-art schemes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103392"},"PeriodicalIF":3.7,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143621500","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Subversion resistant identity-based signature 抗颠覆的基于身份的签名

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-03-08 DOI: 10.1016/j.sysarc.2025.103385

Mengdi Ouyang , Cuixiang Yang , Xiaojuan Liao , Fagen Li

{"title":"Subversion resistant identity-based signature","authors":"Mengdi Ouyang , Cuixiang Yang , Xiaojuan Liao , Fagen Li","doi":"10.1016/j.sysarc.2025.103385","DOIUrl":"10.1016/j.sysarc.2025.103385","url":null,"abstract":"<div><div>Identity-based cryptography (IBC) resolves the issue of certificate management, establishing itself as an evolving industry standard. Identity-based signature (IBS), an essential element of IBC, ensures integrity and authentication, playing a crucial role in the domains of internet of things (IoT) and cloud computing. Nevertheless, the “Snowden” event exposed how attackers subverted cryptographic algorithms’ implementations to undermine security and conduct mass-surveillance. We explore a subversion attack (SA) model on IBS and define two properties including undetectability and strong key recoverability. Our SA enables a recovery of the master private key and a private key through any two successive signatures, posing a greater challenge. Cryptographic reverse firewalls (RFs) are the main countermeasures to resist SAs. However, existing works necessitate the storage of randomness corresponding to various identities and fail to resist bit-by-bit SA. To address the aforementioned issue, we formulate a system model and a security model for subversion-resistant identity-based signature (SR-IBS). Then, we establish an instance and prove SR-IBS’s security of existential unforgeability under chosen message attack (EUF-CMA) along with subversion resistance. Finally, we leverage pypbc library to conduct a comprehensive experiment analysis. The results indicate the execution difference between subverted IBS and pure one is around 2ms and RFs only add approximately 0.5% of overall execution across five different security level. SR-IBS provides subversion-resistant without increasing high computation burden.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103385"},"PeriodicalIF":3.7,"publicationDate":"2025-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143621501","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0