IET Information Security最新文献

{"title":"A Novel Differentially Private Online Learning Algorithm for Group Lasso in Big Data","authors":"Jinxia Li,&nbsp;Liwei Lu","doi":"10.1049/2024/5553292","DOIUrl":"https://doi.org/10.1049/2024/5553292","url":null,"abstract":"<div>\u0000 <p>This study addresses the challenge of extracting valuable information and selecting key variables from large datasets, essential across statistics, computational science, and data science. In the age of big data, where safeguarding personal privacy is paramount, this study presents an online learning algorithm that leverages differential privacy to handle large-scale data effectively. The focus is on enhancing the online group lasso approach within the differential privacy realm. The study begins by comparing online and offline learning approaches and classifying common online learning techniques. It proceeds to elucidate the concept of differential privacy and its importance. By enhancing the group-follow-the-proximally-regularized-leader (GFTPRL) algorithm, we have created a new method for the online group lasso model that integrates differential privacy for binary classification in logistic regression. The research offers a solid validation of the algorithm’s effectiveness based on differential privacy and online learning principles. The algorithm’s performance was thoroughly evaluated through simulations with both synthetic and actual data. The comparison is made between the proposed privacy-preserving algorithm and traditional non-privacy-preserving counterparts, with a focus on regret bounds, a measure of performance. The findings underscore the practical benefits of the differential privacy-preserving algorithm in tackling large-scale data analysis while upholding privacy standards. This research marks a significant step forward in the fusion of big data analytics and the safeguarding of individual privacy.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/5553292","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142525225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Efficient Multiparty Threshold ECDSA Protocol against Malicious Adversaries for Blockchain-Based LLMs","authors":"Jing Wang,&nbsp;Xue Yuan,&nbsp;Yingjie Xu,&nbsp;Yudi Zhang","doi":"10.1049/2024/2252865","DOIUrl":"https://doi.org/10.1049/2024/2252865","url":null,"abstract":"<div>\u0000 <p>Large language models (LLMs) have brought significant advancements to artificial intelligence, particularly in understanding and generating human language. However, concerns over management burden and data security have grown alongside their capabilities. To solve the problem, we design a blockchain-based distributed LLM framework, where LLM works in the distributed mode and its outputs can be stored and verified on a blockchain to ensure integrity, transparency, and traceability. In addition, a multiparty signature-based authentication mechanism is necessary to ensure stakeholder consensus before publication. To address these requirements, we propose a threshold elliptic curve digital signature algorithm that counters malicious adversaries in environments with three or more participants. Our approach relies on discrete logarithmic zero-knowledge proofs and Feldman verifiable secret sharing, reducing complexity by forgoing multiplication triple protocols. When compared with some related schemes, this optimization speeds up both the key generation and signing phases with constant rounds while maintaining security against malicious adversaries.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/2252865","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142447780","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Pairing Optimizations for Isogeny-Based Cryptosystems","authors":"Shiping Cai,&nbsp;Kaizhan Lin,&nbsp;Chang-An Zhao","doi":"10.1049/2024/9631360","DOIUrl":"https://doi.org/10.1049/2024/9631360","url":null,"abstract":"<div>\u0000 <p>In isogeny-based cryptography, bilinear pairings are regarded as a powerful tool in various applications, including key compression, public key validation, and torsion basis generation. However, in most isogeny-based protocols, the performance of pairing computations is unsatisfactory due to the high computational cost of the Miller function. Reducing the computational expense of the Miller function is crucial for enhancing the overall performance of pairing computations in isogeny-based cryptography. This paper addresses this efficiency bottleneck. To achieve this, we propose several techniques for a better implementation of pairings in isogeny-based cryptosystems. We use (modified) Jacobian coordinates and present new algorithms for Miller function computations to compute pairings of order 2^∙ and 3^∙. For pairings of arbitrary order, which are crucial for key compression in some SIDH-based schemes (such as M-SIDH and binSIDH), we combine Miller doublings with Miller additions/subtractions, leading to a considerable speedup. Moreover, the optimizations for pairing applications in CSIDH-based protocols are also considered in this paper. In particular, our approach for supersingularity verification in CSIDH is 15.3% faster than Doliskani’s test, which is the state-of-the-art.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/9631360","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142429227","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automatic Search of Differential Characteristics and Improved Differential Cryptanalysis for PRINCE, QARMA, and MANTIS","authors":"Yaxin Cui,&nbsp;Hong Xu,&nbsp;Lin Tan,&nbsp;Wenfeng Qi","doi":"10.1049/2024/5574862","DOIUrl":"https://doi.org/10.1049/2024/5574862","url":null,"abstract":"<div>\u0000 <p>Reflection structure has a significant advantage that realizing decryption and encryption results in minimum additional costs, and many block ciphers tend to adopt such structure to achieve the requirement of low overhead. PRINCE, MANTIS, QARMA, and PRINCEv2 are lightweight block ciphers with reflection feature proposed in recent years. In this paper, we consider the automatic differential cryptanalysis of reflection block ciphers based on Boolean satisfiability (SAT) method. Since reflection block ciphers have different round functions, we extend forward and backward from the middle structure and achieve to accelerate the search of the optimal differential characteristics for such block ciphers with the Matsui’s bounding conditions. As a result, we present the optimal differential characteristics for PRINCE up to 12 rounds (full round), and they are also the optimal characteristics for PRINCEv2. We also find the optimal differential characteristics for MANTIS, QARMA-64, and QARMA-128 up to 10, 12, and 8 rounds, respectively. To mount an efficient differential attack on such block ciphers, we present a uniform SAT model by combining the differential characteristic searching process and the key recovery process. With this model, we find two sets of 7-round differential characteristics for PRINCE with less guessed key bits and use them to present a multiple differential attack against 11-round PRINCE, which improves the known single-key attack on PRINCE by one round to our knowledge.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/5574862","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142359951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-Enhanced Data Sharing Systems from Hierarchical ID-Based Puncturable Functional Encryption with Inner Product Predicates","authors":"Cheng-Yi Lee,&nbsp;Zi-Yuan Liu,&nbsp;Masahiro Mambo,&nbsp;Raylin Tso","doi":"10.1049/2024/5535196","DOIUrl":"https://doi.org/10.1049/2024/5535196","url":null,"abstract":"<div>\u0000 <p>The emergence of cloud computing enables users to upload data to remote clouds and compute them. This drastically reduces computing and storage costs for users. Considering secure computing for multilevel users in enterprises, the notion of hierarchical identity-based inner product functional encryption (HIB-IPFE) is proposed. In this cryptosystem, a sender can encrypt a vector <span></span><math></math> into a ciphertext with a hierarchical identity, while a receiver who possesses a secret key corresponding to the same hierarchical identity and a vector <span></span><math></math> can decrypt the ciphertext and obtain the inner product <span></span><math></math>. However, HIB-IPFE is not sufficient to capture flexible data sharing and forward security. In this study, we present a notion of hierarchical identity-based puncturable HIBP-IPFE. Furthermore, we present a formal definition and security model of HIBP-IPFE to guarantee data confidentiality and receiver anonymity. Compared with HIB-IPFE, our proposed scheme enables users to puncture keys on specific tags ensuring that the punctured keys cannot be used to decrypt the ciphertexts associated with those tags. The proposed scheme is provably secure under <i>d</i>-DBDHE assumption in the standard model. The experimental results indicate that our scheme is more practical in cloud computing, with superior functionality.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/5535196","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142359916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improved AB-CPREs with Revocability and HRA Security under LWE","authors":"Yang Wang,&nbsp;Mingqiang Wang","doi":"10.1049/2024/4333883","DOIUrl":"https://doi.org/10.1049/2024/4333883","url":null,"abstract":"<div>\u0000 <p>Attribute-based conditional proxy re-encryption protocols (AB-CPREs) enable a delegator to delegate his decryption rights via different policies and grant the data owner greater flexibility in allocating their encrypted private data stored in the cloud. However, existing lattice-based AB-CPREs suffer from some drawbacks such as large parameters and weak passive securities. To the best of our knowledge, the first quantum-safe key-policy AB-CPREs with <i>polynomially bounded parameters</i> (for certain NC ⁰ circuits/policies) that is selective attribute secure against honest re-encryption attacks (HRA) is presented. The security of our proposed AB-CPREs is based on standard LWE assumptions. We further introduce the directly revocable AB-CPREs, a primitive that enables a delegator to authorize and revoke his delegation of decryption rights dynamically and offers more flexible access control on externally stored encrypted data. Definition and security model of single-hop directly revocable AB-CPREs are given, and the first detailed construction of single-hop directly revocable AB-CPREs based on standard LWE assumptions is also proposed.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/4333883","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142324601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DDoS-MSCT: A DDoS Attack Detection Method Based on Multiscale Convolution and Transformer","authors":"Bangli Wang,&nbsp;Yuxuan Jiang,&nbsp;You Liao,&nbsp;Zhen Li","doi":"10.1049/2024/1056705","DOIUrl":"https://doi.org/10.1049/2024/1056705","url":null,"abstract":"<div>\u0000 <p>Distributed denial-of-service (DDoS) attacks pose a significant threat to network security due to their widespread impact and detrimental consequences. Currently, deep learning methods are widely applied in DDoS anomaly traffic detection. However, they often lack the ability to collectively model both local and global traffic features, which presents challenges in improving performance. In order to provide an effective method for detecting abnormal traffic, this paper proposes a novel network architecture called DDoS-MSCT, which combines a multiscale convolutional neural network and transformer. The DDoS-MSCT architecture introduces the DDoS-MSCT block, which consists of a local feature extraction module (LFEM) and a global feature extraction module (GFEM). The LFEM employs convolutional kernels of different sizes, accompanied by dilated convolutions, with the aim of enhancing the receptive field and capturing multiscale features simultaneously. On the other hand, the GFEM is utilized to capture long-range dependencies for attending to global features. Furthermore, with the increase in network depth, DDoS-MSCT facilitates the integration of multiscale local and global contextual information of traffic features, thereby improving detection performance. Our experiments are conducted on the CIC-DDoS2019 dataset, and also the CIC-IDS2017 dataset, which is introduced as a supplement to address the issue of sample imbalance. Experimental results on the hybrid dataset show that DDoS-MSCT achieves accuracy, recall, F1 score, and precision of 99.94%, 99.95%, 99.95%, and 99.97%, respectively. Compared to the state of the art methods, the DDoS-MSCT model achieves a good performance for detecting the DDoS attack to provide the protecting ability for network security.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/1056705","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142244563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Superposition Attacks on Pseudorandom Schemes Based on Two or Less Permutations","authors":"Shaoxuan Zhang,&nbsp;Chun Guo,&nbsp;Qingju Wang","doi":"10.1049/2024/9991841","DOIUrl":"https://doi.org/10.1049/2024/9991841","url":null,"abstract":"<div>\u0000 <p>We study quantum superposition attacks against permutation-based pseudorandom cryptographic schemes. We first extend Kuwakado and Morii’s attack against the Even–Mansour cipher and exhibit key recovery attacks against a large class of pseudorandom schemes based on a single call to an <i>n</i>-bit permutation, with polynomial <i>O</i>(<i>n</i>) (or <i>O</i>(<i>n</i>²), if the concrete cost of Hadamard transform is also taken in) quantum steps. We then consider <span></span><math></math> schemes, namely, two permutation-based pseudorandom cryptographic schemes. Using the improved Grover-meet-Simon method, we show that the keys of a wide class of <span></span><math></math> schemes can be recovered with <i>O</i>(<i>n</i>) superposition queries (the complexity of the original is <i>O</i>(<i>n</i>2^<i>n</i>/2)) and <i>O</i>(<i>n</i>2^<i>n</i>/2) quantum steps. We also exhibit subclasses of “degenerated” <span></span><math></math> schemes that lack certain internal operations and exhibit more efficient key recovery attacks using either the Simon’s algorithm or collision searching algorithm. Further, using the all-subkeys-recovery idea of Isobe and Shibutani, our results give rise to key recovery attacks against several recently proposed permutation-based PRFs, as well as the two-round Even–Mansour ciphers with generic key schedule functions and their tweakable variants. From a constructive perspective, our results establish new quantum Q2 security upper bounds for two permutation-based pseudorandom schemes as well as sound design choices.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/9991841","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142174295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Inter-Cloud Data Security Framework to Build Trust Based on Compliance with Controls","authors":"Syed Imran Akhtar,&nbsp;Abdul Rauf,&nbsp;Muhammad Faisal Amjad,&nbsp;Ifra Batool","doi":"10.1049/2024/6565102","DOIUrl":"https://doi.org/10.1049/2024/6565102","url":null,"abstract":"<div>\u0000 <p>Prospects of cloud computing as a technology that optimizes resources, reduces complexity, and provides cost-effective solutions to its consumers are well established. The future of cloud is the “cloud of clouds,” where cloud service providers (CSPs) collaborate with each other to provide ever-scalable solutions to their customers. However, one of the most restricting factors toward the use of the cloud by its consumers is their concerns about data security. Most sensitive to any organization is its data, thus, to give confidence to these organizations to put their data in the cloud requires a trustworthy framework. Therefore, this paper proposes an inter-cloud data security framework, which is a set of controls and a mechanism to measure trust for data sharing based on compliance with the controls. The proposed framework for building inter-cloud trust for data security (FBI-TDS) defines a set of data security controls extracted to cover the possible data-related threats linked with various inter-cloud use cases. As part of FBI-TDS, a mechanism is suggested that would enable CSPs to view compliance with data security controls and the overall trustworthiness of other CSPs. This would enable them to decide the level of interaction that they might undertake, depending upon their data security commitments. A data security compliance monitor service is proposed which measures compliance with data security controls. This service communicates with data trust as a service (DTaaS), which measures the trustworthiness of a CSP based on its total compliance value, users’ feedback rating, and cloud security auditor rating. CSPs who subscribe to DTaaS would be able to view the trustworthiness of other CSPs, yet they would be bound to provide access to the service to measure theirs as well. This new approach to data security in inter-cloud is a mix of data security controls, their measure of compliance, and based on this trust value of a CSP for handling data. The proposed solution thus promotes the cloud of clouds by securing inter-cloud interactions for data-related use cases.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6565102","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bit-Based Evaluation of Lightweight Block Ciphers SLIM, LBC-IoT, and SLA by Mixed Integer Linear Programming","authors":"Nobuyuki Sugio","doi":"10.1049/2024/1741613","DOIUrl":"https://doi.org/10.1049/2024/1741613","url":null,"abstract":"<div>\u0000 <p>Many lightweight block ciphers have been proposed for IoT devices that have limited resources. SLIM, LBC-IoT, and SLA are lightweight block ciphers developed for IoT systems. The designer of SLIM presented a 7-round differential distinguisher and an 11-round linear trail using a heuristic method. We have comprehensively sought the longest distinguisher for linear cryptanalysis, zero-correlation linear cryptanalysis, impossible differential attack, and integral attack using the mixed integer linear Programming (MILP) on SLIM, LBC-IoT, and SLA. The search led to discovery of a 16-round linear trail on SLIM, which is 5-round longer than the earlier result. We have also discovered 7-, 7-, and 9-round distinguishers for zero-correlation linear cryptanalysis, impossible differential attack, and integral attack, which are new results for SLIM. We have revealed 9-, 8-, and 11-round distinguishers on LBC-IoT for zero-correlation linear cryptanalysis, impossible differential attack, and integral attack. We have presented full-round distinguishers on SLA for integral attack using only two chosen plaintexts. We performed a key recovery attack on 16-round SLIM with an experimental verification. This verification took 106 s with a success rate of 93%. Moreover, we present a key recovery attack on 19-round SLIM using 16-round linear trail with correlation 2⁻¹⁵: the necessary number of known plaintext–ciphertext pairs is 2³¹; the time complexity is 2^64.4 encryptions; and the memory complexity is 2³⁸ bytes. Results show that this is the current best key recovery attack on SLIM. Because the recommended number of rounds is 32, SLIM is secure against linear cryptanalysis, as demonstrated herein.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/1741613","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142045337","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}