{"title":"Revisiting LWR: A Novel Reduction Through Quantum Approximations","authors":"Zhuang Shan, Leyou Zhang, Qiqi Lai","doi":"10.1049/ise2/6825855","DOIUrl":"10.1049/ise2/6825855","url":null,"abstract":"<p>Pseudorandom functions (PRFs) are a very important tool in cryptography, and the learning with rounding (LWR) problem is one of the main issues in their construction. LWR problem, is to find <span></span><math></math> from ⌊<b>A</b><b>s</b>⌋<sub><i>p</i></sub>, where <span></span><math></math> and <span></span><math></math> is the rounding function. The LWR problem is considered a variant of the learning with error (LWE) problem, that is, to find <b>s</b> from <b>b</b> = <b>A</b><b>s</b> + <b>e</b>, where <span></span><math></math>, and LWE has been reduced to GapSVP and SIVP. The hardness of the lattice problems is the security foundation of the issued schemes. The best-known reduction for LWR was completed using information-theoretic entropy arguments, and the reduction requires <i>q</i> ≥ 2<i>n</i><i>m</i><i>p</i>. It does not directly reduce to the closest vector problem (CVP) problem, but rather to the LWE problem. However, the reduction in the aforementioned work significantly reduces the difficulty of LWR. To more accurately characterize the hardness of LWR, this paper uses statistical approximation and a Quantum Fourier Transform to reduce LWR to the CVP, thereby ensuring the hardness of LWR. Furthermore, unlike the previous conclusions, our reduction involves minimal loss and has broad security conditions, requiring only that <span></span><math></math>, where <i>q</i> and <i>p</i> are prime numbers and 0 < <i>α</i> < 1.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6825855","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144897395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Methodological Framework to Hybrid Machine Learning for Detecting Unusual Cyberattacks in Internet of Things","authors":"R. S. Ramya, S. Jayanthy","doi":"10.1049/ise2/8381148","DOIUrl":"10.1049/ise2/8381148","url":null,"abstract":"<p><b>Background:</b> The Internet of Things (IoT) represents one of the fastest-expanding developments in the computer industry. However, the inherently hostile environment of the internet makes IoT systems vulnerable. A popular and promising method for detecting cyberattacks is machine learning (ML), which produces excellent outcomes for identified attacks. However, their ability to identify unidentified malicious traffic is nearly nonexistent.</p><p><b>Need for the Study:</b> The need for study arises from the advanced security solutions of IoT, which are vulnerable to various known and unknown cyberattacks. Traditional ML methods are used to effectively detect new threats. It is followed by a hybrid methodological framework to combine supervised and semisupervised learning. It is an advanced approach to enhance detection accuracy and adaptability in dynamic IoT environments.</p><p><b>Methods:</b> The study suggests an innovative strategy that combines supervised and unsupervised techniques. Initially employing several flow-based parameters, the improved density-based spatial clustering of applications with noise (IDBSCAN) clustering technique distinguishes between anomalous and regular traffic. Next, utilizing specific statistical metrics, a hybrid multiple kernel extreme learning machine with modified teaching–learning-based optimization (HMKELM-MTLBO) classification process is applied to label the clusters.</p><p><b>Findings of the Study:</b> The findings of accuracy result as 98.95%, precision as 97.65%, recall as 98.56%, and F1 score value as 98.23%.</p><p><b>Results:</b> The approach’s effectiveness was evaluated using the ToN_IoT dataset, and a 99%+ accuracy rate was attained in identifying cyberattacks across IoT technology.</p><p><b>Conclusion:</b> The study validates the suggested strategy by testing a distinct set of attacks and training on the ToN_IoT dataset utilizing an extensive data processing system.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8381148","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144869754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Lei Tang, Zhengxin Cao, Xin Zhou, Junzhe Zhang, Junchi Ma
{"title":"STF-LPPVA: Local Privacy-Preserving Method for Vehicle Assignment Based on Spatial–Temporal Fusion","authors":"Lei Tang, Zhengxin Cao, Xin Zhou, Junzhe Zhang, Junchi Ma","doi":"10.1049/ise2/1915019","DOIUrl":"10.1049/ise2/1915019","url":null,"abstract":"<p>There are user privacy risks in cloud-based vehicle dispatch platforms due to the unauthorized collection, use, and dissemination of data. However, existing data protection methods cannot balance privacy, usability, and efficiency well. To address this, we propose a local privacy-preserving vehicle assignment strategy via spatial–temporal fusion (STF-LPPVA). Specifically, the strategy allows the cloud platform to train and distribute a spatial–temporal representation model to the user side. Encoded by this model, drivers and passengers can privately fuze the spatial–temporal information of their trips and then transmit these fuzed vectors to the cloud platform. Based on the similarity of the vectors, the cloud platform can allocate vehicles using the Kuhn–Monkreth (KM) algorithm. In addition, we analyze the theoretical feasibility of the STF-LPPVA strategy using entropy change and get good performance with a dataset from DiDi in Chengdu, China. The results show that the successful matching rate of the STF-LPPVA strategy is very close to the original data matching with lower time overhead. Our approach can reduce the traveling distance by 66.5% and improve the matching success rate by 36.2% on average.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/1915019","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144853799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan
{"title":"Enhanced Cybersecurity Framework for Unmanned Aerial Systems: A Comprehensive STRIDE-Model Analysis and Emerging Defense Strategies","authors":"Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan","doi":"10.1049/ise2/9637334","DOIUrl":"10.1049/ise2/9637334","url":null,"abstract":"<p>Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9637334","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144815012","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Establishing Performance Baselines for Secure Software Development","authors":"Ying-Ti Tsai, Chung-Ho Wang, Yung-Chia Chang, Lee-Ing Tong","doi":"10.1049/ise2/6139424","DOIUrl":"10.1049/ise2/6139424","url":null,"abstract":"<p>The COVID-19 pandemic has impacted the world, prompting a shift toward remote work and stay-at-home economies, altering routines for individuals and businesses. Organizations have had to swiftly implement digital solutions to enable productive and efficient remote work, a trend that is becoming increasingly common. In this context, enterprise programmers often rely on open-source software from social platforms to accelerate application development. However, the source code on these platforms may not always be regularly updated or well-maintained, posing security risks. These risks are exacerbated when programmers need more security software-focused development practices, testing for vulnerabilities, or applying necessary patches regularly. This study introduces two secure software development (SSD) performance baselines based on international standards and utilizing statistical process control (SPC): proactive information security awareness and reactive risk management. These baselines enable enterprise IT departments to monitor security awareness and improve the secure development capabilities of programmers and R&D teams, thereby mitigating the security risks of released software. A practical case study is presented to demonstrate the effectiveness of this approach.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6139424","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145128940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure and Editable: A Blockchain Voting System Based on Chameleon Hash With Ephemeral Trapdoors","authors":"Qiankun Zheng, Junyao Ye, Peng Li, Junzuo Lai","doi":"10.1049/ise2/3915638","DOIUrl":"10.1049/ise2/3915638","url":null,"abstract":"<p>Blockchain technology has become a popular choice for electronic voting systems due to its transparency, security, and decentralization. However, it is not a perfect solution, as its inherent immutability poses challenges in blockchain-based e-voting systems. Specifically, without the physical security provided by traditional polling stations, preventing bribery and coercion becomes more difficult. Additionally, because of blockchain’s immutability, voters who are coerced or mistakenly vote cannot correct their choice. To address these issues, this paper proposes a secure blockchain-based voting system with editable ballots. The system uses chameleon hashes with ephemeral trapdoors and a timestamp mechanism, allowing voters to modify their ballots within a legitimate timeframe. Additionally, a modified Paillier cryptosystem and blind signature technology are used to ensure that any modifications leave no trace. We simulate and evaluate the system using Fabric 2.2, focusing on computational complexity and system stability. Analysis of experimental results shows that the blockchain-based voting system with an editable ballot mechanism proposed in this article has good computational cost and stability performance under normal use pressure.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/3915638","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144773741","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jiang-Yi Lin, Ching-Chun Chang, Chin-Chen Chang, Chin-Feng Lee
{"title":"Highly Secure and Adaptive Multisecret Sharing for Reversible Data Hiding in Encrypted Images","authors":"Jiang-Yi Lin, Ching-Chun Chang, Chin-Chen Chang, Chin-Feng Lee","doi":"10.1049/ise2/6695380","DOIUrl":"10.1049/ise2/6695380","url":null,"abstract":"<p>Reversible data hiding in encrypted images (RDHEI) is a technique that not only allows the cover images can be fully restored without any loss of information after the embedded data has been extracted but also ensures the confidentiality within the cover images. This article proposes an RDHEI scheme combining adaptive (<i>n</i>, <i>n</i>) secret image sharing (SIS) manner. The content owner reserves part of the least significant bit plane (LSBP) in cover images by two most significant bit planes (MSBPs) compression using the median edge detector (MED) prediction method. To level up the privacy protection of <i>n</i> cover images, a two-layer encryption method is utilized to generate <i>n</i> shares, that is, the self-encryption and cross-encryption. Moreover, our method can be applied on no matter how many of cover images. The secret data with identification can be concealed by the data hiders into the vacated LSB of their own shares. Through the cooperation of the overall shares, the receiver can retrieve the embedded secret data and recover the cover images. Experiment results reveal the security reliability of our approach and the outstanding performance when compared to some related methods. Also, the approach can be employed in color image domain.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6695380","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144767711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Multikey Fully Homomorphic Encryption: Removing Noise Flooding in Distributed Decryption via the Smudging Lemma on Discrete Gaussian Distribution","authors":"Xiaokang Dai, Wenyuan Wu, Yong Feng","doi":"10.1049/ise2/7550044","DOIUrl":"10.1049/ise2/7550044","url":null,"abstract":"<p>The current multikey fully homomorphic encryption (MKFHE) needs to add exponential noise in the distributed decryption phase to ensure the simulatability of partial decryption. Such a large noise causes the ciphertext modulus of the scheme to increase exponentially compared to the single-key fully homomorphic encryption (FHE), further reducing the efficiency of the scheme and making the hardness problem on the lattice on which the scheme relies have a subexponential approximation factor <span></span><math></math> (which means that the security of the scheme is reduced). To address this problem, this paper analyzes in detail the noise in partial decryption of the MKFHE based on the learning with error (LWE) problem. It points out that this part of the noise is composed of private key and the noise in initial ciphertext. Therefore, as long as the encryption scheme is leak-resistant and the noise in partial decryption is independent of the noise in the initial ciphertext, the semantic security of the ciphertext can be guaranteed. In order to make the noise in the initial ciphertext independent of the noise in the partial decryption, this paper proves the smudging lemma on discrete Gaussian distribution and achieves this goal by multiplying the initial ciphertext by a “dummy” ciphertext with a plaintext of 1. Based on the above method, this paper removes the exponential noise in the distributed decryption phase for the first time and reduces the ciphertext modulus of MKFHE from 2<sup><i>ω</i>(<i>λ</i><i>L</i> log<i>λ</i>)</sup> to 2<sup><i>O</i>(<i>λ</i> + <i>L</i>)</sup> as the same level as the FHE.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/7550044","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144725510","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Analyzing Cryptocurrency Security Risks: A Comprehensive Survey of Saudi Arabian Perspectives","authors":"Abeer Abdullah Alsadhan","doi":"10.1049/ise2/5100339","DOIUrl":"10.1049/ise2/5100339","url":null,"abstract":"<p><b>Purpose:</b> This study explores cryptocurrency security concerns in the context of Saudi Arabia, focusing on a cross-sectional survey to assess evolving technical threats and public risk perceptions. While regulatory concerns are acknowledged, the primary emphasis is on security risks, making this one of the few studies to specifically investigate digital asset vulnerabilities from a Saudi perspective. The novelty lies in bridging the views of both the general public and industry professionals to offer multidimensional insights into the country’s cryptocurrency environment.</p><p><b>Methods:</b> A large-scale online survey was conducted with 392 participants, including individuals from the general public, IT sector, banking institutions, and regulatory bodies. The instrument captured perceptions of various technical security threats—such as 51% attacks, phishing, timejacking, and double-spending—alongside key public concerns about cryptocurrency safety. The mixed-participant approach enabled a balanced analysis of cross-sector risk awareness.</p><p><b>Results:</b> The findings indicate a significant disparity between public understanding and expert awareness regarding cryptocurrency security. Notably, 87.3% of respondents support the idea of central banks issuing their own digital currencies (CBDCs), reflecting widespread demand for safer and more regulated alternatives. Core risks identified include token theft, manipulative trading behavior, and technical vulnerabilities in decentralized platforms.</p><p><b>Conclusion:</b> This research contributes original insights into cryptocurrency security from a regional lens, integrating technical and perceptual dimensions often overlooked in existing literature. The study’s multistakeholder findings offer valuable input for policymakers, regulators, and technology developers seeking to build secure and trusted crypto ecosystems in emerging markets like Saudi Arabia.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5100339","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144714913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cryptanalysis on Two Kinds of Number Theoretic Pseudo-Random Generators Using Coppersmith Method","authors":"Ran Zhang, Jingguo Bi, Lixiang Li, Haipeng Peng","doi":"10.1049/ise2/5569393","DOIUrl":"10.1049/ise2/5569393","url":null,"abstract":"<p>Pseudo-random number generator (PRNG) is a type of algorithm that generates a sequence of random numbers using a mathematical formula, which is widely used in computer science, such as simulation, modeling applications, data encryption, et cetera. The efficiency and security of PRNG are closely related to its output bits at each iteration. Especially, we have recently found that linear congruential generator (LCG) is commonly used as the underlying PRNG in short message service (SMS) app, fast knapsack generator (FKG), and programming languages such as Python, while the quadratic generator plays an important role in Monte Carlo method. Therefore, in this paper, we revisit the security of these two number-theoretic pseudo-random generators and obtain the best results for attacking these two kinds of PRNGs up to now. More precisely, we prove that when the mapping function of LCG and the quadratic generator is unknown, if during each iteration, generators only output the most significant bits of <i>v</i><sub><i>i</i></sub>, one can also recover the seed of PRNG when enough consecutive or nonconsecutive outputs are obtained. The primary tool of our attack is the Coppersmith method which can find small roots on polynomial equations. Our advantage lies in applying the local linearization technique to the polynomial equations to make them simple and easy to solve and applying the analytic combinatorics method to simplify the calculation of solution conditions in the Coppersmith method. Experimental data validate the effectiveness of our work.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5569393","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144647404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}