IET Information Security

A powerful theory for evaluating block ciphers against integral distinguishers was introduced by Hebborn et al. at ASIACRYPT 2021. To show the integral‐resistance property for a block cipher, their core idea is to construct a full‐rank integral‐resistance matrix. However, their method does not work practically for 5‐round AES due to the large S‐box and complex linear layer. In this paper, we are concerned with the integral‐resistance property of 5‐round AES. By carefully investigating the S‐box and the linear layer of AES, some significant properties about the propagation of the division property on the round function of AES are derived. In particular, with these properties, it is easy to determine the appearance of all maximum‐degree monomials after 5‐round AES encryption on a properly chosen set of key‐patterns. Consequently, a full‐rank integral‐resistance matrix is formed to show that there is no integral distinguisher for five rounds and higher of AES under the assumption of independent round keys. Since it is well known that there is a 4‐round integral distinguisher for AES, our result is tight for AES. As far as we know, this is the first proof for the integral‐resistance property of 5‐round AES.

The industrial Internet of Things (IIoT) has become an innovative technology that has brought many benefits to industries and organizations. This review presents a comprehensive analysis of IIoT’s applications, highlighting its ability to optimize industrial operations through advanced connectivity, real‐time data exchange, automation, and its importance in the context of Industry 4.0. Emphasizing the distinction between IIoT and traditional IoT, the paper explores how IIoT focuses on enhancing industrial ecosystems and integrating cyber‐physical systems (CPSs). This article explains how to establish a highly linked infrastructure to support cutting‐edge services and ensure greater flexibility and efficiency. It emphasizes the role of the CPS and industrial automation and control systems (IACSs) in realizing the potential of IIoT. Security concerns, an important part of IIoT, are addressed through conversations on protecting networked systems, assuring operational reliability, and emphasizing the need for strong security measures to prevent potential threats and vulnerabilities. Furthermore, critical technologies such as machine learning (ML), artificial intelligence (AI), and various communication protocols, including fifth generation (5G) and message queuing telemetry transport (MQTT), are investigated for their potential to improve system performance and decision‐making processes. In addition, the article also discusses the safety precautions and challenges of using IIoT. Finally, the article emphasizes the importance of addressing security issues in promoting the successful adoption of the IIoT and achieving its expected benefits. This study offers valuable resources for researchers, academics, and decision‐makers to implement IIoT in industrial environments.

Pattern matching is widely used in applications such as genomic data query analysis, network intrusion detection, and deep packet inspection (DPI). Performing pattern matching on plaintext data is straightforward, but the need to protect the security of analyzed data and analyzed patterns can significantly complicate the process. Due to the privacy security issues of data and patterns, researchers begin to explore pattern matching on encrypted data. However, existing solutions are typically built on static pattern matching methods, lacking dynamism, namely, the inability to perform addition or deletion operations on the analyzed data. This lack of flexibility might hinder the adaptability and effectiveness of pattern matching on encrypted data in the real-world scenarios. In this paper, we design a dynamic pattern matching scheme on encrypted data with forward and backward security, which introduces much-needed dynamism. Our scheme is able to implement the addition operation and the deletion operation on the encrypted data without affecting the security of the original pattern matching scheme. Specifically, we design secure addition and deletion algorithms based on fragmentation data structures, which are compatible with the static pattern matching scheme. Moreover, we make significant improvements to the key generation algorithm, the encryption algorithm, and the match algorithm of the static scheme to ensure forward and backward security. Theoretical analysis proves that our scheme satisfies forward and backward security while ensuring the nonfalsifiability of encrypted data. The experimental results show that our scheme has a slight increase in time cost compared to the static pattern matching scheme, demonstrating its practicality and effectiveness in dynamic scenarios.

Biometric authentication is adopted in many access control scenarios in recent years. It is very convenient and secure since it compares the user’s own biometrics with those stored in the database to confirm their identification. Since then, with the vigorous development of machine learning, the performance and accuracy of biometric authentication have been greatly improved. Face recognition technology combined with convolutional neural network (CNN) is extremely efficient and has become the mainstream of access control systems (ACSs). However, identity information and access logs stored in traditional databases can be tampered by malicious insiders. Therefore, we propose a face recognition ACS that is resistant to data forgery. In this paper, a deep convolutional network is utilized to learn Euclidean embedding (based on FaceNet) of each image and achieve face recognition and verification. Quorum, which is built on the Ethereum blockchain, is used to store facial feature vectors and login information. Smart contracts are made to automatically put data into blocks on the chain. One is used to store feature vectors, and the other to record the arrival and departure times of employees. By combining these cutting‐edge technologies, an intelligent and immutable ACS that can withstand distributed denial‐of‐service (DDoS) and other internal and external attacks is created. Finally, an experiment is conducted to assess the effectiveness of the proposed system to demonstrate its practicality.

Intelligent connected vehicles (ICVs) are one of the fast-growing directions that plays a significant role in the area of autonomous driving. To realize collaborative computation among ICVs, federated learning (FL) or federated-based large language model (FedLLM) as a promising distributed approach has been used to support various collaborative application computations in ICVs scenarios, for example, analyzing vehicle driving information to realize trajectory prediction, voice-activated controls, conversational AI assistants. Unfortunately, recent research reveals that FL systems are still faced with privacy challenges from honest-but-curious server, honest-but-curious distributed participants, or the collusion between participants and the server. These threats can lead to the leakage of sensitive private data, such as location information and driving conditions. Homomorphic encryption (HE) is one of the typical mitigation that has few effects on the model accuracy and has been studied before. However, single-key HE cannot resist collusion between participants and the server, multikey HE is not suitable for ICVs scenarios. In this work, we proposed a novel approach that combines FL with homomorphic proxy re-encryption (PRE) which is based on participants’ ID information. By doing so, the FL-based ICVs can be able to successfully defend against privacy threats. In addition, we analyze the security and performance of our method, and the theoretical analysis and the experiment results show that our defense framework with ID-based homomorphic PRE can achieve a high-security level and efficient computation. We anticipate that our approach can serve as a fundamental point to support the extensive research on FedLLMs privacy-preserving.

Industrial control systems (ICSs) increasingly leverage the industrial internet of things (IIoTs) for sensor-based automation, enhancing operational efficiency. However, the rapid expansion of the IIoTs brings with it an inherent susceptibility to potential threats from network intrusions, which pose risks to both the network infrastructure and associated equipment. The landscape of botnets is characterized by its diverse array and intricate attack methodologies, spanning a broad spectrum. In recent years, the domain of industrial control has witnessed the emergence of botnets, further accentuating the need for robust security measures. Addressing the challenge of categorizing and detecting the diverse botnet attacks, this paper proposes a two-stage feature selection–based method for botnet detection. In the first stage, a spatiotemporal convolutional recurrent network is employed to construct a hybrid network capable of classifying benign traffic and identifying traffic originating from distinct botnet families. Subsequently, in the second stage, core features specific to the traffic of each botnet family are meticulously screened using the F-test. The identified features are then utilized to categorize the respective attack types through the application of extreme gradient boosting (XGBOOST). To evaluate the efficacy of the proposed method, we conducted experiments using the N-BaIoT dataset under 10 different attack scenarios from the Gafgyt and Mirai botnet families. The results demonstrate that our method achieves a classification accuracy and F1-score exceeding 99%, establishing it as the highest-performing model for botnet detection within this dataset.

Public-key authenticated encryption with keyword search (PAEKS) is a novel cryptographic primitive to resist against keyword-guessing attacks (KGAs) and preserve the privacy of keywords in both ciphertexts and trapdoors. Recently, a designated-server PAEKS (dPAEKS) scheme was proposed to withstand KGAs. The scheme was claimed to satisfy both multi-ciphertext indistinguishability (MCI) and multi-trapdoor privacy (MTP). However, our cryptanalysis demonstrates that it is insecure against KGAs, where a malicious server (inside attacker) can obtain the information of the keywords embedded in the ciphertext and the trapdoor. As a result, both the MCI and MTP of the scheme are broken. In addition, the paper also shows that it is possible to break the security of MTP, even for an outside attacker. Finally, we also provide a method to fix these security flaws.

In July 2021, the IT management software company Kaseya was the victim of a ransomware cyberattack. The perpetrator of this attack was ransomware evil (REvil), an allegedly Russian-based ransomware threat group. This paper addresses the general events of the incident and the actions executed by the constituents involved. The attack was conducted through specially crafted hypertext transfer protocol (HTTP) requests to circumvent authentication and allow hackers to upload malicious payloads through Kaseya’s virtual system administrator (VSA). The attack led to the emergency shutdown of many VSA servers and a federal investigation. REvil has had a tremendous impact performing ransomware operations, including worsening international relations between Russia and world leaders and costing considerable infrastructure damage and millions of dollars in ransom payments. We present an overview of Kaseya’s defense strategy involving customer interaction, a PowerShell script to detect compromised clients, and a cure-all decryption key that unlocks all locked files.

The increasing reliance on big data and artificial intelligence (AI) in the Fourth Industrial Revolution has raised significant concerns about individual privacy protection. This has led various countries to enact or amend privacy protection acts to address these concerns. However, there is a lack of comprehensive research comparing these laws across multiple countries, especially considering recent legislative developments. This study fills this gap by conducting a comparative analysis of privacy information protection acts in five major regions: the European Union (EU), the United States (focusing on California), China, Japan, and South Korea. The analysis explores the diverse approaches to privacy protection adopted by each region, influenced by their unique historical, political, and cultural contexts. For instance, the EU’s General Data Protection Regulation (GDPR) emphasizes individual rights influenced by historical abuses of personal information. At the same time, the California Consumer Privacy Act (CCPA) prioritizes consumer rights within a self-regulatory framework, reflecting the state’s technology-driven economy. The study also examines China’s Personal Information Protection Law (PIPL), which prioritizes national security; Japan’s Act on the Protection of Personal Information (APPI), which navigates the tension between individual privacy and societal norms; and South Korea’s Personal Information Protection Act (PIPA), which balances individual autonomy with a sense of community, reflecting Confucian values. By identifying specific limitations and areas for improvement in each region’s data protection laws, this study contributes to the ongoing discourse on international data privacy regulation. It offers valuable insights for policymakers and stakeholders seeking to navigate the complexities of the data economy while ensuring robust safeguards for individual privacy.

Masking schemes are widely adopted strategies for countering side-channel analysis (SCA) attacks. The initial hardware masking strategy, threshold implementation (TI), provides robust security against glitches in hardware platforms. The minimum number of shares required for a TI scheme depends not only on the desired security order but also on the algebraic degree of the target function. For instance, implementing a second-order TI scheme for quadratic nonlinear functions requires at least five shares to ensure security, leading to substantially high implementation costs for higher order TI schemes. To address this issue, Shahmirzadi et al. proposed a method in CHES 2021 for constructing a 3-share second-order masking scheme. Despite its advancements, their search method is complex and time consuming. Our study presents a more efficient search method for a 3-share second-order masking scheme, ensuring both uniformity and second-order probing security. Our approach can find a valid second-order scheme in under a minute, making it tens to over a 1000 times faster than the method described in CHES 2021. Utilizing our methodology, we have effectively constructed second-order secure implementations for several cryptographic primitives (e.g., Keccak, SKINNY, Midori, PRESENT, PRINCE, GIFT, and RECTANGLE) and evaluated their implementation costs and security.

With the trend of large-scale renewable distributed energy sources (DERs) penetrating into the smart grids (SGs), the SGs entail heavy reliance on information and communication technologies (ICT) and increasing impact of social behaviors on system operation and management. The SGs can be viewed as cyber–physical–social systems (CPSSs). However, the deep coupling of cyber, physical, and social spaces leads the SGs to be more complex and openness, and thus, a higher risk of exposure to various threats. To study the threats, countermeasures, and challenges of the high-DER-penetrated SGs from a cyber–physical–social perspective, the key features of the SGs on devices, networks, and applications are first analyzed. On this basis, the threats faced by the SGs due to the widespread deployment of terminal devices, open network environments, and the increasing importance of social behaviors are analyzed. Subsequently, the limitations of the deployed security measures in current power systems are discussed, and an overview of the state-of-art countermeasures for the SGs security faced by the threats is organized in three stages: prevention, detection, and mitigation. Finally, the research challenges, key gaps, and future directions for security enhancement of the SGs are also discussed.

Functional signatures were allowed anyone to sign any messages in the range of function f, who possesses the secret key skf. However, the existing construction does not satisfy the property of message and function privacy. In this paper, we propose a new notion which is called functional message authentication codes (MACs). In a functional MAC scheme, there are two types of secret keys. One is a master secret key which can be used to generate a valid tag for any messages. The other is authenticating keys for a function f, which can be used to authenticate any messages belonged to the range of f. Except the unforgeability, we require the proposed functional MAC to satisfy function and message privacy which indicates that the authenticating process reveals nothing other than the function values and the corresponding tags. We give a functional MAC construction based on a functional encryption (FE) scheme with function privacy, a perfectly binding commitment scheme, a standard signature scheme, and a symmetric encryption scheme with semantic security. Then, we show an application of functional MAC to constructing verifiable outsourcing computation, which ensures that the client does not accept an incorrect evaluation from the server with overwhelming probability.

Most current broadcast encryption with optimal parameters is limited to Nick’s class 1 (NC1) circuits and does not support polynomial-depth circuits (P-depth circuits), making it difficult to provide flexible access control in broadcast channels among vast user groups. To address this problem, we propose a ciphertext-policy attribute–based encryption (CP-ABE) that supports P-depth circuits on lattices, achieving fully collusion resistance with randomization via the matrix tensors, thereby, making it impossible for unauthorized users to get any details about the plaintext even though they join forces and reducing the security to the evasive learning with errors (evasive LWE). By using matrix tensor–based randomization and evasive LWE, we achieve a new optimal broadcast encryption scheme based on lattice specifically designed to support P-depth circuits. Since the matrices we choose as tensors have a low-norm block diagonal structure, the use of evasive LWE is sufficient to ensure security for our scheme. Compared with similar studies, it not only avoids being involved with low-norm matrices that restrict the system to NC1 circuits, but also eliminates the need for an additional assumption of the unproven tensor LWE. In addition, the use of matrix tensors further expands the dimensionality, which in turn enables the encryption of bit strings rather than a single bit, significantly reducing ciphertext expansion. Meanwhile, the CP-ABE that we use to achieve the broadcast encryption scheme has a more compact ciphertext with a parameter size of Om2⋅d.

Almost 85% of companies polled said they were looking into anomaly detection (AD) technologies for their industrial image anomalies. The present problem concerns detecting anomalies often occupied by redundant data. It can be either in images or in videos. Finding a correct pattern is a challenging task. AD is crucial for various applications, including network security, fraud detection, predictive maintenance, fault diagnosis, and industrial and healthcare monitoring. Many researchers have proposed numerous methods and worked in the area of AD. Multiple anomalies and considerable intraclass variation make industrial datasets tough. Further, research is needed to create robust, efficient techniques that generalize datasets and detect anomalies in complex industrial images. The outcome of this study focuses on various AD methods from 2019 to 2023. These techniques are categorized further into machine learning (ML), deep learning (DL), and federated learning (FL). It explores AD approaches, datasets, technologies, complexities, and obstacles, emphasizing the requirement for effective detection across domains. It explores the results achieved in various ML, DL, and FL AD methods, which helps researchers explore these techniques further. Future research directions include improving model performance, leveraging multiple validation techniques, optimizing resource utilization, generating high-quality datasets, and focusing on real-world applications. The paper addresses the changing environment of AD methods and emphasizes the importance of continuing research and innovation. Each ML and DL AD model has strengths and shortcomings, concentrating on accuracy and performance while applying quality parameters for evaluation. FL provides a collaborative way to improve AD using distributed data sources and data privacy.

To securely share the data between users, encryption schemes with keyword searches in various settings have been proposed. Many studies design schemes in a designated receiver setting where a data owner specifies which receivers could download the data in advance at the time the data are uploaded. In this setting, it is not easy to extend the scheme to support environments with multiple data owners. Moreover, there was no scheme considering the situation in which a newly enrolled user accesses data that were uploaded prior to his enrollment. On the other hand, schemes designed in an undesignated receiver setting support multiple data owners and allow data to be accessed by all users in the system, regardless of the time the data were uploaded. However, most of them are not secure against collusion attacks involving an untrusted server and revoked users. In this paper, we propose a full-accessible multiparty searchable encryption (FA-MPSE) scheme for data-sharing systems. Our scheme supports the property that we call full-accessibility, and any users in the system can access all data in the storage. In addition, our scheme is secure against collision attacks so that the revoked users who collaborate with the server can not access the stored data. Furthermore, our scheme provides all the essential properties of MPSE, such as query privacy, query unforgeability, full-revocability, and unlinkability, and its security is proven in a formal security model. We provide the comparison result with the related schemes to show that our scheme has a comparative advantage.

Internet of Things (IoT), as a remarkable paradigm, establishes a wide range of applications in various industries like healthcare, smart homes, smart cities, agriculture, transportation, and military domains. This widespread technology provides a general platform for heterogeneous objects to connect, exchange, and process gathered information. Beside significant efficiency and productivity impacts of IoT technology, security and privacy concerns have emerged more than ever. The routing protocol for low power and lossy networks (RPL) which is standardized for IoT environment, suffers from the basic security considerations, which makes it vulnerable to many well-known attacks. Several security solutions have been proposed to address routing attacks detection in RPL–based IoT, most of which are based on machine learning techniques, intrusion detection systems and trust-based approaches. Securing RPL–based IoT networks is challenging because resource constraint IoT devices are connected to untrusted Internet, the communication links are lossy and the devices use a set of novel and heterogenous technologies. Therefore, providing light-weight security mechanisms play a vital role in timely detection and prevention of IoT routing attacks. In this paper, we proposed a novel anomaly detection–based trust management model using the concepts of sequence prediction and deep learning. We have formulated the problem of routing behavior anomaly detection as a time series forecasting method, which is solved based on a stacked long–short term memory (LSTM) sequence to sequence autoencoder; that is, a hybrid training model of recurrent neural networks and autoencoders. The proposed model is then utilized to provide a detection mechanism to address four prevalent and destructive RPL attacks including: black-hole attack, destination-oriented directed acyclic graph (DODAG) information solicitation (DIS) flooding attack, version number (VN) attack, and decreased rank (DR) attack. In order to evaluate the efficiency and effectiveness of the proposed model in timely detection of RPL–specific routing attacks, we have implemented the proposed model on several RPL–based IoT scenarios simulated using Contiki Cooja simulator separately, and the results have been compared in details. According to the presented results, the implemented detection scheme on all attack scenarios, demonstrated that the trend of estimated anomaly between real and predicted routing behavior is similar to the evaluated attack frequency of malicious nodes during the RPL process and in contrast, analyzed trust scores represent an opposite pattern, which shows high accurate and timely detection of attack incidences using our proposed trust scheme.

At CRYPTO 2019, Gohr showed the significant advantages of neural distinguishers over traditional distinguishers in differential cryptanalysis. At fast software encryption (FSE) 2024, Bellini et al. provided a generic tool to automatically train the (related-key) differential neural distinguishers for different block ciphers. In this paper, based on the intrinsic principle of differential cryptanalysis and neural distinguisher, we propose a superior (related-key) differential neural distinguisher that uses the ciphertext pairs generated by two different differences. In addition, we give a framework to automatically train our (related-key) differential neural distinguisher with four steps: difference selection, sample generation, training pipeline, and evaluation scheme. To demonstrate the effectiveness of our approach, we apply it to the block ciphers: Simon, Speck, Simeck, and Hight. Compared to the existing results, our method can provide improved accuracy and even increase the number of rounds that can be analyzed. The source codes are available in https://github.com/differentialdistinguisher/AutoND_New.

This study addresses the challenge of extracting valuable information and selecting key variables from large datasets, essential across statistics, computational science, and data science. In the age of big data, where safeguarding personal privacy is paramount, this study presents an online learning algorithm that leverages differential privacy to handle large-scale data effectively. The focus is on enhancing the online group lasso approach within the differential privacy realm. The study begins by comparing online and offline learning approaches and classifying common online learning techniques. It proceeds to elucidate the concept of differential privacy and its importance. By enhancing the group-follow-the-proximally-regularized-leader (GFTPRL) algorithm, we have created a new method for the online group lasso model that integrates differential privacy for binary classification in logistic regression. The research offers a solid validation of the algorithm’s effectiveness based on differential privacy and online learning principles. The algorithm’s performance was thoroughly evaluated through simulations with both synthetic and actual data. The comparison is made between the proposed privacy-preserving algorithm and traditional non-privacy-preserving counterparts, with a focus on regret bounds, a measure of performance. The findings underscore the practical benefits of the differential privacy-preserving algorithm in tackling large-scale data analysis while upholding privacy standards. This research marks a significant step forward in the fusion of big data analytics and the safeguarding of individual privacy.

Large language models (LLMs) have brought significant advancements to artificial intelligence, particularly in understanding and generating human language. However, concerns over management burden and data security have grown alongside their capabilities. To solve the problem, we design a blockchain-based distributed LLM framework, where LLM works in the distributed mode and its outputs can be stored and verified on a blockchain to ensure integrity, transparency, and traceability. In addition, a multiparty signature-based authentication mechanism is necessary to ensure stakeholder consensus before publication. To address these requirements, we propose a threshold elliptic curve digital signature algorithm that counters malicious adversaries in environments with three or more participants. Our approach relies on discrete logarithmic zero-knowledge proofs and Feldman verifiable secret sharing, reducing complexity by forgoing multiplication triple protocols. When compared with some related schemes, this optimization speeds up both the key generation and signing phases with constant rounds while maintaining security against malicious adversaries.

In isogeny-based cryptography, bilinear pairings are regarded as a powerful tool in various applications, including key compression, public key validation, and torsion basis generation. However, in most isogeny-based protocols, the performance of pairing computations is unsatisfactory due to the high computational cost of the Miller function. Reducing the computational expense of the Miller function is crucial for enhancing the overall performance of pairing computations in isogeny-based cryptography. This paper addresses this efficiency bottleneck. To achieve this, we propose several techniques for a better implementation of pairings in isogeny-based cryptosystems. We use (modified) Jacobian coordinates and present new algorithms for Miller function computations to compute pairings of order 2∙ and 3∙. For pairings of arbitrary order, which are crucial for key compression in some SIDH-based schemes (such as M-SIDH and binSIDH), we combine Miller doublings with Miller additions/subtractions, leading to a considerable speedup. Moreover, the optimizations for pairing applications in CSIDH-based protocols are also considered in this paper. In particular, our approach for supersingularity verification in CSIDH is 15.3% faster than Doliskani’s test, which is the state-of-the-art.

Reflection structure has a significant advantage that realizing decryption and encryption results in minimum additional costs, and many block ciphers tend to adopt such structure to achieve the requirement of low overhead. PRINCE, MANTIS, QARMA, and PRINCEv2 are lightweight block ciphers with reflection feature proposed in recent years. In this paper, we consider the automatic differential cryptanalysis of reflection block ciphers based on Boolean satisfiability (SAT) method. Since reflection block ciphers have different round functions, we extend forward and backward from the middle structure and achieve to accelerate the search of the optimal differential characteristics for such block ciphers with the Matsui’s bounding conditions. As a result, we present the optimal differential characteristics for PRINCE up to 12 rounds (full round), and they are also the optimal characteristics for PRINCEv2. We also find the optimal differential characteristics for MANTIS, QARMA-64, and QARMA-128 up to 10, 12, and 8 rounds, respectively. To mount an efficient differential attack on such block ciphers, we present a uniform SAT model by combining the differential characteristic searching process and the key recovery process. With this model, we find two sets of 7-round differential characteristics for PRINCE with less guessed key bits and use them to present a multiple differential attack against 11-round PRINCE, which improves the known single-key attack on PRINCE by one round to our knowledge.

The emergence of cloud computing enables users to upload data to remote clouds and compute them. This drastically reduces computing and storage costs for users. Considering secure computing for multilevel users in enterprises, the notion of hierarchical identity-based inner product functional encryption (HIB-IPFE) is proposed. In this cryptosystem, a sender can encrypt a vector x→ into a ciphertext with a hierarchical identity, while a receiver who possesses a secret key corresponding to the same hierarchical identity and a vector y→ can decrypt the ciphertext and obtain the inner product x→,y→. However, HIB-IPFE is not sufficient to capture flexible data sharing and forward security. In this study, we present a notion of hierarchical identity-based puncturable HIBP-IPFE. Furthermore, we present a formal definition and security model of HIBP-IPFE to guarantee data confidentiality and receiver anonymity. Compared with HIB-IPFE, our proposed scheme enables users to puncture keys on specific tags ensuring that the punctured keys cannot be used to decrypt the ciphertexts associated with those tags. The proposed scheme is provably secure under d-DBDHE assumption in the standard model. The experimental results indicate that our scheme is more practical in cloud computing, with superior functionality.

Attribute-based conditional proxy re-encryption protocols (AB-CPREs) enable a delegator to delegate his decryption rights via different policies and grant the data owner greater flexibility in allocating their encrypted private data stored in the cloud. However, existing lattice-based AB-CPREs suffer from some drawbacks such as large parameters and weak passive securities. To the best of our knowledge, the first quantum-safe key-policy AB-CPREs with polynomially bounded parameters (for certain NC 0 circuits/policies) that is selective attribute secure against honest re-encryption attacks (HRA) is presented. The security of our proposed AB-CPREs is based on standard LWE assumptions. We further introduce the directly revocable AB-CPREs, a primitive that enables a delegator to authorize and revoke his delegation of decryption rights dynamically and offers more flexible access control on externally stored encrypted data. Definition and security model of single-hop directly revocable AB-CPREs are given, and the first detailed construction of single-hop directly revocable AB-CPREs based on standard LWE assumptions is also proposed.

Distributed denial-of-service (DDoS) attacks pose a significant threat to network security due to their widespread impact and detrimental consequences. Currently, deep learning methods are widely applied in DDoS anomaly traffic detection. However, they often lack the ability to collectively model both local and global traffic features, which presents challenges in improving performance. In order to provide an effective method for detecting abnormal traffic, this paper proposes a novel network architecture called DDoS-MSCT, which combines a multiscale convolutional neural network and transformer. The DDoS-MSCT architecture introduces the DDoS-MSCT block, which consists of a local feature extraction module (LFEM) and a global feature extraction module (GFEM). The LFEM employs convolutional kernels of different sizes, accompanied by dilated convolutions, with the aim of enhancing the receptive field and capturing multiscale features simultaneously. On the other hand, the GFEM is utilized to capture long-range dependencies for attending to global features. Furthermore, with the increase in network depth, DDoS-MSCT facilitates the integration of multiscale local and global contextual information of traffic features, thereby improving detection performance. Our experiments are conducted on the CIC-DDoS2019 dataset, and also the CIC-IDS2017 dataset, which is introduced as a supplement to address the issue of sample imbalance. Experimental results on the hybrid dataset show that DDoS-MSCT achieves accuracy, recall, F1 score, and precision of 99.94%, 99.95%, 99.95%, and 99.97%, respectively. Compared to the state of the art methods, the DDoS-MSCT model achieves a good performance for detecting the DDoS attack to provide the protecting ability for network security.

We study quantum superposition attacks against permutation-based pseudorandom cryptographic schemes. We first extend Kuwakado and Morii’s attack against the Even–Mansour cipher and exhibit key recovery attacks against a large class of pseudorandom schemes based on a single call to an n-bit permutation, with polynomial On (or On2, if the concrete cost of Hadamard transform is also taken in) quantum steps. We then consider TPPR schemes, namely, two permutation-based pseudorandom cryptographic schemes. Using the improved Grover-meet-Simon method, we show that the keys of a wide class of TPPR schemes can be recovered with On superposition queries (the complexity of the original is On2n/2) and On2n/2 quantum steps. We also exhibit subclasses of “degenerated” TPPR schemes that lack certain internal operations and exhibit more efficient key recovery attacks using either the Simon’s algorithm or collision searching algorithm. Further, using the all-subkeys-recovery idea of Isobe and Shibutani, our results give rise to key recovery attacks against several recently proposed permutation-based PRFs, as well as the two-round Even–Mansour ciphers with generic key schedule functions and their tweakable variants. From a constructive perspective, our results establish new quantum Q2 security upper bounds for two permutation-based pseudorandom schemes as well as sound design choices.