Applications of single-qubit rotations in quantum public-key cryptography

We discuss cryptographic applications of single-qubit rotations from the perspective of trapdoor one-way functions and public-key encryption. In particular, we present an asymmetric cryptosystem whose security relies on fundamental principles of quantum physics. A quantum public key is used for the encryption of messages while decryption is possible by means of a classical private key only. The trapdoor one-way function underlying the proposed cryptosystem maps integer numbers to quantum states of a qubit and its inversion can be infeasible by virtue of the Holevo's theorem.Comment: to appear in Phys. Rev.

Cryptography and Its Applications in Information Security

Nowadays, mankind is living in a cyber world. Modern technologies involve fast communication links between potentially billions of devices through complex networks (satellite, mobile phone, Internet, Internet of Things (IoT), etc.). The main concern posed by these entangled complex networks is their protection against passive and active attacks that could compromise public security (sabotage, espionage, cyber-terrorism) and privacy. This Special Issue “Cryptography and Its Applications in Information Security” addresses the range of problems related to the security of information in networks and multimedia communications and to bring together researchers, practitioners, and industrials interested by such questions. It consists of eight peer-reviewed papers, however easily understandable, that cover a range of subjects and applications related security of information

Post-quantum blockchain for internet of things domain

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonIn the evolving realm of quantum computing, emerging advancements reveal substantial challenges and threats to existing cryptographic infrastructures, particularly impacting blockchain technologies. These are pivotal for securing the Internet of Things (IoT) ecosystems. The traditional blockchain structures, integral to myriad IoT applications, are susceptible to potential quantum computations, emphasizing an urgent need for innovations in post-quantum blockchain solutions to reinforce security in the expansive domain of IoT. This PhD thesis delves into the crucial exploration and meticulous examination of the development and implementation of post-quantum blockchain within the IoT landscape, focusing on the incorporation of advanced post-quantum cryptographic algorithms in Hyperledger Fabric, a forefront blockchain platform renowned for its versatility and robustness. The primary aim is to discern viable post-quantum cryptographic solutions capable of fortifying blockchain systems against impending quantum threats enhancing security and reliability in IoT applications. The research comprehensively evaluates various post-quantum public-key generation and digital signature algorithms, performing detailed analyses of their computational time and memory usage to identify optimal candidates. Furthermore, the thesis proposes an innovative lattice-based digital signature scheme Fast-Fourier Lattice-based Compact Signature over NTRU (Falcon), which leverages the Monte Carlo Markov Chain (MCMC) algorithm as a trapdoor sampler to augment its security attributes. The research introduces a post-quantum version of the Hyperledger Fabric blockchain that integrates post-quantum signatures. The system utilizes the Open Quantum Safe (OQS) library, rigorously tested against NIST round 3 candidates for optimal performance. The study highlights the capability to manage IoT data securely on the post-quantum Hyperledger Fabric blockchain through the Message Queue Telemetry Transport (MQTT) protocol. Such a configuration ensures safe data transfer from IoT sensors directly to the blockchain nodes, securing the processing and recording of sensor data within the node ledger. The research addresses the multifaceted challenges of quantum computing advancements and significantly contributes to establishing secure, efficient, and resilient post-quantum blockchain infrastructures tailored explicitly for the IoT domain. These findings are instrumental in elevating the security paradigms of IoT systems against quantum vulnerabilities and catalysing innovations in post-quantum cryptography and blockchain technologies. Furthermore, this thesis introduces strategies for the optimization of performance and scalability of post-quantum blockchain solutions and explores alternative, energy-efficient consensus mechanisms such as the Raft and Stellar Consensus Protocol (SCP), providing sustainable alternatives to the conventional Proof-of-Work (PoW) approach. A critical insight emphasized throughout this thesis is the imperative of synergistic collaboration among academia, industry, and regulatory bodies. This collaboration is pivotal to expedite the adoption and standardization of post-quantum blockchain solutions, fostering the development of interoperable and standardized technologies enriched with robust security and privacy frameworks for end users. In conclusion, this thesis furnishes profound insights and substantial contributions to implementing post-quantum blockchain in the IoT domain. It delineates original contributions to the knowledge and practices in the field, offering practical solutions and advancing the state-of-the-art in post-quantum cryptography and blockchain research, thereby paving the way for a secure and resilient future for interconnected IoT systems

Society-oriented cryptographic techniques for information protection

Groups play an important role in our modern world. They are more reliable and more trustworthy than individuals. This is the reason why, in an organisation, crucial decisions are left to a group of people rather than to an individual. Cryptography supports group activity by offering a wide range of cryptographic operations which can only be successfully executed if a well-defined group of people agrees to co-operate. This thesis looks at two fundamental cryptographic tools that are useful for the management of secret information. The first part looks in detail at secret sharing schemes. The second part focuses on society-oriented cryptographic systems, which are the application of secret sharing schemes in cryptography. The outline of thesis is as follows

How to Issue a Central Bank Digital Currency

With the emergence of Bitcoin and recently proposed stablecoins from BigTechs, such as Diem (formerly Libra), central banks face growing competition from private actors offering their own digital alternative to physical cash. We do not address the normative question whether a central bank should issue a central bank digital currency (CBDC) or not. Instead, we contribute to the current research debate by showing how a central bank could do so, if desired. We propose a token-based system without distributed ledger technology and show how earlier-deployed, software-only electronic cash can be improved upon to preserve transaction privacy, meet regulatory requirements in a compelling way, and offer a level of quantum-resistant protection against systemic privacy risk. Neither monetary policy nor financial stability would be materially affected because a CBDC with this design would replicate physical cash rather than bank deposits

Privacy-Preserving Statistical Analysis of Health Data Using Paillier Homomorphic Encryption and Permissioned Blockchain

Blockchain is a decentralized and peer-to-peer ledger technology that adds transparency, traceability, and immutability to data. It has shown great promise in mitigating the interoperability problem and privacy concerns in the de facto electronic health record anagement systems and has recently received increasing attention from the healthcare industry. Several blockchain-based and decentralized health data management mechanisms have been proposed to improve the quality of care delivery to patients. Apart from care delivery, health data has other important applications, such as education, regulation, research, public health improvement, and policy sup- port. However, existing privacy acts prohibit health institutions and providers from sharing patients\u27 data with third parties. Therefore, research institutions that con- duct research on private health data need a secure system that provides accurate analysis results while preserving patient privacy and minimizing the risks of data breaches. In this thesis, We propose a novel privacy-preserving method for statis- tical analysis of health data. We leveraged the blockchain technology and Paillier encryption algorithm to increase the accuracy of data analysis while preserving the privacy of patients. Smart contracts were used to carry out mathematical operations on the encrypted records in a secure manner. We were able to successfully deploy the proposed scheme on Hyperledger Fabric, a permissioned and consortium blockchain platform. Compared to the previous works, the proposed model enjoys the bene ts of a distributed blockchain-based environment, which include higher availability and enhanced data security. The experimental results show the feasibility of this method with a reasonable amount of time for regular queries. Blockchain is a decentralized and peer-to-peer ledger technology that adds transparency, traceability, and immutability to data. It has shown great promise in mitigating the interoperability problem and privacy concerns in the de facto electronic health record anagement systems and has recently received increasing attention from the healthcare industry. Several blockchain-based and decentralized health data management mechanisms have been proposed to improve the quality of care delivery to patients. Apart from care delivery, health data has other important applications, such as education, regulation, research, public health improvement, and policy sup- port. However, existing privacy acts prohibit health institutions and providers from sharing patients\u27 data with third parties. Therefore, research institutions that con- duct research on private health data need a secure system that provides accurate analysis results while preserving patient privacy and minimizing the risks of data breaches. In this thesis, We propose a novel privacy-preserving method for statis- tical analysis of health data. We leveraged the blockchain technology and Paillier encryption algorithm to increase the accuracy of data analysis while preserving the privacy of patients. Smart contracts were used to carry out mathematical operations on the encrypted records in a secure manner. We were able to successfully deploy the proposed scheme on Hyperledger Fabric, a permissioned and consortium blockchain platform. Compared to the previous works, the proposed model enjoys the bene ts of a distributed blockchain-based environment, which include higher availability and enhanced data security. The experimental results show the feasibility of this method with a reasonable amount of time for regular queries

How to Issue a Central Bank Digital Currency

With the emergence of Bitcoin and recently proposed stablecoins from BigTechs, such as Diem (formerly Libra), central banks face growing competition from private actors offering their own digital alternative to physical cash. We do not address the normative question whether a central bank should issue a central bank digital currency (CBDC) or not. Instead, we contribute to the current research debate by showing how a central bank could do so, if desired. We propose a token-based system without distributed ledger technology and show how earlier-deployed, software-only electronic cash can be improved upon to preserve transaction privacy, meet regulatory requirements in a compelling way, and offer a level of quantum-resistant protection against systemic privacy risk. Neither monetary policy nor financial stability would be materially affected because a CBDC with this design would replicate physical cash rather than bank deposits.Comment: Swiss National Bank Working Paper3/202

T3AB: Transparent and Trustworthy Third-party Authority using Blockchain

Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities or are supported by service providers. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have in turn forced the creation of stricter security and privacy related regulations and have eroded the trust in cyberspace. In particular, security related services and infrastructures such as Certificate Authorities (CAs) that provide digital certificate service and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in Internet enabled applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. In this paper, we propose a Transparent and Trustworthy TPA using Blockchain (T3AB) to provide transparency and accountability to the trusted third-party entities, such as honest-but-curious third-party IaaS servers, and coordinators in various privacy-preserving machine learning (PPML) approaches. T3AB employs the Ethereum blockchain as the underlying public ledger and also includes a novel smart contract to automate accountability with an incentive mechanism that motivates participants' to participate in auditing, and punishes unintentional or malicious behaviors. We implement T3AB, and show through experimental evaluation in the Ethereum official test network, Rinkeby, that the framework is efficient. We also formally show the security guarantee provided by T3AB, and analyze the privacy guarantee and trustworthiness it provides