Showing 1–50 of 79 results for author: Buchanan, W J

Quantum Agents

Authors: Eldar Sultanow, Madjid Tehrani, Siddhant Dutta, William J Buchanan, Muhammad Shahbaz Khan

Abstract: This paper explores the intersection of quantum computing and agentic AI by examining how quantum technologies can enhance the capabilities of autonomous agents, and, conversely, how agentic AI can support the advancement of quantum systems. We analyze both directions of this synergy and present conceptual and technical foundations for future quantum-agentic platforms. Our work introduces a formal… ▽ More This paper explores the intersection of quantum computing and agentic AI by examining how quantum technologies can enhance the capabilities of autonomous agents, and, conversely, how agentic AI can support the advancement of quantum systems. We analyze both directions of this synergy and present conceptual and technical foundations for future quantum-agentic platforms. Our work introduces a formal definition of quantum agents and outlines potential architectures that integrate quantum computing with agent-based systems. As a proof-of-concept, we develop and evaluate three quantum agent prototypes that demonstrate the feasibility of our proposed framework. Furthermore, we discuss use cases from both perspectives, including quantum-enhanced decision-making, quantum planning and optimization, and AI-driven orchestration of quantum workflows. By bridging these fields, we aim to chart a path toward scalable, intelligent, and adaptive quantum-agentic ecosystems. △ Less

Submitted 3 June, 2025; v1 submitted 2 June, 2025; originally announced June 2025.

Comments: 45 Pages, 16 figures, 3 Tables

MSC Class: 2010: Primary 81P68; 68T42; Secondary 68Q12; 68T05

Anamorphic Cryptography with Elliptic Curve Methods

Authors: William J Buchanan

Abstract: In 2022, Persianom, Phan and Yung outlined the creation of Anamorphic Cryptography. With this, we can create a public key to encrypt data, and then have two secret keys. These secret keys are used to decrypt the cipher into different messages. So, one secret key is given to the Dictator (who must be able to decrypt all the messages), and the other is given to Alice. Alice can then decrypt the ciph… ▽ More In 2022, Persianom, Phan and Yung outlined the creation of Anamorphic Cryptography. With this, we can create a public key to encrypt data, and then have two secret keys. These secret keys are used to decrypt the cipher into different messages. So, one secret key is given to the Dictator (who must be able to decrypt all the messages), and the other is given to Alice. Alice can then decrypt the ciphertext to a secret message that the Dictator cannot see. This paper outlines the implementation of Anamorphic Cryptography using ECC (Elliptic Curve Cryptography), such as with the secp256k1 curve. This gives considerable performance improvements over discrete logarithm-based methods. Overall, it outlines how the secret message sent to Alice is hidden within the random nonce value, which is used within the encryption process, and which is cancelled out when the Dictator decrypts the ciphertext. △ Less

Submitted 21 April, 2025; originally announced May 2025.

Energy Consumption Framework and Analysis of Post-Quantum Key-Generation on Embedded Devices

Authors: J Cameron Patterson, William J Buchanan, Callum Turino

Abstract: The emergence of quantum computing and Shor's algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum robust techniques. NIST has responded by standardising Post-Quantum Cryptography (PQC) algorithms, with ML-KEM (FIPS-203) slated to replace ECDH (Elliptic Curve Diffie-Hellman) for key exchange. A key practical concern for PQC adoption is energy con… ▽ More The emergence of quantum computing and Shor's algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum robust techniques. NIST has responded by standardising Post-Quantum Cryptography (PQC) algorithms, with ML-KEM (FIPS-203) slated to replace ECDH (Elliptic Curve Diffie-Hellman) for key exchange. A key practical concern for PQC adoption is energy consumption. This paper introduces a new framework for measuring the PQC energy consumption on a Raspberry Pi when performing key generation. The framework uses both available traditional methods and the newly standardised ML-KEM algorithm via the commonly utilised OpenSSL library. △ Less

Submitted 22 May, 2025; originally announced May 2025.

Side Channel Analysis in Homomorphic Encryption

Authors: Baraq Ghaleb, William J Buchanan

Abstract: Homomorphic encryption provides many opportunities for privacy-aware processing, including with methods related to machine learning. Many of our existing cryptographic methods have been shown in the past to be susceptible to side channel attacks. With these, the implementation of the cryptographic methods can reveal information about the private keys used, the result, or even the original plaintex… ▽ More Homomorphic encryption provides many opportunities for privacy-aware processing, including with methods related to machine learning. Many of our existing cryptographic methods have been shown in the past to be susceptible to side channel attacks. With these, the implementation of the cryptographic methods can reveal information about the private keys used, the result, or even the original plaintext. An example of this includes the processing of the RSA exponent using the Montgomery method, and where 0's and 1's differ in their processing time for modular exponentiation. With FHE, we typically use lattice methods, and which can have particular problems in their implementation in relation to side channel leakage. This paper aims to outline a range of weaknesses within FHE implementations as related to side channel analysis. It outlines a categorization for side-channel analysis, some case studies, and mitigation strategies. △ Less

Submitted 16 May, 2025; originally announced May 2025.

Privacy-Preserving Credit Card Approval Using Homomorphic SVM: Toward Secure Inference in FinTech Applications

Authors: Faneela, Baraq Ghaleb, Jawad Ahmad, William J. Buchanan, Sana Ullah Jan

Abstract: The growing use of machine learning in cloud environments raises critical concerns about data security and privacy, especially in finance. Fully Homomorphic Encryption (FHE) offers a solution by enabling computations on encrypted data, but its high computational cost limits practicality. In this paper, we propose PP-FinTech, a privacy-preserving scheme for financial applications that employs a CKK… ▽ More The growing use of machine learning in cloud environments raises critical concerns about data security and privacy, especially in finance. Fully Homomorphic Encryption (FHE) offers a solution by enabling computations on encrypted data, but its high computational cost limits practicality. In this paper, we propose PP-FinTech, a privacy-preserving scheme for financial applications that employs a CKKS-based encrypted soft-margin SVM, enhanced with a hybrid kernel for modeling non-linear patterns and an adaptive thresholding mechanism for robust encrypted classification. Experiments on the Credit Card Approval dataset demonstrate comparable performance to the plaintext models, highlighting PP-FinTech's ability to balance privacy, and efficiency in secure financial ML systems. △ Less

Submitted 9 May, 2025; originally announced May 2025.

Post Quantum Cryptography (PQC) Signatures Without Trapdoors

Authors: William J Buchanan

Abstract: Some of our current public key methods use a trap door to implement digital signature methods. This includes the RSA method, which uses Fermat's little theorem to support the creation and verification of a digital signature. The problem with a back-door is that the actual trap-door method could, in the end, be discovered. With the rise of PQC (Post Quantum Cryptography), we will see a range of met… ▽ More Some of our current public key methods use a trap door to implement digital signature methods. This includes the RSA method, which uses Fermat's little theorem to support the creation and verification of a digital signature. The problem with a back-door is that the actual trap-door method could, in the end, be discovered. With the rise of PQC (Post Quantum Cryptography), we will see a range of methods that will not use trap doors and provide stronger proof of security. In this case, we use hash-based signatures (as used with SPHINCS+) and Fiat Shamir signatures using Zero Knowledge Proofs (as used with Dilithium). △ Less

Submitted 18 April, 2025; originally announced April 2025.

Breaking ECDSA with Two Affinely Related Nonces

Authors: Jamie Gilchrist, William J. Buchanan, Keir Finlow-Bates

Abstract: The security of the Elliptic Curve Digital Signature Algorithm (ECDSA) depends on the uniqueness and secrecy of the nonce, which is used in each signature. While it is well understood that nonce $k$ reuse across two distinct messages can leak the private key, we show that even if a distinct value is used for $k_2$, where an affine relationship exists in the form of: \(k_m = a \cdot k_n + b\), we c… ▽ More The security of the Elliptic Curve Digital Signature Algorithm (ECDSA) depends on the uniqueness and secrecy of the nonce, which is used in each signature. While it is well understood that nonce $k$ reuse across two distinct messages can leak the private key, we show that even if a distinct value is used for $k_2$, where an affine relationship exists in the form of: \(k_m = a \cdot k_n + b\), we can also recover the private key. Our method requires only two signatures (even over the same message) and relies purely on algebra, with no need for lattice reduction or brute-force search(if the relationship, or offset, is known). To our knowledge, this is the first closed-form derivation of the ECDSA private key from only two signatures over the same message, under a known affine relationship between nonces. △ Less

Submitted 18 April, 2025; originally announced April 2025.

Eccfrog512ck2: An Enhanced 512-bit Weierstrass Elliptic Curve

Authors: Víctor Duarte Melo, William J. Buchanan

Abstract: Whilst many key exchange and digital signature methods use the NIST P256 (secp256r1) and secp256k1 curves, there is often a demand for increased security. With these curves, we have a 128-bit security. These security levels can be increased to 256-bit security with NIST P-521 Curve 448 and Brainpool-P512. This paper outlines a new curve - Eccfrog512ck2 - and which provides 256-bit security and enh… ▽ More Whilst many key exchange and digital signature methods use the NIST P256 (secp256r1) and secp256k1 curves, there is often a demand for increased security. With these curves, we have a 128-bit security. These security levels can be increased to 256-bit security with NIST P-521 Curve 448 and Brainpool-P512. This paper outlines a new curve - Eccfrog512ck2 - and which provides 256-bit security and enhanced performance over NIST P-521. Along with this, it has side-channel resistance and is designed to avoid weaknesses such as related to the MOV attack. It shows that Eccfrog512ck2 can have a 61.5% speed-up on scalar multiplication and a 33.3% speed-up on point generation over the NIST P-521 curve. △ Less

Submitted 27 May, 2025; v1 submitted 13 April, 2025; originally announced April 2025.

Comments: Some aspects of the curve need to be reviewed and updated

ECDSA Cracking Methods

Authors: William J. Buchanan, Jamie Gilchrist, Keir Finlow-Bates

Abstract: The ECDSA (Elliptic Curve Digital Signature Algorithm) is used in many blockchain networks for digital signatures. This includes the Bitcoin and the Ethereum blockchains. While it has good performance levels and as strong current security, it should be handled with care. This care typically relates to the usage of the nonce value which is used to create the signature. This paper outlines the metho… ▽ More The ECDSA (Elliptic Curve Digital Signature Algorithm) is used in many blockchain networks for digital signatures. This includes the Bitcoin and the Ethereum blockchains. While it has good performance levels and as strong current security, it should be handled with care. This care typically relates to the usage of the nonce value which is used to create the signature. This paper outlines the methods that can be used to break ECDSA signatures, including revealed nonces, weak nonce choice, nonce reuse, two keys and shared nonces, and fault attack. △ Less

Submitted 9 April, 2025; originally announced April 2025.

Electromagnetic Side-Channel Analysis of PRESENT Lightweight Cipher

Authors: Nilupulee A Gunathilake, Owen Lo, William J Buchanan, Ahmed Al-Dubai

Abstract: Side-channel vulnerabilities pose an increasing threat to cryptographically protected devices. Consequently, it is crucial to observe information leakages through physical parameters such as power consumption and electromagnetic (EM) radiation to reduce susceptibility during interactions with cryptographic functions. EM side-channel attacks are becoming more prevalent. PRESENT is a promising light… ▽ More Side-channel vulnerabilities pose an increasing threat to cryptographically protected devices. Consequently, it is crucial to observe information leakages through physical parameters such as power consumption and electromagnetic (EM) radiation to reduce susceptibility during interactions with cryptographic functions. EM side-channel attacks are becoming more prevalent. PRESENT is a promising lightweight cryptographic algorithm expected to be incorporated into Internet-of-Things (IoT) devices in the future. This research investigates the EM side-channel robustness of PRESENT using a correlation attack model. This work extends our previous Correlation EM Analysis (CEMA) of PRESENT with improved results. The attack targets the Substitution box (S-box) and can retrieve 8 bytes of the 10-byte encryption key with a minimum of 256 EM waveforms. This paper presents the process of EM attack modelling, encompassing both simple and correlation attacks, followed by a critical analysis. △ Less

Submitted 15 March, 2025; originally announced March 2025.

Cross-Platform Benchmarking of the FHE Libraries: Novel Insights into SEAL and Openfhe

Authors: Faneela, Jawad Ahmad, Baraq Ghaleb, Sana Ullah Jan, William J. Buchanan

Abstract: The rapid growth of cloud computing and data-driven applications has amplified privacy concerns, driven by the increasing demand to process sensitive data securely. Homomorphic encryption (HE) has become a vital solution for addressing these concerns by enabling computations on encrypted data without revealing its contents. This paper provides a comprehensive evaluation of two leading HE libraries… ▽ More The rapid growth of cloud computing and data-driven applications has amplified privacy concerns, driven by the increasing demand to process sensitive data securely. Homomorphic encryption (HE) has become a vital solution for addressing these concerns by enabling computations on encrypted data without revealing its contents. This paper provides a comprehensive evaluation of two leading HE libraries, SEAL and OpenFHE, examining their performance, usability, and support for prominent HE schemes such as BGV and CKKS. Our analysis highlights computational efficiency, memory usage, and scalability across Linux and Windows platforms, emphasizing their applicability in real-world scenarios. Results reveal that Linux outperforms Windows in computation efficiency, with OpenFHE emerging as the optimal choice across diverse cryptographic settings. This paper provides valuable insights for researchers and practitioners to advance privacy-preserving applications using FHE. △ Less

Submitted 17 March, 2025; v1 submitted 14 March, 2025; originally announced March 2025.

Post Quantum Migration of Tor

Authors: Denis Berger, Mouad Lemoudden, William J Buchanan

Abstract: Shor's and Grover's algorithms' efficiency and the advancement of quantum computers imply that the cryptography used until now to protect one's privacy is potentially vulnerable to retrospective decryption, also known as \emph{harvest now, decrypt later} attack in the near future. This dissertation proposes an overview of the cryptographic schemes used by Tor, highlighting the non-quantum-resistan… ▽ More Shor's and Grover's algorithms' efficiency and the advancement of quantum computers imply that the cryptography used until now to protect one's privacy is potentially vulnerable to retrospective decryption, also known as \emph{harvest now, decrypt later} attack in the near future. This dissertation proposes an overview of the cryptographic schemes used by Tor, highlighting the non-quantum-resistant ones and introducing theoretical performance assessment methods of a local Tor network. The measurement is divided into three phases. We will start with benchmarking a local Tor network simulation on constrained devices to isolate the time taken by classical cryptography processes. Secondly, the analysis incorporates existing benchmarks of quantum-secure algorithms and compares these performances on the devices. Lastly, the estimation of overhead is calculated by replacing the measured times of traditional cryptography with the times recorded for Post Quantum Cryptography (PQC) execution within the specified Tor environment. By focusing on the replaceable cryptographic components, using theoretical estimations, and leveraging existing benchmarks, valuable insights into the potential impact of PQC can be obtained without needing to implement it fully. △ Less

Submitted 13 March, 2025; originally announced March 2025.

Performance Evaluation of Threshold Signing Schemes in Cryptography

Authors: Faneela, Jawad Ahmad, Baraq Ghaleb, Imdad Ullah Khan, William J. Buchanan, Sana Ullah Jan, Muhammad Shahbaz Khan

Abstract: Threshold Signature Scheme (TSS) protocols have gained significant attention over the past ten years due to their widespread adoption in cryptocurrencies. The adoption is mainly boosted by Gennaro and Goldfedder's TSS protocol. Since then, various TSS protocols have been introduced with different features, such as security and performance, etc. Large organizations are using TSS protocols to protec… ▽ More Threshold Signature Scheme (TSS) protocols have gained significant attention over the past ten years due to their widespread adoption in cryptocurrencies. The adoption is mainly boosted by Gennaro and Goldfedder's TSS protocol. Since then, various TSS protocols have been introduced with different features, such as security and performance, etc. Large organizations are using TSS protocols to protect many digital assets, such as cryptocurrency. However, the adoption of these TSS protocols requires an understanding of state-of-the-art research in threshold signing. This study describes the holistic view of TSS protocols, evaluates cutting-edge TSS protocols, highlights their characteristics, and compares them in terms of security and performance. The evaluation of these TSS protocols will help the researchers address real-world problems by considering the relevant merits of different TSS protocols. △ Less

Submitted 12 March, 2025; originally announced March 2025.

Evaluation of Privacy-aware Support Vector Machine (SVM) Learning using Homomorphic Encryption

Authors: William J Buchanan, Hisham Ali

Abstract: The requirement for privacy-aware machine learning increases as we continue to use PII (Personally Identifiable Information) within machine training. To overcome these privacy issues, we can apply Fully Homomorphic Encryption (FHE) to encrypt data before it is fed into a machine learning model. This involves creating a homomorphic encryption key pair, and where the associated public key will be us… ▽ More The requirement for privacy-aware machine learning increases as we continue to use PII (Personally Identifiable Information) within machine training. To overcome these privacy issues, we can apply Fully Homomorphic Encryption (FHE) to encrypt data before it is fed into a machine learning model. This involves creating a homomorphic encryption key pair, and where the associated public key will be used to encrypt the input data, and the private key will decrypt the output. But, there is often a performance hit when we use homomorphic encryption, and so this paper evaluates the performance overhead of using the SVM machine learning technique with the OpenFHE homomorphic encryption library. This uses Python and the scikit-learn library for its implementation. The experiments include a range of variables such as multiplication depth, scale size, first modulus size, security level, batch size, and ring dimension, along with two different SVM models, SVM-Poly and SVM-Linear. Overall, the results show that the two main parameters which affect performance are the ring dimension and the modulus size, and that SVM-Poly and SVM-Linear show similar performance levels. △ Less

Submitted 6 March, 2025; originally announced March 2025.

Equivalence Classes Induced by Binary Tree Isomorphism -- Generating Functions

Authors: David Serena, William J Buchanan

Abstract: Working with generating functions, the combinatorics of a recurrence relation can be expressed in a way that allows for more efficient calculation of the quantity. This is true of the Catalan numbers for an ordered binary tree \cite{abboud2018subtree}. Binary tree isomorphism is an important problem in computer science. The enumeration of the number of non-isomorphic rooted binary trees is therefo… ▽ More Working with generating functions, the combinatorics of a recurrence relation can be expressed in a way that allows for more efficient calculation of the quantity. This is true of the Catalan numbers for an ordered binary tree \cite{abboud2018subtree}. Binary tree isomorphism is an important problem in computer science. The enumeration of the number of non-isomorphic rooted binary trees is therefore well known. The paper reiterates the known results for ordered binary trees and presents previous results for the enumeration of non-isomorphic rooted binary trees. Then, new enumeration results are put forward for two-colour binary tree isomorphism parametrized by the number of nodes, the number of specific colours and the number of non-isomorphic sibling subtrees. Multi-variate generating function equations are presented that enumerate these tree structures. The generating functions with these parametrizations separate multiplicatively into simplified generating function equations. △ Less

Submitted 4 March, 2025; originally announced March 2025.

Partial and Fully Homomorphic Matching of IP Addresses Against Blacklists for Threat Analysis

Authors: William J Buchanan, Hisham Ali

Abstract: In many areas of cybersecurity, we require access to Personally Identifiable Information (PII), such as names, postal addresses and email addresses. Unfortunately, this can lead to data breaches, especially in relation to data compliance regulations such as GDPR. An IP address is a typical identifier which is used to map a network address to a person. Thus, in applications which are privacy-aware,… ▽ More In many areas of cybersecurity, we require access to Personally Identifiable Information (PII), such as names, postal addresses and email addresses. Unfortunately, this can lead to data breaches, especially in relation to data compliance regulations such as GDPR. An IP address is a typical identifier which is used to map a network address to a person. Thus, in applications which are privacy-aware, we may aim to hide the IP address while aiming to determine if the address comes from a blacklist. One solution to this is to use homomorphic encryption to match an encrypted version of an IP address to a blacklisted network list. This matching allows us to encrypt the IP address and match it to an encrypted version of a blacklist. In this paper, we use the OpenFHE library \cite{OpenFHE} to convert network addresses into the BFV homomorphic encryption method. In order to assess the performance impact of BFV, it implements a matching method using the OpenFHE library and compares this against the partial homomorphic methods of Paillier, Damgard-Jurik, Okamoto-Uchiyama, Naccache-Stern and Benaloh. The main findings are that the BFV method compares favourably against the partial homomorphic methods in most cases. △ Less

Submitted 22 February, 2025; originally announced February 2025.

A Framework for the Security and Privacy of Biometric System Constructions under Defined Computational Assumptions

Authors: Sam Grierson, William J Buchanan, Craig Thomson, Baraq Galeb, Chris Eckl

Abstract: Biometric systems, while offering convenient authentication, often fall short in providing rigorous security assurances. A primary reason is the ad-hoc design of protocols and components, which hinders the establishment of comprehensive security proofs. This paper introduces a formal framework for constructing secure and privacy-preserving biometric systems. By leveraging the principles of univers… ▽ More Biometric systems, while offering convenient authentication, often fall short in providing rigorous security assurances. A primary reason is the ad-hoc design of protocols and components, which hinders the establishment of comprehensive security proofs. This paper introduces a formal framework for constructing secure and privacy-preserving biometric systems. By leveraging the principles of universal composability, we enable the modular analysis and verification of individual system components. This approach allows us to derive strong security and privacy properties for the entire system, grounded in well-defined computational assumptions. △ Less

Submitted 26 November, 2024; originally announced November 2024.

Quantum Error Propagation

Authors: Eldar Sultanow, Fation Selimllari, Siddhant Dutta, Barry D. Reese, Madjid Tehrani, William J Buchanan

Abstract: Data poisoning attacks on machine learning models aim to manipulate the data used for model training such that the trained model behaves in the attacker's favour. In classical models such as deep neural networks, large chains of dot products do indeed cause errors injected by an attacker to propagate or accumulate. But what about quantum models? We hypothesise that, in quantum machine learning, er… ▽ More Data poisoning attacks on machine learning models aim to manipulate the data used for model training such that the trained model behaves in the attacker's favour. In classical models such as deep neural networks, large chains of dot products do indeed cause errors injected by an attacker to propagate or accumulate. But what about quantum models? We hypothesise that, in quantum machine learning, error propagation is limited for two reasons. The first is that data, which is encoded in quantum computing, is in terms of qubits that are confined to the Bloch sphere. Second, quantum information processing happens via the application of unitary operators, which preserve norms. Testing this hypothesis, we investigate how extensive error propagation and, thus, poisoning attacks affect quantum machine learning. △ Less

Submitted 26 January, 2025; v1 submitted 7 October, 2024; originally announced October 2024.

MSC Class: 81Rxx ACM Class: I.2; J.2

Review of Generative AI Methods in Cybersecurity

Authors: Yagmur Yigit, William J Buchanan, Madjid G Tehrani, Leandros Maglaras

Abstract: Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. Thi… ▽ More Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on developing robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations. △ Less

Submitted 19 March, 2024; v1 submitted 13 March, 2024; originally announced March 2024.

Comments: 40 pages

vSPACE: Voting in a Scalable, Privacy-Aware and Confidential Election

Authors: Se Elnour, William J Buchanan, Paul Keating, Mwrwan Abubakar, Sirag Elnour

Abstract: The vSPACE experimental proof-of-concept (PoC) on the TrueElect[Anon][Creds] protocol presents a novel approach to secure, private, and scalable elections, extending the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity). Such a protocol PoC is situated within a Zero-Trust Architecture (ZTA) and leverages confidential computing, continuous authenticat… ▽ More The vSPACE experimental proof-of-concept (PoC) on the TrueElect[Anon][Creds] protocol presents a novel approach to secure, private, and scalable elections, extending the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity). Such a protocol PoC is situated within a Zero-Trust Architecture (ZTA) and leverages confidential computing, continuous authentication, multi-party computation (MPC), and well-architected framework (WAF) principles to address the challenges of cybersecurity, privacy, and trust over IP (ToIP) protection. Employing a Kubernetes confidential cluster within an Enterprise-Scale Landing Zone (ESLZ), vSPACE integrates Distributed Ledger Technology (DLT) for immutable and certifiable audit trails. The Infrastructure as Code (IaC) model ensures rapid deployment, consistent management, and adherence to security standards, making vSPACE a future-proof solution for digital voting systems. △ Less

Submitted 8 March, 2024; originally announced March 2024.

DID:RING: Ring Signatures using Decentralised Identifiers For Privacy-Aware Identity

Authors: Dimitrios Kasimatis, Sam Grierson, William J. Buchanan, Chris Eckl, Pavlos Papadopoulos, Nikolaos Pitropakis, Craig Thomson, Baraq Ghaleb

Abstract: Decentralised identifiers have become a standardised element of digital identity architecture, with supra-national organisations such as the European Union adopting them as a key component for a unified European digital identity ledger. This paper delves into enhancing security and privacy features within decentralised identifiers by integrating ring signatures as an alternative verification metho… ▽ More Decentralised identifiers have become a standardised element of digital identity architecture, with supra-national organisations such as the European Union adopting them as a key component for a unified European digital identity ledger. This paper delves into enhancing security and privacy features within decentralised identifiers by integrating ring signatures as an alternative verification method. This allows users to identify themselves through digital signatures without revealing which public key they used. To this end, the study proposed a novel decentralised identity method showcased in a decentralised identifier-based architectural framework. Additionally, the investigation assesses the repercussions of employing this new method in the verification process, focusing specifically on privacy and security aspects. Although ring signatures are an established asset of cryptographic protocols, this paper seeks to leverage their capabilities in the evolving domain of digital identities. △ Less

Submitted 11 March, 2024; v1 submitted 8 March, 2024; originally announced March 2024.

TIPS: Threat Sharing Information Platform for Enhanced Security

Authors: Lakshmi Rama Kiran Pasumarthy, Hisham Ali, William J Buchanan, Jawad Ahmad, Audun Josang, Vasileios Mavroeidis, Mouad Lemoudden

Abstract: There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different informa… ▽ More There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing. △ Less

Submitted 8 March, 2024; originally announced March 2024.

Privacy-Aware Single-Nucleotide Polymorphisms (SNPs) using Bilinear Group Accumulators in Batch Mode

Authors: William J Buchanan, Sam Grierson, Daniel Uribe

Abstract: Biometric data is often highly sensitive, and a leak of this data can lead to serious privacy breaches. Some of the most sensitive of this type of data relates to the usage of DNA data on individuals. A leak of this type of data without consent could lead to privacy breaches of data protection laws. Along with this, there have been several recent data breaches related to the leak of DNA informatio… ▽ More Biometric data is often highly sensitive, and a leak of this data can lead to serious privacy breaches. Some of the most sensitive of this type of data relates to the usage of DNA data on individuals. A leak of this type of data without consent could lead to privacy breaches of data protection laws. Along with this, there have been several recent data breaches related to the leak of DNA information, including from 23andMe and Ancestry. It is thus fundamental that a citizen should have the right to know if their DNA data is contained within a DNA database and ask for it to be removed if they are concerned about its usage. This paper outlines a method of hashing the core information contained within the data stores - known as Single-Nucleotide Polymorphisms (SNPs) - into a bilinear group accumulator in batch mode, which can then be searched by a trusted entity for matches. The time to create the witness proof and to verify were measured at 0.86 ms and 10.90 ms, respectively. △ Less

Submitted 15 January, 2024; originally announced January 2024.

RNA-TransCrypt: Image Encryption Using Chaotic RNA Encoding, Novel Transformative Substitution, and Tailored Cryptographic Operations

Authors: Muhammad Shahbaz Khan, Jawad Ahmad, Ahmed Al-Dubai, Baraq Ghaleb, Nikolaos Pitropakis, William J. Buchanan

Abstract: Given the security concerns of Internet of Things (IoT) networks and limited computational resources of IoT devices, this paper presents RNA-TransCrypt, a novel image encryption scheme that is not only highly secure but also efficient and lightweight. RNA-TransCrypt integrates the biocryptographic properties of RNA encoding with the non-linearity and unpredictability of chaos theory. This scheme i… ▽ More Given the security concerns of Internet of Things (IoT) networks and limited computational resources of IoT devices, this paper presents RNA-TransCrypt, a novel image encryption scheme that is not only highly secure but also efficient and lightweight. RNA-TransCrypt integrates the biocryptographic properties of RNA encoding with the non-linearity and unpredictability of chaos theory. This scheme introduces three novel contributions: 1) the two-base RNA encoding method, which transforms the image into RNA strands-like sequence, ensuring efficient scrambling; 2) the transformative substitution technique, which transforms the s-box values before replacing the pixel values, and is responsible for making the scheme lightweight; and 3) three mathematical cryptographic operations designed especially for image encryption that ensure the effective transformation of the s-box values, resulting in a new outcome even for the same input values. These modules are key-dependent, utilizing chaotic keys generated by the De Jong Fractal Map and the Van der Pol Oscillator. Extensive security analysis, including histogram analysis, correlation analysis, and the results of the statistical security parameters obtained from the Gray-Level Co-occurrence Matrix (GLCM) validate the efficacy of the proposed scheme in encrypting input images with close-to-ideal results of 7.997 entropy and 0.0006 correlation. △ Less

Submitted 9 January, 2024; originally announced January 2024.

On families of elliptic curves $E_{p,q}:y^2=x^3-pqx$ that intersect the same line $L_{a,b}:y=\frac{a}{b}x$ of rational slope

Authors: Eldar Sultanow, Malik Amir, Anja Jeschke, Amir Darwish Tfiha, Madjid Tehrani, William J Buchanan

Abstract: Let $p$ and $q$ be two distinct odd primes, $p<q$ and $E_{p,q}:y^2=x^3-pqx$ be an elliptic curve. Fix a line $L_{a.b}:y=\frac{a}{b}x$ where $a\in \mathbb{Z},b\in \mathbb{N}$ and $(a,b)=1$. We study sufficient conditions that $p$ and $q$ must satisfy so that there are infinitely many elliptic curves $E_{p,q}$ that intersect $L_{a,b}$. Let $p$ and $q$ be two distinct odd primes, $p<q$ and $E_{p,q}:y^2=x^3-pqx$ be an elliptic curve. Fix a line $L_{a.b}:y=\frac{a}{b}x$ where $a\in \mathbb{Z},b\in \mathbb{N}$ and $(a,b)=1$. We study sufficient conditions that $p$ and $q$ must satisfy so that there are infinitely many elliptic curves $E_{p,q}$ that intersect $L_{a,b}$. △ Less

Submitted 8 June, 2024; v1 submitted 30 December, 2023; originally announced January 2024.

Comments: 16 pages, 7 figures

MSC Class: 14H52

PermutEx: Feature-Extraction-Based Permutation -- A New Diffusion Scheme for Image Encryption Algorithms

Authors: Muhammad Shahbaz Khan, Jawad Ahmad, Ahmed Al-Dubai, Zakwan Jaroucheh, Nikolaos Pitropakis, William J. Buchanan

Abstract: Traditional permutation schemes mostly focus on random scrambling of pixels, often neglecting the intrinsic image information that could enhance diffusion in image encryption algorithms. This paper introduces PermutEx, a feature-extraction-based permutation method that utilizes inherent image features to scramble pixels effectively. Unlike random permutation schemes, PermutEx extracts the spatial… ▽ More Traditional permutation schemes mostly focus on random scrambling of pixels, often neglecting the intrinsic image information that could enhance diffusion in image encryption algorithms. This paper introduces PermutEx, a feature-extraction-based permutation method that utilizes inherent image features to scramble pixels effectively. Unlike random permutation schemes, PermutEx extracts the spatial frequency and local contrast features of the image and ranks each pixel based on this information, identifying which pixels are more important or information-rich based on texture and edge information. In addition, a unique permutation key is generated using the Logistic-Sine Map based on chaotic behavior. The ranked pixels are permuted in conjunction with this unique key, effectively permuting the original image into a scrambled version. Experimental results indicate that the proposed method effectively disrupts the correlation in information-rich areas within the image resulting in a correlation value of 0.000062. The effective scrambling of pixels, resulting in nearly zero correlation, makes this method suitable to be used as diffusion in image encryption algorithms. △ Less

Submitted 5 November, 2023; originally announced November 2023.

PASSION: Permissioned Access Control for Segmented Devices and Identity for IoT Networks

Authors: Hisham Ali, Mwrwan Abubakar, Jawad Ahmad, William J. Buchanan, Zakwan Jaroucheh

Abstract: In recent years, there has been a significant proliferation of industrial Internet of Things (IoT) applications, with a wide variety of use cases being developed and put into operation. As the industrial IoT landscape expands, the establishment of secure and reliable infrastructure becomes crucial to instil trust among users and stakeholders, particularly in addressing fundamental concerns such as… ▽ More In recent years, there has been a significant proliferation of industrial Internet of Things (IoT) applications, with a wide variety of use cases being developed and put into operation. As the industrial IoT landscape expands, the establishment of secure and reliable infrastructure becomes crucial to instil trust among users and stakeholders, particularly in addressing fundamental concerns such as traceability, integrity protection, and privacy that some industries still encounter today. This paper introduces a privacy-preserving method in the industry's IoT systems using blockchain-based data access control for remote industry safety monitoring and maintaining event information confidentiality, integrity and authenticity. △ Less

Submitted 8 October, 2023; originally announced October 2023.

Scalable Multi-domain Trust Infrastructures for Segmented Networks

Authors: Sam Grierson, William J Buchanan, Craig Thomson, Baraq Ghaleb, Leandros Maglaras, Chris Eckl

Abstract: Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Inte… ▽ More Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Internet connection within an isolated or autonomously acting collection of devices? For this, a trusted entity can be elected to generate a key pair and then split the private key amongst trusted devices. Each node can then sign part of the transaction using their split of the shared secret. The aggregated signature can then define agreement on a consensus within the infrastructure. Unfortunately, this process has two significant problems. The first is when no trusted node can act as a dealer of the shares. The second is the difficulty of scaling the digital signature scheme. This paper outlines a method of creating a leaderless approach to defining trust domains to overcome weaknesses in the scaling of the elliptic curve digital signature algorithm. Instead, it proposes the usage of the Edwards curve digital signature algorithm for the definition of multiple trust zones. The paper shows that the computational overhead of the distributed key generation phase increases with the number of nodes in the trust domain but that the distributed signing has a relatively constant computational overhead. △ Less

Submitted 10 October, 2023; v1 submitted 7 October, 2023; originally announced October 2023.

CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption

Authors: Hassan Ali, Muhammad Shahbaz Khan, Maha Driss, Jawad Ahmad, William J. Buchanan, Nikolaos Pitropakis

Abstract: In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated visual data and real-time remote monitoring to quality control in production lines. The encryption of these images is essential for maintaining operat… ▽ More In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated visual data and real-time remote monitoring to quality control in production lines. The encryption of these images is essential for maintaining operational integrity, data confidentiality, and seamless integration with analytics platforms. This paper addresses these critical concerns by proposing a robust image encryption algorithm tailored for IIoT and Cyber-Physical Systems (CPS). The algorithm combines Rule-30 cellular automata with chaotic scrambling and substitution. The Rule 30 cellular automata serves as an efficient mechanism for generating pseudo-random sequences that enable fast encryption and decryption cycles suitable for real-time sensor data in industrial settings. Most importantly, it induces non-linearity in the encryption algorithm. Furthermore, to increase the chaotic range and keyspace of the algorithm, which is vital for security in distributed industrial networks, a hybrid chaotic map, i.e., logistic-sine map is utilized. Extensive security analysis has been carried out to validate the efficacy of the proposed algorithm. Results indicate that our algorithm achieves close-to-ideal values, with an entropy of 7.99 and a correlation of 0.002. This enhances the algorithm's resilience against potential cyber-attacks in the industrial domain. △ Less

Submitted 20 September, 2023; originally announced September 2023.

Double Public Key Signing Function Oracle Attack on EdDSA Software Implementations

Authors: Sam Grierson, Konstantinos Chalkias, William J Buchanan, Leandros Maglaras

Abstract: EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This pap… ▽ More EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This paper describes an attack against some of the most popular EdDSA implementations, which results in an adversary recovering the private key used during signing. With this recovered secret key, an adversary can sign arbitrary messages that would be seen as valid by the EdDSA verification function. A list of libraries with vulnerable APIs at the time of publication is provided. Furthermore, this paper provides two suggestions for securing EdDSA signing APIs against this vulnerability while it additionally discusses failed attempts to solve the issue. △ Less

Submitted 10 October, 2023; v1 submitted 29 August, 2023; originally announced August 2023.

SRSS: A New Chaos-Based Single-Round Single S-Box Image Encryption Scheme for Highly Auto-Correlated Data

Authors: Muhammad Shahbaz Khan, Jawad Ahmad, Hisham Ali, Nikolaos Pitropakis, Ahmed Al-Dubai, Baraq Ghaleb, William J. Buchanan

Abstract: With the advent of digital communication, securing digital images during transmission and storage has become a critical concern. The traditional s-box substitution methods often fail to effectively conceal the information within highly auto-correlated regions of an image. This paper addresses the security issues presented by three prevalent S-box substitution methods, i.e., single S-box, multiple… ▽ More With the advent of digital communication, securing digital images during transmission and storage has become a critical concern. The traditional s-box substitution methods often fail to effectively conceal the information within highly auto-correlated regions of an image. This paper addresses the security issues presented by three prevalent S-box substitution methods, i.e., single S-box, multiple S-boxes, and multiple rounds with multiple S-boxes, especially when handling images with highly auto-correlated pixels. To resolve the addressed security issues, this paper proposes a new scheme SRSS-the Single Round Single S-Box encryption scheme. SRSS uses a single S-box for substitution in just one round to break the pixel correlations and encrypt the plaintext image effectively. Additionally, this paper introduces a new Chaos-based Random Operation Selection System-CROSS, which nullifies the requirement for multiple S-boxes, thus reducing the encryption scheme's complexity. By randomly selecting the operation to be performed on each pixel, driven by a chaotic sequence, the proposed scheme effectively scrambles even high auto-correlation areas. When compared to the substitution methods mentioned above, the proposed encryption scheme exhibited exceptionally well in just a single round with a single S-box. The close-to-ideal statistical security analysis results, i.e., an entropy of 7.89 and a correlation coefficient of 0.007, validate the effectiveness of the proposed scheme. This research offers an innovative path forward for securing images in applications requiring low computational complexity and fast encryption and decryption speeds. △ Less

Submitted 21 August, 2023; originally announced August 2023.

Comments: 6 Pages

Enabling Quantum Cybersecurity Analytics in Botnet Detection: Stable Architecture and Speed-up through Tree Algorithms

Authors: Madjid Tehrani, Eldar Sultanow, William J Buchanan, Malik Amir, Anja Jeschke, Raymond Chow, Mouad Lemoudden

Abstract: For the first time, we enable the execution of hybrid machine learning methods on real quantum computers with 100 data samples and real-device-based simulations with 5,000 data samples, thereby outperforming the current state of research of Suryotrisongko and Musashi from 2022 who were dealing with 1,000 data samples and quantum simulators (pure software-based emulators) only. Additionally, we bea… ▽ More For the first time, we enable the execution of hybrid machine learning methods on real quantum computers with 100 data samples and real-device-based simulations with 5,000 data samples, thereby outperforming the current state of research of Suryotrisongko and Musashi from 2022 who were dealing with 1,000 data samples and quantum simulators (pure software-based emulators) only. Additionally, we beat their reported accuracy of $76.8\%$ by an average accuracy of $91.2\%$, all within a total execution time of 1,687 seconds. We achieve this significant progress through two-step strategy: Firstly, we establish a stable quantum architecture that enables us to execute HQML algorithms on real quantum devices. Secondly, we introduce new hybrid quantum binary classification algorithms based on Hoeffding decision tree algorithms. These algorithms speed up the process via batch-wise execution, reducing the number of shots required on real quantum devices compared to conventional loop-based optimizers. Their incremental nature serves the purpose of online large-scale data streaming for DGA botnet detection, and allows us to apply hybrid quantum machine learning to the field of cybersecurity analytics. We conduct our experiments using the Qiskit library with the Aer quantum simulator, and on three different real quantum devices from Azure Quantum: IonQ, Rigetti, and Quantinuum. This is the first time these tools are combined in this manner. △ Less

Submitted 31 July, 2023; v1 submitted 23 June, 2023; originally announced June 2023.

Comments: 32 pages, 4 figures, 5 tables

ACM Class: I.2

Majority Voting Approach to Ransomware Detection

Authors: Simon R Davies, Richard Macfarlane, William J Buchanan

Abstract: Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on… ▽ More Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on either the executable code, the process under investigation, its behaviour, or its output. In a small subset of ransomware detection systems, the concept of a scorecard is employed where multiple tests are performed on various aspects of a process under investigation and their results are then analysed using machine learning. The purpose of this paper is to propose a new majority voting approach to ransomware detection by developing a method that uses a cumulative score derived from discrete tests based on calculations using algorithmic rather than heuristic techniques. The paper describes 23 candidate tests, as well as 9 Windows API tests which are validated to determine both their accuracy and viability for use within a ransomware detection system. Using a cumulative score calculation approach to ransomware detection has several benefits, such as the immunity to the occasional inaccuracy of individual tests when making its final classification. The system can also leverage multiple tests that can be both comprehensive and complimentary in an attempt to achieve a broader, deeper, and more robust analysis of the program under investigation. Additionally, the use of multiple collaborative tests also significantly hinders ransomware from masking or modifying its behaviour in an attempt to bypass detection. △ Less

Submitted 30 May, 2023; originally announced May 2023.

Comments: 17 pages

Review of the NIST Light-weight Cryptography Finalists

Authors: William J Buchanan, Leandros Maglaras

Abstract: Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article,… ▽ More Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article, we provide a comparison between these methods in terms of energy efficiency, time for encryption, and time for hashing. △ Less

Submitted 28 March, 2023; v1 submitted 26 March, 2023; originally announced March 2023.

Comments: 6 pages

An Omnidirectional Approach to Touch-based Continuous Authentication

Authors: Peter Aaby, Mario Valerio Giuffrida, William J Buchanan, Zhiyuan Tan

Abstract: This paper focuses on how touch interactions on smartphones can provide a continuous user authentication service through behaviour captured by a touchscreen. While efforts are made to advance touch-based behavioural authentication, researchers often focus on gathering data, tuning classifiers, and enhancing performance by evaluating touch interactions in a sequence rather than independently. Howev… ▽ More This paper focuses on how touch interactions on smartphones can provide a continuous user authentication service through behaviour captured by a touchscreen. While efforts are made to advance touch-based behavioural authentication, researchers often focus on gathering data, tuning classifiers, and enhancing performance by evaluating touch interactions in a sequence rather than independently. However, such systems only work by providing data representing distinct behavioural traits. The typical approach separates behaviour into touch directions and creates multiple user profiles. This work presents an omnidirectional approach which outperforms the traditional method independent of the touch direction - depending on optimal behavioural features and a balanced training set. Thus, we evaluate five behavioural feature sets using the conventional approach against our direction-agnostic method while testing several classifiers, including an Extra-Tree and Gradient Boosting Classifier, which is often overlooked. Results show that in comparison with the traditional, an Extra-Trees classifier and the proposed approach are superior when combining strokes. However, the performance depends on the applied feature set. We find that the TouchAlytics feature set outperforms others when using our approach when combining three or more strokes. Finally, we highlight the importance of reporting the mean area under the curve and equal error rate for single-stroke performance and varying the sequence of strokes separately. △ Less

Submitted 13 January, 2023; originally announced February 2023.

Towards The Creation Of The Future Fish Farm

Authors: Pavlos Papadopoulos, William J Buchanan, Sarwar Sayeed, Nikolaos Pitropakis

Abstract: A fish farm is an area where fish raise and bred for food. Fish farm environments support the care and management of seafood within a controlled environment. Over the past few decades, there has been a remarkable increase in the calorie intake of protein attributed to seafood. Along with this, there are significant opportunities within the fish farming industry for economic development. Determinin… ▽ More A fish farm is an area where fish raise and bred for food. Fish farm environments support the care and management of seafood within a controlled environment. Over the past few decades, there has been a remarkable increase in the calorie intake of protein attributed to seafood. Along with this, there are significant opportunities within the fish farming industry for economic development. Determining the fish diseases, monitoring the aquatic organisms, and examining the imbalance in the water element are some key factors that require precise observation to determine the accuracy of the acquired data. Similarly, due to the rapid expansion of aquaculture, new technologies are constantly being implemented in this sector to enhance efficiency. However, the existing approaches have often failed to provide an efficient method of farming fish. This work has kept aside the traditional approaches and opened up new dimensions to perform accurate analysis by adopting a distributed ledger technology. Our work analyses the current state-of-the-art of fish farming and proposes a fish farm ecosystem that relies on a private-by-design architecture based on the Hyperledger Fabric private-permissioned distributed ledger technology. The proposed method puts forward accurate and secure storage of the retrieved data from multiple sensors across the ecosystem so that the adhering entities can exercise their decision based on the acquired data. This study demonstrates a proof-of-concept to signify the efficiency and usability of the future fish farm. △ Less

Submitted 2 January, 2023; originally announced January 2023.

Journal ref: Security and Safety, 3(4), 174-186 (2022)

Hamming Distributions of Popular Perceptual Hashing Techniques

Authors: Sean McKeown, William J Buchanan

Abstract: Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechanism for facilitating detection, allowing for machines to approximately match visual features of an image or video in a robust manner. However, there d… ▽ More Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechanism for facilitating detection, allowing for machines to approximately match visual features of an image or video in a robust manner. However, there does not appear to be much public evaluation of such approaches, particularly when it comes to how effective they are against content-preserving modifications to media files. In this paper, we present a million-image scale evaluation of several perceptual hashing archetypes for popular algorithms (including Facebook's PDQ, Apple's Neuralhash, and the popular pHash library) against seven image variants. The focal point is the distribution of Hamming distance scores between both unrelated images and image variants to better understand the problems faced by each approach. △ Less

Submitted 15 December, 2022; originally announced December 2022.

Journal ref: DFRWS (Digital Forensics Research Conference) EU 2023, 21-24 March 2023, Bonn, Germany

Transforming EU Governance: The Digital Integration through EBSI and GLASS

Authors: Dimitrios Kasimatis, William J Buchanan, Mwarwan Abubakar, Owen Lo, Christos Chrysoulas, Nikolaos Pitropakis, Pavlos Papadopoulos, Sarwar Sayeed, Marc Sel

Abstract: Traditionally, government systems managed citizen identities through disconnected data systems, using simple identifiers and paper-based processes, limiting digital trust and requiring citizens to request identity verification documents. The digital era offers a shift towards unique digital identifiers for each citizen, enabling a 'citizen wallet' for easier access to personal documents like acade… ▽ More Traditionally, government systems managed citizen identities through disconnected data systems, using simple identifiers and paper-based processes, limiting digital trust and requiring citizens to request identity verification documents. The digital era offers a shift towards unique digital identifiers for each citizen, enabling a 'citizen wallet' for easier access to personal documents like academic records and licences, with enhanced security through digital signatures. The European Commission's initiative for a digital wallet for every EU citizen aims to improve mobility and integration, leveraging the European Blockchain Services Infrastructure (EBSI) for harmonised citizen integration. This paper discusses how EBSI and the GLASS project can advance governance and streamline access to identity documents. △ Less

Submitted 19 April, 2024; v1 submitted 6 December, 2022; originally announced December 2022.

A DNA Based Colour Image Encryption Scheme Using A Convolutional Autoencoder

Authors: Fawad Ahmed, Muneeb Ur Rehman, Jawad Ahmad, Muhammad Shahbaz Khan, Wadii Boulila, Gautam Srivastava, Jerry Chun-Wei Lin, William J. Buchanan

Abstract: With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforement… ▽ More With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforementioned issues, a new encryption scheme for colour images employing convolutional autoencoder, DNA and chaos is presented in this paper. The proposed scheme has two main modules, the dimensionality conversion module using the proposed convolutional autoencoder, and the encryption/decryption module using DNA and chaos. The dimension of the input colour image is first reduced from N $\times$ M $\times$ 3 to P $\times$ Q gray-scale image using the encoder. Encryption and decryption are then performed in the reduced dimension space. The decrypted gray-scale image is upsampled to obtain the original colour image having dimension N $\times$ M $\times$ 3. The training and validation accuracy of the proposed autoencoder is 97% and 95%, respectively. Once the autoencoder is trained, it can be used to reduce and subsequently increase the dimension of any arbitrary input colour image. The efficacy of the designed autoencoder has been demonstrated by the successful reconstruction of the compressed image into the original colour image with negligible perceptual distortion. The second major contribution presented in this paper is an image encryption scheme using DNA along with multiple chaotic sequences and substitution boxes. The security of the proposed image encryption algorithm has been gauged using several evaluation parameters, such as histogram of the cipher image, entropy, NPCR, UACI, key sensitivity, contrast, etc. encryption. △ Less

Submitted 7 November, 2022; originally announced November 2022.

Journal ref: (2022) ACM Trans. Multimedia Comput. Commun. Appl

Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification

Authors: Simon R Davies, Richard Macfarlane, William J. Buchanan

Abstract: Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target's data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many crypto-ransomware detection techniques is to monitor file system activity and attempt to identify encrypted files being written to disk, often using a… ▽ More Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target's data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many crypto-ransomware detection techniques is to monitor file system activity and attempt to identify encrypted files being written to disk, often using a file's entropy as an indicator of encryption. However, often in the description of these techniques, little or no discussion is made as to why a particular entropy calculation technique is selected or any justification given as to why one technique is selected over the alternatives. The Shannon method of entropy calculation is the most commonly-used technique when it comes to file encryption identification in crypto-ransomware detection techniques. Overall, correctly encrypted data should be indistinguishable from random data, so apart from the standard mathematical entropy calculations such as Chi-Square, Shannon Entropy and Serial Correlation, the test suites used to validate the output from pseudo-random number generators would also be suited to perform this analysis. he hypothesis being that there is a fundamental difference between different entropy methods and that the best methods may be used to better detect ransomware encrypted files. The paper compares the accuracy of 53 distinct tests in being able to differentiate between encrypted data and other file types. The testing is broken down into two phases, the first phase is used to identify potential candidate tests, and a second phase where these candidates are thoroughly evaluated. To ensure that the tests were sufficiently robust, the NapierOne dataset is used. This dataset contains thousands of examples of the most commonly used file types, as well as examples of files that have been encrypted by crypto-ransomware. △ Less

Submitted 24 October, 2022; originally announced October 2022.

Journal ref: Entropy. 2022; 24(10):1503

GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture

Authors: Owen Lo, William J. Buchanan, Sarwar Sayeed, Pavlos Papadopoulos, Nikolaos Pitropakis, Christos Chrysoulas

Abstract: E-governance is a process that aims to enhance a government's ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the establishment of an e-Governance model. There is often a need for an inclusive e-governance model with integrated multiactor governance services and where… ▽ More E-governance is a process that aims to enhance a government's ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the establishment of an e-Governance model. There is often a need for an inclusive e-governance model with integrated multiactor governance services and where a single market approach can be adopted. e-Governance often aims to minimise bureaucratic processes, while at the same time including a digital-by-default approach to public services. This aims at administrative efficiency and the reduction of bureaucratic processes. It can also improve government capabilities, and enhances trust and security, which brings confidence in governmental transactions. However, solid implementations of a distributed data sharing model within an e-governance architecture is far from a reality; hence, citizens of European countries often go through the tedious process of having their confidential information verified. This paper focuses on the sinGLe sign-on e-GovernAnce Paradigm based on a distributed file-exchange network for security, transparency, cost-effectiveness and trust (GLASS) model, which aims to ensure that a citizen can control their relationship with governmental agencies. The paper thus proposes an approach that integrates a permissioned blockchain with the InterPlanetary File System (IPFS). This method demonstrates how we may encrypt and store verifiable credentials of the GLASS ecosystem, such as academic awards, ID documents and so on, within IPFS in a secure manner and thus only allow trusted users to read a blockchain record, and obtain the encryption key. This allows for the decryption of a given verifiable credential that stored on IPFS. This paper outlines the creation of a demonstrator that proves the principles of the GLASS approach. △ Less

Submitted 16 March, 2022; originally announced March 2022.

Comments: Sensors 2022, 22(6), 2291; https://doi.org/10.3390/s22062291

Ransomware: Analysing the Impact on Windows Active Directory Domain Services

Authors: Grant McDonald, Pavlos Papadopoulos, Nikolaos Pitropakis, Jawad Ahmad, William J. Buchanan

Abstract: Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability. Organisations and enterprises have become prime targets for ransomware as they are more likely to succumb to ransom demands as part of operating expenses to counter the cost incurred from downtime. Despite the prevalence of ransomware as a threat t… ▽ More Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability. Organisations and enterprises have become prime targets for ransomware as they are more likely to succumb to ransom demands as part of operating expenses to counter the cost incurred from downtime. Despite the prevalence of ransomware as a threat towards organisations, there is very little information outlining how ransomware affects Windows Server environments, and particularly its proprietary domain services such as Active Directory. Hence, we aim to increase the cyber situational awareness of organisations and corporations that utilise these environments. Dynamic analysis was performed using three ransomware variants to uncover how crypto-ransomware affects Windows Server-specific services and processes. Our work outlines the practical investigation undertaken as WannaCry, TeslaCrypt, and Jigsaw were acquired and tested against several domain services. The findings showed that none of the three variants stopped the processes and decidedly left all domain services untouched. However, although the services remained operational, they became uniquely dysfunctional as ransomware encrypted the files pertaining to those services △ Less

Submitted 7 February, 2022; originally announced February 2022.

Journal ref: Sensors 22, no. 3: 953 (2022)

NapierOne: A modern mixed file data set alternative to Govdocs1

Authors: Simon R Davies, Richard Macfarlane, William J Buchanan

Abstract: It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. A modern cybersecurity mixed file data set called NapierOne… ▽ More It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. A modern cybersecurity mixed file data set called NapierOne is presented, primarily aimed at, but not limited to, ransomware detection and forensic analysis research. NapierOne was designed to address this deficiency in reproducibility and improve consistency by facilitating research replication and repeatability. The methodology used in the creation of this data set is also described in detail. The data set was inspired by the Govdocs1 data set and it is intended that NapierOne be used as a complement to this original data set. An investigation was performed with the goal of determining the common files types currently in use. No specific research was found that explicitly provided this information, so an alternative consensus approach was employed. This involved combining the findings from multiple sources of file type usage into an overall ranked list. After which 5000 real-world example files were gathered, and a specific data subset created, for each of the common file types identified. In some circumstances, multiple data subsets were created for a specific file type, each subset representing a specific characteristic for that file type. For example, there are multiple data subsets for the ZIP file type with each subset containing examples of a specific compression method. Ransomware execution tends to produce files that have high entropy, so examples of file types that naturally have this attribute are also present. △ Less

Submitted 20 January, 2022; originally announced January 2022.

Journal ref: Forensic Science International: Digital Investigation, Volume 40, 2022, 301330, ISSN 2666-2817

Electromagnetic Side-Channel Attack Resilience against PRESENT Lightweight Block Cipher

Authors: Nilupulee A. Gunathilake, Ahmed Al-Dubai, William J. Buchanan, Owen Lo

Abstract: Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes and lesser energy drainage. The main focus can be seen in algorithm developments in this emerging subject. Thus, verification is carried out based upo… ▽ More Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes and lesser energy drainage. The main focus can be seen in algorithm developments in this emerging subject. Thus, verification is carried out based upon theoretical (mathematical) proofs mostly. Among the few available side-channel analysis studies found in literature, the highest percentage is taken by power attacks. PRESENT is a promising lightweight block cipher to be included in IoT devices in the near future. Thus, the emphasis of this paper is on lightweight cryptology, and our investigation shows unavailability of a correlation electromagnetic analysis (CEMA) of it. Hence, in an effort to fill in this research gap, we opted to investigate the capabilities of CEMA against the PRESENT algorithm. This work aims to determine the probability of secret key leakage with a minimum number of electromagnetic (EM) waveforms possible. The process initially started from a simple EM analysis (SEMA) and gradually enhanced up to a CEMA. This paper presents our methodology in attack modelling, current results that indicate a probability of leaking seven bytes of the key and upcoming plans for optimisation. In addition, introductions to lightweight cryptanalysis and theories of EMA are also included. △ Less

Submitted 22 December, 2021; originally announced December 2021.

Journal ref: 2022 IEEE 6th International Conference on Cryptography, Security and Privacy (CSP 2022)

Blockchain-based Platform for Secure Sharing and Validation of Vaccination Certificates

Authors: Mwrwan Abubakar, Pádraig McCarron, Zakwan Jaroucheh, Ahmed Al-Dubai, William J Buchanan

Abstract: The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. As a way forward after the COVID-19 vaccination, the Vaccination certif… ▽ More The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. As a way forward after the COVID-19 vaccination, the Vaccination certificate has been adopted to help the authorities formulate policies by controlling cross-border travelling. To resolve significant privacy concerns and remove the need for relying on third parties to maintain trust and control the user's data, in this paper, we leverage blockchain technologies in developing a secure and verifiable vaccination certificate. Our approach has the advantage of utilising a hybrid architecture that implements different advanced technologies, such as smart contracts, interPlanetary File System (IPFS), and Self-sovereign Identity (SSI). We will rely on verifiable credentials paired with smart contracts to implement on-chain access control decisions and provide on-chain verification and validation of the user and issuer DIDs. The usability of this approach was further analysed, particularly concerning performance and security. Our analysis proved that our approach satisfies vaccination certificate security requirements. △ Less

Submitted 21 December, 2021; v1 submitted 19 December, 2021; originally announced December 2021.

Journal ref: IEEE SINCONF 2021 (14th International Conference on Security of Information and Networks)

Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers

Authors: Hisham Ali, Pavlos Papadopoulos, Jawad Ahmad, Nikolaos Pitropakis, Zakwan Jaroucheh, William J. Buchanan

Abstract: Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sh… ▽ More Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sharing. Therefore, the storage and sharing of highly sensitive threat information raises considerable concerns regarding constructing a secure, trusted threat information exchange infrastructure. Establishing a trusted ecosystem for threat sharing will promote the validity, security, anonymity, scalability, latency efficiency, and traceability of the stored information that protects it from unauthorized disclosure. This paper proposes a system that ensures the security principles mentioned above by utilizing a distributed ledger technology that provides secure decentralized operations through smart contracts and provides a privacy-preserving ecosystem for threat information storage and sharing regarding the MITRE ATT\&CK framework. △ Less

Submitted 19 December, 2021; originally announced December 2021.

Journal ref: IEEE SINCONF 2021: 14th International Conference on Security of Information and Networks

PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching

Authors: William Abramson, William J. Buchanan, Sarwar Sayeed, Nikolaos Pitropakis, Owen Lo

Abstract: The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructure may include the Citizen, a Testing Centre (TC), a Health Authority (HA), and a Government Authority (GA). Typically, these different domains need to… ▽ More The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructure may include the Citizen, a Testing Centre (TC), a Health Authority (HA), and a Government Authority (GA). Typically, these different domains need to communicate with each other about an individual. A common approach is when a citizen discloses his personally identifiable information to both the HA a TC, if the test result comes positive, the information is used by the TC to alert the HA. Along with this, there can be other trusted entities that have other key elements of data related to the citizen. However, the existing approaches comprise severe flaws in terms of privacy and security. Additionally, the aforementioned approaches are not transparent and often being questioned for the efficacy of the implementations. In order to overcome the challenges, this paper outlines the PAN-DOMAIN infrastructure that allows for citizen identifiers to be matched amongst the TA, the HA and the GA. PAN-DOMAIN ensures that the citizen can keep control of the mapping between the trusted entities using a trusted converter, and has access to an audit log. △ Less

Submitted 6 December, 2021; originally announced December 2021.

Journal ref: IEEE SIN 2021

A Privacy-Preserving Platform for Recording COVID-19 Vaccine Passports

Authors: Masoud Barati, William J. Buchanan, Owen Lo, Omer Rana

Abstract: Digital vaccine passports are one of the main solutions which would allow the restart of travel in a post COVID-19 world. Trust, scalability and security are all key challenges one must overcome in implementing a vaccine passport. Initial approaches attempt to solve this problem by using centralised systems with trusted authorities. However, sharing vaccine passport data between different organisa… ▽ More Digital vaccine passports are one of the main solutions which would allow the restart of travel in a post COVID-19 world. Trust, scalability and security are all key challenges one must overcome in implementing a vaccine passport. Initial approaches attempt to solve this problem by using centralised systems with trusted authorities. However, sharing vaccine passport data between different organisations, regions and countries has become a major challenge. This paper designs a new platform architecture for creating, storing and verifying digital COVID-19 vaccine certifications. The platform makes use of the InterPlanetary File System (IPFS) to guarantee there is no single point of failure and allow data to be securely distributed globally. Blockchain and smart contracts are also integrated into the platform to define policies and log access rights to vaccine passport data while ensuring all actions are audited and verifiably immutable. Our proposed platform realises General Data Protection Regulation (GDPR) requirements in terms of user consent, data encryption, data erasure and accountability obligations. We assess the scalability and performance of the platform using IPFS and Blockchain test networks. △ Less

Submitted 3 December, 2021; originally announced December 2021.

Journal ref: CloudAM: 10th International Workshop on Cloud and Edge Computing, and Applications Management, 2021

Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure

Authors: Edward Henry Young, Christos Chrysoulas, Nikolaos Pitropakis, Pavlos Papadopoulos, William J Buchanan

Abstract: Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet wh… ▽ More Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet which uses CoinJoin to mix and obfuscate crypto currencies. These wallets were set up on VMs and then several forensic tools used to examine these VM images for relevant forensic artifacts. These forensic tools were able to recover a broad range of forensic artifacts and found both network forensics and logging files to be a useful source of artifacts to deanonymize these mixing services. △ Less

Submitted 5 October, 2021; originally announced October 2021.

Comments: Accepted for publication in the International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21)

GLASS: Towards Secure and Decentralized eGovernance Services using IPFS

Authors: Christos Chrysoulas, Amanda Thomson, Nikolaos Pitropakis, Pavlos Papadopoulos, Owen Lo, William J. Buchanan, George Domalis, Nikos Karacapilidis, Dimitris Tsakalidis, Dimitris Tsolis

Abstract: The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation it has broadened the attack surface and made them a popular target for cyber attacks. eGovernance services utilize internet, which is currently a location addressed system where whoever controls the location controls not only the… ▽ More The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation it has broadened the attack surface and made them a popular target for cyber attacks. eGovernance services utilize internet, which is currently a location addressed system where whoever controls the location controls not only the content itself, but the integrity of that content, and the access to that content. We propose GLASS, a decentralised solution which combines the InterPlanetary File System (IPFS) with Distributed Ledger technology and Smart Contracts to secure EGovernance services. We also create a testbed environment where we measure the IPFS performance. △ Less

Submitted 17 September, 2021; originally announced September 2021.

Comments: To be published in the proceedings of the 7th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2021). In Conjunction With ESORICS 2021