Homomorphic Encryption for Financial Cryptography: Recent Inventions and Challenges 3031355342, 9783031355349

Citation preview

V. Seethalakshmi Rajesh Kumar Dhanaraj S. Suganyadevi Mariya Ouaissa   Editors

Homomorphic Encryption for Financial Cryptography Recent Inventions and Challenges

Homomorphic Encryption for Financial Cryptography

V. Seethalakshmi · Rajesh Kumar Dhanaraj · S. Suganyadevi · Mariya Ouaissa Editors

Homomorphic Encryption for Financial Cryptography Recent Inventions and Challenges

Editors V. Seethalakshmi Department of Electronics and Communication Engineering KPR Institute of Engineering and Technology Coimbatore, Tamil Nadu, India S. Suganyadevi Department of Electronics and Communication Engineering KPR Institute of Engineering and Technology Coimbatore, Tamil Nadu, India

Rajesh Kumar Dhanaraj Symbiosis Institute of Computer Studies and Research (SICSR) Symbiosis International (Deemed University) Pune, India Mariya Ouaissa Institute Specializing in New Information and Communication Technologies Moulay Ismail University Meknes, Morocco

ISBN 978-3-031-35534-9 ISBN 978-3-031-35535-6 (eBook) https://doi.org/10.1007/978-3-031-35535-6 © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Preface

This book offers to get insights regarding the efficient utilization of Homomorphic Encryption for Financial Cryptography in confidentiality, phishing, anonymity, object and user identity protection. In an era where there is a greater emphasis on privacy, owing mostly to rules such as General Data Protection Regulations (GDPR), the notion of Homomorphic Encryption (HE) has a lot of potential for real-world applications across a wide range of sectors. Homomorphic Encryption is a new technique that can help organizations protect their customers’ privacy without affecting their capacity to obtain insights from their data. Homomorphic Encryption allows to evaluate or modify encrypted data without disclosing it to anyone. The possibilities provided by Homomorphic Encryption are nearly limitless. Homomorphic Encryption enables enterprises to safely use cloud computing and storage services. It eliminates the need for users to choose between data security and usability. Organizations can use HE to exchange sensitive business data with other parties without disclosing the data or the results of the calculation to them. This may hasten cooperation and creativity while limiting the possibility of sensitive information being exposed. HE can enable organizations in highly regulated areas, like health care and finance, to outsource research and analytical services without fear of non-compliance. This edited book aims to bring together leading academic researchers, scientists and research scholars to exchange and share their experiences and research results on all aspects of Homomorphic Encryption for Financial Cryptography. It also provides a premier interdisciplinary platform for researchers, practitioners and educators to present and discuss the most recent innovations, trends and concerns as well as practical challenges encountered and solutions adopted in the field of Homomorphic

v

vi

Preface

Encryption for Financial Cryptography as a solution to increase the security of the data. Coimbatore, India Pune, India Coimbatore, India Meknes, Morocco

V. Seethalakshmi Rajesh Kumar Dhanaraj S. Suganyadevi Mariya Ouaissa

Contents

Introduction to Homomorphic Encryption for Financial Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rajesh Kumar Dhanaraj, S. Suganyadevi, V. Seethalakshmi, and Mariya Ouaissa A Survey on Homomorphic Encryption for Financial Cryptography Workout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M. Siva Sangari, K. Balasamy, Habib Hamam, S. Nithya, and S. Surya Improved Login Interface Algorithm for Financial Transactions Using Visual Cryptographic Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . N. Sugirtham, R. Sherine Jenny, R. Sudhakar, S. Vasudevan, and Irfan Khan Tanoli Securing Shared Data Based on Homomorphic Encryption Schemes . . . K. Renuka Devi, S. Nithyapriya, G. Pradeep, R. Menaha, and S. Suganyadevi Challenges and Opportunities Associated with Homomorphic Encryption for Financial Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S. Finney Daniel Shadrach, A. Shiny Pershiya, A. Shirley Stevany Faryl, K. Balasamy, and K. Chiranjeevi

1

13

29

53

85

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote ECG Monitoring and Surveillance . . . . . . . . . . . . . . . . . . . . . . . . 107 V. Seethalakshmi, S. Suganyadevi, S. Nithya, K. Sheela Sobana Rani, and Gokul Basavaraj Enhancing Encryption Security Against Cypher Attacks . . . . . . . . . . . . . . 125 R. Naveenkumar, N. M. Sivamangai, A. Napolean, and S. Sridevi Sathyapriya

vii

viii

Contents

Biometric-Based Key Generation Using AES Algorithm for Real-Time Security Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 S. Sridevi Sathya Priya, N. M. Sivamangai, R. Naveenkumar, A. Napolean, and G. Saranya Financial Cryptography and Its Application in Blockchain . . . . . . . . . . . . 181 V. Sathya, Sridhar Chandrasekaran, and Govindasamy Madhaiyan Algorithmic Strategies for Solving Complex Problems in Financial Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Vani Rajasekar, K. Venu, Vandana Sharma, and Muzafer Saracevic Various Attacks on the Implementation of Cryptographic Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 P. Kanaga Priya, R. Sivaranjani, K. Thangaraj, and Naif Alsharabi A Survey on Private Keyword Sorting and Searching Homomorphic Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 S. Nithya, V. Seethalakshmi, G. Vetrichelvi, M. Siva Sangari, and Gokul Basavaraj Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate the Outliers Using Homomorphic Encryption Scheme . . . . . 277 M. Janani, R. Jeevitha, R. Jaikumar, R. Suganthi, and S. Jhansi Ida

Introduction to Homomorphic Encryption for Financial Cryptography Rajesh Kumar Dhanaraj, S. Suganyadevi, V. Seethalakshmi, and Mariya Ouaissa

Abstract A revolution in data cooperation is promised by privacy-enhancing technologies (PETs), which allow for the exchange of more data than ever before without requiring mutual confidence. Access to more data is required in light of the rising datadriven economy and in order to fully realize the promise of AI and machine learning in particular. The privacy-utility tradeoff, sometimes known as the gap between data protection and value (or the need to share), is something that PETs aim to close. PETs make it possible to collaborate and share data securely in whole new ways. Homomorphic encryption is transitioning from Research and Development to mainstream applications, along with federated learning, differential privacy, secure multiparty computing, secure enclaves, zero-knowledge proof, and synthetic data. With the aid of these new technologies, it is now possible to access data assets that are typically kept inaccessible in silos and provide major commercial results. Particularly impacted by homomorphic encryption are highly regulated areas like banking and medical research. To create and support the new processes, a completely new service ecosystem is emerging. Due to well-publicized data breaches, customers have begun to demand more privacy and security protection, which PETs may provide. The use of privacy as a business opportunity gives products and services that build on PETs to protect consumer privacy an early-adopter advantage over conventional methods. However, PETs, their particular use cases, and legal analysis are complicated. A homomorphic encryption is summarized in this chapter. R. K. Dhanaraj Symbiosis Institute of Computer Studies and Research (SICSR), Symbiosis International (Deemed University), Pune, India S. Suganyadevi (B) · V. Seethalakshmi Department of Electronics and Communication Engineering, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] V. Seethalakshmi e-mail: [email protected] M. Ouaissa Institute Specializing in New Information and Communication Technologies, Moulay Ismail University, Meknes, Morocco e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_1

1

2

R. K. Dhanaraj et al.

Keywords Homomorphic encryption · Privacy-enhancing technologies · Financial cryptography · Privacy

1 Introduction Bypassing the necessity to initially decode the data, homomorphic encryption enables calculations to be performed on ciphertext. Homomorphic encryption was first studied by Rivest, Adleman, and Dertouzos in the 1970s. They hypothesized that it would be feasible to design encryption methods that let calculations to be done directly on the ciphertext [1]. The year 2009 saw the invention of the first completely homomorphic encryption method by IBM researcher Craig Gentry. The ciphertext may be subjected to any calculations with Gentry’s system, which is based on a mix of lattice-based and multilinear maps. This was a significant advance over earlier homomorphic encryption techniques, which only permitted a small number of calculations to be done on the ciphertext [2]. Many more advancements in the realm of homomorphic encryption have been made since Gentry’s work, including the identification of partly homomorphic encryption systems and the creation of fresh homomorphic encryption algorithms. RSA, ElGamal, and Paillier are a few of the well-liked partly homomorphic encryption schemes [3]. Although research on homomorphic encryption is ongoing, it is widely believed to be computationally demanding and not yet suitable for usage, particularly for large-scale calculations. However, future technological developments like cloud computing, quantum computing, and hardware optimization may make it more useful. In other words, homomorphic encryption permits computations on encrypted information without the need for data decryption initially. For instance, a databank may be able to respond to a request even while the data itself cannot be accessible [4]. On the ciphertext, calculations or analyses are performed (encrypted data). The original data, often known as plaintext or clear text data, is not disclosed. The computation’s output is also encrypted, and thus, it must be decrypted (converted back to plaintext) in order to reveal the findings. By doing so, homomorphic encryption adds a third level of security for data when it is worked with to the crucial data protection practices of safeguarding data, while it is stored (protection of data at rest), when it is transferred (protection of data in transit), and so on (protection of data in use) [5]. Data is transformed into ciphertext via homomorphic encryption so that it may be examined and used just like it would if it were still in its original format. Complex mathematical processes may be carried out on encrypted data without breaking the encryption thanks to homomorphic encryption. In other words, homomorphic encryption is a cryptographic technique that enables applications to work with encrypted data rather than the data’s original form [6]. In mathematics, the translation of one set of data into another while preserving the link between the components in both sets is referred to as being “homomorphic.” A

Introduction to Homomorphic Encryption for Financial Cryptography Data

Public Key

3

Encrypted Data Encrypted Computation (Public Evaluation Key)

Decrypted Results

Secret Key

Encrypted Data

Encrypted Results

Fig. 1 Block diagram of homomorphic encryption. Source https://dualitytech.com/how-to-usehomomorphic-encryption-in-the-real-world/

Greek term for the same structure is where the phrase originated. Similar mathematical operations can give equal results when they passed for encryption and decryption of data since a homomorphic encrypt technique preserves the structure of the data [7]. Since homomorphic encryption enables direct mathematical operations on the encrypted data, it varies from conventional encryption techniques and can increase the security of third parties handling of user data. In order to produce an encode technique, which permits of endless number of modifications to encryption of data, homomorphic encryption was developed [8] (Fig. 1). For homomorphic encryption to operate on encrypted data mathematically, there must be a connection between the plaintext and ciphertext. Plaintext is freely accessible text, whereas an encryption technique transforms plaintext into ciphertext, which is then encrypted. In homomorphic encryption, for instance, a pair of ciphertexts should be multiplied, or it can be added to give an identical outcomes, when a pair of plaintext is encrypted. It can be accomplished via homomorphic encryption to conceal it from onlookers [6]. Nowadays, more extensively a large amount of studies are carried out in the area of homomorphic encryption. Some of the important study fields are as follows: 1. Fully Homomorphic Encryption (FHE): Experts have been striving to create fully homomorphic encryption techniques that enable the ciphertext to be subjected to arbitrary computations. The completely homomorphic encryption system presented by Craig Gentry in 2009 is among the most well-known instances of this. 2. Partially Homomorphic Encryption (PHE): Additionally, scientists have been researching on partly homomorphic encryption techniques, which can only carry out a small number of calculations on the ciphertext. ElGamal, Paillier, and RSA are some examples of this. 3. Enhancing Homomorphic Encryption: To make homomorphic encryption techniques more effective and useful for use in financial encryption, researchers have been attempting to improve them. This encompasses the application of strategies like homomorphic hashing and homomorphic secret sharing.

4

R. K. Dhanaraj et al.

4. Uses of Homomorphic: The development of particular homomorphic encryption applications for financial encryption, including secure online banking and electronic payments, has been a focus of research. 5. Comparison of Homomorphic Encryption Schemes: Researchers have been comparing the various homomorphic encryption algorithms to decide which is optimal for certain use cases [5].

2 Types of Homomorphic Encryption It is challenging to make encrypted data capable of an unlimited amount of additions or multiplications. According on how it is created, homomorphic encryption may be classified into several forms of encryption. When two ciphertexts are added together, the outcome is identical to the encrypted with the pair of plaintexts. This method is additively known as homomorphic encryption. Similarly, if a method is multiplicatively homomorphic, increasing the multiplicative product in plaintext to the power present in the secret key is identical to pairing of encrypted ciphertext with the identical key. Moreover, being additive or multiplicative, homomorphic encryption can also be somewhat, moderately, or completely homomorphic: • Partially homomorphic encryption: The ciphertext can be subjected to a specific procedure an unlimited number of times. These encryption techniques are rather simple to create. • Somewhat homomorphic encryption: Instead of an unlimited number of one operation, only a certain number of addition or multiplication operations are permitted. A homomorphic encrypted device can do a specific number of functions, and it is more challenging in order to create than one that can do a single operation indefinitely. • Fully homomorphic encryption: For ciphertexts, an endless amount of additions or multiplications are possible. On encrypted inputs, programmes of any capability can be run to create an encrypted output (Fig. 2). Homographic encryption

Partially Homographic Encryption

Somewhat Homomorphic

Fig. 2 Types of homomorphic encryption

Encryption

Fully Homomorphic encryption

Introduction to Homomorphic Encryption for Financial Cryptography

5

3 Need for Financial Cryptography Financial cryptography is the branch of cryptography that deals with the secure processing and transfer of financial information, such as transactions and account information. The need for financial cryptography arises from the need to ensure the security, privacy, and integrity of financial transactions in an increasingly digital world [9]. Some of the key reasons for the need for financial cryptography include: • Protection of sensitive financial data: Financial transactions involve the transfer of sensitive information, such as account numbers, balances, and personal information. Financial cryptography aims to protect this information from unauthorized access and use, such as by hackers or other malicious actors. • Facilitation of secure online transactions: The growth of online banking, electronic payments, and other digital financial services has increased the need for secure methods of transmitting and processing financial information. Financial cryptography can help to ensure the security of these transactions by encrypting the data and verifying the identities of the parties involved. • Compliance with regulatory requirements: Financial institutions are subject to a variety of regulations and laws that aim to protect consumers and prevent fraud. Financial cryptography can help these institutions to comply with these requirements by providing secure methods of processing and storing financial information. • Development of new financial technologies: The rise of new financial technologies, such as blockchain and cryptocurrencies, has created new challenges and opportunities for the financial industry. Financial cryptography can help to ensure the security and privacy of these new technologies by providing secure methods of processing and storing financial information. Overall, financial cryptography plays an important role for maintaining the security and integrity between financial transactions in the digital age, and it will continue to be an important area of research and development in the future [10].

4 Homomorphic Encryption for Financial Cryptography Homomorphic encryption performs an encryption that permits computations to be conducted on ciphertext. Meanwhile, first decrypted data is not needed. This can be useful in financial cryptography, as it allows sensitive financial data to be processed without the need to decrypt it first, which could potentially expose it to unauthorized parties. Homomorphic encryption can be used to enable secure financial transactions, such as online banking, electronic payments, and more. Some of the benefits of homomorphic encryption for financial cryptography are [11]: • It can help to protect sensitive financial data from unauthorized access, such as by hackers or other malicious actors.

6

R. K. Dhanaraj et al.

• It can enable secure online transactions, such as online banking and electronic payments, without the need to decrypt the data first. • It can help to ensure the privacy and confidentiality of financial transactions, by allowing calculations to be executed on encryption of data, by not revealing of underlying plaintext. Homomorphic encryption can also facilitate the development of secure financial platforms and applications. Homomorphic encryption is said to be a blooming area of research, various types of homomorphic encryption schemes have been proposed in recent years. However, they are generally considered to be computationally intensive and not yet ready for practical use.

5 Applications of Homomorphic Encryption Homomorphic encryption may be crucial under cloud computing, allowing businesses in order to keep encoded data on a public cloud for the use in logical capabilities of the cloud provider. At the moment, it could be difficult for businesses to safely eliminate the data storage, processing of data, or interpret to a third-party cloud environment. Although homomorphic encryption allows for the outsourcing of data processing or interpretations of third party that does not having a rely on the company’s data security. Sensitive data may be delivered and examined, while still being encrypted since the original material cannot be read without the proper decryption key. In sectors including health care, finance, and IT, this may be utilized to protect client privacy [12]. Regulatory compliance can also benefit from homomorphic encryption. For instance, it can assist businesses outside of the European Union (EU) in complying under the standards of the General Data Protection Regulation (GDPR). GDPR mandates that EU information be kept inside the EU or between the nations that has comparable data security requirements, although encrypted data is exempt from these regulations. Organizations may defend themselves against hackers targeting their supply chain by using homomorphic encryption. A compromise at another third party cannot able to stop the supply chain of organization, if data given to them is encrypted and remains encrypted. Some businesses, like Meta (previously referred to as Facebook), sell user’s information, outside parties for achieving specialized advertising in certain sites. Homomorphic encryption, however, authorizes Meta to analyse a person’s data by not accessing into the original data. It may deliver a large amount of individualized, targeted advertising [13].

Introduction to Homomorphic Encryption for Financial Cryptography

7

6 Emerging Techniques of Homomorphic Encryption While ciphertexts must exist accurately, added or multiplied by unlimited quality of times, homomorphic encryption was still too slow to be of any value in real-world applications. Over a million times slower than similar processes in plaintext is fully homomorphic encryption. Craig Gentry, a student at Stanford University, released his thesis article titled namely “A Fully Homomorphic Encryption Scheme” in September 2009. Although homomorphic encryption algorithms are theoretically sound, they are too slow to be practical, according to the paper that introduced the first conceivable technique [14]. By reducing the computational cost required for homomorphic encryption, companies like IBM and Microsoft were presently working under encryption format. Microsoft published SEAL, an open source homomorphic encryption library, in 2018. It is cross-platform software but may also be run on Azure. A homomorphic encryption implementation using the open-source HElib C++ library was made available by IBM in 2018. Although it was still 1 million times lagging than the operations of plaintext, it is under over 2 million times quicker than IBM’s initial version. This version of HElib would require 11–12 days to accomplish an operation, so that would take a plaintext operation for about one second. Herewith the encryption format still needs a lot more improvement before it is useful. Further homomorphic encryption standardization might facilitate technique consistency and facilitate process simplification. However, due to its inefficiency and replacement by more modern options, homomorphic encryption may never reach its full potential [12].

7 Financial Cryptography The cost-saving, mobility, time-to-market, and scalability features of cloud computing have made it a potential solution in the financial sector. There have recently been commercial cloud-based software products and studies that involve financial services moving from desktop models to cloud infrastructure. A popular model for many business applications, software as a service (SaaS), defines a new style of delivering the software in cloud environment. In the SaaS model, service providers deploy user personal data and maintain or use it to assess the value and risk of derivatives. We employ data encryption mechanisms to uphold data privacy when the data are transferred between services. However, since the service can only perform calculations on plain data, it is necessary to decrypt the encoded data in order to protect the confidentiality of information stored in the cloud. Service providers who lack integrity run the risk of leaking user data. For instance, they might distribute or sell the data to the rivals. As a result, worries about the confidentiality of the data have grown. Designing strategies that remain efficient without compromising privacy is required to stop malicious service providers from distributing users’ personal data [10–12]. The homomorphic encryption mechanism enables a limited set of computations on

8

R. K. Dhanaraj et al.

the ciphertext and produces an encoded data that, while decrypting is identical to the outcome of functions that carried out at the plaintext. It enables cloud services to work with encrypted data without knowing the original plaintext, in other words. It has been used to support basic aggregations, perform mathematical computations on encrypted data, and retrieve private information. The multiplicative encryption scheme and the additive encryption scheme are two types of homomorphism that are included in homomorphic encryption. Primarily the complete homomorphic encryption technique has been carried out under by Gentry in the time of 2009. A completely homomorphic encryption strategy is one that makes it possible to acquire encoded bits of a. Except the need of the secret key derived from ciphertexts E(a) and E(b) encrypted bits a and b. This obviously enables the public evaluation of specific Boolean design, the input given for encryptions. Over the past few years, study on this potent primitive has increased [11]. The noise in a ciphertext increases with each homomorphic operation. When a plaintext bit is freshly encrypted and has not yet been altered, the noise is minimal. Operations of homomorphic addition together with multiplication, or addition along with multiplication in accordance to binary field, can (and are frequently) be used to express homomorphic operations like those mentioned above. Both increase ciphertext noise, causing the noise in the final encryption to be farther up than the noise available inside the individual input ciphertexts. Specifically, the term noise is markedly increased by homomorphic multiplication. Previously mentioned noise holds out a maximum size, following by a predetermined number of such homomorphic calculations, at which point no more homomorphic functions may able to act and performed aside from the jeopardizing the integrity in appropriate encrypted system. For further homomorphic actions to be possible, the ciphertext must now be publicly updated. Bootstrapping, a method of refreshing, is very expensive. Because of this, only a small number of fully homomorphic encryption functions has been fully carried out, so the outcomes were preferably subpar. Although, the real-world operations do not certainly have to handle any given input circuit design. To prevent this noise buildup, levelled homomorphic encryption techniques were created. With this approach, noise present in the circuit changes linearly when the multiplicative depth of the given circuit is measured. As a result, one may adjust the method’s parameters for a particular circuit of an appropriate depth in order to homomorphically assess the circuit in a timely manner [12]. The modulus switching method is used by the levelled homomorphic encryption algorithm known as BGV. The usage of larger plaintext spaces is also made possible by this system and the other existing ring-based homomorphic encryption techniques, in which the bits were interchanged by polynomials among with coefficients modulo and a plaintext modulus that may be unlike from two. It is feasible to encrypt more data in a single ciphertext thanks to these plaintext spaces. In 2012, Brakerski presented the idea about the scale-invariance to the tierbased homomorphic encryption algorithms. As opposed to a system that swaps the modulus, ciphertexts proposed to the scale-invariant scheme holds on to the same modulus during the whole homomorphic progress. Additionally, a particular copy of the scale-invariant estimation key needs to be kept [13].

Introduction to Homomorphic Encryption for Financial Cryptography

9

8 Sending Data to the Cloud More than one client interacts within the cloud services in typical real-world settings for employing fully homomorphic encryption with cloud applications. They upload data that has been encrypted using an FHE scheme using a particular user’s public key. This data could be homomorphically processed in the cloud, and the end result will be encrypted. Unfortunately, current FHE schemes have prohibitive ciphertext extension (i.e., the ciphertext size should be divided by the plaintext size) (thousands to millions). The required bandwidth can be reduced by combining several plaintexts into a single ciphertext. In network communication, for instance, it would be reduced to about 280 GB. Until now, it will be wholly unworkable, though. Send the data instead encrypted with a block cypher to get around this problem (in particular AES). The user’s public key and the FHE scheme are then used by the cloud service to encrypt the ciphertexts, which are then homomorphically decrypted before being processed. The network communication was therefore limited to the size of the data (that will be ideal) and also added an expensive initial setup that entails the transmitting FHE public key, also an FHE encryption between the block cypher secret key. Typically, a block cypher decryption must be evaluated homomorphically using two distinct homomorphic schemes. Multiple independent AES decryption operations could be carried out in parallel thanks to batching [14]. The AES circuit has been selected as the standard circuit design to estimate, since it is not simple and contains an algebraic arrangement that is consistent along the plaintext interval of multiple homomorphic encryption methods. Even so, other cyphers conceivably more suited for homomorphic encryption analysis. The SIMON family of straightforward block cyphers was made public by the US National Security Agency in June 2013. These block cyphers were created to be very hardware-efficient, easy to use, and small. SIMON follows the conventional Feistel format, with only one AND appearing in each round. Most likely, homomorphic cryptography is a suitable fit for this extremely simple form [9].

9 Implementation of Homomorphic Encryption (Gentry’s Scheme) Gentry and Halevi implementation of the homomorphic encryption were described under this part. The method for encrypting a bit, b ϵ{0, 1}, with a public key, B, is described in this section. B is in HNF, and thus, it may be implicitly described by the two numbers d and r. Consider the noise vector u, which has the values u→ = u 0 , u 1 , u 2 . . . , u n−1 . Take into account a tiny fixed number of items in u, set one or the other at random, and set all  other entries to 0. Let the cipher text be the u + b→e = vector c→ = a→ mod B = a→ × B −1 × B and the ciphertext be a→ = 2→ 2u 0 + b, 2u 1 , . . . , 2u n−1 . In this case, B has the following form:

10

R. K. Dhanaraj et al.

⎡

d ⎢ −r ⎢   ⎢ ⎢ − r2 d B = ⎢  3 ⎢ −r d ⎢ ⎣  ...  − r n−1 d

0 1 0 0 ... 0

0 0 1 0 ... 0

0 0 0 1 ... 0

... ... ... ... ... ...

⎤ 0 0 ⎥ ⎥ ⎥ 0 ⎥ ⎥ 0 ⎥ ⎥ ...⎦ 0

B−1 is of the following form: ⎡

B −1

1 ⎢ r ⎢   1⎢ ⎢ r2 d = ⎢  3 d⎢ r d ⎢ ⎣ ...  n−1  d r

0 d 0 0 ... 0

0 0 d 0 ... 0

0 0 0 d ... 0

... ... ... ... ... ...

⎤ 0 0 ⎥ ⎥ ⎥ 0 ⎥ ⎥ 0 ⎥ ⎥ ...⎦ d

Let us examine the single integer representation of the function c→. Let us

n−1 i show the integer polynomial a(x) = → = i=0 ai x and the corresponding a a0 , a1 , a2 . . . , an−1 .   c→ = c→ × B −1 × B

  s , a1 , . . . , an × B = d With s =

n−1 i=0

  ai x i d, the equation becomes:  s    , [a1 ], . . . , an−1 × B   d [a(r )]d , 0, . . . , 0 × B = d = [a(r )]d , 0, . . . , 0

c→ =

It is

clear that this vector can be represented by the integer c = [a(r )]d = n−1 u i r i ]d. [b + 2 i=0

10 Decryption The method for decrypting an encrypted vector c→ = c, 0, . . . , 0 is described in  this section. a→ = c→ mod V = c→ × V −1 × V is used in the decryption process. u + b→e, the bit that was encrypted may Using exploiting the knowledge that a→ = 2→ be retrieved by c→. Here, V is of the form [10]:

Introduction to Homomorphic Encryption for Financial Cryptography

⎡

v0 v1 ⎢ −v v ⎢ n−1 0 ⎢ V = ⎢ −vn−2 −vn−1 ⎢ ⎣ ... ... −v1 −v2

v2 v1 v1 ... −v3

... ... ... ... ...

11

⎤ vn−1 vn−2 ⎥ ⎥ ⎥ vn−3 ⎥ ⎥ ... ⎦ v0

The inverse of V is given by V − 1 = d1 W ⎡

w0 w1 ⎢ −w w ⎢ n−1 0 ⎢ W = ⎢ −wn−2 −wn−1 ⎢ ⎣ ... ... −w1 −w2

w2 w1 w0 ... −w3

... ... ... ... ...

⎤ wn−1 wn−2 ⎥ ⎥ ⎥ wn−3 ⎥ ⎥ ... ⎦ w0

Therefore, a→ = c→ mod V   W a→ = c→ × ×V d For decrypting the value of, we have to keep only one of the odd data wi of W and retake the bit by locating b = [cwi ]d(mod 2).

11 Key Generation This explains how to create a private key that is implicitly represented by one odd entry wi of the matrix W and a public key that is implicitly represented by the numbers d and r. We must first build an ideal lattice at random in the ring R = Z[x]/( f n (x)) where f n (x) = xn + 1 in order to do this. For the key generation, there are two parameters [14]: • The lattice’s n-dimensional dimension. • The coefficients of v→ and s with bits size t are selected from the range − 2t −1 ≤ vi < 2t −1 .

12 Conclusion Data security in businesses has the potential to change thanks to homomorphic encryption. Homomorphic encryption is progressing towards becoming a future industry standard for data cooperation, despite performance gaps at scale and usability issues. Additionally, homomorphic encryption represents a quantum-safe cryptography leap into the future. In general, effective key management and crypto

12

R. K. Dhanaraj et al.

agility are viewed as crucial pillars for expanding the use of homomorphic encryption in enterprises. The following stages will be to increase resilience, boost hardwaresupported performance, and establish clear standards for improved regulatory adaptation and interoperability. Although the absence of uniformity in the legislation enabling the deployment of new PETs makes it difficult to assess the legal perspective at the moment, the legal framework will ultimately need to catch up to provide legal certainty.

References 1. Brakerski, Z. (2012). Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds) Advances in Cryptology – CRYPTO 2012. CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32009-5_50 2. Fan, J., & Vercauteren, F. (2012). Somewhat Practical Fully Homomorphic Encryption. IACR Cryptology ePrint Archive, 2012, 144. 3. Cheon, J. H., Kim, A., Kim, M., & Song, Y. (2017, December). Homomorphic encryption for arithmetic of approximate numbers. In International Conference on the Theory and Application of Cryptology and Information Security (pp. 409–437). Springer, Cham. 4. Gentry, C., & Boneh, D. (2009). A fully homomorphic encryption scheme (Vol. 20, No. 09). Stanford: Stanford University. 5. Brakerski, Z., Gentry, C., & Vaikuntanathan, V. (2014). (Leveled) fully homomorphic encryption without bootstrapping. ACM Transactions on Computation Theory (TOCT), 6(3), 13. 6. Smart, N. P., & Vercauteren, F. (2014). Fully homomorphic SIMD operations. Designs, codes and cryptography, 71(1), 57–81. 7. Albrecht, M.; Chase, M.; Chen, H.; Ding, J.; Goldwasser, S.; Gorbunov, S.; Hoffstein, J.; Lauter, K.; Lokam, S.; Micciancio, D.; Moody, D.; Morrison, T.; Sahai, A.; and Vaikuntanathan, V. 2018. Homomorphic encryption security standard. Technical report, HomomorphicEncryption.org, Cambridge MA. 8. Gentry, Craig, Shai Halevi, and Nigel P. Smart. “Fully homomorphic encryption with polylog overhead.” Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2012. 9. https://www.cl.cam.ac.uk/~ms705/projects/dissertations/2011-vd241-ihe.pdf 10. https://luca-giuzzi.unibs.it/corsi/Support/papers-cryptography/RAD78.pdf 11. https://eprint.iacr.org/2014/062.pdf 12. Craig Gentry. Fully homomorphic encryption using ideal lattices. In Michael Mitzenmacher, editor, STOC, pages 169–178. ACM, 2009. 13. Craig Gentry and Shai Halevi. Implementing Gentry’s fully-homomorphic encryption scheme. In Kenneth G. Paterson, editor, EUROCRYPT, volume 6632 of LNCS, pages 129–148. Springer, 2011. 14. Craig Gentry, Shai Halevi, and Nigel P. Smart. Homomorphic evaluation of the AES circuit. In Reihaneh Safavi-Naini and Ran Canetti, editors, CRYPTO, volume 7417 of LNCS, pages 850– 867. Springer, 2012.

A Survey on Homomorphic Encryption for Financial Cryptography Workout M. Siva Sangari, K. Balasamy, Habib Hamam, S. Nithya, and S. Surya

Abstract The use of cloud computing has grown in popularity recently all around the world. A new paradigm for information processing and storage is introduced by cloud computing. A scalable, effective, and enormous collection of computer networks make up the cloud. A public, private or hybrid infrastructure could make up the cloud. While private clouds are held by businesses or people and can be either on-premises or external, public clouds maintained and functioned by a third party. Hybrid clouds are a mix of private and public clouds. Reduced cost is one benefit of using the cloud; for users, this is particularly advantageous for infrastructure and labour costs. In contrast to traditional computing, installation and maintenance costs are cut because customers do not set up the infrastructure. Additionally, the cost of technological advancement has been greatly reduced, as have ongoing costs. Additionally, cloud computing provides a huge amount of storage. The technology’s user-friendliness, robustness, scalability, and efficiency are further benefits. Although using this current technology has many advantages, there is some worry regarding the security of data while it is being processed. With a homomorphic encryption system, calculations performed on the ciphertexts provide the same results as those performed on the plaintexts. This chapter examines the homomorphic encryption (HME) concept along with reviews, applications, and potential future obstacles. M. Siva Sangari (B) Department of Computer Science and Business Systems, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] K. Balasamy Department of AI and DS, Bannari Amman Institute of Technology, Erode, India H. Hamam Faculty of Engineering, Universite de Moncton, Moncton, NB 1A3E9, Canada e-mail: [email protected] S. Nithya Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] S. Surya Department of Artificial Intelligence and Data Science, Saveetha Engineering College, Chennai, India © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_2

13

14

M. Siva Sangari et al.

Keywords Homomorphic encryption · Ciphertext · Secret key · Cloud computing

1 Introduction An unparalleled global driver of change, privacy has emerged. Never before has there been such a high demand for privacy, and as a result, fundamental organizational changes are being driven by it. Policy plays a role in some of that movement: Globally, privacy rules are regarded favourably, and 79% of firms say they have a positive impact, according to Cisco’s 2021 Data Privacy Benchmark Study [1–3]. Another factor influencing the importance of privacy is consumer behaviour. In fact, 90% of those polled in that same survey claimed that if they are unclear about their data policies and protection, customers will not buy from them. These general tendencies are supported by other research in certain regulation-heavy areas like financial services. According to Accenture’s 2020 Privacy, 70% was regarded as a major significant concern for financial firms by 70% of respondents [4]. For businesses with private and public sectors, the skill to do complicated calculation on encrypted data promise a new level of privacy and data security. For this modern cryptography is now used in many digital devices, systems and components [5, 6]. Cryptography is an essential technique for preserving data security and privacy. The requirement to decode secret information in order to process and analyse it, however, is one of the primary downsides of cryptography, especially well-known public key encryption (PKE) [7, 8]. Organizations deal along sensitive data pertaining to personal identifiable and financial information’s, that needs to be secured both when it is kept (data at rest) and when it is transferred (data in transit). Without the development of quantum computing, modern encryption methods are practically impregnable because doing so would need an exorbitant amount of processing power. In other words, breaking them would be too costly and time-consuming. Data encryption has the drawback that eventually it must be decrypted. Furthermore, decrypting data exposes it to hacker attack. Using a secret key, cloud files can be retained by scrambling cryptographically, but whenever want to work with them, they become useless.

Homomorphic Encryption Because cybercrime is on the rise these days, security is a top priority. Today, maintaining the security of data requires a secure public environment. Although there are numerous private settings available, keeping data in them can be more expensive than keeping it in a public place. Thus, it is handy for everyone to keep their data on the Internet or in a public cloud. Available encryption techniques range widely which help to build a secure environment. Homomorphic encryption creates a safe environment in which operations on already-encrypted data can be performed with the same

A Survey on Homomorphic Encryption for Financial Cryptography …

15

success as on the original data. This chapter describes several homomorphic encryption algorithms that leverage this methodology. To enable computation on encrypted data, homomorphic encryption was created. As a result, information can stay private while being processed, allowing for the completion of useful activities using information from unreliable environments. In the context of computation and distributed heterogeneous networking, this capability is extremely beneficial. It should unlock the data and leave it exposed in order to perform any file-related actions, such as modifying a word document or getting access to any financial database. A recent innovation in cryptography known as homomorphic encryption could alter that [9]. Similar to other types of public encryption, a homomorphic cryptosystem encrypts data using a public key and restricts access to its decrypted contents to those who have the corresponding matching private key. Its use of an algebraic system, which enables others to carry the computations on the data encrypted, distinguishes it from other types of encryption. Since homomorphic encryption preserves the structure of the data, the same mathematical operations can be carried out on both encrypted and decrypted data. The majority of homomorphic encryption methods actually work the best when data is depicted as an integer and adding and multiplying are used as the operations [1]. This indicates that without really needed to be decrypted, material can be altered and examined as though it were in unencrypted format [2]. Only the sender could decrypt the ciphertext and comprehend, even while others can compute and evaluate the encrypted data to produce the resultant answer. Like other safe computation algorithms, homomorphic encryption relies on addition and multiplication-focused arithmetic functions rather than Boolean functions [6]. Homomorphic Encryption (HE) system is referred as HE = {Key Generation, Encryption, Decryption, Evaluation} 1. Generating Keys: For encrypting a text, the client should generate a public key pk and a secret key sk . 2. Encrypting Data: With generated secret key (sk ) user encrypt Plain Text (PT) to create Esk (PT), and send this Cypher Text (CT) to the server along with a public key pk . 3. Evaluating Data: The function f is used for evaluating CT and execute this function using pk to get Eval ( f (PT)). 4. Decryption: The client will use its sk to decode the generated Eval ( f (PT)) and obtain the original result.

2 Homomorphic Encryption Types and Properties Partial Homomorphic Encryption (PHE) Values using Partial HE can subject to a limited number of mathematical operations. Either additive property or multiplicative property can be applied on the ciphertext for multiple times. Secure Socket Layer (SSL)/Transport Layer Security (TLS)

16

M. Siva Sangari et al.

connections are usually established using Rivest–Shamir–Adleman RSA encryption, which is based on PHE with multiplicative operations. A method known as slightly homomorphic encryption (SHE) permits just a small number of operations (either additive or multiplicative function) to a specific degree of complexity.

Full Homomorphic Encryption (FHE) Full HE supports privacy preservation while enabling functionality. The safe multiparty computing efficiency is increased by the FHE scheme, which was created from the SHE scheme and supports limitless addition and multiplication operations. Other homomorphic encryption methods cannot handle any computations on the ciphertexts, but this one can.

Properties of Homomorphic Encryption Homomorphic encryption depict the Additive and Multiplicative properties. i. Additive Homomorphic Encryption: Additive property is satisfied, based on the following property [9] Ek(Pl1 ⊕ Pl2) = Ek(Pl1) ⊕ Ek(Pl2)

(1)

The identities of Homomorphic Encryption’s additive property are: • The product of two cipher texts will decrypt to the sum of their corresponding plaintexts [9], D(E(n1, s1) · E(n2, s2) mod k2) = n1 + n2 mod k

(2)

• The product of a cipher text with a plaintext raising g will decrypt to the sum of the corresponding plaintexts [9], D(E(n1, s1) · gn2 mod m2) = n1 + n2 mod m

(3)

The homomorphic properties are the remarkable feature of the Pallier cryptosystem. The scheme is illustrated in Fig. 1. If CT1, CT2 are two ciphers then [10], CT1 = gm1x1 n mod n2

(4)

CT2 = gm2x2 n mod n2

(5)

A Survey on Homomorphic Encryption for Financial Cryptography …

17

1. Generation of keys: If x=ab, then find RSA modulus Assume λ =lcm(a-1,b-1) Apply g p Z/x2 Z s,t,x|or dx2(g) Generate public-key: (x,g),secret key: λ,µ 2. Encryption: Let m € { 0,1….x-1}, a message If h € R Z/x Z then p=gmhx mod x2, a cipher text 3. Decryption: m=L(p2 mod x2)L(g2 mod x2)-1 mod x

Fig. 1 Additive homomorphic encryption

CT1 · CT2 = (gm1x1 n · gm2x2 n) mod n2

(6)

Additive: gm1 + m2(x1x2) n mod n2. ii. Multiplicative Homomorphic Encryption: Homomorphic encryption is multiplicative [10], if (Fig. 2) Ek(Pl1 ⊗ Pl2) = Ek(Pl1) ⊗ Ek(Pl2)

1.Key Generation Step 1: Using two large primes-a,b, client has to generate their own a public /private key pair Step 2: compute N=a.b and ф(N) = (a-1)(b-1) Step 3: selecting the encryption key e randomly where, 1 Plaintext m

Shifting Levels Rescale(Cipertext c)->Ciphertext c’ SwitchKey(Augmented Ciphertext c)-> Ciphertext c’

Homomorphic Property Add(Ciphertext c1,Ciphertext c2)->Ciphertext csum Mul(Ciphertext c1,Ciphertext c2)->Ciphertext cmul

3 Algorithms Specific to Homomorphic Encryption This section presents the different homomorphic encryption techniques, including the Brakerski–Gentry–Vaikuntanathan (BGV), Algebra Homomorphic Encryption scheme based on updated ElGamal (AHEE) and Non-interactive Exponential-based Homomorphic Encryption algorithm (NEHE).

BGV Encryption Scheme BGV can implement in two forms of crypting: those with integer vectors, and the other using polynomial integers, in which security depends on decisional Ring-LWE (R-LWE). Bits can be encrypted using the asymmetric encryption method known as BGV as shown in Fig. 3.

Gorti’s Enhanced Homomorphic Cryptosystem (EHC) The EHC focuses on secured homomorphic encrypt and decrypt standards. This kind of homomorphic encryption has a lot of real-world uses. The fundamental idea behind homomorphic encryption is that the computer will do calculations on alreadyencrypted material without being aware of its true value. Finally, a decrypted version is an encrypted message. If applied to real data, this decrypted output must match the calculated value that was intended. Because of this, the encryption technique must offer a specific structure [9] as shown in Fig. 4.

A Survey on Homomorphic Encryption for Financial Cryptography …

19

identify’r’ and ‘s’ as any two large prime numbers Find n=r*s identify a random number ’x’ create Secret values using x,t,n Shared key:r

Encryption Encrypt(X,n,r,s,x) Assume X € Zr Compute Y=(X + x*rs) (mod n) Output Y € Zc

Decryption Decrypt(Y,r) input Y € Zc compute X=Y mod p output X € Zr

Fig. 4 Gorti’s enhanced homomorphic cryptosystem

Algebra Homomorphic Encryption Scheme Based on Updated ElGamal (AHEE) This algorithm’s additive homomorphism employs the same key for encryption but a random value for k in E1(), make AHEE resistant to attack on the given text. The completely homomorphism is a subset of the AHEE. The security of AHEE has been established. Complete Homomorphic encryption scheme is given in Fig. 5.

Step 1: identify two prime numbers, lets say x,y Step 2: estimate the two prime number’s product, say N=x*y, where x and y as secret and N as public Step 3: identify a random number z and a root g of GF(x) where g and z are less than x Step 4: Now find y=gz mod x , use this y for encryption Step 5: encryption steps 1. Find the random integer number r and apply E(M)=(M+r*x)mod N 2. Find random integer number k, and apply Eg(M)=(a,b)=(gk mod x,yk E(M) mod x) Step 6: Decrypt using Dg() is M=b z(az)-1 (mod x).

Fig. 5 Algebra homomorphic encryption scheme

20

M. Siva Sangari et al.

4 Financial Cryptography Framework When there is a possibility of financial loss due to message system subversion, financial cryptography is used. Traditionally, classical encryption has been employed largely for military and diplomatic objectives for most of the recorded history, in contrast to financial cryptography. The techniques and formulae required for both the invention of new money types and the security of financial transfers are included in financial cryptography. Financial cryptography includes proof of work and numerous auction strategies. Spam is being restricted by using hash cash. It has been demonstrated that financial cryptography has a fairly broad range of applications. According to Ian Grigg, financial cryptography has seven layers cryptography, governance, value and financial applications, software engineering, rights, accounting. The absence of one or more of these disciplines or their improper use is frequently linked to business failures. This considers financial cryptography to be a subject that crosses multiple disciplines adequately [4]. According to certain perspectives, the area is half a decade old, but clear from the implementation that much more was involved than the early pioneers had anticipated. Financial cost Accounting and Auditing, Coding, System design Architectural style, Cryptography, Economic history, Internet, Security, banking and finance Risk, Distribution and Marketing Central Banking, and many other previously unrelated disciplines appear to be a scientific knowledge, or a art, that meet at the intersection of cryptography [11]. Problems are bound to occur at such a hectic intersection of so many diverse knowledge sets. Along with the unavoidable misunderstanding and resource loss, the point is to find technical, managerial, and marketing skills that are comfortable working in the field. The first action is to comprehend Financial Cryptography endeavours, it is usually important to aggregate disciplines of models that ease the decision-making and conversion. This chapter provides the models that introduce the topic to pave the way for additional research. In this paradigm, the words finance and cryptography are extended to as certain disciplines hidden behind the term. Also, none other among the models could fully capture the depth and intricacy of a complicated subject. The reader will be able to conceive the whole field and identify the relationships between the disciplines using the existing model without spending more time on the intricacies of each component.

The Financial Cryptography Framework Model This chapter explains about the seven layer architecture called the Open Systems Interconnect Reference Model which is famous in the networking world and is shown [12] in Fig. 6. When Finance and Cryptography are extended in this approach, five new areas of interest become apparent.

A Survey on Homomorphic Encryption for Financial Cryptography …

21

Fig. 6 Layers of financial cryptography

Key stakeholders have easy access points thanks to this model’s ability to shift from the technical to the application phase easily. Top level layer is the Finance layer, which needs mapping with the lower levels. It is the ideal place to start with application conversations at higher level. Alternately, it may begin with the lowest layer—cryptography—and develop toolkits for the lower layers from there. There are a variety of options inclusive of financial applications layer that may be reached by moving up from lower levels that get progressively more sophisticated. Here, bottom-to-top descriptive approach is chosen. Cryptography Cryptography is located at the bottom. To certain extent, cryptography simply offers mathematical solutions to issues related to encryption algorithms (confidentiality), hashes and message digests (integrity), digital signatures and hash chains (authentication). Software Engineering To properly utilize the cryptographic features, layer 2 software engineering is required. The ideas are incorporated from the database concept (atomicity, transaction integrity and recovery) integrated with network theory to provide properties like dependability and resilience of networking and nodal instability or planned unavailability of payment systems. The useful network is provided via software engineering. With the knowledge that the message will eventually reach its intended recipient may discuss in sending messages over an open network. User can verify that the information obtained by the recipient is what the addressor meant to convey before through the integrity protection layers.

22

M. Siva Sangari et al.

Rights • Because software engineering, cryptography both offer a network that can be relied on, for transmitting messages made for financial cryptographic objectives [10]. Systems based on identification, like those used by banks, are one method for doing this. These solutions generally function by providing an existing account holder with a username and password that can be used to log into their account on a website that is SSL-encrypted [13]. • Token currency that mimics consumer-used common bearer cash devices [12]. • Transaction methods for various payment systems are used to transmit personal transaction details. • Hybrid favor up bottom-up approaches more suited to support the limitations of the network. One such system is SOX, which is described in the next section [14]. The E language is based on strong capabilities notions and be used as a variation on environmental empathy. • Hardware solutions, such as smart cards [15]. Accounting The earlier tiers present certain methodologies that are reliable to be used for transferring rights or other valuables across a subpar network. To save and retain rights across time, user now need accounting procedures. Financial cryptographers may find accounting uninteresting, and occasionally been enticing to be ignored, but history has shown that system without standard skills of accounting usually lose the value that has been entrusted to them. Accounting practices include things like balance sheets, double-entry bookkeeping, accounting equation. Financial Cryptography system developers are able to build complex systems using accounting principles that assure zero loss of value. What must be considered is outlined in the Rights layer, which lies above. For instance, token money would be the simplest strategy. A token-based accounting system would require a coin storage for the client. The server would be more challenging since it would require a float account, a float database, and an account for unissued value [16]. Governance User need to expand our focus to include risks beyond the technological sphere on the digital quantities of accounting under supervision which is reliably transmitted over the internet and stored on nodes. Any technology that is in use has the risk of theft or misuse from those entrusted with system management, whether it be used for trade or monetary purchases. Governance includes these techniques: • Valued through reputable third parties. For instance, the funds supporting a dollar being deposited into a bank account, separating routine management and value creation, accounting and authentication, and marketing and systems is a power separation strategy • Ombudsmen, arbitration, mediation, litigation, and force provide all forms of dispute resolution

A Survey on Homomorphic Encryption for Financial Cryptography …

23

• The use of third parties by the protocol for value generation inside a defined system is easy • Auditing techniques which would help to permit monitoring of external assets and to measure the performance to produce the development reports. For instance, user-driven displays of the reserves kept and utilized to back currencies. Engineers strive to make their protocols self-sufficient and secure as possible; their inventiveness is seen in assigning problem-solving to lower levels. However, there exists some value that has to be protected via extra-protocol techniques; therefore this is an ideal to which can only strive. The task will be made simpler if aware on the deficiency in the technical arsenal and actively find the tools of governance. The final system design will be typically described as a compromise between lower levels and Governance. Value It may assign value to the building now that it has a foundation in place that fits both internal and exterior stability and security [17]. The unit of account, its importance, and the range of numbers that apply are all referred to as value. One of the following, for instance, might be assigned by a value from upper layer to the values of lower layers: • currency, which may be used to exchange quantities starting at 25 cents and going as high as $500 • Tradeable assets for capital-raising purposes include bonds and stocks • The reward points offered for making purchases. It could use the programme for any other purpose since it does not seem to care too much about this choice; nonetheless, the firm needs to balance the cost and security concerns. Since any value in online transaction constitutes an agreement between the transactor and the owner, may alternatively refer to this layer as the Contract layer. Create the document that formally documents the arrangement between an user and issuer. Finance The value layer, paves a foundation for financial transactions, is the last layer on top of which may be used to build our own application. Accessing current financial year can help to develop software that provides a financial framework for our works. Build any and all applications that could be immediately beneficial to users at the finance layer. For instance, retail commerce that involves purchasing items.

Financial Cloud Framework Based Homomorphic Encryption Application Data security and privacy are the consumers’ primary concerns while utilizing cloud computing services. When customers need to compute on the cloud services, they

24

M. Siva Sangari et al.

encrypt and transfer the data to the cloud using conventional encryption mechanisms. Since the service provider must decode the data in order to utilize it as input in their computational model, the substance of the data is disclosed. When processing encrypted data, privacy is maintained, which is essential if customers do not want service providers to be aware of their activities. With homomorphic encryption, computations may be performed on the ciphertext and the results are unlocked in the same way as if they had been performed on the plaintext. In this study, an open financial cloud architecture (Financial Cloud) is used with the homomorphic encryption technique to make computations on encrypted data while preserving data security all the way through. To demonstrate how adopting improved algorithms might reduce the problems caused by homomorphic encryptions, provide a real-world scenario [18]. A subsidiary of Thomas Reuters called Pricing Partners provides derivative pricing services and provides a SaaS platform with a straightforward process to value derivative portfolios. The SaaS paradigm, a fresh approach to software delivery via the cloud, is already a standard one for many corporate applications. SaaS model helps the service providers install user personal data and preserve or make use of it to assess the worth and risk of derivatives. Employ data encryption technologies to uphold data privacy while the data are transmitted between services. The service perform calculations on plain data, to make an impact on the confidentiality of the hosted data, hence it is required to decode the encrypted facts.

Security in Fully Homomorphic Encryption The security associated with the homomorphic encryption techniques always focuses on RLWE problem, a difficult mathematical problem involving lattices of highdimensional. A substantial quantity of research proves the RLWE problem’s complexity to supports our conviction on these approaches at the very least, as secure as any commonly adopted encryption solution. The majority of homomorphic encryption algorithms are now even safer than factorization algorithm-based systems like RSA, and many types of ECC, and RLWE is believed to be secured than quantum computers. Also, several submissions to the standardization initiative for post-quantum cryptography, funded by NIST, were based on hard lattice challenges.

Fully Homomorphic Encryption Applications When the encryption is fully homomorphic it has several uses, according to Craig Gentry. For instance, it enables users to submit encrypted queries to search engines, which calculate a succinct encrypted result without ever viewing the encrypted question itself. It also permits looking via encrypted data. If a user stores encryption files on a distant file server, for example, the server could only accept files that, once decrypted, meet a specific set of Boolean requirements. Furthermore, fully homomorphic encryption is more efficient for safe multi-party computing. Researchers

A Survey on Homomorphic Encryption for Financial Cryptography …

25

have already discovered a number of real-world uses for FHE, some of which are covered here: • Protection of Data in Cloud Storage. Homomorphic encryption also can be used to protect the cloud data while still enabling computation and searching for ciphered data that you can subsequently decode without compromising the authenticity of the information as a whole. • Supporting data analytics in sectors with regulations. In order to safeguard the privacy of user or patient data, homomorphic encryption allows data to be secured and exported to commercialized cloud environments for data-sharing and research. It may be used by companies and organisations across a variety of industries, such as financial services, retailing, information systems, and healthcare, to provide customers access to data without allowing them to see the unencrypted values. Examples include employing financial privacy for stock price prediction, forensic picture identification, and preserving customer privacy through customized advertising. • Increasing the security and transparency of elections. In order to increase the security and transparency of democratic elections, researchers are exploring the use of homomorphic encryption. For instance, the addition-based Paillier encryption technique is most suited for applications related to online voting since it enables users to add up different values in an objective manner while maintaining the privacy of their own values. This technique may not only shield data from alteration, but also enable authorized third parties to independently verify it.

Limitations of Fully Homomorphic Encryption There are presently two limits on FHE. The first limitation is the access by many users. Assume that several users of the same system desire to keep their personal information hidden from the supplier. For calculations, this system makes use of an internal database. As an alternative, the provider may maintain a separate database that is encrypted with the public key of each user. If the database is large enough with many users, this would quickly become impossible. There are certain limitations for homomorphically executing very long and complicated algorithm-based applications. The computation time spent on the encrypted version to that of the time spent on the plaintext is currently a considerable computational cost for all totally homomorphic encryption techniques.

Implementations of Fully Homomorphic Encryption Homomorphic encryption is being advanced by some of the biggest technological companies in the world to make it easily accessible and user-friendly. One set of encryption libraries is Microsoft’s SEAL (Simple Encrypted Arithmetic Library),

26

M. Siva Sangari et al.

which enables to compute directly on encrypted data. The data owners are never compelled to share their secret keys with anyone else, and businesses are allowed to use SEAL to build platform for data analytics utilizing still-encrypted data. Microsoft said that the objective is to “place our toolkit in every developer’s hands so we can collaborate for more.”

5 Conclusion Data security and privacy are the consumers’ primary concerns while utilizing cloud computing services. When customers need to compute on the cloud services, they encrypt and transfer the data to the cloud using conventional encryption mechanisms. Since the service provider must decode the data in order to utilize it as input in their computational model, the substance of the data is disclosed. When processing encrypted data, privacy is maintained, which is essential if customers do not want service providers to be aware of their activities. With homomorphic encryption, computations may be performed on the ciphertext and the results are unlocked in the same way as if they had been performed on the plaintext. In this study, an open financial cloud architecture (Financial Cloud) is used with the homomorphic encryption technique to make computations on encrypted data while preserving data security all the way through. To demonstrate how adopting improved algorithms might reduce the problems caused by homomorphic encryptions, provide a real-world scenario.

References 1. Lee, Hyungjick, Jim Alves-Foss, and Scott Harrison (2004). “The use of encrypted functions for mobile agent security”, Proceedings of the 37th Annual Hawaii International Conference on System Sciences, volume 9, pp. 5–8 IEEE, 2004. 2. Zvika Brakerski and Vinod Vaikuntanathan, (2011), “Efficient Fully Homomorphic Encryption from (Standard) LWEI”, IEEE Explore. 3. Arvind Arasu, Ken Eguro, Raghav Kaushik, Ravi Ramamurthy, (2013), “Querying Encrypted Data”, IEEE ICDE Conference, pp 4673–4910. 4. Ayman Mousa, Osama S. Faragallah and S. El-Rabaie, E.M. Nigm (2013), “Security Analysis of Reverse Encryption Algorithm for Databases”, International Journal of Computer Applications (0975 – 8887) Volume 66 – No. 14. 5. Nian Liu, Yajian Zhou, Xinxin Niu, Yixian Yang (2010), “Querying Encrypted Character Data in DAS Model”, International Conference on Networking and Digital Society. 6. Rivest, Ronald L., Len Adleman, and Michael L. Dertouzos (2010). “On data banks and privacy homomorphism’s.” Foundations of secure computation 4, no. 11 169–180. 7. Melchor, Carlos Aguilar, et al., (2011), “Improving Additive and Multiplicative Homomorphic Encryption Schemes Based on Worst-Case Hardness Assumptions.” IACR Cryptology ePrint Archive. 8. Paillier, Pascal. (2009), “Public-key cryptosystems based on composite degree residuosity classes.” In Advances in cryptology—EUROCRYPT’99, pp. 223–238.

A Survey on Homomorphic Encryption for Financial Cryptography …

27

9. Purushothama B R, B Amberker, “Efficient Query Processing on Outsourced Encrypted Data in Cloud with Privacy Preservation”, 2012 International Symposium on Cloud and Services Computing. 10. O Kocabas and T Soyata, (2020), “Towards Privacy Preserving Medical cloud computing using homomorphic encryption”, IGI Global. 11. Abdulatif Alabdulatif, Ibrahin Khalil and Xun Yi, (2020), “Towards secure big data analytic for cloud-enabled applications with fully homomorphic encryption”, Journal of Parallel and Distributed Computing, Volume 137. 12. Devi, Sathyalakshmi, (2020), “Privacy Preserving Cryptanalysis Using Homomorphic Encryption in IoT”, Journal of Critical Reviews, Vol 7(3). 13. Devi, Venkata Subramanian, (2017), “Indian Journal of Science and Technology”, Vol. 10(42). 14. Ayman Mousa, Osama Faragallah, Elsayed Nigm, and Elsayed Rabaie, (2013), “Evaluating the Performance of Reverse Encryption Algorithm (REA) on the Databases”, The International Arab Journal of Information Technology, Vol. 10, No. 6. 15. Rao, Gorti VNKV Subba, and Garimella Uma. (2013), “An Efficient Secure Message Transmission in Mobile Ad Hoc Networks using Enhanced Homomorphic Encryption Scheme.” GJCSTE: Network, Web & Security vol. 13. no. 9. 16. A. Venumadhav, (2013), “A Survey on Security of Data outsourcing in Cloud”, International Journal of Scientific and Research Publications, Volume 3, Issue 10. 17. D Vamsi, (2020), “Electronic Health Record Security in Cloud: Medical Data Protection Using Homomorphic Encryption Schemes”, Data Sensing and IoT systems design in HealthCare, IGI Global. 18. Lyubashevsky, Vadim, Chris Peikert, and Oded Regev. (2013), “On ideal lattices and learning with errors over rings.” Journal of the ACM (JACM) 60, no. 6.

Improved Login Interface Algorithm for Financial Transactions Using Visual Cryptographic Authentication N. Sugirtham, R. Sherine Jenny, R. Sudhakar, S. Vasudevan, and Irfan Khan Tanoli

Abstract Monitoring network traffic allows the attacker to gather private data. Due to its huge network size, numerous network nodes, and the difficulty of maintaining the devices linked to the larger network, the electronic transactions will be exposed to this risk. A novel cryptographic approach to secure such transactions is proposed here. The proposed cryptographic algorithm is based on visual cryptography and steganography. This uses the concealment of reversible data and the least significant bit algorithm along with AES and MD5. An architecture of a new login interface technique is proposed here. This employs Image-Based Registration and Authentication System (IBRAS) for user registration and authentication of login interfaces in transactions. To demonstrate the level of security, we offer a thorough cryptographic analysis, as well as description on the process of encrypting and decrypting images. This analysis includes histogram computation, peak signal to noise ratio values, unified average changing intensity, correlation coefficient and the rate at which pixels change. Keywords Login interface · Visual cryptography · Steganography · AES · MD5

1 Introduction Secret information transmission from a sender to a recipient or group of recipients is called cryptography. Cryptography is a key topic of study that keeps everything in the digital world safe as the volume of data and connectivity grows dramatically. The way information is sent has changed due to the digitisation of information and the interchange of bits across computer networks worldwide. Due to this reason, conventional cryptography methods from the pre-digital era must be employed and N. Sugirtham (B) · R. Sherine Jenny · R. Sudhakar · S. Vasudevan Department of ECE, Dr. Mahalingam College of Engineering and Technology, Coimbatore, India e-mail: [email protected] I. K. Tanoli Department of Computer Science, SZABIST, Karachi 75600, Sindh, Pakistan e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_3

29

30

N. Sugirtham et al.

improved to work with digital data. A login, pin number, irises, fingerprint, cryptographic signature, steganography, etc., are used to ensure security. As per [1], web browsers and password-based weak authentication methods are no longer sufficient to allow safe usage of digital financial services. Data security is a critical issue in the financial industry, and businesses should and are required to abide by a number of domestic and international standards. While markets change every day, rules and the corresponding encryption needs are less erratic. Bank operations have undergone tremendous change as a result of electronic banking, which provides a range of financial services online. In the world of internet banking, safety and confidentiality are the primary aspects that are required. The utmost level of security is necessary for online transactions in order to thwart any potential fraud. The flowchart in Fig. 1 shows how cryptography plays a vital role in banking. AES Encryption algorithm is widely used to provide confidentiality. AES is not only effective at protecting data but also quick at both encrypting and decrypting data. AES can be used on a variety of platforms. The main advantage of AES is the variety of key lengths available. The 56-bit key of DES is significantly weaker than that of AES. AES allows for a larger key size while ensuring that a deceiver can only decrypt a text by attempting every key combination. Some of the most advanced encryption technologies is used to safeguard automated teller machines. User identification, whether it takes place online or over the phone, is the most important component of any organisation. In order to preserve the reliability of information shared and to track deviations in the message content, message digests are employed. The MD5 hash is used by many web applications to strengthen security and avoid security flaws, hacking, etc. The MD5 algorithm, which succeeded the MD4 method, was one of the first hashing algorithms to gain international recognition. Here in addition to AES, MD5 with steganography is applied to encrypt the Customer’s password. Visual cryptography is a type of encryption that divides a secret image into ‘n’ pieces, with the restoration of the original image being accomplished by stacking the shares. In terms of business, encryption is simply another kind of risk management, and those who understand how to effectively identify and control risks typically thrive. Hence, a new method for encryption to prevent unauthorized access to confidential data in login interfaces for transactions using images is presented here. Cryptographic analysis, which is used to decrypt encrypted messages, is the other important aspect of cryptology. Numerous sort of empirical tests are widely employed in cryptographic analysis to check whether the suggested algorithm has the necessary security level. Here, we present thorough cryptographic investigation to demonstrate the suggested image encryption algorithms’ level of security.

Improved Login Interface Algorithm for Financial Transactions Using …

Fig. 1 Cryptography in banking

31

32

N. Sugirtham et al.

Plain text

Padding

Processing

Hashed text

Fig. 2 Block diagram of message digest algorithm

2 Literature Survey Message Digest Algorithm Data integrity refers to the quality and consistency of information stored in a database or data warehouse. This can be achieved with the help of message digest algorithm (MD5) [2]. When data consistency and data safety are ensured, performance and stability can be improved better. As a result, if the data integrity has been compromised, the receiver can securely discard the message. The idea behind nonrepudiation is that only the signer has unique knowledge of the signature key. As a result, if a dispute arises in the future, the recipient can provide the data and digital signature as evidence to a third party. Unlike other digest algorithms, MD5 generates a 128-bit hash value and is applied in situations where credentials are to be stored directly. This is utilized in digital signature applications where a large compressed file is used since it uses a variablelength message to construct a 128-bit message Digest which is represented in Fig. 2. A fundamental need of any hashing method is that it is computationally impossible to find two different messages hashed to the same value. MD5 is significantly faster than other message digest algorithms. MD5 is a nonlinear function that cannot be reversed. However, message digests can be employed as a checksum to certify data integrity against unintended operation. Some programmes improve the MD5 approach by attaching a salt value to the plaintext or repeating the hash functions.

Steganography The art Steganography [3] is hiding a concealed message within something that is not hidden. This involves introducing a hidden text message or script with the goal to conceal and deceive inside a word processing or document file or inside a photograph or video. Due to the lack of data scrambling or key usage, it cannot be considered a form of cryptography. Instead, it is a type of concealment done skillfully. This method distinguishes from cryptography, which is the secret writing used to conceal the existence of a secret communication. This method entails hiding a message in a translucent substance, which is referred to as the carrier. To create a steganography medium, the secret key is inserted in the carrier. The hidden

Improved Login Interface Algorithm for Financial Transactions Using …

33

message is encrypted and decrypted using a steganography key. Intranets, digital watermarking, voice over internet protocol, detection method and algorithm, watermarking techniques, and trojans follow steganographic tactics. There are two kinds of steganography: linguistic steganography and technical steganography. The practise of linguistic steganography involves concealing information in text that is written in everyday language, whereas technical steganography includes digital images, video, audio, and text. Least Significant Bit (LSB), masking and filtering, algorithms, and transformation are methods used for image steganography.

LSB Algorithm The most frequent way of current steganography is to use the LSB for image pixel information [4]. This methods works well when the size of the file is longer than the message file and when the image is greyscale. Three bits can be encoded into each pixel when employing LSB techniques on each byte of a 24 bit image. The most elementary technique for obfuscating data in an image or video file is called LSB insertion. Figure 3 represents the stages involved in data embedding. Initially, the pixels and text characters from the cover image are retrieved. Next, the first picture is selected, and the stego-key letters are selected and placed in the picture’s first component. The stego-image pixels are extracted using a data extraction method. Extract stego-key letters from the first component of the pixels in an order from the beginning. If the key is accurate, proceed to the next pixel and extract the secret message characters from the first component of the following pixel. The secret message is then retrieved and transmitted via the stego-image. Cover media

Cover media

Embedding algorithm

Secret message

Fig. 3 Block diagram of steganography

Stego-object

Extraction algorithm

Cover media

34

N. Sugirtham et al.

Visual Cryptographic Technique A method of encryption that employs visual data—such as photos, text, and decrypted data is revealed as a visual image. A visual secret sharing system was developed to employ images where it is split into ‘n’ shares. The decryption of the image is possible only if all the n shares are available, and for any ‘n − 1’ shares are available, decryption will not be possible. It is specifically utilized in biometric security, watermarking, remote electronic voting, and other applications. Visual cryptography is not stacking order dependent, and despite of the order by which of encrypted images are stacked, only one image can be decrypted [5]. According to earlier studies in this field, using the least significant bit algorithm for picture encryption techniques results in excellent levels of security. In [6], authors have proposed a login interface for stable cellular computing authentication with the usage of the principles of encryption, hash and Steganography. Steganographybased image authentication is also carried out [7]. Hashing cryptography was used to ensure integrity. Steganography and visual cryptography is efficiently used in computer forensics [8]. The authors of [9] suggested a method that makes use of double random segment encoding and both image steganography and cryptography. They have projected a stepped forward technique for the LSB approach. The Deflate Algorithm was employed in an effort to shorten the time of the hidden mystery message. The least significant bit algorithm is not necessarily a guarantee for the highest levels of cryptographic security, according to the research, which also shows that it is vulnerable to steganalysis assaults. The study describes possible vulnerabilities in the AES [10], MD5, and image steganography encryption techniques. In order to offer user privacy in addition to confidentiality, integrity, authentication, and non-repudiation, as well as reversible data concealing, we employ a combination of AES, MD5 [11], Steganography and Visual Cryptography.

Secret Sharing Method The secret sharing method conceals the secret image within multiple images and distributes these share images to the appropriate person. Only the corresponding user can see the hidden image when share photos are stacked. The hidden image is split up into a number of shares, or distinct random images. The shares are then stacked upon one another to get the original image, and only authenticated user can login using his secret shares is considered as a secured login practice.

Digital Halftoning The process of creating a continuous tone image with a device capable of generating only two or a few levels of grey at each point on the device output service is known as digital halftoning. The perception of additional grayscale levels is determined by a

Improved Login Interface Algorithm for Financial Transactions Using …

35

local average of the binary or multilayer texture. Detailing is achieved through texture modulation at the local level. Different dot designs correspond to different shades of grey [12]. The following methods are used to create digital halftone photographs. Patterning—Patterning produces a higher spatial resolution image than the source image. The output image comprises the same number of halftone cells as the source image does pixels. Pattern uses the patterning technique to create a digital halftoning image from an input image. The pattern software reads an input image, quantizes the pixel values, and assigns each pixel to a pattern. Dithering—Dithering generates an output image with the same number of dots as the source image’s number of pixels. It is similar to employing a dither matrix to threshold the original image. The matrix is overlaid over the source image several times. Dither receives an input image, compares each pixel to the associated element in the dither matrix, generates an output image, and writes it to an output file. Digital halftoning images are created via error diffusion. Error diffusion—Error diffusion is another method for producing digital halftone images. It is usually referred to as spatial dithering. Each pixel in the source image is traversed successively by error diffusion. Each pixel is measured against a threshold. The difference in the input pixel and output pixel values is distributed to neighbouring neighbours. In general, neighbourhood operations yield better results than point operations. It uses error diffusion to create a digital halftoned image. It takes an input image, compares each pixel to the threshold, and then, sets the outputs.

3 Proposed Algorithm The blended encryption, hashing and steganography concepts make login interfaces more secure than ever, but steganography is vulnerable to steganalysis. To overcome this, a set of rules are suggested to increase the safety of login interfaces using the concepts of encryption, hashing, steganography, and visual cryptography is proposed here. The proposed algorithm is a hybrid model of AES, MD5, Steganography and Visual Cryptography. The Least Significant Bit (LSB) and Steganographic algorithm [13, 14] are used to disguise the secret password within the secret image after it has been encrypted using the AES algorithm with the username as the key. The secret image is then encrypted again using the Visual Cryptography technique and divided into ‘n’ shares that the user can use for login purposes. As Visual Cryptography undergoes digital halftoning of image, the divided ‘n’ shares must be stacked over each other in the exact order as it was divided during share generation [15]. A visual secret sharing scheme employs the method by which the image is split into ‘n’ shares and one can decrypt the image with all n shares available, whereas a person with just n − 1 share gets definitely nothing about the actual image (Fig. 4). As a result, unlike previous proposed models, the proposed security algorithm is not vulnerable to Steganalysis

36

N. Sugirtham et al. Share 1

Stego image

Image 1

Encrypted image

Database 1

Image 2

Encrypted image

Database 2

Digital halftoning

Share 2

Fig. 4 Block diagram for digital halftoning

attacks. The sign-up and login interfaces designed here function differently as shown in Figs. 2 and 3. The algorithm for which is pseudocode described in the following sections. Pseudo Code Encryption Start = getInput(Image,OriginalText,OriginalKey,PseudoText,PseudoKey) AESText = AES(OriginalText,Key = MD5(OriginalKey)) PseudoAESText = AES(PseudoText,Key = MD5(PseudoKey)) Image = VisualCryptography.GenerateShares(Shares = 3) StegoImageShare1 = Stegano.LSB(AESText) PseudoStegoImageShare2 = Stegano.LSB(PseudoAESText) PseudoStegoImageShare3 = Stegano.LSB(PseudoAESText) CoverImage = StackingOfShares(StegoImageShare1, PseudoStegoImageShare2, PseudoStegoImageShare3) End Decryption Start = getInput(CoverImage,OriginalKey) Image = VisualCryptography.GenerateShares(Shares = 3) StegoTextShare1 = LSB(Share1) StegoTextShare2 = LSB(Share2)

Improved Login Interface Algorithm for Financial Transactions Using …

37

StegoTextShare3 = LSB(Share3) if AESDecrypt(StegoTextShare1,OriginalKey) != error print(AESDecrypt(StegoTextShare1)) elif AESDecrypt(StegoTextShare2, OriginalKey) != error print(AESDecrypt(StegoTextShare2)) elif AESDecrypt(StegoTextShare3, OriginalKey) != error print(AESDecrypt(StegoTextShare3)) else print(“Unauthorized Access”) End Halftoning is a technique for simulating grayscale by altering the size of tiny black dots grouped in a regular pattern. Figure 4 shows the block representation of digital halftoning. Here, the stego-image that includes the concealed message either in pixel values or in appropriately selected coefficients is divided into shares and halftoning is performed on each share separately. This image is further encrypted using AES algorithm. The encrypted value is stored in the database. Figure 5 represents the block diagram representation of how encrypted images are stacked to extract the secret embedded within. Since no separate algorithm is employed here, the entire process of reconstruction is simple and straight forward. Share 1

Database 1

Encrypted image Stacking of shares

Database 2

Encrypted image

Share 2

Fig. 5 Block diagram for stacking of shares

DWT

Decoding

Secret image extracted

38

N. Sugirtham et al. User Name Input

Password Input

Image Input

Taking AES for both inputs with Username as key and password as text

Using LSB algorithm encrypting AES text into Image

In Database Taking MD5 hash for password

Digital Halftoning with visual cryptography

Fig. 6 Block diagram for signup using visual cryptography

Algorithm 1 Signup Step 1: The password is hashed with MD5 and stored along with the username in the database as shown in Fig. 6. Step 2: The username is hashed with MD5 which acts as key for encrypting the password with the AES-256 bit encryption. Step 3: The AES encrypted text is concealed within an image using Steganography that employs Least Significant Bit (LSB) algorithm to write the text within an image. Step 4: The secret image is once again encrypted using the Visual Cryptography technique and is divided into ‘n’ shares that can be used for login purposes. Algorithm 2 Login Step 1: The user is given the option of selecting the method of login based on the number of shares registered during the registration process. Figure 8 shows a sample login process. Step 2: The user must enter their username and upload their shares after selecting their preferred login method. Step 3: The shares are stacked on top of each other to reveal the original image, a technique known as Stacking of shares in Visual Cryptography. The AES Encrypted text hidden within the image is extracted using Least Significant Bit (LSB) algorithm. Step 4: Original password is obtained by hashing the username with MD5 which is used as a key to decrypt the cipher text with AES-256 algorithm. Step 5: Original password is hashed with MD5 before being compared to the original hashed password stored in the database.

Improved Login Interface Algorithm for Financial Transactions Using …

39

Step 6: If they match, the system recognises them as an authenticated user and grants them access. Since Visual Cryptography works on the principle of reversible data hiding, an interpreter lacking the ‘n’ shares cannot stack and identify the image. Figure 7 shows the flow representation of the steps involved in login using visual cryptography. Furthermore, since Visual Cryptography employs digital half toning of images, the divided ‘n’ shares must be stacked over each other in the exact same order as they were divided during share generation. As a result, unlike the previously proposed models, the proposed security algorithm is not vulnerable to steganalysis attacks.

Fig. 7 Block diagram for login using visual cryptography

40

N. Sugirtham et al.

(a) Front end

(d) Login Method

(b) Login view

(e) Login using 2 Shares

(c)Username requirement

(f) Login using 3 Shares

Fig. 8 Front end of proposed application

4 Implementation and Results This work’s implementation was done on a system configuration with Intel (R) Core(TM) i5-10210 CPU @ 1.60 GHz 2.11 GHz, 64 bit OS x-64-based processor and a RAM of 8 GB. The proposed approach is implemented as a GUI using the

Improved Login Interface Algorithm for Financial Transactions Using …

41

PYTHON 3.7 programming language [16]. The proposed model offers the users to choose among two or three share option during sign in. Based on the choice opted during sign in, subsequent login options will be enabled. This is added advantage of the proposed model (Fig. 8).

Performance Metrics Various empirical tests were performed to compare the existing and proposed cryptographic algorithms for login interfaces in order to demonstrate the image encryption efficiency [14]. The suggested algorithm has been tested for the performance metrics like peak signal to noise ratio, histogram computation, Unified average changing intensity and number of pixel changing rate [17, 18].

Peak Signal to Noise Ratio (PSNR) The most common approach in image encryption analysis is peak signal to noise ratio (PSNR), which displays the ratio among an image’s maximum power and the corrupting noise power. The comparison between PSNR values of various image formats for the existing AES, MD5, Steganography model and proposed 2 and 3 shares visual cryptographic technique is graphically represented in Fig. 9. The fact that one of the “n” shares cannot be restored even partially to reveal the original image demonstrates that without the exact “n” shares, any information about the original image will not be revealed, and the difference between the PSNR values of the existing and proposed models is evidence of successful encryption. Strong

Fig. 9 Comparison of PSNR values

42

N. Sugirtham et al.

encryption is indicated by the close proximity of the PSNR values for 2 shares and 3 shares visual cryptographic methods. In Table 1, peak signal to noise ratio, a very commonly used methods for image analysis, displays the image’s PSNR value distributed in decibels (dB) for different sample inputs. To compare the normal image with the encrypted images, we have included some of the tested images in Table 1. The difference between the PSNR after AES, MD5, Steganography and the PSNR of the proposed algorithm which uses AES, MD5, Steganography and visual cryptography is a clear evidence of successful encryption [19]. Furthermore, the significant change indicates that even a partial restoration of the original file is impossible. The proposed hybrid model has been examined in accordance with all of the requirements for cryptographic properties like confidentiality, integrity, authentication, privacy and non-repudiation, as given in Table 2. Table 1 Comparison of PSNR values S. No. Image

Dimension Size of the image PSNR after (kB) performing AES, MD5, steganography (dB)

PSNR after performing AES, MD5, steganography and visual cryptography (dB)

1

venom.jpg

259 * 194

6

42.417

32.855

2

plant.jpg

3

183 * 295

6

43.003

27.843

Basketball.png 273 * 183

25

77.178

4

Human.bmp

27.908

260 * 280

214

78.239

27.892

5

Scenery.tiff

253 * 199

141

77.043

28.666

Table 2 Comparison of various models and its cryptographic properties Models

Confidentiality Integrity Authentication User privacy Non-repudiation

AL (AES + LSB)

✓

X

✓

X

✓

ML (MD5 + LSB)

✓

✓

✓

X

✓

AML (AES + MD5 + LSB)

X

✓

✓

X

✓

AMLV (AES + ✓ MD5 + LSB + VSC)

✓

✓

✓

✓

Improved Login Interface Algorithm for Financial Transactions Using …

Original image

43

Proposed algorithm

Fig. 10 Histogram computation

Histogram Computation Histograms are frequently used to assess image files and determine how data are distributed [20]. The test original image file and its associated encrypted file for the suggested approach are shown in Fig. 10. From histogram computation, it is inferred that the suggested approach’s histogram is uniform and near, indicating good encryption. Through histogram computation, it may be inferred that the suggested approach’s histogram is uniform and near, indicating good encryption [21]. The near values point to resilience to assaults.

Unified Average Changing Intensity (UACI) The Unified Average Changing Intensity (UACI) is an significant parameter to assess the strength of an algorithm for image encryption. Since there is a difference in the UACI values between the existing and suggested methods as shown in Fig. 11, it can be concluded that none of the ‘n’ shares of visual cryptography have disclosed any information regarding the original image indicating strong encryption [22, 23]. The sensitivity of the algorithm against plaintext or image is defined by UACI [24]. It is about 28.4% for 3 share image.

Number of Pixel Changing Rate (NPCR) Number of Pixel Changing Rate (NPCR) is a different approach to measure the rate of change of the cipher image’s number of pixels [22, 23]. Figure 12 represents the comparison between NPCR values of various image formats for the existing AES, MD5 and Steganography model and proposed two and three shares visual cryptographic technique.

44

N. Sugirtham et al.

Fig. 11 Comparison of UACI values of various image formats

Fig. 12 Comparison of NPCR values of various image formats

All the obtained values of NPCR are very high in the proposed model when compared to the prevailing models indicating successful encryption of the visual secret sharing scheme of images using visual cryptographic technique of the proposed model as it did not reveal any content about the actual image. Average NPCR for 3 share image is about 81%.

Correlation Coefficient The relationship between the matching sample values of two image files is expressed by measuring the correlation coefficient between them [23]. Here, some the results of tested files are presented in Fig. 13, comparing the existing AES, MD5 and

Improved Login Interface Algorithm for Financial Transactions Using …

45

Fig. 13 Comparison of correlation coefficient values of various image formats

Steganography model and proposed two and three shares visual cryptographic technique. It can be inferred from the graph that the proposed two and three share visual cryptographic technique has low values of correlation while compared to the existing method of AES, MD5 and Steganography model, indicating any n − 1 shares has not exposed any information about the actual plain image which demonstrates the higher security level of the suggested image encryption approach than the existing model. Table 3 displays the results of cryptographic algorithms in respect of performance parameters. For comparison, the parameters data integrity, data secrecy, least significant bit data hiding, and reversible data hiding are used. Existing login interfaces based on MD5, AES, and steganography have failed to provide reversible data concealing; however, this suggested technique meets all of the characteristics by combining MD5, steganography, and visual cryptography at the login interface. Table 3 Comparison between login interfaces of different cryptographic algorithms Parameters

MD5 login interface

MD5 + AES login interface

MD5 + AES + steganography login interface

MD5 + AES + steganography + visual cryptography login interface

Data integrity

✓

✓

✓

✓

Data confidentiality

X

✓

✓

✓

Least significant bit data hiding

X

X

✓

✓

Reversible data X hiding

X

X

✓

46

N. Sugirtham et al.

Results on MD5 MD5 hash results in a 128-bit value that is represented as 32-digital hexadecimal numbers. The decryption process is significantly slower than the encryption method based on the cryptographic algorithms employed for simulation. The time of encryption and decryption will be greater for text and image formats with larger size. The comparison of several cryptographic algorithm models is shown in Table 4 based on the time consumed for encryption and decryption. In comparison with the existing cryptographic methods, the suggested technique which employs the concept of AES, MD5, steganography and visual cryptography consumes more time. The process of hashing, encryption, Least Significant Bit (LSB) Steganography, and Digital Halftoning takes longer, increasing the encryption time. It divides the images into the proper two or three shares, which lengthens the suggested algorithm’s processing time. However, compared to the MD5 algorithm, proposed algorithm takes 200 times longer to process plain text of the same size. The lengthy encryption time indicates that the system is resistant to attacks. The highest encryption-time always implies a good level of encryption quality and security for the recommended cryptographic technique. The outcomes of plaintext (bits) encryption and decryption reveal faster results when a blending of AES, MD5, steganography, and visual cryptography techniques is carried out.

Visual Cryptography Shares Scheme The idea behind visual cryptography is to Split the hidden image into n shares, with every recipient receiving one part. No evidence can be exposed without all the share with him. A visual secret sharing system is a method that divides an image into n shares, each of which hides information about the original image until all n shares are owned by one person. It is a wide subject of research applied in data concealment, image security, colour imaging, multimedia, and other domains [25]. The simulation results for two shares are shown in Table 5. The samples are split into two shares that are simulated in terms of performance parameters like encryption and decryption time (s), generation of shares, and compression of share size (kB). The simulation results for three shares are shown in Table 6. The samples are separated into three shares, each of which is simulated in terms of encryption and decryption time (s), share generation, and share compression size (kB). When RGB or black and white colour images are employed as inputs for the planned algorithm, it needs much more calculation time than usual, and in general, the time required for three share encryption is greater than the time required for two shares encryption as shown in Fig. 14. Because of the amount of noise present in the image as a result of the prior digital halftoning process, when an already divided share is divided into two shares, it does not require an image ten times larger than the original. The RGB value distribution in the image affects the encryption and decryption timings, as seen in Table 6.

0.012

0.011

0.010

0.009

0.007

0.012

3

4

5

0.012

0.012

0.007

0.008

1

0.026

0.024

0.027

0.017

0.016

Encryption time (s)

Encryption time (s)

Decryption time (s)

AES + MD5

MD5

2

Plaintext size (bytes)

0.017

0.014

0.014

0.015

0.009

Decryption time (s)

Table 4 Comparison between various models of cryptographic algorithms

0.074

0.072

0.017

0.066

0.140

Encryption time (s)

0.052

0.054

0.048

0.053

0.057

Decryption time (s)

AES + MD5 + steganography

1.177

1.218

1.179

1.149

1.402

Encryption time (s)

0.202

0.183

0.183

0.208

0.186

Decryption time (s)

AES + MD5 + steganography + visual cryptography

Improved Login Interface Algorithm for Financial Transactions Using … 47

48

N. Sugirtham et al.

Table 5 Simulation results for two shares Samples

Encryption time (s)

Decryption time (s)

Generate shares (kB)

Compress shares (kB)

RED.JPG

6.094

0.906

1262

GREEN.JPG

4.616

0.491

614

2

BLUE.JPG

4.636

0.489

898

2 27

19

BLACK.JPG

6.905

0.594

402

WHITE.JPG

2.775

0.298

644

2

ANIMAL.JPG

1.245

0.228

282

113

PLANT.JPG

1.185

0.211

296

42

HUMAN.JPG

1.691

0.263

428

44

SCENERY.JPG

1.213

0.216

272

48

BIRD.JPG

1.209

0.233

292

48

Table 6 Simulation results for three shares Samples

Encryption time (s)

Decryption time (s)

Generate shares (kB)

Compress shares (kB)

RED.JPG

13.453

1.205

1743

650

GREEN.JPG

12.793

0.953

867

310

BLUE.JPG

12.347

0.858

1303

451

BLACK.JPG

20.308

1.241

462

228

WHITE.JPG

5.237

0.602

927

324

ANIMAL.JPG

2.436

0.261

400

254

PLANT.JPG

2.452

0.326

430

190

HUMAN.JPG

3.546

0.392

620

258

SCENERY.JPG

2.647

0.352

386

220

BIRD.JPG

2.541

0.311

424

194

The time required to encrypt and decrypt a picture is directly related to the RGB colour distribution of the image to be encrypted. Figure 15 depicts the decryption times of shares two and three shares. When compared to three share generation, two share generation has shorter encryption and decryption time; however, three share generation requires more processing time than two share generation, and in general, three share encryption takes longer than two share encryption. Figure 16 depicts the time memory consumed to generate two and three shares, and Fig. 17 shows the memory required after compression of shares. The storage and transmission of the shares in a secured secret sharing scheme demands an amount of storage and bandwidth resources equal to the size of the secret multiplied by the share count.

Improved Login Interface Algorithm for Financial Transactions Using …

49

Fig. 14 Time for encryption

Fig. 15 Time for decryption

Because no system is perfectly safe, the ultimate purpose of cryptography is to increase security; thus, the proposed model has increased security by increasing the processing time required to decrypt the data without a key beyond the existing model. With the addition of visual cryptography and steganography to AES and MD5, this design has increased security as if it takes more cipher time than the previous model,

50

N. Sugirtham et al.

Fig. 16 Memory required to generate shares

Fig. 17 Memory required after compression of shares

but it takes much longer for an interpreter who does not know the key to compute the desired encrypted data than the standard hybrid AES and MD5 model. When the PSNR of the hybrid model of AES, MD5 and steganography image is compared to the PSNR of the final image of the suggested approach using image parameters, the PSNR is clearly lower. As the image is digitally halftoned and divided into ‘n’ shares using the visual secret sharing mechanism, the PSNR diminishes. The

Improved Login Interface Algorithm for Financial Transactions Using …

51

histogram for the image drops three times more than the original because the shares are associated with noise, but because the images are divided based on a visual secret sharing scheme, it is difficult for an intruder to decrypt an information without stacking the exact ‘n’ shares in the exact same order as it was done during share generation.

5 Conclusion The proposed cryptographic technique is based on visual cryptography and steganography, which uses reversible information hiding and the least significant bit algorithm, along with AES and MD5. A thorough investigation of cryptography is conducted to evaluate the security solution that is suggested. The histogram plot of the verified image files demonstrates the dissimilarity of encoded files and the plain image files. The PSNR readings exhibit substantial amounts of noise, showing that the original image quality was lost throughout the encryption process, proving that the visual secret sharing method of images was successfully encrypted. The tests for correlation analysis, NPCR and UACI demonstrate that the samples in the relevant files are entirely different, confirming better encryption quality. Based on the findings of the cryptographic study, the suggested technique has the necessary cryptographic security for picture file encryption and is a suitable authentication mechanism for financial transaction.

References 1. I. Telecommunication Union, “A Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions REPORT OF SECURITY WORKSTREAM Implementation of secure authentication technologies for digital financial services,” 2020. 2. Touil, H., El Akkad, N., Satori, K. (2021). Securing the Storage of Passwords Based on the MD5 HASH Transformation. 3. Nashat, D., Mamdouh, L. An efficient steganographic technique for hiding data. J Egypt Math Soc 27, 57 (2019). 4. O. Christiana Abikoye, R. Oluwaseun Ogundokun, S. Misra, and A. Agrawal, “Analytical Study on LSB-Based Image Steganography Approach”, Lect. Notes Electr. Eng., vol. 834, no. March, pp. 451–457, 2022, doi: https://doi.org/10.1007/978-981-16-8484-5_43. 5. A. Naor, Moni and Shamir, “Visual cryptography”, in Advances in Cryptology EUROCRYPT’94. Lecture Notes in Computer Science (Volume 950), 1995, pp. 1–12. 6. M. Alotaibi, D. Al-Hendi, B. Alroithy, M. AlGhamdi, and A. Gutub, “Secure Mobile Computing Authentication Utilizing Hash, Cryptography and Steganography Combination”, J. Inf. Secur. Cybercrimes Res., vol. 2, no. 1, 2019, doi: https://doi.org/10.26735/16587790.2019.001. 7. R. Forgac, M. Ockay, and M. Javurek, “Steganography Based Approach to Image Authentication”, 2021 Commun. Inf. Technol. Conf. Proceedings, KIT 2021 - 11th Int. Sci. Conf., no. October, 2021, doi: https://doi.org/10.1109/KIT52904.2021.9583618. 8. G. Abboud, J. Marean, and R. V. Yampolskiy, “Steganography and visual cryptography in computer forensics”, 5th Int. Work. Syst. Approaches to Digit. Forensic Eng. SADFE 2010, no. January, pp. 25–32, 2010, doi: https://doi.org/10.1109/SADFE.2010.14.

52

N. Sugirtham et al.

9. S. Bukhari, M. S. Arif, M. R. Anjum and S. Dilbar, “Enhancing security of images by Steganography and Cryptography techniques,” 2016 Sixth International Conference on Innovative Computing Technology (INTECH), 2016, pp. 531–534, doi: https://doi.org/10.1109/INT ECH.2016.7845050. 10. Nechvatal J, Barker E, Bassham L, Burr W, Dworkin M, Foti J, Roback E, “Report on the development of the Advanced Encryption Standard (AES)”, J. Res. Natl. Inst. Stand. Technol., vol. 106, no. 3, pp. 511–577, 2001, doi: https://doi.org/10.6028/jres.106.023. 11. H. Pasaribu, D. Sitanggang, R. R. Damanik, and A. C. Rudianto Sitompul, “Combination of advanced encryption standard 256 bits with MD5 to secure documents on android smartphone”, J. Phys. Conf. Ser., vol. 1007, no. 1, pp. 0–8, 2018, doi: https://doi.org/10.1088/1742-6596/1007/ 1/012014. 12. T. Asano, “Digital Halftoning: Algorithm Engineering Challenges”, IEICE Trans Inf Syst. E86-D., 2003. 13. S. L. Chikouche and N. Chikouche, “An improved approach for LSB-based image steganography using AES algorithm”, 2017 5th Int. Conf. Electr. Eng. - Boumerdes, ICEE-B 2017, vol. 2017-January, pp. 1–9, 2017, doi: https://doi.org/10.1109/ICEE-B.2017.8192077. 14. R. Z. Wang, C. F. Lin, and J. C. Lin, “Image hiding by optimal LSB substitution and genetic algorithm”, Pattern Recognit., vol. 34, no. 3, pp. 671–683, 2001, doi: https://doi.org/10.1016/ S0031-3203(00)00015-7. 15. C. Kim, C. C. Chang, C. N. Yang, X. Zhang, and J. Baek, “Special Issue: Real-Time Data Hiding and Visual Cryptography”, J. Real-Time Image Process., vol. 14, no. 1, pp. 1–4, 2018, doi: https://doi.org/10.1007/s11554-018-0749-0. 16. Brian K. Jones; David M. Beazley, Python Cookbook: Recipes for Mastering Python, 3rd ed. O’Reilly Media, Inc., 2013. 17. P. Fang, H. Liu, C. Wu, and M. Liu, “A survey of image encryption algorithms based on chaotic system”, Vis. Comput., April, 2022, doi: https://doi.org/10.1007/s00371-022-02459-5. 18. Y. Wu, J. P. Noonan, and S. Agaian, “NPCR and UACI Randomness Tests for Image Encryption”, Cyberjournals.Com, 2011. 19. A. K. Sahu and M. Sahu, “Digital image steganography and steganalysis: A journey of the past three decades”, Open Comput. Sci., vol. 10, no. 1, pp. 296–342, 2020, doi: https://doi.org/10. 1515/comp-2020-0136. 20. K. H. Jung, “Comparative histogram analysis of LSB-based image steganography”, WSEAS Trans. Syst. Control, vol. 13, no. 1, pp. 103–112, 2018. 21. P. Łab˛ed´z, K. Skabek, P. Ozimek, and M. Nytko, “Histogram adjustment of images for improving photogrammetric reconstruction”, Sensors, vol. 21, no. 14, 2021, doi: https://doi. org/10.3390/s21144654. 22. A. Arab, M. J. Rostami, and B. Ghavami, “An image encryption method based on chaos system and AES algorithm”, J. Supercomput., vol. 75, no. 10, pp. 6663–6682, 2019, doi: https://doi. org/10.1007/s11227-019-02878-7. 23. J. F. Zhao, S. Y. Wang, L. T. Zhang, and X. Y. Wang, “Image encryption algorithm based on a novel improper fractional-order attractor and a wavelet function map”, J. Electr. Comput. Eng., vol. 2017, 2017, doi: https://doi.org/10.1155/2017/8672716. 24. A. Susanto et al., “Triple layer image security using bit-shift, chaos, and stream encryption”, Bull. Electr. Eng. Informatics, vol. 9, no. 3, pp. 980–987, 2020, doi: https://doi.org/10.11591/ eei.v9i3.2001. 25. Ashutosh and S. D. Sen, “Visual cryptography”, Proc. - 2008 Int. Conf. Adv. Comput. Theory Eng. ICACTE 2008, pp. 805–807, 2008, doi: https://doi.org/10.1109/ICACTE.2008.184.

Securing Shared Data Based on Homomorphic Encryption Schemes K. Renuka Devi, S. Nithyapriya, G. Pradeep, R. Menaha, and S. Suganyadevi

Abstract Today, in this modern world, privacy plays a significant role where the data is available everywhere. Because of utilization of large amount of computer technology, the usage of data reaches a high demand. Hence, the retrieval of sensitive information from the data available becomes the need of the hour. In the perspective of medical field, data plays an important role since it consists of sensitive data such as patients’ medical history, their age, location. Those sensitive data have been shared among different locations as well as different users such as intruders, hackers, third party users where they utilized those data to steal various important information. Hence, the process of securing those data becomes one of the bottleneck problems which must be addressed. The following work focused on explaining about homomorphic encryption (HE) for securing the data from the intruders. Usage of a method known as homomorphic encryption (HE) which can execute computations on data that has been encrypted using homomorphic encryption techniques without having to first decrypt the data. By doing so, the necessity for decrypting the data and performing the calculations are removed. The method of encoding data into cipher text that can be analyzed and utilized in the same manner as the original called homomorphic encryption (HE) or asymmetric encryption. The utilization of homomorphic K. Renuka Devi (B) Department of IT, Dr. Mahalingam College of Engineering and Technology, Coimbatore, India e-mail: [email protected] S. Nithyapriya Department of AI&DS, Bannari Amman Institute of Technology, Erode, India e-mail: [email protected] G. Pradeep Department of M.Tech. Computer Science and Engineering, Sri Krishna College of Engineering and Technology, Coimbatore, India e-mail: [email protected] R. Menaha Department of IT, Sri Eshwar College of Engineering, Coimbatore, India e-mail: [email protected] S. Suganyadevi Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_4

53

54

K. Renuka Devi et al.

encryption allows for the performance of intricate mathematical or numerical functions on encrypted data without encryption being compromised. Various algorithms are utilized for securing the data under cryptographic techniques. This work focused on explaining HE algorithms the terms such as fully homomorphic encryption (FHE), partially homomorphic encryption (PHE), and somewhat homomorphic encryption (SHE) have been analyzed and it also explains that PHE performs better than other two algorithms. Keywords Privacy · Homomorphic encryption · Medical field · Partially homomorphic encryption · Evaluation metrics

1 Introduction The Ancient Greek words homos and morphe were used to refer to “same” and “form,” respectively. Homos meant “same,” and morphe meant “shape.” After then, the concept of “homomorphism” emerged and swiftly gained traction in a variety of other settings [1]. When discussing abstract algebra, the term “homomorphism” refers to a mapping that preserves all of an algebraic set’s structures regardless of whether one is traveling between the domain or the range of the set in question. The map is nothing more than a function or an operation; it takes inputs from a number of different domains and generates an element that is contained within a particular range (e.g., addition, multiplication). The field of cryptography makes use of homomorphism, which can be thought of as a form of encryption. Homomorphic encryption, sometimes referred to as HE, is indeed a form of encryption method that permits a third party to carry out specific computable operations on encrypted data while still keeping the encrypted data’s function and structure intact. This type of encryption is also known as homomorphic encryption. HE is also referred to as homomorphic encryption. This homomorphic encryption does, in fact, correspond to the mapping that is performed in abstract algebra. Using the functions E(m1) and E(m2), it is feasible to compute, where E indicates the encryption function, for instance, E(m1 + m2) when given sample messages m1 and m2, even though one does not have direct knowledge of the values of m1 and m2. This is an illustration of a system that generates HE by additive means. When it comes to protecting the confidentiality of sensitive information, encryption is frequently an essential precaution that is required to be taken. Since the data must first be decoded in order for the standard encryption methods to work, they are incapable of protecting the information [2]. In other words, in order for users to take advantage of cloud applications such as storing files, sharing files, and working together on projects, they are needed to give up their privacy in exchange for the ability to do so. Even after users have stopped using the services, it is possible for malfunctioning servers, providers, and well-known cloud operators to continue to physically identify persons.

Securing Shared Data Based on Homomorphic Encryption Schemes

55

People are really concerned about their privacy in light of this. In reality, a system that did not impose any limitations on the operations that might be performed even when the data was still encrypted would be better. From a historical perspective in the realm of cryptology, Rivest et al. (1978a) first proposed the term “homomorphism” in 1978 as a potential remedy to the problem of computing without decrypting. As a result of the foundation that was laid by Rivest et al. (1978a), several attempts have been made by researchers from all over the world to develop a homomorphic system that would be capable of carrying out such a wide variety of operations. The encryption function of a homomorphic cryptosystem maintains the homomorphism of the system by storing the group operations that have been performed on the ciphertext. To protect a user’s privacy and confidentiality, homomorphic encryption is applied to ciphertexts before they are stored. When decoded, the newly encryption algorithm precisely mirrors the results of the calculations that were done on the plaintext as a result of the calculations that were performed in the realm of cryptography [3]. In a typical scenario, the data must first be decrypted before a computation can be performed on them. This is because the data cannot be read in their encrypted state. The coupled procedures of encryption and decryption are carried out for each and every computation that is performed. By utilizing homomorphic encryption, one can prevent this scenario (HE). The data has been processed and the computations are carried out on the information that has been encrypted while using HE. The unencrypted text that is created by carrying out the identical operations on the plaintext that was initially utilized in the encryption process will be identical to the plaintext that is produced when the resultant data is decrypted. HE makes it possible for several services to work together without the data being shared with any of the participating services. The data is protected by conventional encryption methods while it is stored, while it is being transferred, but not while it is being computed. Moreover, the confidentiality of the data is maintained during the calculation via homomorphic encryption. The relation here between various operations that are performed on the unencrypted text and those carried out on the ciphertext must be identical or should provide identical results in order to have a reliable HE. When it comes to the safeguarding of sensitive data, HE has a lot of potential applications in the medical and financial sectors. In 2011, a hacker gained access to Sony’s Playstation network, which resulted in the disclosure of billions of pieces of personally identifiable information due to the lack of encryption on the data storage. Because to inadequate security measures, events of a similar nature continue to occur to this day. The cloud is currently being utilized to store vast amounts of data by a variety of users, including people, businesses, and other organizations. For the purpose of carrying out a variety of computations, these data may be outsourced to multiple regions. When it comes to the secure and efficient handling of information that is kept in the cloud, a hybrid approach is recommended, HE is the best option. Homomorphic encryption systems are flexible in nature because of their design. There are several different cryptosystems in use today that possess the homomorphic trait, which can be used to conduct homomorphic encryption. Security is one of the major concern in different domains such as medicinal field, banking field, government sector. When we deal with security, the data should

56

K. Renuka Devi et al.

be protected from the intruders. There are various security algorithms and domain available for the protection of data as well as to maintain the privacy of data. One of the main technique is that homomorphic encryption [4]. The method of converting data into cipher text that is similar to the original in that it may be analyzed and utilized. The fact that homomorphic encryption makes carried out operations on information which is enciphered considered to be an important feature. Thus, it is possible to outsource data processing to a different party without having to rely on that party to protect the data correctly. No one can access the original data without the correct decryption key.

2 Related Works By demonstrating that it is possible to conceive of a fully homomorphic system, Gentry made a significant contribution to the field of homomorphic cryptography. The solution provided by Gentry enables the execution of any function over ciphertexts, which ultimately leads to the encryption of the desired outcome. Nonetheless, the inclusion of noise within the ciphered text is absolutely necessary for the operation of the security system. The noise that is connected with the ciphertexts is subjected to the same process whenever one of these operations is carried out [5]. The number of different procedures that can be carried out is restricted due to the constraints of practicality since, eventually, it will not be able to decode the response because the noise is additive. The total number of procedures that can be performed is therefore limited. On the basis of this idea, Gentry came up with the suggestion of encrypting secret key and then implementing the deciphering algorithm on encrypted message it after every operations. This was based on the fact that the previous proposal involved encrypting the secret key. The homomorphic use of the algorithm also contributes to the decrease in noise, in the same way that the decryption function cleans up the ciphertexts’ background noise. The application of this procedure, which is known as bootstrapping, makes it possible for Gentry to perform an endless number of homomorphic operations over the ciphertext. This is due to the fact that the application of this operation lowers the amount of noise. The requirements for processing and storage space in Gentry’s concept are somewhat high, despite all of the benefits it offers. Van Dijk and his colleagues devised a homomorphic encryption technique based on modular integer arithmetic in order to make the procedure easier to complete. A full homomorphic encryption system has been developed by Van Dijk and his colleagues. This system is not just straightforward but perhaps also secure, and it makes use of the idea of bootstrapping [6]. In order to put a stop to students cheating on exams, Levieil and Naccache came up with the idea of using a homomorphic approach that has additive qualities. According to Van Dijk, Regardless of the chosen parameters, the system is not secure, and the primary reason for this is that the architects of the system used a weak attacker model2 while they were studying the security of their scheme [7]. The first Regev encryption scheme was suggested in the year 2004. In addition to that, it was predicated on the

Securing Shared Data Based on Homomorphic Encryption Schemes

57

difficult task of locating the one and only shortest vector. The encryption expression ENC(Kpriv, m) = Kpriv q + 2r + m was used to decipher messages. However, a relationship was maintained for domain space N and a hidden h is employed to ascertain the private key, and this relationship is denoted by the formula Kpriv = N/h. On the other hand, multiplicative homomorphism is not available in the encryption systems created by Gentry and DGHV. Neither do the theories created by Regev, Levieil, or Naccache. A bootstrapping technique was a part of the original Gentry-developed scheme that Gentry and Halevi gave as an implementation. The authors examined the effectiveness of their implementation, focusing in particular on the core algorithms, bootstrapping, and the quantity of the public key [8]. Brakerski and Vaikuntanathan presented an enciphering method relies on premise of regular instructions with errors to enhance the operational efficiency of the source iteration of Gentry’s scheme (LWE). LWE problems are secure given a worst complexity of “short vector problems” on any lattice. It ensures the highest level of protection possible [9]. This shift in perspective, along with the implementation of a new operation for decreasing the dimension of vectors, resulted in shorter ciphertexts, which improved the performance of the decryption process. Also, these techniques served as the impetus for another research project carried out by Brakerski and associates, where they developed a full homomorphic encryption that can operate without the usage of bootstrapping strategies on polynomial circuits. The security of the work done by Brakerski et al. which relied on the concept of ring learning with errors (RLWE), published by Lyubashevsky et al. [10]. Computing on the cloud is known to incur delays; Fan et al. presented fog-cloud computing as a way to boost productivity while simultaneously reducing these delays. Using ciphertext policy-attribute-based encryption, the authors were also able to overcome the issues posed to security and privacy [11]. Hariss et al. developed the method known as homomorphic encryption to offer privacy for practical applications. This tactic is called Matrix Operation and Randomization Encryption (MORE). Hariss et al. [12] introduced a novel adaptive extended Merkle tree structure to protect the integrity of particularly most protectable data that is kept in EHR. On the other hand, none of these techniques were used with streaming data; instead, they were all used with data that had already been stored [13]. In the event that medical treatment is provided for the patient in an off-site location where there is limited network access, the patient’s medical records will need to be transferred safely, and only authorized users, such as healthcare providers, will have access to the data that is relevant to their task. A further essential component of security is the encoding and transmission of data in a way that prevents any loss of information. The local edge device will receive the data the sensors have collected and encrypt it with a public key. The batch encryption procedure uses a different technique to generate the ciphertext, which increases the dimension of the ciphertext beyond the length of the original text. Without the safe private key, a hacker who were to obtain accessibility to the safe data could only be able to see it as a random number and be unable to decode it.

58

K. Renuka Devi et al.

To calculate the transmission error, the FHE-encrypted information that is transmitted through the edge node will be utilized. The cloud server’s final data analytics can handle the output without needing to decrypt it. An urgent signal over time will be sent to the appropriate doctor in order to aid further diagnosis in the event that the processed data exceeds a specific threshold that has been defined by the healthcare provider. The variety of academic research initiatives and studies has increased in response to the pressing requirement for enhanced protection of information stored in cloud computing configurations. Although the vast majority of researchers have focused their attention and work on additional data security elements, only a small percentage of service providers have given the security of the data once it has been received by the server any attention. Information that is transmitted runs the risk of being intercepted by an opponent either from within the organization, such as an employee, or from outside the organization, such as a cryptanalyst. Darko and Stjepan conducted joint research on the significance of asymmetric encryption algorithms in cloud computing domain. The strengths and weaknesses of the algorithm were examined in detail in the study. The report also explored IBM’s participation in an open source library for the algorithm [14]. Maya and Hyotaek stated that homomorphic encryption provides superior protection for data when used in conjunction with multiple cloud computing environments. The application of the method, as the researchers found, results in a better ownership, privacy, isolation, and security of data. Louk and Lim [15] contributed by presenting a reliable homomorphic or asymmetric encryption method. The method was a modification of the Gentry cryptosystem, and the sole mathematical operation it performed was modular arithmetic. The method that has been suggested has the capacity to maintain users’ privacy in a cloud service provided by an untrusted third party. When contrasted with the algorithms that were presented by Marten van Dijk and others at Cryptology EUROCRYPT 2010. and those that were presented by Craig Gentry in March 2010, the performance of the method was superior. The fundamentals of homomorphic encryption, as well as its various applications, were investigated by Baohua and Na. The researchers looked at the many existing algorithms and examined how they may be improved [16]. Adil and Jorg came up with a brand new encryption method since they continued to be concerned about the privacy and confidentiality of data being violated that was being committed by cloud providers and their workers. The researchers were able to construct a framework for delegating computations into clouds by using homomorphic encryption (HE) or asymmetric encryption to its advantage [17]. The concept of homomorphic encryption (HE) or asymmetric encryption, as well as its significance, subdivisions, and restrictions, were the subjects of research conducted by Monique and her colleagues. Throughout the course of the research, a demonstration of the algorithm’s applicability to real-world problems was also investigated. Tebaa et al. developed and tested their own homomorphic encryption algorithm, then examined its performance. The existing algorithm was the focus of the experiment with the purpose of attempting to improve it [18]. Acklyn and others assessed the possible weaknesses of the cloud models for Software as a Service (SaaS), Platforms as a

Securing Shared Data Based on Homomorphic Encryption Schemes

59

Service (PaaS), and Infrastructures as a Service (IaaS). The study also examined various methods that might reduce the number of assaults and risks posed by the cloud, including homomorphic encryption [19]. Cezar and Mihai studied a number of different uses of homomorphic encryption, concentrating on how it might be utilized to safeguard the privacy of cloud-stored data. Ciara and her colleagues analyzed the challenges associated with using homomorphic encryption in real time. According to the findings of the study, homomorphic systems should be implemented by utilizing FPGAs and GPUs (i.e.). Graphic Processing Units and Field Programmable Gate Arrays [20]. In order to acquire a fully homomorphic encryption in an uncomplicated and organic manner, Li et al. suggested using the approximation eigenvector technique. The approach consisted of doing matrices additions and multiplications. The experiment was designed using Error-Free Approximate GCD, and the plaintext was represented by a diagonal matrix.

3 Homomorphic Encryption or Asymmetric Encryption Homomorphic or asymmetric encryption refers to the act of converting information in the form of encrypted message (cipher text) that may be studied and utilized as though it remains in its natural form. In order to execute intricate mathematical operations on cipher data without jeopardizing the encryption’s security, homomorphic encryption is used [21]. Several computations could be carried out on homomorphically ciphered data. The study which reveals that mathematics is the origin of the word “homomorphic,” which describes the transformation of one data collection into another while maintaining the connections between the components of both sets. The term may be traced back to its Greek roots, where it was originally used, and those roots meant “similar construction.” If the same mathematical operations are conducted on encrypted or decrypted data, it will always produce the same results. This is because the data in a homomorphic encryption scheme maintains the same structure. This is the case regardless of whether or not the operation was performed on data that was encrypted or decrypted [22]. When compared to other encryption methods, homomorphic encryption stands out due to the fact that it facilitates application of mathematical computations to the ciphered data. This can make processing of user data by third parties safer. IBM pioneered the creation of homomorphic encryption or asymmetric encryption. Homomorphic encryption is an approach to data security that was developed with the goal of developing an encryption method that permits an endless number of additions to data that has been encrypted [23]. It is necessary for there to be some kind of connection between the plaintext and it is possible to execute computations on information which is enciphered by utilizing homomorphic or asymmetric encryption by using the plaintext before encryption. Everyone can read plaintext, but ciphertext is produced when plaintext is altered by

60

K. Renuka Devi et al.

Encryption key

Plain text

Cryptography algorithms

Encrypted information

Fig. 1 Process of encryption

the application of an encryption technology, as seen in Fig. 1. Everyone has access to plaintext. For instance, in homomorphic encryption, adding or multiplying two ciphertexts should yield the same outcomes as if two plaintexts had been used for the encryption. This is so because the ciphertexts essentially serve as copies of the plaintexts. This is due to the fact that the ciphertexts are a representation of the plaintexts in an encrypted form. When homomorphic encryption is used, the process is carried out in a way that makes it invisible to anyone who is seeing it [24]. The process of encryption initiates with the plain text as input. The cryptographic algorithms are applied to the plain text. The encryption key which is an essential component in maintaining the privacy and security of data. This could be either public key or secret key. Due to this process, the encrypted results produced as the output which is depicted in Fig. 1. The asymmetric encryption process was depicted through the Fig. 2. The user A gives input as plain text. The encryption process has been applied which gives the resultant as encrypted text. The process of carrying out computations on data that has been encrypted without first needing to decrypt the data is known as homomorphic encryption. As a result, the result has been generated by performing computations and the results was examined and generated. Finally the encrypted result was given to user B. The purpose of homomorphic encryption is to provide users with the capacity to carry out calculations on material that has been encrypted. As a result, data can be handled without compromising its privacy, which paves the way for the successful completion of valuable tasks using data that resides in untrusted contexts [25]. This has a lot of value in a world where computation is done in different places and different kinds of networks are used. A homomorphic cryptosystem is similar to other types of public encryption in the sense that it encrypts data with the help of a public key and restricts access to the decrypted data to only the person who possesses the secret key that corresponds to the publicly available key. But, in contrast to other methods of encryption, this one makes use of an algebraic framework to make it possible to do a number of computations (also known as operations) on the data that has been encrypted [26].

Securing Shared Data Based on Homomorphic Encryption Schemes

User A

Plain text

Results returned

Examine results

Encrypted results

61

Encrypted text

Computations are performed in encrypted text

User B

Fig. 2 Process of homomorphic encryption (HE) or asymmetric encryption

The homomorphic encryption intended to solve different challenges in business such as, • Supply chain security • Regulatory compliance • Private data analytics While comparing the HE with other forms of encryption techniques, it utilizes pubic key for encryption and also makes use of algebraic functions in order to perform some kind of computations in the data that is still being encrypted. This process makes sure that the individuals with the private key that is matched can able to access the data which is unencrypted [27]. The main advantage is that the data will be highly protected and secure even when some user has been using the data for performing computations or making changes. Homomorphic encryption process has been broadly classified into three categories which is depicted in Fig. 2.

Advantages of Homomorphic Encryption In the modern technical world, before doing any computations on data, such as mathematical operations, it is necessary to first decode the data. Before moving on, this is a requirement. This is required to unlock the data that had previously been encrypted and stored. After that, we must perform our calculations, and as a last step, we must re-encrypt the data before we can send it back. At this stage in the process, the utilization of homomorphic encryption is required [28].

62

K. Renuka Devi et al.

A more concrete illustration of this concept would be a system or service that analyses a patient’s medical history in order to determine whether or not the individual is suffering from a particular ailment. It’s likely that the data we’d be sending contains highly confidential information regarding the patient’s past medical conditions and treatments. Thus, we want to be sure that nobody else will be able to get their hands on this information [29]. By utilizing homomorphic encryption, the system or service in question is capable of doing the required calculations on the ciphered information and then return the result of the diagnostic without being aware of the information that is being worked on. When we share private information across many channels, we expose ourselves to potential privacy risks. But from the other side, protecting the confidentiality of information while it is encrypted by allowing users to alter and operate on it and it is encrypted, is possible if users have the necessary capabilities [30].

4 Types of Homomorphic Encryption On the other hand, it could be difficult to encrypt data in a manner that permits an infinite amount of additions and multiplications to be performed upon that. This has the immediate effect that, depending on how it is generated, homomorphic encryption could be separated into a very large number of different subclasses of encryption, as is illustrated in Fig. 3. When two ciphertexts are added together using an algorithm that is additively homomorphic, the outcome is the same as when the method is used to encrypt the total of the two plaintexts [31]. Moreover, if a method is multiplicatively homomorphic, doubling two encrypted messages with the same key is comparable to doubling original texts to the power of an encryption key. When multiplying two encrypted ciphertexts with the same key, this is the case. In addition to being partially, somewhat, or totally homomorphically encrypted, homomorphic encryption can also be additive or multiplicative: An encryption with complete homomorphism: To generate ciphertexts, it is possible to perform an endless amount of additions or multiplications. It is possible to make an encrypted output from any capability using a program that operates on encrypted data as its input. An encryption that is only partly homomorphic: An operation can be repeatedly performed indefinitely on the plaintext. It’s not too difficult to imagine how these cipher schemes work. An encryption that is somewhat homomorphic: There is no restriction on how many operations can be completed by themselves, but there is a limitation on how many addition or multiplication operations can be completed. It is much more difficult to develop a homomorphic or asymmetric encryption method that is capable of

Securing Shared Data Based on Homomorphic Encryption Schemes

63

Fig. 3 Classification of homomorphic encryption (HE) or asymmetric encryption

performing a finite set of operations than it is to repeatedly perform the same action forever.

Fully Homomorphic Encryption (FHE) Fully homomorphic encryption (FHE) model is considered to be the algorithm of next generation in the concept of cryptography, FHE is considered as one of the intelligent cryptosystem method [32], because the encryption process was performed without decrypting the original data which is depicted in Eq. 1. The FHE performs its role significantly in cloud computing and distributed computation since, the complex data would be retrieved more efficiently which is stored in cloud [33]. Completely asymmetric enciphering method should permit every individual for creating an encrypted message that encodes f (1,…,t), as provided as that functions can be successfully computed, with encrypted message that encode 1,…,t. This is the fundamental idea behind completely homomorphic encryption, and it is a straightforward idea. The inputs, outputs, and intermediary values are always encrypted, therefore there shouldn’t be any information leakage regarding the values 1,…, t or f (1,…, t), in addition to any intermediary unencrypted values.

64

K. Renuka Devi et al. Encrypt

X ←→

Decrypt

E(X ) (for all opertions)

(1)

It may come as a surprise to some people that fully homomorphic encryption (FHE) is theoretically possible. Yet, this is something that can be accomplished. To get a better understanding of how completely homomorphic encryption works, it may be beneficial to think of it in terms of a physical comparison, such as the darkroom in which photographs are developed. This will help to see that it is indeed possible. When the film is developed, a specific function known as f is applied to Alice’s film by the developer. This function represents the order in which the processes necessary to develop the film are carried out. Theoretically, he doesn’t need to be able to see anything to use this approach, but in practice, darkrooms are frequently not completely dark. This example is plainly faulty since it raises the question of why the developer can’t just leave the darkroom and check the finished product. Assume for a moment that the designer is completely blind. The next question that may arise is: Why is it that only one person can examine the final product? Imagine that all of the people in the world, with the exception of Alice, are unable to see. It is impossible for anybody else in this world to imitate vision; “Sight” is Alice’s secret key, and no one else can have it. Although imagining physical equivalents should be sufficient to persuade the concept of fully homomorphic encryption (FHE) is not a fallacy of logic, it appears hard to design a perfect physical analogue that is not at least slightly improbable. Despite the fact that the idea of fully homomorphic encryption ought to persuade that it is not a logical fallacy, this is the case. Advantage: • It is less likely that private data will ever be compromised because the data is always encrypted. • No longer must features be hidden or dropped in order to maintain data privacy, which eliminates the trade-off between data usability and data privacy. Disadvantage: • FHE is slow when compared with other techniques. • The support for multiple users’ utilization is limited. Applications: Protecting Data That Is Hosted on the Cloud the process of preserving the capacity to calculate and search ciphered data that it can subsequently decrypt by using homomorphic encryption, all without jeopardizing the integrity of the data as a whole. This safeguards the data that stores in cloud storage. Providing Data Analytics Capabilities to Regulated Industries Homomorphic encryption makes it possible to cipher the information and follows the process of transferring that encrypted information to commercial cloud environments for the purposes of conducting research and sharing data while still maintaining the confidentiality of user or patient data. When it is used in businesses and organizations,

Securing Shared Data Based on Homomorphic Encryption Schemes

65

individuals are able to utilize the information without viewing its unencrypted values across a broad variety of sectors, including, among others, those in the healthcare, financial services, retail, and information technology. Examples of this include the recognition of forensic photos, the protection of consumer privacy in targeted advertising, the predictive analysis of medical data without compromising patient privacy, the protection of financial privacy for uses like stock price prediction algorithms, and more. Enhancing Election Security While Maintaining Transparency Researchers are attempting to develop a homomorphic encryption technique that would increase the security of democratic elections while preserving their transparency. For instance, the Paillier encryption scheme, which is based on addition operations, would be the greatest fit for applications linked to voting. This is so that users of the Paillier encryption system can objectively summarize a wide range of values while still protecting the privacy of those values. This technology could not only shield data from being manipulated, but it also could make it possible for authorized third parties to check its accuracy independently.

Partially Homomorphic Encryption (PHE) Partially homomorphic encryption (PHE) is a process where certain encrypting functions will be performed such as addition, multiplication without decrypting it whereas for other functions, decryption needs to be performed which is depicted in Eq. 2. This implies that the cipher text can be processed indefinitely many times for a single operation. RSA encryption, which is frequently used in creating secure connections using SSL/TLS, is built on partially homomorphic encryption. ElGamal encryption, a multiplication technique, and Paillier encryption are two examples of PHE. Encryption algorithms that are partially homomorphic have a feature that enables a certain operation to be carried out an endless number of times. For instance, a certain algorithm might have the property of being additively homomorphic. This would imply that the result of using the algorithm to encrypt the total of two plaintexts would be the same as the result of using the method to cipher the addition of two ciphertexts [34]. It is not too difficult to create encryption algorithms that are partially homomorphic. In point of fact, it just so happens that several well-known encryption methods are, to some extent, homomorphic by chance. An illustration of multiplicatively homomorphic behavior is the RSA algorithm. This can be explained by the exponentiation-based foundation of RSA encryption, which goes like this: C = (mx) (mod n), which denotes m as text and x as the secret key. The formula (a^n)(b^n) = (ab)^n must be followed in accordance with exponentiation principles. This proves that multiplying two ciphertexts encoded using the identical key is equivalent to raising the combination of the original message to the

66

K. Renuka Devi et al.

power of the private key. Since this in the case, RSA is said to be multiplicatively homomorphic. E(X ) Encrypt X ←→ (for specific operations such Decrypt as addition, multiplication)

(2)

Just a limited set of mathematical operations can be carried out on values that have been encrypted using the partially homomorphic encryption (PHE) method. This indicates that the ciphertext can only undergo a single computation, either addition or multiplication, regardless of the amount of times that operation is carried out. The RSA encryption technique, which is extensively used in the process of creating secure connections using SSL/TLS, is based on the Public Key Encryption (PHE) standard, which allows for multiplicative operations [35]. Advantage: • Limited number of computations • It requires minimum effort for computations • Faster than other encryption formats. Disadvantage: • Performs better only for addition or multiplication process. • It is less versatile. Applications: • Secure internet banking, credit card transactions. • Utilized in hybrid systems. • The remote file system is one of the application of PHE. The file system makes use of a series of files with completely encrypted names, data, and metadata, which are stored in the file space of a webserver. These files make up the physical repository. This repository is just a single folder with no subfolders or subfolders within them; it completely disregards the folder hierarchy that was previously in place. When seen from the perspective of the user, the structure seems to be a tree composed of regular files, complete with the user-defined folder hierarchy, accurate metadata, and unencrypted content. On the client side, all encryption operations and administration of cipher keys are handled, but these processes are completely hidden from the user. In addition, the homomorphic capabilities of the cryptographic schemes that are utilized allow for the intensive search operations to be carried out on the server side without any decryption taking place. This makes the process significantly more efficient [36].

Securing Shared Data Based on Homomorphic Encryption Schemes

67

Somewhat Homomorphic Encryption (SHE) The data that is encrypted can be subjected to a number of different mathematical procedures which was executed by somewhat homomorphic encryption which is depicted in Eq. 3. Some functions, however, can only be carried only once, or up to a particular level of complexity [37]. By using somewhat homomorphic encryption, the process might be utilized for specific operations, this shows that the data might be secured as high. It’s because the certain operations can be performed in an infinite manner. E(X ) Encrypt X ←→ (for specific operations Decrypt performed unlimited times)

(3)

Following on from somewhat homomorphic encryption is rather homomorphic encryption, the next level of encryption after substantially homomorphic encryption. A technique for encrypting data that is only partially homomorphic enables a finite number of any operations, as opposed to allowing an infinite number of one operation. For instance, a suitable homomorphic encryption method would support every combination of up to five additions or multiplications. Sensitive data could be protected in this way. A sixth operation of any type, however, would produce an incorrect result [32]. In the road to fully homomorphic encryption, somewhat homomorphic encryption techniques serve as an essential stepping stone along the route. It is more challenging to create an algorithm that allows for unlimited sum or product of encrypted texts than it is to create one which acts as a pillar for sum and product of ciphertexts. Ciphertexts may be multiplied or appended indefinitely. Generating keys, Encipherment, and Decipherment are the three fundamental techniques that are used in a conventional encryption method. To a homomorphic model, evaluation algorithm has been included. The objective of this approach is to carry out the requested operation on ciphertexts and then obtain the resultant ciphertext. Even if the effectiveness of a homomorphic encryption model is fundamentally identical to that of any standard encryption approach, it is necessary to decrypt a ciphertext produced by the evaluation method in order to show that it is legitimate [38]. In light of this, any operation can use the homomorphic encryption scheme, regardless of whether the computed equation, decryption (Kpriv, Evaluation (Kpub)) = (m1, m2,…, mk) holds true. This is true for any combination of keys produced by the key generation algorithm, as well as for any quantity of plain text m1, m2,…, mk and their corresponding encrypted text. So, based on this definition, the following section will discuss the parameters of the DGHV scheme as well as its four algorithms, which are key generation, encryption, decryption, and evaluation. Our expansion is constructed on top of the DGHV scheme [39].

68

K. Renuka Devi et al.

Advantages: • Encryption on certain operations can be performed in an unlimited manner. • Utilized for securing data in fixed amount of time. Disadvantage: • Adds some noise. • Takes a lot of operations. Applications: • Utilized for cloud storage applications. • Efficient memory access. Even if there are a number of homomorphic schemes in this context, including RSA, Goldwasser-Micali, ElGamal, Paillier, Boneh-Goh-Nissim, and others, it is not very useful to examine those that rely on factoring or different iterations of the Diffie-Hellman algorithm. This is because this approach prioritizes a different set of considerations. The decryption operations required by each of these schemes (exponentiation, computation of the Legendre symbol, pairing, etc.) are not even known to have circuit complexity in NC. Examples of such operations include: The decoding circuit’s complexity for these systems might be somewhat decreased as for employing methods such dumping some of the decoding work onto the encryptor, who then outputs a larger ciphertext that can be decrypted by a shallower circuit. However, we do not see the capacity of decryption circuit can be reduced sufficiently to make these schemes bootstrappable [40].

5 Privacy Issues in Various Domains • Cloud computing is very concerned with security. Infrastructure-level security is strongly encouraged, encompassing networks, server, software, and data security. Data pertaining to each level, including networks, server, and application levels, is available. Several technologies are used in cloud computing. • It is essential to address the privacy concerns relating to various types of assaults relating to various technologies. The following are some security concerns with cloud computing. • Availability: Data availability is a key security concern. It must always be made accessible for the user. Data management must be possible for the user. When a service from another cloud service provider is requested, an availability issue must be resolved. Now, there are three main dangers to availability. Attacks focused on networks pose the most threat. The second issue is the availability of providers of cloud services, and the third is the cloud provider’s backup of stored data. Effective and efficient methods must be used for data access control, validation, and authorization of sensitive information [41].

Securing Shared Data Based on Homomorphic Encryption Schemes

69

• Data remanence: When data is exposed to an unauthorized person after being deleted, there is a problem. While erasing data, caution must be exercised. • Third Party Control: The user data is managed by the providers of cloud. Access by a third party could result in the disclosure of confidential information and trade secrets. The issue of corporate eavesdropping is also very real. Also, it shouldn’t force the user to rely only on one of these cloud service providers. • Privacy and legal concerns: User is ignorant of where cloud storage for data is located. Legality and data confidentiality are major concerns. User privacy concerns also pertain to their data. • Decryption is used to restore plain text when data has been encrypted since encrypted material is typically difficult for unauthorized parties to understand. One must first complete the decryption before performing any type of computation. Major problems are solved through encryption. Yet if a user has the ability to compute with ciphertexts, they may take advantage of the cloud’s capabilities. Computing with encrypted data is possible thanks to homomorphic encryption. That implies that one can manipulate this data without having to convert it to plaintext. Most of the time when data is stored on the cloud, it is encrypted. • The fully homomorphic encryption (FHE) or asymmetric approach allows users to manipulate encrypted data in a variety of ways. An encryption method that uses partial homomorphism only permits one type of operation [42].

6 Security Issues in Healthcare Domain Like other large-scale enterprises, the risks of privacy violations and certain other issues with security and confidentiality of information are present in the healthcare sector. In order for patients and practitioners to get the full benefits of their collaboration, a great deal of private information is exchanged between them. There are a large number of people involved, and the sector has its own urgent goals and pressures. The healthcare system that we have now is completely computerized, and all of our medical files are stored in digital format [43]. This data comprises patients’ personal health records as well as clinical data and warehouse information; also, a growth in transparency means that there is a greater risk to the data’s privacy and security.

7 Major Threats for Healthcare Data Breaches The most frequent threats to data privacy and security, according to the big healthcare data breaches that have been revealed over the past few years, are data loss, information theft, unlawful access, improper data disposal, security errors, and more.

70

K. Renuka Devi et al.

BYOD Policy The Bring Your Own Device Policy, introduced at numerous medical fields, poses a possible threat for confidentiality of patient information as well as information protection of healthcare organizations and units. Strengthening data privacy and security across the numerous mobile health devices now on the market is crucial. There was a time when doctors cherished the ability to use mobile apps to track patient data and obtain clinical information. These days, however, more and more people have access to data, which poses a threat to its privacy and integrity.

Cyber Attacks Attacks on computer networks pose a clear and present danger to every sector of the economy, which includes the healthcare industry. Protecting one’s possessions from cyberattacks is difficult. The data that cyber criminals most regularly examine is the data related to billing and insurance records. The reason for this is clear: fraudsters are seeking vital details like social security numbers, credit card numbers, and other information that could be used to their financial benefit.

Computing in the Cloud The healthcare industry makes extensive use of cloud computing, which comes with its own unique set of privacy and safety concerns. According to data, the cloud services used by the healthcare sector account for more than 12% of all high-risk cloud services, while almost seventy-seven percent of them are at a medium risk [44].

Making a Hash of Compliances People frequently believe that a compliant organization is also a secure organization. This is not the case. Complying with regulations, on the other hand, frequently ends up being a more dangerous proposition. It opens the door to risks from the outside world to sensitive information.

Securing Shared Data Based on Homomorphic Encryption Schemes

71

Identity Theft in the Medical Field Because there have been instances of medical identity theft, suppliers of medical care need to guarantee that only approved users can access all of their clinical applications [45]. Hackers started their access to the information and their path to more by using the data of patients as a springboard.

8 Protection of Healthcare Data Because the cybersecurity risks facing the healthcare business are advancing at an alarming rate, a strategy that is both smart and multi-faceted is required to be put into place to safeguard the information of patients and other clients. The following are some tried and true procedures that healthcare companies can implement to reduce their vulnerability to potential security risks: • Instruction of Healthcare Workers in Cybersecurity is Necessary: Since Human Error Is Always a Factor Behind Every Security Incident There is always an obvious human element involved in certain security incidents. These kinds of occurrences are considerably more common in medical sector. The benefits of security awareness for staff members not only be armed with the knowledge necessary to manage patient data in a proper manner, but they will also be prevented from making misinformed judgements that could put the safety of the company in jeopardy [44]. • Establish and Enforce Access Restrictions for Data and Applications: By limiting access to sensitive patient data and necessary applications, healthcare systems’ cybersecurity is being strengthened. This further assures that sensitive data will only be accessible to those individuals who have successfully authenticated themselves [46]. Multi-factor authentication techniques, such as a secure personal identification number (PIN) or password, a security key, fingerprint scanning, or retinal scanning, can be used to verify that the individual in question genuinely has the right to obtain important program and user data. • Create Controls on Data Use Healthcare firms are able to detect or stop potentially harmful or risky data activity in real time if they have established appropriate controls on the activities associated with data usage. It is necessary to prohibit some operations involving sensitive data, such as downloading it to the internet, sending unauthorized emails, and copying it to external sources [47]. • Record and Monitor Access and Data Use If business managers record and keep track of accesses to information as well as data usage, they may identify the apps and resources that team members from all parts of the organization used. This assists in preventing suspicious behaviors from getting out of hand and putting security controls in place where they are needed. In the situation of a privacy lapse, the healthcare organizations will be in a position to precisely identify the location

72

•

•

•

•

K. Renuka Devi et al.

of the error, as well as the factors that contributed to it, and the preventative measures that may be taken. Encrypt the Data Whenever Possible Data encryption is without a doubt one of the most significant safety precautions that healthcare companies can take. The use of encryption makes sure that even if hackers are successful in obtaining patient information, they will be unable to use it in any way. According to the flow of data inside the organization, Healthcare organizations are required by the Health Insurance Portability and Accountability Act (HIPAA) to maintain stringent cryptographic processes. Frequent Vulnerability Assessments Should Be Carried Out Every preventative security strategy must include the routine practice of conducting vulnerability assessments. These evaluations will not only point out the areas where the organization’s security architecture is vulnerable, but they will also analyze how well-prepared everyone within the organization is in terms of security, including its vendors. A vulnerability assessment should be carried out on a regular basis as it allows healthcare organizations to proactively identify any potential risk factors and eliminate them, hence lowering the possibility of costly data breaches and the harm they cause [48]. Sensitive data is backed up securely Data breaches in the healthcare industry can compromise data availability and integrity as well as divulge sensitive patient information. Make sure that private information is safely backed up. In the healthcare sector, data breaches might reveal private patient data. As healthcare firms simply cannot afford to risk losing their most precious asset, it is imperative for them to regularly back up their data. To assure the safety of the data that is already in existence, it is essential to create off-site backups. Moreover, security measures such as encryption and access limits will help to provide extra layers of security. In addition to alleviating cybersecurity worries, data backups can aid organizations in disaster recovery. Keeping an Eye on the State of Readiness of Business Associates Security In order to facilitate the provision of top-notch excellent service, information about healthcare is constantly shared among various stakeholders, including hospitals, insurance companies, payment agencies, and others. Because of this, it is becoming more and more vital to evaluate the level of preparedness for security that all of the cooperating business associates possess. The HIPAA Omnibus rule and the HIPAA Survival Guide both include all pertinent information and instructions on the partnerships and associates with whom it is associated.

9 Securing Data Using Homomorphic Encryption Calculations on encrypted data can be conducted without the need for a secret key thanks to a sort of encryption technique known as homomorphic encryption (HE). The calculation output is still encrypted, and only the private key holder may decrypt it.

Securing Shared Data Based on Homomorphic Encryption Schemes

73

Fig. 4 Homomorphic encryption

For instance, in the domain of banking or healthcare, it consists of variety of sensitive data which it has to be secured. Sharing those private data with the third parties such as cloud service or any other companies might be one of the bottleneck issues where the importance of data should not be revealed to them at any case. The most commonly utilized encryption techniques provide efficient method to maintain and handle the information in the encrypted format. But, in order to perform computations and other types of processing, either the cloud environment must be used to decipher the information. Whereas this leads to some kind of security issues, and also it is costly and time consuming [49]. An important role is played by asymmetric encryption in protecting the data since, the computations has been carried out on data without decrypting it. The HE process enables the businesses or individuals can use the cloud infrastructure to exchange their encrypted information or third parties for computations. All such computations will be performed on those information and then remit the result of encryption to the individuals where only the original user will be decrypting it using his/her private key. The process of homomorphic encryption has been depicted in Fig. 4.

10 Challenges and Risks of Homomorphic Encryption (HE) or Asymmetric Encryption The homomorphic encryption or asymmetric encryption is one of the efficient methodology for maintaining the privacy of data [31]. Since, it has few challenges faced by it which is given below. • Efficiency • Robustness • Delay

74

K. Renuka Devi et al.

Efficiency Several PHE algorithms such as RSA, ElGamal, Paillier plays a significant role in various kind of applications. But, it also has specific limitations where some algorithms tend to support only one operation hence, the usage of this has greater restriction in practical applications and also some applications have the need of more than one operation. This shows that such algorithms will be used in the combination of other homomorphic encryption algorithms. Homomorphic encryption is crucial in the SaaS or PaaS cloud service models for preserving the safety of applications or services. Whereas in the case of IaaS, the utilization of specific API’s or tools, the data could be easily encrypted or decrypted.

Robustness The robustness is one of the major challenge faced by homomorphic encryption. It’s because the system has to withstand any kind of system vulnerabilities. According to the encryption key’s size, determines the robustness of homomorphic encryption. When dealing with RSA algorithm, the public key’s size must be grater then the number of bits. This shows that the usage of large public key’s size makes the system slow for processing in the case of practical applications.

Delay The large sized public key usage not only affects the property of robustness, but also it affects the cipher text size, the time of encryption and decryption in addition to the duration of data processing. The size of public key in RSA cryptosystem is of the deciding factor for the property of robustness and delay. The processing speed of homomorphic encryption has been analyzed using the following factors. • The encryption key’s size and its effect on the encryption time and encrypted message. • The application processing delay which it is based on encrypted message size. • The deciphering process’ estimated duration of time, which is dependent on the encrypted text provided by the cloud provider and private key’s size.

Securing Shared Data Based on Homomorphic Encryption Schemes encryption time (sec)-FHE

75

encryption time (sec) - PHE

encryption time (sec) - SHE TIME (SEC)

4 3 2 1 0 64

90

104

150

190

FILE SIZE

Fig. 5 Encryption time—HE algorithms

11 Analysis of FHE, PHE, SHE The homomorphic encryption algorithms consist of various techniques such as FHE, PHE, and SHE. The cryptographic techniques under those algorithms comprises of RSA, ElGamal, and Paillier cryptosystem. This paper focused on defining performance analysis of RSA algorithm under each cryptographic technique. From Fig. 5, we infer that the encryption time for FHE, PHE, and SHE has been analyzed. And the result shows that PHE consumes less encryption time when compared with other encryption algorithms. It shows if the time complexity for converting from plain text to cipher information is lesser, the data will be encrypted faster and secured from the intruders in a most significant way. Figure 6 depicts the computational speed of homomorphic encryption algorithms. From the figure, we infer that the FHE, SHE takes large amount of time in computing the result. But, this also shows that the FHE and SHE performs comparatively in equal manner. Whereas the PHE executes in a faster manner while comparing it with other two algorithms. When the file size is of 190 Kb, the performance of PHE is better than the former algorithms. Hence, partially homomorphic encryption algorithm will be highly utilized for computing the result. This is due to the fact that certain encrypting functions can be performed indefinitely.

12 Homomorphic Encryption (HE): Applications Homomorphic encryption is a significant development since it enables computations to be carried out on information that has been encrypted. This paves the way for the processing of data to be contracted out to a third party without the necessity of placing faith in the unauthorized users to adequately protect the information. Without accessing right decryption key, it is impossible to restore the initial information. Processing on encrypted data has the ability to solve a variety of significant business issues that are now being encountered by companies in various industries. The

76

K. Renuka Devi et al. 8 7

Time(sec)

6 5 4 3 2 1 0 64

90

104

150

190

File size(Kb) Speed (sec) -FHE

Speed (sec) -PHE

Speed (sec) -SHE

Fig. 6 Speed of HE algorithms

applications of HE has been broadcasted in many ways which is shown in Fig. 7. Some of them are given below.

Data Stored in the Cloud Data Analytics in Regulated Industries

Analytics Done on Private Data

Compliance with Regulations

Applications of HE

Protection of the Supply Chain

Election security and privacy

Education

Healthcare

Fig. 7 Applications—homomorphic encryption

Securing Shared Data Based on Homomorphic Encryption Schemes

77

Data Stored in the Cloud Homomorphic encryption is highly preferable for safeguarding the data that has been preserved in the community of cloud and also the property could be maintained by calculating and finding the encrypted text. Those ciphered text will be decrypted and utilized by maintaining the integrity of the data. Cloud-based information is available everywhere where it could be utilized by third parties and intruders. Those data in the cloud should be secured and it shouldn’t be revealed to the outside world [50]. For maintaining the security and integrity of information, the user must perform enciphering process before storing in the cloud. FHE under Homomorphic encryption schemes are highly helpful for performing computations without decrypting the original data (without revealing the secret key).

Data Analytics in Regulated Industries For research and information sharing purposes, homomorphic encryption enables the encryption of data and outsourcing to commercialized cloud environments while preserving the privacy of user or patient data. This technology, which can be used by businesses and organizations in various combinations of sectors, including consumer banking, marketing, and telecommunications, and medical services, allows anyone to access data without seeing its unencrypted contents. Some areas which include medical data analysis significantly affecting privacy, privacy of consumers in personalized marketing, privacy of finance in prediction of stock price, steganographic identification [51]. In many business areas, homomorphic encryption techniques are essential for preserving data privacy.

Election Security and Privacy Homomorphism, performs operations on ciphered text without decrypting the original data (i.e.) several kind of mathematical computations can be performed on them. The schemes of homomorphism include such as: fully HE, partial HE, somewhat HE. The Paillier cryptosystem, RSA cryptosystem, and ElGamal cryptosystem comes under partial HE. While comparing the above different methods of HE, because of its exponential form and ability to achieve additive homomorphism, ElGamal is most frequently employed in homomorphic encryption e-voting techniques [41]. The main benefits of utilizing homomorphic encryption schemes in election system is due to its utilization in small-scale and open-phase election areas. The votes casted will be secured because it won’t be decrypted to count the result. The privacy of voters will be highly maintained by employing the homomorphic encryption schemes.

78

K. Renuka Devi et al.

HE in Education In developed countries like the U.S., more than 1.2 million children graduate from high school each year. The daily equivalent is 7000 students, or one every 26 s. To minimize this issue, we would like to be able to identify individuals who are at danger and provide the best intervention for them. Schools are unlikely to possess the knowledge necessary to make such forecasts at the highest levels, though. For instance, a student may decide to quit going because of health concerns in her family or the availability of aid in their nation. To obtain accurate estimates, it is therefore required to combine data from several organizations, in this case, from schools, hospitals, welfare systems, police forces, and other entities. As these institutes are required to protect the privacy of their data, the integration problem is one bottleneck challenge. Hence, the homomorphic encryption plays a vital role to overcome this issue. Under HE’s security, the data can be combined. Without breaching the law or having to pay for the management of a single repository, this makes the information easily processable for approved uses [42]. The data in education sector is sensitive and private. Hence, while encrypting the data, we should maintain the data leakage.

Healthcare Healthcare domain is one of the area where the utilization of sensitive information is high. The computations have to be performed for operations that is delivered. Whereas, the data breach is one of the bottleneck problem in healthcare domain. Homomorphic or asymmetric encryption which is used in various healthcare applications may be able to assist balance the risks and benefits of information exchange. Examples of such applications include the creation of bills and reports. To compute over a portion of the content in both circumstances, analysts need access to specific medical records. He is essential in the medical industry for safeguarding sensitive information from outsiders and intruders [43].

Protection of the Supply Chain The vast majority of businesses have reliable outside parties on which they rely for various aspects of their operations. These third party contractors, vendors, and others frequently require access to confidential and private company data in order to perform their duties for the organization. Previous instances have shown the dangers of having supply chains that are not adequately protected, as well as how cybercriminals would target the supply chain’s weakest link in order to accomplish their goals. Because of this, a company that

Securing Shared Data Based on Homomorphic Encryption Schemes

79

shares sensitive information with a third party runs the risk of suffering a data breach that is both costly and destructive [44]. Homomorphic encryption is one method that can assist a corporation in protecting itself from the hazards that are associated with the supply chain. A data breach does not constitute a risk to the company if all of the data that is provided to reliable third parties for processing is encrypted. Because of this, a company can outsource the processing of essential data with only a minimal amount of risk.

Compliance with Regulations The legal and regulatory framework governing data protection has grown more complex in recent years. Businesses are now subject to a greater number of requirements and limitations because to new regulations as the European Union’s General Data Protection Regulation (GDPR). Moreover, the privileges of information subjects have been widened. One of the GDPR regulations that many businesses are finding difficult to adhere to is the demand that data pertaining to EU citizens either stay within the EU or in nations or organizations with data security standards comparable to those of the EU. One of the main justifications for data flows between the EU and the US under GDPR was declared unconstitutional by the Schrems II judgement, which was issued in 2020. Numerous US businesses that served EU citizens ran into issues as a result [47]. The provisions of regulations like the GDPR are clearly specified not to apply to data that has been encrypted. With the use of homomorphic encryption, a company may store and process customer data on servers outside the EU while only decrypting the information on servers in countries that adhere to GDPR regulations.

Analytics Done on Private Data The analysis of data is one of the primary revenue generators for many businesses. Companies such as Facebook are able to provide their consumers with services that appear to be “free” because the company collects information about its users, processes that information, and thereafter sells that data to outside parties in order to facilitate targeted advertising. On the other hand, there is controversy about the monetization of personal data [48]. Many people are dissatisfied that businesses are building detailed profiles of individuals without providing them any knowledge of or control over the information gathered about them or how it is used. Homomorphic encryption presents one option for resolving this issue as a viable solution. With homomorphic encryption, a corporation such as Facebook may conduct the necessary data analyses without being able to view or access the original

80

K. Renuka Devi et al.

data. This presents a significant competitive advantage for the company. If users are in charge of their own encryption keys, there is the possibility for more discrete and specific forms of marketing to be implemented [49].

13 Conclusion Today in the technological world, privacy is one of the major concerns. In every field, the utilization of data has been increased tremendously. Hence, securing of those data is one of the bottleneck issues that every data handlers are facing. There are several machine learning algorithms as well as techniques are available for securing those data. But, still it holds some loopholes in it where the data leakage, data breaches occurs. So, we are in a situation to secure those data from the outside world and the intruders from misleading the data. This paper explains about homomorphic encryption (HE) and its technique in securing the data. HE is a technique where the calculation is done on the enciphered information instead of needing to decode it initially. Hence, the original data will be shielded against deception. Also, it demonstrates that the owner of the data must use a secret key to decode the data. Some of its methods, including fully homomorphic encryption (FHE), somewhat homomorphic encryption (SHE), and partially homomorphic encryption (PHE), have also been discussed. The comparison of those techniques has also been done. It shows that the partially homomorphic encryption shows that it performs in a more significant manner than the other two techniques with respect to encryption time and speed of execution of algorithm. The result shows that encryption time decreases and execution speed increases for PHE. Homomorphic encryption is a domain where it proved to be protecting the data from the intruders in a better way. These techniques have also been utilized in different areas like healthcare, education, cloud storage, election security, etc.

References 1. A. C. Santha Sheela and Ramya. G. Franklin, “E-Voting System Using Homomorphic Encryption Technique,” International Conference on Mathematical Sciences (ICMS 2020) 4–6 March 2020, Chennai, India, vol. 1770, no. 1, 2020. 2. Archer, David & Chen, Lily & Cheon, Jung & Gilad-Bachrach, Ran & Hallman, Roger & Huang, Zhicong & Jiang, Xiaoqian & Kumaresan, Ranjit & Malin, Bradley & Sofia, Heidi & Song, Yongsoo & Wang, Shuang, “Applications of Homomorphic Encryption,” 2017. 3. Ciocan, S. Costea and N. T˘ ¸ apu¸s, “Implementation and optimization of a somewhat homomorphic encryption scheme,” 2015 14th RoEduNet International Conference - Networking in Education and Research (RoEduNet NER), pp. 198–202, 2015. 4. El-Yahyaoui and M. D. Ech-Chrif El Kettani, “A verifiable fully homomorphic encryption scheme to secure big data in cloud computing,” 2017 International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 1–5, 2017.

Securing Shared Data Based on Homomorphic Encryption Schemes

81

5. Craig Gentry, “Fully homomorphic encryption using ideal lattices,” In Proceedings of the fortyfirst annual ACM symposium on Theory of computing (STOC ‘09), Association for Computing Machinery, New York, NY, USA, pp. 169–178, 2009. 6. M. van Dijk, “Efficient Private Information Retrieval Using Secure Hardware,” pearson communication, 2009. 7. E. Levieil and D. Naccache, “Cryptographic test correction,” PKC 2008, pp. 85–100, 2008. 8. C. Gentry and S. Halevi, “Implementing gentry’s fully-homomorphic encryption scheme,” EUROCRYPT 2011, pp. 129–148, 2011. 9. Z. Brakerski and V. Vaikuntanathan, “Efficient fully homomorphic encryption from (standard) LWE,” in FOCS 2011, pp. 97–106, 2011. 10. V. Lyubashevsky, C. Peikert, and O. Regev, “On ideal lattices and learning with errors over rings,” Advances in Cryptology–EUROCRYPT 2010, pp. 1–23, 2010. 11. Fan, K., Wang, J., Wang, X., Li, H., Yang, Y. (2017). A secure and verifiable outsourced access control scheme in fog-cloud computing. Sensors 17(7), 1695. 12. Hariss, K., Noura, H., Samhat, A.E. (2017). Fully enhanced homomorphic encryption algorithm of MORE approach for real world applications. Journal of Information Security and Applications 34, 233–242. 13. Sanchez-Guerrero, R., Mendoza, F.A., Diaz-Sanchez, D., Cabarcos, P.A., Lopez, A.M. (2017). Collaborative eHealth meets security: privacy-enhancing patient profile management. IEEE Journal of Biomedical and Health Informatics 21(6), 1741–1749. 14. Darko Hrestak and Stjepan Picek, “Homomorphic Encryption in the Cloud,” Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2014 37th International Convention on, pp. 1400–1404, 26–30 May 2014. 15. M. Louk and Hyotaek Lim, “Homomorphic encryption in mobile multi cloud computing,” Information Networking (ICOIN), pp. 493–497, 12–14, Jan. 2015. 16. Baohua Chen and Na Zhao, “Fully homomorphic encryption application in cloud computing,” Wavelet Active Media Technology and Information Processing (ICCWAMTIP), 11th International Computer Conference, pp. 471–474, 2014. 17. Adil Bouti and Jorg. Keller, “Towards Practical Homomorphic Encryption in Cloud Computing,” Network Cloud Computing and Applications, pp. 67–74, 2015. 18. M. Tebaa, S. El Hajji, and A. El Ghazi, “Homomorphic encryption method applied to Cloud Computing,” Network Security and Systems, pp. 86–89, 2012. 19. Geremew Begna, Ebelechukwu Nwafor, Jeremy Blackstone, Wayne Patterson Acklyn Murray, “Cloud Service Security & Application Vulnerability,” SoutheastCon, pp. 1–9, 2015. 20. Mihai Togan and Cezar Plesca, “Comparison-Based Computations Over Fully Homomorphic Encrypted Data,” Communications (COMM), pp. 1–6, 2014. 21. H. R. Nagesh and L. Thejaswini, “Study on encryption methods to secure the privacy of the data and computation on encrypted data present at cloud,” 2017 International Conference on Big Data Analytics and Computational Intelligence (ICBDAC), pp. 383–386, 2017. 22. Cheon, J.H., Kim, J. (2015). A hybrid scheme of public-key encryption and somewhat homomorphic encryption. IEEE Transactions on Information Forensics and Security 10(5), 1052–1063. 23. Kim, J., Yun, A. (2021). Secure fully homomorphic authenticated encryption. IEEE Access 9, 107279–107297 24. Jabbar, Ihsan & Alsaad, Saad., “Using Fully Homomorphic Encryption to Secure Cloud Computing. Internet of Things and Cloud Computing”, vol. 4, iss. 13, 2016. 25. Jain, Rachna & Gupta, Meenu & Gupta, Akash., “Homomorphic Encryption for Solving Security Issues in Cloud Computing,” International Journal of Engineering and Applied Sciences, vol. 4, pp. 638–643, 2020. 26. K. El Makkaoui, A. Ezzati and A. B. Hssane, “Challenges of using homomorphic encryption to secure cloud computing,” 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp. 1–7, 2015. 27. C. Moore, M. O’Neill, E. O’Sullivan, Y. Doroz, and B. Sunar, “Practical homomorphic encryption: A survey,” Circuits and Systems (ISCAS), pp. 2792–2795, 2014.

82

K. Renuka Devi et al.

28. Kanagavalli, R. and S., Vagdevi, “Secured Data Storage in Cloud Using Homomorphic Encryption,” International Journal on Cloud Computing: Services and Architecture (IJCCSA) vol. 9, no. 4, 2019. 29. Kavya and S. Acharva, “A Comparative Study on Homomorphic Encryption Schemes in Cloud Computing,” 2018 3rd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology (RTEICT), 2018, pp. 112–116, 2018. 30. L. Han, M. Yang, C. -L. Wang and S. -S. Xu, “The Implemention and Application of Fully Homomorphic Encryption Scheme,” 2012 Second International Conference on Instrumentation, Measurement, Computer, Communication and Control, pp. 714–717, 2012. 31. M. Babenko, A. Tchernykh, E. Golimblevskaia, L. B. Pulido-Gaytan and A. Avetisyan, “Homomorphic Comparison Methods: Technologies, Challenges, and Opportunities,” 2020 International Conference Engineering and Telecommunication (En&T), pp. 1–5, 2020. 32. P. Chaudhary, R. Gupta, A. Singh and P. Majumder, “Analysis and Comparison of Various Fully Homomorphic Encryption Techniques,” 2019 International Conference on Computing, Power and Communication Technologies (GUCON), pp. 58–62, 2019. 33. M. Beyene and K. R. Shekar, “Performance Analysis of Homomorphic Cryptosystem on Data Security in Cloud Computing,” 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1–7, 2019. 34. Mr. Manish M Potey, Dr C A Dhote, Mr Deepak H Sharma, “Homomorphic Encryption for Security of Cloud Data,” in the proceedings of 7th International Conference on Communication, Computing and Virtualization, Elsevier, vol. 79, pp. 175–181, 2016. 35. Munjal, K., Bhatia, R., “A systematic review of homomorphic encryption and its contributions in healthcare industry,” Complex Intell Syst, 2022. 36. N. Jain, K. Nandakumar, N. Ratha, S. Pankanti and U. Kumar, “Optimizing Homomorphic Encryption based Secure Image Analytics,” 2021 IEEE 23rd International Workshop on Multimedia Signal Processing (MMSP), pp. 1–6, 2021. 37. Oladunni, T., Sharma, S. (2019). Homomorphic encryption and data security in the cloud. EPiC Series in Computing 64, 129–138. 38. S. Behera and J. R. Prathuri, “Application of Homomorphic Encryption in Machine Learning,” 2020 2nd PhD Colloquium on Ethically Driven Innovation and Technology for Society (PhD EDITS), pp. 1–2, 2020. 39. S. D. Rane, W. Sun and A. Vetro, “Secure distortion computation among untrusting parties using homomorphic encryption,” 2009 16th IEEE International Conference on Image Processing (ICIP), pp. 1485–1488, 2009. 40. S. M. Toapanta, L. J. Chávez Chalén, J. G. Ortiz Rojas and L. E. Mafla Gallegos, “A Homomorphic Encryption Approach in a Voting System in a Distributed Architecture,” 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS), pp. 206–210, 2020. 41. S. Prakaashini and S. Rajamohana, “Comprehensive report on Homomorphic technique in Healthcare Domain,” 2021 5th International Conference on Computing Methodologies and Communication (ICCMC), pp. 1448–1453, 2021. 42. Sharma, Tannishk, “E-Voting using Homomorphic Encryption Scheme,” International Journal of Computer Applications. vol. 141, iss. 13, pp. 14–16, 2016. 43. Shrujana Murthy, Kavitha C.R., “Preserving Data Privacy in Cloud using Homomorphic Encryption,” in the Proceedings of the Third International Conference on Electronics Communication and Aerospace Technology, pp. 1131–1135, 2019. 44. Syafalni et al., “Cloud Security Implementation using Homomorphic Encryption,” 2020 IEEE International Conference on Communication, Networks and Satellite (Comnetsat), pp. 341– 345, 2020. 45. T. Gopalakrishnan, S. Ramakrishnan, K. Balasamy and A. S. Muthananda Murugavel, “Semi fragile watermarking using Gaussian mixture model for malicious image attacks,” 2011 World Congress on Information and Communication Technologies, Mumbai, India, pp. 120–125, 2011.

Securing Shared Data Based on Homomorphic Encryption Schemes

83

46. Balasamy, K., Krishnaraj, N., Vijayalakshmi, K. (2022). Improving the security of medical image through neuro-fuzzy based ROI selection for reliable transmission. Multimedia Tools Application 81, 14321–14337. 47. V. Bansal, “Survey on Homomorphic Encryption,” 2021 5th International Conference on Information Systems and Computer Networks (ISCON), 2021, pp. 1–4, 2021. 48. V. Sidorov and W. K. Ng, “Towards Performance Evaluation of Oblivious Data Processing Emulated with Partially Homomorphic Encryption Schemes,” 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), pp. 113–115, 2016. 49. Z. H. Mahmood and M. K. Ibrahem, “New Fully Homomorphic Encryption Scheme Based on Multistage Partial Homomorphic Encryption Applied in Cloud Computing,” 2018 1st Annual International Conference on Information and Sciences (AiCIS), pp. 182–186, 2018. 50. Z. Salman, M. Hammad and A. Y. Al-Omary, “A Homomorphic Cloud Framework for Big Data Analytics Based on Elliptic Curve Cryptography,” 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), pp. 7–11, 2021. 51. Zhang, J. Xu, P. Vijayakumar, P. K. Sharma and U. Ghosh, “Homomorphic Encryptionbased Privacy-preserving Federated Learning in IoT-enabled Healthcare System,” in IEEE Transactions on Network Science and Engineering, 2022.

Challenges and Opportunities Associated with Homomorphic Encryption for Financial Cryptography S. Finney Daniel Shadrach, A. Shiny Pershiya, A. Shirley Stevany Faryl, K. Balasamy, and K. Chiranjeevi

Abstract Significant improvements in computing, particularly in the area of financial cryptography, have outcome from study into homomorphic encryption schemes. Homomorphic encryption offers a way to safely transfer sensitive data between computer systems and store it there. Any information that a sender wants to send to a recipient is known as plaintext. It can be envisioned as the input to any algorithm or as data being transmitted before being encrypted by an algorithm. By enabling certain computations to be performed on cipher text that result in encrypted results that are also in cipher text, homomorphic encryption aims to facilitate the encryption process. Keywords Homomorphic encryption · Fully homomorphic encryption · Cipher text · Challenges · Opportunities

1 Introduction Homomorphic encryption is a cryptography type that facilitates the performance of numerical computations on coded text rather than the actual data. The input data, commonly known as plain text, is transformed into cipher text, which is subsequently decoded to produce the intended result. The key characteristic of homomorphic encryption is that it should produce the same results while acting on the original plain text as well as when decrypting the operated cipher text [1]. The processing of medical data, protecting the privacy of the patient and the model, outsourcing of financial operations, anonymous database queries, and a more privacy-preserving S. Finney Daniel Shadrach (B) · A. Shiny Pershiya · A. Shirley Stevany Faryl Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] K. Balasamy Department of AI&DS, Bannari Amman Institute of Technology, Erode, India K. Chiranjeevi Universidade Beira Interior. Convent of Sto. Antonio., 6201-001 Covilha, Portugal © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_5

85

86

S. Finney Daniel Shadrach et al.

Fig. 1 Homomorphic encryption

advertising system are just a few of the interesting applications that result from a system that can perform homomorphic operations. Any connections between the plaintext and the associated cipher text are destroyed by encryption techniques. An effective encryption method generates cipher text that is identical to a random number. Using the right key to decrypt a given cipher text is the only way to figure out which plaintext belongs to that particular cipher text. Figure 1 shows the process of homomorphic encryption. There must be a connection between plaintexts and cipher texts in order to execute mathematical operations on encrypted data. The result of adding or multiplying two cipher texts together must be the same as doing the same thing to the two plaintexts before encrypting them. At the same time, this relationship must be carried out in a way that conceals it from outsiders. The encryption is compromised if observing mathematical operations on cipher texts discloses details about the related plaintexts. It is quite challenging to achieve these interrelated aims of strong encryption and accurate mathematical computations on cipher texts [2]. The algorithms that have succeeded in achieving this are homomorphic encryption methods. To enable computation on encrypted data, homomorphic encryption was created. Therefore, information can remain secret while being processed, enabling for the implementation of useful activities using information from unreliable environments. This is incredibly useful in a distributed computing and heterogeneous networking environment [3]. Like other kinds of public encryption, a homomorphic cryptosystem encrypts information using a public solution and restricts access to its decrypted contents to those who have the corresponding matching private key. Its use of an algebraic structure to enable a variety of calculations on the encrypted data, however, distinguishes compared to other forms of encryption. Homomorphic encryption comes in three different varieties. The primary distinctions between them are the kinds and number of numerical computations that can be executed on the plain text. The three different homomorphic encryption types are as follows. 1. Partially homomorphic encryption (PHE) 2. Somewhat homomorphic encryption (SHE) 3. Fully homomorphic encryption (FHE) Many simple mathematical procedures can be applied to values that have partially homomorphic encryption (PHE). It is clear from this that the cipher text can only be

Challenges and Opportunities Associated with Homomorphic …

87

subjected to an infinite amount of epochs for an odd addition or multiplication operation. HCP with multiplicative operations serves as the foundation of the widely used RSA encryption, which secure SSL/TLS communications routinely use. A somewhat homomorphic encryption (SHE) method is one that allows for an inadequate set of operations (either addition or multiplication) up to a predetermined level of complication. By helping to make data private and accessible at the same time, fully homomorphic encryption (FHE) has a great deal of prospective for ensuring functionality is consistent with privacy. Unlimited addition and multiplication operations are possible using the FHE method, which was created from the SHE scheme and improves the effectiveness of secure multiparty computation. It can handle any computations on your cipher texts, unlike other homomorphic encryption techniques.

2 Challenges Associated with Homomorphic Encryption for Financial Cryptography Homomorphic encryption is currently inefficient, which is an issue. These methods are slow and can require a lot of storage since it adheres to the conditions of full homomorphism, which allow cipher texts to be multiplied or added indefinitely without changing the outcome [4]. Homomorphic encryption cryptographic systems have the inherent challenge that its attacks may take use of their additional structural information. For example, when signing with plain Rivest–Shamir–Adleman (RSA) algorithm, multiplying two signatures results in a suitable signature of the combined result of the two related input signals. Despite the fact that there are several techniques to stop such attacks, such as by employing probabilistic techniques, hash functions, or redundancy, this possible limitation prompts us to wonder why homomorphic encryption schemes should be utilized in some circumstances rather than conventional cryptosystems. In order to maintain reliability, availability and integrity in a financial background, security as well as privacy is crucial considerations [5]. In the field of computing outsourcing, efficient data processing and privacy protection are key study areas. Prior to the implementation of the cloud paradigm, encryption of private data was the norm. It cannot provide efficient cipher text computing, but it can shield user data privacy from an unreliable third party. The following challenges are need to be resolved: 1. 2. 3. 4. 5. 6. 7. 8.

Overhead Parallelization Polynomial approximation HE levelled scheme Binary neural networks (BNN) Interoperability Automatization Poor performance

88

9. 10. 11. 12. 13. 14. 15.

S. Finney Daniel Shadrach et al.

Security issues Multiple parties in non-trivial tasks Constructing custom cryptography implementations or algorithms Algorithm and library misuse Improper key management Inconsistent randomness The absence of centralized cryptography.

Overhead When compared to its unencrypted analogue, Neural Network Homographic Encryption (NN-HE) has a large overhead that renders it inappropriate for many purposes. The NN training phase is a computationally demanding task for non-HE models [6]. Still with cutting-edge technologies, HE makes it harder. Pre-trained models have been becoming more popular as a way to circumvent the training step and strike a balance between complexity and accuracy.

Parallelization Using both established and novel parallelizing techniques is one strategy for reducing computing overhead. Systems with distributed computing and high performance and specialized materials can all be converted to work with NN-HE models. The chances of more amiable and effective NN-HE environments are provided by multicore processing units (GPU, FPGA, etc.) or specialized chips (ASIC). The potential for batching and parallelizing many bootstrapping operations is another option to increase overall efficiency. The usefulness of NN-HE plan in practical approaches is constrained by technical factors. The acceptance of technology that protects privacy can be boosted by a number of procedures in abundance, greater multiplicative deepness, and effective amount comparison [7, 8]. Based on well-known loop parallelization methods and data dependency analysis of loops, an automatic method for parallelizing cryptographic algorithms is developed. Manual and automatic parallelizations are the two different methods for parallelizing sequential algorithms. The first one has significant disadvantages including expensive expenses and a lot of time-consuming. Parallelization at source code compilation is a prerequisite for automatic parallelization. As a result, this approach is quick, affordable, and simple.

Challenges and Opportunities Associated with Homomorphic …

89

Polynomial Approximation The analytical architecture for the inner neuronal functions processed homomorphically is a significant hurdle in the development of NN-HE. Finding replacement functions that are cryptographically compatible with HE is important in order to work on encrypted data because NN-HE demands operations that HE does not support. In order to build a successful NN-HE, the activation function is a crucial component. It establishes the accuracy and computational effectiveness of NN-HE. Moreover, activation functions have a big impact on how quickly the network converges [9]. Moreover, its derivative, commonly referred to as a gradient, is crucial during the training stage. Multiple strategies circumvent the restriction by polynomially approximating incompatible functions in a polynomial form that is cryptographically sound. These functions ought to show a trade-off between complexity and precision, which would reduce the effectiveness of traditional approximation methods. In real-world applications, a poor approximation function might cause NN-HE to perform poorly and take a long time to process. Moreover, it results in larger encrypted messages, which consume more memory. Designing a polynomial of low degree with a small inaccuracy and high correctness is complicated when trying to approximate the activation function cryptographically.

HE Levelled Scheme Another crucial area is on creating bootstrap-free techniques that permit NN assessment of restricted (predetermined) deepness. These tiered HE schemes significantly increase production by getting rid of the complexity and bottleneck caused by the bootstrapping decrypt function. This strategy does, however, restrict the application of Deep Learning (DL) [10]. Although it works well for surrounding NN-HE, deep learning models may possibly find the complexity to be unacceptably high.

Binary Neural Networks (BNN) A new area of possibility for achieving blind non-interactive NN-HE models is Binary Neural Networks (BNN). The amount of available inputs and outputs should be a restriction on the solution because the space of functions is constrained. Every layer in a BNN uses a collection of binary activation function and binary weights to translate a binary input into a binary output [11]. It does a batch normalization for the bias prior to each activation function. Figure 2 represents the block diagram of the binary neural network. With the aid of a predetermined threshold, the incoming data is binarized. Because bitwise arithmetic

90

S. Finney Daniel Shadrach et al.

BNN Topology

High level Synthesis

BNN Library

Training

Vivado

PetaLinux

Performance

Deployment on ApSoC

Fig. 2 Block diagram of binary neural network (BNN)

operations dominate in Binary Neural Networks (BNNs), that feature weights and activations for one bit, they are well suited for FPGA accelerators. Also, because of the decreased memory requirements, internal memory can hold all of the network parameters. The BNNs’ high levels of redundancy continue to limit these accelerators’ ability to use energy efficiently. Due to the strict energy consumption limits in smart sensors and small devices, this makes it difficult to use them in these applications [11]. Non-standard binary representations of the data and weights 1, 1 can typically be transferred to binary space 0, 1 by substituting 1 with 0. An element-wise product is capable of performing the weighted-sum. It applies the XNOR logical operator before adding the outcomes of the preceding measure by including how many ones there are. If y > 0 and 1 otherwise, the binary creation function f (y) returns 1.

Interoperability Another difficult issue to solve in order to create NN-HE models that are pleasant is the interoperability of current ML tools. Popular NN frameworks have made it easier to create unique NN techniques, but they do not enable HE. The ability of the current tools to provide or include new methods is essential to the development of NN-HE. Several HE libraries limited flexibility limits their ability to integrate with other frameworks [12]. It lengthens the development process by making the design, testing, and implementation of new models more difficult. A block chain network that is interoperable may employ several hashes and signature techniques. More functionality and handling several signature methods may result in complexity and transactional difficulties.

Challenges and Opportunities Associated with Homomorphic …

91

The supply chain ecosystem is also anticipated to gain from interoperability. The lack of interoperability between the various data systems used by supply chain players is one of the major troubles with supply chain systems. Block chain-based supply chains may offer a number of benefits to disjointed supply chain systems, but executing them will be difficult. The compatibility between distributed ledgers and the numerous legacy software systems now in use is one of these problems.

Automatization The creation of HE applications requires physical organization and a top level of competence across a variety of fields, including low-level programming, configuring complex security parameters, and scheme-specific optimizations [13]. Inadequate setup might result in inadequate performance, insecure encryption, and corrupted or unrecoverable data. The development lifecycle has to be automated and made simpler. Beginners should have no trouble using the implementation, while experts should have a lot of configuration options.

Poor Performance Homomorphic encryption for computationally intensive implementations is yet financially impossible because of slow calculation speed or accuracy issues. Although completely homomorphic encryption research has a long way to go, it is already helpful when used with other privacy-enhancing technologies like secure multiparty computation. This is the general view among scholars. The communication requirements often increase if the cipher texts in the ciphers are significantly greater than the plaintexts. These massive cipher text computations generally take longer to complete than if the plaintext computation were simply carried out. As a result, under the outsourcing computing paradigm, it is necessary to stipulate that input and output encryption and decryption be carried out more quickly than the computation itself [14]. This seems to be less of an issue when there are several parties and individual contributions because privacy, not efficiency, is the main issue.

Security Issues Nowadays, one of the biggest problems facing security practitioners and leaders is how to apply security measures without slowing down or obstructing corporation operations. This speed versus security dichotomy has permeated a lot of aspects of our existence [15]. There are numerous examples from our daily lives of how security

92

S. Finney Daniel Shadrach et al.

interferes with our lives and eventually slows us down or is, on the other hand, seen as a convenience or is unnoticeable. In the actual world, homomorphic encryption is still ineffective. The significant advancement over the years, it is still exceedingly slow and underwhelming, making it unsuitable for most business applications. There are still significant unreciprocated doubts regarding the effectiveness of the underlying encryption, as a recent investigation suggests that the approach exposes privacy information and might be vulnerable. However, using its methodology, businesses cannot execute ad hoc or discovery-based queries. Homomorphic encryption requires either programme modifications or unique and specialized client–server apps in order to function properly, which is one of the biggest obstacles. However, using its methodology, businesses cannot execute ad hoc or discovery-based queries. This raises your total cost of ownership while diverting your company’s attention from more crucial and strategic projects. Maybe even more crucially, there are considerable unrequited uncertainties regarding the cryptographic strength of homomorphic encryption, as recent research suggests that the technique exposes privacy information and might be vulnerable to attack. Although being an encryption algorithm, the homomorphic encryption algorithm does not offer the same level of protection as more well-known encryption techniques. Whole authenticated encryption is not homomorphic encryption, for instance. Data integrity cannot be guaranteed if the information is immediately encrypted by using fully homomorphic encryption and saved. Whole homomorphic encryption is homomorphic, which allows an attacker to change the cipher text. Consequently, encrypted storage and encrypted data transfer cannot be performed using full homomorphic encryption directly.

Multiple Parties in Non-trivial Tasks Guaranteeing fairness (that everyone who is supposed to receive an output does so) in the presence of many participating parties is frequently challenging and necessitates more equipment (such as threshold decryption) and more presumptions (threshold of honest parties). Sensitive information, such as user credentials used for authentication, is present in many systems. A typical strategy for large systems is to save the data in a configuration file at a reliable third party. That would indicate a single point of failure if an enemy were to acquire access to the trusted party, though [16]. In theory, this may be resolved by encrypting the data, but in fact, doing so just postpones the issue relatively than resolving it because the configuration file must be decrypted using some kind of credential data. The manner in which the parties secretly submit their values for the computation is another issue in the model with numerous participating parties. One person can violate the privacy of another by decrypting inputs if they have permission to the secret key. Therefore, threshold decryption is frequently utilized in this situation.

Challenges and Opportunities Associated with Homomorphic …

93

This is a problem in and of itself because creating threshold keys is not an easy operation.

Constructing Custom Cryptography Implementations or Algorithms Even educated mathematicians occasionally build algorithms that have subtle issues, as constructing a cryptographic algorithm, including modes and protocols takes important and uncommon mathematical talents and guidance [17]. There are a lot of details involved in putting cryptographic algorithms into practise. Exponentiating a number, a typical cryptographic process, can reveal confidential information to attackers due to the sequencing of operations required. It is suggested to use standard algorithms and libraries.

Algorithm and Library Misuse Don’t presume that using libraries alone will be enough, even when the libraries are strong. There are many examples of standard libraries being utilized, but the developers who used the libraries assumed the wrong things about how to use the functions in the libraries. In other cases, programmers choose the wrong algorithm or apply the approach in the wrong way [18, 19]. Every digital gadget now includes cryptographic libraries as standard equipment. Researchers have demonstrated that these systems are vulnerable not just because of cryptographic library flaws but also because of improper use of these libraries. The entire system may be in danger as a result of these issues with standardization. The fact that these libraries sustain many, if not too much, modes and options, however, gives the developer opportunity for error. The regular release of newer library versions results in reluctant compatibility, inadequate citations with instances, similar libraries handling numerous operations that give much control to the developer. For instance, a data encryption system might provide data secrecy, but it might not guard against mean alterations to the data. A further illustration is that if an algorithm needs an initialization vector (IV), selecting an IV with specific characteristics might be necessary for the model to function firmly. For applied cryptographers, knowing the subtleties of model and usage of library is a crucial ability.

Improper Key Management The protection of the cryptographic system is still dependent on keeping the cryptographic keys secure even when everything else is carried out correctly. Key management errors incorporate keystroke hard coding in software (frequently seen in applications and embedded hardware), failing to permit key rotation and/or revocation,

94

S. Finney Daniel Shadrach et al.

using weak cryptographic keys (e.g., keys that are too short or predictable), and using poor mechanisms for key distribution. It has never been more crucial or difficult to keep your cryptographic keys safe and secure due to the rising reliance on cryptography to protect digital assets and communications, the persistent weaknesses in modern computing systems, and the increasing sophistication of cyber-attacks [20]. There are numerous dangers that might cause a key to be compromised; generally, you won’t even realize the key has been compromised until the attacker has used it to their benefit, making the threats all the more hazardous. An enormous data breach that results in reputational harm, costly regulatory fines, and a loss of investor and consumer confidence could be caused by a single compromised key.

Inconsistent Randomness Statistical and cryptographic randomness is commonly confused. Strongly secure random numbers are necessary for cryptographic procedures. Care must be made to make sure that the random statistics are unique and have strong cryptographic randomness features. The protection force of the system is strictly correlated with the quality of the random numbers used in cryptography. How hard it is to hack a system depends on how good the random number producer is. The bits (or keys) that a hacker must guess in order to defeat a security technique or protocol are how strong it is cryptographically [20]. Random bits are necessary for the security of many security mechanisms. It has been demonstrated that algorithms such the AES, RSA, and ECC are challenging to crack. Precision, which is the reproducibility of the same measurement under similar conditions, is mostly created by random error. When two dimensions of the same thing are made, random error creates variability, whereas systematic error causes your measurement to deviate from the correct value in a particular way.

The Absence of Centralized Cryptography Different teams inside an organization have frequently been seen to create their own cryptography procedures. It’s common for cryptographic algorithms to clash. Best practises consist of doing it “correctly” the first time and using the component again.

Challenges and Opportunities Associated with Homomorphic …

95

3 Opportunities Associated with Homomorphic Encryption for Financial Cryptography To enable computation on encrypted data, homomorphic encryption was created. Accordingly, information can maintain discretion while processing, permitting for the close of useful actions using information from unpredictable environments. Figure 3 represents the opportunities associated with homomorphic encryption for financial cryptography. Here is a really precious skill in the environment of heterogeneous networking and distributed processing. Over the last ten years, it has been an exponential rise in demand for algorithms that can handle more complicated structures while maintaining the anonymity of digital data. Its development coincides with the expansion of communication networks, the devices they use, and their expanding capabilities [21]. These systems and networks are also vulnerable to a wide range of assaults that involve data modification, data destruction, and data theft. Modern technology offers numerous ways to ensure privacy when storing and accessing data securely, including the use of tamper-resistant hardware and data encryption. Multiparty Computation

Mobile agents' safety

Plan for Secret Sharing Threshold Schemes

Zero Knowledge Proofs

OPPORTUNITIES

Election Schemes

Watermarking & fingerprinting schemes Oblivious Transfer

Commitment schemes

Lottery protocols & Mix Nets

Fig. 3 Opportunities associated with homomorphic encryption for financial cryptography

96

S. Finney Daniel Shadrach et al.

Mobile Agents’ Safety Safety of mobile agents is the most prevalent intriguing uses of homomorphic encryption. A finite field algebraically homomorphic cryptosystem would result from a homomorphic encryption system on a particular non-abelian group [20]. Such homomorphic encryption cryptosystems could provide the opportunity to code a complete programme while keeping it executable because the binary strings create the foundation of all conventional computer designs, then, only addition and multiplication are needed. So, by encrypting them, it might be utilized to shield mobile agents from hostile hosts. There are two ways that homomorphic encryption can be utilized to secure mobile agents. i. Computing with encrypted functions ii. Computing with encrypted data A distinctive situation involving the protection of mobile agents is computation using encrypted functions. In such situations, a private function is estimated freely while yet maintaining its confidentiality. It is feasible to study the encrypted function using homomorphic cryptosystems, ensuring its secrecy. To work out openly when protecting the secrecy of the information, homomorphic techniques are also be used with encrypted information. To do this, the data can be encrypted beforehand, and the homomorphic property can subsequently be used to calculate with the encrypted information [22].

Multiparty Computation A cryptographic technique known as multiparty computation (MPC) allows many participants to figure out using the pooled data without disclosing their individual contribution. In multiparty computation systems, many parties want to keep their individual inputs private while computing a common, public function on them. This issue pertains to computing with encrypted data. Secure multiparty computing (MPC), whose security guarantees depend on the set of parties that are compromised, aims to allow a group of members to perform any calculation task. Less is guaranteed as more parties become corrupted, and often when more parties become corrupted beyond a particular bound, all assurances are lost [23]. Figure 4 shows the process of multiparty computation. MPC can be used to sign transactions in place of individual private keys. The signature procedure is separated between a numbers of machines by MPC. Each computer is in control of a part of confidential data that corresponds to a portion of the key, and they work together to sign distributed transactions. In multiparty computation protocols, we typically have n ≥ 2 players, however in such cases involving calculating using coded data, n = 2. Additionally, the function that needs to be computed in multiparty computation

Challenges and Opportunities Associated with Homomorphic …

97

Fig. 4 Multiparty computation

protocols is a known function, while in the context of determining with encrypted data, the function is a contribution from single party in private.

Plan for Secret Sharing Sharing of secret describes cryptographic techniques for dividing a secret into many shares and giving each share to a different party; the secret can only be recovered when all the parties bring their individual shares together. In more detail, the holder of a secret, also known as the dealer, produces n shares of the secret and establishes a threshold t for the quantity of shares required to reform the secret. The dealer then distributes the shares such that they are held by various parties. Figure 5 shows the plans for secret sharing. While using a safe secret sharing technique, an attacker who obtains fewer shares of the secret than the threshold cannot learn the secret. Secret sharing plans are beneficial because they enable more secure storage of extremely sensitive data, such as encryption keys, missile launch codes, and account numbers [12]. The data is dispersed so that it cannot fail at a single location and be lost. Because they enable a high level of protection for secrets utilizing software-implemented algorithms, secret sharing schemes are crucial in cloud computing environments. In secret sharing schemes, parties exchange secrets in a way that prevents any one party from reconstructing the secret using the information at its disposal. Yet, if several parties work together, they might be able to piece the information back

98

S. Finney Daniel Shadrach et al.

Share 1 Share 2 Secret

Secret sharing process

Share 3 Share 4

Fig. 5 Plan for secret sharing

simultaneously. The homomorphic property suggests that in this case, the form of the secret’s shares is the same as the composition of the secrets’ shares.

Threshold Schemes A threshold scheme in homographic encryption is a type of cryptosystem that encrypts data and distributes it among a group of fault-tolerant computers to safeguard it. It is the foundation of the discipline of threshold cryptography. A public key is utilized to encrypt the input information, and the associated private key is distributed among the involved parties. With a threshold cryptosystem, multiple parties (more than a threshold number) must participate in the decryption or signature procedure in order to unlock an encrypted communication or sign a message. Threshold cryptography, where a group of participants carry out specific cryptographic operations without any of them possessing the secret key, is a significant application of multiparty computation (MPC). The key is instead dispersed among the parties and is only usable when a subset of those parties, the size of which is more than a certain threshold, combines their key shares. Applications of threshold cryptography include symmetric and asymmetric cryptosystems’ encryption and decryption procedures, as well as digital signatures. The protection of signing keys used in Distributed Ledger Technology (DLT) systems is a common application of threshold cryptography from a practical standpoint. A DLT transaction is only approved by a quorum, not a single party, and the signature key is not stored by a single party.

Zero-Knowledge Proofs (ZKP) A zero-knowledge proof (ZKP) is the method of cryptography that enables a single party to demonstrate to a new party that they are aware of a secret without sharing

Challenges and Opportunities Associated with Homomorphic …

Prover

Secret Data and Proofs

99

Verifier

Fig. 6 Zero-knowledge proofs (ZKP)

that secret [3]. ZKP is based on the idea that one party (the prover) can persuade the other party (the requester/verifier) that they are aware of or have permission to private information, such as a credit card number, PIN, or password, without disclosing what that information is. The real credentials are neither sent to a server for authentication nor kept there. This ZKP acts as an illustration of a speculative use of homomorphic encryption cryptosystems and is a basic building block of cryptographic protocols. Figure 6 shows the flow of the zero-knowledge proofs. It is possible to demonstrate knowledge of some secret information using zero-knowledge proofs. Consider the scenario where a user must login using a host’s account and private password in order to establish his identity. Presumably, the user of such a protocol wants her password and other sensitive information to remain secret and do not disclose while the protocol is in use. Zero-knowledge proofs (ZKP) ensure that the procedure only conveys the information that was planned and no (zero) additional information.

Election Schemes The homomorphic property in voting schemes gives a way to calculate the results given an encrypted set of votes without having to decrypt each one individually. Because homomorphic encryption enables the counting of ballots without requiring decryption, it is frequently employed in the development of e-voting systems. ElGamal is one of the homomorphic cryptography methods that are most frequently employed in the area of electronic voting. ElGamal is used to encrypt the ballots in conjunction with various technologies, such as zero-knowledge proof, to generate a comprehensive electronic voting system. To increase the transparent and safe democratic elections, researchers are exploring the use of homomorphic encryption. For instance, the addition-based Paillier encryption technique could be the most suitable for applications involving voting since it enables the end users to sum up different morals in an objective manner when maintaining the privacy of their own values. Not only might this technology stop data manipulation but also enable independent third-party confirmation (Fig. 7). Helios was the initial open-audit, web-based voting system. After the polls shut, Helios shuffles every ballot, creates a non-interactive proof that the shuffle was accurate, and then decrypts every ballot to determine the outcome [18]. The use of

100

S. Finney Daniel Shadrach et al.

Fig. 7 Election schemes

computationally intensive and difficult to comprehend algorithmic or cryptographic approaches has drawn criticism for prospective application in regular elections. But, it is manifestly consistent in cryptographic elections, where sophisticated cryptographic procedures are already being deployed. Interactive arguments and proofs are commonly utilized in cryptographic voting systems.

Watermarking and Fingerprinting Schemes The use of digital watermarking technology can effectively deal with many issues. For purposes of tamper detection, localization, ownership verification, traitor tracing, etc., some type of information known as a watermark is thought to be incorporated into the underlying data. Because to its expanding use in numerous practical applications, database watermarking has begun to draw attention in various sectors [1]. For instance, safeguarding the integrity of outsourced relational databases and protecting rights are two situations where database watermarking may be of utmost importance. Examples include online B2B interactions, a style of the business model for service providers, and data mining technologies, where information is sold to customers in pieces using specialized pulling equipment, etc. The fingerprint scheme’s main innovation is the ability to embed and identify any object under plausible assumptions relational bit-string markings. They incorporate a significant fingerprint where the length L (where L > logN, N = the number of purchasers) is generated from a cryptographic hash function with the concatenation as its input of a secret key K (known only to the merchant) and user identifier n. Figure 8 shows the watermarking and fingerprinting schemes of financial cryptography. Digital data is enhanced by digital watermarking and fingerprinting techniques. Previously encrypted data is marked by the homomorphic property. In order to secure copyright, watermarks are typically employed to recognize the holder or supplier of digital stocks. In order to prevent data from being redistributed unlawfully, fingerprinting techniques should enable the merchant to identify the buyer of the data.

Challenges and Opportunities Associated with Homomorphic …

101

Fingerprinting Fingerprinting Receiver 0 Fingerprinting Mediate Node 0

Receiver 1

Sender Receiver 2 Mediate Node 1 Receiver 3

Fig. 8 Watermarking and fingerprinting Schemes

Client (Decodes from reply)

Message Server Reply (encoded)

Fig. 9 Oblivious transfer block diagram

Oblivious Transfer An oblivious transfer (OT) protocol is a sort of procedure used in cryptography in which a dispatcher transmits one of conceivably various bits of information to a receiver while concealing the identity of the piece (if any) that has been transferred. This cryptographic fundamental is intriguing. The initial sender of a two-party system protocol for 1-of-2 unaware transfers sends a bit to the next member with a probability of 1/2, without determining whether the next member received the bit. Figure 9 shows the block diagram of oblivious transfer.

Commitment Schemes A cryptographic primitive is the ability to perform to a specified value (or statement) while keeping it secret using a commitment method. In other words, commitment schemes are binding because they are meant to prevent a party from changing the

102

S. Finney Daniel Shadrach et al.

value or statement after they have committed to it. Application areas for commitment methods in cryptography include secure coin tossing, zero-knowledge proofs, and secure computing. Some of the most basic cryptographic primitives are commitment schemes. A player commits to something in a commitment scheme [14]. She has the ability to select a value from a set and make a commitment to it, making it impossible for her to change her mind. She is not required to share her decision, but she is free to do so in the future. The homomorphic property allows for the effective implementation of several commitment schemes. Commitments are employed in zero-knowledge proofs for two primary reasons. First, they enable the prover to take part in “cut-and-pick” proofs, in which the verifier chooses what information to learn and the prover only reveals that message. Commitment systems enable the prover to specify all the data up front and expose only that which is necessary for the proof to succeed. Second, the verifier uses commitments in zero-knowledge proofs and frequently specifies their decisions in a commitment. This enables the parallel construction of zero-knowledge proofs without the prover learning new information.

Lottery Protocols A lottery protocol may promote from a large number’s decryption that is publicly verifiable. In a conventional lottery, one or more winners are selected through a consistent process, giving each ticket purchased an equal chance to win. An impartial auditor typically keeps an eye on this procedure to ensure that the protocol is fair. Because the procedure is unpredictable, it cannot be duplicated, and thus ticket buyers must have faith in it. Typically, all players in a cryptographic lottery must choose a number simultaneously and at random that points to the winning ticket [24]. This is achievable using a homomorphic encryption technique in the manner shown below: She chooses a random number for each player and encrypts it. The homomorphic property can then be used to efficiently compute the encoding of the total random value sum. The desired functionality is achieved by combining this with a threshold decryption technique.

Mix-nets A mix network, also known as a mix-net, is a crypto-analytic structure which uses a number of servers to provide encrypted media for private communication. One kind of mix network takes a group of cipher texts as input and produces the associated plaintexts with a random order permutation. The fundamental confidential characteristic needed of such a mix-net is that it should only be aware of the permutation matching inputs to outputs. An opponent should, in particular, be incapable to determine in which input cipher text matches to a given output plaintext any more accurately than by making an unsystematic guess [8]. Figure 10 shows the block diagram of mix-nets.

Challenges and Opportunities Associated with Homomorphic …

103

m1 y1 m2 y2 m3

Mix 1

Mix 1

m4

Mix 1

y3 y4

yn mn

Mix Net

Fig. 10 Block diagram of mix-net

Where m1, m2, m3, m4….mn are input data and y1, y2, y3, y4….yn are encrypted data. Mix-nets are procedures that give senders secrecy by compiling encrypted messages from a number of users. Consider mix-nets, which gather cipher texts and output that mixed plaintexts at random with each other order as an example. In such a case, secracy is ensured by guaranteeing that only the mix-net has access to the inputs and outputs are matched by the permutation. A valid input/output combination, or cipher text and accompanying plaintext, should not be more difficult to determine than one that is chosen at random, in this case. Re-encryption, which is possible with homomorphic encryption, is a desired attribute for such mix-nets.

Enabling Data Analytics in Regulated Industries In order to safeguard the privacy of user or patient data, homomorphic encryption enables for research and data sharing that the data will be encrypted and outsourced to commercial cloud environments [20]. To enable users to access information without seeing its unencrypted contents, businesses and organizations in a variety of sectors, such as financial services, retail, Information Technology (IT), and healthcare may use it. Examples include forensic image identification, protecting consumer privacy in tailored advertising, using financial privacy for stock price prediction algorithms, and doing predictive analysis of medical data without jeopardizing data privacy.

104

S. Finney Daniel Shadrach et al.

4 Conclusion The storage of data in financial cryptography has dramatically been improved due to the usage of homomorphic encryption. Technology is relevant to people and businesses in their daily lives. Nonetheless, everyone has been concerned about the security of information during data calculation. The performance of the protocol will be significantly impacted by the improvement of the fully homomorphic encryption mechanism. As a result, the implementation of homomorphic encryption has been a crucial part of a secure financial cryptography.

References 1. A. Adelsbach, S. Katzenbeisser and A.-R. Sadeghi, “Cryptography meets watermarking: Detecting watermarks with minimal or zero knowledge disclosure,” 2002 11th European Signal Processing Conference, Toulouse, France, 2002, pp. 1–4. 2. Brakerski, Z., Vaikuntanathan, V. (2011). Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages. In: Rogaway, P. (eds) Advances in Cryptology – CRYPTO 2011. CRYPTO 2011. Lecture Notes in Computer Science, vol 6841. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22792-9_29. 3. Cramer, R., Damgard, I. (1998). Zero-knowledge proofs for finite field arithmetic, or: Can zero-knowledge be for free. In: Krawczyk, H. (eds) Advances in Cryptology — CRYPTO ‘98. CRYPTO 1998. Lecture Notes in Computer Science, vol 1462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055745. 4. ElGamal, T. (1985). A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In: Blakley, G.R., Chaum, D. (eds) Advances in Cryptology. CRYPTO 1984. Lecture Notes in Computer Science, vol 196. Springer, Berlin, Heidelberg. https://doi.org/10. 1007/3-540-39568-7_2. 5. Damgard, I., Jurik, M. & Nielsen, J.B. A generalization of Paillier’s public-key system with applications to electronic voting. Int. J. Inf. Secur. 9, 371–385 (2010). https://doi.org/10.1007/ s10207-010-0119-9. 6. Frederik Armknecht, Colin Boyd, Christopher Carr, Kristian Gjøsteen, Angela Jäschke, Christian A. Reuter, and Martin Strand. 2015. A guide to fully homomorphic encryption. IACR Cryptology ePrint Archive 2015 (2015), 1192. 7. Goldwasser, S. & icali, S. (1982). Probablistic Encryption and how to Play Mental Poker keeping Secret All Partial Information. In: Proceedings of the 14th Annual ACM Symposium on the Theory of Computing (STOC’82), pp. 365–377, ACM Press, New York, NY, USA. 8. Golle, P., Jakobsson, M., Juels, A., Syverson, P. (2004). Universal Re-encryption for Mixnets. In: Okamoto, T. (eds) Topics in Cryptology – CT-RSA 2004. CT-RSA 2004. Lecture Notes in Computer Science, vol 2964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-54024660-2_14. 9. Grigg, I. (2001). Financial Cryptography in 7 Layers. In: Frankel, Y. (eds) Financial Cryptography. FC 2000. Lecture Notes in Computer Science, vol 1962. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45472-1_23. 10. J.H. Cheon and J. Kim, “A Hybrid Scheme of Public-Key Encryption and Somewhat Homomorphic Encryption,” in IEEE Transactions on Information Forensics and Security, vol. 10, no. 5, pp. 1052-1063, May 2015, doi: https://doi.org/10.1109/TIFS.2015.2398359. 11. Kawachi A, Tanaka K, Xagawa K (2007) Multi-bit cryptosystems based on lattice problems. In: Okamoto T, Wang X (eds) Public Key Cryptography – PKC 2007. Lecture Notes in Computer

Challenges and Opportunities Associated with Homomorphic …

12.

13.

14.

15.

16.

17.

18.

19.

20.

21. 22.

23.

24.

105

Science, vol 4450. Springer, Berlin, Heidelberg, pp 315–329. https://doi.org/10.1007/978-3540-71677-8_21. Kamara, S., Raykova, M. (2013). Parallel Homomorphic Encryption. In: Adams, A.A., Brenner, M., Smith, M. (eds) Financial Cryptography and Data Security. FC 2013. Lecture Notes in Computer Science, vol 7862. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-64241320-9_15. Lipmaa, H. (2003). Verifiable Homomorphic Oblivious Transfer and Private Equality Test. In: Laih, C.S. (eds) Advances in Cryptology - ASIACRYPT 2003. ASIACRYPT 2003. Lecture Notes in Computer Science, vol 2894. Springer, Berlin, Heidelberg. https://doi.org/10.1007/ 978-3-540-40061-5_27. Mathewson, N., Dingledine, R. (2004). Mixminion: Strong Anonymity for Financial Cryptography. In: Juels, A. (eds) Financial Cryptography. FC 2004. Lecture Notes in Computer Science, vol 3110. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-27809-2_ 23. Naehrig M, Lauter K, Vaikuntanathan V (2011) Can homomorphic encryption be practical? In: Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW ‘11. ACM, New York, USA, pp 113–124. https://doi.org/10.1145/2046660.2046682. Nitesh Aggarwal, Cp Gupta, and Iti Sharma. 2014. Fully homomorphic symmetric scheme without bootstrapping. In 2014 International Conference on Cloud Computing and Internet of Things (CCIOT’14). IEEE, 14–17 Okamoto T, Uchiyama S (1998) A new public-key cryptosystem as secure as factoring. In: Nyberg K (ed) Advances in Cryptology EUROCRYPT’98. Lecture notes in computer science, vol 1403. Springer, Berlin, Heidelberg, pp 308–318. https://doi.org/10.1007/BFb0054135. Parmar PV, Padhar SB, Patel SN, Bhatt NI, Jhaveri RH, S’ad Vidya S, Shri S’ad M, Mandal V (2014) Survey of various Homomorphic encryption algorithms and schemes. Int J Comput Appl 91:26–32. https://doi.org/10.5120/15902-5081. Pfitzmann, B., Waidner, M. (1997). Anonymous Fingerprinting. In: Fumy, W. (eds) Advances in Cryptology — EUROCRYPT ’97. EUROCRYPT 1997. Lecture Notes in Computer Science, vol 1233. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-69053-0_8. Pulido-Gaytan, B., Tchernykh, A., Cortés-Mendoza, J.M. et al. “Privacy-preserving neural networks with Homomorphic encryption: Challenges and opportunities”. Peer-to-Peer Netw. Appl. 14, 1666–1691 (2021). https://doi.org/10.1007/s12083-021-01076-8. 25. Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and publickey cryptosystems. Commun ACM 21:120–126. https://doi.org/10.1145/359340.359342. T. Sander and C. F. Tschudin, “Towards mobile cryptography,” Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186), Oakland, CA, USA, 1998, pp. 215–224. https://doi.org/10.1109/SECPRI.1998.674837. Yasuda, M., Shimoyama, T., Kogure, J., Yokoyama, K., Koshiba, T. (2014). Practical Packing Method in Somewhat Homomorphic Encryption. In: Garcia-Alfaro, J., Lioudakis, G., CuppensBoulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science, vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_3 Fouque, P.A., Poupard, G., Stern, J. (2001). Sharing Decryption in the Context of Voting or Lotteries. In: Frankel, Y. (eds) Financial Cryptography. FC 2000. Lecture Notes in Computer Science, vol 1962. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45472-1_7.

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote ECG Monitoring and Surveillance V. Seethalakshmi, S. Suganyadevi, S. Nithya, K. Sheela Sobana Rani, and Gokul Basavaraj

Abstract Although living standards have significantly improved in recent years, irregular eating and living habits are known to put extra strain on the heart and raise the risk of cardiovascular diseases (CVDs). The main reason of disease burden and death worldwide is cardiovascular disease, commonly referred to as “silent killers.” Cardiovascular illnesses are responsible for millions of annual deaths. Lifestyle changes and ongoing disease monitoring are crucial even after acute hospital treatment because the majority of cardiovascular illnesses have a chronic course. Examining and thoroughly studying the ECG signals can help diagnose heart abnormalities. In today’s data-driven world, billions of gadgets (such as mobile phones, self-driving cars, and handheld game consoles) collect a significant amount of data, which is subsequently processed on the cloud. Keeping data encrypted and only decrypting it when necessary is a typical strategy for maintaining data privacy in the cloud. This strategy calls on effective key management methods, however, they are attackable. Homomorphic encryption (HE), a revolutionary technology, enables operations on encrypted data whilst maintaining data privacy without the need to keep and safeguard the secret keys. In this study, the suggested method analyses and finds anomalies in P, Q, R, and S peak values. Application of getting real-time ECG data is the first of three steps in the planned study. The second stage involves preparing the ECG signal data before encrypting it on the user’s mobile device. The third stage involves extracting features from the ECG data and using those features to identify aberrant peaks that indicate the ECG signals are abnormal. The data is decrypted on the doctor’s laptop or mobile device. The idea of fully homomorphic encryption (FHE) is presented here V. Seethalakshmi (B) · S. Suganyadevi · S. Nithya Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, Tamilnadu, India e-mail: [email protected] S. Nithya e-mail: [email protected] K. Sheela Sobana Rani Department of ECE, Karpagam College of Engineering, Coimbatore, India G. Basavaraj Central Queensland University, Melbourne, VIC, Australia e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_6

107

108

V. Seethalakshmi et al.

as a system that combines remote specialist care methods with approaches to make it possible to extract useful evidence without negotiating secrecy.

1 Introduction Cardiovascular illnesses are responsible for millions of annual deaths. Fatalities can be decreased by enhancing the management of care for patients with cardiac disorders. Wearable technology advancements are making it easier to monitor and better manage the care of cardiac patients. The primary cause of death is cardiovascular disease (CVD), which includes ischaemic heart disease and cerebrovascular conditions like stroke. In India, there one-fifth of these world deaths, particularly amongst the younger population as per WHO. In India, CVD death rate is 272 out of 100,000 people, whereas the average worldwide is 235, according to the Global Burden of Disease research [1]. Ten years earlier than those in the west, Indians have CVDs. In the Indian subcontinent, no systematic data gathering methods are there for heart disease death, and the bulk of fatalities take place at house without the reason of death being known. In India in 2016, CVDs were responsible for 28.1% of all fatalities, compared to 15.2% in 1990. The prevalence of heart disease varies greatly within India, with Kerala, Punjab, and Tamil Nadu having the highest rates. Moreover, the presence of more blood pressure and elevated cholesterol is highest in these states. With 261,694 deaths in 2013 (an increase of 138% from 1990), it is a significant problem in India [2]. Compared to other ethnic groups, Indians are more likely to be hospitalised for CAD complications, higher for populations under the age of 40. Rural areas of the country have a CAD prevalence that is almost half that of urban areas. Medical professionals continue to be concerned about cardiovascular illness, which calls for new developments in the monitoring and treatment of cardiac patients. Therefore, the suggested medical wearable technologies in this work are up to the challenge since they effectively collect crucial physiological data using a variety of sensors and analyse it using a variety of AI models. Large amounts of patient health data can now be accessed outside of the typical clinical settings, thanks to the downsizing of nursing systems and their integration into commonplace devices. However, the dissemination of more and more patient privacy-related health data presents ethical and security issues. Protected health information (PHI) is defined by a set of criteria listed in the current HIPAA regulations, but it is unclear if this list will continue to be adequate given the possibility that cross-referencing numerous health information sources could lead to patient privacy violations [3]. The solution described in this article employs encryption to address the secrecy concerns associated with nursing care. Without giving the cloud provider access to patient information, this technology enables data analysis on the cloud. A wearable system is provided that uses continuous signals from healthy people and cardiac patients to detect abnormalities using the electrocardiogram (ECG). The speed at which operations that can be done on encrypted data can be increased, due to this

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

109

technology’s capabilities and therapeutic uses. Long-term study is also recommended in this area.

2 Proposed Framework for Smart Healthcare Platform Examining and thoroughly studying the ECG signals can help diagnose heart abnormalities. The ECG shows the direction and intensity of the electrical disturbance caused by the atria and ventricles’ depolarization and repolarization. The P-QRS-T waves in an ECG are one cardiac cycle. A example ECG signal is represented in Fig. 1.

Normal ECG Signal The ECG signal typically has a frequency range of 50–0.1 kHz and a duty range of 0.001–0.010 V. The P, Q, R, S, and T stand for the number of peaks and valleys in the ECG [4]. Sometimes, another peak is used in place of U. The detection of the

Fig. 1 Sample ECG signal

110 Table 1 Specification of the ideal ECG wave

V. Seethalakshmi et al.

Parameter

ECG wave

Specification

Magnitude

P

250 uV

R

1600 uV

Q

0.25 of R wave

Period

T

100–500 uV

P–R

120–200 ms

Q–R

350–440 ms

S–T

50–15 ms

P wave

110 ms

QRS

90 ms

QRS complex integrated with the T and P waves is used to assess the ECG. P waves during the QRS complex signify the activation of the atria, the upper chambers of the heart. T waves are an illustration of the heart’s lower channel of ventricles being excited. The basic goal of analysis is to find and examine the QRS complex. Once the QRS complex has been located, the ECG signal is examined along with the heart rate. Table 1 lists the normal state heart rate and pathological state heart rate’s P-R, Q-T, and QRS intervals. It is simple to determine if the cardiac activity is normal or abnormal based on the values provided in Table 1 and the shape of the ECG that was obtained.

Abnormal ECG Signal The pulse rate is of 60–100 beats/min. A rate of less than 60 beats per minute is indicative of bradycardia. The term “tachycardia” refers to a rapid heartbeat, which is one that exceeds 100 beats per minute. An arrhythmia exists if the cycle space is uneven. Any arrhythmia is revealed by verifying the cycles. The AV node should also be inhibited if the P-R interval more than 200 ms. An ECG is split horizontally, and the baseline P wave is identified and noted. Now, the QRS complex is accompanied by the simultaneous depolarization of the atria and ventricles. The repetitive electrical depolarization and repolarization of the heart caused by atrioventricular and ventricular contractions are reflected in T waves. This ECG is used in clinical settings to diagnose a range of heart-related disorders and conditions. This makes it evident that cardiac arrhythmias, heart abnormalities, and other disease states may all be diagnosed using the duration and form of the QRS complex. The development of accurate and speedy automatic ECG feature extraction techniques is crucial, especially for the analysis of lengthy recordings [5]. With regard to various peaks, anomalies are identified. The present effort is classify into five phases: • In the first phase, the collection of ECG data from the patients.

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

111

• In the second phase, the data is encrypted using normal encryption (PGP) and then with fully homomorphic encryption (FHE) and stored in the cloud. • The ECG signal data on the remote server is subjected to preprocessing in the third step. • In the fourth step, important information is retrieved from the ECG signals, and at last using the derived information, the abnormality in ECG is identified. • In fifth phase, if any abnormalities are identified, it is intimated to the doctors and care takers. The doctors in turn identify the type of CVD. ECG sensors attached on a wearable device worn by the patients are used to collect the data. The Bluetooth module in the wearable device is then used to transmit the signal to the user’s mobile device. Before being sent to the cloud for storage, the data is first encrypted to increase its security and privacy. The remote server retrieves the previously saved data, which is then preprocessed with base line correction (BLC) and inflection point identification with powerline interference. The GLCM method is used to extract the features, and then, the SVM classifier is used to classify the features and find abnormalities. The MIT-BIH Arrhythmia database provided the data set for this study. The following are the step-by-step procedure which is proposed in this work. • The physical sensor mounted in the wearable device records the ECG. • The data acquired from the sensors is send through Bluetooth to users mobile network where encryption is done. • Wi-Fi is used to transfer this data to the cloud, where it is later extracted for data analysis. The notion of open application programming interface (API) is used to extract the data, and a Python script is written to transport the data to the distant computer where a SQL database is set up to store the raw data. • The unprocessed data is then subjected to two additional analyses. These two methods combine supervised and unsupervised learning techniques to look for inaccurate data. • In the final step, the processed data is once more saved on a distant computer’s SQL database, and if the sensor data contains any deviations from the threshold value, a notification is sent to the relevant authorities for further action. The technical foundation is in place to enable distant monitoring through a cloud through Wi-Fi or is a common practice. There are basically three ways to create a distance care system using already-existing parts: (1) The hospital has its own cloud, but doing so is expensive with respect to space, staff, utilities, hardware, and employees. Scalability and interoperability are also restricted by locally managed datacentres [6–8]. (2) If a cloud provider signs a business associate agreement, servers can be hired from them (BAA) [9–11]. The hospital’s options are constrained by this though. Aside from guaranteeing HIPAA compliance, such an agreement cannot guarantee privacy because security breaches can occur any time. (3) The storage mode only used in the cloud, which means no data analysis is possible. Option (2) can be made more secure by using encryption to prevent

112

V. Seethalakshmi et al.

outside parties from reading data. This also makes it possible to employ “untrusted” cloud providers. So, even it is feasible to create a distant care with current technologies, it is often cannot possible in compliance with HIPAA without significantly limiting computational capabilities or increasing expenses. Whilst we have a way to safely handle PHI in the cloud—for instance, to create signals—on an unreliable cloud, where unable to store encrypted PHI there. So, the objectives are as follows: (1) Using wearable technology and artificial intelligence to improve heart disease patient care which eliminate the HIPAA/privacy problems.

3 Fully Homomorphic Encryption (FHE) for Remote ECG Monitoring An objective indicator for the correct analysis, diagnosis, treatment, and monitoring of heart disease, the electrocardiogram (ECG) is one of the most popular techniques for the diagnosis of CVD. Heart rate monitoring can provide some insight into the frequency and timing of the heartbeat, which is crucial for assessing cardiopulmonary function and monitoring cardiovascular diseases (CVDs). The information obtained from the sensors is send to the user’s mobile network through Bluetooth. Here, the smartphone decrypts the sensor data, conducts few primary analysis (2), and then re-encrypts using two alternative methods—one traditional (4), and the later utilising FHE (3)—before uploading it to the cloud. Wi-Fi is used to transfer this data to the cloud, where it is later extracted for data analysis. The notion of open application programming interface (API) is used to extract the data, and a Python script is written to transport the data to the distant computer where a SQL database is set up to store the raw data. The unprocessed data is then subjected to two additional analyses. These two methods combine supervised and unsupervised learning algorithms to find inaccurate data. In the final step, the processed data is once more saved on a distant computer’s SQL database, and if the sensor data contains any deviations from the threshold value, a notification is sent to the relevant authorities for further action.

Data Preprocessing The ECG includes a variety of noise types, and most frequent of these are baseline wandering and powerline interference which have a significant impact on how the ECG is analysed. Some disturbances that affect the ECG signal are broad and complicated in character. Powerline noise is removed during the acquisition process itself, with a central frequency of 60 Hz. Effective software techniques are used to eliminate other noises. It is needed to obtain the ideal ECG signal without BW,

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

113

the ideal one with knowledge of BW, and a mixed ECG in order to do a baseline correction. T wave challenging database is available from the PhyisoNet Website. The *.hea format is used to store all of the libraries’ information [12].

Interference Due to Power Line Powerline interference and baseline drift are the two most frequent during ECG recording. It is easy to detect first one if frequency of less than 50 Hz in the ECG. Both wandering effects in the opposing current fields and cable loops in the patient both result in interference. Moreover, it might occur as a result of a cable connection that is loose, filthy electrodes, or improper grounding. However, the detached electrode produces a strong disruptive signal and requires extremely quick response, which is the most common cause of 50 Hz interference [13]. Elevators, air conditioners, and other electric devices in the room can all cause electromagnetic interference, which has an impact on the ECG’s quality. These electrical appliances consume a lot of power, including the 50 Hz signal in the ECG machine’s input circuit. Moreover, switching behaviour in the electrical power systems contributes to it. It is crucial to filter out or get rid of all the sources of noise in order to detect accurately. Analogue filters can be used to solve these issues. The signal is distorted by nonlinear phase shifts introduced by analogue filters. But, digital filters are more effective and practical to use, and they offer more benefits than analogue filters. Also, because they require less instrumentation, digital filters are more accurate. Modern research and medical disciplines most frequently utilise digital filters. In this study, the powerline interference is addressed using FIR notch filters because of their extremely low maximum deviation from the ideal filter. The windowing method is used by this filter to obtain the appropriate frequency response with the fewest possible coefficients. The chosen frequency and the actual frequency are compared to arrive at the solution, and the comparison is iterated. This equiripple filter requires a significant amount of computational work and was designed using an optimization theory because of the high convergence rate. The de-noising of the increased signal, as measured by SNR, is used to calculate the FIR filter’s efficiency. The SNR is given by Eq. (1)  SNR = 10 log10 

(x denoised)2

xoriginal − xdenoised

2

(1)

where x original − x denoised is the difference between the raw ECG and the filtered ECG signal.

114

V. Seethalakshmi et al.

Detection of Inflection Point Figure 1 depicts the entire signal including the inflection points. To calculate the R–R interval and gauge heart rate, R, S waves are first extracted. After generating a threshold, the R wave is recognised as the maximum value in the ECG by distinguishing values above the threshold. The time between two succeeding R waves is known as the R–R interval. The number of beats within a predetermined time is also used to calculate heart rate [14]. The formula for calculating heart rate is given in Eq. (2): Heart rate(HR) =

Number of R waves Time between first and last R wave

(2)

The Inflection Points Are Detected as Follows • The R–R interval into four equal groups and then, S and Q waves are extracted from it. The valley immediately preceding the R wave can be used to obtain Q values. After R waves, S waves are extracted as the largest valley. • Since the three values represent the next three inflection points, it is simple to calculate the QRS complex from the known R, Q, and S waves. S and Q waves are subtracted to get the QRS interval. • The ECG’s most distorted times are clearly shown to be between Q and S waves. To obtain P and T waves, more inflection points should be filtered. The smoothing of the ECG was used to prevent the erroneous peak values from being recorded, and since it ceased after peaks or valleys, it is the maximum peak in the first half of the areas immediately following the S wave. • Six peaks and valleys are believed to represent the maximum peaks in the second half regions immediately before to the Q wave after further flattening. • To determine which wave has more points than the other, the values which lie within the S and T waves are kept negative and positive to their positions from the baseline. • Q and T waves are subtracted to produce the QT interval. • The P-R interval is the distance amongst the commencement of the P wave and the start of the QRX complex.

Feature Extraction The machine learning approach which is utilised here is grey level co-occurrence matrix and support vector machine. From the ECG data, GLCM-based features are retrieved, and SVM is utilised to categorise the features. By lowering the amount of

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

115

data, feature extraction can improve classification accuracy and speed up processing [15–17]. The formulas for the properties that GLCM extracts are provided in Eqs. (3)– (5): m n Mean[μ] = Correlation =

i=0

j=0

p(i, j )

m∗n

N −1 N −1   (i − μi )( j − μi )Pi j σi σ j i=0 j=0

Energy =

N −1  N −1 

Pi j 2

(3)

(4)

(5)

i=0 j=0

As follows is written the GLCM algorithm: Procedures for GLCM: • • • • •

Read the users’ ECG data as the first step. Read the ECG data from the .dat file in step 2. Compute the co-occurrence matrix in step 3. Compute the Haralick texture characteristics in step 4. Export gathered data to a database file in step 5.

Disease Classification Using Support Vector Machine (SVM) The ECG signal’s characteristics and attributes are referred to as classification. Every aspect is examined and divided into two categories, 0 and 1 [true and false]. The ECG data is used in the categorisation training and testing procedure. The known data is used in the training phase with a labelled classification, the unknown data is used in the test phase to be tested, and the results are compared to the trained data. In this study, the SVM approach described below is used to classify ECG data. With both linear and nonlinear data, support vector machines are frequently employed. SVM transforms data using a nonlinear mapping technique. It raises the dimension of the training data. All information is divided into two categories: 0 and 1. SVM looks for the boundary of the linear optimum space in new dimensions. With the aid of the support vectors, it locates a hyperplane and establishes a margin. By constructing a plane between the training points, many classes are produced to train the data. Several techniques for classifying linear and nonlinear data include SVM, KNN, and perception. Each one hyperplane can be the border of the decision amongst different numbers of hyperplanes. The margin of each hyperplane is checked in order to select the best hyperplane. The ideal hyperplane for categorization is chosen to have the largest margin. The dotted lines in Fig. 2 demarcate the decision boundaries that divide the parallel lines. The margin is the space between the dotted lines. The margin’s width is referred to as the support vector. There are

116

V. Seethalakshmi et al.

Fig. 2 SVM classifier

three hyperplanes that touch the high, medium, and low planes’ boundaries [19]. The entire process is given in the flow diagram as in Fig. 3.

Fig. 3 Overall flow diagram

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

117

Privacy-Preserving Using Homomorphic Encryption In the cloud data analysis is not possible with conventional cryptography, as was already mentioned, unless the cloud provider also has access to the decryption key(s). The data that has been encrypted using a common technique like the advanced encryption standard (AES) does not yield good result. To get over the constraint, [20] FHE is used. With the use of analysis—that is, arithmetic operations—on encrypted data, [21] FHE is a state-of-the-art encryption approach that yields precise encryption. With this method, a server can analyse data and provide results to a doctor without ever knowing the data or outcomes themselves. As only the doctor has the decryption key, only she has access to the results. There are still only a few mathematical procedures that can be performed on FHE-encrypted data, and these operations can be memory- and time-intensive. This capability, therefore, has some limitations. Despite this, the early results demonstrate that FHE is now viable for some key applications and that there is a large amount of potential for future expansion and accelerated development of the currently provided functions. The suggested system enables signals to be collected on a phone (or PC) close to a person, send to a cloud, examined in the cloud (with results sent to the doctor), and secured throughout using a combination of encryption techniques and FHE. The doctor after reviewing the data decides on a course of action (such as an annotated ECG waveform) and disclosing the patient’s diagnosis. The suggested system has three primary components, which are represented in Fig. 4 and will be explained below.

Fig. 4 Overview of the proposed system

118

V. Seethalakshmi et al.

(1) The sensor(s) and embedded system(s) close to the patient (Fig. 4: (1), (2), (3), and (4)). (2) A sizable datacentre’s servers and storage (the “cloud” in Fig. 4) are situated there. (3) The computer(s) used by the doctor (doing (6) and (7)). The patient is equipped with sensors (1) that communicate with a nearby smartphone through Wi-Fi with security (AES). The sensor system may, for instance, be an ECG patch with a Bluetooth transmitter and embedded CPU. Upon receiving sensor data, the phone decrypts it, does few initial investigations (2), and then re-encrypts the data using two alternative methods—one traditional (4) and the other utilising FHE (3)—before uploading it to the cloud. It is believed that the hospital will supply a special phone for this use. In this way, the hospital will have control over variables like free storage and memory, battery life, security, and data rate/caps and will not be reliant on the patient’s specific hardware and service plan. Hence, when a phone or computer is referred to as the “patients,” it actually refers to the one the hospital has issued. Patients’ devices can upload data to a server using a secure protocol like SFTP, which hosts an upload directory. It will either be raw data that has been traditionally encrypted or preprocessed data that has been FHE-encrypted when new data is received. In case 1, the server merely keeps the data on hand for when the patient asks for it. The server completes data analysis in example (2) and outputs findings like “QT prolongation alert” (all in (6)). The server’s findings will be actively decrypted by an application running on the healthcare professional’s tablet, smartphone, or PC (in (6)). Any modifications in the patient’s condition for which an alert was requested will also be communicated to the doctor via this application. The doctor may request extra information in response to these notifications or at any other time. For instance, the patient’s QTc may have been prolonged for 30 s longer than usual, as reported to the physician. The doctor would then want to see the patient’s 30-s ECG waveform. The server would retrieve this waveform and unlock it for viewing by (5). A “onestop” administration Website will allow the doctor to set up sensors, encryption, and other features for their patients.

Post Acquisition Assistance The system (in Fig. 4) is too much for a mobile phone to handle, if battery life is taken into account, it is preferable to forego the phone and utilise a close-by computer instead that is linked to the patient’s home electricity and Internet. In this “cloud interface/helper” design, a quick local computer is frequently referred to as a “cloudlet” [22–26]. The main benefit of this strategy is that a cloudlet has greater hardware capability with reference to mobile considering of speed and flexibility.

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

119

Since the patient does not have to transport or charge it, it probably has admission to a quicker, dependable network. The biggest disadvantage of using a cloudlet instead of a mobile is that it controls the patient’s agility by necessitating them to stay in close proximity to a fixed location. Some patients might need a technician to set up the cloudlet because they will not be familiar in connecting computer to their home network. There is yet another negative aspect. Another option is to keep PC as the cloudlet. Install an application which does steps 1, 2, and 3 and accepts ECG data using adaptor on the patient’s computer at home to accomplish this. Although speed, security, or dependability cannot be guaranteed on a patient’s PC, the hospital should keep a collection of preconfigured cloudlet. Before being deleted and reinstalled for the subsequent patients, these computers can be offered for remote monitoring sessions.

Conventional Security The patient should provide the clinician with certain information in its original form, specifically the ECG waveform. This data can be encrypted using a traditional algorithm instead of having to be encrypted using FHE. The doctor will simply hold onto this encrypted waveform on the server until he can get it and decrypt it. We outline the common cryptographic and security methods that will be applied in this section. The specifications are as follows: (1) Algorithms should be small in terms of processing and storage. (2) The general setup needs to offer the highest level of security possible in “worst case” scenarios (such as a lost or stolen phone/tablet). (3) When permitted, the sharing of patient information between doctors should be simple. (4) Data from other patients should not be accessible to patients. PGP [27], which is frequently used to secure email communications, is one solution that complies with these standards. PGP complies with criteria 1 and 2 by compressing data and encrypting it with AES. RSA [28, 29], a crypto method that contributes to the security of much of the Internet, “wraps” communications and also satisfies 2. We meet both 2 and 4 by only giving patient’s public keys. Last but not least, since PGP-encrypted data includes a header of “authorised recipients,” sending an encrypted patient file to a different doctor only requires that add the new doctor to the file header (satisfying 3). File permissions on the server handling PHI should be adjusted to forbid patients from downloading or seeing any other files. Additionally, we advise utilising the SFTP protocol to guarantee that only authorised patients can access the server. For the duration of a certain monitoring session, a patient may be given a specific key, which may later be revoked or deleted from the server. This protocol also adds an additional layer of security to the system because SFTP encrypts data transfers in addition to authenticating clients [28]. (Take note that the files being transferred are

120

V. Seethalakshmi et al.

already encrypted, making these security precautions somewhat redundant. Yet, they assist in minimising threats that can contaminate data or impair service.) The phone/tablet level must also take precautions to secure PHI; for instance, putting sensor data in RAM rather than on an SD card makes it more difficult for an attacker to obtain. Also, to reduce privacy threats, phones should be cleansed between patients, sensor keys should be changed, and other key distribution details must be carefully considered. The doctor must always keep their password secure.

Encryption Using FHE The traditional encryption is helpful when a server is holding data that a clinician may access. If the server must make any interpretations, such as calculating a patient’s health from their raw ECG data, it is useless. They are unfeasible as normally encrypted data cannot be usefully subjected to simple mathematical operations like addition or multiplication. Our system’s primary objective is to analyse data on the cloud, so an FHE library is selected for this task. There are a numerous possibilities, however, HElib is the default library for this. The HElib was developed in 2013, and it offers capability to homomorphically encrypt and decrypt data and includes large mathematical operations that may be done on the encrypted data, including addition and multiplication. When working with data with HElib, it is important to keep in mind a few crucial ideas: (1) necessary to identify a “depth” or “level,” which is essentially an indicator of its complexity. (2) a single variable, it is possible to “pack” more than one value. Both concepts have significant ramifications: the depth controls the algorithm’s performance and memory needs, and the capacity to load a large number of variables into a ciphertext allows us to perform some concurrent computations. In this system, the QTc to a threshold comparison is performed using the FHE comparison operator (>). There are several unique requirements for this operator. The fact that only unsigned integers can be compared is a significant restriction. In this system, the QTc to a threshold comparison is performed using the FHE comparison operator (>). There are several unique requirements for this operator. Furthermore, many heartbeats in a single ciphertext is included for HElib to operate on because it is needed to examine median QTc for roughly 40–50 heartbeats at a time.

4 Conclusion and Future Work On the cloud, homomorphic encryption methods protect patient privacy but use more computational power. Precision and privacy are traded off against computing speed and efficiency. The most crucial thing is that port other libraries, like HElib,

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

121

so they can run on smartphones and tablets instead of the cloud. The demarcation and homomorphic encryption algorithms’ source code and prerequisite libraries are written in C, making them (trivially) incompatible with Android and iOS. This is the main reason why this has not been finished yet. The goal of the next stage of development is to port files to Android by the following ways. (a) writing code in Java, (b) using Java JNI to upload C files onto Android, (c) installing an alternative OS on a phone, (d) use cloud in place of mobile because it include all necessary libraries, (e) combine any of these methods, or (e). The cloud will function in a fully homomorphic state once every library is active on a phone or cloudlet. Primitive addition to the FHE library will start at this point, and more work will gradually be moved back to the cloud. Acceleration approaches will be main area of research at this point in order to make the FHE operations practicable in the cloud. Expanding into new applications in the medical and non-medical industries will be possible thanks to these performance gains. A suite of applications is developed in addition to the FHE-oriented development path to give the doctor authority over the distant care process. Nonetheless, a doctor want to his patients’ heart condition and would likely not need to receive daily ECGs from all patients. The distribution of huge amounts of data to healthcare practitioners poses a hurdle. As a result, the creation of monitoring systems needs to be combined with clever algorithms that warn doctors as needed. The idea is to convey the information that medical professionals need to know whilst managing health information securely.

References 1. Dorairaj Prabhakaran, Panniyammakal Jeemon, Ambuj Roy, “Cardiovascular Diseases in India: Current Epidemiology and Future Directions”, American Heart Association, Inc., Apr 19;133(16):1605–20, 2016 2. Rajeev Gupta, Indu Mohan, Jagat Narula, “Trends in Coronary Heart Disease Epidemiology in India”, Annals of Global Health, Volume 82, Issue 2, March–April 2016, Pages 307–315 3. Alex Page, Ovunc Kocabas, Tolga Soyata, Mehmet Aktas, and Jean-Philippe Couderc, “CloudBased Privacy-Preserving Remote ECG Monitoring and Surveillance”, Wiley Periodicals, 2014 4. Mahalakshmi Ponnusamy and Sundararajan M, “Detecting and classifying ECG abnormalities using a multimodel methods”, Biomedical Research (2017) Artificial Intelligent Techniques for Bio Medical Signal Processing: Edition-I 5. Correia S, Miranda J, Silva L, Barreto A, “Lab view and Matlab for ECG Acquisition, Filtering and Processing”, 3rd International Conference on Integrity, Reliability and Failure, Porto/ Portugal, 2009. 6. Patel CD, Shah AJ., “Cost model for planning, development and operation of a Data Center” [Internet]. HP Laboratories Palo Alto, 2005. Available at: http://www.hpl.hp.com/ techreports/ 2005/HPL-2005–107R1.pdf. 7. Reichman A,.”File Storage Costs Less In The Cloud Than In-House”, Forrester Research, Cambridge, MA, 2011. 8. Munro D., “HIPAA Support Widens In Cloud Vendor Community”, Forbes [Internet] 2013; Available at: http://www.forbes.com/sites/danmunro/2013/05/01/hipaa-supportwidensin-cloud-vendor-community/.

122

V. Seethalakshmi et al.

9. Amazon Web Services Compliance [Internet]. 2014; Available at: https://aws.amazon.com/ compliance/#hipaa 10. HIPAA Compliance with Google Apps [Internet]. 2014; Available at: https://support.google. com/a/answer/3407054?hl=en&ctx=go. 11. CareCloud [Internet]. 2014; Available at: http://www.carecloud.com/hipaa-compliant-cloudstorage/. 12. Bishweshwar Pratap Tasa, Pompy Das, Avinash Sinha,Tulika Chenglari, Hemashree Bordoloi,” SimulationBased R-peak and QRS complex detection in ECGSignal”, Current Trends in Technology and Science,2013, Volume 2, Issue 4 13. Chavdar Levkov, Georgy Mihov, Ratcho Ivanov, Ivan Daskalov, Ivaylo Christov & Ivan Dotsinsky , “Removal of power-line interference from the ECG: a review of the subtraction procedure”, BioMedical Engineering OnLine volume 4, Article number: 50 (2005) 14. Salam KA, Srilakshmi G, “An algorithm for ECG analysis of arrhythmia detection”, In: 2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT). IEEE 15. C. Alexakis, H. O. Nyongesa, R. Saatchi, N. D. Harris, C. Davies, C. Emery, R. H. Ireland, and S. R. Heller, “Feature Extraction and Classification of Electrocardiogram (ECG) Signals Related to Hypoglycaemia,” Conference on computers in Cardiology, pp. 537–540, IEEE, 2003. 16. Ubeyli, and Elif Derya, “Feature extraction for analysis of ECG signals,” Engineering in Medicine and Biology Society, 2008. EMBS 2008. 30th Annual International Conference of the IEEE, pp. 1080–1083, 2008 17. Y. H. Hu, S. Palreddy, and W. Tompkins, “A Patient Adaptable ECG Beat Classifier Using A Mixture Of Experts Approach”, IEEE Transactions on Biomedical Engineering vol. 44, pp. 891–900, 1997. 18. S. Z. Fatemian, and D. Hatzinakos, “A new ECG feature extractor for biometric recognition,” 16th International Conference on Digital Signal Processing, pp. 1–6, 2009. 19. Biel L, Pettersson O, Philipson L, Wide P (2001) ECG analysis: a new approach in human identification. IEEE Trans Instrum Meas 50(3):808–812. 20. Homomorphic Encryption Breakthrough [Internet]. 2009; Available at: https://www.schneier. com/blog/archives/2009/07/homomorphic_enc.html. 21. Rivest R, Adleman L, Dertouzos M. On Data Banks and Privacy Homomorphisms. Foundations of Secure Computation [Internet], 1978; Available at: http://people.csail.mit.edu/rivest/Rivest AdlemanDertouzosOnDataBanksAndPrivacyHomomorphisms.p 22. Soyata T, Ba H, Heinzelman W, et al. “Accelerating mobile cloud computing: A survey”, In Mouftah HT, Kantarci B (eds.): Communication Infrastructures for Cloud Computing. Hershey, PA: IGI Global, 2013, pp. 175– 197. 23. Soyata T, Muraleedharan R, Ames S, et al. “COMBAT: mobile Cloud-based cOmpute/ coMmunications infrastructure for BATtlefield applications”, In Proceedings of SPIE. Baltimore, MD: 2012, pp. 84030K–84030K. 24. Soyata T, Muraleedharan R, Funai C, et al. “Cloudvision: Real-time face recognition using a mobile-cloudlet cloud acceleration architecture”, In Proceedings of the 17th IEEE Symposium on Computers and Communications (IEEE ISCC 2012). Cappadocia, Turkey: 2012, pp. 59–66. 25. Wang H, Liu W, Soyata T, “ Accessing big data in the cloud using mobile devices”, In Chelliah PR, Deka G (eds.): Handbook of Research on Cloud Infrastructures for Big Data Analytics. Hershey, PA, USA: IGI Global, 2014, pp. 444–470 26. Callas J, Donnerhacke L, Finney H, et al. “OpenPGP Message Format [Internet]”, IETF Network Working Group, 10 A.N.E, 2014, Vol. 00, No. 0, 27. J Jacob, V Seethalakshmi, “Efficiency Enhancement of Routing Protocol in Manet” International Journal of Advances in Engineering & Technology 3 (2), 314 28. Rivest RL, Shamir A, Adleman L, “ A method for obtaining digital signatures and public-key cryptosystems” ACM [Internet] 1978;21(2):120–126. Available at: http://people.csail.mit.edu/ rivest/Rsapaper.pdf.

Homomorphic Encryption-Based Cloud Privacy-Preserving in Remote …

123

29. Ylonen T, Lonvick C. The Secure Shell (SSH) Authentication Protocol [Internet]. IETF Network Working Group, 2006. Available at: https://tools.ietf.org/html/rfc4252. Last accessed October 15, 2014

Enhancing Encryption Security Against Cypher Attacks R. Naveenkumar, N. M. Sivamangai, A. Napolean, and S. Sridevi Sathyapriya

Abstract With applications like smart cities and intelligent robots brought on by the Internet of Things and the adoption of cyber systems (CS), deep learning (DL) is becoming more widely used and can provide high-quality inference for challenging tasks like pattern recognition and independent decision-making. Artificial intelligence (AI) platforms provide a massive attack due to their accessibility and connection, which has the potential to have significant social and economic effects on security, safety, and privacy. Therefore, machine learning (ML) security and privacy have become a major cyber security problem. One of the most dangerous vulnerabilities in embedded systems, side-channel analysis (SCA) attacks, compromises confidentiality by looking for connections between processed data and observable, physical side effects of computation, like a power consumption, electromagnetic (EM) emanations, and timing, despite the fact that physical SCA assaults on AI-enabled edge devices are particularly concerning given their high exposure to attackers. In this paper, various security attacks in different parameters like device level, location and attack levels are presented. Moreover, multilayer attacks and its countermeasure are presented. Keywords Internet of Things · Cyber systems · Deep learning · Pattern recognition and side-channel analysis (SCA)

R. Naveenkumar (B) Assistant Professor, Department of ECE, Karpagam Academy of Higher Education, Coimbatore, India e-mail: [email protected] Research Scholar, Department of ECE, Karunya Institute of Technology and Sciences, Coimbatore, India N. M. Sivamangai · A. Napolean · S. Sridevi Sathyapriya Department of ECE, Karunya Institute of Technology and Sciences, Coimbatore, India © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_7

125

126

R. Naveenkumar et al.

1 Introduction The term “Internet of Things” (IoT) describes a networked, intelligent world of objects where any physical (thing) that contains a digital component is connected. The following definition of IoT gives an intelligent interface-based, dynamic global network infrastructure with self-configuring capabilities, where physical and virtual ‘Things’ are easily linked into the information network and possess identities, virtual personalities, and physical characteristics and also offers a definition along these lines. IoT makes it possible for billions of devices to connect to one another, facilitating communications and computation. Digital components like sensors, the internet, and localization technologies enable the transformation of everyday objects into intelligent elements which could understand [1]. Smart object sensors sense, track, and collect many varieties of knowledge about the environment, machinery, and social interactions of people. Despite the benefits of IoT, security vulnerabilities are a serious worry. There are constant and universal linkages between people, technology, sensors, and services. A security system must count on individuals’ interaction that is indeed at risk from safety threats, regardless of how well-suited, configured, effectively executed, and conditionally maintained it is. As a result, when creating cyber security solutions, the human factor is necessary [2]. Although technical advancements have greatly improved security level and often made them entirely secured, security solutions continue to need to develop and evolve in order to meet security issues. IoT infrastructures differ from traditional IT infrastructures in that they can include a far wider variety of devices and networks. IoT’s primary goal is to provide integration between physical items, software, sensors, network infrastructures, and interoperable communication protocols. The integrated gadgets provide a huge selection of digital services to help with daily activities. As a result, we can quickly share data, control things over great distances, and operate them. IoT device deployment is occurring quickly and widely, which raises serious security issues. The key security issues in the IoT space include authentication, authorisation, system setup, and authentication. At any point, crucial information could leak or be altered. Users’ privacy, the privacy of IoT devices, and the information they hold are not guaranteed [3]. Furthermore, it is clear that IoT security solutions have advanced through time, but security risks have also developed in more harmful and destructive ways. These studies, however, have not taken into account the characteristics and diversity of current attack categories, like as multidimensional intrusions and other security issues with IoT. While some research merely presented taxonomy of attacks, others just examined particular categories of security remedies for protecting IoT. In this study, various IoT application fields are discussed, along with security risks, attacks, and vulnerabilities. Additionally, it discusses contemporary developments in the IoT, such as its architecture, supporting technologies, and protocols.

Enhancing Encryption Security Against Cypher Attacks

127

2 Other Works The protection of IoT is now the subject of various review studies. These studies included both security challenges and security solutions that used various techniques and methodologies. The study was conducted by listed number of IoT security issues went on to address edge computing, fog, block-chain, and ML techniques as potential solutions [4]. Another investigation concentrated on mobile-IoT handover protections, protocols, and physical layer security. The authors examined the IoT mobile application security measures that are currently in use [5], review of current locationbased IoT, and global positioning system security measures. The report also discussed security issues related to IoT localisation from a policy, legal, and regulatory standpoint. They went even further to offer pertinent information to a safe location-based IoT. The authors of [6] examined IoT network layer security challenges and vulnerabilities. Their research investigated ML-based intrusion detection systems currently in use, focusing on their detection methods and validation procedures. According to multiple data sources, including IoT deployment environments and IoT designs, the study investigated insider IoT hazards. The authors examined the restrictions on the potential use of the data sources and approaches, comparing various data sources from various IoT layers. IoT technology used in commercial IoT contexts currently face security problems. They discussed the characteristics of security for IoT that include secrecy, anonymity, resilience, and self-organization. Additionally, other studies concentrated on security countermeasures that are autonomic, learning-based, or cryptographic. Traditional self-secure integration solutions to security assaults were categorised on various tiers. Several IoT security objectives were also highlighted, which were broken down into few methods: (a) authenticity, (b) integrity, (c) availability, and (d) privacy. The research examined the encryption technologies that offer IoT security. Two major kinds of encryption methods are notably symmetric and asymmetric, to develop secure communication. They emphasised the solutions for IoT encryption protocols that were both serverbased and decentralised. Other research emphasised the security issues related to commercial, location-based, or mobile IoT. However, they concentrated on a particular class of countermeasures of security, for example, cryptographic-based or MLbased ones. The recent trend of IoT attack types is multi-layer assaults and protection mechanisms. Its features have not been taken into account by the existing studies.

3 Architecture IoT needs a generic and scalable architecture design that fits its variety of applications and unpredictability due to its ongoing development and expansion. There is not currently a single architecture that is used by everyone. IoT design has been proposed by a number of researchers in quite various ways. The crucial IoT concept is outlined in the three-layered architecture. The next step is to exhibit and talk about the levels.

128

R. Naveenkumar et al.

Application Layer A variety of intelligent IoT application solutions are included in this layer [8]. Due to the immense potential of the IoT market, smart applications are being developed in practically every area. Numerous Internet-of-Things (IoT) applications already have been implemented in a number of industries, including smart homes, offices, and cities, as well as wearable bands for monitoring one’s health, traffic, personal assistant and environment. Application layer in IOT, which creates a connection between networks and objects, is the IoT architecture’s top layer. It gives a wide range of functions, including involves data, demonstration, tracking of device circumstances, notifications, and alerts; device controlling functions; strategic planning and data processing; optimization of autonomous operations and performance of device; and provision of end-user quality of service. A support service platform, middleware, computation, and communication software are typical components of an application layer. Facilities for real-world Internet-of-Things applications were shown in a survey [9] by the provision of various application services. By protecting applications from illegal access, guaranteeing the integrity of the software and logs, and maintaining the application services at all times, confidentiality of data, authenticity, and accessibility should be ensured at this layer. Issues like unauthorised access and malicious data modification may occur while handling sensitive data. This layer may also be vulnerable to various security assaults, including message forging, spoofing, viruses, and worms. Network layer two has software, protocols, and other methodologies; it supports object-to-internet and object-to-object communications to make up this IoT layer [10]. It is mostly created by utilising local area networks, like a wired networks and wireless, personal area networks, Bluetooth and near-field communication. This layer’s primary job is to send digital signals made up of data that have been acquired from platforms’ physical layers via a network connection. Several security concerns and attacks can exploit on the layer. Sinkhole, denial of service, black hole and Hello flood, to mention a some, are frequent attacks in this layer. Safeway data transfer through a public network requires communication security at the network layer. Physical Layer This one is the foundation of an architecture of IoT. It is known as IOT perception layer. Both real-world items and virtual beings are included. This layer’s primary duty is to gather environmental data using variety of sensors. IoT devices include sensors, antennas, actuators, and CPUs, among other mechanical and electrical hardware elements. Wearable gadgets, smartphones, and RFID technologies [8] are all able to process information identifying, linking, and exchanging data. The raw data of the physical objects are collected and converted to usable digital signals by the sensors or RFID in the perception layer. IoT devices sense and track data easily, including, but not limited to, temperature, humidity, and proximity. However, this layer of the IoT is vulnerable for numerous security assaults, including collusion, jamming the device, and tampering device.

Enhancing Encryption Security Against Cypher Attacks

129

4 Security Challenges The application, network, and physical layer security implementation problems for IoT are discussed in this section. (i) Application Layer Challenges IoT devices might not be suited for complex software or security solutions. Therefore, before integrating security modules into IoT devices, it is important to take into account the following constraints. Software Embedded with low-memory IoT gadgets, Real Time Operating System (RTOS) is embedded [11]. These Internetof-Things OS are outfitted to teeny network that could not have sufficient security components. Therefore, security modules that are compact, reliable such lightweight software and protocol stacks should be made fault-tolerant [11]. Security Patch IoT device provision may take place in a distant location, according to a security patch. It might not be possible to update the software or apply security patches to the sensing devices without compromising functional safety. A security patch upgrade could be expensive. Remote security mitigation would not be viable due to the IoT OS and protocol stack’s likely inability to acquire and install the new security update. Gadgets and Volume of data: The large amount of details is produced by a large amount of apps, which has an impact on the safety and privacy of the information and devices. Less than 10,000 commonplace gadgets can provide 150 million unique data points each day, according to a report. (ii) Problems At The Network Layer Data communication and routing between different gadgets via the web and in 6LoWPAN connections are two functions of the IoT protocol stack. The following limitations make the IoT internet protocol susceptible to different traffic attacks. Mobility and Topological Changes: One of the key characteristics of IoT is that many of its components are mobile. IoT devices can join or leave a network at any time and from anywhere. Such dynamic topological alterations might not be suitable for the standard security procedure. Scalability: Everyday, new, dynamic IoT is coming into being and getting linked to the global network in greater numbers. Current security protocols and their characteristics are neither saleable nor appropriate for this growing amount of IoT gadgets. Multiple Communication Modes A variety of wired and wireless communication methods are used by devices to establish with private or public local networks. It is challenging to create a complete security plan since wired and wireless networks have such a wide range of unique qualities.

130

R. Naveenkumar et al.

Networking Using Several Protocols IoT gadgets may communicate via IP, non-IP, or an integration of the two networking protocols. Given the variety of communication protocols used by IoT devices, it is challenging to adapt a traditional security algorithm to work with them. (iii) Physical Layer Challenges Due to their resource limitations, IP-connected IoT heterogeneous devices are more vulnerable to security risks and assaults. The following traits, however, make the heavyweight security solutions now available unsuitable for use in IoT devices. Processor, Memory, and Power Battery-powered Internet-of-Things devices are waste energy, and because there isn’t much power available, the processors and CPUs have relatively low clock cycles. Devices lack in computing power as a result. It is impossible to implement complex cryptography methods in such gadgets. An embedded IoT device only has a small amount of RAM and flash memory. So, memory-saving security techniques ought to be ported. For instance, in restricted IoT, traditional cryptography of public key methods is a burden to the key management [12]. Packaging Some IoT applications can call for installation in remote areas that might go unattended. The IoT devices could be stolen and tampered with by an enemy. Then, cryptographic data may be retrieved in order for modifying the applications and its nodes. To solve this problem, such IoT devices must be packaged in a tamper-resistant manner [11].

5 Goals for Security This section discusses the need for and objective of IoT security. The secrecy, authenticity, and availability principles are the classic and security-related goals (CIAs). Other needs, including as security, compact solutions, authenticity, and established standards, have grown to be crucial in addition to the CIA trinity. The security objectives for IoT are together with privacy protection, light security measures, and the CIA triad. The following security considerations should be taken into account in order to create secure connectivity for IoT. (i) Lightweight Solutions Given that IoT devices are seen as having limited memory and computing capability, compact security mechanisms can be added as a special feature. When creating, developing, and deploying an encryption or identification protocol for the Internet of Things, the lightweight method must be taken into account as a security feature. For instance, un-traceability attacks on RFID tags in e-passports can occur; as a

Enhancing Encryption Security Against Cypher Attacks

131

result, light-weight reliable security mechanisms should be developed for such light protocols. The cryptographic techniques must work around the device’s limiting features because they are designed to be used with IoT devices. (ii) Authenticity Verifying and validating the participants involved in communication is crucial in order to address the IoT’s limitations. A thorough analysis of authentication methods has been provided in [13]. Recently, a lightweight authentication method for devices with limited resources was proposed. Some examples of such cutting-edge developments are RFID tags and NFC [14]. In addition, user authentication, data security, device security, and trust management are important. Authentication in Context: As a prerequisite, it is necessary to validate the functional characteristics, states, and sensed data that have been obtained, as well as the control information. Trust Management: As it lowers risk factors and enables client acceptance, trusted management plays a crucial role. Accordingly, trust-based systems are used exclusively for IoT components in dynamic routing in the smart grid. In addition to enhancing IoT security, trust management boosts overall network efficiency. To gather reliable data in the IoT, many data gathering strategies or machine learning techniques are available. Device and User Verification: IoT gadgets and the control unit must be capable of independently verifying the user who requests a certain activity. A single-sign-on approach can be used in this procedure since, after authentication, users can access many devices. (iii) Confidentiality One of the essential components of IoT security is confidentiality. During any communication, all data must be shielded from unauthorised nodes. It can be accomplished with employing a common key, for encrypting and decrypting data. Data Storage: It can be decided automatically to maintain secrecy while storing important data in cloud. Safety Codes: The limited nature of IoT makes it difficult to modify the security key in order to maintain anonymity. To address the difficulties in supporting the autonomous version of such key management schemes, significant research effort is needed. IoT may be supported by symmetric key methods with a manageable overhead. (iv) Integrity Data integrity makes ensuring that the data are transmitted without alteration. By producing signatures for them, a symmetric cryptographic procedure is generally utilised to aid data transmission. The integrity of received data is checked using a different method called message integrity check (MIC). Despite insufficient resources, an autonomous security solution may nonetheless offer a reasonable

132

R. Naveenkumar et al.

amount of data integrity for IoT [15]. The following are the elements of the integrity of autonomic decision-making. Logs integrity The autonomic system needs to be able to produce activity logs that may be used to identify the path in the event that a change is noticed. The logs may be kept for a brief or extended amount of time, locally or centrally. Software Integrity The system has to make sure that the software that is used by the devices is trustworthy. It needs to be able to keep track of any device captures and network flooding with fake data as well [15]. (v) Availability Availability assures also that entire system, including all of its components, functional characteristics, and required services, is always accessible. Security attacks may restrict the accessibility of the services and components. IoT nodes and networks could be physically harmed by such attacks. When needed, the connected objects should always be accessible and working. For consistent data and system availability, the security infrastructure goals on access need to be considered. Defect Acceptance: The system should be able to employ both the conscience and self-healing mechanisms in the case of a malfunction or an assault. Throughput: To enhance scaling, IoT terminals can be clustered hierarchically. This functionality might be accomplished by centralising the packet stream. (vi) Secrecy The term “Secrecy" describes the way or circumstances in which information or a service is intended for personal use. A strong privacy policy needs to be designed in order to maintain the nodes’ scalability and take into account diverse IoT applications. IoT devices come with RFID tags that are simple to track. These devices’ privacy needs to be safeguarded. Non-Link-Ability This term describes private information that cannot be linked to any particular user. It should not be possible for unauthorised individuals to compile a page using the owner’s information. A signature approach is suggested a solution to the privacy non-link ability problems. Location Secrecy It ensures that an IoT device’s present or past location is kept private and provides a paradigm for effective privacy prevention regarding location privacy. The authors suggested anonymous body area network authentication. In the course of the authentication procedure, the suggested framework achieves reduced computation costs.

Enhancing Encryption Security Against Cypher Attacks

133

Data Privacy Personal information, such as healthcare records, should be kept private because wearable technologies link the human body to the internet. Privacy of the Device RFID tags enable tracking and identification of the sensor nodes. For communication protocols with limited resources, communication that is not disclosed is necessary for concealing the recognition of the devices. For IoT devices to have privacy, a decentralised identifier-based solution was proposed. The model, according to the scientists, might be used in tiny Internet-of-Things devices. (vii) Service Level Agreements Standardized standards and procedures to enforce the regulations are required for efficient data protection and transmission. Additionally, it is crucial to guarantee that all network entities are subject to the standards and norms. One strategy to uphold the principles and standards is to identify clearly the Service Level Agreement (SLA) for each service. Because of the IoT nature, conventional SLAs may not be relevant; as a result, policies to meet SLAs for various services should be determined autonomously, to promote confidence in the IoT paradigm.

6 Overview of Security Attack The modernization of the microelectronics production process and the extensive network connection of computer devices over the last two centuries have made hardware trust and security a major problem. Threats to hardware security can appear at any point in the semiconductor life cycle, from specification through fabrication to recycling. They may be the result of unintended design defects, unexpected system side effects, or maliciously deliberate design alterations. (For instance a hardware Trojan) [16]. To create effective security mechanisms, it is crucial to first understand the various hardware security threats. Traditional hardware security threats including hardware Trojans, covert and side channels, and reverse engineering (RE) are continually advancing powerful assaults [17]. It is impossible to presume that newly functional units are immune to side or covert channel vulnerabilities. There are numerous functional units that do not have shown attacks but do contribute to the quick and slow execution paths that might develop into side channels and covert channels in the future. Software defences that are now available include changing the state of various functional units, resource partitioning, generating noise, and changing application scheduling to prevent contention [18]. Hardware Trojans are designed to unlock secure devices and access their data. The benefit of hardware Trojans is that they can access a complete batch or series of chips by altering the IC’s design or manufacturing process. Reverse engineering (RE) and side-channel analysis (SCA) are other methods for breaking into a secure

134

R. Naveenkumar et al.

device; however, they do not scale well for many devices. To perform the modifications required for the analysis on each device, there is a sizable overhead. However, alterations are only injected once during design or fabrication in the case of hardware Trojans, making it easier to attack them [19]. In order to reduce the effect of Trojan inputs on circuit side-channel signals like power and delay, nets with low transition probabilities are typically used to supply Trojan inputs. The netlist of the Trojan-free circuit is used by automatic test pattern generation (ATPG) techniques used in manufacturing tests to find flaws. Therefore, Trojans cannot be directly targeted by ATPG algorithms currently in use [20]. Reverse engineering ICs have been made possible by a variety of methods and tools. RE can be abused to identify the technology of the target device, illicitly construct the target IC, and/or steal the design [21].

7 Strategies for Security Attack In this section, various attack types based on the characteristics of IoT properties are represented, along with any available defences. The threat to these elements, including channels of communication, a protocol stack, equipment, and personal details, can come from an adversary who is either an insider or an outsider of a network. The adversary carries out hostile actions to disrupt IoT services, get unauthorised access, or harm the device physically depending on the gadgets, network, location (position), or its properties. The taxonomy of security attack types based on IoT properties and their characteristics is provided in the following sections, as per the literature [22]. (1) Device Level: Devices vary widely. As a result, an attacker may target devices based on their characteristics. Below are two examples of these techniques. Attack Using Low-End Devices: Low-end devices are those that have limited compute, memory, and power capabilities. Such gadgets are used by the attacker to attack other IoT devices. For instance, if an attacker gains illegal entry to a smart TV or refrigerator, they may use wearable IoT devices like smart watches to conduct numerous attacks that could endanger confidentiality, integrity, or privacy [23]. Attack Using High-End Devices: A high-end device is one that is effective and has all of its features. To gain access to and destroy IoT networks and gadgets from anywhere, an adversary may conduct assaults utilising highend devices (such as a PC or laptop). (2) Location Level: Due to their extensive worldwide connectivity, IoT devices are vulnerable to assaults via the internet or 6LoWPAN networks. The following are the techniques used in such assaults [24]. Internal Assault: An adversary attacking from a local network utilising either her or his own or a genuine device that has been compromised. Routing attacks, such as Flooding, black hole, and Sinkhole assaults, may fall under this category. External Assault: The intruder may be positioned outside and away from a local network when launching an assault against IoT gadgets or networks.

Enhancing Encryption Security Against Cypher Attacks

(3)

(4)

(5)

(6)

135

Brute-force, virus, Domain Name System (DNS), and Secure Sockets Layer (SSL) attacks are a few examples of these types of assaults. Attack Level: An attacker can target an IoT network or device at several metrics, like active or passive, in an effort to either obstruct regular operations or gather crucial data. The procedures are explained given. Active Assaults: Direct assaults that aiming for stop IoT networks or devices from functioning normally are referred to as active attacks. Examples of such assaults include DoS and black hole attacks. Attacks that do not interfere with a device’s or networks regular operation are known as passive attacks. They are used to obtain crucial information via IoT networks and devices. They are also designed to obstruct IoT privacy, such as by data monitoring and eavesdropping. Attack Strategy: An assailant might be a member of several interest groups. They could use a variety of methods to target the IoT device or network. Assaults launched to physically harm IoT devices or alter their configurations are known as physical attacks. Tampering and malicious code injection are two instances of physical assaults. Attacks launched with the intention of rendering IoT networks or devices useless without causing any actual physical harm to them are known as logical attacks. A logical assault can involve studying the communication channel’s traffic. Damage Level: In IoT applications, devices are vulnerable for a wide range of security assaults that could result in varying degrees of damage. They can include everything from data breaches to service interruptions to actual harm to the IoT device. Following are two such approaches. Attack on Service Unavailability: When a service is shut down, it is possible that a power failure or other resource exhaustion will happen spontaneously, rendering the service unavailable. Such attacks may prevent service from continuing (for instance, DoS attack). As a result, such interruptions should have recovery mechanisms [25]. An efficient intrusion detection system can find such intrusions (IDS). Attacks by Interrupters: In this kind of attack, an intruder positions themselves in the path of both IoT nodes their communication, and deceives by conversing on both. Intruder is listening in on the confidential messages that are sent across secure channels. Examples of these types of assaults include spying, fabrication, tampering, and MitM. IoT users can be misled/confused as a result of these assaults. The intrusive party might change or make up new data. Such assaults might be launched both within and internationally. Such attacks are capable of targeting RFID devices. Attacks Based on Hosts: Software that could include sensitive data, private information, and cryptographic keys is installed in the IoT devices. Attackers may use the data as a target. The following are a few of these attack strategies. User Credentials: A user’s personal credentials, like as usernames and passwords, could be exposed by a trick from an adversary. User credentials should either be kept private or distributed securely. Software compromise: The embedded software in IoT devices is not very powerful. That could be exploited by an enemy to breach the software that is embedded. Compromise in Hardware: An enemy

136

R. Naveenkumar et al.

can harm IoT gadgets by the acquisition of embedded hardware privileges such as passwords, information, or programme code. Such attacks typically need physical access to launch. IoT devices need to be tamper-proof to avoid being vulnerable to such assaults. (7) Protocol Attacks: In order to prevent communication between IoT devices, malicious attackers corrupt the established protocols of the networks and devices. These are some instances of such assaults. The term “protocol deviation” refers to an adversary who violates and deviates from accepted communication or application protocols by posing as an insider and launching assaults (Table 1). A hacker may interfere with common protocols like synchronisation, data retrieval, or key distribution from both within and without a network. The multi-layer oriented significance attacks are shown in Fig. 1. Table 1 Comparisons of various attacks based on analysis Model/design Name of the attack

Intension

Attacking methods

Outcome

Multi-layer attacks/ several-layer attacks/

Attacks using side channel information

To locate the crucial data/ obtaining the crucial data/ Gaining access to the crucial data

By considering system faults, time, and power/by a system’s analysis of time, power, and faults

Cause further assaults/ induce additional assaults/result in additional attacks

DOS

To prevent the Network exhaustion services from is one method of being used/to attack stop providing the services/to disable the services

A large corporation may suffer substantial harm if a service is unavailable/ service outage could seriously harm a major organization

Cryptanalysis

How to locate the encrypt key/for discover the encrypt key

Break through encryption systems and grant access to cypher text/access cypher text by disabling encryption mechanisms/Access encrypted text by dismantling security measures

Using trial-and-error methodology and guessing every key/ by guessing every potential key through a process of trial and error

Enhancing Encryption Security Against Cypher Attacks

137

Multi-layer Attacks

Cryptanalysis

Side Channel Analysis

MitM Attacks

DoS/DDoS

Fig. 1 The multi-layer level of attacks

8 Significance of Multi Level Attacks The following attacks, depending on their architectures and policies, may occur at various layers. The discussion of these attacks follows. A. Attack Using Cryptanalysis In this type of attack, the cryptanalyst or intruder attempts to access a communication that has been encrypted without having the encryption key [26]. A cryptanalysis assault known as a brute force attack involves the attacker repeatedly attempting and guessing every conceivable passphrase and password combination. Eventually, the cryptanalyst discovers the right one to enter the system. Other cryptanalysis attack examples include the chosen-plaintext assault, cipher text only attack, and the known-plaintext attack [26]. B. Side-Channel Information Attacks (SCA) The attacker collects data and conducts a RE process to compile the cryptographic credential of an IoT gadgets during the encryption operation [27, 28]. Not from unencrypted or cipher text but from the encryption devices, not during the encryption process themselves, this information can be obtained. Side-channel attacks (SCAs) attempt to obtain the device’s key by exploiting a portion or all of the data. Examples of these assaults include electromagnetic assaults, power or fault assessments, and timing assaults. The attacker recovers block cypher keys by using information leaks. With direct overcoming the intrusion protection mechanism, for example, Boolean masking and the assaults can be successfully carried out. C. Attacks by a Man-in-the-Middle (MitM) The defender positions itself involving two IoT nodes in order to track, manage, access, and obstruct communication between both IoT nodes [29]. The type of assaults that can be destructive to all IoT layers are the MitM attacks. In an effort to sit between two nodes, the cryptanalyst in this instance in order to access the cipherdata and decrypt the system in order to discover the encryption

138

R. Naveenkumar et al.

key. The plaintext is then available to that same cryptanalyst and might without the parties’ knowledge change the message. D. Attack of DoS/DDoS (Denial-of-Service/Distributed DoS) Any IoT device, network, or programme could be shut down by a DoS/DDoS attack, rendering the service unreachable to its users. These assaults could take many different forms. Creating a lot of network traffic and sending a large request to the target is one method of attack. The major goal of this assault is to prevent the target users from using the equipment, program, communications networks, and resources [30, 31]. Additionally, the adversary might divulge private data about users. The denial of service assault merges a variety of attacking sites for infiltrate systems and is less harmful than the DDoS attack. DoS attacks’ effects on IoT gateways have been evaluated in [32] (Table 2).

9 Review Taxonomy Based on Layers IoT architecture is made up of various technologies that each function independently to create an entire system. Here we discussed about the IoT architecture with three layers in the part before. The application, network, and physical layers of the threelayered architecture serve as the basis for categorising IoT threats in this section. Security breaches might result in millions of dollars in damages for big businesses and thefts of intellectual property. As an example, IoT application, network, or physical levels may experience DoS or cryptanalysis attacks. A. Application layer attacks This layer is still vulnerable to several security vulnerabilities because there are not any recognised worldwide standards or norms for IoT to guide their growth and interactions. IoT apps employ a variety of authentication methods, making it challenging to integrate them in a way that ensures authentication and data protection. Applications are multiplying, and several gadgets are connecting to one another, sharing a vast amount of data. Applications that analyse this data or information may be very resource-intensive, and services could be interrupted by security threats. The main IoT application layer attacks and with their effects are discussed here. Spyware and Viruses These assaults aim to compromise secrecy by focusing on the system. They typically take the shape of viruses, Trojans, spam, worms, or other software programmes [41]. High-end IoT devices such as smartphones, sinks, gateways, and others are substantially more vulnerable to these attacks than sensor-based motes in IoT networks. Additionally, Bluetooth technologies and devices with 802.15.4 support are highly risky. As a result, IoT apps must carefully consider preventing such malware and infections.

128/195/256

AES [33, 34]

DES [33]

Speck [34, 35]

RSA [33, 36]

ECC [33, 34]

DSA [34]

Symmetric scheme/ balanced scheme

Symmetric scheme/ balanced scheme

Symmetric scheme/ balanced scheme

Asymmetric scheme/ unbalanced scheme

Asymmetric scheme/ unbalanced scheme

Asymmetric scheme/ unbalanced scheme

–

160

1024–4096

64/128/256

64

Range (bits)/ key size

Methodology

Fundamental of cryptography

–

Variable

1712–3760

32/64/128

64

128

Range (bits)/ block size

Table 2 Features among many layers of cryptosystem primitives

–

8838

900

–

–

2606

Code length (bits)

Public key

Public key

Public key

Add-rotate-xor

–

Network of substitution and permutation

Algorithm

Non-repudiation, authenticity, and integrity selected plain text attack

Quantum computing exploits, back doors, and SCA analysis

Attacks using timing, an adaptive cipher text, and SCA analysis

SCA

Brute force attack

SCA, MitM, and chosen plain text

Protection against attack

Good

Excellent

–

Good

Good

Excellent

Security strength

(continued)

SW

SW and HW

SW and HW

SW

HW

SW and HW

Level of layers: SW/HW

Enhancing Encryption Security Against Cypher Attacks 139

128

MD5 [37, 38]

DH [33, 39, 40]

Asymmetric scheme/ unbalanced scheme

Asymmetric scheme/ unbalanced scheme

Variable

Range (bits)/ key size

Methodology

Fundamental of cryptography

Table 2 (continued)

–

512

Range (bits)/ block size

–

–

Code length (bits)

Public key

Public key

Algorithm

Low

Security strength

MitM attacks and eavesdropping –

Attacks involving collision, SCA, and length extension

Protection against attack

SW and HW

SW

Level of layers: SW/HW

140 R. Naveenkumar et al.

Enhancing Encryption Security Against Cypher Attacks

141

Spyware Without the consumers’ permission, it is a programme that is installed on their devices. The main objectives of this assault are to observe or spy on user behaviour and collect private data, including user names, keystrokes, passwords, and credit card numbers. Spyware mostly steals personal information and delivers it back to the distributor; it rarely directly harms IoT devices or users [36]. The data are then utilised as the foundation for marketing analysis or pop-up advertisements. The traditional methods for spyware detection use strategies based on signatures, behaviour, and specifications. Only known malware is detected by signature-based approaches, leaving untreated cases of unknown spyware [41]. Spoofing A spoofing attack can be launched by an attacker by pretending to be a node. A spoofing attack is among the high-risk assaults due to the way it is carried out. With the appropriate portable reader, a signal might be recorded. A valid node may appear to be sending the retransmission since the attacker impersonates the node. All three IoT tiers may be vulnerable to this attack. The privacy concept is also violated by spoofing assaults, which are classified as attacks on authentication [42]. Code Injection Code injection occurs when an attacker uses flawed code or a system that loses control to inject malicious content into a clever programme or device results in a system-level failure. Forging Messages During this assault, a rogue node modifies or generates message for convey material that differs from the message’s original contents. When information synchronisation is altered, it might be categorised as a type of replay assault. Intersection Another name for this assault is a compositional assault. By obtaining secondary information from the system, it aims to invade users’ privacy. The attackers obtain this data from third-party sources or public data [43]. The antagonist uses and targets the unlikable element. Then, they are linked using the anonymised privacy information from various sources. B. Network layer attacks Due to M2M connection between diverse devices, communication at the IoT core network differs from that of the web. This layer could experience problems with security compatibility and is vulnerable to many privacy assaults, including Sybil, Hello flood and black hole assaults. These are some instances of such assaults.

142

R. Naveenkumar et al.

Hello Flood One of the main network layer attacks is message flooding, in which the attacker sends a large number of route establishment requests in an attempt to deplete sources like power or bandwidth on a network or node. Information regarding destination/root is advertised via the Destination Oriented Information Object Message for Directed Acyclic Graphs, which is employed for construct the structure of RPL. A Hello message has been received by any node, assumes that one originated somewhere else in the system and identifies the route as a means of communication path. With this scenario, a hacker or intrusion may persuade other nodes that it is a typical node in order to put himself/itself as a neighbour the network’s other nodes. To inform the various nodes on the network that the attacking node is a nearby boring node, a greeting message will be broadcast by the attacking node [44]. As a consequence, the intruder drops both incoming and discarded packets (s); this may result in inefficient bandwidth and network throughput. Uneven transmission zones could potentially cause a flood, Hello. It is regarded as a minor assault. Replay Attack This attack frequently takes place during synchronisation in order to trick the destination node into storing the information sent and then retransmitting later on. Missed frame retransmission requests are often done by delivering packets to the sender and receiver nodes with a sequence number periodically across a network. For instance, it might happen when a tag, an RFID reader are in communication. Resources for networks and systems, including RFID and back-end databases, are depleted by this attack (memory, battery and processor). The intruder could potentially send out a radio signal to acquire reader access [45]. Replay assaults are thought to carry a significant level of risk, yet they are easily curbed and avoided. Moreover, if the attack’s mitigation is unsuccessful, network performance will suffer. Sinkhole A core node of a network is invaded and compromised in this kind of attack in an effort to make it inaccessible, resulting in packet loss and DoS attacks. Sinkhole attacks provide a greater risk than tempering attacks, which only affect a small number of nodes. When it comes to infrastructure-based systems, sinkhole attacks have the ability to take over the entire system. Sybil Attack This assault is started by constructing a nodes and exposing their own many individuals in the network to achieve significant influence, which ultimately leads to the routing table to remove the original active nodes. Here, the system’s vulnerability is dependent on a few aspects, including how simple it is to construct many identities and the extent to which the system agree to accept input from a dependable source that is just not connected to a trust chain. A study of attacks against Sybil and its possible defensive protection IoT mechanisms are listed in [46]. The authors divided

Enhancing Encryption Security Against Cypher Attacks

143

Sybil assaults into three categories, SA-1, SA-2, and SA-3, based on the abilities of the attacker. Clone ID To gain the user’s data flow, the adversary is said to have stolen genuine IoT node identification, according to the name. By keeping track of the identities and locations of each node at 6BR, it is possible to locate the rogue clone node (6LoWPAN border router). A distributed hash table can also be used to track it. Selective Forwarding (SF) Attack A malevolent intruder breaks into the network and discards some packets in SF attacks. The enemy quickly discards certain packets while only selectively forwarding others to its following node. Since inherently lossy are IoT networks, it might be challenging to determine the true cause of packet drops. This could cause the entire network to experience delays and bandwidth deprivation. This might compromise confidentiality and accessibility. Redundancy checks and probing are potential defences against this attack. While some remedies aim to completely restore the network, others strive to reduce the harm that has been done [47]. Black Hole Attack The hostile node drops every packet it comes across during a black hole attack, which has an impact on the entire network’s functioning. Due to the fact that it consumes all routing information, this assault falls under the heavy impact attack category. In order to claim the best path to the target, an intrusive sends out fraudulent routing information in a flood. The sender then decides to deliver the packets via a malicious route. Traffic and Study of Snooping The above attacks may be direct and perhaps oblique. Those serve basics for many security attacks of different kinds. Such assaults are typically undetected by a network. Active listening involves an assailant who sends a command information to begin the intrusions, and the receiver chat on target device. As opposed to that, passive eavesdropping listens in on communication traffic to gather crucial data from the communication channel for extra attack launches. The privacy and confidentiality of user data may be impacted by these attacks. Eavesdropping on information is possible at the M2M, network, or cloud layers. The M2M layer is more susceptible to eavesdropping assaults, but the attacker can only listen in on a specific portion (or portions) of the system. Moreover the raw data is typically less significant. Wireless IoT gadgets are extremely susceptible to such attacks. One instance of an active assault is the MitM attack, in which the offender serves as a router by connecting to the source and destination nodes separately and

144

R. Naveenkumar et al.

transferring data between them. The crucial data is recorded for later analysis and modification. C. Physical layer attacks The sensors, RFID tags, WSNs, cameras, and other elements that make up the physical layer are its key parts. There are numerous security vulnerabilities and assaults affecting this layer of the IoT. There are some remedies for those attacks. However, it is more reliable and quick to install hardware with autonomous security measures at the physical layer. Complex plans are typically more expensive and ought to be avoided. Implementing lightweight methods will lengthen device lifespan and simplify systems. The physical layer attacks are explained in the following manner. Tag Cloning An intruder may quickly replicate RFID-tags. Reverse engineering or direct accessible to a device may be used to obtain the necessary information. According to the literature [31], a tag cloning attack renders an RFID scanner unable of telling the difference between legitimate and compromised tags. RF Jamming The underlying devices’ ability to share wireless bandwidth is rendered useless by radio-frequency (RF) jamming. Because smart devices are deployed remotely and unattended, there is a high risk of jamming-based attacks in the IoT. RFs are stopped to check for excessive unwanted noise and interference during this physical layer attack. Jamming of underlying channels’ RF signals can cause a DoS attack. It might be avoided with careful cognitive spectrum monitoring [48]. Node Injection Attack This is an entirely different version of the MitM attack. Among the most severe attacks on the IoT hardware layer. Among 2 in the network structure, more IoT nodes, the attacker inserts or deploys a new node. The injected node participates in network traffic management and communication [49]. Masking In this attack compromise accessibility and secrecy. Here the attacker changes, adds, or removes information from the end device. An end node from the network is physically taken over and compromised by the attacker. As a result, the attacker can gather all data. Such an attack can also be used to reprogramme, redeploy, and recover data from the field. The format and type of the transmitted data are recovered by the attacker, who then tampers with it and creates new data of the same kind. Consequently, the accuracy of the data produced by the network is now seriously questioned. Physical Damage By deleting or deactivating IoT nodes, an attacker does physical damage to them. As a result, the service is rendered not available. IoT must therefore implement protection

Enhancing Encryption Security Against Cypher Attacks

145

techniques to prevent such an assault. IoT components like sensors, cameras, and smart lights are widely used in today’s smart cities and are easily destroyed or stolen by criminals. The attacker tries to assault the IoT nodes’ interface in an effort to physically harm or shut them down. The network will crash if there are plenty of these attacks. Exhaustion Attack Jamming or the DoS assaults mentioned earlier can lead to fatigue episodes. In particular, Battery-powered gadgets may experience energy fatigue if a network attacker keeps attacking it continually [15]. IoT MAC protocols may collide as a result of repeated retransmission attempts, which results in large energy fatigue. It is regarded as a large impact denial of service; it is associated with non-activation attempts for shrinking the nodes in network and eliminating them from the system permanently.

10 Measures to Prevent IoT Security Attacks The researchers will be able to examine security issues and the required layers of defence once they have a better understanding of these concepts. IoT can also be protected from security risks by applying intrusion detection, intrusion prevention, and other comprehensive prevention measures. The measures currently in place to protect IoT in this section. These strategies include automated, attempting to learn, cryptographic approaches. Here we address the applicability of learning-based, encryption-based, and autonomous techniques for restricted IoT.

Learning-Based Countermeasures Because of its unique ability to solve issues in real time, learning-oriented systems were widely applied in practically every field, the detection of intrusions included. Deep learning (DL) and machine learning (ML) techniques primarily draw on historical data to forecast a system’s future behaviour. By categorising a system’s typical or aberrant behaviour, it helps enhance system performance. The above models’ effectiveness might be assessed in terms of categorization precision. In reality, the four different categories of learning methods are trained to learn, semi-supervised learning, semi-supervised learning, and evolutionary computation. In this section, designer compiles and evaluates a few algorithms, which is suggested for the IoT security. (i) In Application Layer Attacks prevention In [50], a linear SVM technique is suggested for Android malware detection. In terms of malware detection, they are comparing SVM’s detection precision with

146

R. Naveenkumar et al.

other approaches to machine learning and demonstrated that the suggested technique performs better than other algorithms. To identify assaults in computing for the Internet of Things, a unique distributed deep learning algorithm was presented [51]. The findings demonstrate it models of deep learning; they exceed basic model performance in terms of false alert rate, scalability, and detection accuracy. SVM algorithm and Elman neural network were combined in a way the authors of [52] suggested. They developed the back propagation through time design for converting the network’s process at distinct points in time into a forward network. The AWID dataset was used by demonstrating a three-layer architecture for detecting impersonation assaults. First, stacked sparse AE is used to extract features, and SVM, DT, and ANN algorithms are used to choose those features. Finally, the ANN algorithm is used to categorise traffic as normal or abnormal. The support vector machine performed better in the experiments, although it required the most time to train. (ii) In Network Layer Attacks Prevention The method for detecting network threats called the deep belief network (DBN) technique with deep neural network (DNN) was suggested. Using the Cooja simulator, which can recognise DDoS, sinkhole, wormhole, and black hole attacks, they produced a dataset. They used binary classification and supervised learning in their deep learning model to find aberrant behaviours. Effective real-world intrusion detection is provided by the suggested intrusion detection system. For various attack situations, they were able to average 95% precision and 97% recall. To find suspicious nodes for SF, sinkholes, and wormholes, the ML technique with Optimum-Path Forest (OPF) employing graph theory was presented [53]. The router and, where appropriate, the root nodes, employed the anomalyoriented and specification-oriented agents to examine the host node behaviour and in arriving data packets. A 96.02% accuracy of detection was attained. An MLP-DNN model-based Scale-HybridIDS-AlertNet was compared to several existing datasets in [54]. The highly scalable DL architecture was used by the hybrid alert technique to assess host- and network-level activity. Comparing the proposed framework to conventional machine learning classifiers, accuracy is improved. The Cooja-created IRAD data set could be used to identify attacks like the black hole, Hello flood, which was trained using a straightforward DL method. The data sets were preprocessed and combined both malicious and innocuous data. After that, a deep learning system was fed these datasets. The model attained very high F1-scores of up to 99% and training accuracy of up to 99.5%. The AWID data set was used by the authors, demonstrating a three-layer architecture for detecting impersonation assaults. First, features are extracted using stacked sparse AE, Then, utilizing ANN, DT, and SVM, features are identified, and ultimately, normal manner or unusual traffic is categorized by employing the ANN approach. SVM had a higher accuracy, although it required the most training time, according to the trial findings. The limited Boltzmann machine (RBM) approach was used by the authors of [55] to identify DoS, probing attacks. They formed a deep belief network using an RBM approach, a subsequent RBM layer using the weighted results (DBN). The softmax

Enhancing Encryption Security Against Cypher Attacks

147

activation function was used to complete the multi-class intrusion detection process. Using the same dataset, the authors benchmarked their detection performance against that of [57] and the hybrid technique [56]. Compared to [56, 57], which had accuracy rates of 93.94% and 92.1%, respectively, their studies had a high accuracy of 97.9%. (iii) In Physical Layer Attacks Prevention In [58], RL-based Dyna-Q and Q-learning are used to identify physical-layer spoofing. In a zero-sum counterfeiting detection game, interaction between a receiver and spoofers serves as the foundation for this technique. The spoofing detection is resilient against environmental changes, according to simulation data. Use a deep neural network to launch a jamming attack and offer mitigation strategies to this type of attack. Moreover, safety measure does not incorporate jammer information and enables the transmitter to dynamically adjust the amount of protection based on throughput. A method called dynamic watermarking can identify and stop cyber physical threats including data inserting and listening devices. A number of stochastic properties can be recovered by IoT applications using the technique, which is built on an LSTM framework. From the signals they generate and periodically watermark such characteristics into the signal. The gateway of IoT can efficiently certify the signal’s dependability thanks to this technique. However, substantial computing resources are needed for authentication. To identify Clone and Sybil assaults, a channel-based machine learning strategy was put forth in [59]. Real-world settings have been used for simulations and experiments. Both findings show that the strategy successfully achieves an accuracy rate of 84% without the need for manual labelling. The authors of [60] offered a learning-based approach for low-end and high-end IoTs, correspondingly that demonstrated 82% and 90% of detection accuracy.

Autonomic Methods In this autonomic technique, authors discussed the three layers of countermeasure. (i) Application Layer Assaults Countermeasures Malware or virus patterns can be classified using the MAPE architecture, and after that it could be mitigated by running an appropriate mitigation service. One of the mitigation strategies uses malware pattern categorization and risk mitigation services in a continuous vulnerability scan. The authors of [61] researched and compared static, dynamic, and hybrid methods for detecting industrial mobile-IoT malware. A hybrid method for identifying spyware compares different antivirus programmes. This method is based on three factors: source code analysis, interface analysis, and description mapping. The application’s harmful behaviour is determined by the parameters. To stop spoofing attacks, an autonomous solution is required. The existing IoT backend server may be used to implement the suggested algorithm. Statistical decision theory is employed in the algorithm. To guard against code

148

R. Naveenkumar et al.

injection attacks, a method called the Collecting Multiple Signatures Approach was suggested, which they demonstrated to have a 99.45% accuracy rate. Several types of forging attacks are found, along with how they are designed and carried out. For the purpose of identifying forging attacks in automotive networks, they put up an infrastructure-supported detection technique. Using a self-protecting strategy can reduce intersection attacks. The K-anonymity strategy was proposed to reduce intersection assaults [62]. (ii) Network Layer Attacks Countermeasures The network may be effectively protected with the incorporation of autonomous methods. Studies that have already been done employ multi-agents to identify network node misbehaviour in order to identify DoS attacks using a naive Bayes classification-based IDS. Applications that use flooding attacks can be made to automatically self-protect by putting up connection barriers. The parameter using the link-layer metrics, when choosing the default route, is one technique to minimise the Hello flood attack. To conserve resources and protect against flooding assaults, the authors of [63] suggested a method for automatically recovering bandwidth that has been used up. However, this approach might not be able to stop the interruption because of a hacker’s persistent broadcasts of route requests. An acknowledgement-based system was offered as a key countermeasure. However, acknowledgment-based solutions demand a lot of energy, which IoT devices cannot provide. In a puzzle plan was put up to counteract this attack. The autonomic method to reduce Hello flood attacks can comprise this technique and the utilization of the authentication mechanism. A compress header analyser system for intrusion detection (CHA-IDS), which examines compression header data, is proposed. This method can stop both single-target and group routing assaults in 6LoWPAN. There are many defences against replay attacks, including the TDMAbased strategy. However, many retransmission attempts where the time slot of the authorised node is used and the packet is lost make TDMA-based countermeasures vulnerable. Other defences are discussed in [140], which also explains two distinct strategies for single-hop and multi-hop routing. Another good defence against replay assaults is data encryption. To combat the Replay attack, a group-authentication method was used. (iii) Physical Layer Attacks Countermeasures The self-healing paradigm often governs the mitigation strategies used in jamming attacks. If the potential Jamming assault is assumed, the system employs the appropriate mitigation mechanism. The method suggested in [64] is used to examine the devices’ using wireless hearing range of the inside jammer region. In cancellation and the use of several spectrum regions presented for neutralising jammer signals, some make an effort to determine the jammer’s location for further action. To locate the jammer, some of them have used autonomic computing. Another crucial physical layer assault is node injection. Attacks using node injection may be avoided by monitoring and confirming device identity.

Enhancing Encryption Security Against Cypher Attacks

149

For IoT healthcare applications, a tamper detection (TD) technique has been suggested to address security violations. IoT node physical damage is a high-risk assault that cannot be properly defended against using software techniques. Although the remote kill command can be disabled via software, damage of physical to the systems and devices could not be prevented. Since these attacks are more physically intensive, the IoT devices must be inspected in a physical manner. By using rate limits, the adaptability of cognitive design is reduced. Duty cycle and cognitive adaptation are controlled by the autonomic system, protecting network and extending lifetime of network.

Countermeasures Based on Encryption It goes over different symmetric and asymmetric cryptography preventions for IoT security in this section. The representation of common mathematical defences against cyber security assaults on, entity authentication, confidentiality, authentication, and integrity is known as cryptography. A number of limited nodes that are part of the network of things use IPv6-6BR to interact with one another. For instance, the security strength is deemed excellent if an algorithm can secure a system 90% of the time. The table also demonstrates that algorithms with bigger key sizes offer excellent or very strong security strength. The strategies utilised in the schemes are analysed and shown in the table together with their goals, benefits, and areas of application. The organisation of reviews in the parts that follow does not quite match with that of the three-layer architecture defences with learning-based and autonomous measures of subsections that were previously covered. The various changes of encryption-oriented defences can be used to defend against various IoT architecture assaults. (i) Symmetric key cryptography countermeasures The recipient and the sender use the same key for both decryption and encryption in a process known as secret-key encryption. AES and DES are a few of them [33]. There are several different symmetric encryption distributions, such as using a secured key pool, symmetric shared key other distribution of key. In predictable key distribution, a key pool is constructed; moreover keys are given uniformly so that, in order to ensure secure connectivity, a public key is used for each pair of nodes. Depending on the protocol being used, for offline key distribution, perhaps two devices sharing a network key pairwise or each node in a given network shares a single key. Server-Based Key Distribution is a different form of symmetric encryption [7]. Two or more nodes, along with one or more reliable and strong IoT servers, exchange messages. It serves as a key distribution centre on the server (KDC). During the communication process, numerous sessions may be generated, and every slot may be protected using the technique of forward secrecy. Encryption method used to protect online conversations is called forward secrecy. With this technique, an adversary cannot obtain historical data from a collection of

150

R. Naveenkumar et al.

transmission time. The use of the key for one session has no bearing on the usage of the key for another session in forward secrecy. A simple encryption technique that uses a chaotic method was based key given to the hardware field-programmable gate array (FPGA). The system reaches a maximum throughput of 200 kbps using 1550 logic gates and keys that are 128 bits in size and provides a strategy that depends on deployment knowledge. With this plan, extra critical assignments are eliminated. Leaky noise was suggested as a side-channel attack mitigation method. The authors evaluated leakage and used statistical techniques to categorise noise. They offered advanced encryption standard (AES) key recovery. Moreover, the approach falls short in terms of effectively reducing the attacks. (ii) Asymmetric Key Cryptography Countermeasures A popular technique for enabling effective and safe communication between nodes is “Public key cryptography” (PKC), sometimes known as asymmetric key cryptography (AKC). Using the public key of the receiver, the sender encrypts an information in the AKC. With the use of his private key, the recipient decrypts the communication. Different asymmetric algorithms, including RSA, have been created and put into use thus far (PGP). Digital signature algorithms (DSA) and Message Digest-5 (MD5) are both built using the AKC [40]. Greater energy and processing requirements as well as higher operational costs are the main shortcomings of AKC’s IoT application. Despite these issues, researchers continue to work on applying this technique in the IoT ecosystem [7]. The traditional RSA algorithm is comparable to Rabin’s strategy. For decrypting messages with the same level of security as the RSA algorithm, this method uses the similar amount of power. Since only one square is required to encode a message, this encryption method is substantially quicker. As an alternative to the ECC and RSA algorithms, NtruEncrypt is a lattice-based cryptosystem. For extremely resource-constrained items like RFID tags and smartcards, the technique is most effective and appropriate. For the Internet of Things, a lightweight no-pairing solution utilising the ECC algorithm has been given in [65]. This is a successful access control and encryption broadcasting technique based on cipher text. (iii) Countermeasures using Hybrid Key Cryptography Hybrid Key is a technique it combines both symmetric and asymmetries cyphers to create countermeasures (HKC). Hybrid plans make use of the advantages of both strategies’ strengths. Numerous studies have demonstrated that combining symmetric and asymmetric technique takes advantage of both techniques and develops it by appropriating IoT networks. Additional research is still required for make hybridsecurity solutions both more lightweight and more effective. For big hierarchical networks that can benefit from both public and secret key methods, existing hybrid solutions are advantageous. Hybrid cryptography comes in many forms for networks and devices with low resources. The hybrid technique known as Hybrid Key Management is primarily intended for heterogeneous WSNs. While neighbouring the identical cluster’s nodes employ symmetric encryption using a cluster feature, cluster heads and BSs use the public key (lightweight) encryption technique. The LEA-IoT

Enhancing Encryption Security Against Cypher Attacks

Input Image

Cipher Image

151

Output Image

Fig. 2 Input, Cipher and encrypted image

hybrid lightweight encryption technique was proposed in [66]. This hybrid technique secures data by combining synchronous cryptography using encryption and a conventional secret key (asymmetric) on a linear block cypher (Fig. 2). The data encryption and decryption times and key generation times were determined to be the quickest. With this method, low-latency communication was accomplished. The secure IoT (SIT) platform uses a five-round, 64-bit block cypher with symmetric key encryption. Depending on Feistel and Substitution-Permutation (SP) networks, it is a compact hybrid solution.

11 Conclusion In the hardware security, side-channel analysis (SCA) attacks, one of the most dangerous vulnerabilities in embedded systems, compromise confidentiality by looking for connections between processed data and observable, physical side effects of computation, like as consumption of power, Electromagnetic (EM) emanations, and timing, despite the fact that physical SCA attacks on AI-enabled edge devices are especially problematic due to their great vulnerability to attackers. This paper discusses several security assaults in terms of criteria such as device level, location, and attack levels. Multilayer attacks and their countermeasures are discussed in greater detail.

References 1. H. Sundmaeker, P. Guillemin, P. Friess, and S. Woelfflé, “Vision and challenges for realising the Internet of Things,” Cluster Eur. Res. Projects Internet Things, Eur. Commision, vol. 3, no. 3, pp. 34–36, 2010. 2. G. Svensson, “Auditing the human factor as a part of setting up an information security management system,” KTH, Stockholm, Sweden, Tech. Rep., 2013. 3. F. Li, Y. Han, and C. Jin, “Practical access control for sensor networks in the context of the Internet of Things,” Comput. Commun., vols. 89–90, pp. 154–164, Sep. 2016, doi: https://doi. org/10.1016/j.comcom.2016.03.007.

152

R. Naveenkumar et al.

4. V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, “A survey on IoT security: Application areas, security threats, and solution architectures,” IEEE Access, vol. 7, pp. 82721– 82743, 2019, doi: https://doi.org/10.1109/ACCESS.2019.2924045. 5. Liao, Y. Ali, S. Nazir, L. He, and H. U. Khan, “Security analysis of IoT devices by using mobile computing: A systematic literature review,” IEEE Access, vol. 8, pp. 120331–120350, 2020, doi: https://doi.org/10.1109/ACCESS.2020.3006358. 6. N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network intrusion detection for IoT security based on learning techniques,” IEEE Commun. Surveys Tuts., vol. 21, no. 3, pp. 2671–2701, 3rd Quart., 2019, doi: https://doi.org/10.1109/COMST.2019.289 6380. 7. K. T. Nguyen, M. Laurent, and N. Oualha, “Survey on secure communication protocols for the Internet of Things,” Ad Hoc Netw., vol. 32, pp. 17–31, Sep. 2015, doi: https://doi.org/10.1016/ j.adhoc.2015.01.006. 8. M. C. Domingo, “An overview of the Internet of Things for people with disabilities,” J. Netw. Comput. Appl., vol. 35, no. 2, pp. 584–596, Mar. 2012, doi: https://doi.org/10.1016/j.jnca. 2011.10.015. 9. A. Gluhak, S. Krco, M. Nati, and D. Pfisterer, “A survey on facilities for experimental Internet of Things research,” IEEE Commun. Mag., vol. 49, no. 11, pp. 58–67, Nov. 2011, doi: https:// doi.org/10.1109/MCOM.2011. 6069710. ˇ 10. A. Colakovi´ c and M. Hadžiali´c, “Internet of Things (IoT): A review of enabling technologies, challenges, and open research issues,” Comput. Netw., vol. 144, pp. 17–39, Oct. 2018, doi: https://doi.org/10.1016/j.comnet.2018.07.017. 11. L. S. Sayana and B. K. Joshi, “Security issues in Internet of Things,” in Proc. UGC Sponsored Nat. Conf. Global Challenges-Role Sci. Technol. Imparting Solutions, Haryana, India, Apr. 2016, pp. 2–8. 12. M. Katagi and S. Moriai, Lightweight Cryptography for the Internet of Things. Tokyo, Japan: Sony Corporation, 2008, doi: https://doi.org/10.1109/JIOT.2014.2323395 13. T. Nandy, M. Y. I. B. Idris, R. Md Noor, L. Mat Kiah, L. S. Lun, N. B. Annuar Juma’at, I. Ahmedy, N. Abdul Ghani, and S. Bhattacharyya, “Review on security of Internet of Things authentication mechanism,” IEEE Access, vol. 7, pp. 151054–151089, 2019, doi: https://doi. org/10.1109/ACCESS.2019.2947723. 14. V. Petrov, S. Edelev, M. Komar, and Y. Koucheryavy, “towards the era of wireless keys: How the IoT can change authentication paradigm,” in Proc. IEEE World Forum Internet Things (WF-IoT), Mar. 2014, pp. 51–56, doi: https://doi.org/10.1109/WF-IoT.2014.6803116. 15. Q. M. Ashraf and M. H. Habaebi, “Autonomic schemes for threat mitigation in Internet of Things,” J. Netw. Comput. Appl., vol. 49, pp. 112–127, Mar. 2015, doi: https://doi.org/10. 1016/j.jnca.2014.11.011. 16. W. Hu, C. -H. Chang, A. Sengupta, S. Bhunia, R. Kastner and H. Li, “An Overview of Hardware Security and Trust: Threats, Countermeasures, and Design Tools,” in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 40, no. 6, pp. 1010–1038, June 2021, doi: https://doi.org/10.1109/TCAD.2020.3047976. 17. Massad, M.E.; Garg, S.; Tripunitara, M. Reverse Engineering Camouflaged Sequential Integrated Circuits Without Scan Access. arXiv 2017, arXiv:1710.10474. 18. Szefer, J. Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses. J Hardw Syst Secur 3, 219–234 (2019). https://doi.org/10.1007/s41635-018-0046-1. 19. Nisha Jacob, Dominik Merli, Johann Heyszl, Georg Sigl. Hardware Trojans: current challenges and approaches IET Comput. Digit. Tech., 2014, Vol. 8, Iss. 6, pp. 264–273. doi: https://doi. org/10.1049/iet-cdt.2014.0039 20. Salmani, H., Tehranipoor, M., & Plusquellic, J. (2011). A novel technique for improving hardware trojan detection and reducing trojan activation time. IEEE transactions on very large scale integration (VLSI) systems, 20(1), 112–125. 21. Rostami, M., Koushanfar, F., & Karri, R. (2014). A primer on hardware security: Models, methods, and metrics. Proceedings of the IEEE, 102(8), 1283–1295.

Enhancing Encryption Security Against Cypher Attacks

153

22. M. M. Hossain, M. Fotouhi, and R. Hasan, “Towards an analysis of security issues, challenges, and open problems in the Internet of Things,” in Proc. IEEE World Congr. Services, Jun. 2015, pp. 21–28, doi: https://doi.org/10.1109/SERVICES.2015.12. 23. O. Hahm, E. Baccelli, H. Petersen, and N. Tsiftes, “Operating systems for low-end devices in the Internet of Things: A survey,” IEEE Internet Things J., vol. 3, no. 5, pp. 720–734, Oct. 2016, doi: https://doi.org/10.1109/JIOT.2015.2505901. 24. A. K. Bairagi, R. Khondoker, and R. Islam, “An efficient steganographic approach for protecting communication in the Internet of Things (IoT) critical infrastructures,” Inf. Secur. J.: A Global Perspective, vol. 25, nos. 4–6, pp. 197–212, Dec. 2016, doi: https://doi.org/10.1080/19393555. 2016.1206640. 25. H. Suo, J. Wan, C. Zou, and J. Liu, “Security in the Internet of Things: A review,” in Proc. Int. Conf. Comput. Sci. Electron. Eng., vol. 3, Mar. 2012, pp. 648–651, doi: https://doi.org/10. 1109/ICCSEE.2012.373. 26. I. Andrea, C. Chrysostomou, and G. Hadjichristofi, “Internet of Things: Security vulnerabilities and challenges,” in Proc. IEEE Symp. Comput. Commun. (ISCC), Jul. 2015, pp. 180–187, doi: https://doi.org/10.1109/ISCC.2015.7405513. 27. D. R. E. Gnad, J. Krautter, and M. B. Tahoori, “Leaky noise: New side-channel attack vectors in mixed-signal IoT devices,” IACR Trans. Cryptograph. Hardw. Embedded Syst., vol. 2019, no. 3, pp. 305–339, 2019, doi: https://doi.org/10.13154/tches.v2019.i3.305-339. 28. A. Sayakkara, N.-A. Le-Khac, and M. Scanlon, “Leveraging electromagnetic side-channel analysis for the investigation of IoT devices,” Digit. Invest., vol. 29, pp. S94–S103, Jul. 2019, doi: https://doi.org/10.1016/j.diin.2019.04.012 29. J. O. Agyemang, J. J. Kponyo, and I. Acquah, “Lightweight man-inthe-middle (MITM) detection and defense algorithm for WiFi-enabled Internet of Things (IoT) gateways,” Inf. Secur. Comput. Fraud, vol. 7, Jan. 2019, doi: https://doi.org/10.12691/iscf-7-1-1. 30. W. Zhang and B. Qu, “Security architecture of the Internet of Things oriented to perceptual layer,” Int. J. Comput., Consum. Control, vol. 2, no. 2, pp. 37–45, 2013. [Online]. Available: http://ij3c.ncuteecs.org/volume/paperfile/2-2/IJ3C_5.pdf 31. M. U. Farooq, M. Waseem, A. Khairi, and S. Mazhar, “A critical analysis on the security concerns of Internet of Things (IoT),” Int. J. Comput. Appl., vol. 111, no. 7, 2015, doi: https:/ /doi.org/10.2136/sssaj1987.03615995005100060002x. 32. Y. Lee, W. Lee, G. Shin, and K. Kim, “Assessing the impact of dos attacks on iot gateway,” in Advanced Multimedia and Ubiquitous Engineering. Singapore: Springer, 2017, pp. 252–257. 33. S. Chandra, S. Paira, S. S. Alam, and G. Sanyal, “A comparative survey of symmetric and asymmetric key cryptography,” in Proc. Int. Conf. Electron., Commun. Comput. Eng. (ICECCE), Nov. 2014, pp. 83–93, doi: https://doi.org/10.1109/ICECCE.2014.7086640. 34. I. K. Dutta, B. Ghosh, and M. Bayoumi, “Lightweight cryptography for Internet of insecure Things: A survey,” in Proc. IEEE 9th Annu. Comput. Commun. Workshop Conf. (CCWC), Jan. 2019, pp. 0475–0481, doi: https://doi.org/10.1109/CCWC.2019.8666557. 35. B. Ryabko and A. Soskov, “The distinguishing attack on Speck, Simon, Simeck, HIGHT and LEA,” IACR Cryptol. ePrint Arch., vol. 2018, no. 47, pp. 1–9, 2018. 36. C. Pham, Y. Lim, and Y. Tan, “Management architecture for heterogeneous IoT devices in home network,” in Proc. IEEE 5th Global Conf. Consum. Electron., Oct. 2016, pp. 1–5, doi: https://doi.org/10.1109/GCCE.2016.7800448. 37. L. B. de Guzman, A. M. Sison, and R. P. Medina, “MD5 secured cryptographic hash value,” in Proc. Int. Conf. Mach. Learn. Mach. Intell. (MLMI), 2018, pp. 54–59, doi: https://doi.org/ 10.1145/3278312.3278317. 38. R. Rivest, The MD5 Message-Digest Algorithm, document RFC 1321, 1992, p. 116, vol. 4. 39. N. R, “A survey on cryptography algorithms,” Int. J. Sci. Res., vol. 3, no. 4, pp. 398–402, 2014. 40. O. G. Abood and S. K. Guirguis, “A survey on cryptography algorithms,” Int. J. Sci. Res. Publications, vol. 8, no. 7, pp. 495–516, 2018. 41. N. K. Gyamfi and E. Owusu, “Survey of mobile malware analysis, detection techniques and tool,” in Proc. IEEE 9th Annu. Inf. Technol., Electron. Mobile Commun. Conf. (IEMCON), Nov. 2018, pp. 1101–1107.

154

R. Naveenkumar et al.

42. P. Schaffer, K. Farkas, Á. Horváth, T. Holczer, and L. Buttyán, “Secure and reliable clustering in wireless sensor networks: A critical survey,” Comput. Netw., vol. 56, no. 11, pp. 2726–2741, Jul. 2012, doi: https://doi.org/10.1016/j.comnet.2012.03.021. 43. S. R. Ganta, S. P. Kasiviswanathan, and A. Smith, “Composition attacks and auxiliary information in data privacy,” in Proc. 14th ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, 2008, pp. 265–273. [Online]. Available: http://arxiv.org/abs/0803.0032. 44. P. Pongle and G. Chavan, “A survey: Attacks on RPL and 6LoWPAN in IoT,” in Proc. Int. Conf. Pervas. Comput. (ICPC), Jan. 2015, pp. 1–5, doi: https://doi.org/10.1109/PERVASIVE. 2015.7087034. 45. A. Mitrokotsa, M. R. Rieback, and A. S. Tanenbaum, “Classification of RFID attacks,” Gen, vol. 1569314443, pp. 73–86, Mar. 2011, doi: https://doi.org/10.5220/0001738800730086. 46. K. Zhang, X. Liang, R. Lu, and X. Shen, “Sybil attacks and their defenses in the Internet of Things,” IEEE Internet Things J., vol. 1, no. 5, pp. 372–383, Oct. 2014, doi: https://doi.org/10. 1109/JIOT.2014.2344013. 47. L. K. Bysani and A. K. Turuk, “A survey on selective forwarding attack in wireless sensor networks,” in Proc. Int. Conf. Devices Commun. (ICDeCom), Feb. 2011, pp. 1–5. 48. W. Liu, “Various detection techniques and platforms for monitoring interference condition in a wireless testbed,” in Measurement Methodology and Tools. Berlin, Germany: Springer, 2013, pp. 43–60. 49. J. Deogirikar and A. Vidhate, “Security attacks in IoT: A survey,” in Proc. Int. Conf. I-SMAC (IoT Social, Mobile, Analytics Cloud) (I-SMAC), Feb. 2017, pp. 32–37, doi: https://doi.org/ 10.1109/I-SMAC.2017.8058363. 50. H.-S. Ham, H.-H. Kim, M.-S. Kim, and M.-J. Choi, “Linear SVM-based Android malware detection for reliable IoT services,” J. Appl. Math., vol. 2014, pp. 1–10, 2014. 51. A. Abeshu and N. Chilamkurti, “Deep learning: The frontier for distributed attack detection in Fog-to-Things computing,” IEEE Commun. Mag., vol. 56, no. 2, pp. 169–175, Feb. 2018, doi: https://doi.org/10.1109/MCOM.2018.1700332. 52. W. Fang, X. Tan, and D. Wilbur, “Application of intrusion detection technology in network safety based on machine learning,” Saf. Sci., vol. 124, Apr. 2020, Art. no. 104604, doi: https:/ /doi.org/10.1016/j.ssci.2020.104604. 53. H. Bostani and M. Sheikhan, “Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach,” Comput. Commun., vol. 98, pp. 52–71, Jan. 2017, doi: https://doi.org/10.1016/j.comcom.2016.12.001. 54. R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep learning approach for intelligent intrusion detection system,” IEEE Access, vol. 7, pp. 41525–41550, 2019, doi: https://doi.org/10.1109/ACCESS.2019.2895334. 55. K. Alrawashdeh and C. Purdy, “Toward an online anomaly intrusion detection system based on deep learning,” in Proc. 15th IEEE Int. Conf. Mach. Learn. Appl. (ICMLA), Dec. 2016, pp. 195–200, doi: https://doi.org/10.1109/icmla.2016.0040. 56. Y. Li, R. Ma, and R. Jiao, “A hybrid malicious code detection method based on deep learning,” Int. J. Secur. Its Appl., vol. 9, no. 5, pp. 205–216, May 2015, doi: https://doi.org/10.14257/ ijsia.2015.9.5.21. 57. N. Gao, L. Gao, Q. Gao, and H. Wang, “An intrusion detection model based on deep belief networks,” in Proc. 2nd Int. Conf. Adv. Cloud Big Data, Nov. 2014, pp. 247–252, doi: https:// doi.org/10.1109/CBD.2014.41. 58. L. Xiao, Y. Li, G. Han, G. Liu, and W. Zhuang, “PHY-layer spoofing detection with reinforcement learning in wireless networks,” IEEE Trans. Veh. Technol., vol. 65, no. 12, pp. 10037–10047, Dec. 2016, doi: https://doi.org/10.1109/TVT.2016.2524258. 59. S. Chen, Z. Pang, H. Wen, K. Yu, T. Zhang, and Y. Lu, “Automated labeling and learning for physical layer authentication against clone node and sybil attacks in industrial wireless edge networks,” IEEE Trans. Ind. Informat., early access, Jan. 15, 2020, doi: https://doi.org/10.1109/ TII.2020. 2963962 60. A. Sayakkara, N.-A. Le-Khac, and M. Scanlon, “Leveraging electromagnetic side-channel analysis for the investigation of IoT devices,” Digit. Invest., vol. 29, pp. S94–S103, Jul. 2019, doi: https://doi.org/10.1016/j.diin.2019.04.012.

Enhancing Encryption Security Against Cypher Attacks

155

61. S. Sharmeen, S. Huda, J. H. Abawajy, W. N. Ismail, and M. M. Hassan, “Malware threats and detection for industrial mobile-IoT networks,” IEEE Access, vol. 6, pp. 15941–15957, 2018, doi: https://doi.org/10.1109/ACCESS.2018.2815660. 62. L. Sweeney, “A model for protecting privacy,” Int. J. Uncertainty, vol. 10, no. 5, pp. 1–14, 2002. 63. P. Yi, Y. Hou, Y. Zhong, S. Zhang, and Z. Dai, “Flooding attack and defence in ad hoc networks,” J. Syst. Eng. Electron., vol. 17, no. 2, pp. 410–416, 2006, doi: https://doi.org/10.1016/S10044132(06)60070-4. 64. Z. Liu, H. Liu, W. Xu, and Y. Chen, Wireless Jamming Localization by Exploiting Nodes’ Hearing Ranges, vol. 9, no. 3. Berlin, Germany: Springer, 2010. 65. M. Faheem, S. Jamel, A. Hassan, Z. A., N. Shafinaz, and M. Mat, “A survey on the cryptographic encryption algorithms,” Int. J. Adv. Comput. Sci. Appl., vol. 8, no. 11, pp. 333–344, 2017, doi: https://doi.org/10.14569/ijacsa.2017.081141. 66. M. A. Habib, M. Ahmad, S. Jabbar, S. H. Ahmed, and J. J. P. C. Rodrigues, “Speeding up the Internet of Things: LEAIoT: a lightweight encryption algorithm toward low-latency communication for the Internet of Things,” IEEE Consum. Electron. Mag., vol. 7, no. 6, pp. 31–37, Nov. 2018.

Biometric-Based Key Generation Using AES Algorithm for Real-Time Security Applications S. Sridevi Sathya Priya, N. M. Sivamangai, R. Naveenkumar, A. Napolean, and G. Saranya

Abstract This work focuses on the use of cryptography and encryption in iris and biometric technology. For AES encrypt and decrypt technique, a 128-bit biometric key is created. Fingerprints and iris scans served as the biometrics in the key generation process. Two distinct keys were produced from fingerprints and irises by extracting characteristics. The properties of both the iris and the fingerprint are then combined to create a key through the fusion process once more. The final biometric key is then created using a fuzzy commitment approach, and it is exceptionally secure because it requires both iris and fingerprint authentication. The randomness of the key was created; various randomness tests were carried out. The generated key is secure when the obtained p value is smaller than 1. The AES encryption and decryption techniques were used to encrypt/decrypt the final biometric key.

1 Introduction Cryptosystem has been widely employed for security in all applications during the information era. The practise of encrypting data into cypher text, an unintelligible format, was done in order to secure it. The message can only be translated into plain text by someone who has a secret key to decipher (or decrypt) it. Cryptanalysis, often known as code cracking, can occasionally decipher encrypted messages, R. Naveenkumar (B) Research Scholar, Department of ECE, Karunya Institute of Technology and Sciences, Coimbatore, India e-mail: [email protected] S. Sridevi Sathya Priya · N. M. Sivamangai · A. Napolean Department of ECE, Karunya Institute of Technology and Sciences, Coimbatore, India G. Saranya Department of ECE, Rajalakshmi Engineering College, Chennai, Tamilnadu, India e-mail: [email protected] R. Naveenkumar Assistant Professor, Department of ECE, Karpagam Academy of Higher Education, Coimbatore, India © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_8

157

158

S. Sridevi Sathya Priya et al.

although modern cryptography methods are mostly impenetrable. Electronic security is becoming more crucial as the Internet, and other electronic communication channels become more widely used. Emails, credit card numbers, and business data are all protected using cryptography. Good privacy is among the most widely used free and effective cryptography methods on the Internet. Symmetric key cryptography employs a single key that is known to both the sender and the recipient, while public key cryptography uses two keys (public) that is revealed to all individuals and a (private) that is only known to the message’s recipient. Before and during World War II, cryptography was primarily employed for military purposes. The ground-breaking work of Claude Shannon in 1948 served as the foundation with both processing theory and cryptography. After the war, as computer systems and electronic communications expanded, so did the usage of cryptographic techniques for financial transactions, passwords, and other computer security-related purposes. The application of error-correcting codes in satellite and radio-based communication systems also changed. These applications as well as the developing theory of codes led to a lot of mathematical activity. Information is transformed using encryption to stop unauthorised users from accessing our data. This is the traditional definition of secrecy, where authors aim to stop information from being used by an attacker. Many people consider confidentiality to be the most important concern in the area of information protection. The most basic application of cryptography is secure communication.

Overview Encoding messages so that only authorised parties can decipher them but hackers cannot is known as encryption in cryptography. An encryption algorithm is used in a strategy to transform a message or piece of information into unintelligible cypher text. Any opponent who has access to the encrypted text should be unable to decipher the original message in any way. However, a legitimate party can decipher the encrypted text using a decryption technique, which typically needs an unique decryption key that enemies are not aware of. A key generation technique is typically required by an encryption scheme for technical reasons in order to generate keys at random. Authors use biometric keys, which have higher degrees of security, rather than using random ones.

Methods of Encryption Private key encryption and public key encryption are the two primary methods of encryption. Thus, communicating parties must agree on a secret key before communicating in order to prevent unauthorised users from altering the material. In contrast, in public key methods, the encryption key is public, which means that anybody has

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

159

Fig. 1 Encryption scheme

access to it and can encrypt data. However, receiving person has path access to the decryption key and hence can read the encrypted data. Encryption of public key is a relatively new approach, whereas private key encryption has been in use for many years. Military forces and governments have historically utilised encryption to enable covert communication. Information protection is currently frequently employed in many different types of civilian systems. Additionally, encryption is used to secure the transmission of data across networks, Bluetooth devices, wireless microphones, intercom systems, and bank ATMs. The encryption process is displayed in Fig. 1.

Cryptography Algorithms Cryptography encryption algorithms are basically divided into two types: asymmetric and symmetric algorithm.

Asymmetric Algorithms Public key cryptography is another term for asymmetric encryption. Asymmetric encryption is distinguished from symmetric encryption by the use of two keys: one for encrypting and one for deciphering. RSA is the most popular asymmetric encryption algorithm. Asymmetric encryption is substantially slower and has a higher computational load than symmetric encryption. As a result, it is rarely used to secure payload data. The interchange of public keys that are only permitted to encrypt data achieves this. To decode, the complimentary private key is used, which is never revealed.

160

S. Sridevi Sathya Priya et al.

Symmetric Algorithm Symmetric encryption is also known as shared encrypt key. One key is employed to both encode and decode traffic in symmetric encryption. DES, 3DES, and AES are examples of common symmetric encryption methods. In IPsec and other forms of VPNs, 3DES and AES are often utilised. The comparison of several algorithms is shown in Table 1. As the underlying encryption employed by WEP, RC4 has found widespread adoption on wireless networks. Symmetric encryption algorithms can be exceedingly fast, and their minimal complexity allows for simple hardware implementation. They do, however, require that all hosts involved in the encryption have already been equipped with the secret key via some external method.

Biometrics This biometric is a distinctive characteristic that may be employed to recognise or confirm a person’s identity automatically. The study of biometrics involves scientifically analysing these biological traits. The most common application of biometric technologies today is the security-related analysis of human traits. The fingerprinting, thumb, eye, face, and voice are the five physical biometric patterns that are most frequently analysed for security reasons, as indicated in Fig. 2. The second section deals with the literature survey. The third part deals with cryptography. Initially, it deals with the advanced encryption standard algorithm. The next fourth section deals with bio-cryptography. This explains the key binding algorithm and processing steps. The final section contains the various experimental results and conclusions. Table 1 Comparison of various algorithms Method

RSA

DES

AES

BLOWFISH

Approach

Asymmetric

Symmetric

Symmetric

Symmetric

Encryption

Slow

Faster

Faster

Faster

Decryption

Slow

Faster

Faster

Faster

Key distribution

Simple

Difficult

Difficult

Difficult

Level of security

High

Medium

Very high

Testing

Key size

> 1024 bits

Too short (56)

128,192 or

32 to 448 bits

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

(a)

(b)

(d)

(e)

161

(c)

(f)

(g) Fig. 2 Examples of biometric characteristics. a Iris, b hand geometry, c fingerprint, d DNA, e signature, f voice, g face

2 Literature Survey This article describes a technique for producing a unique cryptographic key from the user’s stable lifetime figure prints. The suggested approach lowers the cost of lost keys, deals with non-repudiation issues, and boosts the security of digital assets [1]. The fingerprint represents the most prevalent biometric. The clever fingerprint recognition system’s primary objective is to enhance accuracy and efficiency. This approach is extremely beneficial for identifying two fingerprint photographs of the same person that have been misaligned by minor adjustments such as rotation, translation, or scaling.

162

S. Sridevi Sathya Priya et al.

The algorithm compares the Image-input fingerprint to the reference Imagefingerprint kept in the database using minutiae-based matching. The technique employs a number of typical pre-processing stages. It comprises all of the stages involved in extracting the minutiae. The maximum correlation between the original and sensed images is discovered. On the pilot database, the proposed system is examined [2]. The purpose of this research is to figure out why existing security arguments fail to detect practical assaults. It explores the security requirements of biometric key generators and demonstrates how typical arguments ignore practical nuances. Authors examine three types of enemies to provide examples of such oversights. First, authors investigate the impact of persons who can accurately mimic other users’ biometrics and show why traditional evaluation techniques fail to detect these forgers. Second, we investigate generative approaches for creating forgeries by combining knowledge about a target user with population statistics. Here we demonstrate that these forgeries have a significant possibility of subverting biometric key generators. Third, we present an approach for finding a target user’s key by probabilistically enumerating the key space of biometric key generators. Authors examine two biometric key generators and show that our system has at least a 15% chance of correctly guessing purportedly 40-bit keys on the first try for each. It highlights practical approaches to biometric key generator security and establishes a framework for examiners to investigate biometric key generators using adversarial techniques [3]. An authorised cryptographic technique utilised to secure information is the advanced encryption standard (AES), which is a Federal Information Processing Standard. Digital information can be encrypted and decrypted using the block cypher AES algorithm. The VHDL hardware description language is used in this project to implement the Field-Programmable Gate Array (128-bit standard). The National Security Agency declared in June 2003 that TOP SECRET level documents may utilise AES-192/256 and SECRET level documents may use AES-128 [4]. It gives a thorough explanation of cryptography’s various forms. This paper first provides a detailed explanation of cryptography, followed by a proposal for a novel symmetric key algorithm [5]. It reveals the first effective way for integrating iris biometrics into cryptographic systems that is also secure. It refers to this repeated binary string as a biometric key because it can be produced with accuracy from real iris data. Authors thoroughly examined the iris code error patterns to address this issue and came up with a twolayer error correction method. Key could be stored on a tamper-resistant example like a smart card. To compromise the key, the attacker needs to have both of them. Biometric data may now be extracted into a repeating binary string, opening up new potential uses where a solid connection between a person and cryptographic procedures is necessary. One method of identifying people is, for instance, to do it without retaining a central repository of biometric templates, which could pose privacy concerns [6]. The pupil area has been replaced by a circular zone of uniform intensity in the images in the CASIA version 1.0 iris dataset. However, it is not in use; therefore, here we conduct iris recognition experiments. The dataset used differs slightly from the

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

163

dataset for CASIA version 1.0. To remove the specular reflections caused by the near infrared illuminations, a circular zone of constant intensity is substituted for each image in this. The benefit in this case is that continuous intensity is obtained while transferring the pupil images, making artificially simple the automatic detection of the pupil–iris border prior to data dissemination. The disadvantage in this situation is that the original image was not used since the pupil area’s distribution of intensity values was more complicated. The image used for encryption was taken from the accurate iris recognition image in the CASIA version 1.0 database [7]. A framework to convert unstable biometric data into stable cryptography was proposed. This is accomplished with selection of key. Data security or the likelihood of attackers is less secure in this case. The attackers are able to disclose details about the generated keys, such as the fact that classifiers base their key selection on userspecific models and templates [8]. To find a trustworthy reference point and develop a set lock set for a fuzzy vault, an adaptive alignment mechanism is provided. More security is offered by the authentication system than by the conventional one. As this technology advances, system performance, including precision and speed, also advances. The inability to quickly recall the biometric key is one of the drawbacks of all biometric recognition systems [9]. In this article, the AES algorithm’s encryption and decryption are explained. The implementation of AES in CAST’s IP cores is then described. AES algorithm is implemented using these register transfer level cores. The input and block data for AES have the same size because it is a block cypher. The AES algorithm requires an input key as input. An AES implementation with a certain setting is chosen as the mode of operation. Each data block in the input and output is a size of 128 bits fixed. However, a 128-bit key is preferable, because it has been demonstrated that it is immune to attacks, in contrast to the others, which are not. Both decryption and encryption employ the same key [9].

3 Cryptography Methods The intersection between security engineering and mathematics is cryptography. It gives us the resources needed to support the majority of contemporary security standards. It is most likely the main technology that makes distributed system security possible. It was created to reduce security threats. The science and practise of creating cyphers are referred to as cryptography in the simplest terms. The output of an encryption process is known as the cypher text, and the input is frequently referred to as the plaintext. Numerous cryptographic primitives exist; these fundamental building blocks include block cyphers, stream cyphers, and hash functions. Block cyphers can either have different keys for encryption and decryption, in which case they are known as public key or asymmetric block cyphers, in which case they are known as shared key (also known as secret key or symmetric) [10, 11]. A specific kind of asymmetric crypto primitive is a digital signature system.

164

S. Sridevi Sathya Priya et al.

Fig. 3 Symmetric key cryptography block diagram

Symmetric Key Cryptography This is a type of encryption where the sender and recipient of a communication use the same key to encrypt and decode the message. Comparing this to public key, it employs two keys for message encrypt/decrypt. Systems with symmetric keys are easier and quicker. The two types of symmetric key algorithms are stream cyphers and block cyphers. Block cyphers take a group of bits and encrypt them as a single unit, whereas stream cyphers encrypt the message bits one at a time. 64-bit blocks have been widely used. 128-bit blocks are used in the Advanced Encryption Standard (AES) algorithm. The symmetric key algorithms 2-fish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, and IDEA are a few well-known and acknowledged examples. The block diagram for symmetric key cryptography is shown in Fig. 3.

Advanced Encryption Standard (AES) Block cypher AES is used. Both the input and output data are of the same size. Because of using same size data, this algorithm is named as symmetric key encryption algorithm. A 128-bit key is given as input to AES algorithm. Input and output messages are both 128 bits in length. Data are not encrypted as plaintext, while information that is encrypted is as cypher text. The key input has a bit size of 128, 192, or 256 [8]. In Fig. 4, the AES algorithm has series of steps. Except the initial key expansion, all the other steps should be repeated number of times which is called rounds. The AES algorithm has series of steps.

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

165

Fig. 4 AES processing steps

Encryption Steps Figure 4 shows the steps that are to be followed for the encryption process. A 128-bit, 192-bit, or 256-bit key is expanded and divided into 11, 13, or 15 sub-keys, each of which is 128 bits long, in the key expansion stage. Sub-key of each is commonly for a round key because one sub-key corresponds to each AES computation round. Each state information byte is replaced by an entry in a predefined look-up table (LUT) during the sub-bytes stage. Each row’s four state data bytes in the state data matrix are rotated by the shift rows and columns step.

Key Expansion In Fig. 5, the key expansion phase is depicted. Using the Rijndael key expansion method, 3 develops and splits 128 or 256 bits into 11 or 15 sub-level keys, each of which is 128 bits long.

166

S. Sridevi Sathya Priya et al.

Fig. 5 Key expansion and round keys

Fig. 6 Add round key

Add Round Key Figure 6 depicts the add round key phase, which uses an XOR operation to merge present state information with the round key for particular round.

Sub-bytes The sub-bytes step is shown in Fig. 7 substituting every byte of the state data with a line in a set LUT.

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

167

Fig. 7 Sub-bytes

Fig. 8 Shift rows

Shift Rows Each row’s data array comprises 4 bytes of state data that are rotated with shift rows step in Fig. 8.

Mix Columns The mix columns step is shown in Fig. 9 that applies a modification to each column’s state data array including 4 bytes.

168

S. Sridevi Sathya Priya et al.

Fig. 9 Columns with mix

4 Bio-cryptography Methods By employing a biometric to defend the cryptographic key, biometric authentication provides a new approach for key security as an alternative to passcode protection. The usage of passcodes to secure a key can therefore be replaced by biometric authentication. Because only the authorised user can release the key, this provides secure identity validation as well as convenience because the user no longer needs to memorise a passcode. Therefore, by using biometric key as input the image can be encrypted and decrypted. Authors used the key binding algorithm for the generation of the biometric key.

Advantages of Fingerprint Biometrics Fingerprint Identification Technology It is created with of several ridges and valleys on the surface of finger. Finger’s top and lower skin layer segments are represented by ridges and valleys, respectively. There are many other kinds of minutiae, such as dots and tiny ridges. The arrangement of points on a fingerprint can help identify its individuality.

Merits of Fingerprint Biometrics Table 2 mentions the various biometrics levels. To compare relative merits of fingerprint over other biometrics, the following properties can be considered. . Universality—the trait exists in everyone . Individuality—each person has a unique instance of the trait.

Med.

Voice print

High

High

Low

Iris

Signature

Med.

Med.

Hand geometry

Low

Low

Low

High

High

Med.

Face

Uniqueness

Universality

Fingerprint

Biometrics

Table 2 Comparison of various biometrics [13]

Low

Low

High

Med.

High

Med.

Permanence

Med.

High

Med.

High

Med.

High

Collectability

Low

Low

High

Med.

High

Low

Performance

High

High

Low

Med.

Med.

High

Acceptability

Low

Low

High

Med.

High

Low

Circumvention

Biometric-Based Key Generation Using AES Algorithm for Real-Time … 169

170

. . . . .

S. Sridevi Sathya Priya et al.

Permanence— a quality that endures across time Collectability—how straightforward it is to measure the attribute Performance—required resources, speed, and accuracy Acceptability—widely accepted by the public on a cultural level Circumvention—resistant to fictitious attacks.

Key Generation from the Image of Fingerprint The steps followed to generate a biometric key from the image are shown in Fig. 10. The fingerprint is taken and is converted into binary values, and then the binary values are converted into complex using FFT. Row addition is done, and the index of the maximum value is obtained from the matrix obtained. The row which has the maximum value in the complex matrix is called and is converted to binary again. The converted 128 binary bits are taken and are converted to hexadecimal code which is the required biometric key. To check the randomness, a randomness test is performed.

Key Generation from Minutiae of Fingerprint Algorithm This algorithm uses the entire image instead of using a feature-based approach. The numerous procedures needed to create a cryptographic key using a fingerprint biometric are displayed in Fig. 11.

Improving the Image on the Fingerprint Fingerprint image improvement aims to increase the clarity of the image for simple subsequent processes. Since the quality of fingerprint images obtained from sensors or other media cannot be guaranteed to be perfect, enhancement techniques increase contrast of ridges. Joining false broken dots of the ridges caused by not sufficient ink is very helpful in maintaining a high range of identifying fingerprint accuracy [10]. This uniformity makes it easier to identify ridges, which makes it possible to precisely extract minutiae from the thinning ridges. However, in reality, noise components that degrade the sharpness might cause a fingerprint to not always be clearly distinguished. As a result, noise reduction and improved delineation of hills against valleys are frequently achieved through the use of picture enhancing techniques [11].

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

171

Fig. 10 Flowchart for key generation

Histogram Equalisation By widening the distribution of pixel values in an image, histogram equalisation increases the perceived information. The histogram of a fingerprint image is bimodal in nature when it is first created; however, once the histogram has been equalised, the entire range of 0–255 is occupied, improving the visualisation effect.

Binarisation The bulk of minutiae extraction techniques works on digital images. It is simply two types of concern in binary images—the black pixels which depict ridges and the white pixels that signify valleys. A greyscale image is converted into a binary image using a technique known as binarisation. The result is a binary image with the foreground ridges and the background valleys as its two levels of information

172

S. Sridevi Sathya Priya et al.

Fig. 11 Block diagram of biometric key generation system

[10, 12]. Binarisation of the fingerprint picture is carried out using a locally adaptive binarisation technique. This method’s name refers to the mechanism that changes a pixel value to 1 if it exceeds the average intensity of the 16 × 16 block it is a part of right now.

Process of Thinning The process of thinning is lowering each pattern line’s thickness to just one pixel wide. A morphological process called “thinning”. This operation is carried out utilising two sub-iterations of a conventional thinning algorithm. Each sub-iteration starts by looking at the areas around each binary picture pixel, and depending on the certain criteria for the set of detection of pixel, it determines whether or not the pixel can be removed [13, 14]. Up until there are no more pixels left to remove; these iterations are repeated. The subsequent extraction of minutiae uses this skeleton image.

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

173

Minutiae Extraction The process of fingerprint verification involves confirming a person’s identity using his or her fingerprint. In this instance, there is a comparison that is one to one. During identification, the system locates a match among a user’s template and the system identifies the user. As a result, the system uses a one to many comparison to determine a person’s identification.

Randomness Testing A sequence can be subjected to a variety of statistical tests in an effort to assess and compare. It is possible for characterise and describe the characteristics of a random sequence in terms of probability. When statistical tests are conducted on truly random sequences, the anticipated outcome-based tests may be used to determine whether a “pattern,” which would suggest that the sequence is not random if it were found, is present or absent.

5 Results and Discussion This chapter approaches and algorithms were all put into practise using MATLAB 7.7.0. The majority of the authentic fingerprint photos utilised in the studies came from the National Institute of Standards (NIST), while the authentic iris images came from the CASIA iris databases.

Key Generation from Biometric Image Original image is first converted to black and white image to get the binary values for the image. Then, fast Fourier transform was done to the binary image to get the complex values shown in Fig. 12: (a) standard image, (b) B&W image, (c) FFT image, (d) selected part of the image and (e) generated key and p values. Then, a portion of the image is selected based on values of the row addition and a 128-bit biometric key was generated and it was converted to hexadecimal.

174

S. Sridevi Sathya Priya et al.

Fig. 12 a Original image. b B&W image. c FFT image. d Selected part of the image. e Generated key and p values

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

175

Key Generation from Minutiae of Fingerprint When acceptable picture data are represented by similar values, histogram equalisation boosts the contrast of photographs. Histogram equalisation develops the perceived data in the image. It enables the pixel value to grow as shown in Fig. 13; (a) standard image, (b) equalised image of histogram, (c) filtered Wiener image, (d) image in binary, (e) thinned level image and (f) minutiae of extraction. Without changing the ridge structures of the fingerprint, Wiener filtering makes it easier to read. The image is then binarised. The fingerprint’s fine details are then extracted once the image has been flattened using the ridge thinning algorithm.

Fig. 13 a Standard image. b Equalised image histogram. c Filtered Wiener image. d Image binary. e Thinned level image. f Minutiae of extraction

176

S. Sridevi Sathya Priya et al.

Following are the details of the bit of 128 biometric key created on fingerprint. 1,111,111,111,111,111,111,110,001,011,111,111,111,111,111,101,110,111,111, 111,110,111,100,110,001,000,111,110,100,101,001,000,001,000,000,100,011, 000,001,011,001,010,111.

Iris Feature Extraction The original iris are depicted in Fig. 14a, and image’s centre is represented in Fig. 14b. The Canny operator’s ability to link among the images of heavy and light edges by only relating the imperfections in the output if they are linked to the strong edges, as seen in Fig. 14c, is a significant characteristic. Inner side of the iris, which forms

(a)

(b)

(c)

(d)

(e)

(f)

(g) Fig. 14 a Original image. b Centre point of image. c Canny edge detection. d Hough transform. e Radial supressed image. f Localised image. g Normalised image

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

177

pupil, can be precisely established by taking use of the fact that the pupil’s boundary essentially has a circular edge, as shown in Fig. 14d. The radial suppression edge detection approach is utilised to segment iris more precisely and effectively. The image is then adjusted and localised. The first refers to limiting the search regions, such as the pupil centre, and the second, to getting ready a segmented iris image for feature extraction. The following is the 128-bit biometric key created from the iris. 0,000,000,000,000,000,000,000,000,110,001,100,100,011,011,000,000,000,001, 100,111,000,100,000,000,000,000,010,100,100,000,000,000,111,000,111,110, 110,111,000,001,000,000.

Cryptographic Key from the Fused Features The biometric key that formed after the fusion of fingerprint and iris features is as follows. 111,111,111,111,111,111,111,000,100,011,100,110,111,001,000,111,011,111, 100,110,101,111,011,000,100,011,111,000,000,010,010,000,011,110,011,000, 010,111,101,101,111,010. The final biometric key generated by adding a random key to the key generated from the fusion of fingerprint and iris is as follows. 0,100,001,111,100,010,100,110,100,010,101,110,100,100,000,011,000,001,000, 000,100,111,010,100,111,101,001,011,010,001,011,110,000,100,100,110,010,010, 110,001,001,100,001.

Testing Results Test Results for Fingerprints P value of cumulative test for fingerprint is: 0.5003. P value of DCT test for fingerprint is: 8.4474e−297. P value of frequency test for fingerprint is: 0.2548. P value of runs test for fingerprint is: 1.2185e−012.

178

S. Sridevi Sathya Priya et al.

Test Results for Iris P value of cumulative test for iris is: 0.8413. P value of DCT test for iris is: 0.3414. P value of frequency test for iris is: 0.4795. P value of runs test for iris is: 0.3458.

Test Results for Final Biometric Key P value of cumulative test for biometric key is: 0.8413. P value of DCT test for biometric key is: 0.4123. P value of frequency test for biometric key is: 0.3628. P value of runs test for biometric key is: 0.5985.

Results of AES Algorithm Encryption The original text is encrypted and a cypher text is generated by following various steps in Fig. 15a, b. The input given was 00112233445566778899aabbccddeeff, to which the cypher text generated was B7F6718C45479D05D110364D0D86E490.

Decryption The decryption process was done to get the input data by decrypting the cypher text which was generated by encryption process. The cypher text given was B7F6718C45479D05D110364D0D86E490, to which the original data obtained after decryption process were 00112233445566778899aabbccddeeff.

Biometric-Based Key Generation Using AES Algorithm for Real-Time …

179

Fig. 15 a Command window showing original data. b Command window showing cypher text. c Command window showing decryption steps and decrypted data

180

S. Sridevi Sathya Priya et al.

6 Conclusion The 128-bit biometric key for AES encryption and decryption is generated. The biometrics used for key generation process were fingerprints and iris. By extracting features, two individual keys were generated from fingerprints and iris. Then, by fusion process again a key is generated by combining features of both iris and fingerprint. Then, by using fuzzy commitment scheme a key is generated which is the final biometric key which provides very high level security as it has to be authenticated by both iris and fingerprints. Various terms of randomness tests were conducted to test the randomness of the key generated. When the p value obtained is less than 1, then the key generated is secured. The final biometric key was given as input to the AES encryption and decryption algorithms to encrypt and decrypt.

References 1. B.Raja Rao, Dr.E.V.V.Krishna Rao, S.V.Rama Rao,M.Rama mohan rao, “Finger Print Parameter Based Cryptographic Key Generation”, International Journal of engineering Research and Applications (IJERA) ISSN: 2248–9622 www.ijera.com Vol. 2, Issue 6, November- December 2012, pp.1598–1604 2. R. M.Mandi, S. S. Lokhande, “Rotation –Invariant Fingerprint Identification System”, International Journal of Electronics Communication and Computer Technology (IJECCT) Volume 2 Issue 4 (July 2012) 3. Lucas Kevin Ballard, “Robust techniques for evaluating biometric cryptographic key generators”, Johns Hopkins University, ProQuest Dissertations Publishing, 2008. 3309600. 4. Gentre Graham & David Leifker, “VHDL AES128 Encryption/Decryption”, EE 452 Senior Capstone Project I, Bradley University, Department of Electrical and Computer Engineering 5. Ayushi, “A Symmetric Key Cryptographic Algorithm”, 2010 International Journal of Computer Applications (0975 - 8887) Volume 1 – No. 15 6. Yao-Jen Chang, Wende Zhang, and Tsuhan Chen, “Biometrics-Based Cryptographic Key Generation” 2004 IEEE, USA. 7. Shenglin Yang, Ingrid M. Verbauwhede, ”Secure Fuzzy Vault Based Fingerprint Verification System”, 2004 IEEE. 8. Meredith Lucky,” AES Encryption and CAST’s AES IP Cores,” VP Sales, CAST, Inc. December, 2008 9. Sunil V.K. Gaddam, Manoharlal, “Development of Bio-Crypto Key from Fingerprints Using Cancelable Templates”, published in the International Journal on Computer Science and Engineering (IJCSE), Volume: 3, Issue: 2, PP.689–698, p-ISSN: 2229–5631, e-ISSN: 0975–3397, February 2011. 10. Saeed V. Vaseghi, “Advanced signal processing and digital noise reduction (Paperback)”, John Wiley & Sons Inc, pp: 416, July 1996 11. Yahia S. Halabi, Zaid SA”SA, Faris Hamdan, Khaled Haj Yousef, “Modeling adaptive degraded document image binarization and optical character system”, European Journal of Scientific Research, Vol. 28, No.1, pp.14–32, 2009. 12. Lam, L., Seong-Whan Lee, and Ching Y. Suen, “Thinning Methodologies-A Comprehensive Survey,” IEEE Transactions on Pattern Analysis and Machine Intelligence, Vol 14, No. 9, pp: 869–885, September 1992. 13. K P Tripathi, “A Comparative Study of Biometric Technologies with Reference to Human Interface”, International journal of computer applications, Volume 14– No.5, January 2011 14. Andrew rukhin, Juan soto, “A statistical test suite for random and pseudorandom number generators for cryptographic applications”, NIST Special Publication 800–22

Financial Cryptography and Its Application in Blockchain V. Sathya, Sridhar Chandrasekaran, and Govindasamy Madhaiyan

Abstract Financial cryptography is incredibly difficult and calls for knowledge from many different, incompatible, or at the very least, hostile disciplines. Financial cryptography had been trapped between programmers and accountants or between central banking and cryptography. Blockchain is a cutting-edge architecture that combines decentralized information packing, peer-to-peer communication, unanimity procedures, arithmetical encryption machinery, and additional computer expertise. Digital encryption technology is a key component of the blockchain. A requirement for the promotion of blockchain is the key confidentiality of user documents and transaction information. Blockchain’s continued development is both encouraged by and constrained by the advancement of cryptography technology. The model presented in this research aims to cover financial cryptography with a detailed depth of each area. This prototype should help plan, execute, and necessities individuals by organizing collective discipline into a seven-layer, introductory archetypal when there is a clear link between each neighboring layer. It is examined how cryptography is used at every level of the blockchain which includes the data, network, consensus layers, etc. This chapter highlights how the blockchain system as a whole is permeated by cryptography. Keywords Blockchain · Financial cryptography · Seven-layer models · Data security · Smart applications

V. Sathya (B) Department of Artificial Intelligence and Data Science, Panimalar Engineering College, Chennai, India e-mail: [email protected] S. Chandrasekaran School of Electronics Engineering, Vellore Institute of Technology, Chennai 600127, India G. Madhaiyan Institute of Physics, National Yang Ming Chiao Tung University, 1001 Ta Hsueh Rd., Hsinchu, Taiwan 30010 © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_9

181

182

V. Sathya et al.

1 Introduction The field of financial cryptography is very intricate while the region may just be a few years old, depending on your point of view, it is obvious from the implementation effort that much more work was required than the early pioneers had anticipated. Financial cryptography gives the impression to be a knowledge, or conceivably a knack, known as financial cryptography, appears to be at the intersection of accounting and reviewing, indoctrination, systems structural design, cryptography, money matters, the Internet, safekeeping, investment and funding, jeopardy, publicizing and circulation, and dominant banking [1]. At such a demanding intersection of so several different information sets, issues are going to ascend. Finding people with technical, management, and marketing abilities who are at ease working in the field is a challenge, in addition to the inevitable misunderstanding and resource loss. As a first step to comprehending commercial cryptography ventures, it is frequently important to organize various castigations into mockups that enable debate, judgments, and making decisions [2]. Naturally, no one model can encompass the breadth and complexity of a complex topic. Deprived of disbursements too much period on the specifics of each constituent, the reader will be able to conceptualize the complete arena and find the connections between the disciplines using the current model. Breadth comes at the expense of depth. A simple computer system is the peer-topeer system. Within this network, each computer serves as a node for file sharing. There is no central server in the network since each node functions as a server in this case [3]. This makes a tremendous amount of data exchange possible. Each node receives an equal share of the duties. Each linked node in the network has an equal share of work to do. Each node must stop functioning for the network to cease to exist. This is so that each node may function independently. The blockchain looks to function as it would in nature under this concept. The words “block” and “chain” are independent words that together make up the phrase “blockchain”. A block is a group of data, also known as a data record, and a chain is a list of these blocks that are kept in a public database. Cryptography is used to link these lists, creating the utmost important and essential prerequisite for building a blockchain [4]. Blocks are added to a growing collection of records called a blockchain over time. Blockchain cryptography might be a difficult idea to grasp, but we have attempted to make it simpler for you to comprehend [5]. To avert a third party from retrieving and learning the information from the secluded communications sent during an announcement procedure, cryptography is a means of building procedures and protocols. The meanings “hidden” and “to write”, respectively, from the Greek words, Krypto’s and Graphein, are frequently used to describe cryptography. The following list of words connected to cryptography is provided: Encryption is the transformation of plaintext (regular text) into ciphertext (random arrangement of bits). The process of transforming plaintext to ciphertext is known as decryption, which is the opposite of encryption. Cipher: A cryptographic procedure or mathematical function that transforms plaintext into ciphertext.

Financial Cryptography and Its Application in Blockchain

183

Key: A little quantity of data is necessary to cause the cryptographic algorithm’s output. Data security using cryptography prevents illegal entry. Cryptography is employed in the blockchain network’s ability to protect transactions between two nodes [6]. As already said, cryptography and hashing are the two key concepts of a blockchain [7]. In a peer-to-peer system, messages are encrypted by means of cryptography, and a blockchain’s block information and link blocks are secured using hashing [8]. Security of participants, transactions, and precautions against double-spending are the main goals of cryptography. It aids in safeguarding various blockchain network transactions [9]. Blockchain networks can also be effectively used for cryptographical applications of health care, especially for secured data management [10]. In a study [11], the proxy-based re-encryption approach has been effectively used for the secured data among Internet of things networks. Even financial auditing systems can be effectively incorporating blockchain to achieve a higher level of security [12]. Even though international comparative studies of financial systems have frequently shown a link between a strong financial sector and dynamic economic development, recent studies suggest that excessive financial activity can hinder economic growth and lead to financial crises with associated social repercussions. As a result, the variable “size” alone cannot capture the growth impacts of the financial industry. Instead, attention must be paid to the design of monetary systems. Traditionally, the structure of monetary schemes has been examined by contrasting marketconstructed and bank-based systems. In the former, bank loans are primarily used to support external business finance; in the later, stocks, promises and capital invested in a project in which there is a substantial element of risk, typically a new or expanding business have gained importance. Despite significant distinctions between market and bank-based financial intermediation, data analysis has not demonstrated the superiority of one system over the other. While research on different forms of capitalism explains performance similarities with institutional complementarities, some scholars see a homogeneity of nationwide monetary schemes toward market-based finance in light of global financial integration. Thus, research on financialization investigates how capital markets, their intermediaries, and their processes are having an increasing impact on modern economies. Some regard the monetary and pecuniary disaster of 2007–2008, which had the same impact on the market- and bankbased financial systems, as proof that there are not many differences across financial systems across nations. Blockchain eradicates the requirement for a third-party dominant consultant between the nodes that exchange transactional data, making it an immutable, decentralized, and incorruptible ledger system. As it is a permanent, unchangeable, secure, and tamper-proof record of all the transactions. The blockchain is unchangeable since the transactional data cannot be altered or deleted [13]. The key features of blockchain that give the network this degree of security and anonymity are depicted in the Fig. 1. Data security and privacy in every way are promised to be guaranteed by blockchain technology’s properties like decentralization and transparency. Figure 1 demonstrates the characteristics of the blockchain system. To protect the confidentiality and privacy of medical statistics, researchers are integrating blockchain technology into WBAN

184

V. Sathya et al.

Fig. 1 Characteristics of blockchain network

due to the qualities of the technology. Let us examine several WBAN security attacks to help with it. Procedures for standardizing and testing blockchains may be split into two categories. Every single criterion must be created and approved throughout the standardization process. A blockchain may be created and then tested against the preestablished standards to check if it operates as well as its creators say. Specific testing guidelines must be followed while assessing blockchains. Consortium blockchain (Type-I), private blockchain (Type-II), and public blockchain (Type-III) are the three main subcategories of existing blockchain architectures [14]. Everyone may access each record and participate in the agreement cycle on a public blockchain. However, with a consortium blockchain, the agreement technique would only include a few hubs. Only hubs from a single business would be permitted to participate in the agreement mechanism due to a private blockchain [15]. A private blockchain is considered a brought-together organization since one company has unrestricted supervision over it. Because only a small number of hubs would be chosen to decide the agreement, the consortium blockchain created by various organizations is only to a certain extent focused. A comparison of the three various blockchain types is shown in Table 1. On a communal blockchain, the compromise process may involve every node. Additionally, solitary a predetermined customary of protuberances are accountable for certifying the wedge with conglomerate blockchain. Secluded chains are wholly governed by a single organization, which can choose the final consensus. The okay

Financial Cryptography and Its Application in Blockchain

185

Table 1 Comparison of blockchain technologies Possessions

Type-I

Type-II

Type-III

Compromise fortitude

A selection set of protuberances

Single organization

All colliers

Invariability

Could be tinkered

Could be tinkered

Approximately incredible to tamper

Recite authorization

Could be community or controlled

Could be community or controlled

Community

Competence

High

High

Low

Compacted

Fractional

Yes

No

Compromise procedure

Permissioned

Permissioned

Permissionless

has been read. Whether a transaction occurs on a private blockchain or a consortium blockchain determines whether it is enduring and accessible to the general public. Exchanges on a public blockchain are almost impossible to regulate since records are kept on a large number of participants. However, because a private blockchain or a consortium blockchain has fewer users, exchanges on those networks may be quickly tampered with. The public blockchain network has many hubs, and thus, spreading blocks and trades effectively takes a lot of time and money. Low transaction throughput and high latency are the results. With fewer validators, private and consortium blockchains could perform better. Concentrated. Private blockchains are completely united since they are managed by a single entity, whereas consortium blockchains are somewhat decentralized and public blockchains are decentralized. The cycle of consensus cycle of the public blockchain is open to participation from all countries worldwide. Private and consortium blockchains are both permissioned, which is unusual for public blockchains. Since public blockchain is accessible to all users, it may attract a sizable clientele and has vibrant networks. New open blockchains are created regularly. There are several anticipated commercial uses for the consortium blockchain. Blockchain technologies are now being created for corporate consortiums via Hyperledger [16]. Additionally, Ethereum has created tools for opening up consortium blockchains. Regarding the assertion that dividing financial systems into those based on markets and those based on banks is no longer adequate, it should be noted that one reason for this is the growing reliance of banks on capital markets for funding. The presumption that banks behave independently of capital markets is invalidated by this argument. The researchers suggest a novel division of lending into market-based lending and traditional banking, where sets essentially receive payments after consumers then allocate these as loans. Market-based banking places greater emphasize on capital markets as a factor in lending choices. When this categorization is applied to the biggest banks in the UK, France, and Germany, it becomes clear how heavily reliant on the capital market German banks. The classification of banking activity is a significant obstacle to this strategy since it is necessary to examine each bank’s balance

186

V. Sathya et al.

sheet to assess the level of market-based banking. In their fascinating research, they were only able to examine nine of Germany’s more than 2000 banks. A key issue with many comparative financial system studies is the systematic marginalization of small banks, which is overall quite significant when focusing on a small number of big banks.

2 Architecture of Blockchain Technology In 2009, the blockchain, a revolutionary technology, was created to support cryptocurrencies. Right now, it has a significant impact on banking, finance, insurance, government, education, transportation, etc. It is an open distributed ledger technology that gives users safe ways to store financial data. It is a sort of decentralized cryptography that offers a system for reliable transactions devoid of a middleman [13]. Blockchain technology, in contrast to the current security network architecture, is a decentralized and distributed P2P network, allowing several nodes to add to the blockchain network simultaneously. A distributed database is built using a series of blocks connected to create a chain of networks that refers to as a “blockchain”. Figure 2 depicts the typical architecture of a blockchain network. The blockchain network’s nodes may then produce new blocks, join them to the chain, and store them one at a time. Each block has a timestamp to identify when it was created. They have a hash function of the block that came before it in the chain in addition to the actual contents.

Fig. 2 Architecture of blockchain network

Financial Cryptography and Its Application in Blockchain

187

Types of Blockchain Depending upon the accessing capability and usage of the network, blockchain could be categorized into the following types. 1. Public blockchains A public blockchain has no entrance limits by any means. Anybody with admittance to the Internet might utilize it to submit exchanges and sign up as a validator (i.e., partake in the execution of an agreement convention). Such organizations normally give monetary compensations to people that safeguard them utilizing a resistant of stake or proof-of-work technique. The bitcoin and the Ethereum blockchain are two of the greatest besides the most popular public blockchains. 2. Private blockchains Permissioned blockchains are private. Unless the network administrators invite the participant, one cannot join. Access is only allowed for participants and validators. The name distributed ledger (DLT) is regularly utilized for private blockchains to recognize them from other shared decentralized data set frameworks that are not open impromptu process groups. 3. Hybrid blockchains A hybrid blockchain syndicates centralized and decentralized components. The chain’s precise functionality may vary depending on whether portions of centralization and decentralization are carried out. 4. Sidechains A blockchain record that works one next to the other with a fundamental blockchain is alluded to as a sidechain. For the side chain to work autonomously of the principal blockchain, sections from the essential blockchain can be associated with and from it. These passages frequently address computerized resources (e.g., by exploiting a supernumerary method for record possession, substitute settlement scheming, and so on.). A blockchain is decentralized, conveyed, and regularly open computerized record comprised of reports called blocks that are utilized to keep exchanges on a few PCs so that any related block cannot be changed reflectively without changing every succeeding block. This makes it feasible for members to autonomously and sensibly review exchanges. A dispersed timestamping server and a distributed organization are utilized to manage a blockchain information base freely. They are confirmed by far and wide collaboration pushed by a bunch of personal responsibility. A hearty interaction is made conceivable by such a plan where members’ vulnerability about information security is insignificant. A computerized resource loses the property of limitless replication when a blockchain is utilized. By demonstrating that every unit of significant worth was communicated only a single time, it ends the industrious issue of twofold spending. A component for esteem trade has been utilized to characterize a blockchain. Because it creates a record that constrained deal and acknowledgment

188

V. Sathya et al.

when it was accurately designed to determine the economic accord, a blockchain can save title privileges. Shared (P2P) network engineering, encryption procedures, distributed ledger technology (DLT), and decentralized information capacity are the four principal parts of blockchain innovation, distributed capacity, man-made brainpower (AI), computer-generated reality (VR), and the Internet of things may likewise be incorporated (IoT). Notwithstanding, blockchain innovation as it is currently portrayed is restricted to information capacity, datasets, and document activities. The convention layer, augmentation layer, and application layer satisfy the undertaking of information check, information dispersal, and information portrayal at the lower part of the blockchain, separately, from the point of view of the engineering plan, and it is displayed in Fig. 3. The capacity and organization layers make up the convention layer, which gives network programming, dispersed calculations, encryption marks, and information stockpiling. A framework for information capacity and access given blockchain can kill any dependence on a concentrated store. In this construction, the records’ data is kept up within the blockchain, while the genuine documents are kept off-chain using conveyed hash tables (DHTs) spread across numerous areas and a distributed organization. Engineers have created dialects to epitomize space explicit content codes, which is the establishment for blockchain stages like Ethereum to work with exchanges on a decentralized processing stage among parties that poor person laid out trust, in acknowledgment of the specific challenges of blockchain programming.

3 Creating a Blockchain Blockchain is a time-stamped decentralized collection of fixed records that is not owned by any one company and is governed by a vast global network of computers. It holds data of any quantity. Hashing technology is used to secure each block and connect them, guarding against outside interference. Steps for creating a blockchain, mining new blocks, and showing the entire blockchain: Step 1: The data will be reserved in JSON arrangement, which is simple to use besides understand. The information is reserved in blocks, each of which has several data. Multiple blocks are added every minute, and we will employ fingerprinting to distinguish one from the other. Step 2: Hashing is used to perform the fingerprinting, and in this case, the SHA256 hashing technique will be used. To prevent tampering, each block will have a unique hash as well as the hash of the preceding function. Step 3: The blocks will be linked together using this fingerprinting. Each block will be connected to the one before it by its hash and the one after it by providing its hash.

Financial Cryptography and Its Application in Blockchain

Smart Contract Development

Front end Applications

Back end Applications

189

Application Layer

Trust Layer

Consensus Algorithm

Private Blockchain

Block Validation

Blockchain Layer

Transaction Validation

Mining

Transaction Layer

Virtual Servers

Storage

Peer to Peer

Ethereum nodes

Network Layer

Fig. 3 Layered construction of blockchain network

Step 4: By correctly answering the proof-of-work question, the withdrawal of the next chunk is consummate. The PoW must be difficult enough to be exploited to make mining difficult. Step 5: Blocks that have been successfully mined are then added to the chain. Step 6: To prevent any type of manipulation of the blockchain, the authenticity of the chain must be verified after mining multiple blocks. Step 7: Then, depending on the user’s needs, the web app will be created using Flask and published locally or publicly.

4 Blockchain’s Cryptography Function Blockchain technology was created using a variety of different cryptographic ideas. The advancement of cryptographic technology encourages limitations for blockchain growth. In the blockchain, cryptography is primarily employed to maintain data integrity, safeguard user privacy, and preserve transaction information. Symmetric and asymmetric encryption are two of the key cryptographic technologies. Digital signatures are used in asymmetric cryptography for data integrity checks. Every transaction that is recorded to a block is employed by the transmitter with a digital signature, preventing data corruption. In demand to guarantee the reliability and

190

V. Sathya et al.

security of the blockchain, cryptography is necessary since it plays a critical role in keeping the public network safe. A seven-layer networking model that is comparable to the open systems interconnect reference model has been provided, and it is represented in Table 2. This approach stretches out finance and cryptography, exposing five additional areas of interest. This model’s ability to seamlessly transition from the methodological to the presentation provides key participants with convenient entry arguments. Needs have been mapped and follow them down into lower layers by starting at the topmost, the economics layer, and working in the way miserable. If high-level application conversations are available, this might be the best place to start. Alternately, toolkits could be described for the lower layers by starting at the bottom, the cryptography layer. It can be incorporated to the way up from lower layers that are ever more complex, providing a smorgasbord of alternatives to the altogether-inclusive economic applications layer [17]. Layer-1: Cryptography Cryptography is at the bottom. To some amount, the field of the pure discipline known as cryptography offers just mathematical solutions to issues, but it also offers helpful qualities such as: . Security—encryption techniques . Integrity—message digests and hashes . Authentication using hash chains and digital signatures. Layer-2: Software Engineering To effectively take advantage of the cryptographic features, layer 2 software engineering is required. The concepts from networking theory have been incorporated (feedback and idempotency) and add qualities like dependability and resilience in the expression of linkage and nodal undependability or planned unavailabilities such Table 2 Seven-layer networking model for financial cryptography Layers

Layer model

Description of the layer

Layer-7

Finance

Presentations for market and trading activities, digital value issuers, and financial users

Layer-6

Value

Anything has monetary or other worth

Layer-5

Governance

Safeguarding the system against risks that are not technological

Layer-4

Accounting

The framework places value in clear and controllable locations

Layer-

Rights

A notion for authentication that assigns ownership to a unit value and describes how to transfer unit values across unit identities

Layer-2

Software Engineering

How data may be securely held constant on nodes and instructions can be sent via the Internet

Layer-1

Cryptography

Mathematical methods to express certain truths that parties may agree upon as being of value.

Financial Cryptography and Its Application in Blockchain

191

as smart cards and handhelds, and catalogue philosophy (atomicity, transactional honesty, and retrieval) developed. The practical network is provided via software engineering. Transmitting a message via an open network can be spoken out and could be given confidence that it will ultimately reach its intended recipient. Verification could be done that the facts acknowledged by the endpoint are what the address or anticipated thanks to the integrity mechanisms of the preceding layer. The truthfulness of the communications over time could be maintained, in the expression of software and hardware failure, by employing the specialized categorizations of database schemes. Layer-3: Rights Sending messages created for financial cryptographic purposes shall be considered because computing schemes provide a network that could be relied on. In search for a procedure that gives a user unambiguous, determinable authority over assets at the rights layer could be done. This goal is pursued through several methods, such as . Systems based on identity, such as those run by banks. Such solutions typically work by giving a prevailing account receptacle their justification quantity and watchword, which they can use to access their account via an SSL-encrypted Web site. . Transport machinery for other reimbursement organizations, for example, the usage of secure socket layer-based organizations to transfer recognition card evidence; token money that mimics the bearer currency instruments that consumers are accustomed to. . Hybrid systems, which forgo impersonation in favor of bottom-up explanations more suited to the potential and constraints of the system. . Hardware-based approaches, like smart cards. Layer-4: Accounting The earlier levels offer techniques that are trustworthy enough to be used for transferring rights, which refers to anything of value, over an inadequate network. Accounting techniques are required in direction to stockpile and maintain privileges across time. Secretarial may seem boring to financial cryptographers, in addition to that it has sometimes been alluring to neglect it, but familiarity has shown that the classifications without traditional bookkeeping capabilities frequently mislay the importance that has been commended to them. Balance sheets, the accounting equation, and doubleentry bookkeeping are the techniques used in accounting. Accounting principles enable developers of financial cryptography schemes to create intricate coordination that ensures no value will be lost as long as everyone abides by the rules and to effectively pinpoint any instances when the rules are not being followed. The most straightforward approach, for instance, would be token money. Straightforward coin storage for the client would be necessary for a secretarial system founded on demonstrations or currencies. The server would be more complicated since it would need a dual-employed database that cup ties the glide amount, a float account, and an account for unissued value.

192

V. Sathya et al.

Layer-5: Governance The focus needed to be broadened to include risks outside the technological sphere once it is certain that the controlled numerical quantities—the secretarial information—can be safely sent across the Internet and stowed on protuberances. Any technology that is in use has the risk of theft or misuse from those entrusted with system management, whether it be used for trade or monetary purchases. The agency problem may be solved using a wide range of strategies, which refers as governance. Governance Approaches Include . Value escrow with dependable outside parties. For instance, money backing a dollar legal tender would go into a bank interpretation. . Power departure, including separating repetitive administration from value conception, accounting from authentication, and arrangements from promotion. . Dispute steadfastness practices including ombudsmen, arbitration, mediation, litigation, and force. . The protocol’s use of third parties for various functions, such as value generation inside a padlocked system. . Reviewing methods that enable exterior asset and performance observing. . The creation of reports to keep concerned get-togethers informed. For instance, user-determined presentation of the set-aside money that serves as a currency’s security. As engineers, the protocols have been made to work as safe and self-sufficient as they could; our creativity is seen in delegating problem-solving to subordinate sheets. However, since there will always be some value that needs to be safeguarded via extra-protocol methods, this is a goal toward which the personality could only aspire. Recognizing this vacuum in the technical arsenal and working to plug it with apparatuses of ascendancy will make our duty simpler. Figure 4 portrays the traditional finance system. The thing which could be done in the lower layers could be handled, and the things which could not be completed can be transferred into governance. This conciliation between ascendancy and the subordinate sheets frequently serves as the system’s final expression. Layer-6: Value The structure has a framework in place that offers both interior and exterior constancy and safekeeping. A value could be given to it. It refers to the unit of account, its significance, and the range of numbers that apply. One of the following, for instance, might be assigned by a value layer to the virginal records of lower coatings: . . . . .

US currency with a 25-cent to 500-dollar transaction range. Bonds and shares, which serve as tradable assets for capital-raising purposes. Loyalty points that are given for making purchases. Public liabilities like tonnes of pollution or public goods like tonnes of fish. Participation in online initiatives.

Financial Cryptography and Its Application in Blockchain

193

Payment Senders

Value flow

Financial firms

Crypto Exchanges

Crypto Space

Payment Receivers Wallets Fig. 4 Traditional finance system

. Funny money, internal cash used by corporations. The program could be used for any other purpose as it does not seem to care too much about this choice; nonetheless, the firm needs to balance the cost and security concerns. As a consequence of a settlement sandwiched between the receptacle and the proprietor, all values are in electronic form and alternatively referred to this layer as the contract layer. Here, the document could be created that formally documents the arrangement between a counterparty and a handler. Layer-7: Finance . An application has been constructed on the topmost of the assessment film, which offers a framework for monetary connections. It is easy to refer to this final layer as the finance layer because financial cryptography and a program has been developed that gives our creations a financial context. . The applications could be built which immediately beneficial to users at the finance layer. For instance, retail trade involves purchasing products. . Trading in securities for investment. . Loyalty programs and gift-giving initiatives to promote repeat commerce without necessarily displacing current payment options. . Arcades for the equitable distribution of scarce communal belongings, such as pollution or finite trawling precincts. . Labor market intermediaries. . Systems that are closed or have a specific use, such as operating system sales or commercial assemblage secretarial systems.

194

V. Sathya et al.

Data of Subjective Dimension Hash f (x)

Secure Measurement Hash (Digest)

Message

Fig. 5 Cryptographic hash function

The approach does a good job of addressing and lowering financial cryptography’s inherent complexity. Table 2 shows the layering network model for monetary art of writing and solving the codes which is said to be cryptography. It accomplishes this by separating the arena into seven sections and provided that a way for connecting them (layering).

5 Cryptographic Hash Function Hash gatherings are among the cryptographic anthropology that may be used to protect the integrity of data even though they normally do not encrypt or decode communications [6]. Figure 5 shows about hash function of cryptography. Simply defined, hash functions may map inputs of any size to outputs of a certain size [2], and the resulting output is known as a hash or digest [6]. The idea of trapdoor one-way functions (TOWF) is used to construct hash functions, and a hash purpose is a unidirectional meaning. A fixed, preset resultant output of bit size n can be achieved when it is practical to a communication “m” of variable size when the communication is a part of a certain set of communications {M} [7].

6 Cryptography for Blockchain Before entering into comprehending the role of cryptography in blockchain, let us take time to quickly discuss the blockchain itself. Essentially, it refers to a distributed database that permits decentralization, security, traceability, reliability, and immutability [18]. With blockchain, there is no longer a need for traditional techniques of maintaining central nodes because it introduces a brand-new technique for the cooperative maintenance of nodes by many users [19]. As a result, it is feasible to get the necessary levels of credibility and data integrity while giving other parties responsible for information oversight. The three various varieties of

Financial Cryptography and Its Application in Blockchain

195

blockchain platforms are yet another important aspect of the technology. The many types of blockchain systems include the public chain, private chain, and alliance chain. Each node on a public chain can easily join or exit the blockchain depending on their decisions. On the other hand, for nodes to participate in private blockchains, certain conditions must be satisfied. The alliance chain is in operation under the cooperative supervision of several cooperating organizations. Over the years, blockchain has mostly been associated with the financial industry. It has nonetheless shown the extraordinary potential for enhancing several businesses while also altering the basic tenets of our society. The blockchain serves as an illustration of distributed databases by preserving all user transaction data on it. It becomes logical to conclude that the blockchain has a substantially higher demand for security performance as a result. The peer-to-peer, decentralized blockchain network has no central node, and nodes are not required to build mutual trust. Blockchain must therefore provide enough security for transaction information over risky paths while maintaining transaction integrity. To safeguard user transaction information and privacy while simultaneously ensuring data integrity, encryption has become an essential need for blockchain. The main uses of cryptography are to make sure that participants and transactions are secure, to prevent duplicate spending, and to limit the influence of central authority. Numerous uses of cryptography are seen in daily life. In some circumstances, it aids in securing various network transactions. On the other side, it may also be used to confirm the transfer of digital assets and tokens. Blockchain applications make advantage of the concept of physical signatures through the use of cryptography techniques and encryption keys. To store and transfer data values securely, encryption systems require sophisticated mathematical algorithms. This ensures that only those who are intended to utilize the transaction or the data may obtain, read, and process it. It also makes it conceivable to verify the legitimacy of the participants and the operation. Undoubtedly, blockchain cryptography is difficult to understand. The fundamentals and working principle of cryptography are similar to the radio signals that allows to listen in broadcasts in car’s radio. Figure 6 gives the details of blockchain cryptography. The broadcast is open to everybody, and guests are invited to tune in as well. On the other hand, think of a scenario where two soldiers are conducting radio communication while on a military assignment. Such defense-level communications are highly safeguarded and encrypted, allowing only the intended recipients to access and comprehend them. Blockchain may contain applications for cryptography of the same type. Essentially, cryptography is a method for sending secure messages between two or more parties. Before transmitting a message to the recipient, the sender encrypts it using a particular kind of key and algorithm. The recipient then makes use of decryption to get the original message. The solution specifically mentions encryption keys. A message, data value, or transaction cannot be read by receivers or readers who are not authorized, thanks to encryption keys. Figure 7 explains about the functionality of symmetric key cryptography. They are the ideal instruments for ensuring that a message, data item, or transaction may only be read and processed by the designated receivers. Keys can thereby impart “crypto” characteristics to information.

196

V. Sathya et al.

Image sensors

Generated images

Information storage

Encrypted image by secure function of blockchain

Transaction verification

Cloud

Server

Endorser nodes

Verified block will become parts of all nodes

Edge

Fig. 6 Cryptography for blockchain

Especially in the public blockchain, the bulk of blockchain apps does not explicitly employ sending secret, encrypted messages. A new generation of blockchain apps, on the other hand, makes use of various cryptographic encryption techniques to guarantee the confidentiality and total anonymity of transaction information. Over the years, a large number of brand-new tools with a wide range of functions have been developed for blockchain cryptography applications. Among the tools, hashing and digital signatures are some noteworthy examples. When blockchain cryptography is adequately defined, it is clear that by building protocols to restrict access to and viewing of data by outside parties, cryptography is meant. Modern uses of cryptography include knowledge from a variety of fields, including physics, arithmetic, computer science, engineering, and others. However, the prominence of blockchain cryptography presentations is focused on concepts like encryption, decrypting, cipher, and explanations. Readers must already be familiar with how encryption and decryption are used in cryptography. The cipher

Financial Cryptography and Its Application in Blockchain

197

Fig. 7 Symmetric key cryptography

algorithm is used to execute the encryption and decryption measures, often by going through a set of prearranged stages. Keys are the minimal pieces of information needed to decipher the output of a cryptography method. Let us now examine digital signatures and hashing, the two elements that prove cryptography plays a vital part in the blockchain.

7 Mechanism of Consensus Without a centralized authority, a consensus process can be used to verify that a transaction is legitimate in a network. The consensus is a specific kind of algorithm that enables users to concur on a set of guidelines for adding or creating new pages or blocks of data called records. Blockchain technology uses a diversity of agreement methods, together with proof of work, proof of stake, proof of importance, proof of activity, and others. Bitcoin utilizes a consensus technique known as the proof of work that demands processing resources to compute or solve a mathematical problem. Therefore, if hackers alter a block, they must solve a cryptographic conundrum to validate that change, which slows down computing. For hackers, this is what renders blockchain forever unchangeable. On the other side, the member who finds the solution should raise his hand, so he may make the block. All can then proceed to solve the following block with the approval of all other network participants. Similarly, whoever completes the computational challenge for the second block will validate the following block, and so on until all of the blocks have been verified. Therefore, if hackers alter a block, they must solve a cryptographic conundrum to validate that change, which slows down computing. For hackers, this is what renders blockchain forever unchangeable. On the other side, the member who finds the solution should raise his hand, so he may make the block. All can then proceed to solve the following block with the approval of all other network participants. Similarly, whoever completes the computational challenge for the second block will validate the following block, and so on until all of the blocks have been verified. Inspite of the absence of a dominant expert witness to confirm and substantiate the communications, every blockchain transaction is regarded as being 100% safe and validated. Only the attendance of the compromise procedure, a fundamental component of every blockchain system, makes this feasible. An agreement procedure is

198

V. Sathya et al.

a process that allows every peer in the blockchain system to agree on the disseminated register’s current state. Consensus algorithms accomplish dependability in the blockchain network and build confidence among unidentified peers in a distributed computing setting in this way. In summary, the consensus process makes sure that each new log that is introduced to the blockchain is the only one that every node has agreed upon as the absolute truth. Achieving agreement, collaborating, granting each node identical rights, and requiring each node to participate in the consensus process are just a few of the specific objectives of the blockchain consensus protocol. Therefore, an agreement procedure pursues to identify a shared understanding that welfares of the whole system. The discussion about the several consensus methods and its operation has been discussed here. Proof of Work (PoW): This agreement method determines the miner for the following block generation. Bitcoin employs this PoW agreement method. This approach’s primary objective is to swiftly and easily offer an answer to a difficult mathematical conundrum. Since this mathematical problem requires a lot of computing power, the node that completes it in the shortest amount of time gets the right to mine the upcoming block. Proof of Stake (PoS): It is the most widely used alternative to evidence of accomplishment (PoW). The agreement on Ethereum has switched from PoW to PoS. In this type of consensus method, validators stake a percentage of their tokens to invest in the system’s currency rather than buying costly equipment to answer a difficult task. The blocks will then be verified by all validators. A validator will verify a block by placing a bet on it if they discover one that they think can be added to the chain. All validators receive rewards based on the actual blocks posted to the blockchain in relation to their stakes, and as a result, their stake grows. Ultimately, a verifier is chosen to build a new block based on their financial commitment to the network. As a result, PoS motivates validators to agree through an enticement system. Proof of Burn (PoB): Instead of spending money on pricey physical equipment, PoB validators “burn” tokens by transmitting them to an address from which they are permanently lost. By delivering the coins to an inaccessible address, validators are granted the ability to mine on the network based on a random selection process. In this case, burning coins implies a sustained commitment on the side of validators in exchange for a transient loss. Depending on how the PoB is applied, miners may burn either the original currency of the blockchain application or the money of an alternative chain, like bitcoin. As they spend more money, their odds of being selected to mine the future block rise. PoB is an interesting alternative to PoW, but the algorithm still makes inefficient use of resources. The idea that withdrawal control merely flows to those who are prepared to spend additional money is also contested. Proof of Capacity: In the proof of capacity consensus, validators are expected to use their hard drive space rather than burn coins or buy expensive equipment. If validators have a larger hard drive, they are more likely to be selected to process the next block and receive the block prize.

Financial Cryptography and Its Application in Blockchain

199

Proof of Elapsed Time: PoET is the most ethical agreement procedures, selecting the following block exclusively for ethical reasons. In blockchain networks with permissions, it is commonly employed. Every validator on the system has an equivalent occasion to paradigm their chunk using this process. To achieve this, each node adds proof of their wait to the chunk after waiting for a different retro. The shaped blocks are sent out to the system for review by other users. In the evidence section, the validator with the smallest timer number prevails. The record of the successful validator server is submitted to the blockchain. Additional software protections stop nodes from repeatedly winning the poll or from generating the smallest timer value. Leased proof of stake, proof of activity, proof of weight, proof of significance, and other approaches are additional agreement techniques. Consensus algorithms are crucial to the effective operation of blockchain networks as they enable the authentication of all committed transactions. As a result, it is imperative to choose one carefully based on the requirements of the business network. Multiple servers coming to a consensus on the same information are necessary to create fault-tolerant distributed systems. Let us explain it with a few illustrations. To better understand the process, let us first outline the procedure followed when a client communicates with a server. Process: The server receives a message from the client and responds with a reply. The following characteristics are necessary for a consensus procedure to tolerate failures: Validity: A value must have been suggested by another valid process if a process chooses (reads or writes) it. Every effective procedure must concur on the same value. Every correct procedure must come to an end after a set number of stages. Integrity: Any process has the specified value if and only if all proper processes reach the same conclusion.

8 Algorithm Comparison Analysis The blockchain’s many consensus algorithms each have their advantages and disadvantages. A comparative examination of various algorithms for certain fundamental blockchain features is shown in Table 3. . Energy conservation: In a PoW system, taking out protuberances must continuously resolve a worked out mystery, which uses a lot of computer resources. Consequently, there is a tremendous quantity of energy. But when the search space is made to be constrained in PoS and DPoS, the labor of the miners diminishes. For PBFT and Ripple, there is no mining in terms of agreement approach. Consequently, it saves energy. . Data Archetypal: A data archetypal is an asset-centered operation. All systems need unique setups, and several businesses can set up networks to trade resources with one another. These businesses are referred to as ledger owners. As a means of trading, Ripple offers its token assets and uses its ledger.

Ambitious

Conditional

Operational based

C++, Golang, Solidity, JAVA, Go, C++ LLL

Cryptocurrency, General Application

Bitcoin, Litecoin, Ethereum, ZCash

Computational power

Dynamism efficient

Data archetypal

Morphological

Submissions

Instances

2012

Ripple

Digital Assets, Payment

Justification based

Absolute

Stubby

Civic

1999

Civic

Year of invention

Identification location of nodes

Markus Jakobsson and Jed McCaleb and Ari juels Chris Larsen

Inventor

Ripple

Proof of work

Parameters

Table 3 Analysis of algorithms used for financial cryptography

Peercoin, Tezos, Tendermint

Michaleson Application

Michaleson

Account-based

Partially acceptable

Relatively stubby

Civic

–

Peercoin

Proof of stake

No scripting

Operational and justification-based

Partial

Stubby

Civic

2014

Danial Larimer

Delegated proof of stake

XEM

Bitshares

Blockchain platform Decentralized Exchange

JAVA

Operational and justification-based

Absolute

Stubby

Civic, Remote

2015

NEM

Point of interest

Hyperledger

General application

Golang JAVA

Key-value

Absolute

Stubby

Remote

1999

Castro and Liskov

Practical byzantine fault tolerance PBFT

200 V. Sathya et al.

Financial Cryptography and Its Application in Blockchain

201

. Application: A few ledgers allow for the execution of all-purpose, user-defined calculations. Users may add arbitrary business logic that is implemented on top of the ledger using Hyperchain, Quorum, Monax, Parity, and Definitely, which are Ethereum and its derivatives. . D. Examples: Ethereum and bitcoin both employ the proof-of-work method. While Ripple employs the Ripple Transaction Protocol and includes an accountbased data format, Peercoin exclusively focuses on proof of stake.

9 Repercussions of Blockchain and Financial Cryptography with Digital Signatures and Hash Functions A digital signature is essentially a mathematical method for producing digital codes that are used to check the legibility of digital messages and documents. The codes may be generated and verified using public-key encryption. Additionally, adding a digital signature to a document that is distributed electronically assures that the sender and content of the document are verified. Let us review the principles of security before delving deeper into the ramifications of blockchain and cryptography with digital signatures. In the online transmission of vital data, it is critical to fulfill the demands of four key characteristics. Confidentiality, non-repudiation, authentication, and integrity are the four key characteristics. In general, secrecy needs may be met by encryption techniques like AES. However, for satisfying the necessity of the other three features of non-repudiation, integrity, and authenticity, digital signatures are preferred alternatives. The efficiency of two well-known encryption techniques heavily influences blockchain cryptography with digital signatures. One of the standout features of well-described blockchain cryptography is the application of cryptographic hashing. Cryptographic hashing is a fundamental part of blockchain knowledge. The most significant characteristic of a blockchain is invariability, which is made conceivable via mincing. The usage of keys is not necessary for cryptographic hashing to encrypt data. In contrast, hashing in cryptography uses a cipher or algorithm to extract an input hash value of a specific length. Figure 8 clarifies about the blockchain and financial cryptography. A string of any length can be used as input while hashing, which results in an output with a predetermined length. The usage of the SHA-256 cryptographic hash algorithm exemplifies the most widespread applications of hashing in blockchain technology. The different distinctive qualities that cryptographic hash functions offer make them productive for blockchain cryptography. The qualities that make cryptographic hash functions ideal for blockchain use cases are outlined below. 1. Deterministic hash functions are employed in cryptography. Because of this, no matter how many times you enter a certain input, the hash function consistently generates an output that is the same length. Regardless of whether you entered

202

V. Sathya et al.

Value flow

Financial firms

Crypto Exchanges

Crypto Wallets Fig. 8 Blockchain and financial cryptography

2.

3.

4.

5.

a string with 3 characters or 200 characters, the outcome would always be 32 characters in a set string with a mix of numbers and letters. The second essential quality, uniqueness, is visible in the output of cryptographic hash algorithms. You do not have to be concerned about two different inputs yielding the same output when using cryptographic hash functions. As a result, they can provide unique capabilities for averting conflicts. The feature of irreversibility is also strongly correlated with cryptographic hash algorithms. It is practically impossible to obtain the original input from the output using the methods and technology that are now available. The quicker computing of hashes is a significant feature that confirms the usefulness of hash functions in blockchain and cryptography. Hash functions can produce results more quickly, increasing the likelihood that a transaction will be completed more quickly. One of the characteristics of cryptographic hash algorithms that stands out is the avalanche effect. The underlying implication of the avalanche effect is that a slight modification to the results of the input might result in an entirely different output. The secure hash algorithm, sometimes known as SHA, is the most popular cryptographic hash function. It comes in a variety of forms, such as SHA1, SHA256, MD5, and SHA512. Each cryptographic hash function serves a different purpose, which is as follows: . The Message-Digest algorithm, often known as MD5, creates a 128-bit hash value.

Financial Cryptography and Its Application in Blockchain

203

. SHA1, or Federal Information Processing Standard, is the improved version of SHA developed by NIST. . The SHA256 algorithm computes hash values using 32-bit words, and the message digest is 256 bits. . The SHA512 algorithm uses 64-bit words to compute hash values, while the message digest is 512 bits. It follows that cryptographic hash functions provide special advantages of mathematics with a variety of alluring qualities. The properties of hash functions guarantee the advantages listed below: . . . . .

Have access to ownership documentation without disclosing the information Avoiding illegal transaction alterations Confirming a transaction’s confirmation without having full access to the block Less transactional bandwidth Creation of transactional cryptographic problems.

10 Conclusions The society contains centralized and decentralized models in all aspects particularly in health care. In the future scope, blockchain technology with minimal maintenance offers support to wide range of applications. The blockchain is a perception that, like any innovative technology, first causes interruption and may raise the spirits of humans to the growth of a bigger ecosystem that syndicates the customary way of doing things and the new development. It took a significant transition to see that blockchain might stand in for credit reconstruction and cross-time consensus, allowing individuals to trust one another without the need for social connections or credit accumulation. Even though there was still more work to be done to address the underlying issues, blockchain technology had the potential to increase the security and efficiency of financial markets. Therefore, the present state of the adoption of blockchain in financial services as well as its industrial practices was briefly examined. The difficulties that all nations faced were mostly similar, and recommendations might be made to lessen their effects. In the future, a framework can be created to aid in and permit information exchange in a more structured and balanced fashion, allowing for the concealment of some vital knowledge for defensive strategies like the “Beneficial at the Individual Levels.” In addition, other information may be utilized to reduce the perceived hazards of blockchain and explain to a general audience the advantages of adoption. The approaching year 2020 should serve as a wake-up call to consider the potential future of blockchain. This talk has shown that the blockchain holds several prospects for 2022. In addition, the forecasts for blockchain in 2022 highlight problems that must be solved right away. Better outcomes in a blockchain career may be attained by comprehending market patterns and examining anticipated future developments. Additionally, keeping up with business developments may be

204

V. Sathya et al.

a big assistance to students aiming for blockchain certificates. As the last point, it is obvious that blockchain can rule the technological industry in the future.

References 1. K. Nelaturu, H. Du, and D.-P. Le,“A Review of Blockchain in Fintech: Taxonomy, Challenges, and Future Directions,” Cryptography, vol. 6, no. 2, p. 18, Apr. 2022, doi: https://doi.org/10. 3390/cryptography6020018 2. M. Cerf, S. Matz, and A. Berg, “Using Blockchain to Improve Decision Making That Benefits the Public Good,” Frontiers in Blockchain, vol. 3, Mar. 2020, doi: https://doi.org/10.3389/fbloc. 2020.00013. 3. Y. Wang, “A Blockchain System with Lightweight Full Node Based on Dew Computing,” Internet of Things, vol. 11, p. 100184, Sep. 2020, doi: https://doi.org/10.1016/j.iot.2020.100184 4. D. Heaven, “Bitcoin for the biological literature,” Nature, vol. 566, no. 7742, pp. 141–142, Feb. 2019, doi: https://doi.org/10.1038/d41586-019-00447-9. 5. D. K. Sharma, S. Pant, M. Sharma, and S. Brahmachari, “Cryptocurrency Mechanisms for Blockchains: Models, Characteristics, Challenges, and Applications,” in Handbook of Research on Blockchain Technology, Elsevier, 2020, pp. 323–348. doi: https://doi.org/10.1016/B978-012-819816-2.00013-7. 6. J. Bermejo Higuera, J. R. Bermejo Higuer, J. A. Sicilia Montalvo, and R. González Crespo, “Introduction to Cryptography in Blockchain,” 2022, pp. 1–34. doi: https://doi.org/10.1007/ 978-981-16-3412-3_1. 7. S. Zhai, Y. Yang, J. Li, C. Qiu, and J. Zhao, “Research on the Application of Cryptography on the Blockchain,” J Phys Conf Ser, vol. 1168, p. 032077, Feb. 2019, doi: https://doi.org/10. 1088/1742-6596/1168/3/032077. 8. B. Koteska, E. Karafiloski, A. Mishev, and U. S. Cyril, “Blockchain Implementation Quality Challenges: A Literature Review.” [Online]. Available: http://ceur-ws.org, 9. N. Vallarano, C. J. Tessone, and T. Squartini, “Bitcoin Transaction Networks: An Overview of Recent Results,” Front Phys, vol. 8, Dec. 2020, doi: https://doi.org/10.3389/fphy.2020.00286. 10. I. Yaqoob, K. Salah, R. Jayaraman, and Y. Al-Hammadi, “Blockchain for healthcare data management: opportunities, challenges, and future recommendations,” Neural Comput Appl, vol. 34, no. 14, pp. 11475–11490, Jul. 2022, doi: https://doi.org/10.1007/s00521-020-05519-w. 11. K. O.-B. O. Agyekum, Q. Xia, E. B. Sifah, C. N. A. Cobblah, H. Xia, and J. Gao, “A Proxy ReEncryption Approach to Secure Data Sharing in the Internet of Things Based on Blockchain,” IEEE Syst J, vol. 16, no. 1, pp. 1685–1696, Mar. 2022, doi: https://doi.org/10.1109/JSYST. 2021.3076759. 12. N. Fikri, M. Rida, N. Abghour, K. Moussaid, A. el Omri, and M. Myara, “A Blockchain Architecture for Trusted Sub-Ledger Operations and Financial Audit Using Decentralized Microservices,” IEEE Access, vol. 10, pp. 90873–90886, 2022, doi: https://doi.org/10.1109/ ACCESS.2022.3201885. 13. S. GGrtner and F. Fllgel, “Call for a Spatial Classification of Banking Systems through the Lens of SME Finance -- Decentralized versus Centralized Banking in Germany as an Example,” SSRN Electronic Journal, 2014, doi: https://doi.org/10.2139/ssrn.2446822. 14. H. Wang, Z. Zheng, S. Xie, H. N. Dai, and X. Chen, “Blockchain challenges and opportunities: a survey,” International Journal of Web and Grid Services, vol. 14, no. 4, p. 352, 2018, doi: https://doi.org/10.1504/IJWGS.2018.10016848. 15. P. W. Khan and Y. Byun, “A Blockchain-Based Secure Image Encryption Scheme for the Industrial Internet of Things,” Entropy, vol. 22, no. 2, p. 175, Feb. 2020, doi: https://doi.org/ 10.3390/e22020175 16. B. Zhong, H. Wu, L. Ding, H. Luo, Y. Luo, and X. Pan, “Hyperledger fabric-based consortium blockchain for construction quality information management,” Frontiers of Engineering

Financial Cryptography and Its Application in Blockchain

205

Management, vol. 7, no. 4, pp. 512–527, Dec. 2020, doi: https://doi.org/10.1007/s42524-0200128-y. 17. I. Grigg, “Financial Cryptography in 7 Layers,” International Conference on Financial Cryptography, pp. 332–348. Oct. 2001, doi: https://doi.org/10.1007/3-540-45472-1_23. 18. H. F. Atlam, A. Alenezi, M. O. Alassafi, and G. B. Wills, “Blockchain with Internet of Things: Benefits, Challenges, and Future Directions,” International Journal of Intelligent Systems and Applications, vol. 10, no. 6, pp. 40–48, Jun. 2018, doi: https://doi.org/10.5815/ijisa.2018.06.05 19. . M. B. Yassein, F. Shatnawi, S. Rawashdeh, and W. Mardin, “Blockchain Technology: Characteristics, Security and Privacy; Issues and Solutions,” in 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), Nov. 2019, pp. 1–8. doi: https:/ /doi.org/10.1109/AICCSA47632.2019.9035216.

Algorithmic Strategies for Solving Complex Problems in Financial Cryptography Vani Rajasekar, K. Venu, Vandana Sharma, and Muzafer Saracevic

Abstract Cryptography is used in applications where subversion of the communication system could lead to financial loss, which is known as financial cryptography. In contrast to classical encryption, which has mostly been utilized for military and diplomatic purposes throughout recorded history, financial cryptography focuses on privacy and security. The techniques and algorithms required for the security of financial transfers as well as the development of new money types are included in financial cryptography. Financial cryptography includes proof of work and several auction mechanisms. Spam is being restricted by using hashcash. The applications of financial cryptography have been observed to be highly diverse. Financial cryptography is incredibly difficult and calls for knowledge from many different, incompatible, or at the very least, hostile disciplines. The higher risk factor that efforts to build financial cryptography systems will reduce or eliminate crucial strategies that they are trapped among financial application and cryptography, or between accountants and programmers. Digital finance is playing a big role in how financial services are organized globally. Digitalization, data analysis, and increased processing power enable a wide range of new financial services and transactions. The importance of economic development has attracted a lot of attention to this economic development enabled by digital financial technology (Fintech). Cryptography has begun to expand swiftly in the Fintech sector, and both investors and financial bankers are becoming more favorable toward digital assets. The observed market factors are directly related to how people behave when they engage in financial activity. The result analysis in this behavioral strategies of financial cryptography from a specific market analysis

V. Rajasekar (B) · K. Venu Department of CSE, Kongu Engineering College, Perundurai, India e-mail: [email protected] K. Venu e-mail: [email protected] V. Sharma CHRIST (Deemed to be University), Delhi-NCR, India M. Saracevic Department of Computer Sciences, University of Novi Pazar, Novi Pazar, Serbia © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_10

207

208

V. Rajasekar et al.

is still limited, despite the abundance of research and theories on the underlying motives of people’s behavior in financial frameworks. Keywords Financial cryptography · Private key · Complex functions · Public key · Polynomial functions · Recursive functions

1 Introduction The complexity of cryptographic algorithms and protocols makes it more likely that security-proof vulnerabilities will go unnoticed. Hence, security flaws may not be found. The game-playing method aids in structuring these proofs and can hence boost confidence in their accuracy. According to this perspective, security concepts are expressed as games or programs are denoted with same protocols as cryptographic algorithms. The proof then entails gradually changing the program until the desired qualities are present. To obtain high challenge, some frameworks and proof of concept provide virtual support for formulating algorithms and security representations as well as for validating such game transformation sequences. In this manner, the mechanical security of several cryptographic constructions has been demonstrated. There aren’t many computational models with mechanized security concepts of security protocols like TLS, Kerberos, and IPSec. Tools for symbolic analysis are more common. They presume that cryptography is flawless and treat algorithm representation in algebraic notation rather than bitstrings. Results from computational soundness (CS) tests connect symbolic and computational models, but as far as we know, no mechanical verification has ever been done on them. Yet it would be preferable to automate them for three reasons. First, there are numerous case distinctions in the proofs, which are rather technical. An automated proof assistant can deal with simple situations and ensure that all cases are dealt with and no assumptions are missed. Second, symbolic analyzer is not present in all the protocols, but appears for certain cryptographic algorithms, computational soundness conclusions only need to be formalized once. In other words, a single automated proof produces reliable confidence for entire set of protocols. Finally, conceptualization encourages the development of models and justifications. The proof assistant double-checks the proofs and identifies any adjustments that are required when a primitive is introduced or an assumption is given.

2 Digital Finance Digital finance is playing a big role in how financial services are organized globally. Digitalization, data analysis, and increased processing power enable a wide range of new financial services and transactions. The development of economic growth and advancement has drawn a great deal of interest in this economic growth enabled

Algorithmic Strategies for Solving Complex Problems in Financial …

209

by digital financial technology (Fintech). Cryptography has begun to expand swiftly in the Fintech sector, and investors and financial bankers are becoming more favorable toward digital assets. The observed market factors are directly related to how people behave when they engage in financial activity. The quantitative remark of the behavioral derivative of the financial agents from a specific market assessment is still limited, despite the abundance of research and theories on the underlying motives of people’s behavior in financial frameworks. This study now has a road map thanks to cryptocurrency technology’s extensive information and translation of financial activities. It has given us the ability to conclude the standards of personal behavior of market participants, which we then use to assess the bitcoin and Ethereum cryptocurrency marketplaces. In the proposed work, we apply sophisticated network analysis to first determine several characteristics of cryptography users. Financial cryptography is a challenging subject that calls for expertise from many different, at first glance unconnected professions. Since it is trapped between central financial and cryptography, attempts to develop frameworks for financial cryptography run the major risk of oversimplifying or leaving out crucial disciplines. The general public, investors, business visionaries, regulators, and regulators continue to pay close attention to cryptocurrencies. The significant variations in their prices, which have sparked several fresh open discussions of cryptocurrencies, guarantee that the market for cryptocurrencies is a vacuum with no underlying value. In response to these worries, requests have been made for increased regulation or even a complete boycott. Further conversation should be had on how cryptocurrencies are set up as assets, money, or a combination of the two, how cryptocurrency products and financial services modernization are expected to develop, how initial coin selections are used to try and use cryptocurrency to funding start-ups, and how national banks issue digital currencies using cryptocurrency. When it refers to the justification for the cryptographic aspects of our study, dealers, brokers, financial experts, and investors do not significantly differ from each other. In a perfect system, everyone can place a fixed number of orders and has access to the same data. As a result, there are essentially two types of members: dealers, which include financial advisers, intermediate steps, both institutional and individual investors, and (market) operators, such as the exchanges or its agent. The process of financial cryptography is shown in Fig. 1. Commands in the current financial markets can be divided into two categories: Orders are guidelines to buy or sell a specified number of a confidentiality at a particular price and are packed only when another commercial entity makes the opposing trade. Business orders seem to be guidelines to buy or sell a specified amount of a confidentiality at the current best price in the marketplace whenever feasible.

210

V. Rajasekar et al.

Fig. 1 Financial cryptography

3 Seven Layers of Financial Cryptography In this section, a seven-layer model is illustrated. This paradigm further categorizes finance and cryptography, specifying five additional areas of interest. This design has the advantage of being easily adaptable from technical to application use, providing important stakeholders with convenient access. Designing specifications are shown down to lower levels can be done by starting at the upper layer of finance and working our way down.

The Seven Layers of Financial Cryptography Are as Follows • • • • • • •

Cryptography Software Engineering Rights Accounting Governance Value Finance.

A. Cryptography The application of rules to maintain confidentiality and cryptography is the practice of encoding communications such that only the sender and recipient can decode and

Algorithmic Strategies for Solving Complex Problems in Financial …

211

understand them. As a result, unauthorized individuals cannot access the information. The techniques used in cryptography to secure information come from scientific equations and a collection of fundamental computations known as procedures to change signals in a way that makes them challenging to decode. The major properties of cryptography are 1. Confidentiality 2. Integrity 3. Authentication. B. Software Engineering Software engineering is necessary to effectively utilize cryptography’s features. We add properties like reliability and resilience in the presence of networks and nodal stability and also intended unaccessible in the smart cards and handhelds, using information-based concepts (factors associated, significance integrity, and recovery) and networking theories (feedback). The field of software engineering offers us a useful framework. We can discuss sending a specific message over an open network with the knowledge that the intended recipient will receive it. The integrity measures used in the last layer allow us to verify the information received from recipient is what the sender intended. By implementing particular arrangements of data set theories maintain the confidentiality of communications throughout time, despite software and hardware failure. C. Rights The information is intended for financial cryptographic purposes because both cryptography and software engineering provides a set of networks. The following techniques are geared toward achieving this: • Frameworks based on identity, as those employed by banks. Such frameworks often rely on the account number and password of a current account holder trying to access the information over an SSL-encrypted webpage. • A token currency that resembles commonly used bearer cash instruments. • Transport mechanisms enabling additional payment frameworks which utilizes the SSL based system in financial information. • Hardware-based approaches, like smart cards. D. Accounting The earlier levels offer transmission methods that are reliable enough to be used for anything of high worth, like rights. Now, storing and tracking rights over time requires accounting procedures. Although it may have been tempting to ignore the fact that accounting is a prominent topic for financial cryptographers, history has shown that frameworks lacking standard accounting capabilities eventually become less useful. Examples of accounting discipline techniques include asset reporting, double-entry accounting, and accounting conditions. Accounting enables the development of intricate frameworks for financial cryptography that guarantee that the information is not

212

V. Rajasekar et al.

provided that everyone abides by the rules and that it can be easily determined where the rules are not being observed. What must be displayed is specified by rights, the layer above. For instance, the simplest method is token cash. A straightforward coin storage mechanism for the user would be required by a token-based or coin-based financial system. The server would have to have an information, a float account, and a double-spend database connected to the float amount, making it more difficult. E. Governance Once we are confident that the account-counting numbers, which are a digital amount under control, must be password protected securely over the Internet and secured in the database, we must broaden our perspective to consider risks that go beyond technological ones. Any functional innovation in terms of trading or monetary purchases, there is a chance that people who are authorized with the framework will commit fraud or utilize it improperly. Governance includes the following processes: 1. Trusting third people with an escrow of considerable value. For instance, the money that underlies dollars would be put into a bank account. 2. Power separation, including the separation of systems from marketing, validation from accounting, and value creation from routine management. 3. Conflict resolution mechanisms like judicial processes, ombudsmen, assertiveness, and power. 4. The protocol uses third parties to carry out particular tasks, such as producing considerable information inside the closed system. 5. Auditing practices that permit outside evaluations of performance and resource usage. 6. Reports are produced to keep information flowing to interested parties. For instance, a user-driven presentation of the assets that have been saved and are used to support a currency. F. Value Researcher merely use the information for the purpose since the program isn’t interested in this choice, but the business must abide by the cost and security guidelines. This surface is also referred to as the "Contract layer" since each item in an electrical properties represents a contract between both the proprietor and the user. US dollars with a range of exchange of 25 cents to $500. Trading tradable assets, such as bonds and stocks, to raise capital. Points that can be earned through the purchase of goods. Public goods such as massive quantities of fish or public wastes, like massive quantities of pollution. 5. Stocks in online enterprises. 6. Fake money, used for internal corporate meetings. 1. 2. 3. 4.

Algorithmic Strategies for Solving Complex Problems in Financial …

213

G. Finance One among the upper layer which gives financial transactions structure, we may develop our application. This is called as the finance layer since we’re discussing financial cryptography. In this section, we create an application that advances our objectives financially. 1. Retail trade, which includes goods acquisition. 2. Trading in securities for investment. 3. Frameworks for loyalty and gifts that drive repeat financial concepts but do not basically replace current forms of payment. 4. Information for the reasonable distribution of constrained public goods, such as pollution or fishing zones. 5. Labor market intermediaries. 6. Frameworks with limited purposes, such as those for shareware transactions or corporate meeting accountancy.

4 Recursive Optimization Approach A combinatorial optimization problem, such as the Knapsack problem, looks for the optimal answer among a large number of alternatives. It is focused on a backpack with a positive integer. There are N different elements, each of which has a value that could be put in the knapsack. The Merkle-Hellman system makes use of a Knapsack-like idea. One of the first public key cryptosystems was the Merkle-Hellman knapsack method, developed in the 1970s by Whitfield Diffie, Martin Hellman, and Ralph Merkle. The Merkle-Hellman system is primarily constrained by two restrictions. The group of knapsack components may first be super growing, meaning that the value of each element in the sequence is greater than the sum of the values of its predecessors. In Merkle-Hellman, this is referred to as an easy knapsack sequence. A hard knapsack sequence, on the other hand, is one in which the elements do not adhere to the super-increasing requirement. Merkle-Hellman consists of two keys, a public key for encryption and a private key for decryption, which is different than other public key cryptosystem. The private key is considered as the easier knapsack, while the public key is a hard rucksack. This restriction makes it simple to solve the issue in polynomial time. Second, the knapsack’s volume is fixed and must be greater than the total of its parts. To create public keys and decrypt messages, the system consists of two numbers: a multiplier and a modulus. The Merkle-Hellman cryptosystem can also be configured to use a hard knapsack even for the public key. As was previously denoted, a hard knapsack supports the random collection of components because the set of input knapsack elements is not subject to the super-increasing restriction. This random method takes into consideration the fact that the decryption phase of the subset sum equation, which is NP-Hard, is solved by the recipient of the encryption algorithm. The main disadvantage of this strategy is recursion’s exponential nature.

214

V. Rajasekar et al.

The messages that must be delivered in real-world applications are typically quite large, rendering a recursive solution’s entire encryption and decryption procedure ineffective. Dynamic programming is a different method for turning a simple recursion into an iterative one (DP). The exponential time complexity of recursion is reduced to polynomial time with the aid of this optimization approach. The use of various parallelization techniques can further accelerate the implementation of dynamic programming. OpenMP is a compact and scalable paradigm that offers parallel programmers a straightforward and flexible interface for creating portable distributed programming. On all platforms, including Windows and Unix platforms, it offers parallel multi-platform shared-memory programming in C, C++, and Fortran. The pragma directives in OpenMP allow us to add vectorized algorithms, which serve to accelerate the decryption process and greatly increase its efficiency. The Merkle-Hellman knapsack cryptosystem faces several problems in terms of security, but less in terms of execution time. The system was successfully breached by numerous attacks. Many strategies have been put forth to strengthen system security gaps and to lessen the temporal complexity of the Knapsack problem because this may be unrealistic for real-world applications.

Merkle Cryptosystem Architecture With Merkle-public Hellman’s key knapsack cryptosystem, we require two unique keys. One key is private, and the other is public. The message is encrypted or encoded with the help of the public key, which is utilized during the encryption stage. Anyone may use it because it is “public.” The decryption procedure makes use of the private key, which aids in decoding or decrypting the communication that has been encrypted. To ensure that only the person with access to the key may decode the communication, this key is kept private or hidden. A message may be encrypted by the holder of the Private Key using that key, and afterward decrypted by a holder of the Public Key [1–14]. Three primary modules make up the system: 1. Creation of Public and Private Keys. 2. The encryption method. 3. The decryption method. The knapsack component themselves, which are a super-increasing sequence, serve as the system’s private key. If K is a knapsack contains n elements and P is the private key, then K = (S1 , S2 , S3 , . . . Sn )

(1)

A group of values called a super-increasing sequence requires that the current value be bigger than grouping of all the preceding values in the same collection. Let Si be the arbitrary index i in Knapsack K. The super-increasing sequence is shown as

Algorithmic Strategies for Solving Complex Problems in Financial … i−1 

Si < S j, 1 ≤ j ≤ n

215

(2)

j=1

Example Consider K = {1, 2, 4, 10, 20, 40}, n = 31 and m = 110, b1 = (1 × 31) mod 110 = 31, b2 = (2 × 31) mod 110 = 62, b3 = (4 × 31) mod 110 = 14, b4 = (10 × 31) mod 110 = 90, b5 = (20 × 31) mod 110 = 17, b6 = (40 × 31) mod 110 = 30, 64 B = (31, 62, 14, 90, 17, 30); P = S = (1, 2, 4, 10, 20, 40). Let M =‘ 100100111100101110’ , k = 18 and n = 6 => k/n = 3, g1 = 100100, g2 = 111100, g3 = 101110, c1 = 31 + 90 = 121, c2 = 31 + 62 + 14 + 90 = 197, c3 = 31 + 14 + 90 + 70 = 205, c = (121, 197, 205). By solving we get W − 1 = 71, c1 = 121 × 71 mod 110 = 11 → X = (x1, x4) = 100100, c 2 = 197 × 71 mod 110 = 17 → X = (x1, x2, x3, x4) = 111100, c3 = 205 × 71 mod 110 = 35 → X = (x1, x3, x4, x5) = 101110, ∴ M = 100100 111100 101110.

Hard Knapsack and Its Challenges An easy knapsack is used in the Conventional Merkle-Hellman knapsack cryptography. A sequence known as an “Easy knapsack” has elements that are all worth more

216

V. Rajasekar et al.

than the sum of their predecessors’ values. The Extended Euclidean Algorithm, a greedy algorithm, can solve this knapsack in O(n) polynomial time. For a specific target total in the decryption process, there is always a unique subset in a superincreasing sequence. Hence, it is possible to identify the combination of components in a single pass. The choice of a fixed-weight component for the knapsack, which must be bigger than the sum of all the knapsack elements, is another condition of this system. As a result, the Merkle-Hellman system has requirements for selecting a certain weight and creating a super-increasing sequence. A hard knapsack is used in a different version of the Merkle-Hellman knapsack cryptosystem. In contrast to the standard easy knapsack’s super-increasing limitation, the hard knapsack includes producing a random weight and knapsack series. Knowing the combination of items that add up to the goal sum requires solving a case of the subset sum problem that is considered as NP-Hard in practice because the series of knapsack elements are generated randomly. For shorter message lengths, the hard knapsack subset sum problem’s recursive solution is effective. The message that needs to be transmitted from source to destination is very vast in real-world applications. This proves to be a fairly drawn-out process. Thus, the dynamic programming algorithm is an improvement to the recursive subset sum solution. It transforms exponential time complexity’s overhead into polynomial time. Furthermore, the pragma disperse-simd construct of OpenMP is used to accomplish concurrency and parallelism. # pragma omp distribute simd is the parallel construct that is being used. By allocating loop iteration to each master thread that follows Single Instruction Multiple Data (SIMD) instructions, the omp disseminate simd directive achieves parallel execution of loop iterations. As a result, distinct components of the knapsack are assigned to each master thread; these components are then concurrently added up and compared to the goal sum.

Probabilistic Functions in Cryptography Monadic sequence, recursion, random sampling, errors and handling of failure and black-box access to oracles are all elements of the language. Oracles are probabilistic functions that preserve concealed states across calls. The complexity of cryptographic algorithms and protocols makes it more likely that security-proof vulnerabilities will go unnoticed. Hence, security flaws may not be found. The game-playing method aids in structuring these proofs and can hence boost confidence in their accuracy. According to this perspective, security concepts are expressed as games or programs written in the same form as cryptographic protocols and algorithms. This entails gradually changing the program until the desired qualities are present. Several frameworks and a proof assistant provide machine assistance in formulation of algorithms and security denotions as well as in checking such game transformation sequences to reach high certainty. There aren’t many computational models with mechanized security proofs for security protocols like TLS, Kerberos, and IPSec. Tools for symbolic analysis are more common. They achieve optimal cryptography and treat protocol

Algorithmic Strategies for Solving Complex Problems in Financial …

217

communications as terms in an algebra as opposed to bitstrings. Results from computational soundness (CS) tests connect symbolic and computational models, but as far as we know, no mechanical verification has ever been done on them. Yet it would be preferable to automate them for three reasons. First, there are numerous case differences in the proofs, which are rather technical. An automated proof assistant can deal with simple situations and ensure that all cases are addressed and no assumptions are missed. Second, not in all rules to which the symbolic analyzer is applied, but only once per set of cryptographic techniques, computational soundness conclusions only need to be formalized once.

Lifting and Parametricity in Cryptography Proofs of gameplay gradually modify games. We must limit the likelihood that the opponent can tell the original game from the modified game at each step. The equational theory is sufficient to demonstrate the games’ equality for particular transformations, in which case the probability is 0. Cryptographic presumptions justify additional transformations. Our paradigm offers a relational logic for programs to limit the probability in such situations. To achieve this, we represents an strategy to elevate relations over fundamental events to connections over spmfs first. Our basic operations are parametric with this lifting operator. The reasoning can then be derived from parametricity. A polymorphic function is said to be parametric if it operates consistently across all instances rather than checking the values of type variables. The following is how relational parametricity enforces this. Type constructors are thought of as relation converters and types as relations. When data are regarded as arbitrary functions, a polymorphic function is considered parametric if it is related to itself in its type’s relation. The opponent is given black-box access to oracles in several security games. An attacker may not have accessible to the mutable state that an oracle, a probabilistic function, retains across different invocations.

Crypto-assets Crypto-assets are not widely accepted as a form of payment, a reliable store of value, or a standard unit of account since they lack the essential characteristics of sovereign currencies. According to the evidence at hand, crypto-assets at this time do not materially threaten the stability of the world’s financial system. Nonetheless, given the rapidity of market developments, vigilant monitoring is required. Future financial stability might be affected if the use of crypto-assets changes in the future. Risks resulting from either the direct or indirect exposure levels of financial institutions; risks that may arise if crypto-assets became widely used in payments and establishment; risks arising from market capitalization and wealth effects; and risks from confidence effects and reputational risks to financial institutions and their regulators.

218

V. Rajasekar et al.

In addition, crypto-assets bring up some more general policy concerns, including the need for strong market truthfulness protocols, investor and customer protection, AML/CFT oversight and regulation, including the implementation of global sanctions, regulatory measures to prevent tax evasion, the need to avoid evading capital controls, and worries about the facilitation of illegal investment securities. A wide range of domestic supervisory, regulatory, and enforcement actions involving crypto-assets have been taken to date by FSB members. About the facilitation of unlawful equity securities, national authorities and standard-setting bodies have published statements endorsing the potential of the underlying distributed ledger technology (DLT) that they rely on as well as warnings to investors about the hazards of crypto-assets.

5 Conclusion In the literature, cryptocurrencies have received a lot of attention. It has been discussed whether they should upend the economy, are a speculative idea that may fail, or assist tax exclusion and criminal activity. In the view of first viewpoint, it is frequently argued that they disintermediate monopolies, banks, and credit cards while satisfying a market requires a fast and secure payment and trading system. Opponents, on the other hand, draw attention to the fact that cryptocurrencies have a sharply rising value, which makes them more of a speculative resource than another kind of money. In case of providing regulated transmission of market information in security practices, also the proof of correctness, is a significant use of financial cryptography. The method proposed here is easy to comprehend, fits well with existing financial market trends, and is not dependent on secure cryptography natives that would make it difficult for traders to utilize. To ensure liquidity and prevent abuse, finance research has started to look into the effects of various degrees of imperfect transparency. As shown by the aforementioned concepts, cryptography can be used to prove the right behavior when there is only partial transparency. Similar to how it excels at addressing and minimizing the inherent challenges of financial cryptography, the seven-layer design. It achieves this by segmenting into seven various categories and offering a means for connecting them. When a layering is done in project, experts in different controls may simplify the identification areas fall under their purview and which call for further expertise.

References 1. Ahmed, A.A.A. (2020). Corporate attributes and disclosure of accounting information: Evidence from the big five banks of China. J Public Affairs. e2244. https://doi.org/10.1002/pa. 2244

Algorithmic Strategies for Solving Complex Problems in Financial …

219

2. Amin, R., & Vadlamudi, S. (2021). Opportunities and Challenges of Data Migration in Cloud. Engineering International, 9(1), 41–50. https://doi.org/10.18034/ei.v9i1.529 3. Donepudi, P.K., Banu, M.H., Khan, W., Neogy, T.K., Asadullah, ABM., & Ahmed, A.A.A. (2020). Artificial Intelligence and Machine Learning in Treasury Management: A Systematic Literature Review. International Journal of Management, 11(11), 13-22. https://doi.org/10. 5281/zenodo.4247297 4. Paruchuri, H. (2020). The Impact of Machine Learning on the Future of Insurance Industry. American Journal of Trade and Policy, 7(3), 85–90. https://doi.org/10.18034/ajtp.v7i3.537 5. Paruchuri, H. (2021). Conceptualization of Machine Learning in Economic Forecasting. Asian Business Review, 11(1), 51–58. https://doi.org/10.18034/abr.v11i1.532 6. Sathya, K., Rajasekar, V., & Premalatha, J. (2016, April). Biometric signcryption using hyperelliptic curve and cryptographically secure random number. In 2016 International Conference on Recent Trends in Information Technology (ICRTIT) (pp. 1–7). IEEE. 7. Paruchuri, H., Vadlamudi, S., Ahmed, A.A.A., Eid, W., & Donepudi, P.K. (2021). Product Reviews Sentiment Analysis using Machine Learning: A Systematic Literature Review. Turkish Journal of Physiotherapy and Rehabilitation, 23(2), 2362–2368, https://turkjphysiotherrehabil. org/pub/pdf/322/32-2-316.pdf 8. Vadlamudi, S. (2020). The Impacts of Machine Learning in Financial Crisis Prediction. Asian Business Review, 10(3), 171–176. https://doi.org/10.18034/abr.v10i3.528 9. Krishnamoorthi, S., Jayapaul, P., & Rajasekar, V. (2021). A modernistic approach for chaotic based pseudo random number generator secured with gene dominance. S¯adhan¯a, 46, 1-12. 10. Vadlamudi, S. (2021). The Economics of Internet of Things: An Information Market System. Asian Business Review, 11(1), 35–40. https://doi.org/10.18034/abr.v11i1.523 11. Vadlamudi, S., Paruchuri, H., Ahmed, A.A.A., Hossain, M.S., & Donepudi, P.K. (2021). Rethinking Food Sufficiency with Smart Agriculture using Internet of Things. Turkish Journal of Computer and Mathematics Education, 12(9), 2541–2551. https://turcomat.org/index.php/ turkbilmat/article/view/3738 12. Sathya, K., Premalatha, J., & Rajasekar, V. (2021, February). Investigation of strength and security of pseudo random number generators. In IOP Conference Series: materials Science and Engineering (Vol. 1055, No. 1, p. 012076). IOP Publishing. 13. Zhu, Y., Kamal, E.M., Gao, G., Ahmed, A.A.A., Asadullah, A., & Donepudi, P.K. (2021). Excellence of Financial Reporting Information and Investment Productivity. International Journal of Nonlinear Analysis and Applications, 12(1), 75–86. https://doi.org/10.22075/ijnaa.2021.4659 14. Dhanaraj, R. K., Islam, S. H., & Rajasekar, V. (2022). A cryptographic paradigm to detect and mitigate blackhole attack in VANET environments. Wireless Networks, 28(7), 3127-3142.

Various Attacks on the Implementation of Cryptographic Algorithms P. Kanaga Priya, R. Sivaranjani, K. Thangaraj, and Naif Alsharabi

Abstract Security is the most significant role in communication systems because of the rise of intruders’ ability to tamper with and monitoring to sensitive data. Thus, cryptography is the fundamental instrument utilised to protect these data. By avoiding disclosure of the communication where the data are changed from a readable form to an unreadable form and vice versa. Cryptography is used to achieve privacy since a variety of cryptography applications has significantly increased recently in the development of networks and communication tools. Particularly in the field of the financial sector, the techniques and the algorithms required for financial security transfers as well as the development of fresh money types are included in financial cryptography. To ensure that data are secure against intrusions and to stop snooping, cryptography is necessary. The implementation assaults on cryptographic algorithms are examined in this chapter. Hence, there has been a significant amount of research done to identify potential weaknesses in the implementation of attacks on cryptographic algorithms, as well as efficient and effective mitigation strategies. Hence, the implementation of attack mechanisms and suitable countermeasures are examined. Keywords Cryptography · Implementation attacks · Financial cryptography · Banking P. Kanaga Priya (B) Department of Computer Science and Engineering, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] R. Sivaranjani Department of Computer Science and Engineering, Tamilnadu College of Engineering, Coimbatore, India e-mail: [email protected] K. Thangaraj Department of Information Technology, Sona College of Technology, Salem, India e-mail: [email protected] N. Alsharabi College of Computer Science and Engineering, University of Hail, 81481 Hail, Saudi Arabia e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_11

221

222

P. Kanaga Priya et al.

1 Introduction Cryptography is the study of highly secured techniques like encryption that keep message contents secret from the sender and intended recipient. It has a lot in common with enciphering which is the transformation of plain or clear text into so-called ciphertext before transmission and back again after receipt. It currently serves as an all-encompassing layer of protection for all digital transformation initiatives, often known as digital enterprises [1]. To safeguard personally identifiable information (PII) and other sensitive data, secure transactions and communications, establish trust between servers, authenticate identity, and prevent document manipulation, cryptography is utilised. It serves as the framework for modern security systems. Cryptography is one of the most essential tools used by businesses to safeguard their most valuable asset, data, whether it is in motion or at rest. Data, such as personally identifying information about clients, staff, intellectual property, business tactics, and other sorts of confidential information, is necessary information [2]. As a result, cryptography is an essential component of the infrastructure since it is increasingly necessary to secure sensitive data. Many attacks seek to get around the sensitive data security that cryptography aims to provide against disclosure and manipulation. Implementation assaults are a novel and extremely potent type of attack on cryptographic techniques. A portion of the upcoming key elements of the security of information is significant whenever delicate information is transferred through different entities. Typically, the transmitted data should only be readable by and understandable to the intended recipients (confidentiality). In many instances, it must be possible to confirm the data’s integrity—the degree to which it was not altered—or the data’s true originator (authenticity). In other instances, the sender must be unable to dispute their role as the information’s creator (non-repudiation). Also, there are more and more circumstances where it is necessary to protect the sender’s and recipient’s privacy (anonymity) [3]. In a cryptanalytic attack, unauthorised parties attack a cryptographic security system by conducting in-depth investigations into the encryption algorithm. Operating systems that store passwords as a cryptographic hash rather than in plaintext are the target of cryptanalytic attacks. To decrypt encrypted communications, cryptanalysts or hostile parties can use plaintext or cipher text, as well as some fundamental knowledge of the cryptographic algorithm [4]. The field of computer science known as cryptology studies the hidden exchange and keeping of data. The growth of cryptology has been essential to protecting data for today’s digital users, businesses, military units, and government agencies. The categories for studying codes are cryptography is the process and software used to encrypt data. The procedures and techniques used in cryptanalysis to crack codes and decipher messages. The task of penetration testing cryptographic systems, such as creating plaintext from ciphertext, falls under the purview of cryptanalysts [5]. To create encryption algorithms (cyphers) and assess cryptographic security systems, businesses frequently employ cryptanalysts and the basic flow is shown in Fig. 1.

Various Attacks on the Implementation of Cryptographic Algorithms

223

Fig. 1 Basic flow of cryptography

Cryptography provides a wide range of approaches to achieve these security goals. For the communicating entities, we often differentiate among cryptographic techniques that either use the same key or no key called symmetric-key techniques whereas the use of various keys is referred to as asymmetric-key techniques [6]. The primary problem with symmetric-key algorithms is that entities must exchange the same secret key, which is a significant drawback. In asymmetric-key algorithms, both the public and the private keys are employed. The other communication entities can see the public key; only the private key needs to be kept confidential. The secrecy of a particular algorithm’s inner workings, which is an essential trait, should not determine an algorithm’s power. According to Kerckhoffs’ idea, only preventing the publication of the secret or private key is sufficient. One security objective that is frequently accomplished through the use of encrypting techniques is confidentiality. The encryption algorithm requires two inputs: the plaintext of the content to be encrypted and the public key. It generates ciphertext that only a person with knowledge of the public key or access to the corresponding private key can decode. The symmetric-key encryption method is frequently used today, although this chapter also covers a wide range of algorithms and implementation threats that have been utilised in the financial sectors [7].

224

P. Kanaga Priya et al.

2 Survey on Cryptography in Everyday Life and Financial Cryptography in Banking Cryptography in Everyday Life Encrypting and decrypting email and other pure messages while delivering digital information is cryptography’s most common use. The easiest method is the symmetric or “secret key” system. Here, data is encrypted with the help of a secret key before being sent to the recipient, who will then decrypt it along with the message. The problem here is that if the message is intercepted, a third party has the entire basic tools to decipher and read it. To address this issue, cryptologists developed the asymmetric or “public key” system. In this setup, each user possesses two keys: a public key as well as a private key. The sender encrypts the communication and then asks for the recipient’s public key to send it [8]. The theft is meaningless without the associated private key because the message must be provided with the recipient’s private key to be deciphered. Wherever in our everyday lives, cryptography is used is shown in Fig. 2. Cryptography is operating in the background each time when one makes an online purchase, carries out a banking transaction, or pings an email client. Authenticating individuals, devices, and gadgets to other devices in our Internet of things (IoT) environment, it secures all transferred information. Without cryptographic tools, our modern society would come to a standstill and all of our crucial data would be available for potential exploitation [9].

Fig. 2 The use of cryptography everyday

Various Attacks on the Implementation of Cryptographic Algorithms

225

Authentication or Digital Signatures Public-key cryptography has several essential applications, including authentication and digital signatures. For instance, one should have some level of confidence that a communication received from the user came from if one were able to decode it using the public key after that had enciphered it using the private key. If the user decides that it is vital to keep the communication private, the user may encrypt it using both your public key and my private key. Only the user will be able to decipher the contents and be able to tell that it is mine. The only prerequisite is that public keys be linked to their owners using a reliable method, such as a trusted directory. The standards community created a thing called a certificate to fix this issue [10]. A certificate contains the public key of the subject, the name of the topic for whom the certification is being issued, the name of the certificate publisher, and a few time stamps. The user can be confident that the public key is valid because the certificate issuer also holds a certificate. For email and file storage applications, PGP which is a Pretty Good Privacy software package provides authentication and encryption. Using current encryption methods, Zimmerman created his freeware programme and made it accessible across all platforms. It offers data compression, digital signatures, message encryption, and compatibility with email. PGP employs IDEA (International Data Encryption Algorithm) for bulk message encryption and RSA (Rivest–Shamir–Adleman) for key transmission. Zimmerman’s usage of the RSA algorithm in his programme resulted in legal issues with RSA.

Time Stamping A method known as time stamping can attest to the existence or delivery of a specific electronic document or communication at a specific moment. A blind signature system is an encryption model that is used for time stamping. By the use of blind signature systems, a sender can have a message acknowledged by a recipient while keeping all relevant information about the message private. Time stamping offers an additional level of verification while being quite similar to mailing a registered letter in the mail. It can demonstrate that a receiver actually received a given document. Contracts, copyright archives, and patent applications are examples of potential applications. The move to electronic legal documents will be made feasible with the aid of a crucial technology called time stamping [11].

Electronic Money or Cash Electronic cash, also referred to as digital money or electronic currency, is constantly evolving. It includes actions carried out digitally that result in a net movement of funds from one person to the next; the transfer of funds may be debited or credited, anonymous or identified. Software, as well as hardware, have implementations. Apps that use blind signing and are anonymous hide the identity of the user. Spending

226

P. Kanaga Priya et al.

schemes for identified digital currency are based on more varied signature systems and display the customer’s identification. Digital cash is represented by anonymous schemes, whilst debit or credit cards are represented by identified schemes. Various hybrid strategies allow payments to be traceable but anonymous to all parties a sequence of purchases can be correlated but not strongly connected to the identity of the spender, or anonymous to all parties but identifiable Cyber Cash credit card transactions. Common transaction data, such as account IDs and transaction cash, are protected in electronic money systems using encryption. In addition to providing anonymity, public-key encryption can also replace traditional signatures and credit card authorisations [12].

Secure Network Communications (SSL) Secure Socket Layer is a public-key protocol created by Netscape, is a layer of data security that sits between application protocols and TCP/IP, the cornerstone of Internet-based communications The client asks for the server’s certificate and cypher options in step 1. The client creates a master key after receiving this data, enciphers it using the public key of the server, and then delivers the encoded master or main key to the server. This in turn returns a message encoded with the master key after decrypting the master key with its private key and establishing its identity with the client. Keys produced from the master keys are used to encrypt the data after it. Client authentication in phase two is optional. The client answers by returning its publickey certificate together with its digital signature on the challenge that was issued by the server. The authentication process in SSL makes use of the RSA public-key cryptosystem. Following the key exchange, a variety of cryptosystems, including RC4, RC2, triple-Data encryption standard, IDEA (International Data Encryption Algorithm), and DES (Data encryption standard) are employed [13].

Kerberos MIT created the authentication service known as Kerberos, which encrypts and authenticates data using secret-key cyphers. Kerberos had been created to verify access demand to network kinds of stuff. It won’t validate document authorship. A location on the network known as the Kerberos server serves as the primary point for key management and other administrative tasks in a Kerberos system. The server manages a key database containing all users’ secret keys, verifies user identities, and delivers session IDs to servers and clients that require mutual authentication. The integrity of the entire system would be destroyed if the server, on which Kerberos depends, were to be compromised. The more reliable features and characteristics of public-key systems are frequently favoured between domains such as the Internet, Although Kerberos is frequently used in managerial domains, such as a bank’s closed network [10].

Various Attacks on the Implementation of Cryptographic Algorithms

227

Anonymous Remailers When sending sensitive material over email, prudent enterprises should secure the transmission by using file encryption techniques. The mix of asymmetric and symmetric encryption known as Pretty Good Privacy (PGP) is the easiest to use. Although PGP’s deployment is simple, some additional employee training is necessary. It is a no-cost service that sends only the content of digital communication, leaving the header information behind. It’s vital to keep in mind that the remailer may keep track of your identity. In addition, most of the users transmit their contents through many unknown remailers in advance to deliver it to the prescribed recipient since they don’t trust the operator. As a result, only the initial remailer is aware of your identity, and it is practically hard to track the email back from that point. Here is a typical scenario: the sender wants to use three remailers to send content to a group remailer 1, 2 and 3. Using the public key of the most recent remailer named remailer 3, Sender encrypts the message. He transfers the enciphered contents to remailer 1, this in turn removes the user’s identity before remailer 2 and remailer 3 receive it. The message is decrypted by Remailer 3 before being posted to the intended newsgroup.

Disk Encryption One need not worry about leaving any evidence of unencrypted information on their disc because disc encryption programmes encrypt your complete hard disc. Files can be encrypted using PGP as well. In this instance, PGP encrypts the file using IDEA using the client’s private key and a client’s password. The same passcode and key can be used to unlock the document [7].

Encryption in Instagram Instagram’s contact with you is probably encrypted. When your phone asks for data from Instagram servers, it encrypts the request using SSL/TLS over port 443 and sends the requested data to you across the same stream of encrypted messages. This stops nefarious sets from listening in on your and Instagram’s communication. One of those oddities is, cryptography helps everyone daily, whether in the company or as customers, without most of us even understanding it. In that regard, it resembles the ozone layer [8].

Encrypting Company Devices If you want to enhance information security, you must encrypt the hard drives on every single one of your company’s laptops and tablets used for business travel or remote work arrangements. This is crucial for sectors like finance and healthcare where sensitive data is shielded by several laws. Imagine that a business executive drives

228

P. Kanaga Priya et al.

home from work with his company laptop, which includes confidential customer information. The laptop, which is not encrypted, is left behind. Disaster occurs. Thousands of client names, credit card numbers, and addresses are uploaded to the dark net after someone discovers the laptop. Over the years, the aforementioned scenario has occurred so frequently that it is now totally expected to wake up to a news report about a laptop theft-related data leak. The kind of cryptography that stops such occurrences is whole-disc encryption. Now is the moment to start encrypting your company’s equipment [9].

Protecting Sensitive Company Data Internally, businesses should encrypt their sensitive information, such as intellectual property, to restrict access to only a select group of privileged personnel. This usage of cryptography also benefits from appropriate access constraints. Encrypting your trade secrets won’t function nearly as well as it can if your organisation’s IT security staff doesn’t follow the least privileges principle. The greatest method for securing certain folders and files against nefarious insiders and nosy intruders is file-level encryption. File-level encryption is essential when combined with appropriate access constraints.

Encrypting Databases Database cyber-attacks are a typical occurrence. Securing sensitive database records is one of cryptography’s most significant practical uses. This application of cryptography secures customer identities while simultaneously ensuring compliance with industry rules. For instance, a sizable dentistry office might maintain a database with delicate patient data like numbers related to social security. The entire database or only the relevant sensitive records need to be encrypted if the dental office is concerned about compliance or patient privacy [10].

Securing a Website The use of HTTPS to secure communications over a network is one of the everyday uses of encryption that benefits almost everyone. Any professional company that uses a website or mobile app to interact with clients should be using HTTPS. A cryptographic use case would be HTTPS since its port number, 443, is secured by an encryption technique. The earlier HTTP protocol uses clear text communication and is an unsafe variant of HTTPS. For blogs and other websites that don’t deal with sensitive data, HTTP is fine. It’s a need in the majority of enterprises.

Various Attacks on the Implementation of Cryptographic Algorithms

229

Closing Thoughts Cryptography is not infallible and does not imply that it is immune to cyber-attacks. Attacks that aim to take advantage of cryptography are much more difficult to execute than those that target companies that fail to have a sound encryption strategy. The next time the IT security staff nags you about an inadequate encryption plan at your company, keep these crucial applications of cryptography in mind.

Financial Cryptography in Banking The financial sector has benefited greatly from the development of cryptography technology. We may examine some of the most important cryptographic methods that the banking sector has employed frequently to establish data security standards and satisfy compliance requirements. The application of cryptography in situations where financial loss could occur from message system subversion is known as financial cryptography. Traditional encryption differs from financial cryptography in that it has mostly been employed for military and diplomatic objectives for the majority of recorded history. In addition to the development of novel payment systems, financial cryptography primarily entails the procedures and techniques required for the security of financial transfers. The applications of financial cryptography have been observed to be extremely varied. The applications of cryptography, software engineering, rights, accounting, governance, value, and finance combine seven diverse disciplines. Financial cryptography, according to Ian Grigg, has seven layers. The absence of one or more of these disciplines or their improper use is frequently linked to business failures. According to this, financial cryptography is a subject that should be studied across disciplines. This is inevitable given that both finance and cryptography are based on a variety of fields [11]. The science of cryptography focuses on removing information from unauthorised users. The banking industry has long used cryptography to maintain the security of financial transactions, including the safety of Card payments, security tokens, and electronic commerce. Before the contemporary era, encryption the method of turning plain text into unintelligible cypher text was almost the only type of cryptography. The process of decryption involves converting plaintext into incomprehensible cypher text. The encryption and reversing decryption are created by a pair of algorithms known as cyphers. Both the algorithm and, in each case, a key, govern the precise operation of a cypher. Public-key cryptography, triple DES and symmetric key are some of the more often used cryptographic techniques in financial institutions like banks [12]. The fundamental ideas and methods employed in the science of cryptography to secure communication and safeguard data are known as cryptographic principles or features of cryptography as shown in Fig. 3. These concepts include key management, authentication, non-repudiation, confidentiality and integrity. The process that confirming one’s identification is called

230

P. Kanaga Priya et al.

Fig. 3 Features of cryptography

authentication, and it is the key goal. To prevent any users other than the needed recipient from knowing the communication, it must be private or confidential. Integrity serves as a guarantee to the recipient that the communication they have just received is exactly as it was intended to be. Non-repudiation is a method to demonstrate the message that the sender sent it. Hence, cryptography can be used for user authentication in addition to protecting data from theft or modification. The process of creating, dispersing, and managing cryptographic keys is referred to as the management of keys. Since the secrecy of the key is a need for the security of a cryptographic system, proper key management is crucial. There are numerous categories in which to put cryptographic algorithms. For this study, they will be divided into categories depending on the kinds of keys used for encryption and decryption, and then further classified by their use and application. PKC or Public-key cryptography, SKC or symmetric-key cryptography, and the Triple DES (Data Encryption Standard) are the three categories of algorithms that will be covered by TDES. Banks first used PKC when implementing cryptographic algorithms before switching to SKC. Finally, Triple DES replaced DES in SKC usage [13]. With public-key cryptography, two people can communicate privately without having to first exchange private keys. Moreover, it can be used to produce digital signatures. Shared key cryptography, which permits secure information transmission over the Internet was initially adopted by financial organisations like banks for sensitive data transfer activities and is a fundamental and widely used technology worldwide. Because a message’s encryption key and decryption key are different,

Various Attacks on the Implementation of Cryptographic Algorithms

231

this type of cryptography is also referred to as asymmetric cryptography. An individual who uses public-key cryptography possesses two cryptographic keys a shared key and a secret key. The shared key may be widely dispersed, while the secret key is kept private. The receiver shared key is generally used to encipher the messages, while the receiver’s secret key is required to decrypt them. Although the keys have a mathematical relationship, the secret key cannot be obtained from the shared key. The two primary disciplines of shared key cryptography studies are digital signatures and public-key encryption. Public-key encryption prevents anyone but the owner of the matching private key from decrypting a communication that has been encrypted with a receiver-shared key. Presumably, this is the person whose shared key was used to encrypt the message. For confidentiality, this is employed. In Digital signature information signed with a sending user secret key can be independently verified by anyone with access to the sent user shared key, demonstrating that the messenger had access to the secret key and is therefore likely to be the person whose shared key was used and the portion of the information that has not been changed. The simplicity of key distribution makes utilising public-key encryption a big benefit. These public keys can be distributed to recipients to create new keys or to secure data transmissions between devices [14]. In a chain of n cryptographic units, it is essential to have on the scale some amount of initial keys to guarantee that all device pairs may communicate securely. The most common method of dispersing the keys has been by hand delivery, such as through reputable couriers. For a big network made up of thousands of cryptographic devices, this is usually not economical. Electronic distribution of initial keys via a straightforward, well-known procedure is more practical and cost-effective with public-key cryptography. This is quite successful for the banking sector, especially in retail banking, because the customer base is frequently vast and distributed geographically. A device initially creates a public and private key pair when it wants to create a secure channel. The intended receiving device receives the public key over an open communication channel, while the generating device keeps the private key. The receiving device then uses the public key to encrypt the initial DEA key-encrypting key and sends the encrypted key value to the originating device. Hence, only the device with access to the private key and who generated the encrypted initial key-encrypting key can initiate a secure communication session with the other device. Many solutions have been put forth for enhancing the reliability of the key distribution procedure as well as for certifying and registering public keys. First off, shared-key-based key distribution allows the distribution of keys even when the authentication server or certification centre is offline. As opposed to secret-key-based key distribution, which typically requires online access to a key distribution centre every time the communicating nodes establish an initial relationship, private-key-based key distribution does not. Second, when using shared-key-based key distribution, there is typically less faith placed in the central authority (such as a certification centre) than when using secret-key-based key distribution. Electronic distribution of initial keys via a straightforward, well-known procedure is more practical and cost-effective with public-key cryptography. Public-key cryptography is also highly suited for the digital signature system that allows non-repudiation technologies, or applications that may

232

P. Kanaga Priya et al.

demonstrate the authenticity of an author of a message or piece of data. The RSA algorithm, which uses a differential encryption block and a variable-size key, is the earliest and most widely used encryption method in the finance industry [15].

3 Cryptographic Algorithms Interpretation and Implementation A significant amount of data is processed every day in our digital age. The security of the data is needed in real life. Security can be applied to any layer, including the storage or communication layers. The process of transforming data from one form to another, where only those with access can read or modify it, is known as cryptography as shown in Fig. 4. Encryption and decryption are processes that transfer data from one form to another and allow for reversion to the original form. If there are no means to return to the original form of the data once it has been modified, this is referred to as hashing. Encoding is the process of converting common letter combinations, alphabets, special characters, etc. into a specific format dependent on the chosen encoding method. Decoding is the process of recovering the original data from encoded data. Encryption is the method of employing keys to transform plain data into cypher data. Decryption is the process of transforming encrypted data into plain data with the aid of keys. The keys in this instance stand for the shared key and secret key. The shared key is the key that is available for sharing. The private key is also known as a personal key, this is a key which cannot be shared with others. Symmetric and asymmetric encryption techniques are the two varieties. Based on the kinds of keys and encryption techniques, there are two categories of cryptography. Asymmetric-key cryptography is the public-key and symmetric-key cryptography that is the secret key.

Fig. 4 Process of transforming data from one form to another

Various Attacks on the Implementation of Cryptographic Algorithms

233

Fig. 5 Operation of symmetric-key cryptography

Symmetric-Key Cryptography A method known as secret key cryptography encrypts data using a single key that only the sending and receiving parties are aware of. The secret key must be known by both the sender and the recipient and should not be broadcast across the channel. The key needs to be addressed, and they can communicate over the phone. The data encryption framework is the most often utilised symmetric-key approach (DES Algorithm). How symmetric-key cryptography operates is shown in Fig. 5. As an illustration, the Sender may be giving the Receiver a message that he does not want anybody else to see. They exchange the same key because he wishes to encrypt his message. They will both encrypt and decrypt using the same key. Sender first uses his key to encrypt his communication. Now his message is encrypted and jumbled. The receiver is receiving the message as it is being sent. The receiver uses the same key to decode the message after receiving it to read it in plaintext [16].

Asymmetric-Key Cryptography Public-key cryptography, commonly referred to as asymmetric-key cryptography, uses two keys: a private key that is used by the sender or recipient and a public key that is disclosed to the general public. This approach encrypts and decrypts the data using two unique keys. The secret key can only be accessed by the person who creates these two keys, whereas the public key is available to everyone. How asymmetric-key cryptography operates is shown in Fig. 6. For instance, the recipient agrees to use public-key encryption when the sender wants to send them an encrypted message. Two keys, one public and one private, are generated by the sender and the receiver. Both keep their public keys on an openly accessible public-key server. You can use either the sender’s key or the receiver’s key. The sender’s key is typically employed. Sender provides the public-key server location for his public key. The recipient gets the public key. Using his private key, the sender encrypts the plain-text message before sending the encrypted version (cypher

234

P. Kanaga Priya et al.

Fig. 6 Operation of asymmetric-key cryptography

text). With the sender’s public key, the message is decrypted at the receiving end [17]. Cryptanalytic attacks are attempts to discover the cypher’s secret key using a blend of statistical and algebraic methods. These techniques examine the mathematical characteristics of uniformly distributed cryptography algorithms. All cryptographic methods process the message distribution and change it into a ciphertext distribution that appears random using the key. Cryptanalysis looks for properties of the cypher that don’t appear in random function. Thus, the assailant guesses the key and looks for the distinguishing feature. If the attribute is found somewhere else, the subsequent estimate is valid. Divide and conquer tactics are used in successful attacks to decrease the level of detail of the guessing key from the difficulty of the brute force search. If a guessing complexity is lower than a brute force complexity, the attack is said to be successful. Attacks that do not take advantage of the cryptographic algorithm’s mathematical flaw are referred to as non-cryptanalytic attacks as shown in Fig. 7. Yet, the three security objectives of availability, confidentiality and integrity continue to be in danger.

Passive Attacks Passive attacks try to gather information from the system or use it, but they have no impact on its resources as shown in Fig. 8. Passive attacks monitor or record traffic to gather information. The opponent wants to eavesdrop on communications to get information. Snooping and traffic analysis are two examples of passive attacks, and they are covered here [18].

Snooping The content that is being transmitted will be observed by an attacker. A telephone conversation’s sensitive and private information, an email message, or a transmitted file may be seen.

Various Attacks on the Implementation of Cryptographic Algorithms

235

Fig. 7 Non-cryptanalytic attacks

Fig. 8 Passive attack

Traffic Analysis An attacker might ascertain not only the message but also the location and host identity involved in communication, as well as the volume and length of communications that were being sent back and forth. With this data, it could be able to deduce the message’s nature.

236

P. Kanaga Priya et al.

Active Attacks Active attacks aim to alter system resources or obstruct their operation. Active assaults involve the production of fake information or some manner of data stream manipulation. These entail an attacker purposefully destroying or modifying data or interfering with a system’s normal operation as shown in Fig. 9. Masquerade, message alteration, repudiation, replay, and denial of service are examples of current attack types.

Masquerade A masquerade attack occurs when one entity impersonates another. By using pirated passwords and login information, finding security flaws in software, or devising a workaround for the authentication process, masquerade assaults can be carried out.

Modification of Messages It indicates that a message has been rescheduled, rearranged, or had a portion of it altered to achieve an illicit result. The accuracy of the source data is compromised by modification. Let’s take the example of a message that was previously labelled “Let a user access confidential file X,” which has been modified to “Allow the person to read private file X.”

Fig. 9 Active attack

Various Attacks on the Implementation of Cryptographic Algorithms

237

Repudiation This attack takes place when the network is not completely secure or when the login authorisation has been modified with. This attack allows for the broad manipulation of data on behalf of others, similar to the spoofing of email messages, as well as the modification of the author’s information by harmful user actions to preserve phoney data in log files.

Replay This process entails passively capturing a message and then transmitting it again to have the desired effect. The attacker’s primary goal in this attack is to save a copy of the data that was initially present on that specific network and use it for later, private purposes. Data that has been compromised or exposed is risky for users.

Denial of Service The frequent utilisation of communication infrastructure is hampered. This attack can have a specific target. For instance, an entity might suppress all messages delivered to a particular area. Another instance of service denial occurs when a whole network is down, either due to network disablement or performance-degrading message overflow [14].

4 Various Attacks on the Implementation of Cryptography Attacks on Cryptography on Algorithmic Implementation Attacks on cryptographic algorithms ultimately aim to expose private and secret keys. Attacks on cryptographic algorithms might target the algorithms themselves is called classical cryptanalysis or the algorithm’s device implementations. Keystroke logging and social engineering are examples of methods to learn about secret keys that are not regarded as cryptanalytic assaults. Social engineering refers to the manipulation of individuals to induce them to divulge confidential information like passwords (phishing) or the gathering and analysis of publically available data on them to determine probable password hints. The structure of cryptographic algorithms, along with their output and input values, are examined mathematically for flaws in traditional cryptanalytic assaults. Such a flaw in the encryption process might, for instance, allow for the recovery of the plaintexts if enough cipher texts are available. In the best-case scenario, a cryptanalytic assault enables the secret key to be deduced directly. There

238

P. Kanaga Priya et al.

Fig. 10 Various cryptographic attacks during implementation

are numerous varieties of traditional cryptanalysis techniques, including differential and linear cryptanalysis [15]. Attacks on implementations can generally be divided into two categories. We start by separating passive from active attacks. Passive attacks only reveal the information that a cryptographic device has revealed, such as physical properties like how much power it uses. This entails using the equipment in line with its specifications, which may include voltage level, temperature, and other things. Active attacks entail altering the environment around the cryptography device or both. The main objective is to influence the behaviour of the gadget so that an assault can benefit from it. Side-channel analysis, fault analysis, probing attacks, and their combinations make up the three primary categories of implementation attacks. Moreover, cryptographic algorithm reverse engineering is regarded as an implementation attack. In this context, the term “reverse engineering” refers to the analysis of a cryptographic algorithm’s software or hardware implementation to determine how it truly operates. Cryptanalytic attacks typically require knowledge of how the targeted cryptographic techniques work to be successful. As we will see in a moment, this is particularly true for implementation assaults. Security products, however, frequently employ private, proprietary cryptographic algorithms. The various cryptographic attacks are shown in Fig. 10.

A Side-Channel Attack’s Definition Even with the finest cryptographic systems in the world in place, side-channel attacks may still be possible. This is so because side-channel attacks don’t focus on flaws in the actual cryptosystems. Attackers instead watch how the system is implemented in hopes of finding data leaks that could provide information about how the cryptographic system works. They may be able to use this knowledge in specific circumstances to determine the keying components, which would then enable them to

Various Attacks on the Implementation of Cryptographic Algorithms

239

compromise the system. The idea behind side-channel attacks is that because cryptosystems have physical effects while they function, information about the system can be deduced from these effects. Among the physiological impacts is how much energy a particular process uses, the time required for a process, the noise that a procedure makes, and the electromagnetic radiation that a procedure releases. These impacts may leave traces that an attacker could use to determine vital information. With this knowledge, they may be able to determine the cryptographic keys used to secure the data, learn a portion of the system’s state, see some or all of the ciphertext as plaintext, or even compromise the entire system. This means that the system becomes vulnerable when implementations reveal enough side-channel information [16]. From the perspective of the attacker, virtually any unintentional information leakage can be collected to discover information that is not intended for them to know. Figure 11 shows how a side-channel attack could be used to discover the inner workings of a typical application process and exploit side data like sound, frequency, power usage, and more to determine the output (e.g. the plaintext from a ciphertext). A side-channel assault is a security flaw that, rather than concentrating on the code or directly, tries to collect data from a system or influence how the programme executes by observing or taking advantage of unintended consequences of the system or its components. By detecting coincidental hardware emissions, these attacks primarily try to exhilarate private information, such as cryptographic keys. An implementation assault or sidebar attack is another name for a side-channel attack [17]. Organisations may use some mitigations to help protect themselves from sidechannel assaults. The majority of the time, to carry out these assaults, a system must be understood in great depth; as a result, a company should maintain vendor and implementation-related information as a trade secret. Certain memory- or cachebased attacks can be thwarted by address space layout randomisation (ASLR). To stop systems from being abused, it can also help to use business-grade hardware. System access should be controlled physically as well. In addition to keeping critical systems in shielded Faraday cages, firms can use power conditioning equipment to defend against power threats. Increasing a system’s noise level will make it more challenging for an attacker to obtain meaningful information as severe mitigations.

Fig. 11 Side-channel attack

240

P. Kanaga Priya et al.

Also, even though the following suggestions are frequently wasteful and not normally advised, they could be helpful in certain situations. First, some systems will run several irrelevant and pointless activities in parallel with a cryptographic operation to conceal which ones an attacker would be interested in. Moreover, a system may execute unnecessary functions or components to mask its power or computational use so that it is unrelated to its actual use [8].

Brute Force Attack Attacks using brute force can be used against many different kinds of systems. The most frequent kind of brute force attack is a simple volumetric attack, which is used to perform a denial of service. The assault’s payload is the straightforward execution of the attack itself; no relevant labour, analysis, or calculations are being done. The term “denial of service attack” is frequently used to describe this particular volumetric attack since its goal is to completely absorb the host system’s resources, preventing it from responding to requests from other (legitimate) clients. However, when the term “brute force” is typically used, it refers to the application of a quick and thorough method to solve a problem so that the solution, once found, can be further exploited. In other words, the attack itself is not the exploit rather; it facilitates an exploit by revealing (typically) some secret that has been kept hidden. Once an assault discovers this well-kept secret, they can gain access to a system or data set utilising it, jeopardising the system’s secrecy as well as its integrity and availability [9]. A brute force attack is conceptually the most simple of all the cryptographic security attack types as shown in Fig. 12. The key used to safeguard encrypted communications is cracked using a tremendous amount of computer power in brute force assaults, which try every conceivable combination. The objective is to be able to read the plaintext, which could include very sensitive information like trade secrets or intellectual property. The concerning aspect of a brute force attack from the perspective of IT security is that, given enough time, it will almost always succeed. Yet, the length of the key has a direct relationship to how long it takes to crack. Therefore using lengthy keys is an effective defence against a successful brute force attack. Cybercriminals typically use a vast network of scattered computers to execute bruteforce attacks. To expedite the brute force attack, they also use rainbow tables, which are pre-calculated tables of cryptographic hashes. For IT security teams, adding cryptographic salt to hashed passwords is a crucial preventative precaution. A random value called a cryptographic salt is added to the end of user passwords or other private data before it is hashed. Because the attacker must also estimate the salt when using cryptographic salt, brute force attacks are significantly slowed down [10]. In a cryptographic system, public and private keys are crucial for encrypting and decrypting data. In a brute force attack, the cybercriminal attempts multiple private keys to decrypt an encrypted communication or data. To use this attack tactic, the cybercriminal needs to be familiar with the algorithm, which is typically available as open-source software. In a brute-force assault, every conceivable character combination is tested in an attempt to obtain the “key” that will unlock an encrypted

Various Attacks on the Implementation of Cryptographic Algorithms

241

Fig. 12 Brute force attack

message. For smaller key spaces, brute-force attacks might take less time, but for bigger key spaces, it will take an incalculable length of time. Hence, attempting brute-force attacks on contemporary encryption technologies is impracticable. An easy and obvious sort of attack in cryptography is brute-force. Here, the attackers attempt to guess the password or unlock the key that will give them access to the data they need. These potential cryptographic attack types are launched using a potent processing approach that can assist in cracking passwords and protecting all cryptographic data. This is the rationale behind the constant recommendation to think about changing your passwords frequently. By doing this, one helps to maintain the security of the information and makes it harder for an attacker to get it. The different types of brute-force attacks are shown in Fig. 13. The Simple brute force attack—makes assumptions systematically without resorting to extraneous logic. Hackers try to figure out your login information logically, and fully without the aid of software applications or other methods. They can reveal incredibly basic PINs and passwords. The Dictionary attacks—By employing a dictionary of potential strings or phrases, it can guess usernames or passwords. A hacker selects a login and tests potential passwords against it. The most fundamental tool used in brute force attacks is the dictionary attack. Though not necessarily brute force assaults in and of them, these are frequently utilised as a crucial part of password cracking. Hybrid brute force attacks—It begins with external logic to identify which password variation might have the greatest chance of success before continuing with the straightforward strategy to try all feasible variations. Often, a hybrid assault

242

P. Kanaga Priya et al.

Fig. 13 Brute force attacks types

combines brute force and dictionary attacks. These techniques are used to crack password combinations that combine well-known words with random symbols. Rainbow table attacks—A pre-calculated table called a rainbow table is used to reverse cryptographic hash functions. It can be used to predict functions up to a specified length and with a specific character set. Reverse brute force attack—By beginning with a known password, a reverse brute force attack turns the attack tactic on its head. It employs a standard password or set of passwords to protect against a wide range of username possibilities. Once they locate a match, hackers look through millions of usernames. Focuses on a network of users whose data the attackers have already gotten. A lot of these crooks start with password leaks that are already online thanks to past data breaches. Credential stuffing—It utilises well-known password-username combinations and tests them on numerous websites. A hacker will test a username and password combination on numerous websites if they have one that works for one of them. Users are the only targets of an attack because it has been shown that they repeat login information on numerous websites. It uses the fact that numerous people share the same login and password on various systems to its advantage [11].

Various Attacks on the Implementation of Cryptographic Algorithms

243

Man in the Middle (MITM) When a malevolent party intercepts secure communications between two parties without either side being aware that their communications have been compromised, this is known as a man-in-the-middle attack. MITM attacks typically take place when parties interact across Wi-Fi access points and seek to take advantage of a lack of authentication. From a business standpoint, the rising use of mobile devices linked to the corporate network raises the likelihood that a man-in-the-middle attack will be effective. Workers could unintentionally connect to your network and exchange sensitive data using unsecured public Wi-Fi. Using public-key cryptography, which offers robust authentication for connections to corporate services, is one technique to stop man-in-the-middle attacks. Also crucial is endpoint security. As implied by the name, this kind of cryptographic assault takes place when a third party is positioned in between two parties who are continually interacting. They can decipher the information being exchanged with another party since they are in the middle. In this manner, they also learn how the cryptography process session was fundamentally set up. By creating a secure connection with the communication initiator, the attacker tries to break into the session and steal the data. This is how the hacker attempts to gather the most data that can be utilised maliciously and seriously damage enterprises [12]. A cyberattack known as a MITM occurs when a user is introduced to two parties at some sort of meeting, manipulates both parties, and gains access to the data that the two parties were attempting to transfer to one another. This also enables a hostile intruder to intercept data transfer meant for someone else but not intended to be sent at all without any participant seeing until it is too late. A Man-in-the-Middle (MITM) attack happens when an attacker places himself in the middle of a client and a webpage. There are numerous various ways to commit this type of assault. For instance, a fake banking website can be used to intercept financial login information. The false website is “in the middle” of the user and the legitimate bank website. Hackers may employ a MITM attack for a variety of causes and purposes. Typically, they attempt to access anything using information like credit card numbers or user logins. Also, they spy on private meetings that might contain business secrets or other important information. The working of Man-in-the-Middle is shown in Fig. 14. The other names for MITM attacks include man-in-the-browser, monkey-in-the-middle, machine-inthe-middle and monster-in-the-middle. Man-in-the-browser attacks, which aim at browser infection and install malicious proxy applications into the targeted device, are the most common MITM attacks. Malware is typically propagated via phishing emails. These attacks primarily aim to steal financial data by intercepting a user’s traffic to financial or banking websites. A cybercriminal conducts a MITM attack by intercepting and relaying communications between the user and the online application the real-life instances of a MITM attack [13]. With MITM attacks, cybercriminals insert themselves into the centre of transferring data or online discussions. Via the spread of malware, the attacker can quickly gain access to the user’s web browser and the data it transmits and receives during

244

P. Kanaga Priya et al.

Fig. 14 Man-in-the-middle attack

transactions. As they require secure authentication using a public key and a private key, which makes it possible for attackers to obtain login credentials and other private information, online banking and e-commerce websites are the primary targets of MITM attacks. These attacks typically involve the two-step process of data interception and decryption. An attacker may intercept a client-to-server data transfer as part of data interception.

Replay Attack The goal of a replay attack is to establish a fresh session by intercepting an encrypted communication being sent between two parties and replaying it. The hacker can generate duplicate transactions or get around authentication and access controls by beginning a new session. One of the cryptographic attack types that specifically target the security protocol in use is this one. A customer of an online bank, for instance, might send a message containing their login information, which is then intercepted. The attacker can attempt to replay the intercepted message to the bank. Without strong security measures, the bank may allow the attacker access, allowing them to transfer money from the victim’s account using their login information. The technique to prevent replay attacks is to always employ a session ID, timestamp, or one-time password for each encrypted message. For example, if each encrypted message has a unique session ID, the attacker cannot replay a transmission because doing so creates a new session ID. In a “replay attack”, the attacker copies some data (for instance, authentication data) and sends it again to the target. By falling for the trick, the receiver grants unauthorised access to the attacker [14]. Timestamps are one of the crucial defences against replay assaults. To access the information intended for the original owner only, the attacker in this attack collects some of the authentication information and resubmits it to the server. A scenario of a replay assault is when an attacker intercepts a legal network transmission and later retransmits it. The basic goal is to deceive the system into believing that the data retransmission is valid. Replay assaults are very dangerous because they are

Various Attacks on the Implementation of Cryptographic Algorithms

245

difficult to spot. Furthermore, even if the first transmission was encrypted, it can still be effective. An attacker may use replay assaults to obtain illegal utilisation of networks or computer systems. A replay attack can also stop a system from functioning normally by bombarding it with repeated requests. Data packets sent over a network can be intercepted and retransmitted by an attacker to execute this attack. A successful replay attack can also be carried out by playing back previously recorded audio or video communications [15]. In a replay assault, the order in which the events take place is crucial. By taking three easy actions, we can launch a replay attack. Waiting for the data transmission to start is the first stage. The attacker then attempts to intercept the communication connection and steal the data. After the attacker has the data, it may modify or alter it following the target and resend it to the receiver. The tempered data is sent to the receiver, who nevertheless uses it as the original data. When a replay assault occurs, the intrusive party gives the victim the same message that was previously used in the victim’s communication. Because the communication is correctly encrypted, the recipient can consider it a legitimate request and do anything the intruder wants. It is possible that the assailant has previously eavesdropped on a message between two parties or that he is familiar with the message format through prior interactions with one of the parties. This message might include a secret key of some sort and be used to verify the sender. The attacker might be able to eavesdrop on the frames when someone instructs the bank to transfer money to a certain account, for instance. If that occurs, the attacker can attempt to transfer funds to the same account once more by sending the bank identical (right) signals once more (probably connected with the intruder). To prevent replay attacks, there are a few strategies. Before initiating communication, both parties may first agree upon and generate a random session key that is only valid for the duration of that process and for the set amount of time. It is also reasonable to use timestamps in all messages rather than session keys and accepts messages that were sent recently. Using one-time passwords for each request is another well-liked method. Banking activities frequently employ this type of prevention. Replay attacks come in a variety of forms in networking. The four most common replay attacks will be covered: network, wireless, session, and HTTP replay assaults. Attackers who use network replay techniques intercept network communication and later resend it. The attacker intercepts wireless messages in wireless replay attacks and then sends them again. In the event of a session replay attack, the attacker may also intercept a session between two parties. To conduct HTTP replay attacks, the attacker collects HTTP requests and responses. There are different types of replay attack which includes the following network, wireless, session and HTTP. In the case of a network the attack vector is the network traffic, for a wireless replay attack the attack vector is wireless communications, for a session replay attack the attack vector is the session between two parties and in an HTTP replay attack the attack vector is HTTP requests and responses. Let us talk about a real-world replay attack in the context of banking as shown in Fig. 15. A secure web connection is being used by the user to log into her online banking account. The user’s login requisition is transmitted to the bank’s server via the internet

246

P. Kanaga Priya et al.

Fig. 15 Real-world replay attack in the context of banking

when she enters her login information and clicks the submit button. A hacker who is keeping an eye on the network records the login request as it is being sent. The attacker then waits for the user to log out before sending the intercepted login request again to the bank’s server. The server accepts the login request because it is legitimate and gives the attacker access to the user’s account. In this case, repeating an intercepted login request allows the attacker to gain unauthorised access to the user’s account. But, by employing a secure communication channel that incorporates a timestamp or a nonce, the user can stop a replay attack. The prevention of replay attacks involves: Timestamp method—If a timestamp is added to the data, protection against such attackers may be possible. If a data’s timestamp exceeds a predetermined threshold, it might be rejected and the sender might be prompted to send the data again. Session key technique—Using a session key is an additional preventative measure. This key cannot be used more than once in a single transaction (by the sender and the receiver). We now understand the replay attack’s underlying theory. Let’s talk about several methods for preventing replay attacks. The usage of secure communication protocols, message authentication codes, timestamps, nonce, and challenge-response protocols are five of the strategies we’ll talk about in this section. We can stop replay attacks in a network by utilising secure communication techniques. SSL, TLS, and IPsec are some of the more well-liked secure communication technologies. Moreover, these protocols frequently employ timestamps, nonce, and other methods to guarantee the legitimacy and accuracy of sent data. Using message authentication codes is a further common strategy (MACs). MACs are cryptographic

Various Attacks on the Implementation of Cryptographic Algorithms

247

checksums that are added to transmitted data to guarantee its integrity and authenticity. Moreover, replay attacks can be thwarted by MACs by incorporating a timestamp or other value that changes with every communication, making it harder for attackers to reuse a captured message. Limiting the data’s validity to a certain time window, and including a timestamp in the transmitted data can assist to avoid replay attacks. Moreover, the nonce can be used when sending data over a network. The sent data contains a nonce, which is a randomly generated value that can be used to thwart replay attacks. It’s unlikely that an attacker will be able to correctly predict or replicate the nonce because we generate it at random. Lastly, replay assaults can be effectively avoided by utilising challenge-response procedures. According to challenge-response protocols, the recipient must reply to a transmitted message with a special response that was created from the original message. Due to the invalid answer, it may be challenging for an attacker to replicate the initial message. To safeguard against known vulnerabilities that might be used in a replay attack, it’s also crucial to update often and patch devices and systems. The use of firewalls and other security measures is also advised to guard against network-based attacks [16].

Implementation Attack An implementation attack differs from many other forms of attacks in cryptography in that it does not mathematically search for flaws in the architecture of cryptographic algorithms or the input/output values of those algorithms. Instead, an implementation attack targets hardware security modules, USB tokens, and SSL accelerators as examples of devices that carry out cryptographic processes. A side-channel analysis attack is the most typical style of implementation attack. To get access to secret keys or plaintext, a side-channel attack tries to comprehend and make use of physical data about cryptographic hardware, such as power usage. Implementation assaults can be prevented with the right physical IT security knowledge. It is wise to enclose cryptographic hardware to make any auditory information about how it operates impossible. Changes to a device’s power consumption characteristics may be used as a defence against attacks that examine the power usage of cryptographic devices. By doing this, hackers are hindered from making simple connections between power usage and the data on a cryptographic device [17].

Meet in the Middle (MitM) An instance of a cryptanalytic assault known as a Meet-in-the-Middle (MitM) Attack involves the utilisation of a space or time trade-off by the attacker. MitM specifically aim to lessen the level of difficulty needed to execute the assault in its original state. MitM can involve splitting the intended communication into two parts so that each can be dealt with separately. It can entail changing an assault that needs X amount of time into one that needs Y amount of time and Z amount of space. The goal is to drastically reduce the amount of work required to conduct a brute-force attack.

248

P. Kanaga Priya et al.

It’s common to mix up the terms “meet-in-the-middle” and “man-in-the-middle” (MitM, both). The “man” form is different from the other since the attacker stands between the two users to overhear or change the discussion to carry out an assault. The “meet” form is not interactive, and the word “meet” actually means “let’s meet in the middle” or to establish a medium ground by, for instance, halving the apparent time that is needed to break encryption when the issue first arises. As an illustration, “Meet-in-the-Middle” adversaries try to balance the complexity inherent in a major cryptanalytic attack by “meeting in the middle”, or halving the percentage of what they are studying to make the effort possible or reasonable in their view. Even while a meet-in-the-middle attack may sound similar, it is really different and exceedingly intricate. Symmetrical encryption techniques that employ two or more rounds of encryption in succession are the target of a meet-in-the-middle attack. The meet-in-the-middle attack seeks to facilitate the use of brute force assaults by focusing on intermediate values in such algorithms. Knowing the plaintext used in a specific communication is a need for this attack. Ultimately, the attacker will be able to crack the cypher and decrypt any messages sent with it. The difference between the Meet-in-the-middle and Man-in-the-middle is a type of active attack on a cryptographic system where the attacker effectively stands in the way of two users’ conversations and is capable of intercepting, relying on, and (potentially) changing messages. “In the middle” here has a straightforward meaning because the attacker is situated between two talking users. Meet-in-the-middle is a kind of cryptanalytic assault that transforms a brute-force attack that needs 2128 times into one that needs 264 times and 264 space. It does this by making some sort of time–space tradeoff. Let’s meet in the middle, which refers to reaching a compromise, is where the name of the attack in this instance originates from. It may also refer to a particular attack strategy used against specific block cyphers, in which the attacker divides the challenge into two halves and conducts independent operations on each. The first assault is interactive which means the attacker must engage in the communication, but the second one is not, and this is the main distinction between the two attacks. The fact that certain protocols could be subject to both types of assaults may be the cause of the confusion [18].

Birthday Attack A fascinating form of cryptographic assault known as the birthday attack takes advantage of the well-known birthday problem in probability theory. Without getting into the specifics of the math involved, the findings show that in a group of 23 people, there is a 50% chance that any two individuals will have the same birthday, and that probability increases to 99.9% with just 70 individuals. A birthday attack in cryptography finds matching pairs of inputs that result in the same hashed values. This is done by taking advantage of the birthday problem’s mathematical foundations. Birthday attacks are frequently used by attackers to spoof digital signatures. A birthday attack is a sort of cryptographic attack that looks for a collision in a hash function using the birthday paradox.

Various Attacks on the Implementation of Cryptographic Algorithms

249

A hash function is a mathematical operation that yields a fixed-size output from an input (referred to as a message) (called a hash value or hash). Typically, the output is displayed as a string of characters. The fact that it is highly challenging to produce the same hash result from two different input messages is one of a hash function’s key characteristics. Collision resistance is the name given to this quality. According to the birthday paradox, there is a 50% chance that two or more individuals in a group of 23 will share the same birthday. It might come as a surprise, but as the group size grows, the probability rises sharply. In a group of 50 individuals, the likelihood is already higher than 97%. To exploit this statistical trait, a birthday attack looks for two different input information that produces the same hash result. We refer to this as a collision. An attacker may be able to deceive a system into believing that two distinct messages are the same if they can identify a collision. Several cryptographic systems are concerned about birthday attacks because they can be used to counterfeit digital signatures or send false messages. However, the majority of contemporary cryptographic systems are made to be resistant to birthday assaults, either via the use of hash functions with very high output sizes or through the use of other strategies that make it impossible for an attacker to locate a collision. One of the most often used implementations of the birthday paradox attack is the susceptibility of digital signatures. A digital message or document’s validity and integrity can be confirmed using digital signatures. They check the message or document using cryptographic methods to make sure it hasn’t been tampered with and that the sender is who they say they are. Numerous attacks can jeopardise the security of digital signatures. One of the primary dangers is a forgery, tampering, repudiation and key compromise. Creating a phoney signature and attaching it to a message or document is known as a forgery. The attacker’s goal is to make it appear as though the message or document was signed by someone else. Tampering is nothing but after a message or document has been signed, an attacker could change its content, potentially altering the message or document’s meaning. Repudiation means even though it is obvious that the attacker signed a message or document, they may assert that they did not. Key compromise is if an attacker manages to get their hands on a private key that generates digital signatures, they could use it to forge messages or documents that have been signed or to manufacture phoney signatures. It is crucial to employ robust cryptographic methods, store and manage private keys for digital signatures securely, and guard against these dangers. It’s crucial to use dependable third parties, like certificate authorities, to confirm the parties to a digital signature are who they claim to be. There are numerous techniques to lower the possibility of a birthday attack. Employing a hashing algorithm with a bigger output size the size of the output is one of the key elements that influence a hash function’s probability of a collision. It is less likely that two different input messages will result in the same output than it is for smaller output sizes. As a result, it may be complex for an intruder to discover a collision when employing a hash function with a big output size.

250

P. Kanaga Priya et al.

Ciphertext-Only Attack The attacker/cryptanalyst can only see the ciphertext in this assault against the encryption. In other words, they can only see what we all see, which is the seemingly incomprehensible garbage that results from encryption, such as that which is seen below. The cryptanalyst is completely passive (they cannot send known plaintext, such as their own, through the algorithm and witness the ciphertext, does not possess any of the plaintexts that went into the encryption algorithm, and has no idea what plaintexts produced the ciphertexts). The likelihood of success for attackers or cryptanalysts is extremely low because the majority of encryption methods are NOT susceptible to this kind of assault. The intruder has access to a group of ciphertext via this attack vector. The attacker can effectively extract the ciphertext from the collection despite being unable to access the plaintext. The attacker might on occasion learn the key using this attack method as shown in Fig. 16. A ciphertext-only assault (COA), also known as a known ciphertext attack, is a cryptanalysis attack model where the attacker is presumptively limited to a particular set of ciphertexts. Even though no channel allows access to the plaintext before encryption, the attacker always has some knowledge of the plaintext in all realistic ciphertext-only attacks. The attacker might, for instance, be aware of the native language of the plaintext or the predicted statistical distribution of its characters. Standard protocol data and messages are routinely contained in the plaintext of many deployed systems, making them typically easily guessable or known during a ciphertext-only attack on these systems. The attacker only gets access to a limited number of encrypted communications during ciphertext-only attacks. He has no idea what the secret key or the plaintext data might be. The objective is to find as many plaintext messages as you can, or (better yet) to figure out the secret key. All subsequent messages that have been encrypted with this key can be decrypted once the encryption key has been found. Since they are the easiest way to begin any cryptanalysis, it is crucial to protect encryption algorithms

Fig. 16 Ciphertext-only attack

Various Attacks on the Implementation of Cryptographic Algorithms

251

from ciphertext-only attacks when developing them. For this reason, well-prepared and carefully examined cyphers are typically not particularly susceptible to these kinds of assaults. Yet, there are still several examples of ciphertext-only attacks that have successfully broken protocols. A few methods that simply require knowledge of the ciphertext messages have shown to be quite successful even when used to crack current cyphers. The most crucial techniques are attacking the two-time pad and frequency analysis.

Chosen-Plaintext Attack (CPA) The cybercriminal can select any plaintext data to access the ciphertext in this attack strategy. That makes it easier for the attacker to figure out the encryption key. The differential cryptanalysis carried out on block cyphers is a well-known illustration of this kind of attack. The attacker/cryptanalyst in this technique can choose or choose the plaintext that is put through the encryption process and watch the ciphertext that it produces. In an active approach, the attacker chooses the plaintext and performs the encryption. The attacker has a thorough understanding of the inner workings of the algorithm and secret key thanks to his ability to select any plaintext and watch the ciphertext. One strategy in this case would be to create a database of well-known plaintexts and ciphertexts, which would then be used to determine the cypher text input. As you might expect, the likelihood of decryption is greatly increased by the ability to choose the plaintext and view the ciphertext. A cryptanalyst can select any plaintext data to be encrypted during the chosen-plaintext attack, and he then obtains the associated ciphertext as shown in Fig. 17. To be able to decipher any ciphertext messages encrypted with this key, he seeks to obtain the secret encryption key or to develop a method that would enable this (but without actually knowing the secret key). The attacker is in a cosy place right now. Because he has the option to select any text to be processed by the cypher, he can learn more about the secret key and the entire attacked system. Based on any type of incoming data, he may analyse system behaviour and output ciphertext. When using the public key to crack deterministic cyphers, an attacker can simply build a database of well-known ciphertexts, such as typical server queries. Following then, by simply comparing them with the entries in his database, he will be able to decipher the meaning of numerous intercepted encrypted messages. During World War II, the allied cryptanalysts conducted the most well-known chosen-plaintext attacks on the German Enigma cyphers. The attacker attacks using Adaptive-Chosen-Plaintext by repeatedly selecting plaintext for encryption in this type of chosen-plaintext attack. Instead of utilising a single large block of text, it can select a smaller one, get its encrypted ciphertext, and then select a subsequent one based on the result. This enables him to thoroughly investigate the system that was attacked.

252

P. Kanaga Priya et al.

Fig. 17 Chosen-plaintext attack

Chosen Ciphertext Attack In this attack model, the online criminal examines a selected ciphertext that matches the plaintext. A secret key or information about the system is what the attacker is attempting to get. The attacker tries to determine the key by examining the selected ciphertext and comparing it to the plaintext. RSA encryption in earlier versions was vulnerable to this attack. The attacker in this attack can both encrypt and decrypt. This implies that they can choose a piece of plaintext, encrypt it, view the ciphertext, and then carry out the opposite operation. Keep in mind that the cryptanalyst’s goal is to decrypt the encryption technique and secret key, not necessarily to uncover the plaintext itself. The likelihood of this model becoming successful is high. A cryptanalyst can examine any chosen ciphertexts along with the corresponding plaintexts during the chosen-ciphertext assault. His objective is to obtain a secret key or to learn as much as he can about the system being attacked. The attacker is capable of forcing the victim to decrypt any ciphertext and sending him the results since the victim knows the secret key. The attacker tries to figure out the victim’s secret key by analysing the chosen ciphertext and the associated plaintext received as shown in Fig. 18. Public-key encryption systems are typically cracked using chosenciphertext techniques. Early iterations of the RSA cypher, for instance, were susceptible to similar assaults. They are less frequently employed to attack symmetric cipher-protected systems. Similarly, several self-synchronizing stream cyphers have also been effectively attacked. A type of chosen-ciphertext attack called the adaptive-chosen-ciphertext attack allows the attacker to force the targeted system to decrypt a wide variety of cipher texts. This indicates that answers (previously received plaintexts) are used to construct the new ciphertexts. Several ciphertexts may be requested for decryption by the attacker. Practical adaptive-chosen-ciphertext attacks are fairly rare. This

Various Attacks on the Implementation of Cryptographic Algorithms

253

Fig. 18 Chosen ciphertext attack

model is more frequently used to evaluate a system’s security. This assault’s inability to compromise security demonstrates that no realistic chosen-ciphertext attack can be expected to be successful.

Known-Plaintext Attack (KPA) In this attack method, the cybercriminal uses information-gathering tactics to discover or obtain some of the ciphertext’s plaintext. One such instance is linear cryptanalysis in block cyphers. The known-plaintext attacker is aware of some of the ciphertext and plaintext in the attack. He must then apply reverse engineering to determine the “key” before he can decode subsequent messages that employ the same “key” and method. When used against straightforward cyphers like “substitution encryption,” the “known-plaintext” attack was successful. It was well-liked for deciphering Second World War cyphers. In this assault, the attacker and cryptologists are aware of the plaintext used to create the ciphertext. They can observe pairs of plaintext and ciphertext but not choose the plaintext. Compared to COA, this attack has a substantially higher likelihood of success. An attack using known plaintext occurs when the attacker has access to pairs of known plaintexts and the cypher-texts that go with them as shown in Fig. 19. The objective is to figure out the secret key (or keys) or to create an algorithm that would enable him to decrypt any additional messages. This attack is seen to be very useful, especially if the number of pairs is not too great. Compared to the selected plaintext attack, this attack scenario is more realistic. An example of a known-plaintext attack is the probable word approach, a popular method for cracking traditional basic substitution or transposition cyphers. The term

254

P. Kanaga Priya et al.

Fig. 19 Known-plaintext attack

“crib” which first appeared in Bletchley Park during World War II to crack the Enigma code, today refers to the plaintext. A crib is based on the premise that when looking at incomprehensible ciphertext, cryptologists were looking for any word or phrase that would be anticipated to be there, to test it and crack the code. They would know they might be on the right track if these otherwise random attacks on the encryption succeeded in generating those words or sentences. They would add the parameters they had used to reveal those words or phrases back into the entire encrypted communication when they did. The most successful known-plaintext attacks are those that target the most straightforward cypher types. For instance, using them against straightforward substitution cyphers enables the attacker to quickly break them. The majority of the time, though, a well-designed modern cypher must be broken using more advanced cryptographic methods.

Rainbow Table Attacks and Cryptanalytic Defences An older but still powerful strategy used by threat actors to exploit password database vulnerabilities is rainbow table attacks. Advanced persistent threats of today may prefer more complex techniques like remote desktop protocol (RDP) attacks, but cryptanalytic attacks, which check cryptographic systems for flaws, continue to be a real threat to cyber security. Threat actors can use rainbow table attacks to effectively target password database flaws that offer insufficient privacy and security features. To defend against rainbow table attacks, techniques like password salting and hash algorithm patching are essential. Key-value tables called “rainbow tables” are used in cryptographic security systems to store known hashes. A password-cracking actor

Various Attacks on the Implementation of Cryptographic Algorithms

255

can work backwards from the ciphertext using these pre-computed datasets. The key-value table gives cryptanalysts and threat actors the ability to conduct a rainbow table attack, even though this procedure can take some time. Rainbow table attacks allow for the breach of permitted account access by exposing cryptographic hash algorithms. Threat actors who have access to a company’s password database can create a rainbow table using the password hash data. The rainbow table then provides the hacker or cryptanalyst with a route for decrypting password hashes [19]. Most services currently support two-factor authentication (2FA) and multi-factor authentication, which is a crucial feature for preventing password attacks (MFA). 2FA and MFA add at least one more authentication method beyond a password and guard against stand-alone rainbow table attacks. In the ongoing struggle to secure the accounts of customers, employees, and users at large, password-less authentication remains a crucial trend. The online application service provider stores and is aware of these strings, or salts, which add an extra layer of security to accounts on top of the user’s intended password. While using the same salt for all accounts is preferable to not salting passwords at all, using different salts for each password offers even more protection. The act of gaining access is made more difficult by the salting and hashing of passwords. But the rainbow table attacks are still a threat since rainbow attacks continue to be a concern to enterprises that don’t employ sufficient password security, even though attack tactics, methods, and procedures change. To maintain data privacy, security administrators must be aware of their cryptographic architecture. The future of cryptanalysis and cryptanalytic attacks from quantum computers is raised by rainbow tables. Future communications and data security depend heavily on the development of post-quantum cryptography techniques. The other attacks include: Key and algorithm attack—Here, the attacker examines the cryptographic technique to determine the key that was used to encrypt or decode the data. Differential cryptanalysis—The attacker inserts several plaintext messages into their ciphertext. He determines the key by observing the transitions from plaintext to ciphertext. Given that the attacker selects the plaintext to watch the transformation; this is a form of chosen plaintext attack. Linear cryptanalysis—A known plaintext attack is used by the attacker against several messages that have all been encrypted using the same key. This gives the attacker knowledge about the likelihood of a specific key. Attacking more messages increases the likelihood of discovering the specific “key.” Statistical Attack—When it comes to statistical assaults, the statistical vulnerability present in the targeted system is more often the emphasis. There are several places where hackers can exploit you severely. One of these is the inability to generate random integers and the problems with floating-point. The vulnerability in the hardware or operating system that is used to host cryptography tools is essentially the target of this attack. Dictionary Attack—There are numerous variations of this approach, all of which entails creating a “dictionary.” The most basic form of this attack involves the attacker

256

P. Kanaga Priya et al.

creating a dictionary of plaintexts and ciphertexts that he has learned over time. In the future, an attacker will consult the dictionary after receiving the ciphertext to determine the corresponding plaintext. Timing Attacks—They take advantage of the fact that different computations run on processors at varying speeds. It is possible to learn more about a certain computation the CPU is performing by measuring these timings. For instance, if the encryption process takes longer than expected, the secret key may be lengthy. Power Analysis Attacks—These attacks resemble timing attacks, with the exception that they exploit the amount of power consumed to learn more about the makeup of the underlying calculations. Fault analysis Attacks—In these assaults, flaws are generated in the cryptosystem and the attacker analyses the ensuing output for relevant information. Cipher-Only Attack—In a Cipher-only assault, the attacker has complete knowledge of the cipher text used for various communications that have been encrypted using a comparable encryption technique. Yet, the main difficulty that the attacker faces in this situation is identifying the key that is used for encryption. A robust cryptographic system must be in place to prevent cryptography attacks. Some strategies for doing this includes the update the cryptographic protocols and algorithms frequently to keep them current. Make sure the data is properly encrypted so that it will be unreadable even if it ends up in the wrong hands. Employ strong, individual keys for encrypting data. To keep the keys in a safe place and to make sure the cryptography system is used properly. Check the system frequently for weaknesses and inform staff members of cryptography attacks and safeguards [20].

5 Conclusion Attacks on encryption methods continue to make a significant contribution to communication security, online technology, and cloud environment data security. It has been seen that longer keys will be more resistant to attack than shorter keys, which is where the strength of cryptography rests in the selection and administration of the keys. Since implementing cryptographic algorithms, whether in hardware or software, is not a task for inexperienced engineers without an in-depth understanding of attacks, their combination, and effective defences, implementation attacks on cryptographic algorithms have been explored. Modern electrical equipment that utilises encryption is vulnerable to physical hacking and eavesdropping, despite being more advanced than earlier electromechanical machines. Since embedded devices that use cryptography are virtually always exposed to an environment that is controllable by the owner and hence not trusted, physical cryptanalytic attacks offer a specific risk to those devices. For instance, it is possible to fraudulently modify a bank card payment terminal in a store to acquire cardholder information that can then be used to deplete the account of the owner. So, from a security standpoint, the algorithm should be

Various Attacks on the Implementation of Cryptographic Algorithms

257

strongly constructed to guard against these kinds of implementation assaults. To solve security issues related to cryptographic algorithm implementations, a significant field in cryptographic engineering a crucial subject arising within cryptology was created. We attempted to keep the discussions as straightforward as possible while providing a general overview of numerous attack types, their origins, specific attack strategies, and protective measures in this work.

References 1. S. Tayal, N. Gupta, P. Gupta, D. Goyal and M. Goyal, “A Review paper on Network Security and Cryptography”, Advances in Computational Sciences and Technology, vol. 10, no. 5, pp. 763–770, 2017. 2. A. Gupta and N. K. Walia, “Cryptography Algorithms: A Review”, INTERNATIONAL JOURNAL OF ENGINEERING DEVELOPMENT AND RESEARCH, vol. 2, no. 2, pp. 1667– 1672, 2014. 3. N. Jirwan, A. Singh and S. Vijay, “Review and Analysis of Cryptography Techniques”, International Journal of Scientific & Engineering Research, vol. 3, no. 4, pp. 1–6, 2013. 4. J. L. Massey, “Cryptography-A selective survey”, Digital Communications, vol. 85, pp. 3–25, 1986. 5. H. Orman, “Recent Parables in Cryptography”, IEEE Internet Computing, vol. 18, no. 1, pp. 82–86, 2014 6. S. B. Sadkhan, “Cryptography: current status and future trends”, International Conference on Information and Communication Technologies: From Theory to Applications, 2004. 7. J. P. Aumasson, “SERIOUS CRYPTOGRAPHY A Practical Introduction to Modern Encryption”, San Francisco:No Starch Press, Inc, 2018. 8. J. F. Dooley, “A Brief History of Cryptology and Cryptographic Algorithms”, New York:Springer, 2013. 9. Abdalbasit Mohammed Qadir, Nurhayat Varol, “A Review Paper on Cryptography”, 2019 7th International Symposium on Digital Forensics and Security (ISDFS), pp.1–6, 2019 10. N. Sharma Prabhjot and H. Kaur, “A Review of Information Security using Cryptography Technique”, International Journal of Advanced Research in Computer Science, vol. 8, no. Special Issue, pp. 323–326, 2017. 11. J. Katz and Y. Lindell, “Introduct:ion to Modern Cryptography”, London:Taylor & Francis Group, LLC, 2008. 12. J. Callas, “The Future of Cryptography”, Information Systems Security, vol. 16, no. 1, pp. 15– 22, 2007. 13. S. GGrtner and F. Fllgel, “Call for a Spatial Classification of Banking Systems through the Lens of SME Finance -- Decentralized versus Centralized Banking in Germany as an Example,” SSRN Electronic Journal, 2014, http://doi.org/10.2139/ssrn.2446822. 14. H. Wang, Z. Zheng, S. Xie, H. N. Dai, and X. Chen, “Blockchain challenges and opportunities: a survey,” International Journal of Web and Grid Services, vol. 14, no. 4, p. 352, 2018, https:// doi.org/10.1504/IJWGS.2018.10016848. 15. P. W. Khan and Y. Byun, “A Blockchain-Based Secure Image Encryption Scheme for the Industrial Internet of Things,” Entropy, vol. 22, no. 2, p. 175, Feb. 2020, https://doi.org/10. 3390/e22020175. 16. B. Zhong, H. Wu, L. Ding, H. Luo, Y. Luo, and X. Pan, “Hyperledger fabric-based consortium blockchain for construction quality information management,” Frontiers of Engineering Management, vol. 7, no. 4, pp. 512–527, Dec. 2020, https://doi.org/10.1007/s42524-0200128-y.

258

P. Kanaga Priya et al.

17. K. Nelaturu, H. Du, and D.-P. Le, “A Review of Blockchain in Fintech: Taxonomy, Challenges, and Future Directions,” Cryptography, vol. 6, no. 2, p. 18, Apr. 2022, https://doi.org/10.3390/ cryptography6020018. 18. I. Grigg, “Financial Cryptography in 7 Layers,” International Conference on Financial Cryptography, pp. 332–348. Oct. 2001, http://doi.org/10.1007/3-540-45472-1_23. 19. H. F. Atlam, A. Alenezi, M. O. Alassafi, and G. B. Wills, “Blockchain with Internet of Things: Benefits, Challenges, and Future Directions,” International Journal of Intelligent Systems and Applications, vol. 10, no. 6, pp. 40–48, Jun. 2018, https://doi.org/10.5815/ijisa.2018.06.05. 20. M. B. Yassein, F. Shatnawi, S. Rawashdeh, and W. Mardin, “Blockchain Technology: Characteristics, Security and Privacy; Issues and Solutions,” in 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), Nov. 2019, pp. 1–8. http://doi. org/10.1109/AICCSA47632.2019.9035216.

A Survey on Private Keyword Sorting and Searching Homomorphic Encryption S. Nithya, V. Seethalakshmi, G. Vetrichelvi, M. Siva Sangari, and Gokul Basavaraj

Abstract With progressions in information technology such as social media, visual data transfer is critical. The primary goal of this chapter is to investigate the searching and sorting operations on fully homomorphic encryption cloud data. When transmitting data over an insecure communication channel for various purposes, the data must be cyphered in an unreadable form. Maintaining the privacy and security of cloud-stored data is critical for realising the full potential of cloud computing. Data storage in encrypted form may be beneficial. However, performing activities on cloud data via repeated decryption encryption solves the problem while increasing security concerns and diminishing the cloud’s essence. Fully homomorphic encryption allows for quick operations on cypher text. Furthermore, because cloud is primarily used for the storage, secure sorting, and searching of securely encrypted communication cloud data, it can be an effective field of study. In recent years, the efficiency of modern encryption algorithms and the use of electronic devices have greatly improved. Initially, information is protected by concealing or substituting numbers or special characters for parts of it. The cryptosystem is essential for ensuring security, precision, and efficiency. A higher level of security is required by the algorithm used to secure communication. Cloud computing has been the most action potential in the computational world over the last decade. When it comes to critical data, there are still security concerns. The most widely used technique for bridging this S. Nithya (B) · V. Seethalakshmi Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] V. Seethalakshmi e-mail: [email protected] G. Vetrichelvi Jansons Institute of Technology, Coimbatore, India M. Siva Sangari Department of Computer Science and Business Systems, KPR Institute of Engineering and Technology, Coimbatore, India G. Basavaraj Central Queensland University, Melbourne, VIC, Australia e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_12

259

260

S. Nithya et al.

gap is encryption of remotely stored data. Because data storage is so prevalent, data security in the cloud is a major concern. The computing environment is constantly changing. Everyone makes use of various computing devices to access data stored on large servers in the cloud. This radical shift symbolises the daunting task of computation outsourcings, which inspires and motivates the power of attainable inequity computing. Homomorphic encryption is a wise choice because it strengthens the security safeguards of untrustworthy information storage systems and enables the manipulation of sensitive data stored in the cloud. The results of a survey on various homomorphic encryption and keyword sorting and searching were presented here. The goal of these survey techniques is to convert original messages into cypher forms and to analyse sorting and searching schemes.

1 Introduction Cryptography is a critical factor in data security. A cryptographic algorithm’s primary function is to prevent perceived enemies from decoding private information messages. Cryptography is critical for protecting data and networks during transmission. It makes it impossible for a foreign entity to read personal messages. Cryptography has changed and spread in computer communications [1]. When communicating over an untrusted medium, such as a network, particularly the internet, cryptography is essential. Modern cryptographic techniques concentrate on various aspects of information security, including data confidentiality, integrity, authentication, and non-repudiation. The goal of network security is to prevent unauthorised network access. As a result, user authentication, which includes a user name and password, is the first stage of security. As a result, it is also known as one-factor authentication [2]. In addition, dual-factor and triple-factor authentication schemes, which involve the verification of security tokens or trace evidence, are used. Multifactor authentication is an important procedure. The use of a firewall enables us to enable the authorised user, who can only rarely access services that have been granted to that person. There are many different types of cryptographic algorithms classified for metadata security. Figure 1 depicts the encryption methods. They are secret-key cryptography algorithms. This method ensures that the same key is used for both encoding and decoding. It is also referred to as a symmetric key encryption scheme, and its primary use is for privacy and confidentiality. A public-key cryptographic algorithm employs two distinct keys, one for cryptographic and one for cypher text. Asymmetric key encryption is another name for this method. As a result, this technique is used for key exchange, authentication, and non-repudiation. The hash function is a popular mathematical conversion technique that aids in the irreversible encoding of data and provides a digital footprint. Any encryption algorithm has three major phases: to begin, generate a key. Second, encrypt the plain text into cypher text; the third stage is decryption; and the final stage is validation and verification. The plain text or message serves as the input for the encryption process. The transmitted data is then encrypted using the public key,

A Survey on Private Keyword Sorting and Searching Homomorphic …

261

Fig. 1 Encryption types

producing a garbled output known as cypher text, which is then decrypted using the receiver’s key to restore it to its original form [3]. This scheme is dependent on the size of the key that is used. This procedure can be expressed as follows: Cypher text = Encrypt (Plain text), Plain text = Decrypt (Cypher), secret-key cryptography is a technique that uses a single key for both processes. The sender uses the same key to encrypt the original message and then sends the cypher text to the receiver. Figure 2, the receiver decrypts the message using the same unique key while retaining the original plain text. Because a single key is used for each function, private key cryptography is also known as isobilateral coding. Both the recipient and the sender must be aware of the secret key. Public-key cryptography is regarded as one of the most significant developments in the field of cryptography. One of the keys is designated as the public key in publickey cryptography and made available to users. The private key, on the other hand, is never shared with anyone else. Many public-key cryptographic algorithms are in use today, both for key exchange and digital signatures. The RSA encryption scheme was created by three MIT mathematicians: Ronald Rivest, Leonard Adleman, and Adi Shamir [4]. RSA is most commonly used in key exchange, digital signatures, and encrypting small blocks of data. Classic cryptography is concerned with models of linguistic and lexicography. Modern cryptography is heavily reliant on the internet. When information is transmitted over the Internet, it is vulnerable to a variety of threats. Today, the entire world revolves around technology and the Internet. The

262

S. Nithya et al.

Fig. 2 Basic encryption and decryption process—Gentry’s method

majority of financial and personal information is transmitted via the Internet, and there are numerous security threats. As a result, security is a major concern. Viruses, hackers, electronic eavesdroppers, and electronic fraud are major complex issues. As a result, strong security algorithms are required. The search for stronger algorithms with mathematical concepts that are difficult to break is still ongoing. Because a mathematical concept includes more computations algorithms, mathematics plays an important role in providing information security. Many cryptosystems employ mathematical concepts in the design of encryption and decryption algorithms.

2 Literature Survey Many applications in today’s world rely on the Internet. One of the most important tasks to consider is data security. There were numerous new algorithms proposed. One such technique for data security is homomorphic encryption. Cloud computing is a popular area of information technology. Data storage and security are critical tasks in cloud computing. A large amount of data is sent via the World Wide Web, and a considerable quantity of information is saved for future use. To store such large amounts of data with proper security, authentication is critical. The cloud stores large amounts of data for business purposes. As a result, cloud computing is critical for storing large amounts of data. It is a large pool of easily accessible virtualized resources. The primary resources are hardware, development platforms, and services. Security is a major concern that must be addressed because the data is public. By providing complete privacy of digital data, Diffie and Hellman contributed to the discovery of public-key cryptography in 1976. Applications such as online electronic voting, banking, and virtual networks, among others, have achieved confidentiality. Many secure encryption schemes have

A Survey on Private Keyword Sorting and Searching Homomorphic …

263

emerged in recent decades, including fully homomorphic cryptographic schemes. Rivest, Adleman, and Dertouzous coined the term ‘fully homomorphic cryptosystems’ in 1978. The proposed method allows an untrusted third party to perform extensive computations on encrypted information without intercepting it. It did, however, have a few flaws. Later, the goal was to ensure privacy preservation in both data transmission and storage. Many algorithms that perform additions and multiplications have been proposed, and homomorphic schemes have been introduced. Paillier in 1999, GoldwasserMicali in 1984, and Naccache-Stern in 1998 are examples of additives. Craig Gentry published the fully homomorphic cryptosystem encryption function in 2009 [5]. The encryption function is calculated by performing addition and multiplication operations on Enc(x) and Enc(y). This chapter investigates the use of searchable symmetric encryption for cloud data protection. For data security, homomorphic encryption is a good idea. It performs the computations necessary to enhance the security of delicate data in the cloud, where it stores and manipulates untrusted systems/applications. The key concept here is to encode data in such a way that it can be worked on and analysed as if it were nevertheless in its initial form. It also enables the execution of complex mathematical operations on cyphered data without jeopardising the cryptographic operations. Craig Gentry’s lattices are central to the asymmetric cryptographic scheme’s concept and design. On cypher text, this scheme allows for addition and multiplication operations. As a result, various circuits can be built by performing arbitrary computations. This scheme’s design process begins with the evaluation of lower degree polynomials over encrypted data. A partially homomorphic encryption scheme is what this is. Each cypher text contains noise that increases with addition and multiplication. Finally, the generated cypher text is rendered unreadable by the noise. Gentry provided a solution that can be modified to allow for bootstrapping. As a result, it must have the ability to perform at least one operation on its own decryption circuit. Finally, we can conclude that any partially homomorphic encryption scheme that is boots trappable can be transformed to a fully homomorphic encryption using the recursive self-embedding function. Gentry’s noisy method generates cypher text with lower noise for the bootstrapping procedure. We can compute additions and multiplications arbitrarily without increasing noise by ‘refreshing’ the cypher text on a regular basis. Gentry’s scheme’s performance is determined by the encrypted function. Because the length of the cypher text is independent of the complexity of the encrypted function evaluation process, it is impractical because as the cypher size increases, so does the computation time. As a result, security is enhanced. Craig Gentry, Ron Steinfeld, Shai Halevi, Damien Stehle, Nigel Smart, and Frederik Vercauteren proposed a slew of optimization techniques. Gentry, on the other hand, began with fully homomorphic encryption. Marten-VanDijk, Shai Halevi, Vinod Vaikuntanathan, and Gentry Craig proposed the another fully homomorphic encryption scheme in 2010. This new scheme used simple homomorphic operations with integers rather than ideal lattices [6]. As a result, while this new technique is simpler, it has similar properties to

264

S. Nithya et al.

Gentry’s scheme. Many schemes were proposed, one of which was the Levieil– Naccache scheme, which only supports addition operations. Later, studies on this scheme revealed that it can be modified to support with fewer multiplications. The work sequence carried out by Jean-Sébastien Coron and his team proposed many refinements and optimizations, including implementations of the resulting schemes. In 2011, many techniques were proposed by Zvika Brakerski along with Gentry and Vinod Vaikuntanathan that has led to much more efficient homomorphic cryptosystems developments, which include: BVG cryptosystems known as BrakerskiGentry-Vaikuntanathan cryptosystem, LTV cryptosystems also known as Lopez– Alt, Tomer, and Vaikuntanatan, which is NTRU, Brakerski’s scale-invariant cryptosystem, GSW cryptosystems, known as Gentry-Sahai-Waters cryptosystem. Vinod and Zvika conducted experiments and discovered that the noise rate for the GSW cryptosystem is slower for certain types of circuits. As a result, this cryptosystem is more secure and efficient. Later, Sheriff, Jacob Alperin, and Chris Peikert proposed a new technique for efficient bootstrapping with these types of circuits. These circuits are incompatible with the cypher text packing technique. As a result, they came to the conclusion that Halevi–Gentry smart optimization techniques could not be applied to this scheme. Second-generation cryptosystems continue to adhere to the fundamentals of Gentry’s original design, which handles noisy cypher texts and bootstraps a quite homomorphic cryptosystem to a homomorphic encryption cryptosystem. Cryptosystems that are homomorphic mathematical operations performed on the systems that generate the cypher texts have predictable consequences for plain text. Consider a user who sends a request to add two numbers ‘3’ and ‘5’. When the encryption technique is used, the numbers 43 and 65 are generated [7]. The cloud server processes and returns the sum of 108 to the receiver, who decrypts and returns the number 8 [8]. Symmetric cyphers like DES and AES are not homomorphic as shown in [9]. In terms of multiplication, RSA is thought to be homomorphic. A detailed literature review analysis reveals that a number of schemes have been designed for searching on outsourced cloud data on public clouds. Clouds provide numerous advantages, but many users are hesitant to use them because of worries about safety. The data owner secures the relevant information by encrypting it with a searchable encryption scheme, and the cloud server will never decrypt it [10–12]. The scheme has no information leakage, and original data is only provided to authorised users. While much progress has been made in this area, searching on encrypted data remains a challenge. The highlights of the gaps in the literature are listed below: 1. The vector space indexing model used in the previously proposed schemes results in high time and space complexity, reducing efficiency. 2. If the encrypted trapdoor size is too large, searchable encryption schemes have a very high communication overhead. 3. Although homomorphic encryption is extremely secure and allows for secure index searching, the cypher text produced by the scheme requires additional optimizations such as modular reduction and compression to reduce its size.

A Survey on Private Keyword Sorting and Searching Homomorphic …

265

4. Homomorphic encryption is relatively time-consuming and necessitates complex mathematical functions, resulting in extremely high time complexity during score calculation and index generation for large data sets. 5. The proposed searchable encryption schemes, other than homomorphic encryption, are extremely vulnerable to statistical frequency analysis attacks. 6. The proposed algorithms must strike a balance between security and efficiency, which is currently lacking in all proposed algorithms.

3 Modern Homomorphic Encryption Algorithm The diagram below shows how homomorphic encryption works: The procedure begins with decrypted data. The data’s owner requests that another party undertake a matrix multiplication on it (for example, a feature or a machine learning (ML) model) in the absence of disclosing its information (Fig. 3). The plain text, encryption key, decryption key, and cypher text are the only things that modern encryption algorithms deal with. Except for the keys, everyone knows the encryption algorithm and its details. It is a straightforward flow of plain text encryption and transmission of encrypted plain text to the sender in the network. The f (m) function is used to evaluate enc(m). The f (m) function returns the encrypted value of m. The enc( f (m)) has been decrypted. It should be the same as m’s encryption. This is the homomorphic property used in advanced encryption standards (Fig. 4). Third-party networks are not secure networks. As a result, the system employs a variety of techniques to ensure the security of the message sent by the sender. Because of the importance of the message’s value and sensitivity, it is protected in the network. The key size has been increased to protect the valuable sensitive privacy data. The number of encryptions, the algorithm used by the system, the key size, the message

Fig. 3 Modern homomorphic encryption

266

S. Nithya et al.

Fig. 4 Flow diagram for modern homomorphic encryption scheme

size, the encipher and decipher algorithms all contribute to the message’s security. This metric completely defines the cryptosystem’s speed, efficiency, performance, and security. Kerchoff’s principle is used to make the system vulnerable to cryptographic attacks. When processing an image, the pixels are dealt with block by block to perform the computation. This conversion flow can be accomplished using the additive and multiplicative functions. The f (m) function can accept arbitrary functions. It is determined by the type of cryptosystem used in the algorithm. In the various homomorphic properties, addition, multiplication, and exponentiation are used. The AND gate defines multiplication, whereas the XOR gate defines addition with the inputs. The data before encryption should be retrieved after decryption in encryption. A negotiable amount of change in the deciphered plain text is permitted in image input. A homomorphic cryptosystem is a public-key encryption scheme that allows algebraic operations on cypher texts. It is a critical advanced technique for enabling computation and analytical processing on encrypted data transmitted through an insecure third communication channel. Step1: Cypher Text 1 = Encrypt (Message 1) Step2: Cypher Text = Encrypt (Message 2) Step3: Cypher Text = Encrypt (Message (1 + 2) mod n) Step4: If Cypher 3 = E (Cypher Text 1 + Cypher Text 2) mod n Output (C1, C2) In this cryptosystem, C denotes cypher text, and M denotes a message to be encrypted. E is a function for encrypting data. The number n is the product of two large random prime numbers.

A Survey on Private Keyword Sorting and Searching Homomorphic …

267

Encryption of Pk (M1 ) ∗ Encryption of Pk (M2 ) = Encryption of Pk (M1 + M2 ) It is additive homomorphism. Without the knowledge of the data, it can be manipulated with the secret key. Paillier cryptosystem is an additive encryption system. Encryption of Pk (M1 ) ∗ Encryption of Pk (M2 ) = Encryption of Pk (M1 ∗ M2 ) This is a multiplicative encryption system. The encrypted plain text can be obtained by multiplying cyphered text by this scheme. The operations are performed on the encrypted text without knowledge of the original data. The cypher text expands to be longer than the plain text. Cypher text has a higher ratio than plain text. Minimum expansion produces minimal noise in the computation. Diffie–Hellman, Paillier, Elgamal, Goldwasser-Micali, and DGK encryption schemes are very popular and widely used encryption standards in public-key encryption schemes. The number of arithmetic operations over the plain text under some of the PKC schemes is shown in a comparison of public-key cryptosystems. Jim et al. proposed efficient binary operations on real numbers. The homomorphic property is used in all types of data, including text, image, video, and audio files. Because of the high security feature, there is some computational overhead. The table representation is an example of how to use various public-key encryption algorithms and the arbitrary operation on the Cypher text. Let us start with the FHE scheme before we get into the operations. Fully homomorphic encryptions allow for the execution of arbitrary computations on secured information. Here, the Gentry’s work in [12] demonstrated the technique’s promise in performing privacy-preserving operations, which are critical in cloud computing. We will go over the FHE scheme briefly in this section before moving on to a widely known library for performing basic mathematical calculations with this encryption. So it is called somewhat homomorphic encryption. Rivest and co proposed in 1978. Fully homomorphic scheme was created in 1978 and took a materialistic approach by Gentry in 2009. On the cypher text, homomorphic encryption evaluated an arbitrary number of functions. Craig Gentry proposed completely homomorphic encryption in 2012. It costs more than the other types of homomorphic encryption. Performance issues plague fully homomorphic encryption. It allows for arbitrary plaintext operations. FHE allows the user to perform operations without restriction. As in the Boneh in 2011 systems, the number of times is not limited. Multi-key fully homomorphic encryption encrypts data for multiple users using multiple keys. Brakerski in 2014 proposed a levelled fully homomorphic encryption variant of fully homomorphic encryption. This gives a massive size cypher text expansion to improve the efficiency of the data. Partially homomorphic encryption will be an additive homomorphic encryption or multiplicative. This can do limited functions on the cypher text. It is a probabilistic approach, since it uses different keys for encryption with the randomly selected random key numbers.

268

S. Nithya et al.

Using optimization techniques, the larger cypher text can be efficiently trimmed. This provides a massive size cypher text expansion to improve data efficiency. Additive homomorphic encryption or multiplicative will be used for partially homomorphic encryption. This can only perform limited operations on the cypher text. Because it uses different keys for encryption with randomly selected random key numbers, it is a probabilistic approach.

4 Implementation of Homomorphic Encryption The process of public-key cryptography instructs the sender to encrypt the message into cypher text using the receiver’s public key. To obtain the original message, the receiver decrypts the cypher text with his secret key. In mathematics, homomorphic means that it transforms one data set to another while preserving their relationship. Homomorphic is a Greek term that means having similar structures. Using a homomorphic encryption scheme with identical mathematical operations yields identical and equivalent results because the same structure is preserved. Although encryption is a fundamental method for safeguarding sensitive data, it can become complicated in the cloud. As a result, homomorphic encryption is critical in the computing world. It allows large organisations to store encrypted information in the public cloud while also utilising the cloud provider’s state statistical. Example: Here is a simple example of how a homomorphic encryption method in public cloud works: Let Company A be a confidential data set containing the numbers 15 and 5. The following is how the data set is encrypted: Company A multiplies each component in the set by ‘2’, which creates a fresh set of 30 and 10. A sends the new set to cloud storage, and the government contacts the Company A, few months later and requests the sum of elements. Company A requests that the necessary operation be performed by the cloud provider because it is overburdened. And, because the encrypted new data set is only accessible to the cloud provider, the operation is carried out, the result is 30 + 10, and the answer is 40 (Fig. 5). The above diagram compares the traditional and homomorphic approaches. The homomorphic approach includes a post-process method for processing cypher text. Except for decryption, the post-process includes function and cypher text. The secret key is ‘sk’ in this case. Rivest, Adleman, and Dertouzous proposed in 1978 that by performing computations on cyphered data without ever decrypting it. By not displaying the data, the idea of performing computations on encrypted data was promoted. As a result of the capacity for performing operations on encrypted information, many new ideas for useful applications arose. This includes the ability to privately outsource arbitrary computations to cloud storage and the ability to perform enciphered data decryption computations only when necessary. Homomorphic cryptosystems are designed to be versatile. Some cryptographic algorithms can convert a cypher text into another cypher text, which decrypts to a related plain text. In other words, given an encrypted plain text ‘m’, it is possible to generate another

A Survey on Private Keyword Sorting and Searching Homomorphic …

269

Fig. 5 Traditional approach versus homomorphic approach

cypher that decrypts to a function f (m) without knowing ‘m’. The implementation of a fully homomorphic encryption scheme is a significant step forward in cloud security. A secret key is used to perform calculations on confidential data. This can be accomplished by simulating various scenarios with a cloud network acting as a cloud server or a virtual private network and existing homomorphic encryption cryptosystems connecting the cloud to the customer (Fig. 6). In practise, the double-layered encryption causes the system to slow down. As the majority of work is focused on optimising the same set of records for searching a specific application, the time complexity decreases. It is also not possible to rely on a brand-new encryption strategy for confidentiality. Exposure necessitates extensive use. The system was designed with homomorphic encryption and an embedded decryption algorithm, which is protected by attribute-based encryption, ensuring that the process remains encrypted. This chapter introduces the RSA homomorphic encryption scheme.

5 Benefits of Keyword Sorting in Homomorphic Encryption Because of homomorphic encryption with keyword sorting, businesses can use cloud computing and storage services in a secure and efficient manner. It does away with the need to choose between data safety and convenience. Organisations do not need to depend largely on data centre services to protect their private data while still computing on it.

270

S. Nithya et al.

Fig. 6 Implementation of homomorphic encryption scheme

HE facilitates collaboration by allowing companies to integrate sensitive business information with outside organisations without disclosing the data or the information processing results to them. This can help to speed up creativity and collaboration while lowering the risk of sensitive data being compromised. It maintains compliance costs: with HE, organisations in stringent regulatory sectors such as medicine and finance can outsource research and analytical services without fear of non-compliance.

6 Keyword Searching Using Homomorphic Encryption Many suggestions have been put forward to address the issue of protected seek over data that has been outsourced to the secure and reliable server model. To secure outsourced data, a partially homomorphic encryption scheme has been defined, which encrypts it at the data host’s end and allows only encrypted data retrieval. Data sent to the cloud can be protected on the broadcast network using a variety of existing information security schemes, but it must also be protected from the cloud server. As a result, the symmetric searchable encryption scheme protects the data on the server. Schemes for searchable symmetric encryption: Curtmola proposed the concept of searchable symmetric encryption in 2006. SSE (searchable symmetric encryption) enables a private selective search of encrypted data that has been outsourced. Data encryption, on the other hand, limits the user’s capacity to look for a keyword in the

A Survey on Private Keyword Sorting and Searching Homomorphic …

271

encrypted text and raises privacy concerns, causing standard secret message search methods to fail for encrypted cloud information. Author Song addressed methodological approaches for scanning a key phrase on encrypted information in the year 2000. They discussed two methods for handling the issue of locating encrypted data. For each searched keyword W, the first process involves generating an index of documents containing W. Another option is to perform a successive scan without the need for an index. The disadvantage of using an index, according to them, is that the overhead of stashing and revamping the indicator is significant, and sequential scanning is inefficient when the data size is large. A pre-computed asymmetric measure that maps each keyword to the data file in which it appears is a common technique for speeding up searching in very large databases. There have been numerous schemes developed for searching encrypted data. A number of symmetric searchable encryption schemes-based algorithms have been proposed. Some earlier SSE schemes allow users to securely retrieve the cypher text, but they only provide Boolean keyword search, which means that these schemes can only search for whether a keyword exists in a file or not and do not consider the keyword’s relevance to the file. They show how these encryption schemes work when they are directly applied to outsourced data in a virtual environment. First, because users are unaware of encrypted cloud data, each search request must incur significant post-processing overhead. Second, it generates unnecessary network traffic because the server searches for and sends all files based solely on the either the existence or absence of a keyword in the files, which is incompatible with the pay-per-use model of the cloud. Then, as a deterministic encryption scheme, an order preserving encryption scheme was proposed, in which the encrypted messaging purpose preserves the numerical ordering of plain texts. OPE supports range queries, allowing queries to be processed as precisely and efficiently as unencrypted data. However, it was later discovered that only the OPE scheme leaks data privacy by default. To address the shortcomings of the order preserving scheme, it was additionally revised as OPM (order preserving mapping), where it maps the very same key stream to a randomly chosen value within a given range size. TRSE (two-round searchable encryption), a searchable symmetric encryption scheme that fulfils the needs for inter search and best organisational factors retrieval over encrypted cloud data, was proposed by author Yu in 2013. To address the shortcomings of the order preserving scheme, it was additionally revised as OPM (order preserving mapping), where it maps the very same key stream to a randomly chosen value within a given range size. TRSE (two-round searchable encryption), a searchable symmetric encryption scheme that fulfils the needs for inter search and best organisational factors retrieval over encrypted cloud data, was proposed by author Yu in 2013. Some of these schemes are discussed in the following sections. Such schemes are appealing because they facilitate faster range queries on encrypted data, i.e. a distant unauthenticated database server can index the encrypted data it receives in a data structure that allows range queries. In essence, OPE is a

272

S. Nithya et al.

strong encryption method that allows unfairness comparative studies on encrypted data without decryption. It is a computational geometric encryption scheme with plaintext numerical ordering-preserving cryptographic algorithms. OPE is not a completely secure encryption scheme because cypher texts leak plaintext order information because it preserves the order of plain texts. OPE schemes are constructed in a variety of ways. In 2004, Agarwal recommended an OPE methodology in which a pattern of random numbers is generated before encrypting an integer x to the sum of the first x random numbers. Zittrower and Zou defined an OPE methodology in 2012 that is based on a series of exclusively increasing polynomial functions. The encryption of an integer x is the result of iterative operations on those polynomial functions on x. OPE has several limitations. The opponent’s ability to approximate the location of the underlying plain text of a cypher text in plaintext space is the most problematic. Furthermore, given the cypher text, it occasionally reveals half of the plain text to certain attackers. The precision with which an adversary can predict the bits in an encryption scheme determines its security. Another issue proposed in 2012 by Xiao and Yen against the IND-CPA-based OPE scheme is to change the order of known-plaintext attacks, in which the opponent is given the cypher text and then selects the key stream. The OPSE scheme must be modified to address the issues. The one-to-many order preserving mapping scheme is based on OPSE’s random plaintext-to-bucket mapping, but uses a unique file identifier as the random seed to select the cypher text as well as the plain text. As a result, a different random value of cypher text is always assigned to the same plaintext values within the randomly assigned bucket in range R, as suggested by Boldyreva in 2011 and consistent with her proposal. As a result, order preserving mapping now assists the server in efficiently ranking the files as for the unencrypted score. To make one-to-many mapping more indistinguishable, the relevance score is encrypted with different keys. As a result, the same relevance score appearing in multiple lists of the index I will be assigned to a different bucket in R. As a result, it may reduce the useful information revealed to the cloud server even further, limiting statistical analysis on the encrypted numeric value to infer the underlying information. One of the major issues that prevents clients from storing their data in the cloud is the inability to provide efficient data retrieval in the cloud. It is now possible to search over encrypted data using the vector space model and inverted indexes. Queries and documents are encrypted and converted to vectors for the vector space model, and their dot product of relevance scores is calculated using the cosine similarity algorithm, which provides users with relevant documents. A variety of encryption schemes, including OPE (order preserving encryption), homomorphic encryption, and others, could be used to encrypt the data and use the vector space information retrieval model. Despite the fact that security issues cannot be completely resolved, better and more powerful security measures can be implemented to provide maximum security and gain clients’ trust in storing and accessing their data in the cloud.

A Survey on Private Keyword Sorting and Searching Homomorphic …

273

7 Keyword Sorting Using Homomorphic Encryption Security is critical during the transformation of information in any network. The information is sent by the sender and received by the receiver. Various attacks on the data are possible during this process. The various security issues that must be addressed are information protection, privacy, confidentiality, integrity, and authentication. Many traditional cryptographic algorithms paved the way for information protection against various types of attacks. Cloud computing is one such rapidly growing area in recent years, both in industries and in research that stores large amounts of data. It is a broad and distinct phenomenon in which clients are permitted to store large amounts of data in cloud storage for future use. Because the data is stored and processed by the cloud provider, data privacy and integrity are critical. The vast majority of cloud providers store information in plain text, and clients use their own encryption schemes to secure their data if necessary. The information should be unscrambled and handled at whatever point it is required. The goal of this survey work is to provide data security in a cloud environment by using Hill cypher encryption followed by a homomorphic encryption scheme. The encrypted data is kept in the cloud. The cypher key, which is generated during the encryption process, plays a critical role in the process. The emphasis is on storing encrypted data in the cloud using additive homomorphic encryption. The matrix multiplicative homomorphic operation, along with modular operations on the two halves of the matrices, is the main operation used to convert plain text to cypher text. The plain text is first transformed into a matrix. The input matrix is partitioned into two equal halves. The algorithm then converts the plain text to a matrix form. Then, for the encryption process, a random key in the form of a matrix is generated, and the encrypted form of information is transmitted to the receiver. A random key is generated, and the encryption process using the Hill cypher algorithm is carried out. For the decryption process, the receiver employs an inverse key matrix. A symmetric key encryption or an asymmetric key encryption can be generated. The scheme is known as symmetric key or conventional encryption if the encoder and decoder use the same key. Asymmetric key encryption occurs when the sender and receiver use different keys. The matrix multiplication cypher generates a true block cypher. On the data server, the encrypted data is saved. A block cypher continuously processes the input element, producing output one element at a time as it goes, whereas a stream cypher continuously processes the input element, producing output one element at a time as it goes. The following survey on Hill technique, which employs a Hill cypher homomorphic technique, has the framework shown in Fig. 7. The model describes the encryption process in terms of encrypted data that is shared between the network’s clouds. It explains the functions and components involved. The data is encrypted before being transmitted. This method proposes key function ‘F’, which presents the novel confusions in the matrix along with the key matrix, and as a result, this figure

274

S. Nithya et al.

Fig. 7 Encryption using network cloud

cannot be decomposed using brute force. As a result, the encrypted data is of higher quality. The inverse of the key is used for decryption. Let ‘m’ and ‘c’ represent the integer’s plain text or original message and cypher text, respectively. The additive operation is used to encrypt a four-letter block. Plaintext messages are organised into blocks. The numbers are then substituted for letters beginning with 1, 2, …, 26. The key adds to each component of the block, which is viewed as a column vector and component-by-component. The decryption process is carried out by appending the additive inverse vector key to the cypher text. The key for encrypting a four-letter block is a four by one matrix. The plain text is generated by one of the 4, 26, 456076 possible keys. We can solve the key if we know one of the plaintext or cypher text block correspondences. A true block cypher is produced by a multiplicative cypher using matrices. Because a change in one plaintext letter of a plaintext block changes only one letter of the corresponding cypher text block, the additive cypher is not truly a block cypher. The system overview is depicted. It depicts the operations used and the process involved in converting plain text. It describes the homomorphic encryption and decryption process. The plain text is converted to ASCII format before being arranged in matrix form. The encryption process employs a random key that is generated and used in conjunction with the plain text for encryption. The key is divided into two halves, and modulus operations on both halves produce cyphers C1 and C2. These cyphers are then combined to form the final cypher ‘C’. The encrypted cyphers C1 and C2 are obtained by splitting the matrix into two halves and then encrypted using homomorphic multiplication to obtain the cypher C. To decrypt the original plain text, the inverse key is used.

A Survey on Private Keyword Sorting and Searching Homomorphic …

275

8 Conclusion This chapter addresses the issues of searching and sorting, which are two common operations on encrypted databases. The use of fully homomorphic encryptions (FHE) in cloud computing is a desirable goal. Despite its promises, several challenges of implementing operations on FHE data were also highlighted. This chapter formalises the ability to search in an encrypted database to a specific plaintext adversary and develops a technique for performing search on an array encrypted with FHE. Following that, this chapter demonstrates methods for performing comparison-based sorting on encrypted data. This article demonstrates several new data structures, such as an encrypted array with an encrypted index, an encrypted stack, and associated push and pop operations, for implementing recursive programmes on encrypted data.

References 1. Understanding Homomorphic Encryption http://en.wikipedia.org/wiki/Homomorphic_encryp tion 2. Maha TEBAA, Saïd EL HAJJI, Abdellatif EL GHAZI, Homomorphic Encryption Applied to the Cloud Computing Security 3. R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(2):120–126, 1978. 4. Motasem A. Abu-Dawas, Abdulameer K. Hussain, Enhancement of RSA Scheme using Agreement Secure Information for Nearest Parameters, International Journal of Computer and Information Technology (ISSN: 2279 – 0764) Volume 04 – Issue 02, March 2015. 5. Craig Gentry, A Fully Homomorphic Encryption scheme, 2009. http://crypto.stanford.edu/ craig/craig-thesis.pdf. 6. Vinod Vaikuntanathan, Computing Blindfolded: New Developments in Fully Homomorphic Encryption. 7. Bao F., Deng R., Ding X., and Yang Y., 2008, “Private Query on Encrypted Data in Multi-User Settings,” Proc. Int”l Conf. Information Security Practice and Experience (ISPEC ”08), pp 71–85 8. Cao, N., Wang, C., Li, M. Ren, K. and Lou, W., “Privacy-Preserving Multikeyword Ranked Search over Encrypted Cloud Data,” IEEE Transaction on Parallel and Distributed Systems, vol 25, issue 1, pp 222–233, 2013. 9. Coron J. S., Mandal A., Naccache D., and Tibouchi M., 2011, “Fully Homomorphic Encryption over the Integers with Shorter Public Keys,” CRYPTO ”11: Proc. 31st Ann. Conf. Advances in Cryptology, pp 487–504. 10. Girme, M. R., & Bhandari, G. M. 2013, „Efficient Secure Ranked Search Algorithms over outsource Cloud Data”, International Journal of Emerging Trends & Technology in Computer Science (IJETTCS), Vol. 2, Issue 5, pp 247–251. 11. Pillai, L. K., & Saranya, P. 2014, „Towards Secure Top-K Multi Keyword Retrieval over Encrypted Cloud Data”, International Journal of Scientific Research and Management (IJSRM), Vol. 2, Issue 6, pp 950–955 12. Priya, P. S., Preethi, D., Priya, J. & Shanthini, B. 2014, „Retrieval of Encrypted Data Using Multi Keyword Top-k Algorithm”, International Journal of Scientific and Research Publications, Vol. 4, Issue 4, pp 704–707

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate the Outliers Using Homomorphic Encryption Scheme M. Janani, R. Jeevitha, R. Jaikumar, R. Suganthi, and S. Jhansi Ida

Abstract Due to the development of powerful quantum computers, traditional public-key methods are vulnerable because they depend on number theory. Postquantum cryptography candidates include multivariate public-key cryptosystems (MPKC). To determine if NP-hard and NP-complete problems are equivalent, MPKC uses the multivariate encryption and decryption algorithm for quadratic forms. Algorithms allow homomorphic schemes to be divided into polynomial times. Based on the signature techniques, multivariate quadratic cryptosystems (MQ) are divided into four types. The trapdoor can be built using one field with a specified structure in the first two groups, referred to as diverse areas, which employ ground and extension fields. Multivariate schemes need only the most fundamental computational tools and are extremely quick. A quadratic equation is solved, suggested system uses encryption and signature techniques. Because MPKC is a unique stratagem for ensuring confident communication happened in the post-quantum period, the prolong quadrille algorithm (PQ) uses a public key for the cipher text. The random attainment of security and complexity demonstrates that a quantum computer can disrupt a system in polynomial time while a quadratic equation can prevent a coefficient

M. Janani (B) · R. Jeevitha Department of CSE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] R. Jeevitha e-mail: [email protected] R. Jaikumar Department of ECE, KPR Institute of Engineering and Technology, Coimbatore, India e-mail: [email protected] R. Suganthi Department of ECE, Panimalar Engineering College, Chennai, India e-mail: [email protected] S. Jhansi Ida Department of Computer Science and Business Systems, R.M.K. Engineering College, Kavaraipettai, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 V. Seethalakshmi et al. (eds.), Homomorphic Encryption for Financial Cryptography, https://doi.org/10.1007/978-3-031-35535-6_13

277

278

M. Janani et al.

explosion. Using the prolong quadrille algorithm, outliers in the quadratic equation are removed, and assaults are reduced using a homomorphic encryption system. Keywords Post-quantum cryptography · Quadratic equation · Multivariate encryption and signature scheme · Multivariate public-key cryptosystem · Homomorphic scheme

1 Introduction Traditional public vital techniques are not favoured in the post-quantum era due to fully developed quantum computer regulations independent of conventional number theory. The design of algorithms is such that they operate only in polynomial time. Additionally, NP-hard issues are rendered solvable in polynomial time. Multivariate systems only need a small number of computer resources, which are typically quick and inexpensive. The ABC proposal, a single-field scheme-like multivariate quadratic encryption scheme, introduces a new central trapdoor. This ABC scheme differs from others since it only employs the variables of quadratic numbers, which have petite private vital sizes. This encryption is secure and effective for decrypting linear equation-only cyber texts. A linear system whose attacks are remarkable in a quadratic system without information can be obtained by the user using the private key. Because there is less of a blowup between plaintext and cipher text values, encryption systems like ABC and EFC provide more advantages [1]. Even for linear and quadratic systems, solving the problem of solving quadratic polynomials is NP-hard. The public system’s coefficient is combined from two public keys rather than randomly selected for the MPKC. As a result, the MQ problem and IP problem are all that the scheme’s security is predicated. The polynomial isomorphism problem, or IP problem, establishes the public sets of quadratic equations. Although the IP problem’s difficulty is not particularly focused, MPKC security is a concern. Equations with quadratic multivariate variables are built in a way that makes them simple to invert. The message is encrypted using encryption, whilst cipher text is used for decryption. In post-quantum cryptography, the modifiers are employed in between to identify the occurring attacks, as shown in Fig. 1. Multivariate quadratic problems are solved via quick quantum methods. The public key deletes one or more polynomials from the modifiers using the plus and minus approaches [2]. The components of a multivariate quadratic cryptosystem are modifiers. The linearization assault that appears generates the MinRank attacks in the form of quadratics connected to the field, and initially, the polynomial is used as the minus modifier. An algebraic attack results from the rank increase, raising the degree of the system in turn. Further observation reveals that, before inverting the output, the decryption process only makes educated estimates about the missing coefficients in the quadratic equation. The algorithm restarts from the beginning when it cannot predict the disappeared coefficient. Probability can be used when the performance is competitive to find the polynomials discarded, which are lesser in number than

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

279

Fig. 1 Post-quantum cryptography

the plaintext. The public keys are combined with the plus modifier, which is used to select the polynomial randomly in a multivariate scheme. The plus modifier’s primary application is for encryption, though its goal was not merely to increase security. MQ can use three cryptanalytic methods to analyse MC concerning rank. The complexity present in the MinRank key-recovery attack is unswervingly related to the central map ranks [3]. When the rank in the pertinent algebra is minimum, the differential symmetric attack is applicable. The complexity depends on a public key’s regularity, which is often a linear function of an algebraic attack. The assault of MinRank has been primarily built on so-called MinRank issues that can be successfully solved during the polynomial time using the robust algorithm. The MinRank attack seeks out multivariate polynomial linear combinations that map to symmetric matrices with the lowest rank. The family of differential attacks, which includes recovering symmetric relations to remove a minus modifier, is another attack type effective against a field scheme with a more significant dimension [4]. The candidate for post-quantum cryptography, where encryption and decryption are equally effective, is a multivariate public-key cryptosystem. A homomorphic encryption approach is provided here for multivariate cryptosystems, which primarily rely on quadratic equations. There are two non-degenerate quadratic form equivalence classes in the finite-dimensional vector space. For the design of a homomorphic encryption scheme, a method is employed to convert any non-degenerate forms into standard forms using equivalence classes, whereas MKPC uses a novel signature scheme. The complexity of the system’s multivariate polynomial computation of the

280

M. Janani et al.

public and secret keys determines how secure MPKC is in large part. MKPC must calculate the Grobner basis to solve the multivariate polynomial effectively. The phrase “attacks” is “direct attacks” and applies only to MKPC. The following is the organization of this paper, and Sect. 2 includes a literature survey followed by multivariate public key cryptography in multivariate cryptosystem. Sections 4 and 5 describe the encryption scheme and signature schemes. In Sect. 6, attacks are tabulated, followed by the proposed algorithm quadrille prolong algorithm. Section 7 ends up with a conclusion and future works [5].

2 Literature Survey In the post-quantum age, powerful quantum computers will be developed, making current public-key techniques more and more vulnerable. In polynomial time, shor’s strategy can defeat well-known algorithms like RSA, ECC, and Elgamal. Because multivariate approaches are frequently quick and only need a small amount of computing power, they are appealing for usage on inexpensive gadgets resembling RFID chips and smart cards. The traditional classification in MQ public-key cryptosystems is based on the list of the fundamental schemes STS, MI, HFE, and UOV. Because the first two construct the trapdoor using a ground and extension field, they are categorized as mixed fields. The trapdoor is only built with a specific construction in one area in the latter two single-field designs. Furthermore, MI and HFE are modified using the plus, minus, and perturbed techniques [1]. Recent academic publications include the HLY, YTS, ABC, matrix-based Rainbow, cubicABC, ZHFE, RGB, and HS-Sign. Cryptosystems include proxy-based signatures, online and offline signatures, and threshold ring signature schemes. Developing secure MPKC fundamental mechanisms like encryption or keyexchange protocols seems challenging. Multivariate quadratic cryptography has failed due to encryption methods. No other MQ scheme has endured the testing time, in contrast to different MQ signature schemes [2]. For multivariate quadratic encryption systems, MQ provided a brand-new central trapdoor. A single-field design, like the ABC design, is proposed for MQ. The concept, however, varies significantly from its forerunners in that it permits a wide range of changes, and our system will have a reduced private key size. The limitation of the quadratic equation, which variates a core polynomial, is tied to the effectiveness and failure of the predecessors. Unlike most HFE, UOV, and Rainbow family members, the proposal supports encryption. The system is comparable to the existing one and is an anticipated future encryption system. Like the ABC encryption scheme, decrypting cipher texts involves solving linear systems in polynomial time. Because every conceivable text or simple message covertly specifies parameters of the different linear systems that are determined using message or text. The opponent who guesses to attack the system without any essential knowledge has no advantage in solving the equations of the quadratic system. In contrast, the user who knows the private key can obtain the linear system efficiently. Decrypting a ciphertext entails

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

281

solving linear systems, similar to the EFC encryption algorithm. Although Gaussian elimination will solve this situation, it does not have to be original [3]. Furthermore, decryption failure is a significant issue in all three systems. As a result, our encryption method outperforms ABC and EFC in the following ways. In addition to being based on a single field, the system allows for selecting any number of variables. In our approach, the key size is significantly smaller. This method reduces the factor of the blowup size varies between text to 1.27, and has a lower failure rate during decryption. NP-hard problem is made to be known straight forward in quadratic equation systems for finite fields consisting of two elements. Conversely, the coefficients present in the public system P are not chosen randomly in most multivariate public-key cryptosystems presently in use. Instead, by combining two invertible affine mappings, S and T are used in an invertible quadratic map F, whereas the form of the public key is P = F * S * T is obtained. As a result of the IP and MQ problems, the security of the system is determined. The IP problem, also known as the problem of polynomial isomorphism, has the duty of determining an isomorphism commencing from P, S, and T to F. In contrast, those are the two public sets present in the quadratic equations that are isomorphic. The primary impediment to researchers providing security is a lack of IP knowledge [4]. The signature used in the linear equation is formed from the public key and secret key. When the MinRank problem is used to address security, it is significantly improved. Sort the arrival of complexity from the comparable matrix creation and Gaussian elimination procedure of the quadratic polynomial problems. It can solve the degree of regularity and first fall degree via non-trivial problems. System attacks and the use of hybrid techniques are generally decreasing the problems. The Berlekamp–Massey technique is the foundation for the defect correction procedure for quadratic matrices in cryptosystems. Finding the shortest linear recurrence that adequately captures the progression of values in a given matrix is done using this approach. The procedure is then applied to each block of the divided matrix. The iterative approach assumes that the matrix comprises entirely zeros [5]. The next element in the sequence is calculated after looking at the first two non-zero items. The process is repeated using the new elements if the following element is not zero. This process is repeated until the sequence is finished and the matrix is fixed. A previously used matrix [6] is the stochastic matrix, a mathematical matrix used in cryptography to model the behaviour of a cryptosystem. In cryptography, a stochastic matrix is used to represent the probabilities of various events that can occur within a cryptosystem. For example, a stochastic matrix could represent the probabilities of different attacks that a cryptosystem may be susceptible to or the probability of different encryption keys being used. A structure-preserving doubling algorithm is a type of cryptosystem that allows for doubling a given number without changing its structure. This type of cryptosystem is used to securely double the value of a number without changing its structure, allowing for secure transactions. The algorithm works by first encrypting the given number, then doubling the encrypted number, and returning the doubled number in its original structure. This ensures that the value of the number is doubled securely, without any outside interference. This type of cryptosystem is particularly useful in applications where numbers

282

M. Janani et al.

need to be doubled without changing their structure, such as cryptocurrency transactions. Stochastic matrices can also be used to model the behaviour of a cryptosystem when it is exposed to various types of attacks or attempts at decryption. Stochastic matrices can be used to calculate the probability of a successful attack on a cryptosystem and the probability that the system will use a particular encryption key. Using stochastic matrices, cryptographers can better understand the behaviour of a cryptosystem and can better prepare for potential attacks. A quasi-birth and death process is continuous in which the number of active states can increase or decrease but never go below zero. It is commonly used in queueing theory to model the number of customers in a system [7]. In a quasi-birth death process, the transition rates between states are either constant or determined by a probability distribution. Cyclic reduction is a type of cryptographic reduction used to reduce the size of a group or a polynomial. It works by dividing the group or polynomial into cyclic subgroups of a predetermined size and then reducing each subgroup to the corresponding remainder. This is done by using a modulus, a number used as the basis for the reduction process. Logarithmic reduction [8] is a type of cryptographic reduction which uses logarithms to reduce the size of a group or polynomial. This type of reduction is used to reduce the size of a group or polynomial by repeatedly applying the logarithmic reduction rule. The reduction is made by repeatedly applying the rule on the group or polynomial until the size of the group or polynomial is reduced to a predetermined size. This type of reduction is often used in cryptosystems in demand to reduce the key size used for encryption. Quasi-Toeplitz matrices are a type of structured matrix with a specific structure that allows them to have certain convergence properties. These properties are related to the Toeplitz structure of the matrix, which states that the matrix has a constant diagonal along each row and column. This structure allows for the matrix to converge faster than a matrix with a random structure. This property is especially beneficial for matrices with large dimensions, as the system can achieve convergence in fewer iterations. Additionally, the structure of a quasi-Toeplitz matrix also allows for the efficient implementation of certain algorithms, such as the fast Fourier transform (FFT). This makes the matrix well-suited for signal and image processing, where the FFT is commonly used. The Gelfand theorem in cryptography states that any information-theoretically secure cryptosystem must be computationally secure. In other words, a cryptosystem cannot be secure if broken with a computationally feasible algorithm [9]. This theorem has implications for the security of cryptographic algorithms, as it implies that any algorithm that is secure in theory must also be secure in practice. To solve a quadratic matrix problem, defect correction has been used. Invariant subspaces have been used to define the defect equation, and the SDA has been used for its analysis solution. A convergent quadratic algorithm that selects the starting approximation has been produced using this methodology [10]. The scenario in which A1 + A0 + A1, in the study of arbitrary walks in part, is stochastic, has been further examined, and an application to infinite quasi-Toeplitz matrices has been made. The enhanced SDA described in this research outperforms fixed point iteration in speed

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

283

and CPU time, according to numerical measurements done in the case of infinite quasi-Toeplitz matrices. In recent proposals, cipher text using external graphs and post-quantum cryptography is supported by NIST 2017. When bijective encryption is used with a multivariate public key, an external graph can be created and used for various purposes, including non-commutative cryptography. A rainbow-like unbalanced oil vinegar pattern generates the digital signature for a single multivariate process. For standardization processes, a lattice-based algorithm may occasionally be utilized. A function-formed density and linear or superlinear encryption tools are employed in the multivariate mechanism along with numerous protocols. The monomial terms are arranged lexicographically according to density. Another technique uses noncommutative cryptography to carry out the Eulean transformation. The information from the Cremino semigroup is employed in this step to reimage the mapping. The idea was previously referred to as a trapdoor accelerator. The complexity of the trapdoor accelerator is its vulnerability due to toxic transformation and one-way function. The characteristic of subgroups and semi-subgroups is a linguistic graph. It contains the proof-of-proposition based on prior investigations. The semigroup of the Eulerian transformation supports the Diffie–Helman protocol. The conjugacy power search method is used to tackle the security issue. In the past, there were two ways to implement these procedures. The first one is used to create the output message’s public key. In the first approach, the delivery strategy is disclosed to the partner. Based on the first, the second approach may create secret keys for stream cipher and space cipher combinations with any output-based protocol. As soon as the criminal semigroup is produced, assign it to the subgroup. There is predicate calculus from this combination. According to the multivariate algebraic graphs, the idea of a symmetric trapdoor accelerator generates a balanced unit with an infinite degree. According to remark from the prior study, the message is converted into a secret key by the extraction function art, but collision still happens. To avoid this advantage of multivariate computation of composition [11] makes collison-commutative cryptography calculation simpler. The commutative ring exists in the bipartite graph. An algebraic graph needs the external graph theory element to be regular. Brackets and parenthesis are used in tuples to differentiate this graph from others. The method is applied separately for odd and even semesters according to the linear system equation. A graph forms the projective limit if the integer is odd. Think about the infinite bipartite graph’s points and lines. Assume that a variable in a graph tends to infinity and forms an integrity ring. The system used these graphs to build a Cayley Ramanujan graph, which is used for satellite communication. A neighbouring vertex on the linguistic graph was given the colour. Here, the walk in the graph moves from the source vertex to the final vertex, and the linguistic semigroup is created using the isomorphic rule. The graph’s colour is changed using yet another operator variable. The transition attribute supports the preposition-based linguistic group. Finally, this paper claims that the Ei Gamal cryptosystem creates a message’s public key via non-commutative cryptography connected to Eulerian endomorphism [12]. In the future, a mapping for encryption could be made using a non-polynomial density.

284

M. Janani et al.

The special case for linear quadratic control issues is derived from the linear state dynamics and cost function. Equations that are integral or differential solve the state dynamics problem. The control process, deterministic functions, free term, forcing term, Brownian motion, matrix-valued deterministic coefficient, and vector-valued inhomogeneous term are all components of the linear stochastic integral equations. Deterministic matrix-valued functions define the quadratic equation’s cost function. State dynamic capable of employing the stochastic Volterra problem to solve the quadratic cost function. The next step in the control problem-solving process is to construct two distinct frameworks, the open-loop and closed-loop frameworks. Find the control mechanism and input condition validation in the open-loop architecture. Then, an SDE and a backside SDE regulate it. The control actions of the corresponding state are used to manage the closed-loop architecture. Based on the choice of input, the environment uses a homogeneous matrix-deterministic function to solve the SDE issue [13]. State feedback strategy is the phrase used to describe the union of deterministic function and inhomogeneous term. A closed-loop system or framework uses a closed-loop approach to control the system. The solution is found by combining the state and control processes in the expression. The closed-loop optimal strategy is defined as verifying the input condition for any input value that follows the closed-loop strategy’s order. The closed optimality is referred to as a feedback representation of loop optimal control since it is comparable to the Riccati equation. The closed-loop strategy is used in numerous strategies. It uses the type-II backward stochastic Volterra equation in the open-loop method. In addition, the kernels are of the monotone and convolutional types, and MQ was researched to obtain feedback. Concerning the non-convolution type, this method is not used. This study focuses on closed-loop optimization with a single, non-convolutional type of coefficient. However, in earlier experiments, a technique known as the projection approach was used for causal feedback. The causal feedback approach is used to manage the state process and the forward state process. It differs from other strategies. The best casual feedback approach is necessary to verify the input condition and outcome. This feedback approach guarantees uniqueness and existence. The feedback form with homogenous terms is used to create Markovian state feedback from a causal feedback strategy. When the non-convolution type is designated as regular in an open-loop architecture, the stochastic Volterra problem arises. Since dynamic programming and decoupling are employed, the Riccati equation also differs from the Riccati Volterra equation [14]. As a result, the Lyapunov–Volterra equation is strongly related to it. This function is necessary to determine whether the system is economically viable. According to the survey, two Lotka–Volterra-type equations have several days of nonlinear equation multiparameter reaction system that have problems. Some approaches have been used to address the problem, such as reducing the burden of a single second order. Secondly, three first-order and three second-order linear delays. Thirdly, make an effort to reduce the two linear and first-order ODE types. More than 40 solutions are generated in this survey to deal with a delay in the diffusion of a Lotka–Volterra-type reaction. However, each of these solutions has a wide range of parameter freedom. With these several solutions, the diffusion problem

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

285

has two new approaches. In general, non-linear PDE with delays are analysed using systems with nonlinear coefficient delay solutions in science and medical fields. Delays are employed in many technical fields and used in linear and nonlinear systems with processes and delays. Certain differential equations produce some delays in mathematical models [15]. In medicine, “delay time” is when a disease first becomes contagious. In another application, the total number of applications in the nation changes due to the environment since the birth rate and the mortality rate fluctuate depending on their factors. Other applications may experience signal propagation and speed delay variations depending on the circumstances of the surrounding environment. The complexity factor causes latency in mathematical models. MQ can solve partial differential equations more simply than ODEs. They do not offer the same fixes. Reaction–diffusion system of the Lotka–Voltera type with a nonlinear quadratic equation. It has two parts and four delays that serve unidentified purposes. The age of species is a topic covered by mathematical modelling. Due to population dynamics, the delays may be non-negative or zero models. Assume that in a different case, an acid or iron concentration is used in Belosov description of the chemical process. The classical Lotka–Volterra system, which has no delays when the case is simplified, is used. For qualitative and quantitative system research, a variety of methodologies are used. The system should ideally solve the nonlinear PDE successfully. A system’s latency is solved by a straightforward wave going through space. There are twelve free parameters in a diffusion system of the Lotka–Voltera type, which comprises dependent and independent variables. There is no error in the query when the exact solution fulfils an equation. MQ should also make no assumptions. The exact solution algorithm must include basic functions, special integrals, and instantaneous ODE solutions. When represented, it can take an explicit, implicit, or parametric form. These solutions are utilized in software programs like Maple and Mathematics. The solutions are more complicated now. The function with two arguments is used to get the detachable solution to the delay equation. The answer to it requires greater concentration. The stationary point of the basic system will provide the answer to the complicated system. It provides six non-degenerate solutions for the nonlinear system using an example of four delays chosen at random to discover a solution to the problem at a stationary point solves this equation. Another solution that can be separated into several parts is presented in exponential form and is solved by a second-order ODE in a closed system. To build an exact solution, the ODE system must include several characteristics, including a linear system with the necessary field. Second, the plan should incorporate some system composition and transformation. The emphasized example of a linear transformation has two simple functions or an implicit form of a constant. The Weistrass elliptic function, on the other hand, expressly uses an elliptical integral. The Weistrass elliptic function represents the general solution of a linear homogeneous equation [16]. The system can also express the identical issue explicitly for a homogeneous equation. In this form, the Bessel function is the first or second kind of elementary function. Bessel functions are employed as the first or second type of elementary function in this manner. Post-quantum cryptosystem used mathematical

286

M. Janani et al.

sin functions in the first type of solution. The first-order solution of functions serves as the foundation for the second type of solution. The system with three second order and no delays are employed by four delays in a single relationship over some time t. The most significant impediment to researchers providing safety evidence for their multivariate public-key cryptographic system is a lack of understanding of IP hardness. An MPKC scheme on a set field is frequently formed as a collection of n-variable quadratic multivariate equations that are also simple to invert. Minus modifier takes out polynomials present over the public key in addition to defending against Pa tarin’s attack. The findings indicate that, rather than being regarded as a simple patch, this modifier is a critical component of multivariate quadratic cryptographic systems. That not only perform the first application but also prevents Pa tarin’s attack, but each of the following application raises the quadratic form linked to the field polynomial one by one, making the attack MinRank improved by Courtois impossible [17]. As a result of this rank increase, which also raises the system’s level of regularity, a similar algebraic assault is impossible. If this modification is used, the cost of performance will rise. To be more specific, the decryption method must initially predict the value in polynomials previously reversing the output transformation T. The plus modifier entitles adding a small number of randomly selected polynomial components from an existing scheme where the public key is blended with transformation. The plus polynomials should have a degree matching the underlying multivariate scheme. Initially, this scheme does not provide safety for the plus modifier, which is the primary goal. Encryption uses the interactive map whereas this scheme converted does not have the map which is not injective. MQ can use all three primary cryptanalytic methods to analyse multivariate cryptographic systems. The symmetric attack becomes more significant when the algebra relevant to the map is minimum. The complexity and symmetry of the linear function in the public key determine it. There are multiple approaches that built the MinRank attack, and there are successful methods for solving it. This is the so-called as MinRank problem [3]. The effectiveness of the attacks in the field is recovered by the Minus modifier using a low-rank tool. A novel approach to the trapdoor in MQ cryptographic systems based on polynomial subtraction. A linear system is solved to obtain the plaintext where the number of attacks is anticipated, modifiers like minus modifiers to protect from attacks, allowing us to obtain a successful encryption method. Experimental support is provided for its complexity and estimated parameters for 80 bits of safety based on the length of an algebraic attack [18]. The implementation demonstrates the precision and applicability of our methods. Encryption takes only a few milliseconds, but the decryption is tedious because the modifier information is missing. With the minus modifier, there is definitely room for improvement. When required for safety, any number of dropped polynomials imposes a significant burden on the decryption function because the latter’s computational cost grows exponentially with the number [18]. Other safety-enhancing modifications, such as the oil-and-vinegar modifier, will be studied in the future. Since it is obvious that any substitute modifier that maintains the same level of safety while reducing the need for time-consuming searching can significantly speed up decryption.

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

287

Multivariate public key cryptographic systems [19], or MPKCs, are potential post-quantum cryptography solutions. MPKC’s relatively effective encryption and decryption are a benefit. It is well known that non-degenerate forms of the quadratic equation have vector space in a finite dimension with exactly two equivalence classes. In MPKC, the technique is used to transform that quadratic equation into the normal form using a homomorphic encryption scheme, whereas the signature scheme is ineffective. The public keys are resistant to attack, but in post-quantum cryptography, MPKC encryption and decryption procedures are determined difficult to solve the homographic cryptosystem. Computing the Grobner basis is currently the most efficient method for solving cryptosystems. Defences against this method include attacks like direct attacks where safety levels are determined for signature schemes. The system knows that isomorphic polynomial uses a linear system than quadratic forms, where the major difference is the size of the coefficient. The computation technique converts every quadratic form into two forms, resolving the coefficient explosion. The signature generation scheme consists of the inverse calculation of the centre map and two affine transformations. In this technique, transformations are expensive compared with other transformations. Rainbow’s typical generation efficiency to our own. To set the parameters of both schemes assuming that their safety levels against direct attacks are equal. Many MPKC signature schemes have been published, but nothing is known about their interconnections. Our strategy employs two multivariate polynomial systems. One of the characteristics of these systems’ values is their exclusivity. Particularly, the two systems are not surjective. Existing proposals present in the encryption and decryption scheme are subjective to multivariate polynomials. Rainbow’s central maps cannot be created using this scheme. However, the technique is vulnerable to direct attacks as well as other non-signature-based attacks. Furthermore, there is a chance that an attack will succeed in undermining our strategy. This system is unsafe for attacks and the polynomial isomorphism solution technique. Many MPKC methods have been proposed, including UO and Rainbow [19]. The difficulty of resolving equations in the multivariate system is often present in the finite fields of quadratic equations, which are exploited in multivariate cryptography. Few of the recent multivariate asymmetric encryption, signature, and authentication systems proposed, such as the splash and UOV signature schemes, have proven to be resistant to cryptanalysis [20]. The recent presentation comprises MQ, where the quadrille algorithm is used, which has the unique safety property. The system must tailor the scholarly methods for performing the computations for both steps to the usage environment. Each of the following algorithms has an asymptotic complexity of O(n) for generating monomials and O(mn) for computing polynomials. The values of m and n, on the other hand, fall within a certain range because we are aiming for real cryptographic systems, and as we will see below, this allows for significant stimulation. Since various standards organizations have made post-quantum cryptography a top priority, it has been demonstrated that transitioning from current public-key algorithms to post-quantum algorithms is difficult in many ways. There are many unanswered questions, particularly about how to assess the quantum-bit safety of

288

M. Janani et al.

such post-quantum cryptographic systems. The safety is built for MPKC, where NP-hard problems are solved in polynomial time [21]. MinRank attack recovers the secret key of a multivariate scheme by using a linear combination of quadratic forms associated with low-rank public-key polynomials. Differentiable symmetries or invariants are sought after by a differential attack. The speed with which it can perform encryption and signature verification is one of the primary advantages of MPKCs. Any cryptographic primitive’s primary concerns are efficiency and safety. An essential algorithm for a multivariate scheme is implemented. Understanding the algorithm is important so a new reader can see a clear scenario regarding using those procedures in MPKCs. Existing MPKC-related attacks are presented and discussed. In addition, we discuss the algorithms that an adversary could use to launch an attack. Interpolation attacks attempt to interpolate the polynomial of cryptographic systems without knowing its secret key. The quadratic polynomial problem, which has to satisfy some property with a trap door structure, is solved using multivariate public-key cryptography. Post-quantum cryptography is used to counteract quantum assaults. It is NP-hard or NP-complete if MPKC can solve the quadratic polynomial problem. However, NP-hard problems are utilized to accentuate safety difficulties rather than complex ones. The system can be divided into two generic attacks after numerous proposals. The cryptographic system idea uses the public key and cipher text approach for direct attack. Two maps are required to create a signature scheme. An invertible linear map is related to an easy-to-invert map. After the mapping, this system can generate a public key. As a result, the rainbow scheme concept successfully handles encryption and encryption [21].

3 MPKC in Multivariate Cryptosystem The use of the cryptosystem is widespread due to the fast-rising data requirements. Because of this, security is a key consideration. Bit size increment ensures high order security in the RSA cryptosystem. The solution to this assault uses two variable parameters. The public-key cryptosystem is important to both business and academia. Explains how power grows. Performance may change depending on the setting. Fast searching algorithms are computed in order to increase security. The hardest part of the RSA scheme is the integer’s largest value. Due to this factor, many documents in today’s society are protected against forgery. Users are not permitted to share the secret key. It is challenging to recover the message from decryption if even one of the keys is unknown and It cannot alter the data. Depending on the parameter, it fluctuates. When the quick searching technique is used to the Euler’s toiling function in the prime numbers with a finite field of value, the complexity of the problem is found to have decreased. Using a different algorithm to solve the issues. Finally, system discovered that the speed and precision values had grown after the execution time. The variance of the SCS estimation results in an increase in power. Performance may change depending on the setting of the environment and parameter.

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

289

Because of technological advancements, the public key in the cryptosystem has been transformed into a quantum algorithm. As a result, it faces numerous issues and consequences in the governing bodies. It becomes the greatest challenge to survive the quantum complexity problem of industry fields’ solving many problems. MQ made many changes after the quantum-resistant algorithm in generating a key for safeguarding the message during transmission and retrieval. The NP problem is not solved when a single Grovers algorithm approach is used. To address these two issues, a hybrid strategy is combined with Grover’s methodology or a Grobner basis, allowing problems to be resolved more quickly. The simplest search, an exhausting search, reveals the exact cost of the used cryptosystem. Although polynomial factors help the approximation algorithm, the Boolean multivariate quadratic equation problem is solved using the Las Vegas approach when two variables have the same value. MQ can use the exhaustive search approach in quantum gates to solve the quadratic equation directly. The structure and order of the quadratic equation are improved in the quantum setting. It is not acceptable that the Boolean solution employs the quickest quantum algorithm with the smallest set of variables while producing more security vulnerabilities than it does. The supplied function of the Grovers algorithm reduces computing time for database searches. The quantum oracle approach improves the performance of the quantum computer when amplitude amplification is used. When the quantum oracle method is able to attain the quantum computer even more in a better state using the amplitude amplification function, using the amplitude function derives a desired output. Tofflio quantum gates cost more than not gates. These gates operate reversibly in a quantum bit. The oracle function built into the Grovers algorithm can identify the consistency and additional source needed to speed up quantum circuit operation. In this system, the Macauley matrix is used to solve both linear and nonlinear equations. The quantum Boolean solution validates the blackbox approach concept. The consistency can be checked by the number of times the black-box operation is used. As a result, the execution time of the quantum oracle is exactly proportional to the black box. The intended results cannot be obtained when a sparse linear system is used. Another factor to consider is binary equality. Efficiency and security cannot be achieved at the same time, as demonstrated by earlier studies like mi, HFE, etc. In the modern world, the schema is updated and changed like an oil-and-vinegar rainbow scheme. Prior to employing multivariate public-key cryptography, it is important to identify the work and approach used. Second, they may identify procedures and techniques by assuming that increasing costs require the employment of algorithms like rank attack and Gaussian elimination in the system from the output obtained. Each parameter is significant. Anytime a problem is challenging to solve, it is likely an MP or MQ issue. The signature method creates a signature by using the polynomial equation’s function. A secret key is used to map the irreversible structure to generate the signature. The signature is then verified using authenticity at that point. A cryptosystem is a structure or scheme composed of algorithms that transform plaintext into ciphertext to encode or decode messages securely. The abbreviation “cryptosystem” stands for “cryptographic system”. It designates a computer system

290

M. Janani et al.

that uses cryptography, encrypting data and communications so that only the intended recipients can read and process them. Cryptosystems use key creation, encryption, and decryption algorithms to help protect data. A cryptographic key, a string of bits utilized by a cryptographic algorithm to convert plain text into ciphertext or the other way around, lies at the core of all cryptographic activities. . Strong encryption: A good cryptosystem ensures that all data transmitted and stored is secure, meaning that only the intended recipients can access the data. Authentication: Cryptosystems can be used to verify the identity of the sender and the receiver. It was helpful for online transactions where the sender’s identity needs to be confirmed. . Tamper-proof: Cryptosystems ensure that the data is not manipulated while it is being sent or received. Any attempt to modify the data will be detected, and the data will be discarded. Ease of use: Most cryptosystems are designed to be userfriendly and can be implemented without any specialized knowledge. Low cost: Cryptosystems can be implemented without any additional hardware or software, which reduces the cost of implementation. . Complexity: Cryptosystems are complex and require specialized knowledge to implement. Vulnerability: Cryptosystems can be vulnerable to attacks, such as brute-force attacks or quantum computing. Cost: Cryptosystems can be expensive to implement, and specialized hardware and software may be required. . Time: Cryptosystems can be time-consuming to implement, as the algorithms need to be tested and verified. Compatibility: Cryptosystems may not be compatible with other systems, as different algorithms may require different strategies. Cryptanalysis is analysing and breaking cryptographic systems to gain access to the encrypted data or unauthorized access to the system. It is the science of uncovering secrets from encrypted data and involves methods such as frequency analysis, differential cryptanalysis, linear cryptanalysis, and more. A form of encryption that is resistant to attack by a quantum computer is post-quantum cryptography, commonly referred to as quantum-proof cryptography. It is based on mathematical issues like the discrete logarithm problem or the factoring problem challenging for a quantum computer to resolve. Post-quantum cryptography is an active area of research, and many algorithms are used in a quantum-proof cryptosystem.

4 Encryption Scheme Using Linear Systems Multivariate public-key cryptography is an increasingly popular form of encryption that relies on the use of multiple variables to create an encryption key. This type of encryption is considered to be more secure than traditional methods as it is more difficult to crack. However, due to its increased complexity, it can be more difficult to evaluate its security. Security evaluation of multivariate public-key cryptography should include a number of different factors. Firstly, it is important to consider the strength of the encryption key itself. The key should be sufficiently complex and

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

291

unpredictable to make it difficult for an attacker to guess. Additionally, the key should be sufficiently large to make it difficult for an attacker to break through brute-force attacks. It is also important to consider the strength of the algorithms used to generate the key. MQ should use complex algorithms to ensure that the key is unpredictable and not easily guessed. Additionally, MPKC should test the algorithms for vulnerabilities and address any weaknesses. Finally, it is important to consider the implementation of the encryption system. The system should be implemented securely to ensure that the key is not easily leaked or compromised. Additionally, the system should be regularly monitored to identify and address any potential vulnerabilities. In Fig. 2, overall, the security evaluation of multivariate public-key cryptography can be complex. It is important to consider the strength of the encryption key, the algorithms used to generate the key, and the implementation of the system. By considering all of these factors, organizations can ensure that their encryption system is secure and resilient to attack. A rainbow scheme in a cryptosystem is a type of attack that involves using a precomputed table of plaintext/ciphertext pairs to break the encryption. It works by using the same plaintext but with different keys to generate a variety of ciphertexts. The attacker then looks up the ciphertext in the pre-computed table, and if a match is found, the attacker can then use the associated plaintext to break the encryption. A bi-degreed polynomial attack is a type of rainbow attack that uses polynomials to generate the pre-computed table. This attack works by taking a polynomial of degree n and then evaluating it at various points to generate the pre-computed table. The evaluation points are chosen based on the degree of the polynomial, and the attacker then uses the table to break the encryption. This attack is considered to be more efficient than traditional rainbow table attacks, as it can generate a much larger pre-computed table with fewer resources. A bi-degreed polynomial attack is a type of rainbow attack that uses polynomials to generate the pre-computed table. This attack

Fig. 2 Encryption and decryption in networks

292

M. Janani et al.

works by taking a polynomial of degree n and then evaluating it at various points to generate the pre-computed table. The evaluation points are chosen based on the degree of the polynomial, and the attacker then uses the table to break the encryption. This attack is considered to be more efficient than traditional rainbow table attacks, as it can generate a much larger pre-computed table with fewer resources.

5 Signature Schemes Using Quadratic Forms The Rainbow signature scheme is a cryptosystem designed to provide digital signature and authentication for secure communication. It is based on the Merkle tree structure, which is a type of cryptographic hash tree. The Rainbow signature scheme provides a high level of security, with the ability to detect tampering and forgery. To analyse the security of the Rainbow signature scheme, it is important to consider both its strengths and weaknesses. Using a group signature technique, a group member can sign a communication on the group’s behalf while remaining anonymous. The signature ensures that the communication can be independently verified by a third party, who can confirm that the signature was issued by a group member but cannot identify that group member. The scheme provides anonymity in collaborative work, electronic voting, auction systems, and access control. This technique allows each group member to sign correspondence on the group’s behalf. Only confirming that a group member signed the communication is permitted for the verifying authority to do. The two primary characteristics of a group signature are anonymity and invulnerability. Anonymity refers to the inability of a verifier to determine who signed a document or to distinguish between two signatures created by different users over the same communication. In contrast, unforgeability means that a person who is not a group member cannot present a legitimate signature. Traceability is another crucial component of a group signature, in addition to anonymity and enforceability. If there is a problem with the signature, the group manager can identify the actual user thanks to this attribute. The distinctive characteristics of group signatures make them a highly alluring cryptographic primitive. Due to its many practical uses, particularly in e-commerce, telemedicine, e-voting, e-auctions, etc., group signature has attracted much attention in studies. For example, it might be used for keycard access to restricted areas to lock down the places to only the group of employees while making it impossible to track individual employee movements. Parameters of group signature scheme: A secure hash algorithm: A fast hash algorithm is used to generate a unique signature for each signer. A public-key infrastructure offers a method for confirming the signature of a group member by comparing the signature to the group’s public key. A trusted third party: A dependable outsider is required to manage the keys and signatures of the group members. A privacypreserving protocol: This protocol ensures that the group members remain anonymous while allowing for accountability. A revocation mechanism: This mechanism

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

293

is used to revoke a group member’s signature in case of a security breach or malicious activity. An auditing protocol ensures that the group signature scheme is used correctly and securely. It should be computationally infeasible for a malicious user to create a valid signature on behalf of another group member. Non-repudiation: It should be impossible for a group member to deny signing a message. Anonymity: It should be impossible to determine who within the group has signed a given message. Key distribution: Each group member should have a private key, and the group should share a standard public key. Forward Security: It should remain secure even if the group’s public key is exposed. Traceability: It should be possible to trace the originator of a message if needed. Resiliency: The scheme should remain secure even if a certain number of group members are compromised or leave the group. The strengths are 1. Tamper-proof: The Rainbow signature scheme uses a Merkle tree structure, which is a type of hash tree, to detect any tampering or forgery attempts. The signature is cryptographically secure and cannot be modified or forged. 2. High level of security: The Rainbow signature scheme provides a high level of security by using multilayered hash functions and multiple levels of encryption. 3. Fast and efficient: The Rainbow signature scheme is very fast and efficient, making it suitable for real-time applications. The Weaknesses are 1. Vulnerable to brute-force attacks: The Rainbow signature scheme is vulnerable to brute-force attacks, as attackers can try to guess the secret key used to generate the signature. 2. Not suitable for large files: The Rainbow signature scheme is not suitable for large files, as the signature size increases with the size of the file. 3. Limited scalability: The Rainbow signature scheme is limited in terms of scalability, as it is not suitable for large. The complexity of the rainbow signature scheme can be broken down into two parts: the setup phase and the signing phase. The setup phase involves generating the public key, secret key, and parameters that will be used in the signing phase. The safety of the rainbow scheme is purely created on the trouble of resolving the discrete problem in logarithmic time. The safety of the scheme is also related to the security underlying the bilinear pairing group and the complexity of the discrete problem. The safety of the scheme is understood to be secure in contradiction to quantum attacks. The Grobner basis algorithm is a mathematical technique used to solve systems of polynomial equations. In cryptography, it is used to generate public and private keys for encryption, as well as to generate digital signatures. The algorithm finds a set of polynomials spanning a given set of equations. The Grobner basis of these polynomials is then used to solve for the unknowns in the system. This provides a way to generate a unique set of keys for each user and verify the signature. Hilbert’s cryptosystem is a cryptographic technique that uses a mathematical theorem to encrypt and decrypt messages. It is based on Hilbert’s theorem, which

294

M. Janani et al.

states that any integer can be represented as a product of two prime numbers. To use this cryptosystem, the sender and receiver must agree on two prime numbers, which are then used to create a mathematical equation. The message is then encrypted using the equation, and the recipient can decrypt it using the same equation. This method is considered highly secure, as it is difficult to guess the two prime numbers without knowing them beforehand. Finally, this survey uses Hilbert’s method to rectify these main issues. The Dilithium algorithm is a cryptographic algorithm that secures communications between two or more parties. It is an asymmetric key encryption algorithm that uses two keys for encryption and decryption. The algorithm was created by NIST, a participant in the Cryptographic Algorithm Validation Program (CAVP). By creating two keys from a single seed, the process operates. Data is encrypted with the first key, which is also used to decrypt it. The algorithm ensures that the data is secure by providing an additional layer of encryption, meaning that even if one of the keys is compromised, the data remains secure. The crystal Dilithium algorithm is a popular choice for a secure communications protocol due to its high level of security and its ability to withstand attacks. It is also easy to implement and compatible with many security protocols. . It is a proprietary algorithm used by the Crystal Dilithium software. The algorithm is likely robust, as the software is used for securely encrypting data. . However, the algorithm has yet to be publicly tested or audited for its security, so its strength remains unknown. Falcon is an elliptic curve-based cryptosystem that uses a cryptographic hash function to produce a signature. It is designed to be more secure than other elliptic curve signature schemes, such as ECDSA. It is also used to authenticate and secure communications between two or more parties. The algorithm is based on the discrete logarithm problem, a complex mathematical problem to solve. The problem’s difficulty ensures that attackers cannot break the encryption. It is considered a very secure encryption algorithm, with a high level of resistance to brute force and other forms of attack. Falcon is used in several applications, including secure communications, storage, and data transfer. It has also been used to develop secure payment systems and other financial applications. It is a lattice-based digital signature algorithm designed to be secure against quantum computers. It uses a hash-based Merkle tree to generate signatures and a hash-based one-time signature scheme to sign messages. As a result of its lightweight architecture, SPHINCS is appropriate for restricted devices like RFID tags, sensor networks, and smartcards. One of the main disadvantages of the SPHINCS algorithm is that it could be more efficient in terms of performance. It requires a lot of computational resources to execute and thus increases the cost and complexity of the system. The algorithm’s security level is also limited by the size of the parameters employed, which makes it only appropriate for modest applications. Finally, SPHINCS does not offer a post-quantum security level, which limits its potential for future applications. Zero-knowledge identification protocols are a type of cryptographic protocol used to authenticate an individual’s identity without revealing any information about

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

295

the essence itself. The protocol typically involves an interactive challenge-response exchange between two parties, in which each party must prove that it knows something that the other does not. In the context of a cryptosystem, the protocol can authenticate a user’s identity without revealing the user’s private key or any additional sensitive information. The main advantage of using zero-knowledge identification protocols in cryptosystems is that it provides a secure authentication mechanism without revealing confidential information. Allows users to identify themselves without having to share any sensitive information. Additionally, zero-knowledge protocols are more secure than traditional identification protocols such as passwords. Because they do not rely on a single factor of authentication, such as a username and password, but instead rely on multiple independent pieces of information. As such, it is much harder for attackers to gain access to a system or account. It can take time to implement correctly. Additionally, it can be computationally intensive and require many resources to run. Furthermore, verifying that the protocol is secure can be difficult, as many complex factors must be considered. Finally, the protocol is vulnerable to attack from malicious actors who may be able to exploit its weaknesses. The system is a cryptosystem that securely authenticates user identities by combining public-key cryptography and a rank-based identification scheme. In this method, data is encrypted and decrypted using a public key and a private key. The data is encrypted using the public key and decrypted using the private key. An identifying strategy based on rank is used to create the public key. The rank-based identification scheme is a type of authentication scheme that assigns users a rank based on their account information. To encrypt and decode data, the rank creates a public key that is subsequently used. This scheme is secure, as it does not rely on the user’s password or other sensitive information. It is also relatively easy to implement, making it a popular choice among cryptosystems. Generalized Multivariate Signature Scheme (GeMSS) is a multivariate cryptography algorithm that generates digital signatures. It creates a signature from a set of polynomials, which are then evaluated using a set of private keys. The signature is then verified using a public key. The polynomials are generated with a unique set of coefficients, and each coefficient is randomly chosen from a pool of possible coefficients. To ensure that the signature is unique and cannot be forged. Once the polynomials are generated, they are evaluated using a set of private keys. Each private key corresponds to a particular coefficient in the polynomials, and the value of the coefficient is used to generate the signature. Finally, the signature is verified using a public key obtained from the same source as the private keys. The signature’s legitimacy is verified using the public key. If the signature is right, then it can be used to authenticate the user and prove that they are the one who created the signature. It provides a constant signature length and signature verification time, regardless of the size of the message. It provides a signature length that is shorter than that of conventional public-key cryptosystems. GeMSS is not susceptible to a key-recovery attack and does not require a trusted certification authority. Pass identification in a cryptosystem is a type of authentication system that requires the user to provide a correct password to gain access to a secure system. This

296

M. Janani et al.

authentication is often used to protect data, networks, and Web sites from unauthorized access. The password is typically encrypted using a cryptographic algorithm, making it easier to guess the correct password if you know the encryption method.

6 Attacks and Quadrille Prolong Algorithm Various attacks are identified based on multivariate encryption and signature scheme, tabulated. The proposed algorithm eliminates the explosion of the coefficients present in the quadratic equations of the multivariate cryptosystem using the homomorphic encryption scheme. Linear equations are solved in the polynomial time of an isomorphic cryptosystem. Post-quantum cryptography ensures the efficiency and security of the cryptosystem. Attacks in the multivariate cryptosystem are found, and relevant schemes such as signature and encryption schemes are tabulated. In Table 1, attacks based on an encryption scheme are listed, which holds only the public key and encrypted data, whereas in Table 2, multivariate signature scheme-based attacks are listed. An inversion attack on a cryptosystem involves attempting to invert encryption/decryption functions to gain access to encrypted information. This is done by attempting to “reverse engineer” the cryptography used to protect the data. The attacker analyses the cryptographic algorithm used to encrypt and decrypt data, and then attempts to “invert” the algorithm in order to gain access to the information. Table 1 Attacks based on multivariate encryption scheme

References

Scheme

Attacks

[1, 3]

MI

Algebraic attack

[4, 6, 12]

HFE

MinRank

[19]

Multi HFC

MinRank

[15]

Simple Matrix

Structural attack

[18]

Improved Simple Matrix

Rank attack

ZHFE

MinRank

[5]

SRP

MinRank

[13, 22]

HFERP

Direct attack

[14, 21]

DEC

Direct attack

[16]

EFLASH

Algebraic attack

PMI+

Differential attack

IPHFE+

Direct attack

HFE+

MinRank

[10]

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

297

Table 2 Attacks based on multivariate signature scheme References

Scheme

Attacks

[1, 8, 10]

Oil Vinegar

Algebraic attack

[19]

UOV

Intersection attack

[17]

Quartz

Direct attack

[6]

HFE-v

MinRank attack

[16]

SPLASH

Differential attack

[14]

PFLASH

Direct attack

[20]

MI–T THFE Direct attack

[1, 2, 4–6, 8, 10, 19] Rainbow

MinRank, rainbow band separation attack and intersection attack

[12]

GeMSS

MinRank

[13]

HMFEV

High rank

Inversion attacks are particularly useful when attacking symmetric cryptosystems, as the same key is used for encryption and decryption. . Strengths: Inversion attacks are useful against symmetric cryptosystems, as they can reverse the encryption/decryption functions used to protect the data. This can allow an attacker to gain access to the data without knowing the encryption key. . Weaknesses: Inversion attacks are difficult to execute, as they require an attacker to have a thorough understanding of the cryptography used to protect the data. Additionally, inversion attacks are ineffective against asymmetric cryptosystems, as the encryption and decryption functions use different keys. The scheme is an example of an elliptic curve cryptosystem and involves the use of elliptic curves over finite fields. This efficient way of cryptosystem provides high-level security and can be used for secure communication over the Internet. The scheme solved the logarithm problem in discrete, which is considered to be hardmathematical. In this scheme, the public key consists of an elliptic curve and a point on the curve, and the private key is the discrete logarithm of the point concerning the base point. To encrypt a message, the sender first chooses a random integer and then computes the point, which is the sum of the base point, and the integer times the public key point. To decrypt the message, the receiver uses the private key to calculate the discrete logarithm of the encrypted point and subtracts it from the random integer. . Strength: The Matsumoto–Imai scheme is an efficient and secure cryptosystem that can be used to encrypt data, which is based only on the Diffie–Hellman, a keyexchange protocol which is being widely used and accepted in the cryptography world. The scheme is resistant to known plaintext attacks, which means that it is more secure than other cryptosystems. It is a one-time pad system, which makes it much harder to break than other cryptosystems. It can be used in conjunction with other cryptosystems, such as RSA or AES, to enhance security.

298

M. Janani et al.

. Weakness: The Matsumoto–Imai scheme requires a large amount of computation, which can make it difficult to implement. It is unsuitable for real-time applications, as the encryption and decryption processes take significant time. The keyexchange process can be vulnerable to man-in-the-middle attacks. The scheme requires a secure channel for the exchange of keys, which adds an extra layer of complexity. In cryptography, a direct inversion attack is a type of cryptanalytic attack which attempts to recover the key used to encrypt a message or ciphertext by directly inverting the encryption algorithm. This attack is successful if the encryption algorithm is vulnerable to key recovery or weak encryption. This attack is also known as a brute-force attack, as it involves trying all possible keys until the correct one is found. The attack can be used on any type of encryption, including symmetric and public-key encryption. In order to perform a direct inversion attack, the attacker must have access to the ciphertext and the encryption algorithm used. The attacker then proceeds to try all possible keys until the correct one is found. The effectiveness of this attack depends on the strength of the encryption algorithm and the size of the key space. If the encryption algorithm is strong, there may be too many possible keys to try, making the attack infeasible. . Strength: Direct inversion attacks can be used to break an encryption algorithm quickly and efficiently, allowing attackers to quickly gain access to encrypted data. Direct inversion attacks can be used to break encryption algorithms that rely heavily on key lengths, such as DES and AES. Direct inversion attacks are relatively simple to carry out, requiring minimal computing power and resources. . Weakness: Direct inversion attacks require a significant amount of computing power and resources to succeed. Direct inversion attacks are only effective against encryption algorithms that rely heavily on key lengths, such as DES and AES. Direct inversion attacks are not effective against encryption algorithms that rely on other security features, such as public-key encryption algorithms. A cryptosystem using an oil vinegar scheme is one that uses two different keys to encrypt and decrypt a message. The first key is the “oil” key, which is used for encrypting the message. The “vinegar key” is the second one used to decrypt the message. The two keys are related in such a way that if one of them is known, the other can be found. This type of cryptosystem is used to provide an extra layer of security since it is much harder to find both keys if one of them is lost or stolen. . Strength: The oil vinegar scheme provides an extra layer of security since it is much harder for an attacker to guess both keys if one of them is lost or stolen. It is also much harder for an attacker to decrypt the message without knowing both keys. It is also more difficult for an attacker to substitute a new message with an old one since they would have to know both keys. . Weakness: This type of cryptosystem requires both keys to be stored securely, which can be difficult. It is also more complex than other cryptosystems, which

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

299

can make it more difficult to implement and maintain. It is also more expensive since it requires two sets of keys. Stepwise triangular cryptosystems are cryptographic methods that use multiple encryption algorithms in a stepwise fashion to enhance security. In this scheme, each level of encryption uses a different algorithm, and each successive level uses a stronger encryption algorithm than the previous one. The messages are encrypted using the first algorithm, and then, the encrypted message is passed on to the next algorithm in the sequence. This process is repeated until the message is completely encrypted. . Strength: The stepwise triangular scheme provides a secure cryptographic system by incorporating multiple layers of encryption. It allows for a higher degree of security due to the multiple levels of encryption that are applied. It allows for the use of different encryption algorithms in each layer, which adds an additional layer of security. It is difficult for attackers to crack the system since each layer of encryption is different. It allows for the use of multiple keys in each layer of encryption, making it more difficult to crack. This scheme is also beneficial for organizations that need to keep sensitive information secure. The stepwise triangular scheme is highly scalable, which makes it suitable for large organizations. It is fast and efficient and requires less computing power for encryption and decryption. . Weakness: The main disadvantage of the stepwise triangular scheme in a cryptosystem is that it is vulnerable to brute-force attacks. As the encryption key is based on the number of triangular steps taken to reach the destination, an attacker can easily guess the key by systematically trying out all possible combinations. This makes it easier for an attacker to gain access to the secured data. Additionally, this scheme is not suitable for larger datasets as the encryption process becomes too complex and time-consuming. A Frobenius endomorphism is a type of cryptosystem used in public-key cryptography. It is based on a mathematical operation called the Frobenius endomorphism. This operation changes the order of the elements in a finite field. It is used to generate a secret key from a public key. Secret keys are used for message encryption and decryption. Frobenius endomorphism is used in various cryptographic algorithms such as elliptic curve cryptography and Elgamal cryptography. It provides a secure way of exchanging information over an untrusted network. The SPLASH scheme is a cryptographic scheme which has been used to authenticate digital documents. It entirely depends on Schnorr’s scheme and is designed to be more secure against quantum computers. The digital signature algorithm uses a public key and a private key to sign and verify digital documents. The SPLASH scheme is an improvement made on the scheme, as it was designed for the security against quantum computers. This scheme uses a combination of elliptic curve cryptography and hash functions to create a signature that is both secure and efficient. The scheme is also designed to be resistant to key-leakage attacks, which are attacks that attempt to gain access to the private key of a user. The SPLASH signature scheme is

300

M. Janani et al.

used in many different cryptosystems, including blockchain-based systems, digital identity systems, and digital payment systems. . Strength: The SPLASH signature scheme offers several advantages over other signature schemes. First, it is a non-interactive scheme, meaning that the signer does not need to interact with the verifier in order to sign a message. This makes it more efficient and secure than interactive schemes. Second, it is a one-time signature scheme, meaning that the same key can be used to sign multiple messages without compromising security. Third, it is a quantum-resistant scheme, meaning that it is resistant to attacks from quantum computers. Finally, it is a post-quantum secure scheme, meaning that it is secure even against attacks from quantum computers. . Weakness: The scheme is not secure against malicious attacks, but in particular, an attacker can use a chosen-ciphertext attack for the recovery of the secret key, which is used to generate a signature. Additionally, this scheme is vulnerable to replay attacks, as the signature does not contain any information about the message being signed. Finally, the scheme is not efficient, as it requires a more level of computation for generating and verifying signatures. A structure attack is a type of cryptanalytic attack that exploits the structure of a cryptosystem in order to gain access to its secrets. This type of attack is often used to break encryption algorithms, as well as to gain access to secure networks. Structure attacks can be used to break encryption algorithms by exploiting weaknesses in the algorithm’s structure, such as weak keys, weak ciphers, or weak authentication protocols. They can also be used to gain access to secure networks by exploiting weaknesses in the network’s architecture, such as weak authentication protocols or weak encryption protocols. Structure attacks can also be used to gain access to data stored on a computer system, such as passwords or confidential documents [20, 23]. . Strength: A cryptosystem that is designed to withstand a chosen-plaintext attack is more secure than one that is not. This is because the attacker is limited in the types of data they can use to try and break the system. A cryptosystem that is designed to withstand a chosen-plaintext attack is more efficient than one that is not. This is because the attacker is limited in the types of data they can use to try and break the system, which reduces the amount of time and resources needed to break the system. Reduced risk: A cryptosystem that is designed to withstand a chosen-plaintext attack is less vulnerable to attack than one that is not. This is because the attacker is limited in the types of data they can use to try and break the system, which reduces the risk of a successful attack. Improved reliability: A cryptosystem that is designed to withstand a chosen-plaintext attack is more reliable than one that is not. This is because the attacker is limited in the types of data they can use to try and break the system, which reduces the chances of a successful attack. . Weakness: It can be time-consuming and expensive to mount a successful cryptanalytic attack. It can be difficult to determine the exact algorithm used to encrypt the data.

Multivariate Cryptosystem Based on a Quadratic Equation to Eliminate …

301

7 Conclusion Multivariate public-key cryptography is effectively used in post-quantum computers. Different algorithms, such as RSA and DSA, fall under theoretic assumptions without evidence. A survey is based on a finite field compared with multivariate public-key cryptography. Security is in randomly achieved when a polynomial is used in a quadratic equation. Whereas the result of an encryption message is the cipher text. Only signatures with messages linked to public keys are estimated using the signature scheme based on the secret key. The decryption process is faster compared to the encryption process. Compared to smartcards, multivariate public-key cryptography is less expensive. Outliers are eliminated present in the quadratic equations, which rely only on NP-hard rather than solving in polynomial time.

References 1. Dario A. Bini and Beatrice Meini, “A defect-correction algorithm for quadratic matrix equations, with applications to quasi-Toeplitz matrices”, GNCS, December 2022. 2. Pulung Nurtantio Andono And De Rosal Ignatius Moses Setiadi “Improved Pixel and Bit Confusion-Diffusion Based on Mixed Chaos and Hash Operation for Image Encryption”, IEEE Access, November 2022. 3. Varsha Himthani, Vijaypal Singh Dhaka, Manjit Kaur, Dilbag Singh, and Heung-No Lee, “Systematic Survey on Visually Meaningful Image Encryption Techniques”, IEEE Access, August 2022. 4. Kristin Lauter “Private AI: Machine Learning on Encrypted Data”, Cryptology ePrint Archive, June 2022. 5. Prabir Chandra Bhattacharyya, “An Opening of a New Horizon in the Theory of Quadratic Equation: Pure and Pseudo Quadratic Equation – A New Concept”, Journal of Mechanics of Continua and Mathematical Sciences, November 2022. 6. Jayashree Dey and Ratna Dutta, “Progress in Multivariate Cryptography: Systematic Review, Challenges and Research Directions”, Association for Computing Machinery, 2022. 7. Yushi Hamaguchi and Tianxiao Wang, “Linear-quadratic stochastic Volterra controls II: Optimal strategies and Riccati–Volterra equations”, GNCS, April 2022. 8. Vasyl Ustimenko, “On Extremal Algebraic Graphs and Multivariate Cryptosystems”, Cryptology ePrint Archive, 2022. 9. Jeongsu Kim and Aaram Yun “Secure Fully Homomorphic Authenticated Encryption”, IEEE Xplore, July, 2021. 10. Kadykov Victor, Levina Alla “Homomorphic Properties within Lattice-Based Encryption Systems”, IEEE Xplore, June 2021. 11. Juntao Gao, Haiyong Yu, Xiuqin Zhu, and Xuelian Li, “Blockchain-Based Digital Rights Management Scheme via Multiauthority Ciphertext-Policy Attribute-Based Encryption and Proxy Re-Encryption”, IEEE Xplore June 2021. 12. Ammar S. Alanazi, Noor Munir, Majid Khan, Muhammad Asif, and Iqtadar Hussain, “Cryptanalysis of Novel Image Encryption Scheme Based on Multiple Chaotic Substitution Boxes”, IEEE Xplore, June 2021. 13. Chuang Li, Chunxiang Xu, Shanshan Li, Kefei Chen, and Yinbin Miao, “On the Security of Verifiable Searchable Encryption Schemes”, IEEE Xplore, May 2021. 14. Haokun Fang and Quan Qian “Privacy-Preserving Machine Learning with Homomorphic Encryption and Federated Learning”, MDPI Journal, April 2021.

302

M. Janani et al.

15. Shimao Yao, Ralph Voltaire J. Dayot, Hyung-Jin Kim, and In-Ho Ra, (Member, IEEE) A “Novel Revocable and Identity-Based Conditional Proxy Re-Encryption Scheme With Ciphertext Evolution for Secure Cloud Data Sharing”, IEEE Xplore, March 2021. 16. Jiahui Chen, Jianting Ning, Jie Ling, Terry Shue Chien Lau, Yacheng Wang, “A new encryption scheme for multivariate quadratic systems”, Theoretical Computer Science, Elsevier, January 2020 17. Peng Jiang, Jianting Ning, Kaitai Liang, Changyu Dong, Jiageng Chen and Zhenfu Cao, “Encryption Switching Service: Securely Switch Your Encrypted Data to Another Format”, IEEE Transactions on Service Computing, 2018. 18. Jean-Charles Faugere, Kelsey Horan, Delaram Kahrobaei, Marc Kaplan, Elham Kashefi, and Ludovic Perret, “Fast Quantum Algorithm for Solving Multivariate Quadratic Equations”, Cryptography and Security, December 2017. 19. Jean-Charles Faugère, Mohab Safey El Dina, Pierre-Jean Spaenlehauer, “On the complexity of the generalized MinRank problem”, Journal of Symbolic Computation, March 2013. 20. Come Berbain, Olivier Billet, and Henri Gilbert, “Efficient Implementations of Multivariate Quadratic Systems”, LNCS Springer, 2007. 21. Takanori Yasuda, Tsuyoshi Takagi, and Kouichi Sakurai, “Multivariate Signature Scheme Using Quadratic Forms”, LNCS, Springer, 2013. 22. M Janani, N Yuvaraj, “Social Interaction and Stress-Based Recommendations for Elderly Healthcare Support System—A Survey”, Advances in Big Data and Cloud Computing, December 2018. 23. Enrico Thomae and Christopher Wolf, “Solving Underdetermined Systems of Multivariate Quadratic Equations Revisited”, LNCS Springer, 2012.