Abstract

The emerging concept of Internet of Things (IoT)-based Healthcare Industry 5.0 emphasizes the integration of human intelligence with cutting-edge technologies, such as artificial intelligence (AI), blockchain, IoT, big data analytics (BDA), and machine learning (ML) models to revolutionize healthcare delivery. However, alongside the immense potential and opportunities of Healthcare 5.0, the rapid expansion of sensitive medical data within the cloud-based healthcare systems also brings significant challenges related to data security, privacy, and resource requirements. Since most healthcare infrastructures depend on semi-trusted centralized cloud storage, it then becomes crucial to store medical records in encrypted form in order to ensure confidentiality and privacy of the data. At the same time, these systems must provide seamless and efficient search capabilities for authorized medical personnel in the healthcare system. To address these concerns and enable cost-effective, secure access and data management, we propose a novel authenticated certificateless verifiable searchable public key encryption scheme (ACLV-SPKE) that emerges as a robust and promising solution for securing healthcare data. The proposed framework not only resists diverse adversarial attacks but also ensures efficiency in terms of communication and computation costs while offering improved functionality over recent state-of-the-art solutions presented in the literature. The proposed scheme effectively resists both inside and outside keyword guessing attacks (KGAs), achieving strong security guarantees such as ciphertext indistinguishability (CT-IND) and trapdoor indistinguishability (TP-IND), which are proved in the random oracle models. In addition, we applied BDA on a real healthcare dataset to evaluate the performance metrics, and the outcomes are presented in this article.

Abstract

Despite edge computing reducing communication delays associated with cloud computing, privacy concerns remain a significant challenge when sharing data from edge-based consumer electronics (CE) or Internet-of-Things (IoT) devices. Ciphertext policy attribute-based encryption (CP-ABE) is a cryptographic tool that facilitates intricate and refined access control. It can deliver more flexible, secure, compact, and effective access control policies for the cloud data. In the case of a conventional CP-ABE scheme, the keys can only be issued and disseminated by a trusted central authority (CA). However, if the CA is compromised, the entire system becomes more susceptible to assaults or failures, which leads to a single-point failure. In this article, we propose a Ring-Learning with Errors (Ring-LWE)-based MA-CP-ABE scheme that is effectively resolved by the multi-authority CP-ABE (MA-CP-ABE), and it ensures the security against quantum attacks. The threshold secret sharing by Shamir and the Lagrange interpolation formula are applied in the key-generation and decryption procedures of the proposed scheme, which make it easier to segment and restore the private keys. The proposed scheme is implemented in the CE-enabled IoT-based smart healthcare applications using the blockchain technology as a secure storage. A detailed comparative study, security analysis and experimental results with the existing relevant schemes shows that the proposed scheme exhibits superior security and better efficiency as compared to other schemes, demonstrating its feasibility in practical IoT-based healthcare applications.

Abstract

Multi-signature protocols allow a group of signers to collectively generate a single signature for a shared message. In the context of a decentralized blockchain, multi-signature schemes play a pivotal role in reducing the signature size. Recently, several multi-signature methods have emerged in the literature, some operating in discrete-log settings and others in lattice settings. However, many of the existing lattice-based multi-signature schemes incur high computation costs and online round complexity. Traditional public key-based multi-signature schemes are susceptible to quantum threats, and they are computationally intensive as well. A lattice-based multi-signature can provide robust security, which often falls short in terms of efficiency when it comes to round complexity. In this article, we aim to introduce a single-round lattice-based multi-signature scheme specifically designed for decentralized public blockchains. What sets the proposed scheme apart is its ability to function without the need for trapdoor commitments or sample pre-images, which are common features in existing lattice-based signature methods. Furthermore, we explore some potential applications in a generic Internet of Things (IoT) environment and their integration of the proposed scheme with the blockchain technology. The security of the proposed scheme is based on lattice-hard problems, like Ring-SIS (Shortest Integer Solution) and Ring-LWE (Learning with Errors).

Abstract

Quantum digital signatures ensure unforgeable message authenticity and integrity using quantum principles, offering unconditional security against both classical and quantum attacks. They are crucial for secure communication in high-stakes environments, ensuring trust and long-term protection in the quantum era. Nowadays, the majority of arbitrated quantum signature (AQS) protocols encrypt data qubit by qubit using the quantum one-time pad (QOTP). Despite providing robust data encryption, QOTP is not a good fit for AQS because of its susceptibility to many types of attacks. In this work, we present an efficient AQS protocol to encrypt quantum message ensembles using a distinct encryption technique, the chained controlled unitary operations. In contrast with existing protocols, our approach successfully prevents disavowal and forgery attacks. We hope this contributes to advancing future investigations into the development of AQS protocols .

Abstract

Cloud-based storage service has emerged as a promising alternative to managing local storage, offering users additional features, such as storage, backup, and restoration of various resources, including software, applications, and sensitive private information, within a virtual database, while ensuring data confidentiality and security. However, the widespread use of cloud services by individuals and organisations raises concerns regarding user accessibility and data security due to increasing social threats and adversarial attacks. Searchable encryption (SE) has been introduced to address these issues, providing a secure environment for a convenient and effective way of data searching and sharing. SE models have been advanced by integrating blockchain functionalities to tackle certain existing vulnerabilities and enhance user accessibility, data privacy, and integrity. This survey work explores various research works on SE techniques leveraging cloud and blockchain functionalities, discussing and categorizing the diverse approaches based on different criteria. This study also discusses the different enhancements made to SE techniques over the years, including the underlying requirements that led to the inclusion of blockchain functionalities. Moreover, this study provides a comparative analysis of existing survey works done in this area, which highlights a lack of recent literature surveys that thoroughly explore blockchain-based public key encryption with keyword search (PEKS) schemes. Particularly, we delve into the technical aspects of PEKS by classifying, analyzing and comparing different functionalities based on various aspects. The survey concludes with a comparative analysis of existing PEKS solutions and a discussion on identified research gaps, aiming to improve future research on PEKS approaches in this emerging field.

Abstract

Maritime communication, critical for global oceanic trade, faces challenges and opportunities with advancements in Information and Communication Technology (ICT). Traditional methods are susceptible to interception due to open channels, limited authentication, jamming, and other security risks. Securing vessel movements and locations in Internet of Vessels (IoV) is essential to prevent unauthorized data interception and tampering during transmission. We propose a ship authentication method using location-based secure keys to ensure the confidentiality of a vessel’s whereabouts. The proposed scheme’s robustness is validated through formal and informal security analyses, and formal verification using the Scyther automated verification tool, demonstrating its effectiveness against potential attacks in maritime networks. Comparative studies indicate that utilizing location-based keys maintains anonymity and untraceability without imposing significant computational or communication burdens. Experimental findings from comprehensive big data analytics and simulations using NS3 validate the scheme’s feasibility and performance.

Abstract

The metaverse, a collection of virtual worlds offering a variety of social activities mirroring real-life interactions, is garnering increasing attention. Consequently, the need to ensure security and privacy within these spaces has become paramount. Metaverse users can create multiple avatars, a feature that can be exploited to deceive or threaten others, leading to significant internal security concerns. Additionally, users in the metaverse are susceptible to several external security threats due to the public nature of their communications with service providers.To address these challenges, we propose a novel quantum authentication scheme leveraging blockchain technology, decentralized identifiers, and verifiable credentials. This scheme enables secure identity verification and authentication for metaverse users. By allowing users to independently prove their identity without relying on service providers, the proposed approach mitigates privacy concerns associated with the management of personal information. Furthermore, our scheme achieves mutual authentication between the user and the service provider, while also being resilient against a variety of attacks, including unconditional security breaches, replay attacks, eavesdropping, man-in-the-middle attacks, and impersonation attempts. With a computation time of 17.4608 ms and a communication cost of 872 bits, the suggested protocol outperforms current solutions and provides superior security for the metaverse environment during data transmission and storage. Furthermore, we examine the operational capabilities and security features using the latest technology and techniques.

Abstract

Air Smart Vehicular Networks (ASVNs) have become increasingly essentials in military and commercial industries in recent years, where drones are deployed to interact among each other via wireless medium in airspace due to their agility and versatility. ASVNs can form a closed loop from data perception to final execution by integrating communication devices, computation tools, and control modules. However, the used unencrypted and publicly available navigational signals like Global Positioning System (GPS) and communication over (public) insecure Internet connections, including wireless networks and WiFi, make ASVNs vulnerable to security breaches. Attackers can easily gain access to a drone's configuration and take control remotely, by launching various attacks such as GPS spoofing, false sensor data injection, maldrone malware injection, eavesdropping, man-in-the-middle, Denial-of-Service (DoS), replay, forgery, and Skyjack attacks. This paper proposes a robust and efficient multi-factor biometric-based security mechanism using blockchain as a service to address the security and privacy breaches in ASVNs. A comparative study demonstrates that the proposed scheme provides superior security and better functionality features with low communication and computation overheads as compared to the existing analogous schemes. The feasibility of the proposed scheme in real-life drone applications is also demonstrated through a real-time testbed and blockchain simulation. Furthermore, a detailed security analysis using the automated software validation tool, namely Scyther, verifies the proposed scheme's significant level of security

Abstract

Owing to the growth of the intelligent Internet of Vehicles (IoV), the notion of the Social Internet of Vehicles (SIoV) has emerged. SIoV is based on the intelligent IoV combined with social needs, and it uses existing vehicle self-organizing network technologies to enable in-vehicle social networking platforms. The rapid development of the Internet of Things (IoT) has led to an explosion in the number of in-vehicle electronic devices, external facilities, vehicles, and a massive amount of real-time data generated by these vehicles, devices, drivers, passengers, and other social relationships. This explosion has put tremendous load pressure on servers; hence, researchers have started to apply fog computing to SIoV to spread server overload. However, there are still a number of risks and challenges associated with SIoV. Therefore, we propose an authentication scheme for fog computing-enabled SIoV that guarantees user anonymity and security. Detailed security analysis proves that the proposed scheme can secure against known attacks. Finally, we evaluate the performance of our scheme, and the results show that it has excellent security, computation, and communication performances.

Abstract

The key factor accelerating the development of intelligent transportation and reduced traffic congestion is the vehicle ad hoc network (VANET). However, the swift upsurge in the diversity of vehicles puts the development of the vehicle network's safety system through plentiful glitches. To receive the messages promptly, attain the confidentiality of vehicle identity, and authentication swiftly in VANET, we present a new identity-based aggregate signature (IBAGS) system using the lattices. The proposed lattice-based method presented in this article combines the batch verification and aggregate signature scheme (ASS), which finishes the authentication of several vehicular units and aggregates multiple users' signatures into a single (compact) signature. This boosts the competence of the verification process. Furthermore, the vehicle pseudo-identities are also utilized to meet the goals of vehicle identity and privacy protection. Finally, dependable cloud storage technology efficiently enables the secure storing of message signatures. This article demonstrates the lower storage overhead and increases authentication efficiency while maintaining security compared to similar competing schemes.