The ISC International Journal of Information Security

Abstract The emergence of quantum computing threatens the security of traditional
cryptographic primitives underpinning anonymous communication protocols
like mix networks (mixnets), necessitating quantum-resistant alternatives. This
paper introduces QuMixnet, a mixnet protocol designed to withstand quantum
attacks while ensuring robust anonymity and privacy. QuMixnet employs
post-quantum cryptographic primitives, utilizing CRYSTALS-Dilithium for
digital signatures to guarantee authenticity and CRYSTALS-Kyber for key
encapsulation to secure message encryption with symmetric ciphers (e.g.,
AES-GCM). Operating on a peer-to-peer (P2P) architecture, every node can
serve as a sender, receiver, or mix node, enhancing anonymity by obscuring
participant roles. Sender-determined routing ensures that only the sender knows
the full message path, with onion routing layered encryption across nodes. To
counter traffic analysis, QuMixnet implements message padding to a fixed size,
dummy messages for traffic covering, and batch processing with shuffling. A
security model, evaluated through formal security games, confirms resilience
of QuMixnet against adversaries with quantum capabilities, achieving strong
sender and receiver anonymity, communication anonymity, confidentiality, and
integrity. QuMixnet advances anonymous communication by offering a scalable,
quantum-safe solution that fortifies privacy against evolving threats.

Abstract Oblivious Transfer (OT) is one of the fundamental building blocks in cryptography that enables various privacy-preserving applications. Constructing efficient OT schemes has been an active research area. This paper presents three efficient two-round pairing-free k-out-of-n oblivious transfer protocols with standard security. Our constructions follow the minimal communication pattern: the receiver sends k messages to the sender, who responds with n+k messages, achieving the lowest data transmission among pairing-free k-out-of-n OT schemes. Furthermore, our protocols support adaptivity and enable the sender to encrypt the n messages offline, independent of the receiver’s variables, offering significant performance advantages in one-sender-multiple-receiver scenarios. We provide security proofs under the Computational Diffie-Hellman (CDH) and RSA assumptions, without relying on the Random Oracle Model. Our protocols combine minimal communication rounds, adaptivity, offline encryption capability, and provable security, making them well-suited for privacy-preserving applications requiring efficient oblivious transfer. 

Abstract In Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes, an access structure is sent with each ciphertext to specify the intended recipients. This design can reveal sensitive information about the encrypted data and its recipients. Moreover, it may introduce new security concerns regarding user privacy. Policy-hiding CP-ABE schemes have been proposed to address this challenge and protect user privacy. In this paper, we present the cryptanalysis of two policy-hiding CP-ABE schemes. For the first scheme, we demonstrate that it leaks attribute value information through the ciphertext. An adversary can exploit this flaw to perform an offline dictionary attack, revealing the attribute values used in the access structure, and thereby exposing the entire access structure. For the second scheme, we show that its security is compromised due to the improper establishment of the decryption key component utilized in the attribute matching phase. Data users can exploit the secret key components used in the attribute matching phase to decrypt any ciphertext, regardless of their attribute set.

Abstract Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. However, recent attacks, namely Membership Inference Attacks (MIA) or Poisoning Attacks (PA), can threaten the privacy and performance in FL systems. This paper develops an innovative Adversarial-Resilient Privacy-preserving Scheme (ARPS) for FL to cope with preceding threats using differential privacy and
cryptography. Our experiments display that ARPS can establish a private model with high accuracy out‌performing state-of-the-art approaches. To the best of our knowledge, this work is the only scheme providing privacy protection beyond any output models in conjunction with Byzantine resiliency without sacrificing accuracy and efficiency.

Abstract The main goal of Simon’s Algorithm is to find the period of periodic functions. However, if the target function does not satisfy Simon's promise completely or if the number of superposition queries of the adversary is limited, Simon's algorithm cannot compute the actual period, unambiguously. These problems may lead to the failure of period-finding-based (PFB) quantum attacks. We focus in this paper on relaxing Simon's algorithm so that quantum adversaries can still carry out the mentioned attacks without any assumptions on the target function. To that end, we use two different methods, which are suitable for some of PFB quantum attacks. In the first method, as a complement to Kaplan's suggestion, we show that using Simon's algorithm one can find proper partial periods of Boolean vector functions, so that the probability of their establishment, independent of the target function, is directly related to the number of the attacker's quantum queries. Next, we examine how one can use partial period instead of the actual one. The advantage of this method is twofold: It enables the attackers to perform the quantum PFB distinguishers, with smaller number of quantum queries than those of the previous relaxation method. On the other hand, it generalizes the previous forgery attacks on modes of operation for message authentication codes. In the second method, we use Grover's algorithm, as a complement to Simon's algorithm in quantum key recovery attacks. This ensures that the time complexity of the mentioned attacks is less than that of a quantum brute-force attack.