Computer Standards & Interfaces最新文献_第6页

Logarithmic certificate-less linkable ring signature over lattices and application in electronic voting systems 格上对数无证书可链接环签名及其在电子投票系统中的应用

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-10-14 DOI: 10.1016/j.csi.2025.104081

Wen Gao , Shixuan Jin , Tianyou Fu , Simeng Ren , Xiaoli Dong , Baodong Qin , Baocang Wang

Ring signature is widely used to protect users’ privacy in electronic voting (e-voting) and cryptocurrencies due to its untraceable characteristic. Since the ring signature cannot be traced, there is no way to prevent signature misuse, which may lead to repeated voting in e-voting systems. As a variant of ring signature, the linkable ring signature maintains anonymity while allowing one to check whether two signatures are generated by the same signer. However, most existing lattice-based linkable ring signature schemes rely on traditional public key infrastructure (PKI), which suffers from complex certificate management and low efficiency. To address these limitations, this paper proposes an efficient certificate-less linkable ring signature (CL-LRS) scheme over lattices based on the module short integer solution (M-SIS) problem. This scheme eliminates certificate management and key escrow issues, and effectively prevents repeated voting in anonymous e-voting systems. Through security analysis, our scheme is proven to be anonymous, unforgeable and linkable in random oracle model (ROM). Compared to existing similar schemes, whose signature sizes grow linearly with ring size, our scheme reduces the signature size to a logarithmic level. For a ring with 256 members, the optimal signature size among comparable schemes is 513.03 KiB, whereas ours achieves 179.12 KiB. Specifically, with each doubling of the ring size, the signature size increases by only 0.29%, significantly outperforming existing schemes. Finally, we apply our scheme to the e-voting scenario by providing the e-voting system model and the application process.

环签名由于其不可追溯的特性，在电子投票（e-voting）和加密货币中广泛应用于保护用户隐私。由于环形签名无法追踪，因此无法防止签名滥用，从而可能导致电子投票系统中的重复投票。可链接环签名是环签名的一种变体，它在保持匿名性的同时，允许人们检查两个签名是否由同一签名者生成。然而，现有的基于格子的可链接环签名方案大多依赖于传统的公钥基础设施（PKI），证书管理复杂且效率低。为了解决这些限制，本文提出了一种基于模块短整数解（M-SIS）问题的高效的格上无证书可链接环签名（CL-LRS）方案。该方案消除了证书管理和密钥托管问题，有效地防止了匿名电子投票系统中的重复投票。通过安全性分析，证明了该方案在随机oracle模型（ROM）中具有匿名性、不可伪造性和可链接性。与现有的签名大小随环大小线性增长的方案相比，我们的方案将签名大小减小到对数级。对于有256个成员的环，在可比较方案中最优签名大小为513.03 KiB，而我们的方案达到179.12 KiB。具体而言，环大小每增加一倍，签名大小仅增加0.29%，明显优于现有方案。最后，通过提供电子投票系统模型和应用流程，将该方案应用于电子投票场景。

{"title":"Logarithmic certificate-less linkable ring signature over lattices and application in electronic voting systems","authors":"Wen Gao , Shixuan Jin , Tianyou Fu , Simeng Ren , Xiaoli Dong , Baodong Qin , Baocang Wang","doi":"10.1016/j.csi.2025.104081","DOIUrl":"10.1016/j.csi.2025.104081","url":null,"abstract":"<div><div>Ring signature is widely used to protect users’ privacy in electronic voting (e-voting) and cryptocurrencies due to its untraceable characteristic. Since the ring signature cannot be traced, there is no way to prevent signature misuse, which may lead to repeated voting in e-voting systems. As a variant of ring signature, the linkable ring signature maintains anonymity while allowing one to check whether two signatures are generated by the same signer. However, most existing lattice-based linkable ring signature schemes rely on traditional public key infrastructure (PKI), which suffers from complex certificate management and low efficiency. To address these limitations, this paper proposes an efficient certificate-less linkable ring signature (CL-LRS) scheme over lattices based on the module short integer solution (M-SIS) problem. This scheme eliminates certificate management and key escrow issues, and effectively prevents repeated voting in anonymous e-voting systems. Through security analysis, our scheme is proven to be anonymous, unforgeable and linkable in random oracle model (ROM). Compared to existing similar schemes, whose signature sizes grow linearly with ring size, our scheme reduces the signature size to a logarithmic level. For a ring with 256 members, the optimal signature size among comparable schemes is 513.03 KiB, whereas ours achieves 179.12 KiB. Specifically, with each doubling of the ring size, the signature size increases by only 0.29%, significantly outperforming existing schemes. Finally, we apply our scheme to the e-voting scenario by providing the e-voting system model and the application process.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104081"},"PeriodicalIF":3.1,"publicationDate":"2025-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145361674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

State of the art of Agile User Experience: Challenges and solution approaches 敏捷用户体验的现状：挑战和解决方案

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-10-10 DOI: 10.1016/j.csi.2025.104083

Jessica Kollmorgen , Jenny Pilz , Tiago Silva da Silva , Jörg Thomaschewski , Eva-Maria Schön

Context:

In agile environments with pressure due to changing requirements, it is necessary to incorporate user needs into product development to ensure product success. Accordingly, User Experience (UX) methods should be integrated into the agile environment. The nature of the disciplines Agile and UX shows similarities that form a reasonable basis for this, like avoiding false expectations using continuous reviews and reducing late changes and associated costs.

Objective:

Nevertheless, challenges hinder the integration of the disciplines in practice. To support researchers and practitioners, we provide an overview of the development of the Agile UX research field to detect research gaps. Challenges and solution approaches are identified to provide concrete assistance in the integration of Agile and UX.

Methods:

Based on a tertiary review of 30 related work papers, the evolution of the research field and gaps are identified. Then, a secondary systematic literature review of 86 papers is used to examine challenges and solution approaches to the integration of Agile and UX to make recommendations for action.

Results:

28 challenges (e.g., “Interdisciplinary Knowledge”) and 103 solution approaches (e.g., “UserX Stories”) were identified, whereby one challenge can have several solution approaches and vice versa. Furthermore, all challenges were still addressed in recent years (2020-2023) and cannot be considered solved.

Conclusion:

With our results, practitioners can identify solution approaches that may be relevant for internal company challenges and make use of synergies. The numbers of mentions also provide an overview of the research field, which researchers can use to develop further solution approaches and close research gaps.

上下文：在需求变化带来压力的敏捷环境中，有必要将用户需求整合到产品开发中，以确保产品成功。因此，用户体验（UX）方法应该集成到敏捷环境中。敏捷和用户体验这两门学科的本质表现出了相似之处，这些相似之处形成了合理的基础，比如使用持续的审查来避免错误的期望，减少后期的变更和相关的成本。目的：然而，在实践中，挑战阻碍了学科的整合。为了支持研究人员和实践者，我们提供了敏捷用户体验研究领域发展的概述，以发现研究差距。确定了挑战和解决方案方法，以便为敏捷和用户体验的集成提供具体的帮助。方法：在对30篇相关文献进行三级综述的基础上，梳理研究领域的演变和差距。然后，对86篇论文进行了二次系统的文献回顾，以检查敏捷和用户体验集成的挑战和解决方案方法，以提出行动建议。结果：确定了28个挑战（例如，“跨学科知识”）和103个解决方案方法（例如，“UserX故事”），因此一个挑战可以有几个解决方案方法，反之亦然。此外，所有挑战在最近几年（2020-2023年）仍在解决，不能认为已经解决。结论：根据我们的结果，从业者可以确定可能与公司内部挑战相关的解决方案方法，并利用协同效应。提及的数量也提供了研究领域的概述，研究人员可以使用它来开发进一步的解决方案方法并缩小研究差距。

{"title":"State of the art of Agile User Experience: Challenges and solution approaches","authors":"Jessica Kollmorgen , Jenny Pilz , Tiago Silva da Silva , Jörg Thomaschewski , Eva-Maria Schön","doi":"10.1016/j.csi.2025.104083","DOIUrl":"10.1016/j.csi.2025.104083","url":null,"abstract":"<div><h3>Context:</h3><div>In agile environments with pressure due to changing requirements, it is necessary to incorporate user needs into product development to ensure product success. Accordingly, User Experience (UX) methods should be integrated into the agile environment. The nature of the disciplines Agile and UX shows similarities that form a reasonable basis for this, like avoiding false expectations using continuous reviews and reducing late changes and associated costs.</div></div><div><h3>Objective:</h3><div>Nevertheless, challenges hinder the integration of the disciplines in practice. To support researchers and practitioners, we provide an overview of the development of the Agile UX research field to detect research gaps. Challenges and solution approaches are identified to provide concrete assistance in the integration of Agile and UX.</div></div><div><h3>Methods:</h3><div>Based on a tertiary review of 30 related work papers, the evolution of the research field and gaps are identified. Then, a secondary systematic literature review of 86 papers is used to examine challenges and solution approaches to the integration of Agile and UX to make recommendations for action.</div></div><div><h3>Results:</h3><div>28 challenges (e.g., “Interdisciplinary Knowledge”) and 103 solution approaches (e.g., “UserX Stories”) were identified, whereby one challenge can have several solution approaches and vice versa. Furthermore, all challenges were still addressed in recent years (2020-2023) and cannot be considered solved.</div></div><div><h3>Conclusion:</h3><div>With our results, practitioners can identify solution approaches that may be relevant for internal company challenges and make use of synergies. The numbers of mentions also provide an overview of the research field, which researchers can use to develop further solution approaches and close research gaps.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104083"},"PeriodicalIF":3.1,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Guest editorial: Special issue on “human factors in cyber security” 嘉宾社论：“网络安全中的人为因素”特刊

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-10-02 DOI: 10.1016/j.csi.2025.104080

Sabarathinam Chockalingam , Ricardo Colomo-Palacios , Eunkyoung Jee , Nathan Lau

引用次数: 0

Integrating agentic risk signalling in trusted research environments: Automating VEX with Agent2Agent protocols and model context protocol (MCP) in SACRO and TREvolution pipelines 在可信的研究环境中集成代理风险信号：在SACRO和TREvolution管道中使用Agent2Agent协议和模型上下文协议（MCP）自动化VEX

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-30 DOI: 10.1016/j.csi.2025.104079

Petar Radanliev , Kayvan Atefi , Omar Santos , Carsten Maple

This study presents a framework for automating the generation and validation of machine-readable vulnerability statements, known as Vulnerability-Exploitability Exchange (VEX) artefacts, within secure research environments. The work addresses a critical limitation in existing vulnerability reporting, where static scoring systems often fail to capture whether a flaw is truly exploitable in a specific analytic context. By integrating structured metadata capture, runtime instrumentation, and cryptographically verifiable provenance, the framework classifies vulnerabilities as affected, fixed, or not relevant, supported by machine-readable evidence bundles. The methodology was evaluated using containerised applications seeded with deliberately vulnerable components. Software bill of materials and vulnerability scanners were applied to generate baseline inventories, while reproducibility frameworks validated that results could be independently replicated. Findings demonstrate that automated VEX generation can reduce false positives by distinguishing theoretical from actionable risks, thereby improving security assurance and reproducibility in federated infrastructures. At the same time, the research acknowledges significant challenges. Computational overhead from multi-layered monitoring, dependence on external tools, and the risk of false negatives introduce barriers to adoption. Broader pilot studies across heterogeneous domains and benchmarking on standardised testbeds are required to enhance generalisability. Privacy concerns from extensive runtime monitoring and the need for sustainable maintenance models also demand attention. By combining automation with human oversight and aligning with emerging standards, the study contributes a reproducible, auditable, and context-sensitive approach to vulnerability management. The work provides both a proof-of-concept and a roadmap for refining security practices in sensitive computational environments.

本研究提出了一个框架，用于在安全的研究环境中自动生成和验证机器可读的漏洞声明，称为漏洞利用交换（VEX）工件。这项工作解决了现有漏洞报告中的一个关键限制，其中静态评分系统通常无法捕获一个缺陷在特定的分析上下文中是否真正可利用。通过集成结构化元数据捕获、运行时检测和加密可验证的来源，该框架将漏洞分类为受影响的、固定的或不相关的，由机器可读的证据包支持。该方法是使用带有故意易受攻击组件的容器化应用程序进行评估的。应用软件物料清单和漏洞扫描器生成基线清单，而可重复性框架验证了结果可以独立复制。研究结果表明，自动生成VEX可以通过区分理论风险和可操作风险来减少误报，从而提高联邦基础设施的安全性和可重复性。与此同时，这项研究也承认存在重大挑战。多层监控带来的计算开销、对外部工具的依赖以及假阴性的风险都是采用的障碍。需要更广泛的跨异质领域的试点研究和标准化测试平台的基准测试，以增强通用性。广泛的运行时监控带来的隐私问题以及对可持续维护模型的需求也需要引起注意。通过将自动化与人工监督结合起来，并与新出现的标准保持一致，该研究为漏洞管理提供了一种可重复的、可审计的和上下文敏感的方法。这项工作为在敏感的计算环境中改进安全实践提供了概念验证和路线图。

{"title":"Integrating agentic risk signalling in trusted research environments: Automating VEX with Agent2Agent protocols and model context protocol (MCP) in SACRO and TREvolution pipelines","authors":"Petar Radanliev , Kayvan Atefi , Omar Santos , Carsten Maple","doi":"10.1016/j.csi.2025.104079","DOIUrl":"10.1016/j.csi.2025.104079","url":null,"abstract":"<div><div>This study presents a framework for automating the generation and validation of machine-readable vulnerability statements, known as Vulnerability-Exploitability Exchange (VEX) artefacts, within secure research environments. The work addresses a critical limitation in existing vulnerability reporting, where static scoring systems often fail to capture whether a flaw is truly exploitable in a specific analytic context. By integrating structured metadata capture, runtime instrumentation, and cryptographically verifiable provenance, the framework classifies vulnerabilities as affected, fixed, or not relevant, supported by machine-readable evidence bundles. The methodology was evaluated using containerised applications seeded with deliberately vulnerable components. Software bill of materials and vulnerability scanners were applied to generate baseline inventories, while reproducibility frameworks validated that results could be independently replicated. Findings demonstrate that automated VEX generation can reduce false positives by distinguishing theoretical from actionable risks, thereby improving security assurance and reproducibility in federated infrastructures. At the same time, the research acknowledges significant challenges. Computational overhead from multi-layered monitoring, dependence on external tools, and the risk of false negatives introduce barriers to adoption. Broader pilot studies across heterogeneous domains and benchmarking on standardised testbeds are required to enhance generalisability. Privacy concerns from extensive runtime monitoring and the need for sustainable maintenance models also demand attention. By combining automation with human oversight and aligning with emerging standards, the study contributes a reproducible, auditable, and context-sensitive approach to vulnerability management. The work provides both a proof-of-concept and a roadmap for refining security practices in sensitive computational environments.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104079"},"PeriodicalIF":3.1,"publicationDate":"2025-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324405","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LHSC-SGC: A lightweight hybrid signcryption scheme for smart grid communications in heterogeneous cryptographic public-key systems LHSC-SGC：一种用于异构加密公钥系统中智能电网通信的轻量级混合签名加密方案

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-23 DOI: 10.1016/j.csi.2025.104078

Ting-Chieh Ho, Yuh-Min Tseng, Sen-Shan Huang

For smart grid communications (SGC), ensuring the transmission security of power consumption data is crucial to prevent unauthorized access and achieve the undeniability (unforgeability) of the data. In this context, signcryption is particularly important for SGC because it combines signature and encryption in a scheme to provide both unforgeability and confidentiality for data transmission while reducing computational complexity. Nowadays, based on different cryptographic public-key systems (CPKSs), many signcryption schemes have been proposed, but they are applied to a single CPKS. When an original CPKS is upgraded to another new CPKS, all associated cryptographic mechanisms must be rewritten to ensure that all users (i.e., original, upgraded and new users) can operate all functionalities normally in such heterogeneous CPKSs. However, the existing signcryption schemes lack the heterogeneously compatible property that makes them unsuitable for heterogeneous CPKSs. In this paper, we propose the first lightweight hybrid signcryption scheme for SGC in heterogeneous CPKSs, named as the LHSC-SGC scheme. Security theorems are formally proven that the LHSC-SGC scheme possesses both unforgeability and confidentiality for data transmission. When compared to the existing lightweight signcryption schemes, the LHSC-SGC scheme has better performance and possesses heterogeneously compatible property. By performance simulation experiences, the LHSC-SGC scheme is well-suitable for SGC with IoT devices (i.e., smart meters).

对于智能电网通信（SGC）来说，确保功耗数据的传输安全是防止未经授权访问和实现数据不可否认（不可伪造）的关键。在这种情况下，签名加密对SGC尤为重要，因为它在方案中结合了签名和加密，为数据传输提供了不可伪造性和机密性，同时降低了计算复杂性。目前，基于不同的加密公钥系统（CPKS），提出了许多签名加密方案，但它们都适用于单个CPKS。当一个原始CPKS升级到另一个新的CPKS时，必须重写所有相关的加密机制，以确保所有用户（即原始用户、升级用户和新用户）可以在这种异构CPKS中正常操作所有功能。然而，现有的签名加密方案缺乏异构兼容的特性，使得它们不适合异构cpks。本文提出了异构cpks中SGC的第一个轻量级混合签名加密方案，称为LHSC-SGC方案。对安全性定理进行了形式化证明，证明了LHSC-SGC方案具有数据传输的不可伪造性和保密性。与现有的轻量级签名加密方案相比，LHSC-SGC方案具有更好的性能和异构兼容特性。通过性能仿真经验，LHSC-SGC方案非常适合物联网设备（即智能电表）的SGC。

{"title":"LHSC-SGC: A lightweight hybrid signcryption scheme for smart grid communications in heterogeneous cryptographic public-key systems","authors":"Ting-Chieh Ho, Yuh-Min Tseng, Sen-Shan Huang","doi":"10.1016/j.csi.2025.104078","DOIUrl":"10.1016/j.csi.2025.104078","url":null,"abstract":"<div><div>For smart grid communications (SGC), ensuring the transmission security of power consumption data is crucial to prevent unauthorized access and achieve the undeniability (unforgeability) of the data. In this context, signcryption is particularly important for SGC because it combines signature and encryption in a scheme to provide both unforgeability and confidentiality for data transmission while reducing computational complexity. Nowadays, based on different cryptographic public-key systems (CPKSs), many signcryption schemes have been proposed, but they are applied to a single CPKS. When an original CPKS is upgraded to another new CPKS, all associated cryptographic mechanisms must be rewritten to ensure that all users (i.e., original, upgraded and new users) can operate all functionalities normally in such heterogeneous CPKSs. However, the existing signcryption schemes lack the heterogeneously compatible property that makes them unsuitable for heterogeneous CPKSs. In this paper, we propose the <em>first</em> lightweight hybrid signcryption scheme for SGC in heterogeneous CPKSs, named as the LHSC-SGC scheme. Security theorems are formally proven that the LHSC-SGC scheme possesses both unforgeability and confidentiality for data transmission. When compared to the existing lightweight signcryption schemes, the LHSC-SGC scheme has better performance and possesses heterogeneously compatible property. By performance simulation experiences, the LHSC-SGC scheme is well-suitable for SGC with IoT devices (i.e., smart meters).</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104078"},"PeriodicalIF":3.1,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Lattice-based blockchain platform for IoT: Privacy-enhanced application with lattice-based blind signatures 基于格的区块链物联网平台：基于格盲签名的隐私增强应用

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-23 DOI: 10.1016/j.csi.2025.104077

Bora Bugra Sezer , Sedat Akleylek

The rapid expansion of the Internet of Things (IoT) has created new opportunities in remote monitoring, data sharing, and real-time analysis. However, the emergence of quantum computing presents significant security and privacy challenges. This study proposes a post-quantum secure blockchain framework incorporating a lattice-based blind signature scheme for IoT applications. The proposed framework adopts a multi-layered structure (MLS) to enhance efficiency. It employs the STARK protocol, a post-quantum zero-knowledge proof (ZKP) structure, for secure verification without exposing device identities. The lattice-based blind signature scheme, built on the hardness of the module learning with errors (MLWE) problem, ensures secure and anonymous data transmission. Kyber’s secure randomness in the blinding process strengthens resistance against quantum attacks. Additionally, data integrity and non-repudiation are reinforced using Dilithium signatures. The integration of a threshold logical clock (TLC) and event-based smart contracts (EBSC) within the MLS reduces communication overhead and optimizes blockchain efficiency. TLC triggers smart contracts with a single transaction using threshold-based aggregation, ensuring reliable timestamping. EBSC utilizes these synchronized timestamps for more efficient execution. A use-case scenario involving electrochemical sensor data demonstrates the framework’s ability to maintain scalability while protecting sensitive data against quantum threats.

物联网（IoT）的快速发展为远程监控、数据共享和实时分析创造了新的机会。然而，量子计算的出现带来了重大的安全和隐私挑战。本研究提出了一种后量子安全区块链框架，该框架包含用于物联网应用的基于格的盲签名方案。该框架采用多层结构（MLS）来提高效率。它采用STARK协议，一种后量子零知识证明（ZKP）结构，在不暴露设备身份的情况下进行安全验证。基于格子的盲签名方案，建立在具有错误的模块学习（MLWE）问题的硬度上，保证了数据传输的安全性和匿名性。Kyber在盲化过程中的安全随机性增强了对量子攻击的抵抗力。此外，数据的完整性和不可否认性通过使用diiliium签名得到加强。在MLS中集成了阈值逻辑时钟（TLC）和基于事件的智能合约（EBSC），减少了通信开销并优化了区块链效率。TLC使用基于阈值的聚合触发单个事务的智能合约，确保可靠的时间戳。EBSC利用这些同步时间戳来提高执行效率。涉及电化学传感器数据的用例场景演示了该框架在保护敏感数据免受量子威胁的同时保持可扩展性的能力。

{"title":"Lattice-based blockchain platform for IoT: Privacy-enhanced application with lattice-based blind signatures","authors":"Bora Bugra Sezer , Sedat Akleylek","doi":"10.1016/j.csi.2025.104077","DOIUrl":"10.1016/j.csi.2025.104077","url":null,"abstract":"<div><div>The rapid expansion of the Internet of Things (IoT) has created new opportunities in remote monitoring, data sharing, and real-time analysis. However, the emergence of quantum computing presents significant security and privacy challenges. This study proposes a post-quantum secure blockchain framework incorporating a lattice-based blind signature scheme for IoT applications. The proposed framework adopts a multi-layered structure (MLS) to enhance efficiency. It employs the STARK protocol, a post-quantum zero-knowledge proof (ZKP) structure, for secure verification without exposing device identities. The lattice-based blind signature scheme, built on the hardness of the module learning with errors (MLWE) problem, ensures secure and anonymous data transmission. Kyber’s secure randomness in the blinding process strengthens resistance against quantum attacks. Additionally, data integrity and non-repudiation are reinforced using Dilithium signatures. The integration of a threshold logical clock (TLC) and event-based smart contracts (EBSC) within the MLS reduces communication overhead and optimizes blockchain efficiency. TLC triggers smart contracts with a single transaction using threshold-based aggregation, ensuring reliable timestamping. EBSC utilizes these synchronized timestamps for more efficient execution. A use-case scenario involving electrochemical sensor data demonstrates the framework’s ability to maintain scalability while protecting sensitive data against quantum threats.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104077"},"PeriodicalIF":3.1,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A cloud data sharing scheme by using SM2 ring signature-based broadcast encryption 一个基于SM2环签名的广播加密的云数据共享方案

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-19 DOI: 10.1016/j.csi.2025.104072

Changsong Yang , Ping Li , Yong Ding , Hai Liang , Shuo Wang

Amidst the surge of cloud computing, cloud-based data sharing has been broadly used. However, in cloud-based sharing, it is necessary to ensure data reliability, guarantee data integrity and protect user’s identity. Although traditional ring signature algorithms can provide strong data reliability and privacy protection, it is difficult to arbitrate the true identity of the signer. In this paper, we propose a SM2 ring signature broadcasting encryption scheme which is suitable for secure cloud data sharing. By introducing a third party, we generate a signer’s identity label that serves as an important parameter for the SM2 ring signature when we generate the signature value and revocation label. Meanwhile, we design a revocation mechanism that allows the third party to execute a revocation anonymity algorithm by using the revocation label to expose the signer’s identity. Moreover, any member can also check whether the third party has acted maliciously through the revocable anonymity label. Furthermore, we use the proposed signature broadcasting encryption scheme to achieve data sharing with data integrity, unforgeability, anonymity, revocable anonymity and ciphertext indistinguishability. Finally, we provide the experimental results to show the efficiency and practicability of our proposed scheme.

随着云计算的兴起，基于云的数据共享得到了广泛的应用。然而，在基于云的共享中，需要保证数据的可靠性，保证数据的完整性，保护用户的身份。传统的环签名算法虽然能够提供较强的数据可靠性和隐私保护，但难以对签名者的真实身份进行仲裁。本文提出了一种适用于安全云数据共享的SM2环签名广播加密方案。通过引入第三方，我们生成签名者的身份标签，当我们生成签名值和撤销标签时，该身份标签将作为SM2环签名的重要参数。同时，我们设计了一种允许第三方通过使用撤销标签公开签名者身份来执行撤销匿名算法的撤销机制。此外，任何成员还可以通过可撤销的匿名标签检查第三方是否有恶意行为。此外，我们使用所提出的签名广播加密方案来实现具有数据完整性、不可伪造性、匿名性、可撤销匿名性和密文不可分辨性的数据共享。最后给出了实验结果，验证了所提方案的有效性和实用性。

{"title":"A cloud data sharing scheme by using SM2 ring signature-based broadcast encryption","authors":"Changsong Yang , Ping Li , Yong Ding , Hai Liang , Shuo Wang","doi":"10.1016/j.csi.2025.104072","DOIUrl":"10.1016/j.csi.2025.104072","url":null,"abstract":"<div><div>Amidst the surge of cloud computing, cloud-based data sharing has been broadly used. However, in cloud-based sharing, it is necessary to ensure data reliability, guarantee data integrity and protect user’s identity. Although traditional ring signature algorithms can provide strong data reliability and privacy protection, it is difficult to arbitrate the true identity of the signer. In this paper, we propose a SM2 ring signature broadcasting encryption scheme which is suitable for secure cloud data sharing. By introducing a third party, we generate a signer’s identity label that serves as an important parameter for the SM2 ring signature when we generate the signature value and revocation label. Meanwhile, we design a revocation mechanism that allows the third party to execute a revocation anonymity algorithm by using the revocation label to expose the signer’s identity. Moreover, any member can also check whether the third party has acted maliciously through the revocable anonymity label. Furthermore, we use the proposed signature broadcasting encryption scheme to achieve data sharing with data integrity, unforgeability, anonymity, revocable anonymity and ciphertext indistinguishability. Finally, we provide the experimental results to show the efficiency and practicability of our proposed scheme.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104072"},"PeriodicalIF":3.1,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145118621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing Wireless Body Area Network with lightweight certificateless signcryption scheme using equality test 使用相等性测试的轻量级无证书签名加密方案保护无线体域网络

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-17 DOI: 10.1016/j.csi.2025.104070

Zohaib Ali , Junaid Hassan , Muhammad Umar Aftab , Negalign Wake Hundera , Huiying Xu , Xinzhong Zhu

The growth of Internet of Things (IoT) technologies, such as cloud computing, 5G communication, and wireless sensor networks, is driving a smarter and more connected future. Thousands of terabytes of data are uploaded to cloud servers each day for storage or computation. Due to data privacy, we cannot upload personal pictures, videos, locations, and medical records directly to the cloud because they will be at risk if compromised. Due to the untrusted nature of the cloud, data needs to be encrypted to ensure confidentiality before being outsourced to it. The data must first be decrypted before any operation can be performed, which can be resource-intensive and wasteful. Secure data transmission from sensors to an Internet host becomes a critical issue for the success of IoT. To address these issues, this paper introduces a lightweight certificateless signcryption scheme with an equality test (CLS-ET), which leverages the power of hyperelliptic curves. This scheme obtains the security goals of authentication, integrity, confidentiality, and non-repudiation in one logical step. Furthermore, this scheme enables us to verify whether two ciphertexts are encrypted with the same or different keys that contain the same information without decrypting them. Indistinguishability under adaptive chosen ciphertext attack (IND-CCA2), existential unforgeability under chosen message attack (EUF-CMA), and one-wayness under adaptive chosen ciphertext attack (OW-CCA2) level security have been achieved by the proposed scheme in the Random Oracle Model (ROM). Furthermore, we compared our proposed scheme with other existing state-of-the-art schemes. While maintaining security and functionality, our scheme reduces computation costs for encryption, decryption, and testing stages, thereby improving efficiency in resource-constrained IoT-enabled Wireless Body Area Networks.

物联网（IoT）技术的发展，如云计算、5G通信和无线传感器网络，正在推动一个更智能、更互联的未来。每天有数千兆字节的数据上传到云服务器进行存储或计算。由于数据隐私，我们不能将个人图片、视频、位置和医疗记录直接上传到云端，因为一旦泄露，这些信息将面临风险。由于云的不可信性质，在外包给云之前，需要对数据进行加密以确保机密性。在执行任何操作之前，必须首先对数据进行解密，这可能是资源密集型和浪费的。从传感器到互联网主机的安全数据传输成为物联网成功的关键问题。为了解决这些问题，本文引入了一种轻量级的带等式检验的无证书签名加密方案（CLS-ET），该方案利用了超椭圆曲线的力量。该方案在一个逻辑步骤中实现了认证、完整性、机密性和不可抵赖性的安全目标。此外，该方案使我们能够在不解密的情况下验证两个密文是否使用包含相同信息的相同或不同密钥进行加密。该方案在随机Oracle模型（ROM）中实现了自适应选择密文攻击（IND-CCA2）下的不可区分性、选择消息攻击（EUF-CMA）下的存在不可伪造性和自适应选择密文攻击（low - cca2）下的单向安全性。此外，我们将建议的方案与其他现有最先进的方案进行比较。在保持安全性和功能性的同时，我们的方案减少了加密、解密和测试阶段的计算成本，从而提高了资源受限的物联网无线体域网络的效率。

{"title":"Securing Wireless Body Area Network with lightweight certificateless signcryption scheme using equality test","authors":"Zohaib Ali , Junaid Hassan , Muhammad Umar Aftab , Negalign Wake Hundera , Huiying Xu , Xinzhong Zhu","doi":"10.1016/j.csi.2025.104070","DOIUrl":"10.1016/j.csi.2025.104070","url":null,"abstract":"<div><div>The growth of Internet of Things (IoT) technologies, such as cloud computing, 5G communication, and wireless sensor networks, is driving a smarter and more connected future. Thousands of terabytes of data are uploaded to cloud servers each day for storage or computation. Due to data privacy, we cannot upload personal pictures, videos, locations, and medical records directly to the cloud because they will be at risk if compromised. Due to the untrusted nature of the cloud, data needs to be encrypted to ensure confidentiality before being outsourced to it. The data must first be decrypted before any operation can be performed, which can be resource-intensive and wasteful. Secure data transmission from sensors to an Internet host becomes a critical issue for the success of IoT. To address these issues, this paper introduces a lightweight certificateless signcryption scheme with an equality test (CLS-ET), which leverages the power of hyperelliptic curves. This scheme obtains the security goals of authentication, integrity, confidentiality, and non-repudiation in one logical step. Furthermore, this scheme enables us to verify whether two ciphertexts are encrypted with the same or different keys that contain the same information without decrypting them. Indistinguishability under adaptive chosen ciphertext attack (IND-CCA2), existential unforgeability under chosen message attack (EUF-CMA), and one-wayness under adaptive chosen ciphertext attack (OW-CCA2) level security have been achieved by the proposed scheme in the Random Oracle Model (ROM). Furthermore, we compared our proposed scheme with other existing state-of-the-art schemes. While maintaining security and functionality, our scheme reduces computation costs for encryption, decryption, and testing stages, thereby improving efficiency in resource-constrained IoT-enabled Wireless Body Area Networks.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104070"},"PeriodicalIF":3.1,"publicationDate":"2025-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145105342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey study on meta-heuristic-based feature selection approaches of intrusion detection systems in distributed networks 分布式网络中基于元启发式的入侵检测系统特征选择方法研究

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-17 DOI: 10.1016/j.csi.2025.104074

Yashar Pourardebil khah , Mirsaeid Hosseini Shirvani , Javid Taheri

With the emergence of IoT and expanding the coverage of distributed networks such as cloud and fog, security attacks and breaches are becoming distributed and expanded too. Cybersecurity attacks can disrupt business continuity or expose critical data, leading to significant failures. The Intrusion Detection Systems (IDSs) as a remedy in such networks play a critical role in this ecosystem to find an attack at the earliest time and the countermeasure is performed if necessary. Artificial intelligence techniques such as machine learning-based and meta-heuristic-based approaches are being pervasively applied to prepare smarter IDS components from logged network traffic. The network traffic is recorded in the form of data sets for further analysis to detect traffic behavior from past treatments. Feature selection is a prominent approach in creating the prediction model to recognize feature network connection is normal or not. Since the feature selection problem in large datasets is NP-Hard and utilizing only heuristic-based approaches is not as efficient as desired, meta-heuristic-based approaches attract research attention to prepare highly accurate prediction models. To address the issue, this paper presents a subjective classification of published literature. Then, this presents a survey study on meta-heuristic-based feature selection approaches in preparing efficient IDSs. It investigates several kinds of literature from different angles and compares them in terms of used metrics in the literature to give broad insights into readers for advantages, challenges, and limitations. It can pave the way by highlighting research gaps for further processing and improvement in the future by interested researchers in the field.

随着物联网的出现和云、雾等分布式网络覆盖范围的扩大，安全攻击和漏洞也变得分布式和扩展。网络安全攻击可能会破坏业务连续性或暴露关键数据，导致重大故障。入侵检测系统（ids）作为一种补救措施，在这一生态系统中发挥着至关重要的作用，可以尽早发现攻击并在必要时执行对策。人工智能技术，如基于机器学习和基于元启发式的方法，正被广泛应用于从记录的网络流量中准备更智能的IDS组件。网络流量以数据集的形式记录下来，以便进一步分析从过去的处理中检测流量行为。特征选择是建立预测模型以识别特征网络连接是否正常的重要方法。由于大型数据集的特征选择问题是NP-Hard问题，仅使用基于启发式的方法效率不高，因此基于元启发式的方法引起了研究的关注，以制备高精度的预测模型。为了解决这一问题，本文提出了对已发表文献的主观分类。然后，本文对基于元启发式的特征选择方法在制备高效ids中的应用进行了调查研究。它从不同的角度调查了几种文献，并根据文献中使用的指标对它们进行了比较，从而为读者提供了广泛的见解，了解其优势、挑战和局限性。它可以通过突出研究差距，为未来感兴趣的研究人员在该领域的进一步处理和改进铺平道路。

{"title":"A survey study on meta-heuristic-based feature selection approaches of intrusion detection systems in distributed networks","authors":"Yashar Pourardebil khah , Mirsaeid Hosseini Shirvani , Javid Taheri","doi":"10.1016/j.csi.2025.104074","DOIUrl":"10.1016/j.csi.2025.104074","url":null,"abstract":"<div><div>With the emergence of IoT and expanding the coverage of distributed networks such as cloud and fog, security attacks and breaches are becoming distributed and expanded too. Cybersecurity attacks can disrupt business continuity or expose critical data, leading to significant failures. The Intrusion Detection Systems (IDSs) as a remedy in such networks play a critical role in this ecosystem to find an attack at the earliest time and the countermeasure is performed if necessary. Artificial intelligence techniques such as machine learning-based and meta-heuristic-based approaches are being pervasively applied to prepare smarter IDS components from logged network traffic. The network traffic is recorded in the form of data sets for further analysis to detect traffic behavior from past treatments. Feature selection is a prominent approach in creating the prediction model to recognize feature network connection is normal or not. Since the feature selection problem in large datasets is NP-Hard and utilizing only heuristic-based approaches is not as efficient as desired, meta-heuristic-based approaches attract research attention to prepare highly accurate prediction models. To address the issue, this paper presents a subjective classification of published literature. Then, this presents a survey study on meta-heuristic-based feature selection approaches in preparing efficient IDSs. It investigates several kinds of literature from different angles and compares them in terms of used metrics in the literature to give broad insights into readers for advantages, challenges, and limitations. It can pave the way by highlighting research gaps for further processing and improvement in the future by interested researchers in the field.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104074"},"PeriodicalIF":3.1,"publicationDate":"2025-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220783","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Integrating blockchain and deep learning: a novel ensemble model for secure IoMT-driven intelligent healthcare solutions using ISSCNetV2 approach 集成区块链和深度学习：使用ISSCNetV2方法的安全iot驱动的智能医疗保健解决方案的新型集成模型

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-09-15 DOI: 10.1016/j.csi.2025.104076

Mahaboob Basha Shaik, Narasimha Rao Yamarthi

The Internet of Medical Things (IoMT) comprises a network of interconnected medical devices such as wearables, diagnostic tools, and implants that facilitate real-time data acquisition and remote healthcare monitoring. To ensure secure and reliable data transmission and storage in such environments, this study proposes an Enhanced Blockchain-based Intelligent Healthcare System with Ensemble Deep Learning (EBIHS-EDL). The system incorporates blockchain (BC) technology to maintain decentralized, tamper-proof records and employs a Bit-Level Chaotic Image Encryption Algorithm (BCIEA) for secure image encryption. Key generation is achieved using the Grasshopper–Black Hole Optimization (G–BHO) algorithm. To address the challenge of class imbalance in medical datasets, an Improved Tabular Generative Adversarial Network (ITGAN) is employed to synthesize minority class samples. For feature extraction, a Cross Siamese Res2Net (CSRes2Net) architecture is utilized, followed by classification using an integrated model, Improved ShuffleNetV2 and Spatiotemporal Convolutional Network-enhanced Transformer (ISSCNetV2). Comprehensive evaluations on benchmark medical datasets demonstrate the effectiveness of the proposed system, achieving an accuracy of 99.20%, sensitivity of 99.03%, and specificity of 99.46%. These results surpass those of existing models including DBN (94.15%), YOLO-GC (94.24%), ResNet (96.19%), VGG-19 (91.19%), and CDNN (95.29%), highlighting the superior performance and robustness of EBIHS-EDL in intelligent healthcare applications.

医疗物联网（IoMT）由可穿戴设备、诊断工具和植入物等相互连接的医疗设备组成，可促进实时数据采集和远程医疗监控。为了确保在这种环境下安全可靠地传输和存储数据，本研究提出了一种基于集成深度学习的增强区块链智能医疗保健系统（EBIHS-EDL）。该系统采用区块链（BC）技术来维护分散、防篡改的记录，并采用比特级混沌图像加密算法（BCIEA）进行安全图像加密。密钥生成使用Grasshopper-Black Hole Optimization （G-BHO）算法实现。为了解决医疗数据集中类别不平衡的问题，采用改进的表生成对抗网络（ITGAN）来合成少数类别样本。对于特征提取，使用Cross Siamese Res2Net （CSRes2Net）架构，然后使用集成模型，改进的ShuffleNetV2和时空卷积网络增强的Transformer （ISSCNetV2）进行分类。对基准医疗数据集的综合评估表明了该系统的有效性，准确率为99.20%，灵敏度为99.03%，特异性为99.46%。这些结果超过了DBN（94.15%）、ylo - gc（94.24%）、ResNet（96.19%）、VGG-19（91.19%）和CDNN（95.29%）等现有模型，突出了EBIHS-EDL在智能医疗应用中的优越性能和鲁棒性。

{"title":"Integrating blockchain and deep learning: a novel ensemble model for secure IoMT-driven intelligent healthcare solutions using ISSCNetV2 approach","authors":"Mahaboob Basha Shaik, Narasimha Rao Yamarthi","doi":"10.1016/j.csi.2025.104076","DOIUrl":"10.1016/j.csi.2025.104076","url":null,"abstract":"<div><div>The Internet of Medical Things (IoMT) comprises a network of interconnected medical devices such as wearables, diagnostic tools, and implants that facilitate real-time data acquisition and remote healthcare monitoring. To ensure secure and reliable data transmission and storage in such environments, this study proposes an Enhanced Blockchain-based Intelligent Healthcare System with Ensemble Deep Learning (EBIHS-EDL). The system incorporates blockchain (BC) technology to maintain decentralized, tamper-proof records and employs a Bit-Level Chaotic Image Encryption Algorithm (BCIEA) for secure image encryption. Key generation is achieved using the Grasshopper–Black Hole Optimization (G–BHO) algorithm. To address the challenge of class imbalance in medical datasets, an Improved Tabular Generative Adversarial Network (ITGAN) is employed to synthesize minority class samples. For feature extraction, a Cross Siamese Res2Net (CSRes2Net) architecture is utilized, followed by classification using an integrated model, Improved ShuffleNetV2 and Spatiotemporal Convolutional Network-enhanced Transformer (ISSCNetV2). Comprehensive evaluations on benchmark medical datasets demonstrate the effectiveness of the proposed system, achieving an accuracy of 99.20%, sensitivity of 99.03%, and specificity of 99.46%. These results surpass those of existing models including DBN (94.15%), YOLO-GC (94.24%), ResNet (96.19%), VGG-19 (91.19%), and CDNN (95.29%), highlighting the superior performance and robustness of EBIHS-EDL in intelligent healthcare applications.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104076"},"PeriodicalIF":3.1,"publicationDate":"2025-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145109388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0