A Detailed Review Based on Secure Data Transmission Using Cryptography and Steganography

  • Published: 27 March 2023
  • Volume 129 , pages 2291–2318, ( 2023 )

Cite this article

  • Fredy Varghese 1 , 2 &
  • P. Sasikala 3  

587 Accesses

6 Citations

Explore all metrics

During the last few decades, digital communication has played a vital role in various sectors such as healthcare departments, banking, information technology companies, industries, and other fields. Nowadays, all data are transmitted over the Internet, which needs high protection for transmitting the original data from source to destination. In order to secure digital communication, cryptography and steganography methods are used to achieve data security over insecure and open networks like the Internet. Cryptography is the method of encrypting secret information in an unreadable structure. Based on the cryptography method, the original message can be distorted before data transmission. On the other hand, steganography covers secret data such as audio, image, text, and video. It can hide the message while transmitting the original information from one end to another. The data combines images, texts, audio and videos, which are communicated worldwide through the Internet. This review paper gives an analysis based on the concept of cryptography and steganography. It also presents a comparative approach using several encryption algorithms with several factors such as block size, key size, encryption speed, memory usage, and security level.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price includes VAT (Russian Federation)

Instant access to the full article PDF.

Rent this article via DeepDyve

Institutional subscriptions

technical research paper on cryptography

Availability of Data and Materials

No data Availability.

Balaji, R., & Naveen, G. (2011). Secure data transmission using video Steganography. In  2011 IEEE International Conference on Electro/Information Technology , IEEE, pp. 1–5.

Vijayakumar, P., Azees, M., Kannan, A., & Deborah, L. J. (2015). Dual authentication and key management techniques for secure data transmission in vehicular ad hoc networks. IEEE Transactions on Intelligent Transportation Systems, 17 (4), 1015–1028.

Article   Google Scholar  

Ozdemir, S., & Xiao, Y. (2009). Secure data aggregation in wireless sensor networks: A comprehensive overview. Computer Networks, 53 (12), 2022–2037.

Article   MATH   Google Scholar  

Zhang, X. (2011). Reversible data hiding in encrypted image. IEEE Signal Processing Letters, 18 (4), 255–258.

Jung, K. H., & Yoo, K. Y. (2009). Data hiding method using image interpolation. Computer Standards and Interfaces, 31 (2), 465–470.

Zhou, X., & Tang, X. (2011). Research and implementation of RSA algorithm for encryption and decryption. In  Proceedings of 2011 6th international forum on strategic technology IEEE , vol. 2, pp. 1118–1121.

Elbirt, A. J., & Paar, C. (2005). An instruction-level distributed processor for symmetric-key cryptography. IEEE Transactions on Parallel and distributed Systems, 16 (5), 468–480.

Chatterjee, D., Nath, J., Dasgupta, S., & Nath, A. (2011). A new Symmetric key Cryptography Algorithm using extended MSA method: DJSA symmetric key algorithm. In  2011 International conference on communication systems and network technologies , pp. 89–94. IEEE.

Nath, A., Ghosh, S., & Mallick, M. A. (2010). Symmetric Key Cryptography Using Random Key Generator. In  Security and Management , pp. 234–242.

Chandra, S., Paira, S., Alam, S. S., & Sanyal, G. (2014). A comparative survey of symmetric and asymmetric key cryptography. In  2014 international conference on electronics, communication and computational engineering (ICECCE) , IEEE, pp. 83–93.

Singh, K. K., & Dwivedi, S. (2014). Digital Watermarking using Asymmetric Key Cryptography and Spatial Domain Technique. International Journal of Advance Research in Computer Science and Management Studies, 2 (8), 1–15.

Google Scholar  

Jirwan, N., Singh, A., & Vijay, S. (2013). Review and analysis of cryptography techniques. International Journal of Scientific and Engineering Research, 4 (3), 1–6.

Wang, X., Wang, X., Zhao, J., & Zhang, Z. (2011). Chaotic encryption algorithm based on alternant of stream cipher and block cipher. Nonlinear Dynamics, 63 (4), 587–597.

Article   MathSciNet   Google Scholar  

Doz, Y. L., & Kosonen, M. (2010). Embedding strategic agility: A leadership agenda for accelerating business model renewal. Long range planning, 43 (2–3), 370–382.

Wu, S., Huang, J., Huang, D., & Shi, Y. Q. (2005). Efficiently self-synchronized audio watermarking for assured audio data transmission. IEEE Transactions on Broadcasting, 51 (1), 69–76.

Neumann, K., Herold, M., Hartley, A., & Schmullius, C. (2007). Comparative assessment of CORINE2000 and GLC2000: Spatial analysis of land cover data for Europe. International Journal of Applied Earth Observation and Geoinformation, 9 (4), 425–437.

Dulera, S., Jinwala, D., & Dasgupta, A. (2012). Experimenting with the novel approaches in text steganography. arXiv preprint arXiv:1203.3644  .

Thangadurai, K., & Devi, G. S. (2014). An analysis of LSB based image steganography techniques. In  2014 International Conference on Computer Communication and Informatics , IEEE, pp. 1–4.

Sun, Y., & Liu, F. (2010). Selecting cover for image steganography by correlation coefficient. In  2010 second international workshop on education technology and computer science , IEEE, vol. 2, pp. 159–162.

Cheddad, A., Condell, J., Curran, K., & Mc Kevitt, P. (2010). Digital image steganography: Survey and analysis of current methods. Signal processing, 90 (3), 727–752.

Amirtharajan, R., Akila, R., & Deepikachowdavarapu, P. (2010). A comparative analysis of image steganography. International journal of computer applications, 2 (3), 41–47.

Bhowal, K., Bhattacharyya, D., Jyoti Pal, A., & Kim, T. H. (2013). A GA based audio steganography with enhanced security. Telecommunication Systems, 52 (4), 2197–2204.

Nehru, G., & Dhar, P. (2012). A detailed look of audio steganography techniques using LSB and genetic algorithm approach. International Journal of Computer Science Issues (IJCSI), 9 (1), 402.

Kumar, S., Barnali, B. A. N. D. Y. O. P. A. D. H. Y. A. Y., & Banik, G. U. P. T. A. (2012). LSB modification and phase encoding technique of audio steganography revisited. International Journal of Advanced Research in Computer and Communication Engineering, 1 (4), 1–4.

Balgurgi, P. P., & Jagtap, S. K. (2013). Audio steganography used for secure data transmission. In  Proceedings of international conference on advances in computing , Springer, New Delhi, pp. 699–706.

Matsuoka, H. (2006). Spread spectrum audio steganography using sub-band phase shifting. In  2006 International Conference on Intelligent Information Hiding and Multimedia , pp. 3–6. IEEE.

Jayaram, P., Ranganatha, H. R., & Anupama, H. S. (2011). Information hiding using audio steganography–a survey. The International Journal of Multimedia and Its Applications (IJMA), 3 , 86–96.

Mittal, A., Moorthy, A. K., & Bovik, A. C. (2012). No-reference image quality assessment in the spatial domain. IEEE Transactions on image processing, 21 (12), 4695–4708.

Article   MathSciNet   MATH   Google Scholar  

Ghobadi, A., Boroujerdizadeh, A., Yaribakht, A. H., & Karimi, R. (2013). Blind audio watermarking for tamper detection based on LSB. In  2013 15th international conference on advanced communications technology (ICACT) , IEEE, pp. 1077–1082.

Bhattacharyya, S., & Sanyal, G. (2012). Audio steganalysis of LSB audio using moments and multiple regression model. International Journal of Advances in Engineering and Technology, 3 (1), 145.

Zhao, Z., Liu, F., Luo, X., Xie, X., & Yu, L. (2012). LSB replacement steganography software detection based on model checking. In  International workshop on digital watermarking Springer, Berlin, Heidelberg , pp. 54–68.

Sabeti, V., Samavi, S., Mahdavi, M., & Shirani, S. (2007). Steganalysis of pixel-value differencing steganographic method. In  2007 IEEE pacific rim conference on communications, computers and signal processing , IEEE, 292–295.

Gutub, A. A. A. (2010). Pixel indicator technique for RGB image steganography. Journal of emerging technologies in web intelligence, 2 (1), 56–64.

Gutub, A., Ankeer, M., Abu-Ghalioun, M., Shaheen, A., & Alvi, A. (2008). Pixel indicator high capacity technique for RGB image based Steganography.

Chang, C. L., & Girod, B. (2007). Direction-adaptive discrete wavelet transform for image compression. IEEE Transactions on Image Processing, 16 (5), 1289–1302.

Ghazali, K. H., Mansor, M. F., Mustafa, M. M., & Hussain, A. (2007). Feature extraction technique using discrete wavelet transform for image classification. In  2007 5th Student Conference on Research and Development , IEEE, pp. 1–4.

Lidong, H., Wei, Z., Jun, W., & Zebin, S. (2015). Combination of contrast limited adaptive histogram equalization and discrete wavelet transform for image enhancement. IET Image Processing, 9 (10), 908–915.

Naidu, V. P. S. (2012). Discrete cosine transform based image fusion techniques. Journal of Communication, Navigation and Signal Processing, 1 (1), 35–45.

Elharar, E., Stern, A., Hadar, O., & Javidi, B. (2007). A hybrid compression method for integral images using discrete wavelet transform and discrete cosine transform. Journal of display technology, 3 (3), 321–325.

Zeng, B., & Fu, J. (2008). Directional discrete cosine transforms—A new framework for image coding. IEEE transactions on circuits and systems for video technology, 18 (3), 305–313.

Alhayani, B. S., Hamid, N., Almukhtar, F. H., Alkawak, O. A., Mahajan, H. B., Kwekha-Rashid, A. S., & Alkhayyat, A. (2022). Optimized video Internet of things using elliptic curve cryptography based encryption and decryption. Computers and Electrical Engineering, 101 , 108022.

Huang, Y., Lei, Z., Song, Z., Guo, Y., & Li, Y. (2021). A Video Steganography Scheme Based on Post-Quantum Cryptography. In  2021 IEEE international conference on information communication and software engineering (ICICSE) , IEEE, pp. 83–87.

El-Shafai, W., Almomani, I. M., & Alkhayer, A. (2021). Optical bit-plane-based 3D-JST cryptography algorithm with cascaded 2D-FrFT encryption for efficient and secure HEVC communication. IEEE Access, 9 , 35004–35026.

Zhao, H., Liu, Y., Wang, Y., Liu, S., & Feng, C. (2021). A video steganography method based on transform block decision for H. 265/HEVC. IEEE Access, 9 , 55506–55521.

Chen, Y., Wang, H., Choo, K. K. R., He, P., Salcic, Z., Kaafar, M. A., & Zhang, X. (2021). DDCA: A distortion drift-based cost assignment method for adaptive video steganography in the transform domain.  IEEE transactions on dependable and secure computing .

Suresh, M., & Sam, I. S. (2021). Exponential fractional cat swarm optimization for video steganography. Multimedia Tools and Applications, 80 (9), 13253–13270.

Keerthi, K., & Surendiran, B. (2017). Elliptic curve cryptography for secured text encryption. In  2017 International conference on circuit, power and computing technologies (ICCPCT) , IEEE, pp. 1–5.

Chauhan, S., Kumar, J., & Doegar, A. (2017). Multiple layer text security using variable block size cryptography and image steganography. In  2017 3rd international conference on computational intelligence and communication technology (CICT) , IEEE, 1–7.

Alkhudaydi, M., & Gutub, A. (2021). Securing data via cryptography and arabic text steganography. SN Computer Science, 2 (1), 1–18.

Al-Nofaie, S., Gutub, A., & Al-Ghamdi, M. (2021). Enhancing Arabic text steganography for personal usage utilizing pseudo-spaces. Journal of King Saud University-Computer and Information Sciences, 33 (8), 963–974.

Ahvanooey, M. T., Li, Q., Hou, J., Mazraeh, H. D., & Zhang, J. (2018). AITSteg: An innovative text steganography technique for hidden transmission of text message via social media. IEEE Access, 6 , 65981–65995.

Malik, A., Sikka, G., & Verma, H. K. (2017). A high capacity text steganography scheme based on LZW compression and color coding. Engineering Science and Technology, An International Journal, 20 (1), 72–79.

Sinha, N., Bhowmick, A., & Kishore, B. (2015). Encrypted information hiding using audio steganography and audio cryptography.  International Journal of Computer Applications ,  112 (5).

Socek, D., & Magliveras, S. S. (2005). General access structures in audio cryptography. In  2005 IEEE international conference on electro information technology IEEE , p. 6.

Lee, M. C., & Lau, C. Y. (2018). Three orders mixture algorithm of audio steganography combining cryptography. Journal of Information Hiding and Multimedia Signal Processing, 9 (4), 959–969.

Alhassan, S. (2021). Audio cryptography via enhanced genetic algorithm.  The International Journal of Multimedia and Its Applications (IJMA), 13.

Ali, A. H., George, L. E., Zaidan, A. A., & Mokhtar, M. R. (2018). High capacity, transparent and secure audio steganography model based on fractal coding and chaotic map in temporal domain. Multimedia Tools and Applications, 77 (23), 31487–31516.

Elkandoz, M. T., & Alexan, W. (2019). Logistic tan map based audio steganography. In  2019 international conference on electrical and computing technologies and applications (ICECTA), IEEE , pp. 1–5.

Hemeida, F., Alexan, W., & Mamdouh, S. (2019). Blowfish–secured audio steganography. In  2019 novel intelligent and leading emerging sciences conference (NILES) , IEEE, vol. 1, pp. 17–20.

Tayel, M., Gamal, A., & Shawky, H. (2016). A proposed implementation method of an audio steganography technique. In  2016 18th international conference on advanced communication technology (ICACT) , IEEE, pp. 180–184.

Kar, D. C., & Mulkey, C. J. (2015). A multi-threshold based audio steganography scheme. Journal of information security and applications, 23 , 54–67.

Al-Rahal, M. S., Abi Sen, A., & Basuhil, A. A. (2016). High level security based steganoraphy in image and audio files. Journal of theoretical and Applied Information Technology, 87 (1), 29.

Naskar, P. K., & Chaudhuri, A. (2014). A secure symmetric image encryption based on bit-wise operation. International Journal of Image, Graphics and Signal Processing, 6 (2), 30.

Kalubandi, V. K. P., Vaddi, H., Ramineni, V., & Loganathan, A. (2016). A novel image encryption algorithm using AES and visual cryptography. In  2016 2Nd international conference on next generation computing technologies (NGCT) , IEEE, pp. 808–813.

Ferdush, J., Begum, M., & Mahmood, A. (2017). A new image encryption technique combining the idea of one time pad with RGB value. International Journal of Computer Applications, 178 (5), 12–15.

Wang, X., Feng, L., & Zhao, H. (2019). Fast image encryption algorithm based on parallel computing system. Information Sciences, 486 , 340–358.

Li, C., Lin, D., Lü, J., & Hao, F. (2018). Cryptanalyzing an image encryption algorithm based on autoblocking and electrocardiography. IEEE Multimedia, 25 (4), 46–56. https://doi.org/10.1109/MMUL.2018.2873472

Qazanfari, K., & Safabakhsh, R. (2014). A new steganography method which preserves histogram: Generalization of LSB++. Information Sciences, 277 , 90–101.

Yuan, H. D. (2014). Secret sharing with multi-cover adaptive steganography. Information Sciences, 254 , 197–212.

Muhammad, K., Ahmad, J., Rehman, N. U., Jan, Z., & Sajjad, M. (2017). CISSKA-LSB: Color image steganography using stego key-directed adaptive LSB substitution method. Multimedia Tools and Applications, 76 (6), 8597–8626.

Tavares, R., & Madeiro, F. (2016). Word-Hunt: A LSB steganography method with low expected number of modifications per pixel. IEEE Latin America Transactions, 14 (2), 1058–1064.

Nguyen, T. D., Arch-Int, S., & Arch-Int, N. (2016). An adaptive multi bit-plane image steganography using block data-hiding. Multimedia tools and applications, 75 (14), 8319–8345.

Download references

No funding is provided for the preparation of manuscript.

Author information

Authors and affiliations.

Vinayaka Mission’s Kirupananda Variyar Engineering College, Salem, Tamil Nadu, India

Fredy Varghese

Department of Computer Science, Naipunnya Institute of Management and Information Technology, Thrissur, Kerala, India

Department of Mathematics, Vinayaka Mission’s Kirupananda Variyar Engineering College, Salem, Tamil Nadu, India

P. Sasikala

You can also search for this author in PubMed   Google Scholar

Contributions

All authors have equal contributions in this work.

Corresponding author

Correspondence to Fredy Varghese .

Ethics declarations

Conflict of interest.

Authors Fredy Varghese, P. Sasikala declares that they have no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Consent to Participate

All the authors involved have agreed to participate in this submitted article.

Consent to Publish

All the authors involved in this manuscript give full consent for publication of this submitted article.

Additional information

Publisher's note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Varghese, F., Sasikala, P. A Detailed Review Based on Secure Data Transmission Using Cryptography and Steganography. Wireless Pers Commun 129 , 2291–2318 (2023). https://doi.org/10.1007/s11277-023-10183-z

Download citation

Accepted : 07 February 2023

Published : 27 March 2023

Issue Date : April 2023

DOI : https://doi.org/10.1007/s11277-023-10183-z

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Cryptography
  • Steganography
  • Advanced encryption standard (AES)
  • Data hiding
  • Find a journal
  • Publish with us
  • Track your research

quantum cryptography Recently Published Documents

Total documents.

  • Latest Documents
  • Most Cited Documents
  • Contributed Authors
  • Related Sources
  • Related Keywords

Quantum and Post‐Quantum Cryptography

Quantum sampling for finite key rates in high dimensional quantum cryptography, the long road ahead to transition to post-quantum cryptography.

Anticipating the output of the competition for new cryptographic algorithms.

Post-Quantum Cryptography: A Solution to Quantum Computing on Security Approaches

Examples of quantum it in new technologies of computation.

The paper includes definitions of elements of quantum IT referred to classical technologies of computation. It explains the principles of transformation of calculating algorithms to the domain of quantum computations using the optimisation and matrix calculus. Exemplary applications of classical algorithms are presented with possibilities of their realisation in domain of quantum IT. Autor presents some possibilities for using quantum algorithms in new computation technologies concerning quantum cryptography and data analyses with complex computations.

Post-Quantum and Code-Based Cryptography—Some Prospective Research Directions

Cryptography has been used from time immemorial for preserving the confidentiality of data/information in storage or transit. Thus, cryptography research has also been evolving from the classical Caesar cipher to the modern cryptosystems, based on modular arithmetic to the contemporary cryptosystems based on quantum computing. The emergence of quantum computing poses a major threat to the modern cryptosystems based on modular arithmetic, whereby even the computationally hard problems which constitute the strength of the modular arithmetic ciphers could be solved in polynomial time. This threat triggered post-quantum cryptography research to design and develop post-quantum algorithms that can withstand quantum computing attacks. This paper provides an overview of the various research directions that have been explored in post-quantum cryptography and, specifically, the various code-based cryptography research dimensions that have been explored. Some potential research directions that are yet to be explored in code-based cryptography research from the perspective of codes is a key contribution of this paper.

Trends In Natural Language Processing : Scope And Challenges

Quantum cryptography is a comparatively new and special type of cryptography which uses Quantum mechanics to provide unreal protection of data/information and unconditionally secure communications. This is achieved with Quantum Key Distribution (QKD) protocols which is a representation of an essential practical application of Quantum Computation. In this paper the authors will venture the concept of QKD by reviewinghow QKD works, the authors shall take a look at few protocols of QKD, followed by a practical example of Quantum Cryptography using QKD and certain limitations from the perspective of Computer Science in specific and Quantum Physics in general.

Securing the future internet of things with post‐quantum cryptography

Efficient implementation of finite field arithmetic for binary ring-lwe post-quantum cryptography through a novel lookup-table-like method, quantum cryptography, export citation format, share document.

Help | Advanced Search

Computer Science > Cryptography and Security

Title: llm agents can autonomously hack websites.

Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result, these LLMs can now function autonomously as agents. With the rise in capabilities of these agents, recent work has speculated on how LLM agents would affect cybersecurity. However, not much is known about the offensive capabilities of LLM agents. In this work, we show that LLM agents can autonomously hack websites, performing tasks as complex as blind database schema extraction and SQL injections without human feedback. Importantly, the agent does not need to know the vulnerability beforehand. This capability is uniquely enabled by frontier models that are highly capable of tool use and leveraging extended context. Namely, we show that GPT-4 is capable of such hacks, but existing open-source models are not. Finally, we show that GPT-4 is capable of autonomously finding vulnerabilities in websites in the wild. Our findings raise questions about the widespread deployment of LLMs.

Submission history

Access paper:.

  • Download PDF
  • HTML (experimental)
  • Other Formats

References & Citations

  • Google Scholar
  • Semantic Scholar

BibTeX formatted citation

BibSonomy logo

Bibliographic and Citation Tools

Code, data and media associated with this article, recommenders and search tools.

  • Institution

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs .

Securing Data Using Visual Cryptography

Ieee account.

  • Change Username/Password
  • Update Address

Purchase Details

  • Payment Options
  • Order History
  • View Purchased Documents

Profile Information

  • Communications Preferences
  • Profession and Education
  • Technical Interests
  • US & Canada: +1 800 678 4333
  • Worldwide: +1 732 981 0060
  • Contact & Support
  • About IEEE Xplore
  • Accessibility
  • Terms of Use
  • Nondiscrimination Policy
  • Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

iMessage with PQ3: The new state of the art in quantum-secure messaging at scale

Today we are announcing the most significant cryptographic security upgrade in iMessage history with the introduction of PQ3, a groundbreaking post-quantum cryptographic protocol that advances the state of the art of end-to-end secure messaging. With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.

When iMessage launched in 2011, it was the first widely available messaging app to provide end-to-end encryption by default, and we have significantly upgraded its cryptography over the years. We most recently strengthened the iMessage cryptographic protocol in 2019 by switching from RSA to Elliptic Curve cryptography (ECC), and by protecting encryption keys on device with the Secure Enclave, making them significantly harder to extract from a device even for the most sophisticated adversaries. That protocol update went even further with an additional layer of defense: a periodic rekey mechanism to provide cryptographic self-healing even in the extremely unlikely case that a key ever became compromised. Each of these advances were formally verified by symbolic evaluation, a best practice that provides strong assurances of the security of cryptographic protocols.

Historically, messaging platforms have used classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. All these algorithms are based on difficult mathematical problems that have long been considered too computationally intensive for computers to solve, even when accounting for Moore’s law. However, the rise of quantum computing threatens to change the equation. A sufficiently powerful quantum computer could solve these classical mathematical problems in fundamentally different ways, and therefore — in theory — do so fast enough to threaten the security of end-to-end encrypted communications.

Although quantum computers with this capability don’t exist yet, extremely well-resourced attackers can already prepare for their possible arrival by taking advantage of the steep decrease in modern data storage costs. The premise is simple: such attackers can collect large amounts of today’s encrypted data and file it all away for future reference. Even though they can’t decrypt any of this data today, they can retain it until they acquire a quantum computer that can decrypt it in the future, an attack scenario known as Harvest Now, Decrypt Later .

To mitigate risks from future quantum computers, the cryptographic community has been working on post-quantum cryptography (PQC): new public key algorithms that provide the building blocks for quantum-secure protocols but don’t require a quantum computer to run — that is, protocols that can run on the classical, non-quantum computers we’re all using today, but that will remain secure from known threats posed by future quantum computers.

To reason through how various messaging applications mitigate attacks, it’s helpful to place them along a spectrum of security properties. There’s no standard comparison to employ for this purpose, so we lay out our own simple, coarse-grained progression of messaging security levels in the image at the top of this post: we start on the left with classical cryptography and progress towards quantum security, which addresses current and future threats from quantum computers. Most existing messaging apps fall either into Level 0 — no end-to-end encryption by default and no quantum security — or Level 1 — with end-to-end encryption by default, but with no quantum security. A few months ago, Signal added support for the PQXDH protocol, becoming the first large-scale messaging app to introduce post-quantum security in the initial key establishment. This is a welcome and critical step that, by our scale, elevated Signal from Level 1 to Level 2 security.

At Level 2, the application of post-quantum cryptography is limited to the initial key establishment, providing quantum security only if the conversation key material is never compromised. But today’s sophisticated adversaries already have incentives to compromise encryption keys, because doing so gives them the ability to decrypt messages protected by those keys for as long as the keys don’t change. To best protect end-to-end encrypted messaging, the post-quantum keys need to change on an ongoing basis to place an upper bound on how much of a conversation can be exposed by any single, point-in-time key compromise — both now and with future quantum computers. Therefore, we believe messaging protocols should go even further and attain Level 3 security, where post-quantum cryptography is used to secure both the initial key establishment and the ongoing message exchange, with the ability to rapidly and automatically restore the cryptographic security of a conversation even if a given key becomes compromised.

iMessage now meets this goal with a new cryptographic protocol that we call PQ3, offering the strongest protection against quantum attacks and becoming the only widely available messaging service to reach Level 3 security. Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already in the corresponding developer preview and beta releases. iMessage conversations between devices that support PQ3 are automatically ramping up to the post-quantum encryption protocol. As we gain operational experience with PQ3 at the massive global scale of iMessage, it will fully replace the existing protocol within all supported conversations this year.

Designing PQ3

More than simply replacing an existing algorithm with a new one, we rebuilt the iMessage cryptographic protocol from the ground up to advance the state of the art in end-to-end encryption, and to deliver on the following requirements:

  • Introduce post-quantum cryptography from the start of a conversation, so that all communication is protected from current and future adversaries.
  • Mitigate the impact of key compromises by limiting how many past and future messages can be decrypted with a single compromised key.
  • Use a hybrid design to combine new post-quantum algorithms with current Elliptic Curve algorithms, ensuring that PQ3 can can never be less safe than the existing classical protocol.
  • Amortize message size to avoid excessive additional overhead from the added security.
  • Use formal verification methods to provide strong security assurances for the new protocol.

PQ3 introduces a new post-quantum encryption key in the set of public keys each device generates locally and transmits to Apple servers as part of iMessage registration. For this application, we chose to use Kyber post-quantum public keys, an algorithm that received close scrutiny from the global cryptography community, and was selected by NIST as the Module Lattice-based Key Encapsulation Mechanism standard, or ML-KEM . This enables sender devices to obtain a receiver’s public keys and generate post-quantum encryption keys for the very first message, even if the receiver is offline. We refer to this as initial key establishment.

We then include — within conversations — a periodic post-quantum rekeying mechanism that has the ability to self-heal from key compromise and protect future messages. In PQ3, the new keys sent along with the conversation are used to create fresh message encryption keys that can’t be computed from past ones, thereby bringing the conversation back to a secure state even if previous keys were extracted or compromised by an adversary. PQ3 is the first large scale cryptographic messaging protocol to introduce this novel post-quantum rekeying property.

PQ3 employs a hybrid design that combines Elliptic Curve cryptography with post-quantum encryption both during the initial key establishment and during rekeying. Thus, the new cryptography is purely additive, and defeating PQ3 security requires defeating both the existing, classical ECC cryptography and the new post-quantum primitives. It also means the protocol benefits from all the experience we accumulated from deploying the ECC protocol and its implementations.

Rekeying in PQ3 involves transmitting fresh public key material in-band with the encrypted messages that devices are exchanging. A new public key based on Elliptic Curve Diffie-Hellman (ECDH) is transmitted inline with every response. The post-quantum key used by PQ3 has a significantly larger wire size than the existing protocol, so to meet our message size requirement we designed the quantum-secure rekeying to happen periodically rather than with every message. To determine whether a new post-quantum key is transmitted, PQ3 uses a rekeying condition that aims to balance the average size of messages on the wire, preserve the user experience in limited connectivity scenarios, and keep the global volume of messages within the capacity of our server infrastructure. Should the need arise, future software updates can increase the rekeying frequency in a way that’s backward-compatible with all devices that support PQ3.

With PQ3, iMessage continues to rely on classical cryptographic algorithms to authenticate the sender and verify the Contact Key Verification account key, because these mechanisms can’t be attacked retroactively with future quantum computers. To attempt to insert themselves in the middle of an iMessage conversation, an adversary would require a quantum computer capable of breaking one of the authentication keys before or at the time the communication takes place. In other words, these attacks cannot be performed in a Harvest Now, Decrypt Later scenario — they require the existence of a quantum computer capable of performing the attacks contemporaneously with the communication being attacked. We believe any such capability is still many years away, but as the threat of quantum computers evolves, we will continue to assess the need for post-quantum authentication to thwart such attacks.

A formally proven protocol

Our final requirement for iMessage PQ3 is formal verification — a mathematical proof of the intended security properties of the protocol. PQ3 received extensive review from Apple’s own multi-disciplinary teams in Security Engineering and Architecture (SEAR) as well as from some of the world’s foremost experts in cryptography. This includes a team led by Professor David Basin, head of the Information Security Group at ETH Zürich and one of the inventors of Tamarin — a leading security protocol verification tool that was also used to evaluate PQ3 — as well as Professor Douglas Stebila from the University of Waterloo, who has performed extensive research on post-quantum security for internet protocols. Each took a different but complementary approach, using different mathematical models to demonstrate that as long as the underlying cryptographic algorithms remain secure, so does PQ3. Finally, a leading third-party security consultancy supplemented our internal implementation review with an independent assessment of the PQ3 source code, which found no security issues.

In the first mathematical analysis, Security analysis of the iMessage PQ3 protocol , Professor Douglas Stebila focused on so-called game-based proofs. This technique, also known as reduction, defines a series of “games“ or logical statements to show that the protocol is at least as strong as the algorithms that underpin it. Stebila’s analysis shows that PQ3 provides confidentiality even in the presence of some key compromises against both classical and quantum adversaries, in both the initial key establishment and the ongoing rekeying phase of the protocol. The analysis decomposes the many layers of key derivations down to the message keys and proves that, for an attacker, they are indistinguishable from random noise. Through an extensive demonstration that considers different attack paths for classical and quantum attackers in the proofs, Stebila shows that the keys used for PQ3 are secure as long as either the Elliptic Curve Diffie-Hellman problem remains hard or the Kyber post-quantum KEM remains secure.

The iMessage PQ3 protocol is a well-designed cryptographic protocol for secure messaging that uses state-of-the-art techniques for end-to-end encrypted communication. In my analysis using the reductionist security methodology, I confirmed that the PQ3 protocol provides post-quantum confidentiality, which can give users confidence in the privacy of their communication even in the face of potential improvements in quantum computing technology. —Professor Douglas Stebila

In the second evaluation, A Formal Analysis of the iMessage PQ3 Messaging Protocol , Prof. David Basin, Felix Linker, and Dr. Ralf Sasse at ETH Zürich use a method called symbolic evaluation. As highlighted in the paper’s abstract, this analysis includes a detailed formal model of the iMessage PQ3 protocol, a precise specification of its fine-grained security properties, and machine-checked proofs using the state-of-the-art symbolic Tamarin prover . The evaluation yielded a fine-grained analysis of the secrecy properties of PQ3, proving that “in the absence of the sender or recipient being compromised, all keys and messages transmitted are secret” and that “compromises can be tolerated in a well-defined sense where the effect of the compromise on the secrecy of data is limited in time and effect,” which confirms that PQ3 meets our goals.

We provide a mathematical model of PQ3 as well as prove its secrecy and authenticity properties using a verification tool for machine-checked security proofs. We prove the properties even when the protocol operates in the presence of very strong adversaries who can corrupt parties or possess quantum computers and therefore defeat classical cryptography. PQ3 goes beyond Signal with regards to post-quantum defenses. In PQ3, a post-quantum secure algorithm is part of the ratcheting and used repeatedly, rather than only once in the initialization as in Signal. Our verification provides a very high degree of assurance that the protocol as designed functions securely, even in the post-quantum world. —Professor David Basin

Diving into the details

Because we know PQ3 will be of intense interest to security researchers and engineers as well as the cryptographic community, this blog post is really two posts in one. Up to now, we laid out our design goals, outlined how PQ3 meets them, and explained how we verified our confidence in the protocol with independent assessments. If you’d like to understand more detail about the cryptographic underpinnings, the remainder of the post is a deeper dive into how we constructed the PQ3 protocol.

Post-quantum key establishment

iMessage allows a user to register multiple devices on the same account. Each device generates its own set of encryption keys, and the private keys are never exported to any external system. The associated public keys are registered with Apple’s Identity Directory Service (IDS) to enable users to message each other using a simple identifier: email address or phone number. When a user sends a message from one of their devices, all of their other devices and all of the recipient’s devices receive the message. The messages are exchanged through pair-wise sessions established between the sending device and each receiving device. The same message is encrypted successively to each receiving device, with keys uniquely derived for each session. For the rest of this description, we will focus on a single device-to-device session.

Because the receiving device might not be online when the conversation is established, the first message in a session is encrypted using the public encryption keys registered with the IDS server.

Each device with PQ3 registers two public encryption keys and replaces them regularly with fresh ones:

  • A post-quantum Kyber-1024 key encapsulation public key
  • A classical P-256 Elliptic Curve key agreement public key

These encryption keys are signed with ECDSA using a P-256 authentication key generated by the device’s Secure Enclave, along with a timestamp used to limit their validity. The device authentication public key is itself signed by the Contact Key Verification account key, along with some attributes such as the supported cryptographic protocol version. This process allows the sender to verify that the recipient device’s public encryption keys were uploaded by the intended recipient, and it guards against downgrade attacks.

When Alice’s device instantiates a new session with Bob’s device, her device queries the IDS server for the key bundle associated with Bob’s device. The subset of the key bundle that contains the device’s authentication key and versioning information is validated using Contact Key Verification. The device then validates the signature covering the encryption keys and timestamps, which attests that the keys are valid and have not expired.

Alice’s device can then use the two public encryption keys to share two symmetric keys with Bob. The first symmetric key is computed through an ECDH key exchange that combines an ephemeral encryption key from Alice with Bob’s registered P-256 public key. The second symmetric key is obtained from a Kyber key encapsulation with Bob’s post-quantum public key.

To combine these two symmetric keys, we first extract their entropy by invoking HKDF-SHA384-Extract twice — once for each of the keys. The resulting 48-byte secret is further combined with a domain separation string and session information — which includes the user’s identifiers, the public keys used in the key exchange, and the encapsulated secret — by invoking HKDF-SHA384-Extract again to derive the session’s initial keying state. This combination ensures that the initial session state cannot be derived without knowing both of the shared secrets, meaning an attacker would need to break both algorithms to recover the resulting secret, thus satisfying our hybrid security requirement.

Post-quantum rekeying

Ongoing rekeying of the cryptographic session is designed such that keys used to encrypt past and future messages cannot be recomputed even by a powerful hypothetical attacker who is able to extract the cryptographic state of the device at a given point in time. The protocol generates a new unique key for each message, which periodically includes new entropy that is not deterministically derived from the current state of the conversation, effectively providing self-healing properties to the protocol. Our rekeying approach is modeled after ratcheting, a technique that consists of deriving a new session key from other keys and ensuring the cryptographic state always moves forward in one direction. PQ3 combines three ratchets to achieve post-quantum encryption.

The first ratchet, called the symmetric ratchet, protects older messages in a conversation to achieve forward secrecy. For every message, we derive a per-message encryption key from the current session key. The current session key itself is then further derived into a new session key, ratcheting the state forward. Each message key is deleted as soon as a corresponding message is decrypted, which prevents older harvested ciphertexts from being decrypted by an adversary who is able to compromise the device at a later time, and provides protection against replayed messages. This process uses 256-bit keys and intermediate values, and HKDF-SHA384 as a derivation function, which provides protection against both classical and quantum computers.

The second ratchet, called the ECDH ratchet, protects future messages by updating the session with fresh entropy from an Elliptic Curve key agreement, ensuring that an adversary loses the ability to decrypt new messages even if they had compromised past session keys — a property called post-compromise security. The ECDH-based ratchet has a symmetrical flow: the private key of the outgoing ratchet public key from the sender is used with the last public key received from the recipient to establish a new shared secret between sender and receiver, which is then mixed into the session’s key material. The new PQ3 protocol for iMessage uses NIST P-256 Elliptic Curve keys to perform this ratchet, which imposes only a small 32-byte overhead on each message.

Because the second ratchet uses classical cryptography, PQ3 also adds a conditionally executed Kyber KEM-based ratchet. This third ratchet complements the ECDH-based ratchet to provide post-compromise security against Harvest Now, Decrypt Later quantum attacks as well.

The use of a post-quantum ratchet can cause significant network overhead compared to an ECDH-based ratchet at the same security level. The post-quantum KEM requires sending both a public key and an encapsulated secret instead of a single outgoing public key. In addition, the underlying mathematical structure for quantum security requires significantly larger parameter sizes for public keys and encapsulated keys compared to Elliptic Curves.

To limit the size overhead incurred by frequent rekeying while preserving a high level of security, the post-quantum KEM is instantiated with Kyber-768. Unlike the IDS-registered public keys used for the initial key establishment, ratcheting public keys are used only once to encapsulate a shared secret to the receiver, significantly limiting the impact of the compromise of a single key. However, while a 32-byte ECDH-based ratchet overhead is acceptable on every message, the post-quantum KEM ratchet increases the message size by more than 2 kilobytes. To avoid visible delays in message delivery when device connectivity is limited, this ratchet needs to be amortized over multiple messages.

We therefore implemented an adaptive post-quantum rekeying criterion that takes into account the number of outgoing messages, the time elapsed since last rekeying, and current connectivity conditions. At launch, this means the post-quantum ratchet is performed approximately every 50 messages, but the criterion is bounded such that rekeying is always guaranteed to occur at least once every 7 days. And as we mentioned earlier, as the threat of quantum computers and infrastructure capacity evolves over time, future software updates can increase the rekeying frequency while preserving full backward compatibility.

Completing the public key ratchets, whether based on ECDH or Kyber, requires sending and receiving a message. Although users may not immediately reply to a message, iMessage includes encrypted delivery receipts that allow devices to rapidly complete the ratchet even without a reply from the recipient, as long as the device is online. This technique avoids delays in the rekeying process and helps support strong post-compromise recovery.

Similar to the initial session key establishment, the secrets established through the three ratchets are all combined with an evolving session key using HKDF-SHA384 through sequential calls to the Extract function. At the end of this process, we obtain a final message key, which can now be used to encrypt the payload.

Padding and encryption

To avoid leaking information about the message size, PQ3 adds padding to the message before encryption. This padding is implemented with the Padmé heuristic, which specifically limits the information leakage of ciphertexts with maximum length M to a practical optimum of O(log log M) bits. This is comparable to padding to a power of two but results in a lower overhead of at most 12 percent and even lower for larger payloads. This approach strikes an excellent balance between privacy and efficiency, and preserves the user experience in limited device connectivity scenarios.

The padded payload is encrypted with AES-CTR using a 256-bit encryption key and initialization vector, both derived from the message key. While public key algorithms require fundamental changes to achieve quantum security, symmetric cryptography algorithms like the AES block cipher only require doubling the key size to maintain their level of security against quantum computers.

Authentication

Each message is individually signed with ECDSA using the elliptic curve P-256 device authentication key protected by the Secure Enclave. The receiving device verifies the mapping between the sender’s identifier (email address or phone number) and the public key used for signature verification. If both users have enabled Contact Key Verification and verified each other’s account key, the device verifies that the device authentication keys are present in the Key Transparency log and that the corresponding account key matches the account key stored in the user’s iCloud Keychain.

The device’s authentication key is generated by the Secure Enclave and never exposed to the rest of the device, which helps prevent extraction of the private key even if the Application Processor is completely compromised. If an attacker were to compromise the Application Processor, they might be able to use the Secure Enclave to sign arbitrary messages. But after the device recovers from the compromise through a reboot or a software update, they would no longer be able to impersonate the user. This approach offers stronger guarantees than other messaging protocols where the authentication key is sometimes shared between devices or where the authentication takes place only at the beginning of the session.

The message signature covers a wide range of fields, including the unique identifiers of the users and their push notification tokens, the encrypted payload, authenticated data, a ratchet-derived message key indicator that binds the signature to a unique location in the ratchet, and any public key information used in the protocol. The inclusion of these fields in the signature guarantees that the message can only be used in the context intended by the sender, and all the fields are exhaustively documented in the research papers from Stebila, Basin, and collaborators.

End-to-end encrypted messaging has seen a tremendous amount of innovation in recent years, including significant advances in post-quantum cryptography from Signal’s PQXDH protocol and in key transparency from WhatsApp’s Auditable Key Directory. Building on its pioneering legacy as the first widely available messaging app to provide end-to-end encryption by default, iMessage has continued to deliver advanced protections that surpass existing systems. iMessage Contact Key Verification is the most sophisticated key transparency system for messaging deployed at scale, and is the current global state of the art for automatic key verification. And the new PQ3 cryptographic protocol for iMessage combines post-quantum initial key establishment with three ongoing ratchets for self-healing against key compromise, defining the global state of the art for protecting messages against Harvest Now, Decrypt Later attacks and future quantum computers.

IMAGES

  1. Research Paper on Cyber Security & Cryptography

    technical research paper on cryptography

  2. (PDF) Review and Analysis of Cryptography Techniques

    technical research paper on cryptography

  3. (PDF) A Review on Cryptography in Cloud Computing

    technical research paper on cryptography

  4. Survey Paper on Threshold Cryptography

    technical research paper on cryptography

  5. (PDF) A Review Paper on Cryptography

    technical research paper on cryptography

  6. Review Paper on Cryptography

    technical research paper on cryptography

VIDEO

  1. Modern cryptography

  2. Data Encryption Standard

  3. Chapter 2 Cryptographic Tools 5

  4. Intro. to Cryptography

  5. CS8792 CRYPTOGRAPHY AND NETWORK SECURITY

  6. THE ART OF RESEARCH PAPER WRITING

COMMENTS

  1. (PDF) A Review Paper on Cryptography

    A Review Paper on Cryptography Conference: 2019 7th International Symposium on Digital Forensics and Security (ISDFS) Authors: Abdalbasit Mohammed University of Human Development Nurhayat Varol...

  2. A Review Paper on Cryptography

    A Review Paper on Cryptography With the internet having reached a level that merges with our lives, growing explosively during the last several decades, data security has become a main concern for anyone connected to the web.

  3. Challenges in Cryptography

    Challenges in Cryptography Abstract: Cryptography as a field of study is exciting because it brings together beautiful mathematics and many cutting-edge areas of computer science and engineering to find solutions that touch all aspects of life in a digital era.

  4. Home

    3.0 (2022) 5 year impact factor 2.8 (2022) Downloads 171,994 (2022) Societies and partnerships International Association for Cryptologic Research Latest articles Time-Space Lower Bounds for Finding Collisions in Merkle-Damgård Hash Functions Akshima Siyao Guo Qipeng Liu Research Article 13 February 2024 Article: 10

  5. Special Issue on Cryptography and Information Security

    Additionally, we examine post-quantum cryptography, a vital area of research in the face of the impending arrival of quantum computers. Another vital aspect of our Special Issue is secure communication protocols. As cyber threats continue to evolve, we explore advances in network security, transport layer security, and end-to-end encryption.

  6. A New Approach of Cryptography for Data Encryption and Decryption

    Our research focuses on data encryption and decryption technique for a better cryptosystem; where we have proposed a new approach that ensures better performance in comparison to the state-of-the-art solutions. In this work, after generating a unique key using random characters the plain text is encrypted into ciphertext.

  7. Cryptography: Recent research trends of encrypting mathematics

    Cryptography is the study of assured communication procedure which allows only the sender and the intended person to review the message and the content shared. The simplest method used is the symmetric algorithm in which once the message is encrypted it is sent to the recipient along with its secret key.

  8. Cryptography

    Jin Li Cryptography 2024, 8 (1), 6; https://doi.org/10.3390/cryptography8010006 - 04 Feb 2024 Abstract Cross-chain transaction technologies have greatly promoted the scalability of cryptocurrencies, which then facilitates the development of Metaverse applications.

  9. Cryptography

    Cryptography Volume 6 Issue 1 share announcement Cryptography, Volume 6, Issue 1 (March 2022) - 13 articles Cover Story ( view full-size image ): Anonymous authentication systems have received the attention of many fields, as they secure user privacy.

  10. PDF Post Quantum Cryptography: Techniques, Challenges, Standardization, and

    all the NIST PQC nalists. The paper ends by mention-ing di erent future directions in which research is being done. 2 Cryptography Cryptography is the science of concealing messages using mathematics. The message is disguised using a crypto-graphic encryption algorithm to hide the substance of the message. The disguised data is also known as the

  11. (PDF) Network Security and Cryptography Challenges and ...

    Abstract The primary goal is to present a comprehensive overview of network security, cryptography, and digital signatures. Cryptography and network security should be narrower to include...

  12. Cryptography Algorithms for Enhancing IoT Security

    Cryptography is an essential tool for security in IoT. • Lightweight, stream, and hybrid ciphers evaluated for performance and robustness. • Mitigation techniques presented to combat IoT security issues. Abstract In today's fast-paced world, a new technology paradigm known as the Internet of Things (IoT) is advancing every business.

  13. A Detailed Review Based on Secure Data Transmission Using Cryptography

    1.1 Technical Steganography. This method uses special devices, scientific techniques, and tools for hiding data. ... Sect. 2 represents the various category of cryptography and steganography based papers in recent years. ... International Journal of Advance Research in Computer Science and Management Studies, 2(8), 1-15.

  14. (PDF) A Review on Elliptic Curve Cryptography

    Step 1: Al ice selec t a random n umber d A. Step 2: Calcul ate the public key of Alice usin g the formula: P A(x,y) = dA.G (x,y) = (dAGx, dA Gy) Step 3: Repe at the above steps (1, 2) to ...

  15. Cryptography

    Abstract Cryptography has been used from time immemorial for preserving the confidentiality of data/information in storage or transit. Thus, cryptography research has also been evolving from the classical Caesar cipher to the modern cryptosystems, based on modular arithmetic to the contemporary cryptosystems based on [...] Read more.

  16. Cloud Cryptography: User End Encryption

    This paper suggests user end cryptography of data before uploading it to a cloud storage service platform like Google Drive, Microsoft, Amazon and CloudSim etc. The proposed cryptography algorithm is based on symmetric key cryptography model and has been implemented on Amazon S3 cloud space service.

  17. PDF Quantum Cryptography

    Quantum cryptography is one of the emerging topics in the field of computer industry. This paper focus on quantum cryptography and how this technology contributes value to a defense-in-depth strategy pertaining to completely secure key distribution. The scope of this paper covers the weaknesses of modern digital cryptosystems, the fundamental ...

  18. quantum cryptography Latest Research Papers

    quantum cryptography Latest Research Papers | ScienceGate quantum cryptography Recently Published Documents TOTAL DOCUMENTS 1437 (FIVE YEARS 317) H-INDEX 78 (FIVE YEARS 4) Latest Documents Most Cited Documents Contributed Authors Related Sources Related Keywords Quantum and Post‐Quantum Cryptography 10.1002/9781119795667.ch2 2022 pp. 45-58

  19. Cryptography

    Feature papers represent the most advanced research with significant potential for high impact in the field. A Feature Paper should be a substantial original Article that involves several techniques or approaches, provides an outlook for future research directions and describes possible research applications. ... Public-key cryptography ...

  20. (PDF) Cryptography

    This paper will be looking at what cryptography implies, its nexus with the word encryption, how it has evolved with time, some critical axioms that govern encryption will also be looked at,...

  21. [2402.06664] LLM Agents can Autonomously Hack Websites

    In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result, these LLMs can now function autonomously as agents. With the rise in capabilities of these agents, recent work has speculated on how LLM agents would affect cybersecurity. However, not much is known ...

  22. Securing Data Using Visual Cryptography

    Data security is paramount in this modern era. Many corporations have established selective or their own cryptography schemes for information gathering and communication. The need of securing sensitive information is ever-so-increasing due to the rise of cyber thefts and online scams. Visual cryptography is a popular cryptographic technique that consists of hiding visual information like audio ...

  23. PDF Gemma:OpenModelsBasedonGemini ResearchandTechnology

    Gemma:OpenModelsBasedonGeminiResearchandTechnology tably, the 7B model uses multi-head attention whilethe2Bcheckpointsusemulti-queryatten-tion(with _ _ℎ = 1 ...

  24. Blog

    PQ3 employs a hybrid design that combines Elliptic Curve cryptography with post-quantum encryption both during the initial key establishment and during rekeying. Thus, the new cryptography is purely additive, and defeating PQ3 security requires defeating both the existing, classical ECC cryptography and the new post-quantum primitives.

  25. Cybersecurity, Cryptography, and Machine Learning

    Feature papers represent the most advanced research with significant potential for high impact in the field. ... Cryptography is one of the most important tools that has been widely deployed by researchers and practitioners in academia and industry to build secure information technology infrastructures ensuring the confidentiality of data and ...

  26. Free Full-Text

    Figure 1 depicts a general data security mechanism classification, which interconnects the three techniques shown: steganography, watermarking, and cryptography. Steganography is divided into either linguistic or technical steganography, and watermarking is divided into robust or fragile watermarking. Figure 1.