Search for: All records

Emerging satellite networks integrated with terrestrial and aerial systems form a key part of next-generation infrastructures supporting the Internet of Everything (IoE). This chapter outlines the current status of PQC-based authentication in integrated Space-Aerial-Terrestrial Networks (SATIN), highlighting the technical challenges in achieving quantum-resilient security within constrained and complex environments. While quantum computing necessitates migration to post-quantum cryptography (PQC), existing standards often demand resources that are unsuited for SATIN’s limited hardware and fragile links. We analyze leading NIST PQC signature and key encapsulation schemes in the SATIN context, evaluating trade-offs in computational cost, signature size, and protocol compatibility. Emerging directions, including broader algorithm evaluations, advanced protocol integrations (e.g., EMSS and NIST-PQC with terrestrial backbone, PQ group key management), and some alternative PQ technologies are discussed. Addressing these challenges requires advanced simulation and experimental frameworks to enable scalable, practical, and quantum-resilient secure communications in future integrated networks. 

The rapid proliferation of resource-constrained IoT devices across sectors like healthcare, industrial automation, and finance introduces major security challenges. Traditional digital signatures, though foundational for authentication, are often infeasible for low-end devices with limited computational, memory, and energy resources. Also, the rise of quantum computing necessitates post-quantum (PQ) secure alternatives. However, NIST-standardized PQ signatures impose substantial overhead, limiting their practicality in energy-sensitive applications such as wearables, where signer-side efficiency is critical. To address these challenges, we present LightQSign (LiteQS), a novel lightweight PQ signature that achieves near-optimal signature generation efficiency with only a small, constant number of hash operations per signing. Its core innovation enables verifiers to obtain one-time hash-based public keys without interacting with signers or third parties through secure computation. We formally prove the security of LiteQS in the random oracle model and evaluate its performance on commodity hardware and a resource-constrained 8-bit AtMega128A1 microcontroller. Experimental results show that LiteQS outperforms NIST PQ standards with lower computational overhead, minimal memory usage, and compact signatures. On an 8-bit microcontroller, it achieves up to 1.5–24×higher energy efficiency and 1.7–22×shorter signatures than PQ counterparts, and 56–76×better energy efficiency than conventional standards–enabling longer device lifespans and scalable, quantum-resilient authentication. 

Federated learning (FL) enables collaborative model training while preserving user data privacy by keeping data local. Despite these advantages, FL remains vulnerable to privacy attacks on user updates and model parameters during training and deployment. Secure aggregation protocols have been proposed to protect user updates by encrypting them, but these methods often incur high computational costs and are not resistant to quantum computers. Additionally, differential privacy (DP) has been used to mitigate privacy leakages, but existing methods focus on secure aggregation or DP, neglecting their potential synergies. To address these gaps, we introduce Beskar, a novel framework that provides post-quantum secure aggregation, optimizes computational overhead for FL settings, and defines a comprehensive threat model that accounts for a wide spectrum of adversaries. We also integrate DP into different stages of FL training to enhance privacy protection in diverse scenarios. Our framework provides a detailed analysis of the trade-offs between security, performance, and model accuracy, representing the first thorough examination of secure aggregation protocols combined with various DP approaches for post-quantum secure FL. Beskar aims to address the pressing privacy and security issues FL while ensuring quantum-safety and robust performance. 

Federated learning (FL) is well-suited to 5G networks, where many mobile devices generate sensitive edge data. Secure aggregation protocols enhance privacy in FL by ensuring that individual user updates reveal no information about the underlying client data. However, the dynamic and large-scale nature of 5G-marked by high mobility and frequent dropouts-poses significant challenges to the effective adoption of these protocols. Existing protocols often require multi-round communication or rely on fixed infrastructure, limiting their practicality. We propose a lightweight, single-round secure aggregation protocol designed for 5G environments. By leveraging base stations for assisted computation and incorporating precomputation, key-homomorphic pseudorandom functions, and t-out-of-k secret sharing, our protocol ensures efficiency, robustness, and privacy. Experiments show strong security guarantees and significant gains in communication and computation efficiency, making the approach well-suited for real-world 5G FL deployments. 

The rapid advancements in wireless technology have significantly increased the demand for communication resources, leading to the development of Spectrum Access Systems (SAS). However, network regulations require disclosing sensitive user information, such as location coordinates and transmission details, raising critical privacy concerns. Moreover, as a database-driven architecture reliant on user-provided data, SAS necessitates robust location verification to counter identity and location spoofing attacks and remains a primary target for denial-of-service (DoS) attacks. Addressing these security challenges while adhering to regulatory requirements is essential.In this paper, we propose SLAP, a novel framework that ensures location privacy and anonymity during spectrum queries, usage notifications, and location-proof acquisition. Our solution includes an adaptive dual-scenario location verification mechanism with architectural flexibility and a fallback option, along with a counter-DoS approach using time-lock puzzles. We prove the security of SLAP and demonstrate its advantages over existing solutions through comprehensive performance evaluations. 

In this paper, we outline a fast and lightweight network security fabric and identify the research gaps for developing such a fabric that respects the needs of trustworthy NextG SATIN for the post-quantum era. To achieve these objectives, we identify in which research directions more innovations are needed, namely algorithmic (NIST-PQC, distributed computing, time-disclosed cryptography), architectural (decentralized SATIN, distributed key management), and evaluation aspects.