pith. sign in

arxiv: 2604.23564 · v1 · submitted 2026-04-26 · 📡 eess.SY · cs.SY

Dynamic-Key Post-Quantum Encrypted Control Against System Identification Attacks

Jungjin Park , Kiminao Kogiso This is my paper

Pith reviewed 2026-05-08 05:39 UTC · model grok-4.3

classification 📡 eess.SY cs.SY
keywords encrypted controlpost-quantum cryptographyLearning with Errorsdynamic-key encryptionsystem identification attackshomomorphic encryptionsecure control systemsLWE encryption
0
0 comments X

The pith

Dynamic-key updates in Learning with Errors encryption enable control systems resistant to system identification attacks.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper proposes encrypted control using dynamic-key schemes based on Learning with Errors encryption. It introduces update maps that refresh both the private key and the ciphertexts together at each step. These maps are designed so that the growth of errors from homomorphic operations stays small enough for correct decryption throughout the control process. The authors provide conditions on the parameters and security metrics such as sample-identifying complexity to ensure the system stays secure. A numerical example is used to show that the approach prevents an attacker from identifying the underlying system dynamics.

Core claim

The paper establishes that update maps within the LWE framework can simultaneously refresh the private key and ciphertexts while bounding homomorphic error growth to satisfy decryption conditions at every control step, thereby achieving encrypted control that resists system identification attacks, with a design procedure based on security metrics and verification through a numerical example.

What carries the argument

Update maps that simultaneously refresh the private key and ciphertexts within the LWE framework while keeping homomorphic error growth bounded enough to meet derived decryption conditions at each control step.

If this is right

  • The encrypted controller can operate over multiple time steps without the key material becoming vulnerable to identification from input-output data.
  • Parameter selection can be guided by metrics such as sample-identifying complexity and deciphering time to balance security and performance.
  • The scheme provides post-quantum security for control loops by relying on the hardness of the LWE problem rather than classical factoring or discrete-log assumptions.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Similar dynamic-key techniques could be adapted to other homomorphic encryption primitives if their error-growth bounds can be managed.
  • Real-time implementation in embedded control hardware would require quantifying the computational cost of the update maps relative to the control sampling rate.
  • The method might be extended to handle more sophisticated attacks that combine identification with active probing of the encrypted channel.

Load-bearing premise

That update maps exist within the LWE framework which simultaneously refresh the private key and ciphertexts while keeping homomorphic error growth bounded enough to satisfy the derived decryption conditions at every control step.

What would settle it

A concrete counter-example in which an attacker recovers the system parameters from observed encrypted signals despite the dynamic-key updates and the stated parameter conditions would disprove the security guarantee.

Figures

Figures reproduced from arXiv: 2604.23564 by Jungjin Park, Kiminao Kogiso.

Figure 1
Figure 1. Figure 1: Configurations of encrypted and quantized control view at source ↗
Figure 2
Figure 2. Figure 2: The difference between the encrypted controller’s view at source ↗
read the original abstract

This study proposes post-quantum encrypted control systems based on dynamic-key Learning with Errors (LWE) encryption schemes. The proposed method develops update maps that simultaneously update the private key and ciphertexts within the LWE framework, enabling dynamic-key encrypted control resistant to system identification attacks. The growth of errors induced by homomorphic operations is analyzed, and sufficient parameter conditions guaranteeing correct decryption at each control step are clarified. Furthermore, a design procedure for the encrypted control systems is presented based on security metrics such as sample-identifying complexity and deciphering time. A numerical example demonstrates that the proposed control systems achieve secure control against the considered system identification attack.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 1 minor

Summary. The paper proposes post-quantum encrypted control systems based on dynamic-key LWE encryption. It develops update maps that simultaneously refresh the private key and ciphertexts to resist system identification attacks. The growth of errors from homomorphic operations is analyzed, with sufficient parameter conditions stated to guarantee correct decryption at each control step. A design procedure is given using security metrics such as sample-identifying complexity and deciphering time, and a numerical example is provided to demonstrate secure control.

Significance. If the error-growth bounds can be shown to hold indefinitely, the work would provide a concrete mechanism for long-term encrypted control that avoids re-initialization while remaining resistant to identification attacks. The numerical example supplies direct evidence of the security metrics in a concrete setting, and the explicit parameter conditions offer a practical design route.

major comments (1)
  1. [Error-growth analysis and parameter conditions (around the derivations following the update-map definitions)] The central claim requires that the dynamic-key update maps keep cumulative homomorphic error below the decryption threshold for arbitrarily many steps. The stated sufficient parameter conditions address single-step correctness but do not contain a proof or inductive argument that repeated application of the control-specific homomorphic operations and updates preserves the bound without eventual re-initialization or parameter refresh. This is load-bearing for the ongoing secure-control claim.
minor comments (1)
  1. The notation for the update maps and the precise definition of the security metrics (sample-identifying complexity, deciphering time) could be collected in a single table or appendix for easier reference during the design procedure.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the careful and constructive review of our manuscript. The major comment raises an important point about the long-term validity of the error bounds, which we address below by committing to a targeted revision that strengthens the analysis without altering the core contributions.

read point-by-point responses

  1. Referee: The central claim requires that the dynamic-key update maps keep cumulative homomorphic error below the decryption threshold for arbitrarily many steps. The stated sufficient parameter conditions address single-step correctness but do not contain a proof or inductive argument that repeated application of the control-specific homomorphic operations and updates preserves the bound without eventual re-initialization or parameter refresh. This is load-bearing for the ongoing secure-control claim.

    Authors: We appreciate the referee highlighting this aspect of the error-growth analysis. The derivations following the update-map definitions do establish sufficient conditions ensuring that the homomorphic error stays below the decryption threshold after each individual control step, drawing on standard LWE error bounds and the specific structure of the simultaneous key and ciphertext updates. However, we agree that an explicit inductive argument is needed to confirm that these conditions propagate indefinitely under repeated application without re-initialization. In the revised manuscript we will add a dedicated inductive proof (in a new subsection or appendix) showing that if the parameter conditions hold at step t, then the dynamic-key update maps and homomorphic operations at step t+1 preserve the error bound for correct decryption at t+1. This induction exploits the controlled error reset inherent to the dynamic updates. We believe this addition directly resolves the concern while preserving the paper's focus on post-quantum encrypted control. revision: yes

Circularity Check

0 steps flagged

No circularity; derivation introduces independent update maps and error bounds

full rationale

The paper proposes new dynamic-key update maps within the LWE framework, derives sufficient parameter conditions from homomorphic error growth analysis, and validates via a numerical example against system identification attacks. No load-bearing step reduces by construction to a fitted input, self-definition, or self-citation chain; the central security claims rest on explicit constructions and stated decryption conditions rather than tautological re-use of the target result. The derivation is self-contained against external LWE benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract provides no explicit free parameters, axioms or invented entities. The work builds on existing LWE encryption but details of the update maps are not given here.

pith-pipeline@v0.9.0 · 5400 in / 1123 out tokens · 48242 ms · 2026-05-08T05:39:47.483235+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

23 extracted references · 23 canonical work pages

  1. [1]

    Industry 5.0: A survey on enabling technologies and potential applications,

    P. K. R. Maddikunta, Q.-V . Pham, P. B, N. Deepa, K. Dev, T. R. Gadekallu, R. Ruby, and M. Liyanage, “Industry 5.0: A survey on enabling technologies and potential applications,”Journal of Industrial Information Integration, vol. 26, p. 100257, 2022

    work page 2022

  2. [2]

    A se- cure control framework for resource-limited adversaries,

    A. Teixeira, I. Shames, H. Sandberg, and K. H. Johansson, “A se- cure control framework for resource-limited adversaries,”Automatica, vol. 51, pp. 135–148, 2015

    work page 2015

  3. [3]

    A systems and control perspective of cps security,

    S. M. Dibaji, M. Pirani, D. B. Flamholz, A. M. Annaswamy, K. H. Johansson, and A. Chakrabortty, “A systems and control perspective of cps security,”Ann. Rev. Control, vol. 47, pp. 394–411, 2019

    work page 2019

  4. [4]

    Cyber-security enhancement of networked control systems using homomorphic encryption,

    K. Kogiso and T. Fujita, “Cyber-security enhancement of networked control systems using homomorphic encryption,” in2015 54th IEEE Conference on Decision and Control (CDC), 2015, pp. 6836–6843

    work page 2015

  5. [5]

    Encrypting controller using fully homomorphic encryption for security of cyber-physical systems,

    J. Kim, C. Lee, H. Shim, J. H. Cheon, A. Kim, M. Kim, and Y . Song, “Encrypting controller using fully homomorphic encryption for security of cyber-physical systems,”IFAC-PapersOnLine, vol. 49, no. 22, pp. 175–180, 2016

    work page 2016

  6. [6]

    Towards encrypted mpc for linear constrained systems,

    M. Schulze Darup, A. Redder, I. Shames, F. Farokhi, and D. Quevedo, “Towards encrypted mpc for linear constrained systems,”IEEE Control Systems Letters, vol. 2, no. 2, pp. 195–200, 2018

    work page 2018

  7. [7]

    Shor’s factoring algorithm and modern cryptography. an illustration of the capabilities inherent in quantum computers,

    E. Gerjuoy, “Shor’s factoring algorithm and modern cryptography. an illustration of the capabilities inherent in quantum computers,” American Journal of Physics, vol. 73, 11 2004

    work page 2004

  8. [8]

    Shor’s discrete logarithm quantum algorithm for elliptic curves,

    J. Proos and C. Zalka, “Shor’s discrete logarithm quantum algorithm for elliptic curves,”Quantum Info. & Computation, vol. 3, 02 2003

    work page 2003

  9. [9]

    On lattices, learning with errors, random linear codes, and cryptography,

    O. Regev, “On lattices, learning with errors, random linear codes, and cryptography,” inProceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing, ser. STOC ’05. Association for Computing Machinery, 2005, p. 84–93

    work page 2005

  10. [10]

    Public-key cryptosystems from the worst-case shortest vector problem: extended abstract,

    C. Peikert, “Public-key cryptosystems from the worst-case shortest vector problem: extended abstract,” inProceedings of the Forty-First Annual ACM Symposium on Theory of Computing, ser. STOC ’09. Association for Computing Machinery, 2009, p. 333–342

    work page 2009

  11. [11]

    Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically- faster, attribute-based,

    C. Gentry, A. Sahai, and B. Waters, “Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically- faster, attribute-based,” inAdvances in Cryptology – CRYPTO 2013, R. Canetti and J. A. Garay, Eds. Springer, 2013, pp. 75–92

    work page 2013

  12. [12]

    Dynamic controller that operates over homomorphically encrypted data for infinite time horizon,

    J. Kim, H. Shim, and K. Han, “Dynamic controller that operates over homomorphically encrypted data for infinite time horizon,”IEEE Transactions on Automatic Control, vol. 68, no. 2, pp. 660–672, 2023

    work page 2023

  13. [13]

    Encrypted control using modified learning with errors-based schemes,

    R. S. Lois and D. G. Cole, “Encrypted control using modified learning with errors-based schemes,”IFAC-PapersOnLine, vol. 58, no. 28, pp. 72–77, 2024

    work page 2024

  14. [14]

    Attack detection and identi- fication in cyber-physical systems,

    F. Pasqualetti, F. D ¨orfler, and F. Bullo, “Attack detection and identi- fication in cyber-physical systems,”IEEE Transactions on Automatic Control, vol. 58, no. 11, pp. 2715–2729, 2013

    work page 2013

  15. [15]

    A tutorial introduction to security and privacy for cyber-physical systems,

    M. S. Chong, H. Sandberg, and A. M. Teixeira, “A tutorial introduction to security and privacy for cyber-physical systems,” in2019 18th European Control Conference (ECC), 2019, pp. 968–978

    work page 2019

  16. [16]

    Design- ing optimal key lengths and control laws for encrypted control systems based on sample identifying complexity and deciphering time,

    K. Teranishi, T. Sadamoto, A. Chakrabortty, and K. Kogiso, “Design- ing optimal key lengths and control laws for encrypted control systems based on sample identifying complexity and deciphering time,”IEEE Trans. on Automatic Control, vol. 68, no. 4, pp. 2183–2198, 2023

    work page 2023

  17. [17]

    Optimal controller and security param- eter for encrypted control systems under least squares identification,

    K. Teranishi and K. Kogiso, “Optimal controller and security param- eter for encrypted control systems under least squares identification,” IEEE Control Systems Letters, vol. 7, pp. 1482–1487, 2023

    work page 2023

  18. [18]

    Experimental validation of the attack-detection capability of encrypted control systems using man- in-the-middle attacks,

    A. Kosugi, K. Teranishi, and K. Kogiso, “Experimental validation of the attack-detection capability of encrypted control systems using man- in-the-middle attacks,”IEEE Access, vol. 12, pp. 10 535–10 547, 2024

    work page 2024

  19. [19]

    Stability-guaranteed dy- namic elgamal cryptosystem for encrypted control systems,

    K. Teranishi, N. Shimada, and K. Kogiso, “Stability-guaranteed dy- namic elgamal cryptosystem for encrypted control systems,”IET Control Theory & Applications, vol. 14, pp. 2242–2252, 2020

    work page 2020

  20. [20]

    Introduction to modern cryptography,

    M. Bellare and P. Rogaway, “Introduction to modern cryptography,” Ucsd Cse, vol. 207, p. 207, 2005

    work page 2005

  21. [21]

    Systematic benchmark- ing of quantum computers: status and recommendations,

    J. Lorenz, T. Monz, J. Eisert, D. Reitzner, F. Schopfer, F. Barbaresco, K. Kurowski, W. van der Schoot, T. Strohm, J. Senellart, C. Perrault, M. Knufinke, Z. Amodjee, and M. Giardini, “Systematic benchmark- ing of quantum computers: status and recommendations,” 03 2025

    work page 2025

  22. [22]

    J. Kim, H. Shim, and H. Kyoohyung,Comprehensive Introduction to Fully Homomorphic Encryption for Dynamic Feedback Controller via LWE-Based Cryptosystem. Springer Singapore, 2020, pp. 209–230

    work page 2020

  23. [23]

    On the concrete hardness of learning with errors,

    M. R. Albrecht, R. Player, and S. Scott, “On the concrete hardness of learning with errors,”Journal of Mathematical Cryptology, vol. 9, no. 3, pp. 169–203, 2015

    work page 2015