pith. sign in

arxiv: 2605.24542 · v1 · pith:GEPBMMNCnew · submitted 2026-05-23 · 💻 cs.CR · cs.AI· cs.LG· cs.MA· cs.SE

AI-Driven Adaptive Adversaries and the Erosion of Cryptographic Trust in Public Key Systems

Pith reviewed 2026-06-30 13:15 UTC · model grok-4.3

classification 💻 cs.CR cs.AIcs.LGcs.MAcs.SE
keywords public key cryptographyadaptive adversariesAI optimizationimplementation attacksside-channel securitycryptographic trustsecurity models
0
0 comments X

The pith

AI-driven adaptive adversaries erode public key cryptography security by exploiting implementation observability rather than breaking mathematical primitives.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper examines how public key cryptography loses effective security when adversaries use artificial intelligence to optimize attacks at the implementation level. Traditional models assume that strong algorithms suffice for trust, yet real attacks succeed by observing and adapting to how those algorithms run in practice. A sympathetic reader would care because this mismatch implies that security proofs centered on algorithm hardness may no longer capture operational risks. The review frames the problem as a shift from primitive-breaking to systematic exploitation enabled by AI optimization.

Core claim

The growing mismatch between algorithm-centric cryptographic security models and operational attack realities, where adversaries exploit implementation-level observability rather than breaking cryptographic primitives, is eroding trust in public key systems under AI-driven adaptive adversarial optimisation.

What carries the argument

The mismatch between algorithm-centric security models and operational attack realities enabled by AI-driven adaptive adversarial optimisation.

If this is right

  • Cryptographic security evaluations must expand beyond algorithm hardness to include AI-augmented implementation attacks.
  • Public key systems require defenses that account for adaptive, learning-based adversaries at the operational level.
  • Trust assumptions in PKC weaken when implementation observability becomes the dominant attack vector.
  • Existing side-channel literature understates the scale of risk once AI optimization is applied systematically.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Designers may need to treat AI-adaptive threats as a baseline rather than an advanced case when selecting or deploying PKC.
  • Post-quantum algorithm selection could be influenced by their relative resistance to implementation-level AI optimization.
  • Standardization bodies might need updated guidelines that explicitly model adaptive adversary capabilities.

Load-bearing premise

That AI-driven adaptive adversarial optimization represents a significant and growing practical threat capable of systematically eroding trust in public key systems beyond existing side-channel and implementation attack literature.

What would settle it

Documented cases of deployed public key systems being compromised at scale by AI-optimized attacks that demonstrably exceed the capabilities described in pre-AI side-channel literature.

read the original abstract

This paper examines the erosion of Public Key Cryptography (PKC) security under adaptive adversarial optimisation driven by artificial intelligence. The problem addressed is the growing mismatch between algorithm-centric cryptographic security models and operational attack realities, where adversaries exploit implementation-level observability rather than breaking cryptographic primitives.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 0 minor

Summary. The paper examines the erosion of Public Key Cryptography (PKC) security under adaptive adversarial optimisation driven by artificial intelligence. It addresses the growing mismatch between algorithm-centric cryptographic security models and operational attack realities, where adversaries exploit implementation-level observability rather than breaking cryptographic primitives.

Significance. If substantiated with evidence distinguishing AI-driven attacks from existing side-channel and implementation-attack literature, the work could highlight important gaps in current threat models for PKC systems. However, the manuscript supplies no empirical data, attack constructions, comparative evaluations, or derivations to support the central assertion that AI enables systematic new capabilities capable of eroding trust beyond established results on timing, power, cache, and microarchitectural attacks.

major comments (1)
  1. The manuscript asserts that AI-driven adaptive adversarial optimization produces attack capabilities or success rates not already covered by the extensive body of side-channel, fault-injection, and implementation-attack work, but provides no new attack construction, comparative evaluation, or empirical demonstration to establish this differentiation. This is load-bearing for the erosion-of-trust conclusion.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for their review and the opportunity to respond. The manuscript is a conceptual analysis of the gap between traditional PKC threat models and AI-augmented implementation attacks; we address the major comment below by clarifying scope and committing to revisions that avoid overstatement.

read point-by-point responses
  1. Referee: The manuscript asserts that AI-driven adaptive adversarial optimization produces attack capabilities or success rates not already covered by the extensive body of side-channel, fault-injection, and implementation-attack work, but provides no new attack construction, comparative evaluation, or empirical demonstration to establish this differentiation. This is load-bearing for the erosion-of-trust conclusion.

    Authors: We agree that the manuscript supplies no new attack constructions, comparative evaluations, or empirical data. The paper's contribution is limited to identifying a modeling mismatch: traditional security proofs focus on algorithmic hardness while real adversaries increasingly optimize over observable implementation artifacts using AI techniques. We do not claim or demonstrate that AI yields success rates or capabilities strictly outside the side-channel literature; instead we synthesize trends from both fields to argue that current threat models may understate the scalability and adaptability of such attacks. We will revise the text to remove any phrasing that could be read as asserting novel empirical capabilities and will explicitly frame the work as a call for updated models and future empirical studies rather than a demonstration of erosion. revision: yes

Circularity Check

0 steps flagged

No circularity; conceptual argument with no derivations or fitted quantities

full rationale

The paper is a conceptual examination of the mismatch between algorithm-centric PKC models and implementation-level attacks, with no equations, parameters, or derivations present. The central claim rests on the premise that AI-driven adaptation creates new practical threats, but this is advanced as an assertion rather than derived from any self-referential construction, fitted input, or self-citation chain. No load-bearing steps reduce to inputs by definition, and the absence of mathematical content precludes the patterns of self-definitional, fitted-prediction, or ansatz-smuggling circularity.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

No specific free parameters, axioms, or invented entities are identifiable from the abstract alone; assessment limited by lack of full manuscript.

pith-pipeline@v0.9.1-grok · 5567 in / 973 out tokens · 28987 ms · 2026-06-30T13:15:02.612625+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

79 extracted references · 21 canonical work pages

  1. [1]

    hardened

    Adaptive Cyber-Attack Patterns Targeting Public Key Cryptography Cyber-attacks on Public Key Cryptography have undergone a qualitative transformation driven by artificial intelligence –enabled polymorphic and fully morphing malware. Unlike traditional malware, which relies on static payloads and predefined execution path s, polymorphic malware continuousl...

  2. [2]

    Adversarial Optimisation of Cryptographic Trust through Private Key Compromise Private key compromise under AI-driven polymorphic and fully morphing malware should be understood as an explicit optimisation target within adaptive adversarial strategies. Unlike traditional malware campaigns that treat key exposure as an opportunistic outcome, contemporary A...

  3. [3]

    Under AI-driven polymorphic and fully morphing malware, this model is no longer sufficien t

    Adaptive Man-in-the-Middle Attacks and the Erosion of Cryptographic Trust Man-in-the-middle attacks (MITM) against Public Key Cryptography have traditionally been modelled as transient interception events that exploit weaknesses in key exchange or authentication protocols. Under AI-driven polymorphic and fully morphing malware, this model is no longer suf...

  4. [4]

    AI-Optimised Side-Channel Attacks and Cryptographic Observability Side-channel attacks against Public Key Cryptography no longer constitute peripheral implementation flaws but have evolved into primary inference channels through which adaptive adversaries extract cryptographic state. In contrast to classical attack models that treat leakage as incidental ...

  5. [5]

    harvest now, decrypt later

    Quantum-Accelerated Adversarial Pressure and the Limits of Post-Quantum Cryptography Quantum computing introduces a discontinuity in the threat model of Public Key Cryptography by collapsing the computational hardness assumptions that underpin widely deployed asymmetric schemes. Algorithms such as RSA and Elliptic Curve Cryptography derive their security ...

  6. [6]

    Cyber-attacks on Public Key Cryptography

    Results and Evidence of Misalignment between Cryptographic Research and AI-Driven Operational Threats The results reported in this section derive from the combined analysis of a reproducible bibliometric dataset and qualitative empirical evidence, interpreted through the analytical framework developed in the preceding sections. Rather than presenting isol...

  7. [7]

    Discussion Interpreting Cryptographic Failure as Adversarial Adaptation rather than Algorithmic Weakness The results of this study confirm that the dominant failure mode of Public Key Cryptography has shifted from algorithmic vulnerability to adversarial adaptation. While classical cryptographic research has treated security as a function of computational...

  8. [8]

    Conclusion This study demonstrates that Public Key Cryptography fails in practice not through algorithmic weakness, but through adaptive adversarial optimisation targeting implementation-level observability and key lifecycle dependencies. The bibliometric analysis identified a structural absence of research on AI-enabled cryptographic attacks, while empir...

  9. [9]

    Introduction to Cryptography,

    Buchmann, Johannes A., “Introduction to Cryptography,” 2004, doi: 10.1007/978-1- 4419-9003-7, URL: http://link.springer.com/10.1007/978-1-4419-9003-7

  10. [10]

    Harper, 1894

    Liddell, Henry George, A greek-english lexicon. Harper, 1894

  11. [11]

    An Introduction to Cryptography,

    Hoffstein, Jeffrey., Pipher, Jill., and Silverman, Joseph H., “An Introduction to Cryptography,” pp. 1–59, 2014, doi: 10.1007/978-1-4939-1711-2_1, URL: https://link.springer.com/10.1007/978-1-4939-1711-2_1

  12. [12]

    Approximating the best Nash Equilibrium in no (1ogn)-time breaks the exponential time hypothesis,

    Braverman, Mark., Ko, Young Kun., and Weinstein, Omri, “Approximating the best Nash Equilibrium in no (1ogn)-time breaks the exponential time hypothesis,” Proc. West. Mark. Ed. Assoc. Conf., vol. 2015-Janua, no. January, pp. 970–982, 2015, doi: 10.1137/1.9781611973730.66

  13. [13]

    Springer Science & Business Media, 2009

    Paar, Christof., and Pelzl, Jan, Understanding cryptography: a textbook for students and practitioners. Springer Science & Business Media, 2009

  14. [14]

    Block cipher cryptographic system,

    Feistel, Horst, “Block cipher cryptographic system,” 19-Mar-1971

  15. [15]

    A method for obtaining digital signatures and public-key cryptosystems,

    Rivest, Ronald L., Shamir, Adi., and Adleman, Leonard, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, no. 2, pp. 120–126, 1978

  16. [16]

    What is GDPR, the EU’s new data protection law? - GDPR.eu,

    GDPR, “What is GDPR, the EU’s new data protection law? - GDPR.eu,” 2018. [Online]. Available: https://gdpr.eu/what-is-gdpr/. [Accessed: 07-Jul-2023], URL: https://gdpr.eu/what-is-gdpr/

  17. [17]

    Information Commissioner’s Office (ICO): The UK GDPR,

    ICO, “Information Commissioner’s Office (ICO): The UK GDPR,” UK GDPR guidance and resources, 2018. [Online]. Available: https://ico.org.uk/for-organisations/data- protection-and-the-eu/data-protection-and-the-eu-in-detail/the-uk-gdpr/. [Accessed: 08-Jul-2023], URL: https://ico.org.uk/for-organisations/data-protection-and-the- eu/data-protection-and-the-eu...

  18. [18]

    Public key cryptosystem method and apparatus,

    Hoffstein, Jeffrey.,., Pipher, Jill.,., and Silverman, H Joseph., “Public key cryptosystem method and apparatus,” US08/914,449, 1997. Dr. Petar Radanliev Parks Road, Oxford OX1 3PJ United Kingdom Email: petar.radanliev@cs.ox.ac.uk BA Hons., MSc., Ph.D. Post-Doctorate 46

  19. [19]

    bibliometrix: An R-tool for comprehensive science mapping analysis,

    Aria, Massimo., and Cuccurullo, Corrado, “bibliometrix: An R-tool for comprehensive science mapping analysis,” J. Informetr., vol. 11, no. 4, pp. 959–975, Nov. 2017, doi: 10.1016/j.joi.2017.08.007

  20. [20]

    Security enhancements of networked control systems using RSA public-key cryptosystem,

    Fujita, Takahiro., Kogiso, Kiminao., Sawada, Kenji., and Shin, Seiichi, “Security enhancements of networked control systems using RSA public-key cryptosystem,” 2015 10th Asian Control Conference: Emerging Control Techniques for a Sustainable World, ASCC 2015, Sep. 2015, doi: 10.1109/ASCC.2015.7244402

  21. [21]

    Thirumalai, Chandra Segar., Budugutta, Srivastav., and Thirumalai, Chandrasegar, “Public key encryption for SAFE transfer of one time password heuristic prediction of olympic medals using machine learning View project Extreme Machine Learning View project Public Key Encryption for SAFE Transfer of One Time Password,” vol. 8, no. 118, pp. 283–287, Jan. 201...

  22. [22]

    Exploring Applied Cryptosystems to Formally Verify Security in Cyber-Physical Systems (Conference) | OSTI.GOV,

    Logsdon, Sara Rose, “Exploring Applied Cryptosystems to Formally Verify Security in Cyber-Physical Systems (Conference) | OSTI.GOV,” in U.S. Department of Energy Office of Scientific and Technical Information, 2022, URL: https://www.osti.gov/biblio/1880065

  23. [23]

    A Study on Cryptography,

    Wadhawan, Shaffali., and Shilpa, “A Study on Cryptography,” International Journal of Engineering and Management Research, vol. 13, no. 2, pp. 99–103, Apr. 2023, doi: 10.31033/IJEMR.13.2.15, URL: https://ijemr.vandanapublications.com/index.php/ijemr/article/view/1166

  24. [24]

    Discrete Logarithmic Factorial Problem and Einstein Crystal Model Based Public-Key Cryptosystem for Digital Content Confidentiality,

    Hafiz, Muhammad Waseem., Lee, Wai Kong., Hwang, Seong Oun., Khan, Majid., and Latif, Asim, “Discrete Logarithmic Factorial Problem and Einstein Crystal Model Based Public-Key Cryptosystem for Digital Content Confidentiality,” IEEE Access, vol. 10, pp. 102119–102134, 2022, doi: 10.1109/ACCESS.2022.3207781

  25. [25]

    CSAF, Not SBOM, Is The Solution,

    Wiesner, Jens, “CSAF, Not SBOM, Is The Solution,” S4x22 - BSI, 2022. [Online]. Available: https://www.youtube.com/watch?v=fKlW9vOs7X4&t=504s. [Accessed: 03- Jan-2023], URL: https://www.youtube.com/watch?v=fKlW9vOs7X4&t=504s

  26. [26]

    Using CSAF to Respond to Supply Chain Vulnerabilities at Large Scale,

    OASIS, “Using CSAF to Respond to Supply Chain Vulnerabilities at Large Scale,” OASIS Open, 2022. [Online]. Available: https://us06web.zoom.us/webinar/register/WN_KqD-a1t5SpuMI7w9cI7ZDg. [Accessed: 03-Jan-2023], URL: https://us06web.zoom.us/webinar/register/WN_KqD- a1t5SpuMI7w9cI7ZDg

  27. [27]

    Media Faculty in cooperation with the Development of an API to request security advisories for CSAF 2.0 by Enterprise and IT Security Supervision,

    Schmidt, Leon., Hammer, Daniel., Biß, Klaus., and Schmidt, Thomas, “Media Faculty in cooperation with the Development of an API to request security advisories for CSAF 2.0 by Enterprise and IT Security Supervision,” 2022

  28. [28]

    NTIA, Multistakeholder Process on Software Component Transparency - Standards and Formats Working Group, “Survey of Existing SBOM Formats and Standards- Version 2021 Survey of Existing SBOM Formats and Standards Credit: Photo by Patrick Tomasso on Unsplash NTIA Multistakeholder Process on Software Component Transparency Standards and Formats Working Group...

  29. [29]

    SBOM at a Glance,

    NTIA, “SBOM at a Glance,” NTIA Multistakeholder Process on Software Component Transparency | ntia.gov/sbom, 2021. [Online]. Available: https://tiny.cc/SPDX. [Accessed: 03-Jan-2023], URL: https://tiny.cc/SPDX. Dr. Petar Radanliev Parks Road, Oxford OX1 3PJ United Kingdom Email: petar.radanliev@cs.ox.ac.uk BA Hons., MSc., Ph.D. Post-Doctorate 47

  30. [30]

    Washington, D.C: The National Telecommunications and Information Administration (NTIA), 2021, URL: https://ntia.gov/page/software-bill-materials

    NTIA, National Telecommunications and Information Administration, Software Bill of Materials (SBOM) | National Telecommunications and Information Administration. Washington, D.C: The National Telecommunications and Information Administration (NTIA), 2021, URL: https://ntia.gov/page/software-bill-materials

  31. [31]

    Vulnerability-Exploitability eXchange (VEX),

    NTIA, the U.S. National Telecommunications and Information Administration, “Vulnerability-Exploitability eXchange (VEX),” 2021, URL: https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf

  32. [32]

    CISA Stakeholder-Specific Vulnerability Categorization Guide,

    CISA, “CISA Stakeholder-Specific Vulnerability Categorization Guide,” Cybersecurity and Infrastructure Security Agency, Nov-2022. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf. [Accessed: 03-Jan-2023], URL: https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf

  33. [33]

    Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default,

    CISA, “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default,” 2023, URL: http://www.cisa.gov/tlp/

  34. [34]

    Minimum Requirements for Vulnerability Exploitability eXchange (VEX),

    CISA, “Minimum Requirements for Vulnerability Exploitability eXchange (VEX),” U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 2023, URL: http://www.cisa.gov/tlp/

  35. [35]

    Software Bill of Materials,

    CISA, “Software Bill of Materials,” Cybersecurity & Infrastructure Security Agency,

  36. [36]

    Available: https://www.cisa.gov/sbom

    [Online]. Available: https://www.cisa.gov/sbom. [Accessed: 24-Dec-2022], URL: https://www.cisa.gov/sbom

  37. [37]

    Evaluating the Performance of NIST’s Framework Cybersecurity Controls Through a Constructivist Multicriteria Methodology,

    Moreira, Fernando Rocha., Da Silva Filho, Demetrio Antonio., Nze, Georges Daniel Amvame., De Sousa Junior, Rafael Timoteo., and Nunes, Rafael Rabelo, “Evaluating the Performance of NIST’s Framework Cybersecurity Controls Through a Constructivist Multicriteria Methodology,” IEEE Access, 2021, doi: 10.1109/ACCESS.2021.3113178

  38. [38]

    Draft NISTIR 8170, The Cybersecurity Framework: Implementation Guidance for Federal Agencies,

    Barrett, Matt., Marron, Jeff., Yan Pillitteri, Victoria., Boyens, Jon., Witte, Greg., and Feldman, Larry, “Draft NISTIR 8170, The Cybersecurity Framework: Implementation Guidance for Federal Agencies,” Maryland, 2017, URL: https://csrc.nist.gov/CSRC/media/Publications/nistir/8170/draft/documents/nistir8170- draft.pdf

  39. [39]

    2016, URL: https://www.nist.gov/cyberframework

    NIST, Cybersecurity_Framework, Cybersecurity Framework | NIST. 2016, URL: https://www.nist.gov/cyberframework

  40. [40]

    NIST Version 1.1,

    NIST, “NIST Version 1.1,” National Institute of Standards and Technology, U.S. Department of Commerce, 2018. [Online]. Available: https://www.nist.gov/news- events/news/2018/04/nist-releases-version-11-its-popular-cybersecurity-framework, URL: https://www.nist.gov/news-events/news/2018/04/nist-releases-version-11-its- popular-cybersecurity-framework

  41. [41]

    Artificial intelligence | NIST,

    NIST, “Artificial intelligence | NIST,” 2023. [Online]. Available: https://www.nist.gov/artificial-intelligence. [Accessed: 06-Apr-2023], URL: https://www.nist.gov/artificial-intelligence

  42. [42]

    AI Risk Management Framework | NIST,

    NIST, “AI Risk Management Framework | NIST,” National Institute of Standards and Technology, 2023. [Online]. Available: https://www.nist.gov/itl/ai-risk-management- framework. [Accessed: 18-Apr-2023], URL: https://www.nist.gov/itl/ai-risk- management-framework. Dr. Petar Radanliev Parks Road, Oxford OX1 3PJ United Kingdom Email: petar.radanliev@cs.ox.ac.u...

  43. [43]

    NIST Special Publication 800-128,

    NIST, “NIST Special Publication 800-128,” 2011, URL: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-128.pdf

  44. [44]

    2023 , number =

    Tabassi, Elham, “AI Risk Management Framework | NIST,” 2023, doi: 10.6028/NIST.AI.100-1, URL: https://www.nist.gov/itl/ai-risk-management-framework

  45. [45]

    Software Identification (SWID) Tagging | CSRC | NIST,

    SWID, “Software Identification (SWID) Tagging | CSRC | NIST,” National Institute of Standards and Technology. [Online]. Available: https://csrc.nist.gov/projects/Software- Identification-SWID. [Accessed: 19-Apr-2023], URL: https://csrc.nist.gov/projects/Software-Identification-SWID

  46. [46]

    Adapted SANS Cybersecurity Policies for NIST Cybersecurity Framework,

    Petrov, Milen, “Adapted SANS Cybersecurity Policies for NIST Cybersecurity Framework,” 2021

  47. [47]

    Software Security in Supply Chains: Software Bill of Materials (SBOM) | NIST,

    NIST, “Software Security in Supply Chains: Software Bill of Materials (SBOM) | NIST,” National Institute of Standards and Technology, 2023. [Online]. Available: https://www.nist.gov/itl/executive-order-14028-improving-nations- cybersecurity/software-security-supply-chains-software-1. [Accessed: 18-Apr-2023], URL: https://www.nist.gov/itl/executive-order-1...

  48. [48]

    Improving the cybersecurity of medical systems by applying the NIST framework,

    Udroiu, Adriana-Meda., Dumitrache, Mihail., and Sandu, Ionut, “Improving the cybersecurity of medical systems by applying the NIST framework,” in 2022 14th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), 2022, pp. 1–7

  49. [49]

    NIST cybersecurity framework in south america: Argentina, Brazil, Chile, Colombia, And Uruguay,

    Catril Opazo, Juan Eduardo, “NIST cybersecurity framework in south america: Argentina, Brazil, Chile, Colombia, And Uruguay,” 2021

  50. [50]

    Post-Quantum Cryptography | CSRC | Competition for Post-Quantum Cryptography Standardisation,

    NIST, “Post-Quantum Cryptography | CSRC | Competition for Post-Quantum Cryptography Standardisation,” 2023, URL: https://csrc.nist.gov/projects/post- quantum-cryptography

  51. [51]

    SP 800-61 Rev. 2, Computer Security Incident Handling Guide | CSRC,

    NIST, “SP 800-61 Rev. 2, Computer Security Incident Handling Guide | CSRC,” 2012. [Online]. Available: https://csrc.nist.gov/pubs/sp/800/61/r2/final. [Accessed: 25-Jul- 2023], URL: https://csrc.nist.gov/pubs/sp/800/61/r2/final

  52. [52]

    Advanced Encryption Standard (AES) ,

    NIST, “Advanced Encryption Standard (AES) ,” Nov. 2001, URL: https://web.archive.org/web/20170312045558/http://nvlpubs.nist.gov/nistpubs/FIPS/NI ST.FIPS.197.pdf

  53. [53]

    Post-Quantum Cryptography | CSRC | Selected Algorithms: Public-key Encryption and Key-establishment Algorithms,

    NIST, “Post-Quantum Cryptography | CSRC | Selected Algorithms: Public-key Encryption and Key-establishment Algorithms,” 2023, URL: https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  54. [54]

    NVD - CVSS v3 Calculator,

    NIST, “NVD - CVSS v3 Calculator,” CVSS Version 3.1, 2022. [Online]. Available: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator. [Accessed: 03-Jan-2023], URL: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

  55. [55]

    Product Integration using NVD CVSS Calculators,

    NIST, “Product Integration using NVD CVSS Calculators,” 2022. [Online]. Available: https://nvd.nist.gov/Vulnerability-Metrics/Calculator-Product-Integration. [Accessed: 09-Jan-2026], URL: https://nvd.nist.gov/Vulnerability-Metrics/Calculator-Product- Integration

  56. [56]

    Block Cipher Techniques,

    NIST, “Block Cipher Techniques,” 2020. [Online]. Available: https://csrc.nist.gov/Projects/block-cipher-techniques, URL: https://csrc.nist.gov/Projects/block-cipher-techniques. Dr. Petar Radanliev Parks Road, Oxford OX1 3PJ United Kingdom Email: petar.radanliev@cs.ox.ac.uk BA Hons., MSc., Ph.D. Post-Doctorate 49

  57. [57]

    Post-Quantum Cryptography PQC,

    NIST, “Post-Quantum Cryptography PQC,” 2022. [Online]. Available: https://csrc.nist.gov/Projects/post-quantum-cryptography, URL: https://csrc.nist.gov/Projects/post-quantum-cryptography

  58. [58]

    Lightweight Cryptography,

    NIST, “Lightweight Cryptography,” 2022. [Online]. Available: https://csrc.nist.gov/Projects/lightweight-cryptography, URL: https://csrc.nist.gov/Projects/lightweight-cryptography

  59. [59]

    Privacy-Enhancing Cryptography PEC,

    NIST, “Privacy-Enhancing Cryptography PEC,” 2022. [Online]. Available: https://csrc.nist.gov/Projects/pec, URL: https://csrc.nist.gov/Projects/pec

  60. [60]

    Hash Functions,

    NIST, “Hash Functions,” 2020. [Online]. Available: https://csrc.nist.gov/Projects/Hash- Functions, URL: https://csrc.nist.gov/Projects/Hash-Functions

  61. [61]

    Key Management - Symmetric Block Ciphers, Pair-Wise Key Establishment Schemes,

    NIST, “Key Management - Symmetric Block Ciphers, Pair-Wise Key Establishment Schemes,” 2022, URL: https://csrc.nist.gov/projects/key-management/key- establishment

  62. [62]

    Cybersecurity Framework Version 1.1,

    NIST, “Cybersecurity Framework Version 1.1,” 2018

  63. [63]

    Cybersecurity Framework,

    NIST, “Cybersecurity Framework,” 2022. [Online]. Available: https://www.nist.gov/cyberframework/getting-started, URL: https://www.nist.gov/cyberframework/getting-started

  64. [64]

    Framework for Improving Critical Infrastructure Cybersecurity,

    NIST, “Framework for Improving Critical Infrastructure Cybersecurity,” 2014, URL: https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity- framework-021214.pdf

  65. [65]

    Security and Privacy Controls for Information Systems and Organizations,

    NIST 800-53, “Security and Privacy Controls for Information Systems and Organizations,” 2020

  66. [66]

    Advanced Manufacturing Partnership,

    NIST Advanced Manufacturing Office, “Advanced Manufacturing Partnership,” 2013, URL: https://www.nist.gov/amo/programs

  67. [67]

    Guide to Cyber Threat Information Sharing,

    Johnson, Chris., Badger, Lee., Waltermire, David., Snyder, Julie., and Skorupka, Clem, “Guide to Cyber Threat Information Sharing,” NIST Special Publication, pp. 800–150, 2016, doi: 10.6028/NIST.SP.800-150, URL: http://dx.doi.org/10.6028/NIST.SP.800-150

  68. [68]

    The SARS, MERS and novel coronavirus (COVID-19) epidemics, the newest and biggest global health threats: what lessons have we learned?,

    Peeri, Noah C., Shrestha, Nistha., Rahman, Md Siddikur., Zaki, Rafdzah., Tan, Zhengqi., Bibi, Saana., Baghbanzadeh, Mahdi., … Haque, Ubydul, “The SARS, MERS and novel coronavirus (COVID-19) epidemics, the newest and biggest global health threats: what lessons have we learned?,” Int. J. Epidemiol., Feb. 2020, doi: 10.1093/ije/dyaa033, URL: http://www.ncbi....

  69. [69]

    The Economic Impact of Technology Infrastructure for Smart Manufacturing,

    Anderson, Gary, “The Economic Impact of Technology Infrastructure for Smart Manufacturing,” NIST Economic Analysis Briefs, vol. 4, 2016, doi: 10.6028/NIST.EAB.4, URL: http://nvlpubs.nist.gov/nistpubs/eab/NIST.EAB.4.pdf

  70. [70]

    H.R.5793 - 113th Congress (2013-2014): Cyber Supply Chain Management and Transparency Act of 2014,

    Royce, Edward R., “H.R.5793 - 113th Congress (2013-2014): Cyber Supply Chain Management and Transparency Act of 2014,” Congress.Gov, 2014. [Online]. Available: http://www.congress.gov/. [Accessed: 03-Jan-2023], URL: http://www.congress.gov/

  71. [71]

    Cybersecurity Improvement Act of 2017: The Ghost of Congress Past - DevOps.com,

    Howard, Matt, “Cybersecurity Improvement Act of 2017: The Ghost of Congress Past - DevOps.com,” devops.com, 2017. [Online]. Available: https://devops.com/cybersecurity-improvement-act-2017-ghost-congress-past/. Dr. Petar Radanliev Parks Road, Oxford OX1 3PJ United Kingdom Email: petar.radanliev@cs.ox.ac.uk BA Hons., MSc., Ph.D. Post-Doctorate 50 [Accessed...

  72. [72]

    Executive Order on Improving the Nation’s Cybersecurity | The White House,

    Biden, Joseph, “Executive Order on Improving the Nation’s Cybersecurity | The White House,” The White House, 12-May-2021. [Online]. Available: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive- order-on-improving-the-nations-cybersecurity/. [Accessed: 03-Jan-2023], URL: https://www.whitehouse.gov/briefing-room/presidential...

  73. [73]

    BlackMamba: Using AI to Generate Polymorphic Malware,

    Sims, Jeff, “BlackMamba: Using AI to Generate Polymorphic Malware,” 2023

  74. [74]

    New Directions in Cryptography,

    Diffie, Whitfield., and Hellman, Martin E., “New Directions in Cryptography,” IEEE Trans. Inf. Theory, vol. 22, no. 6, pp. 644–654, 1976, doi: 10.1109/TIT.1976.1055638

  75. [75]

    Algorithms for quantum computation: Discrete logarithms and factoring,

    Shor, Peter W., “Algorithms for quantum computation: Discrete logarithms and factoring,” Proceedings - Annual IEEE Symposium on Foundations of Computer Science, FOCS, pp. 124–134, 1994, doi: 10.1109/SFCS.1994.365700

  76. [76]

    Scalable Zero Knowledge Via Cycles of Elliptic Curves,

    Ben-Sasson, Eli., Chiesa, Alessandro., Tromer, Eran., and Virza, Madars, “Scalable Zero Knowledge Via Cycles of Elliptic Curves,” Algorithmica, vol. 79, no. 4, pp. 1102– 1160, Dec. 2017, doi: 10.1007/S00453-016-0221-0/FIGURES/5, URL: https://link.springer.com/article/10.1007/s00453-016-0221-0

  77. [77]

    Elliptic curve cryptosystems,

    Torii, Naoya., and Yokoyama, Kazuhiro, “Elliptic curve cryptosystems,” Math. Comput., vol. 48, no. 177, pp. 203–209, 1987, doi: 10.1090/S0025-5718-1987- 0866109-5, URL: https://www.ams.org/mcom/1987-48-177/S0025-5718-1987- 0866109-5/

  78. [78]

    Lattice-based Cryptography,

    Micciancio, Daniele., and Regev, Oded, “Lattice-based Cryptography,” in Post- Quantum Cryptography, 2009, pp. 147–191, doi: 10.1007/978-3-540-88702-7_5, URL: https://link.springer.com/chapter/10.1007/978-3-540-88702-7_5

  79. [79]

    The Evaluation of Software Security through Quantum Computing Techniques: A Durability Perspective,

    Alyami, Hashem., Nadeem, Mohd., Alharbi, Abdullah., Alosaimi, Wael., Ansari, Md Tarique Jamal., Pandey, Dhirendra., Kumar, Rajeev., and Khan, Raees Ahmad, “The Evaluation of Software Security through Quantum Computing Techniques: A Durability Perspective,” Applied Sciences 2021, Vol. 11, Page 11784, vol. 11, no. 24, p. 11784, Dec. 2021, doi: 10.3390/APP11...