Result: An Enhanced RNS-AES Encryption Scheme with CBC Mode and HMAC for Secure and Authenticated Data Protection

Modern cryptographic systems in cloud and IoT environments must balance strong security with real-time performance, yet existing methods often require trade-offs that sacrifice speed for security or introduce latency through conservative designs. This paper presents RNS-AES-CBC-HMAC, a hybrid framework that integrates Residue Number System (RNS) arithmetic with AES-256 and HMAC-SHA256 to deliver both performance and robust security. Using a balanced modulus set $\{2^n - 1,\, 2^n,\, 2^n + 1\}$ for constant-time, carry-free arithmetic mitigates side-channel risks, while AES-256 in Cipher Block Chaining (CBC) mode ensures confidentiality and HMAC-SHA256 provides message integrity with minimal overhead. Implemented in Python 3.10 with PyCryptodome 3.18.0 and tested on an AMD Ryzen~5~2500U, the framework achieved encryption/decryption latencies of $55$--$593\,\mu\text{s}$ for 4--15 character payloads, representing 99\% improvement over previous RNS-based hybrids. It scales linearly in time and memory $\mathcal{O}(n)$, consumes only $21\,\text{KB}$, and produces ciphertext entropy of $7.999\,\text{bits/byte}$, surpassing NIST SP~800-22 standards. This dual-layer architecture effectively counters both passive and active threats, making it suitable for low-latency IoT edge devices and high-throughput cloud systems, merging theoretical number systems with practical cryptography for real-world deployment.