A note on a provable secure encryption scheme

A Cramer-Shoup scheme was modified in a variant way.The major advantage with respect to Kurosawa-Desmedt scheme is that it saves a key parameter and produces shorter ciphertext.The proof of security shows that our scheme can be instantiated with any computational secure key derivation and message authentication functions.Thus it extends the applicability of the Kurosawa-Desmedt scheme and improves its effciency.     

Chosen ciphertext secure fuzzy identity based encryption without ROM

Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption(fuzzy-IBE) schemes without random oracle are proposed.The first scheme combines the modification of chosen-plaintext secure Sahai and Waters'"large universe"construction and authenticated symmetric encryption, and uses consistency checking to handle with ill-formed ciphertexts to achieve chosen-ciphertext security in the selective ID model.The second scheme improves the effciency of first scheme by eliminating consistency checking.This improved scheme is more effcient than existing chosen-ciphertext secure fuzzy-IBE scheme in the standard model.     

Chosen ciphertext secure identity-based broadcast encryption in the standard model

To give concurrent consideration both the efficiency and the security (intensity of intractable problem) in the standard model, a chosen ciphertext secure identity-based broadcast encryption is proposed. Against the chosen ciphertext security model, by using identity (ID) sequence and adding additional information in ciphertext, the self-adaptive chosen identity security (the full security) and the chosen ciphertext security are gained simultaneously. The reduction of scheme’s security is the decisional bilinear Diffie-Hellman (BDH) intractable assumption, and the proof of security shows that the proposed scheme is indistinguishable against adaptive chosen ciphertext attacks in the standard model under the decisional BDH intractable assumption. So the security level is improved, and it is suitable for higher security environment.     

Identity-based encryption with non-interactive opening

An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.     

在以太网中实现安全的地址映射

随着以太网规模的不断扩大,来自网络内部的安全威胁越来越突出.本文分析了地址映射协议(ARP)的安全隐患及其在以太网中可能面对的安全威胁,提出了地址映射协议SARP.SARP通过使用专门的映射服务器可实现IP地址到硬件地址的安全映射,可以有效地避免非法用户对地址信息的纂改、重播以及实施ARP伪装攻击.     

在以太网中实现安全的地址映射

随着以太网规模的不断扩大,来自网络内部的安全威胁越来越突出.本文分析了地址映射协议(ARP)的安全隐患及其在以太网中可能面对的安全威胁,提出了地址映射协议SARP.SARP通过使用专门的映射服务器可实现IP地址到硬件地址的安全映射,可以有效地避免非法用户对地址信息的纂改、重播以及实施ARP伪装攻击.     

Identity-based broadcast encryption with shorter transmissions

This paper describes two identity-based broadcast encryption(IBBE) schemes for mobile ad hoc networks.The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)-size ciphertexts.Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O(1) user storage cost, which are important for a mobile ad hoc network.Finally, the proposed schemes are provable security under the decision generalized bilinear Di?-Hellman(GBDH) assumption in the random oracles model.     

An identity-based encryption scheme with compact ciphertexts

This paper proposes an identity-based encryption scheme with the help of bilinear pairings, where the identity information of a user functions as the user's public key. The advantage of an identity-based public key system is that it can avoid public key certificates and certificate management. Our identity-based encryption scheme enjoys short ciphertexts and provable security against chosen-ciphertext attack (CCA).     

浅谈汽车的安全滑行

正确地运用滑行,不但可以节约燃料,还有利于安全,减少机件磨损和延长轮胎的使用寿命。但是,如果运用不当,不但不能节油,反而造成浪费,或者虽可节约一些燃油,但影响行车安全,增加劳动强度,降低平均车速和缩短机件寿命。     

三管齐下东风康明斯2009整装待发

中国改革开放30年,是企业迅速发展的30年.很多企业在不经意问崛起,又在不经意间倒下.究其原因,他们的成功更多得益于市场机遇,而未能形成一套高效能的业务运营和管理方法,也就是人们常说的,患上了"企业虚胖症".突如其来的全球金融危机,使得中国企业压力骤增.如何变脂肪为肌肉,让企业强壮起来,是每一个中国企业都在思考的问题.     

A secure and reliable routing protocol for wireless mesh networks

This study proposes an efficient secure routing protocol which considers symmetric and asymmetric links for wireless mesh networks （WMNs）. A wireless mesh network is a group of wireless mesh routers and several kinds of wireless devices （or nodes）. Individual node cooperates by forwarding packets to each other, allowing nodes to communicate beyond the symmetric or asymmetric links. Asymmetric link is a special feature of WMNs because the wireless transmission ranges of different wireless devices may be different. The asymmetric link enhances WMN coverage. Providing security in WMNs has become an important issue over the last few years. Existing research on this topic tends to focus on providing security for routing and data content in the symmetric link. However, most studies overlook the asymmetric link in these networks. This study proposes a novel distributed routing protocol beyond symmetric and asymmetric links, to guarantee the security and high reliability of the established route in a hostile environment, such as WMNs, by avoiding the use of unreliable intermediate nodes. The routes generated by the proposed protocol are shorter than those in prior works. The major objective of the proposed protocol is to allow trustworthy intermediate nodes to participate in the path construction protocol. The mesh clients out of mesh router wireless transmission range may discover a secure route to securely connect to the mesh router for Internet access via the proposed protocol. The proposed protocol enhances wireless mesh network coverage and assures security.     

用置换群解决信息加密问题的探索

提出了用置换群来解决信息加密问题的观点 ;并对用置换群进行加密、解密算法进行了论证 ,对加密密钥和解密密钥作了一些说明 ;同时提出了用置换群解决信息加密问题时可能存在的一些问题 .     

Distributed certificateless key encapsulation mechanism secure against the adaptive adversary

This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.     

安全双向中继通信中友好干扰节点的功率分配

研究了具有一组友好干扰节点辅助的双向中继网络中的安全传输问题,考虑了中继节点不可信为窃听节点和中继节点可信而存在其他窃听节点的两种情况下,友好干扰节点的功率分配问题.目的是设计友好干扰的最优功率分配方案,在友好干扰节点的功率消耗最小的情况下,达到双向中继系统的通信质量和通信安全性要求.本文为两种情形下的友好干扰节点功率分配问题分别建立了最优化模型,并证明了两个问题均属于线性规划问题.仿真结果表明,本文所设计友好干扰节点功率分配方案,能够在保证双向中继系统的通信质量和通信安全性前提下,使得友好干扰节点的总功率最小.     

Provably secure and efficient proxy signature with untrustworthy proxy signer

Proxy signature has drawn great concerns.However, there still remains a challenge to construct a provably secure and effcient proxy signature scheme.In this paper, we propose an effcient proxy signature scheme based on factoring, and prove that it is secure in the random oracle.Furthermore, we present a new type of proxy signature, called Proxy Signature with Untrustworthy Proxy Signer, and construct a concrete scheme.     

Batch secret sharing for secure multi-party computation in asynchronous network

This paper proposes an efficient batch secret sharing protocol among n players resilient to t < n/4 players in asynchronous network. The construction of our protocol is along the line of Hirt's protocol which works in synchronous model. Compared with the method of using secret share protocol m times to share m secrets, our protocol is quite efficient. The protocol can be used to improve the efficiency of secure multi-party computation (MPC) greatly in asynchronous network.     

Provably secure authenticated Diffie-Hellman key exchange for resource-limited smart card

Authenticated Diffie-Hellman key agreement is quite popular for establishing secure session keys. As resource-limited mobile devices arc becoming more popular and security threats are increasing, it is desirable to reduce computational load for these resource-limited devices while still preserving its strong security and convenience for users. In this paper, we propose a new smart-card-based user authenticated key agreement scheme which allows users to memorize passwords, reduces users＇ device computational load while still preserves its strong security. The proposed scheme effectively improves the computational load of modular exponentiations by 50%, and the security is formally proved.     

分离机制下一种互联网安全接入方法

重点研究身份与位置分离机制下源地址真实性保障方面的方法,提出了身份与位置分离网络中唯一且不变的终端身份标识EID结构,并设计了一种保障源地址真实性的安全接入方法,并且给出了相应的协议流程和协议格式,保证了身份与位置分离网络中源地址即终端身份标识EID的真实性.最后使用SVO形式化逻辑对其安全性进行了证明.     

海格将安全进行到底

数据显示,2006年中国共发生37万多起道路交通事故,死亡9万多人,伤37万多人.今年5月的统计表明发生了136894起事故,死亡30813人,约15万人受伤.交通安全已成为影响社会和谐的一个重要方面.承载旅客的客车其安全性更是重中之重,一旦发生事故后果很严重.     

模腔注射填充的全矢量显式算法

为满足注射成形模拟工业应用的实际需要，基于已有的模拟注填充显式算法，提出并实现了一种新的全矢量化显式算法，对于各类注射填充的模拟问题，此算法避免了压力场的全局求解，矩阵操作仅在单元一级进行，通过反馈修正，各时间增量步满足不可压缩条件，由于避免了所有的全局耦合求解，计算代价与节点的自由度近似成正比，可实现填充模拟过程的高效运算，容易实现并行计算，通过新算法的填充模拟结果与MINI单元的三维模拟结果比较，证实了该算法的有效性。