无线传感器网络簇状分层密钥管理方案设计

密钥管理对于无线传感器网络的系统安全有着十分重要的意义。该文在研究现有无线传感器网络密钥管理机制的基础上,提出一种适合簇状分层网络结构的密钥管理方案。     

Ad Hoc网络中基于身份的密钥管理及认证

提出了在AdHoe网络中一种分布式基于身份的密钥管理及认证方法。每个节点使用其身份作为公钥,主密钥由各节点的私钥分享,从而形成基于身份的门限分布式密钥管理。该方法不仅提供了点对点的认证,而且节省了网络带宽和节点的能量消耗,具有很高的效率和鲁棒性。     

IC卡道路运输电子证件密钥安全体系研究

IC卡道路运输电子证件的推行,对于规范道路运输市场秩序、提高行业管理部门的监管与服务水平有着重要意义。IC卡道路运输电子证件的核心和关键问题是密钥安全体系。文章在总结IC卡道路运输电子证件试点工作相关经验的基础上,提出了道路运输电子证件密钥安全体系总体框架、密钥管理系统技术要求,并对关键算法进行了研究。     

机动车电子标识在交通运输行业中的数据读写及密钥应用

探讨了机动车电子标识在交通运输行业应用过程中多应用主体的密钥管理和数据安全保障策略。首先分析了交通运输行业的数据应用特点和需求;然后在现有机动车电子标识密钥体系架构基础上,设计机动车电子标识存储区格式,并创新提出机动车电子标识在交通运输行业中应用的密钥管理体系和数据安全保障策略;最后通过模拟高速公路多义路径识别应用场景,对新构建的电子标识安全访问系统进行测试验证。结果表明,新系统能有效提高交通运输行业数据的安全性和管理效率。     

An identity-based encryption scheme with compact ciphertexts

This paper proposes an identity-based encryption scheme with the help of bilinear pairings, where the identity information of a user functions as the user's public key. The advantage of an identity-based public key system is that it can avoid public key certificates and certificate management. Our identity-based encryption scheme enjoys short ciphertexts and provable security against chosen-ciphertext attack (CCA).     

Distributed certificateless key encapsulation mechanism secure against the adaptive adversary

This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.     

Formal analysis of authentication in 802.11i

Authentication is the basis of the security of IEEE 802.11i standard. The authentication process in 802.11i involves two important protocols: a 4-way handshake and a group key handshake. A formal analysis of authentication in 802.11i is given via a belief multisets formalism. The analysis shows that the 4-way handshake and the group key handshake may provide satisfactory mutual authentication, key management, and issue of a new group temporal key from an access point to a user device, under the guarantee of mutual possession of a confidential pairwise master key. The analysis also shows that there exists a denial of service attack in the 4-way handshake and some seeming redundancies are useful in the protocol implementation.     

A loss-tolerant group key management scheme with revocation capability for wireless sensor network

A new group key management scheme against the unreliable wireless communication channel and unsafe environment was proposed for wireless sensor network (WSN). In the proposed scheme, broadcast polynomial, generated over finite field Fq based on the secret sharing, was employed to revoke compromised sensor nodes. In order to tolerate key-update message loss, group session keys were generated as one-way hash chain sequence and distributed in advance. The analysis showes that the scheme has better performance in terms of the computation and communication overhead.     

基于移频识别技术的铁路长期票和储值卡应用

从分析国内外移频识别(RFID)车票的应用现状入手,介绍在中国铁路客运RFID长期票和储值卡的应用模式,并给出应用中关键技术的解决方案.铁路RFID长期票可以有效地提高铁路客运效率,实现检票自动化.铁路RFID储值卡在现有客运体制的基础上简化购票的支付手段,为客户管理和积分优惠提供了条件.提出基于密钥管理的RFID票务系统安全机制和RFID车票读写机具的设计思路.实验室测试结果表明,RFID票务系统操作方便,售检票速度得到极大的提高.     

APN体系结构及其典型应用

1 APN的体系结构组成一个完整的APN系统由以下部分组成:APN VDNServer,APN通讯网关、密钥管理、防火墙。1.1 APN体系VDN服务——每个APN在因特网上会属于一个虚拟的域,有自己独特的虚拟域名和虚拟主机名。同时,在Internet上,开发出一种机制来解析这些域名,使得在同一个域之间的