Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-b...Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-based healthcare system,Jia et al.proposed an authenticated key agreement scheme.Moreover,in view of the high computation cost existing in Jia et al.’s scheme,Ma et al.presented an efficient one using elliptic curve cryptography.In this paper,we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving.Therefore,to overcome this potential risk,we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions.Additionally,we provide provable security under the adopted adversarial model and ProVerif simulation,and also analyze the performance in terms of computation and communication costs by comparisons.The analysis results show that the improved scheme resists the common attacks,reduces computation overhead,and has a certain significance.展开更多
A conference key establishment protocol allows a group of conferees to agree on a secret key shared among them for secure group communication.This paper proposes a three-level conference key establishment protocol bas...A conference key establishment protocol allows a group of conferees to agree on a secret key shared among them for secure group communication.This paper proposes a three-level conference key establishment protocol based on the Universal Mobile Telecommunications System (UMTS) framework to establish a group-level key,home location register (HLR) level keys,and visitor location register (VLR) level keys simultaneously for a group of conferees.The group-level key is used to secure the communications for all conferees,the HLR-level key is for those within the same HLR domain,and the VLR-level key is for those within the same VLR domain.The group-level key can be used for securing inter-domain group-oriented applications such as commercial remote conferencing systems.The HLRand VLR-level keys can be used for securing intra-domain subgroup applications (e.g.,location-based or context-aware services) and dynamic key updating.Since our proposed protocol exploits existing UMTS security functions and the exclusive-or operation,it is compatible with UMTS architecture.This means that it is fast and easy to implement on the existing UMTS architecture.Furthermore,the proposed protocol has low computational complexities and can provide cost effectiveness,load-amortization,scalability,user authentication,key establishment,key confirmation,key updating,and lawful interception.展开更多
This paper develops a general hypercube-based key predistribution scheme for establishing pairwise keys between sensor nodes using polynomials, which is parameterized by the dimension of hypercube and the Hamming dist...This paper develops a general hypercube-based key predistribution scheme for establishing pairwise keys between sensor nodes using polynomials, which is parameterized by the dimension of hypercube and the Hamming distance threshold variables. The scheme addresses the weaknesses of existing key predistribution schemes, which have either worse security or lower efficiency. It exhibits a nice property--when the Hamming distance between any two neighboring sensor nodes is less than the pre-defined threshold, the pairwise key can be established directly. Extensive performance and security analysis shows that by increasing Hamming distance threshold value, we can trade off the resilience against node capture attack for higher probability of direct pairwise key establishment, so as to save the energy consumption which is the most important issue for sensor networks.展开更多
To strike a tradeoff between the security and the consumption of energy,computing and communication resources in the nodes,this paper presents an efficient authentication scheme based on one-way key chain for sensor n...To strike a tradeoff between the security and the consumption of energy,computing and communication resources in the nodes,this paper presents an efficient authentication scheme based on one-way key chain for sensor network. The scheme can provide immediate authentication to fulfill the latency and the storage requirements and defends against various attacks such as replay,impersonation and denial of service. Meanwhile,our scheme possesses low overhead and scalability to large networks. Furthermore,the simple related protocols or algorithms in the scheme and inexpensive public-key operation required in view of resource-starved sensor nodes minimize the storage,computation and communication overhead,and improve the efficiency of our scheme. In addition,the proposed scheme also supports source authentication without precluding in-network processing and passive participation.展开更多
By employing network-based observation techniques, field experimental methods and ecological information technology, the Lab is designed to explore the coupling between carbon, water and nutrient cycles within an ecos...By employing network-based observation techniques, field experimental methods and ecological information technology, the Lab is designed to explore the coupling between carbon, water and nutrient cycles within an ecosystem and its underlying mechanisms, to integrate and model ecosystem patterns and processes at multiple spatiotemporal scales, and to comprehensively study the relationship between ecosystem management and sustainable development. Its major focuses are:展开更多
基金supported by the National Natural Science Foundation of China(Grant Nos.Ui708262,U1736203,61872449).
文摘Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-based healthcare system,Jia et al.proposed an authenticated key agreement scheme.Moreover,in view of the high computation cost existing in Jia et al.’s scheme,Ma et al.presented an efficient one using elliptic curve cryptography.In this paper,we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving.Therefore,to overcome this potential risk,we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions.Additionally,we provide provable security under the adopted adversarial model and ProVerif simulation,and also analyze the performance in terms of computation and communication costs by comparisons.The analysis results show that the improved scheme resists the common attacks,reduces computation overhead,and has a certain significance.
基金supported by Chang Gung University (No.UARPD390111)the Chang Gung Memorial Hospital (No.CMRPD390031)the National Science Council (No.98-2410-H-182-007-MY2)
文摘A conference key establishment protocol allows a group of conferees to agree on a secret key shared among them for secure group communication.This paper proposes a three-level conference key establishment protocol based on the Universal Mobile Telecommunications System (UMTS) framework to establish a group-level key,home location register (HLR) level keys,and visitor location register (VLR) level keys simultaneously for a group of conferees.The group-level key is used to secure the communications for all conferees,the HLR-level key is for those within the same HLR domain,and the VLR-level key is for those within the same VLR domain.The group-level key can be used for securing inter-domain group-oriented applications such as commercial remote conferencing systems.The HLRand VLR-level keys can be used for securing intra-domain subgroup applications (e.g.,location-based or context-aware services) and dynamic key updating.Since our proposed protocol exploits existing UMTS security functions and the exclusive-or operation,it is compatible with UMTS architecture.This means that it is fast and easy to implement on the existing UMTS architecture.Furthermore,the proposed protocol has low computational complexities and can provide cost effectiveness,load-amortization,scalability,user authentication,key establishment,key confirmation,key updating,and lawful interception.
基金Supported by the National High-Technology Research and Development Program of China (863 Program)(2006AA01Z422)the National Natural Science Foundation of China(60672102)
文摘This paper develops a general hypercube-based key predistribution scheme for establishing pairwise keys between sensor nodes using polynomials, which is parameterized by the dimension of hypercube and the Hamming distance threshold variables. The scheme addresses the weaknesses of existing key predistribution schemes, which have either worse security or lower efficiency. It exhibits a nice property--when the Hamming distance between any two neighboring sensor nodes is less than the pre-defined threshold, the pairwise key can be established directly. Extensive performance and security analysis shows that by increasing Hamming distance threshold value, we can trade off the resilience against node capture attack for higher probability of direct pairwise key establishment, so as to save the energy consumption which is the most important issue for sensor networks.
基金the National Natural Science Foundation of China (Grant No. 60202005).
文摘To strike a tradeoff between the security and the consumption of energy,computing and communication resources in the nodes,this paper presents an efficient authentication scheme based on one-way key chain for sensor network. The scheme can provide immediate authentication to fulfill the latency and the storage requirements and defends against various attacks such as replay,impersonation and denial of service. Meanwhile,our scheme possesses low overhead and scalability to large networks. Furthermore,the simple related protocols or algorithms in the scheme and inexpensive public-key operation required in view of resource-starved sensor nodes minimize the storage,computation and communication overhead,and improve the efficiency of our scheme. In addition,the proposed scheme also supports source authentication without precluding in-network processing and passive participation.
文摘By employing network-based observation techniques, field experimental methods and ecological information technology, the Lab is designed to explore the coupling between carbon, water and nutrient cycles within an ecosystem and its underlying mechanisms, to integrate and model ecosystem patterns and processes at multiple spatiotemporal scales, and to comprehensively study the relationship between ecosystem management and sustainable development. Its major focuses are:
