Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we...Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.展开更多
In this paper, the author analyzed some cryptographic properties of a class of logical functions, f(x,y)=(q(x),...,q(x))·y+h(x),over Galois rings and residue rings, presented the relationship between the characte...In this paper, the author analyzed some cryptographic properties of a class of logical functions, f(x,y)=(q(x),...,q(x))·y+h(x),over Galois rings and residue rings, presented the relationship between the character spectrum of f(x,y) and the character speetrum of q(x),h(x) and the relationship between the cryptographic properties of f(x,y) and the cryptographic properties of h(x).展开更多
The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their...The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.展开更多
Frequency-hopping(FH) technique is widely used in high-secure communications by exploiting its capabilities of mitigating interference and confidentiality. However, electronic attacks in wireless systems become more a...Frequency-hopping(FH) technique is widely used in high-secure communications by exploiting its capabilities of mitigating interference and confidentiality. However, electronic attacks in wireless systems become more and more rigorous, which poses huge challenges to the use of the number theory based and chaos theory assisted sequences. The structure of the FH sequence directly affects the performance of FH communication systems. In this paper, the novel FH sequence generation scheme is proposed with the aid of the so-called Government Standard(GOST) algorithm, which achieves a promising balance between efficiency and security. Moreover, the security performance of the proposed algorithm is analyzed, which reveals that it is more resistant to impossible differential attacks than the widely-used Data Encryption Standard(DES) algorithm. The numerical results show that the FH sequences generated by the GOST algorithm significantly outperform the ones generated by the DES algorithm and chaotic theory in terms of the randomness and complexity.展开更多
Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerpr...Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.展开更多
Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here...Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.展开更多
The reconfigurable cryptographic chip is an integrated circuit that is designed by means of the method of reconfigurable architecture, and is used for encryption and decryption. Many different cipher algorithms can be...The reconfigurable cryptographic chip is an integrated circuit that is designed by means of the method of reconfigurable architecture, and is used for encryption and decryption. Many different cipher algorithms can be flexibly implemented with the aid of a reconfigurable cryptographic chip and can be used in many fields. This article takes an example for the SHA-1/224/256 algorithms, and then designs a reconfigurable cryptographic chip based on the thought and method of the reconfigurable architecture. Finally, this paper gives the implementation result based on the FPGA of the family of Stratix II of Altera Corporation, and presents a good research trend for resolving the storage in hardware implementation using FPGAs.展开更多
With the development of Industry 4.0 and big data technology,the Industrial Internet of Things(IIoT)is hampered by inherent issues such as privacy,security,and fault tolerance,which pose certain challenges to the rapi...With the development of Industry 4.0 and big data technology,the Industrial Internet of Things(IIoT)is hampered by inherent issues such as privacy,security,and fault tolerance,which pose certain challenges to the rapid development of IIoT.Blockchain technology has immutability,decentralization,and autonomy,which can greatly improve the inherent defects of the IIoT.In the traditional blockchain,data is stored in a Merkle tree.As data continues to grow,the scale of proofs used to validate it grows,threatening the efficiency,security,and reliability of blockchain-based IIoT.Accordingly,this paper first analyzes the inefficiency of the traditional blockchain structure in verifying the integrity and correctness of data.To solve this problem,a new Vector Commitment(VC)structure,Partition Vector Commitment(PVC),is proposed by improving the traditional VC structure.Secondly,this paper uses PVC instead of the Merkle tree to store big data generated by IIoT.PVC can improve the efficiency of traditional VC in the process of commitment and opening.Finally,this paper uses PVC to build a blockchain-based IIoT data security storage mechanism and carries out a comparative analysis of experiments.This mechanism can greatly reduce communication loss and maximize the rational use of storage space,which is of great significance for maintaining the security and stability of blockchain-based IIoT.展开更多
The Advanced Encryption Standard cryptographic algorithm,named AES,is implemented in cryptographic circuits to ensure high security level to any system which required confidentiality and secure information exchange.On...The Advanced Encryption Standard cryptographic algorithm,named AES,is implemented in cryptographic circuits to ensure high security level to any system which required confidentiality and secure information exchange.One of the most effective physical attacks against the hardware implementation of AES is fault attacks which can extract secret data.Until now,a several AES fault detection schemes against fault injection attacks have been proposed.In this paper,so as to ensure a high level of security against fault injection attacks,a new efficient fault detection scheme based on the AES architecture modification has been proposed.For this reason,the AES 32-bit round is divided into two half rounds and input and pipeline registers are implemented between them.The proposed scheme is independent of the procedure the AES is implemented.Thus,it can be implemented to secure the pipeline and iterative architectures.To evaluate the robustness of the proposed fault detection scheme against fault injection attacks,we conduct a transient and permanent fault attacks and then we determine the fault detection capability;it is about 99.88585%and 99.9069%for transient and permanent faults respectively.We have modeled the AES fault detection scheme using VHDL hardware language and through hardware FPGA implementation.The FPGA results demonstrate that our scheme can efficiently protect the AES hardware implementation against fault attacks.It can be simply implemented with low complexity.In addition,the FPGA implementation performances prove the low area overhead and the high efficiency and working frequency for the proposed AES detection scheme.展开更多
The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algo...The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algorithm, the data transfer system with the cryptographic algorithm library has many remarkable advantages in algorithm rebuilding and optimization,easily adding and deleting algorithm, and improving the security power over the traditional algorithm. The user can choose any one in all algorithms with the method against any attack because the cryptographic algorithm library is extensible.展开更多
Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof ...Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof framework with sequences of games.We make slight modifications to Blanchet's calculus to make it easy for parsing the initial game.The main contribution of this work is that it introduces algebraic properties with observational equivalences to automatic security proofs,and thus can deal with some practical cryptographic schemes with hard problems.We illustrate the use of algebraic properties in the framework by proving the semantic security of the ElGamal encryption scheme.展开更多
A GF(p)elliptic curve cryptographic coprocessor is proposed and implemented on Field Programmable Gate Array(FPGA).The focus of the coprocessor is on the most critical,complicated and time-consuming point multiplicati...A GF(p)elliptic curve cryptographic coprocessor is proposed and implemented on Field Programmable Gate Array(FPGA).The focus of the coprocessor is on the most critical,complicated and time-consuming point multiplications.The technique of coordinates conversion and fast multiplication algorithm of two large integers are utilized to avoid frequent inversions and to accelerate the field multiplications used in point multiplications.The characteristic of hardware parallelism is considered in the implementation of point multiplications.The coprocessor implemented on XILINX XC2V3000 computes a point multiplication for an arbitrary point on a curve defined over GF(2192?264?1)with the frequency of 10 MHz in 4.40 ms in the average case and 5.74 ms in the worst case.At the same circumstance,the coprocessor implemented on XILINX XC2V4000 takes 2.2 ms in the average case and 2.88 ms in the worst case.展开更多
With the rapid development of information technology,the development of blockchain technology has also been deeply impacted.When performing block verification in the blockchain network,if all transactions are verified...With the rapid development of information technology,the development of blockchain technology has also been deeply impacted.When performing block verification in the blockchain network,if all transactions are verified on the chain,this will cause the accumulation of data on the chain,resulting in data storage problems.At the same time,the security of data is also challenged,which will put enormous pressure on the block,resulting in extremely low communication efficiency of the block.The traditional blockchain system uses theMerkle Tree method to store data.While verifying the integrity and correctness of the data,the amount of proof is large,and it is impossible to verify the data in batches.A large amount of data proof will greatly impact the verification efficiency,which will cause end-to-end communication delays and seriously affect the blockchain system’s stability,efficiency,and security.In order to solve this problem,this paper proposes to replace the Merkle tree with polynomial commitments,which take advantage of the properties of polynomials to reduce the proof size and communication consumption.By realizing the ingenious use of aggregated proof and smart contracts,the verification efficiency of blocks is improved,and the pressure of node communication is reduced.展开更多
With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the...With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the most appropriate methods for securing those IoT applications is cryptographic algorithms,as cryptography masks information by eliminating the risk of collecting any meaningful information patterns.This ensures that all data communications are private,accurate,authenticated,authorized,or nonrepudiated.Since conventional cryptographic algorithms have been developed specically for devices with limited resources;however,it turns out that such algorithms are not ideal for IoT restricted devices with their current conguration.Therefore,lightweight block ciphers are gaining popularity to meet the requirements of low-power and constrained devices.A new ultra-lightweight secret-key block-enciphering algorithm named“LBC-IoT”is proposed in this paper.The proposed block length is 32-bit supporting key lengths of 80-bit,and it is mainly based on the Feistel structure.Energy-efcient cryptographic features in“LBC-IoT”include the use of simple functions(shift,XOR)and small rigid substitution boxes(4-bit-S-boxes).Besides,it is immune to different types of attacks such as linear,differential,and side-channel as well as exible in terms of implementation.Moreover,LBC-IoT achieves reasonable performance in both hardware and software compared to other recent algorithms.LBC-IoT’s hardware implementation results are very promising(smallest ever area“548”GE)and competitive with today’s leading lightweight ciphers.LBC-IoT is also ideally suited for ultra-restricted devices such as RFID tags.展开更多
FIDO(Fast IDentity Online) Alliance proposed a set of standard in 2014 for change the nature of online authentication. By now, it has drawn attention from many companies, including Google, VISA, Intel etc. In this pap...FIDO(Fast IDentity Online) Alliance proposed a set of standard in 2014 for change the nature of online authentication. By now, it has drawn attention from many companies, including Google, VISA, Intel etc. In this paper, we analyze the FIDO UAF(Universal Authentication Framework) Protocol, one of the two sets of specifications in the standard. We first present protocols' cryptographic abstractions for the registration and authentication protocols of the FIDO UAF. According to the abstractions, we discuss on selected security goals presented in the standard to study UAF security properties. We also propose three attacks, which the first two are based on an assumption that an attacker can corrupt the software installed on the user device, and the third is based on two users sharing a FIDO roaming authenticator. The results of the attacks are to impersonate the legitimate user to pass the online authentication.展开更多
Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components o...Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.展开更多
Counterfeiting is one of the most serious problems in the consumer market. One promising approach for anti-counterfeiting is to attach a low-cost Radio-frequency Identification (RFID) tag to the product authentication...Counterfeiting is one of the most serious problems in the consumer market. One promising approach for anti-counterfeiting is to attach a low-cost Radio-frequency Identification (RFID) tag to the product authentication. In this paper, we propose an RFID system for detecting counterfeiting products. This RFID system consists of the tag authentication protocol and the database correction protocol. We use the tag authentication protocol for authenticating tags without revealing their sensitive information. This protocol also allows the customer to freely inquire the tag. To prevent the widespread of the counterfeit products, we use the tag status information along with tag identity information. Meanwhile, the database correction protocol guarantees the correctness of the tag status. Our anti-counterfeiting system is the first work considering the seller who plays an important role in the consumer product supply chain. Finally, we show that anti-counterfeiting system is quite secure against counterfeiting and the tag authentication protocol is lightweight enough to be implemented in RFID-based applications.展开更多
文摘Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.
文摘In this paper, the author analyzed some cryptographic properties of a class of logical functions, f(x,y)=(q(x),...,q(x))·y+h(x),over Galois rings and residue rings, presented the relationship between the character spectrum of f(x,y) and the character speetrum of q(x),h(x) and the relationship between the cryptographic properties of f(x,y) and the cryptographic properties of h(x).
基金the National Natural Science Foundation of China (60773086)
文摘The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.
基金supported in part by the National Natural Science Foundation of China (No.61631015 and 61501354)
文摘Frequency-hopping(FH) technique is widely used in high-secure communications by exploiting its capabilities of mitigating interference and confidentiality. However, electronic attacks in wireless systems become more and more rigorous, which poses huge challenges to the use of the number theory based and chaos theory assisted sequences. The structure of the FH sequence directly affects the performance of FH communication systems. In this paper, the novel FH sequence generation scheme is proposed with the aid of the so-called Government Standard(GOST) algorithm, which achieves a promising balance between efficiency and security. Moreover, the security performance of the proposed algorithm is analyzed, which reveals that it is more resistant to impossible differential attacks than the widely-used Data Encryption Standard(DES) algorithm. The numerical results show that the FH sequences generated by the GOST algorithm significantly outperform the ones generated by the DES algorithm and chaotic theory in terms of the randomness and complexity.
基金This project was supported by the National Science Foundation of China (60763009)China Postdoctoral Science Foundation (2005038041)Hainan Natural Science Foundation (80528).
文摘Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.
基金supported in part by the Joint Foundation of National Natural Science Committee of China and Civil Aviation Administration of China under Grant U1933108in part by the Scientific Research Project of Tianjin Municipal Education Commission under Grant 2019KJ117.
文摘Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.
文摘The reconfigurable cryptographic chip is an integrated circuit that is designed by means of the method of reconfigurable architecture, and is used for encryption and decryption. Many different cipher algorithms can be flexibly implemented with the aid of a reconfigurable cryptographic chip and can be used in many fields. This article takes an example for the SHA-1/224/256 algorithms, and then designs a reconfigurable cryptographic chip based on the thought and method of the reconfigurable architecture. Finally, this paper gives the implementation result based on the FPGA of the family of Stratix II of Altera Corporation, and presents a good research trend for resolving the storage in hardware implementation using FPGAs.
基金supported by China’s National Natural Science Foundation(Nos.62072249,62072056)This work is also funded by the National Science Foundation of Hunan Province(2020JJ2029).
文摘With the development of Industry 4.0 and big data technology,the Industrial Internet of Things(IIoT)is hampered by inherent issues such as privacy,security,and fault tolerance,which pose certain challenges to the rapid development of IIoT.Blockchain technology has immutability,decentralization,and autonomy,which can greatly improve the inherent defects of the IIoT.In the traditional blockchain,data is stored in a Merkle tree.As data continues to grow,the scale of proofs used to validate it grows,threatening the efficiency,security,and reliability of blockchain-based IIoT.Accordingly,this paper first analyzes the inefficiency of the traditional blockchain structure in verifying the integrity and correctness of data.To solve this problem,a new Vector Commitment(VC)structure,Partition Vector Commitment(PVC),is proposed by improving the traditional VC structure.Secondly,this paper uses PVC instead of the Merkle tree to store big data generated by IIoT.PVC can improve the efficiency of traditional VC in the process of commitment and opening.Finally,this paper uses PVC to build a blockchain-based IIoT data security storage mechanism and carries out a comparative analysis of experiments.This mechanism can greatly reduce communication loss and maximize the rational use of storage space,which is of great significance for maintaining the security and stability of blockchain-based IIoT.
文摘The Advanced Encryption Standard cryptographic algorithm,named AES,is implemented in cryptographic circuits to ensure high security level to any system which required confidentiality and secure information exchange.One of the most effective physical attacks against the hardware implementation of AES is fault attacks which can extract secret data.Until now,a several AES fault detection schemes against fault injection attacks have been proposed.In this paper,so as to ensure a high level of security against fault injection attacks,a new efficient fault detection scheme based on the AES architecture modification has been proposed.For this reason,the AES 32-bit round is divided into two half rounds and input and pipeline registers are implemented between them.The proposed scheme is independent of the procedure the AES is implemented.Thus,it can be implemented to secure the pipeline and iterative architectures.To evaluate the robustness of the proposed fault detection scheme against fault injection attacks,we conduct a transient and permanent fault attacks and then we determine the fault detection capability;it is about 99.88585%and 99.9069%for transient and permanent faults respectively.We have modeled the AES fault detection scheme using VHDL hardware language and through hardware FPGA implementation.The FPGA results demonstrate that our scheme can efficiently protect the AES hardware implementation against fault attacks.It can be simply implemented with low complexity.In addition,the FPGA implementation performances prove the low area overhead and the high efficiency and working frequency for the proposed AES detection scheme.
文摘The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algorithm, the data transfer system with the cryptographic algorithm library has many remarkable advantages in algorithm rebuilding and optimization,easily adding and deleting algorithm, and improving the security power over the traditional algorithm. The user can choose any one in all algorithms with the method against any attack because the cryptographic algorithm library is extensible.
基金National High Technical Research and Development Program of China(863 program)under Grant No. 2007AA01Z471
文摘Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof framework with sequences of games.We make slight modifications to Blanchet's calculus to make it easy for parsing the initial game.The main contribution of this work is that it introduces algebraic properties with observational equivalences to automatic security proofs,and thus can deal with some practical cryptographic schemes with hard problems.We illustrate the use of algebraic properties in the framework by proving the semantic security of the ElGamal encryption scheme.
基金Supported by the National Natural Science Foun dation of China(69973034)the National High TechnologyResearch and Development Program of China(2002AA141050)
文摘A GF(p)elliptic curve cryptographic coprocessor is proposed and implemented on Field Programmable Gate Array(FPGA).The focus of the coprocessor is on the most critical,complicated and time-consuming point multiplications.The technique of coordinates conversion and fast multiplication algorithm of two large integers are utilized to avoid frequent inversions and to accelerate the field multiplications used in point multiplications.The characteristic of hardware parallelism is considered in the implementation of point multiplications.The coprocessor implemented on XILINX XC2V3000 computes a point multiplication for an arbitrary point on a curve defined over GF(2192?264?1)with the frequency of 10 MHz in 4.40 ms in the average case and 5.74 ms in the worst case.At the same circumstance,the coprocessor implemented on XILINX XC2V4000 takes 2.2 ms in the average case and 2.88 ms in the worst case.
基金This work is supported by the Fundamental Research Funds for the central Universities(Zhejiang University NGICS Platform),Xiaofeng Yu receives the grant and the URLs to sponsors’websites are https://www.zju.edu.cn/.And the work are supported by China’s National Natural Science Foundation(No.62072249,62072056)JinWang and Yongjun Ren receive the grant and the URLs to sponsors’websites are https://www.nsfc.gov.cn/.This work is also funded by the National Science Foundation of Hunan Province(2020JJ2029)Jin Wang receives the grant and the URLs to sponsors’websites are http://kjt.hunan.gov.cn/.
文摘With the rapid development of information technology,the development of blockchain technology has also been deeply impacted.When performing block verification in the blockchain network,if all transactions are verified on the chain,this will cause the accumulation of data on the chain,resulting in data storage problems.At the same time,the security of data is also challenged,which will put enormous pressure on the block,resulting in extremely low communication efficiency of the block.The traditional blockchain system uses theMerkle Tree method to store data.While verifying the integrity and correctness of the data,the amount of proof is large,and it is impossible to verify the data in batches.A large amount of data proof will greatly impact the verification efficiency,which will cause end-to-end communication delays and seriously affect the blockchain system’s stability,efficiency,and security.In order to solve this problem,this paper proposes to replace the Merkle tree with polynomial commitments,which take advantage of the properties of polynomials to reduce the proof size and communication consumption.By realizing the ingenious use of aggregated proof and smart contracts,the verification efficiency of blocks is improved,and the pressure of node communication is reduced.
基金funded by Scientic Research Deanship at University of Ha’il—Saudi Arabia through Project Number RG-20019。
文摘With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the most appropriate methods for securing those IoT applications is cryptographic algorithms,as cryptography masks information by eliminating the risk of collecting any meaningful information patterns.This ensures that all data communications are private,accurate,authenticated,authorized,or nonrepudiated.Since conventional cryptographic algorithms have been developed specically for devices with limited resources;however,it turns out that such algorithms are not ideal for IoT restricted devices with their current conguration.Therefore,lightweight block ciphers are gaining popularity to meet the requirements of low-power and constrained devices.A new ultra-lightweight secret-key block-enciphering algorithm named“LBC-IoT”is proposed in this paper.The proposed block length is 32-bit supporting key lengths of 80-bit,and it is mainly based on the Feistel structure.Energy-efcient cryptographic features in“LBC-IoT”include the use of simple functions(shift,XOR)and small rigid substitution boxes(4-bit-S-boxes).Besides,it is immune to different types of attacks such as linear,differential,and side-channel as well as exible in terms of implementation.Moreover,LBC-IoT achieves reasonable performance in both hardware and software compared to other recent algorithms.LBC-IoT’s hardware implementation results are very promising(smallest ever area“548”GE)and competitive with today’s leading lightweight ciphers.LBC-IoT is also ideally suited for ultra-restricted devices such as RFID tags.
文摘FIDO(Fast IDentity Online) Alliance proposed a set of standard in 2014 for change the nature of online authentication. By now, it has drawn attention from many companies, including Google, VISA, Intel etc. In this paper, we analyze the FIDO UAF(Universal Authentication Framework) Protocol, one of the two sets of specifications in the standard. We first present protocols' cryptographic abstractions for the registration and authentication protocols of the FIDO UAF. According to the abstractions, we discuss on selected security goals presented in the standard to study UAF security properties. We also propose three attacks, which the first two are based on an assumption that an attacker can corrupt the software installed on the user device, and the third is based on two users sharing a FIDO roaming authenticator. The results of the attacks are to impersonate the legitimate user to pass the online authentication.
基金Author extends his appreciation to the Deanship of Scientific Research at Imam Mohammad Ibn Saud Islamic University for funding and supporting this work through Graduate Student Research Support Program.
文摘Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.
文摘Counterfeiting is one of the most serious problems in the consumer market. One promising approach for anti-counterfeiting is to attach a low-cost Radio-frequency Identification (RFID) tag to the product authentication. In this paper, we propose an RFID system for detecting counterfeiting products. This RFID system consists of the tag authentication protocol and the database correction protocol. We use the tag authentication protocol for authenticating tags without revealing their sensitive information. This protocol also allows the customer to freely inquire the tag. To prevent the widespread of the counterfeit products, we use the tag status information along with tag identity information. Meanwhile, the database correction protocol guarantees the correctness of the tag status. Our anti-counterfeiting system is the first work considering the seller who plays an important role in the consumer product supply chain. Finally, we show that anti-counterfeiting system is quite secure against counterfeiting and the tag authentication protocol is lightweight enough to be implemented in RFID-based applications.
