TarGuess-I is a leading model utilizing Personally Identifiable Information for online targeted password guessing.Due to its remarkable guessing performance,the model has drawn considerable attention in password secur...TarGuess-I is a leading model utilizing Personally Identifiable Information for online targeted password guessing.Due to its remarkable guessing performance,the model has drawn considerable attention in password security research.However,through an analysis of the vulnerable behavior of users when constructing passwords by combining popular passwords with their Personally Identifiable Information,we identified that the model fails to consider popular passwords and frequent substrings,and it uses overly broad personal information categories,with extensive duplicate statistics.To address these issues,we propose an improved password guessing model,TGI-FPR,which incorporates three semantic methods:(1)identification of popular passwords by generating top 300 lists from similar websites,(2)use of frequent substrings as new grammatical labels to capture finer-grained password structures,and(3)further subdivision of the six major categories of personal information.To evaluate the performance of the proposed model,we conducted experiments on six large-scale real-world password leak datasets and compared its accuracy within the first 100 guesses to that of TarGuess-I.The results indicate a 2.65%improvement in guessing accuracy.展开更多
Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to enc...Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to encrypted data retrieval in cryptographic cloud storage. Certificateless public key cryptography (CLPKC) is a novel cryptographic primitive that has many merits. It overcomes the key escrow problem in identity-based cryptography (IBC) and the cumbersome certificate problem in conventional public key cryptography (PKC). Motivated by the appealing features of CLPKC, several certificateless encryption with keyword search (CLEKS) schemes have been presented in the literature. But, our cryptanalysis demonstrates that the previously proposed CLEKS frameworks suffer from the security vulnerability caused by the keyword guessing attack. To remedy the security weakness in the previous frameworks and provide resistance against both inside and outside keyword guessing attacks, we propose a new CLEKS framework. Under the new framework, we design a concrete CLEKS scheme and formally prove its security in the random oracle model. Compared with previous two CLEKS schemes, the proposed scheme has better overall performance while offering stronger security guarantee as it withstands the existing known types of keyword guessing attacks.展开更多
To save the local storage,users store the data on the cloud server who offers convenient internet services.To guarantee the data privacy,users encrypt the data before uploading them into the cloud server.Since encrypt...To save the local storage,users store the data on the cloud server who offers convenient internet services.To guarantee the data privacy,users encrypt the data before uploading them into the cloud server.Since encryption can reduce the data availability,public-key encryption with keyword search(PEKS)is developed to achieve the retrieval of the encrypted data without decrypting them.However,most PEKS schemes cannot resist quantum computing attack,because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers.Besides,the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack(KGA).In this attack,a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords.In the paper,we propose a lattice-based PEKS scheme that can resist quantum computing attacks.To resist inside KGA,this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext.Finally,some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.展开更多
This study intends to explore the effects of context clues in contextual guessing among 60 first-year non-English majors by using two guessing tests as the research instrument. According to the quantitative analysis o...This study intends to explore the effects of context clues in contextual guessing among 60 first-year non-English majors by using two guessing tests as the research instrument. According to the quantitative analysis of the statistics processed by SPSS (14.0), it is revealed that (1) context clues affect the outcome of contextual guessing significantly, and (2) English proficiency level plays a significant role in contextual guessing as well. On the basis of the major findings in this research, several pedagogical implications are drawn for college English teachers and students: (1) College English teachers should keep the students better informed of the significance and specific functions of context clues in contextual guessing; (2) College English teachers should encourage the students to guess word meanings from context instead of inhibiting it when there are adequate context clues offered.展开更多
This paper addresses:how many guesses are needed for maximum-likelihood(ML)performance by guessing decoding of short binary linear block codes—guessing random additive noise decoding(GRAND)and guessing codeword decod...This paper addresses:how many guesses are needed for maximum-likelihood(ML)performance by guessing decoding of short binary linear block codes—guessing random additive noise decoding(GRAND)and guessing codeword decoding(GCD)?We show the required guesswork depends weakly on code structure:codes with the same length n and dimension k and comparable ML performance need a similar number of guesses.For random codes,the GRAND guesswork is on the orderεRCU2n−k,whereεRCU is the random-coding union bound,tightening the trivial order 2n−k.We derive a universal upper bound on the number of(partial)test error patterns(TEPs),which is then evaluated accurately with a saddlepoint approximation.Analysis and simulations show that,in terms of guesswork,GCD never exceeds and often improves on GRAND,notably at low rates.To further reduce guesswork,we introduce an ordered-statistics decoder with local constraints(LC-OSD),derived by extending the most reliable basis and incorporating an early stopping rule.To reduce the decoding latency,we propose a parallel LC-OSD that utilizes pre-stored TEPs.Simulations of binary images of Reed-Solomon codes,which approach the randomcoding union(RCU)bound,confirm our analysis and demonstrate the superiority of soft-weight ordering over Hamming-weight ordering.展开更多
Guessing strategy is a traditional and effective way for EFL students to improve their reading. Almost all readers apply this method, to a greater or lesser extent, when reading different kinds of materials. This is p...Guessing strategy is a traditional and effective way for EFL students to improve their reading. Almost all readers apply this method, to a greater or lesser extent, when reading different kinds of materials. This is partly because readers simply do not have the time to look up every new word in the dictionary. Linguistics developments in recent years make it possible to reconsider this kind of strategy in the framework of cognitive grammar. A number of theories have provided more evidence regarding the effectiveness of a guessing strategy. Linguistic theories dealing with terms such as schemata, prototype, etc. make it possible to reconsider the strategy in a broader context. Schemata theory tells us that the context of a given word is not the only source and basis of guessing. Other factors include background knowledge and the given word itself. Prototype theory, on the other hand, shows how readers guess the meaning of a familiar word form with a completely new part of speech or meaning. Even though cognitive linguistics has shown the effectiveness of a guessing strategy in reading, the applicability of the method needs to be reconsidered. Some materials may not be suitable for the application of a guessing strategy.展开更多
For years,the study of senescent cells resembled a molecular guessing game.Researchers knew these dormant cells played paradoxical roles-some secreting inflammatory signals that accelerated tissue damage,others releas...For years,the study of senescent cells resembled a molecular guessing game.Researchers knew these dormant cells played paradoxical roles-some secreting inflammatory signals that accelerated tissue damage,others releasing factors to restrain it.Yet traditional tools could only lump all senescent cells into a single category.This blindness persisted until 2024,when Dr.ZHOU Bin’s team at the Shanghai Institute of Biochemistry and Cell Biology(SIBCB).展开更多
People across China have begun decorating their houses,pasting poetic couplets and auspicious words on the doors,buying new clothes,and getting ready to make dumplings.You guessed right-it’s time to celebrate the Spr...People across China have begun decorating their houses,pasting poetic couplets and auspicious words on the doors,buying new clothes,and getting ready to make dumplings.You guessed right-it’s time to celebrate the Spring Festival,and ring in the Chinese New Year-the Year of the Dragon.展开更多
研究了最优化理论与方法在摄像机标定中的应用,并以两步法的第二步为例,详细介绍了如何根据最小化重投影误差这一非线性最小二乘问题求出所有标定参数的最优解,给出了用G uses-N ew ton法进行求解的具体步骤,并在M atlab下实现对一组初...研究了最优化理论与方法在摄像机标定中的应用,并以两步法的第二步为例,详细介绍了如何根据最小化重投影误差这一非线性最小二乘问题求出所有标定参数的最优解,给出了用G uses-N ew ton法进行求解的具体步骤,并在M atlab下实现对一组初始数据的迭代优化。展开更多
Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recent...Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.展开更多
A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing a...A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.展开更多
基金supported by the Joint Funds of National Natural Science Foundation of China(Grant No.U23A20304)the Fund of Laboratory for Advanced Computing and Intelligence Engineering(No.2023-LYJJ-01-033)+1 种基金the Special Funds of Jiangsu Province Science and Technology Plan(Key R&D ProgramIndustryOutlook and Core Technologies)(No.BE2023005-4)the Science Project of Hainan University(KYQD(ZR)-21075).
文摘TarGuess-I is a leading model utilizing Personally Identifiable Information for online targeted password guessing.Due to its remarkable guessing performance,the model has drawn considerable attention in password security research.However,through an analysis of the vulnerable behavior of users when constructing passwords by combining popular passwords with their Personally Identifiable Information,we identified that the model fails to consider popular passwords and frequent substrings,and it uses overly broad personal information categories,with extensive duplicate statistics.To address these issues,we propose an improved password guessing model,TGI-FPR,which incorporates three semantic methods:(1)identification of popular passwords by generating top 300 lists from similar websites,(2)use of frequent substrings as new grammatical labels to capture finer-grained password structures,and(3)further subdivision of the six major categories of personal information.To evaluate the performance of the proposed model,we conducted experiments on six large-scale real-world password leak datasets and compared its accuracy within the first 100 guesses to that of TarGuess-I.The results indicate a 2.65%improvement in guessing accuracy.
基金supported by the National Natural Science Foundation of China under Grant Nos. 61772009 and U1736112the Natural Science Foundation of Jiangsu Province under Grant Nos. BK20161511 and BK20181304
文摘Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to encrypted data retrieval in cryptographic cloud storage. Certificateless public key cryptography (CLPKC) is a novel cryptographic primitive that has many merits. It overcomes the key escrow problem in identity-based cryptography (IBC) and the cumbersome certificate problem in conventional public key cryptography (PKC). Motivated by the appealing features of CLPKC, several certificateless encryption with keyword search (CLEKS) schemes have been presented in the literature. But, our cryptanalysis demonstrates that the previously proposed CLEKS frameworks suffer from the security vulnerability caused by the keyword guessing attack. To remedy the security weakness in the previous frameworks and provide resistance against both inside and outside keyword guessing attacks, we propose a new CLEKS framework. Under the new framework, we design a concrete CLEKS scheme and formally prove its security in the random oracle model. Compared with previous two CLEKS schemes, the proposed scheme has better overall performance while offering stronger security guarantee as it withstands the existing known types of keyword guessing attacks.
基金The authors would like to thank the support from Fundamental Research Funds for the Central Universities(No.30918012204)The authors also gratefully acknowledge the helpful comments and suggestions of other researchers,which has improved the presentation.
文摘To save the local storage,users store the data on the cloud server who offers convenient internet services.To guarantee the data privacy,users encrypt the data before uploading them into the cloud server.Since encryption can reduce the data availability,public-key encryption with keyword search(PEKS)is developed to achieve the retrieval of the encrypted data without decrypting them.However,most PEKS schemes cannot resist quantum computing attack,because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers.Besides,the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack(KGA).In this attack,a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords.In the paper,we propose a lattice-based PEKS scheme that can resist quantum computing attacks.To resist inside KGA,this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext.Finally,some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.
文摘This study intends to explore the effects of context clues in contextual guessing among 60 first-year non-English majors by using two guessing tests as the research instrument. According to the quantitative analysis of the statistics processed by SPSS (14.0), it is revealed that (1) context clues affect the outcome of contextual guessing significantly, and (2) English proficiency level plays a significant role in contextual guessing as well. On the basis of the major findings in this research, several pedagogical implications are drawn for college English teachers and students: (1) College English teachers should keep the students better informed of the significance and specific functions of context clues in contextual guessing; (2) College English teachers should encourage the students to guess word meanings from context instead of inhibiting it when there are adequate context clues offered.
基金supported by the National Key Research and Development Program of China under Grant 2021YFA1000500.
文摘This paper addresses:how many guesses are needed for maximum-likelihood(ML)performance by guessing decoding of short binary linear block codes—guessing random additive noise decoding(GRAND)and guessing codeword decoding(GCD)?We show the required guesswork depends weakly on code structure:codes with the same length n and dimension k and comparable ML performance need a similar number of guesses.For random codes,the GRAND guesswork is on the orderεRCU2n−k,whereεRCU is the random-coding union bound,tightening the trivial order 2n−k.We derive a universal upper bound on the number of(partial)test error patterns(TEPs),which is then evaluated accurately with a saddlepoint approximation.Analysis and simulations show that,in terms of guesswork,GCD never exceeds and often improves on GRAND,notably at low rates.To further reduce guesswork,we introduce an ordered-statistics decoder with local constraints(LC-OSD),derived by extending the most reliable basis and incorporating an early stopping rule.To reduce the decoding latency,we propose a parallel LC-OSD that utilizes pre-stored TEPs.Simulations of binary images of Reed-Solomon codes,which approach the randomcoding union(RCU)bound,confirm our analysis and demonstrate the superiority of soft-weight ordering over Hamming-weight ordering.
文摘Guessing strategy is a traditional and effective way for EFL students to improve their reading. Almost all readers apply this method, to a greater or lesser extent, when reading different kinds of materials. This is partly because readers simply do not have the time to look up every new word in the dictionary. Linguistics developments in recent years make it possible to reconsider this kind of strategy in the framework of cognitive grammar. A number of theories have provided more evidence regarding the effectiveness of a guessing strategy. Linguistic theories dealing with terms such as schemata, prototype, etc. make it possible to reconsider the strategy in a broader context. Schemata theory tells us that the context of a given word is not the only source and basis of guessing. Other factors include background knowledge and the given word itself. Prototype theory, on the other hand, shows how readers guess the meaning of a familiar word form with a completely new part of speech or meaning. Even though cognitive linguistics has shown the effectiveness of a guessing strategy in reading, the applicability of the method needs to be reconsidered. Some materials may not be suitable for the application of a guessing strategy.
文摘For years,the study of senescent cells resembled a molecular guessing game.Researchers knew these dormant cells played paradoxical roles-some secreting inflammatory signals that accelerated tissue damage,others releasing factors to restrain it.Yet traditional tools could only lump all senescent cells into a single category.This blindness persisted until 2024,when Dr.ZHOU Bin’s team at the Shanghai Institute of Biochemistry and Cell Biology(SIBCB).
文摘People across China have begun decorating their houses,pasting poetic couplets and auspicious words on the doors,buying new clothes,and getting ready to make dumplings.You guessed right-it’s time to celebrate the Spring Festival,and ring in the Chinese New Year-the Year of the Dragon.
基金supported by the Basic Science ResearchProgram through the National Research Foundation of Korea funded by the Ministry of Education under Grant No.NRF-2010-0020210
文摘Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.
文摘A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.
