Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integ...Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity.In this research,an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data.Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data.Merkle Hash tree provides the efficient mapping of data and easily identifies the changesmade in the data due to proper structure.The developed model supports privacy-preserving public auditing to provide a secure cloud storage system.The data owners upload the data in the cloud and edit the data using the private key.An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches.The data files requested by the data owner are audit by a third-party auditor and the multiowner authentication method is applied during the modification process to authenticate the user.The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.展开更多
Grid security infrastructure (GSI) provides the security in grids by using proxy certificates to delegate the work of authentication. At present, revocation proxy certificate has two kinds of methods, one is using c...Grid security infrastructure (GSI) provides the security in grids by using proxy certificates to delegate the work of authentication. At present, revocation proxy certificate has two kinds of methods, one is using certificate revocation list (CRL) and the other is giving the certificate a short period of validity. However, when a lot of certifications are revoked, CRL will be the burden in the system. If the certificate has a short period of validity, entities should be often updating the certificate. In this paper, we propose a scheme for proxy certificate revocation using hash tree. Our scheme only needs hash value comparisons to achieve the purpose of certificate revocation. Previous two methods have to wait the expiration of the certificate. Therefore, our scheme is more flexible than previous methods.展开更多
The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certifi...The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certificate agent, the cloud user generates a trust base and extends it to its VMs. For each service running on the VM, a hash value is generated from all the necessary modules, and these hash values are organized and maintained with a specially designed hash tree whose root is extended from the user's trust base. Before the VM loads a service, the hash tree is verified from the coordinated hash value to check the trustworthiness of the service.展开更多
在Cross-Product算法的基础上,结合哈希树(HashTree)数据结构,综合二者的优点,提出了一种新的IP分类算法CPHTIT(Cross-Product and HashTree with index table)。仿真结果表明CPHTIT在时间和空间上都达到了高速IP分类的要求,与现有经典...在Cross-Product算法的基础上,结合哈希树(HashTree)数据结构,综合二者的优点,提出了一种新的IP分类算法CPHTIT(Cross-Product and HashTree with index table)。仿真结果表明CPHTIT在时间和空间上都达到了高速IP分类的要求,与现有经典算法Grid of Tries和Modular比较,其综合性能有所改进。展开更多
Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mis...Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mischievous goals and makes transmission systems vulnerable against malicious attacks.In this paper we propose an improved Merkle hash tree based secure scheme that can resist current underwater attacks,i.e.,replay attack,fabricated message attack,message-altering attack,and analyst attack.Security analysis is performed to prove that the proposed scheme can resist these types of attacks.Performance evaluations show that the proposed scheme can meet UWAC limitations due to its efficiency regarding energy consumption,communication overhead,and computation cost.展开更多
j-lanes tree hashing is a tree mode that splits an input message into?j?slices, computes?j?independent digests of each slice, and outputs the hash value of their concatenation.?j-pointers tree hashing is a similar tre...j-lanes tree hashing is a tree mode that splits an input message into?j?slices, computes?j?independent digests of each slice, and outputs the hash value of their concatenation.?j-pointers tree hashing is a similar tree mode that receives, as input,?j?pointers to?j?messages (or slices of a single message), computes their digests and outputs the hash value of their concatenation. Such modes expose parallelization opportunities in a hashing process that is otherwise serial by nature. As a result, they have a performance advantage on modern processor architectures. This paper provides precise specifications for these hashing modes, proposes appropriate IVs, and demonstrates their performance on the latest processors. Our hope is that it would be useful for standardization of these modes.展开更多
j-lanes hashing is a tree mode that splits an input message to j slices, computes j independent digests of each slice, and outputs the hash value of their concatenation. We demonstrate the performance advantage of j-l...j-lanes hashing is a tree mode that splits an input message to j slices, computes j independent digests of each slice, and outputs the hash value of their concatenation. We demonstrate the performance advantage of j-lanes hashing on SIMD architectures, by coding a 4-lanes-SHA-256 implementation and measuring its performance on the latest 3rd Generation IntelR CoreTM. For messages whose lengths range from 2 KB to 132 KB, we show that the 4-lanes SHA-256 is between 1.5 to 1.97 times faster than the fastest publicly available implementation that we are aware of, and between ~2 to ~2.5 times faster than the OpenSSL 1.0.1c implementation. For long messages, there is no significant performance difference between different choices of j. We show that the 4-lanes SHA-256 is faster than the two SHA3 finalists (BLAKE and Keccak) that have a published tree mode implementation. Finally, we explain why j-lanes hashing will be faster on the coming AVX2 architecture that facilitates using 256 bits registers. These results suggest that standardizing a tree mode for hash functions (SHA-256 in particular) could be useful for performance hungry applications.展开更多
为提高网格环境下海量空间数据管理与并行化处理效率,将网格环境下的分布并行处理技术与空间索引相融合,提出了一种空间索引框架(grid slot and hash Rtree,GSHR-Tree).该索引树结构基于散列hash表和动态空间槽,结合R树结构的范围查询...为提高网格环境下海量空间数据管理与并行化处理效率,将网格环境下的分布并行处理技术与空间索引相融合,提出了一种空间索引框架(grid slot and hash Rtree,GSHR-Tree).该索引树结构基于散列hash表和动态空间槽,结合R树结构的范围查询优势和哈希表结构的高效单key查询,分析改进了索引结构的组织和存储.构造了适合于大规模空间数据的网格并行空间计算的索引结构,该索引树算法根据空间数据划分策略,动态分割空间槽,并将它们映射到多个节点机上.每个节点机再将其对应空间槽中的空间对象组织成R树,以大节点R树方式在多个节点上分布索引数据.以空间范围查询并行处理的系统响应时间为性能评估指标,通过模拟实验证明,该GSHR-Tree索引满足了当前网格环境空间索引的需要,并具有设计合理、性能高效的特点.展开更多
基金The Universiti Kebangsaan Malaysia(UKM)Research Grant Scheme FRGS/1/2020/ICT03/UKM/02/6 and GGPM-2020-028 funded this research.
文摘Many organizations apply cloud computing to store and effectively process data for various applications.The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity.In this research,an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data.Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data.Merkle Hash tree provides the efficient mapping of data and easily identifies the changesmade in the data due to proper structure.The developed model supports privacy-preserving public auditing to provide a secure cloud storage system.The data owners upload the data in the cloud and edit the data using the private key.An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches.The data files requested by the data owner are audit by a third-party auditor and the multiowner authentication method is applied during the modification process to authenticate the user.The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.
基金supported by the National Science Council under Grant No. NSC100-2410-H-005-046
文摘Grid security infrastructure (GSI) provides the security in grids by using proxy certificates to delegate the work of authentication. At present, revocation proxy certificate has two kinds of methods, one is using certificate revocation list (CRL) and the other is giving the certificate a short period of validity. However, when a lot of certifications are revoked, CRL will be the burden in the system. If the certificate has a short period of validity, entities should be often updating the certificate. In this paper, we propose a scheme for proxy certificate revocation using hash tree. Our scheme only needs hash value comparisons to achieve the purpose of certificate revocation. Previous two methods have to wait the expiration of the certificate. Therefore, our scheme is more flexible than previous methods.
基金supported by the National Natural Science Foundation of China(No.6127249261572521)+1 种基金Natural Science Foundation of Shaanxi Provence(No.2013JM8012)Fundamental Research Project of CAPF(No.WJY201520)
文摘The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certificate agent, the cloud user generates a trust base and extends it to its VMs. For each service running on the VM, a hash value is generated from all the necessary modules, and these hash values are organized and maintained with a specially designed hash tree whose root is extended from the user's trust base. Before the VM loads a service, the hash tree is verified from the coordinated hash value to check the trustworthiness of the service.
文摘在Cross-Product算法的基础上,结合哈希树(HashTree)数据结构,综合二者的优点,提出了一种新的IP分类算法CPHTIT(Cross-Product and HashTree with index table)。仿真结果表明CPHTIT在时间和空间上都达到了高速IP分类的要求,与现有经典算法Grid of Tries和Modular比较,其综合性能有所改进。
文摘Recently,bionic signals have been used to achieve covert underwater acoustic communication(UWAC)with high signal-to-noise ratios(SNRs)over transmission systems.A high SNR allows the attackers to proceed with their mischievous goals and makes transmission systems vulnerable against malicious attacks.In this paper we propose an improved Merkle hash tree based secure scheme that can resist current underwater attacks,i.e.,replay attack,fabricated message attack,message-altering attack,and analyst attack.Security analysis is performed to prove that the proposed scheme can resist these types of attacks.Performance evaluations show that the proposed scheme can meet UWAC limitations due to its efficiency regarding energy consumption,communication overhead,and computation cost.
文摘j-lanes tree hashing is a tree mode that splits an input message into?j?slices, computes?j?independent digests of each slice, and outputs the hash value of their concatenation.?j-pointers tree hashing is a similar tree mode that receives, as input,?j?pointers to?j?messages (or slices of a single message), computes their digests and outputs the hash value of their concatenation. Such modes expose parallelization opportunities in a hashing process that is otherwise serial by nature. As a result, they have a performance advantage on modern processor architectures. This paper provides precise specifications for these hashing modes, proposes appropriate IVs, and demonstrates their performance on the latest processors. Our hope is that it would be useful for standardization of these modes.
文摘j-lanes hashing is a tree mode that splits an input message to j slices, computes j independent digests of each slice, and outputs the hash value of their concatenation. We demonstrate the performance advantage of j-lanes hashing on SIMD architectures, by coding a 4-lanes-SHA-256 implementation and measuring its performance on the latest 3rd Generation IntelR CoreTM. For messages whose lengths range from 2 KB to 132 KB, we show that the 4-lanes SHA-256 is between 1.5 to 1.97 times faster than the fastest publicly available implementation that we are aware of, and between ~2 to ~2.5 times faster than the OpenSSL 1.0.1c implementation. For long messages, there is no significant performance difference between different choices of j. We show that the 4-lanes SHA-256 is faster than the two SHA3 finalists (BLAKE and Keccak) that have a published tree mode implementation. Finally, we explain why j-lanes hashing will be faster on the coming AVX2 architecture that facilitates using 256 bits registers. These results suggest that standardizing a tree mode for hash functions (SHA-256 in particular) could be useful for performance hungry applications.
文摘为提高网格环境下海量空间数据管理与并行化处理效率,将网格环境下的分布并行处理技术与空间索引相融合,提出了一种空间索引框架(grid slot and hash Rtree,GSHR-Tree).该索引树结构基于散列hash表和动态空间槽,结合R树结构的范围查询优势和哈希表结构的高效单key查询,分析改进了索引结构的组织和存储.构造了适合于大规模空间数据的网格并行空间计算的索引结构,该索引树算法根据空间数据划分策略,动态分割空间槽,并将它们映射到多个节点机上.每个节点机再将其对应空间槽中的空间对象组织成R树,以大节点R树方式在多个节点上分布索引数据.以空间范围查询并行处理的系统响应时间为性能评估指标,通过模拟实验证明,该GSHR-Tree索引满足了当前网格环境空间索引的需要,并具有设计合理、性能高效的特点.
