With the growing deployment of unmanned aerial vehicles(UAVs)swarms in national defense,military operations,and emergency response,secure and reliable intra-swarm identity authentication has become critical for ensuri...With the growing deployment of unmanned aerial vehicles(UAVs)swarms in national defense,military operations,and emergency response,secure and reliable intra-swarm identity authentication has become critical for ensuring coordinated action and mission reliability.To address the drawbacks of public key infrastructure(PKI)based authentication in UAV swarms,namely,complex certificate management,strong dependence on centralized authorities,and authentication latency.We propose a certificateless identity authentication scheme for UAV swarms built on blockchain sharding.The scheme leverages sharding to execute authentication in parallel across multiple shards,significantly improving efficiency.Each UAV locally generates its public/private key pair and then adopts a registration-based encryption(RBE)mechanism:A registration algorithm binds the device identity to its key on the blockchain,ensuring public verifiability and immutability of identity mapping.On this basis,an authentication algorithm runs in which the initiator produces an authentication signature using a common reference string(CRS),on-chain public-key registration information,and its local private key,and the verifier rapidly validates the authentication message using the on-chain registration data and the identity of the initiator.The experimental results demonstrate that the proposed scheme achieves low-latency and high-throughput identity authentication in large-scale UAV swarm environments,providing a solid technical foundation and broad application prospects for trustworthy UAV swarm identity authentication.展开更多
The integration of artificial intelligence(AI)with advanced power technologies is transforming energy system management,particularly through real-time data monitoring and intelligent decision-making driven by Artifici...The integration of artificial intelligence(AI)with advanced power technologies is transforming energy system management,particularly through real-time data monitoring and intelligent decision-making driven by Artificial Intelligence Generated Content(AIGC).However,the openness of power system channels and the resource-constrained nature of power sensors have led to new challenges for the secure transmission of power data and decision instructions.Although traditional public key cryptographic primitives can offer high security,the substantial key management and computational overhead associated with these primitives make them unsuitable for power systems.To ensure the real-time and security of power data and command transmission,we propose a lightweight identity authentication scheme tailored for power AIGC systems.The scheme utilizes lightweight symmetric encryption algorithms,minimizing the resource overhead on power sensors.Additionally,it incorporates a dynamic credential update mechanism,which can realize the rotation and update of temporary credentials to ensure anonymity and security.We rigorously validate the security of the scheme using the Real-or-Random(ROR)model and AVISPA simulation,and the results show that our scheme can resist various active and passive attacks.Finally,performance comparisons and NS3 simulation results demonstrate that our proposed scheme offers enhanced security features with lower overhead,making it more suitable for power AIGC systems compared to existing solutions.展开更多
Quantum dialogue(QD)realizes the real-time secure bidirectional quantum communication.Measurement-deviceindependent(MDI)QD can resist all possible attacks focusing on the imperfect measurement devices and enhance QD’...Quantum dialogue(QD)realizes the real-time secure bidirectional quantum communication.Measurement-deviceindependent(MDI)QD can resist all possible attacks focusing on the imperfect measurement devices and enhance QD’s practical security.However,in practical applications,any secure communication requires identity authentication as a prerequisite.In this paper,we propose an MDI QD protocol with bidirectional identity authentication.The practical communication parties can first authenticate the identity of each other simultaneously before the message exchange.In theory,our MDI QD protocol has unconditional security and the communication parties can exchange 1.5 bits of messages in each communication round with linear optical Bell state measurement.We numerically simulate the secrecy message capacity of our MDI QD protocol.Our protocol has two advantages.First,it can effectively resist the impersonation attack and enhance MDI QD’s practical security.Second,it does not require keys to assist the message exchange and has relatively high efficiency.Our protocol has application potential in the future quantum communication field.展开更多
This work evaluates an architecture for decentralized authentication of Internet of Things(IoT)devices in Low Earth Orbit(LEO)satellite networks using IOTA Identity technology.To the best of our knowledge,it is the fi...This work evaluates an architecture for decentralized authentication of Internet of Things(IoT)devices in Low Earth Orbit(LEO)satellite networks using IOTA Identity technology.To the best of our knowledge,it is the first proposal to integrate IOTA’s Directed Acyclic Graph(DAG)-based identity framework into satellite IoT environments,enabling lightweight and distributed authentication under intermittent connectivity.The system leverages Decentralized Identifiers(DIDs)and Verifiable Credentials(VCs)over the Tangle,eliminating the need for mining and sequential blocks.An identity management workflow is implemented that supports the creation,validation,deactivation,and reactivation of IoT devices,and is experimentally validated on the Shimmer Testnet.Three metrics are defined and measured:resolution time,deactivation time,and reactivation time.To improve robustness,an algorithmic optimization is introduced that minimizes communication overhead and reduces latency during deactivation.The experimental results are compared with orbital simulations of satellite revisit times to assess operational feasibility.Unlike blockchain-based approaches,which typically suffer from high confirmation delays and scalability constraints,the proposed DAG architecture provides fast,cost-free operations suitable for resource-constrained IoT devices.The results show that authentication can be efficiently performed within satellite connectivity windows,positioning IOTA Identity as a viable solution for secure and scalable IoT authentication in LEO satellite networks.展开更多
The developing Sixth-Generation(6G)network aims to establish seamless global connectivity for billions of humans,machines,and devices.However,the rich digital service and the explosive heterogeneous connection between...The developing Sixth-Generation(6G)network aims to establish seamless global connectivity for billions of humans,machines,and devices.However,the rich digital service and the explosive heterogeneous connection between various entities in 6G networks can not only induce increasing complications of digital identity management,but also raise material concerns about the security and privacy of the user identity.In this paper,we design a user-centric identity management that returns the sole control to the user self and achieves identity sovereignty toward 6G networks.Specifically,we propose a blockchain-based Identity Management(IDM)architecture for 6G networks,which provides a practical method to secure digital identity management.Subsequently,we develop a fully privacy-preserving identity attribute management scheme by using zero-knowledge proof to protect the privacy-sensitive identity attribute.In particular,the scheme achieves an identity attribute hiding and verification protocol to support users in obtaining and applying their identity attributes without revealing concrete data.Finally,we analyze the security of the proposed architecture and implement a prototype system to evaluate its performance.The results demonstrate that our architecture ensures effective user digital identity management in 6G networks.展开更多
The ubiquitous adoption of mobile devices as essential platforms for sensitive data transmission has heightened the demand for secure client-server communication.Although various authentication and key agreement proto...The ubiquitous adoption of mobile devices as essential platforms for sensitive data transmission has heightened the demand for secure client-server communication.Although various authentication and key agreement protocols have been developed,current approaches are constrained by homogeneous cryptosystem frameworks,namely public key infrastructure(PKI),identity-based cryptography(IBC),or certificateless cryptography(CLC),each presenting limitations in client-server architectures.Specifically,PKI incurs certificate management overhead,IBC introduces key escrow risks,and CLC encounters cross-system interoperability challenges.To overcome these shortcomings,this study introduces a heterogeneous signcryption-based authentication and key agreement protocol that synergistically integrates IBC for client operations(eliminating PKI’s certificate dependency)with CLC for server implementation(mitigating IBC’s key escrow issue while preserving efficiency).Rigorous security analysis under the mBR(modified Bellare-Rogaway)model confirms the protocol’s resistance to adaptive chosen-ciphertext attacks.Quantitative comparisons demonstrate that the proposed protocol achieves 10.08%–71.34%lower communication overhead than existing schemes across multiple security levels(80-,112-,and 128-bit)compared to existing protocols.展开更多
The satellite-based augmentation system(SBAS)provides differential and integrity augmentation services for life safety fields of aviation and navigation.However,the signal structure of SBAS is public,which incurs a ri...The satellite-based augmentation system(SBAS)provides differential and integrity augmentation services for life safety fields of aviation and navigation.However,the signal structure of SBAS is public,which incurs a risk of spoofing attacks.To improve the anti-spoofing capability of the SBAS,European Union and the United States conduct research on navigation message authentication,and promote the standardization of SBAS message authentication.For the development of Beidou satellite-based augmentation system(BDSBAS),this paper proposes navigation message authentication based on the Chinese commercial cryptographic standards.Firstly,this paper expounds the architecture and principles of the SBAS message authentication,and then carries out the design of timed efficient streaming losstolerant authentication scheme(TESLA)and elliptic curve digital signature algorithm(ECDSA)authentication schemes based on Chinese commercial cryptographic standards,message arrangement and the design of over-the-air rekeying(OTAR)message.Finally,this paper conducts a theoretical analysis of the time between authentications(TBA)and maximum authentication latency(MAL)for L5 TESLA-I and L5 ECDSA-Q,and further simulates the reception time of OTAR message,TBA and MAL from the aspects of OTAR message weight and demodulation error rate.The simulation results can provide theoretical supports for the standardization of BDSBAS message authentication.展开更多
Unmanned Aerial Vehicles(UAVs)in Flying Ad-Hoc Networks(FANETs)are widely used in both civilian and military fields,but they face severe security,trust,and privacy vulnerabilities due to their high mobility,dynamic to...Unmanned Aerial Vehicles(UAVs)in Flying Ad-Hoc Networks(FANETs)are widely used in both civilian and military fields,but they face severe security,trust,and privacy vulnerabilities due to their high mobility,dynamic topology,and open wireless channels.Existing security protocols for Mobile Ad-Hoc Networks(MANETs)cannot be directly applied to FANETs,as FANETs require lightweight,high real-time performance,and strong anonymity.The current FANETs security protocol cannot simultaneously meet the requirements of strong anonymity,high security,and low overhead in high dynamic and resource-constrained scenarios.To address these challenges,this paper proposes an Anonymous Authentication and Key Exchange Protocol(AAKE-OWA)for UAVs in FANETs based on OneWay Accumulators(OWA).During the UAV registration phase,the Key Management Center(KMC)generates an identity ticket for each UAV using OWA and transmits it securely to the UAV’s on-board tamper-proof module.In the key exchange phase,UAVs generate temporary authentication tickets with random numbers and compute the same session key leveraging the quasi-commutativity of OWA.For mutual anonymous authentication,UAVs encrypt random numbers with the session key and verify identities by comparing computed values with authentication values.Formal analysis using the Scyther tool confirms that the protocol resists identity spoofing,man-in-the-middle,and replay attacks.Through Burrows Abadi Needham(BAN)logic proof,it achieves mutual anonymity,prevents simulation and physical capture attacks,and ensures secure connectivity of 1.Experimental comparisons with existing protocols prove that the AAKE-OWA protocol has lower computational overhead,communication overhead,and storage overhead,making it more suitable for resource-constrained FANET scenarios.Performance comparison experiments show that,compared with other schemes,this scheme only requires 8 one-way accumulator operations and 4 symmetric encryption/decryption operations,with a total computational overhead as low as 2.3504 ms,a communication overhead of merely 1216 bits,and a storage overhead of 768 bits.We have achieved a reduction in computational costs from 6.3%to 90.3%,communication costs from 5.0%to 69.1%,and overall storage costs from 33%to 68%compared to existing solutions.It can meet the performance requirements of lightweight,real-time,and anonymity for unmanned aerial vehicles(UAVs)networks.展开更多
The current study examined the roles of collective self-esteem and personal self-esteem in the relationship between national identity and subjective well-being.Participants were 583 Chinese college students(females=49...The current study examined the roles of collective self-esteem and personal self-esteem in the relationship between national identity and subjective well-being.Participants were 583 Chinese college students(females=49%;mean age=19.25±1.85 years).They completed measures of national identity,collective self-esteem,personal self-esteem,and subjective well-being.Path analysis findings result indicated national identity to influence the students’subjective wellbeing through three pathways:(1)national identity→collective self-esteem→subjective well-being,meaning higher subjective wellbeing with collective self-esteem.(2)national identity→personal self-esteem→subjective well-being,to suggest higher personal self-esteem was associated with subjective wellbeing;(3)national identity→collective selfesteem→personal self-esteem→subjective well-being.Compared to simple mediation models constructed with only personal self-esteem or collective self-esteem as a single mediating variable,the chain mediation model better explains the mediating mechanism of national identity on subjective well-being(the variance explained by the mediating variables increased by 65.38%and 59.26%,respectively).The collective self-esteem and personal self-esteem mediation is consistent with social identity theory,whereby national identity enhances collective self-evaluation,which in turn bolsters personal self-worth and subjective well-being.These findings of the current study offer new insights into how national identity affects subjective well-being in collectivistic culture.展开更多
Objectives:Psychological resilience is a critical resource for vocational high school students navigating social biases and fostering mental well-being.This six-month longitudinal study investigated the developmental ...Objectives:Psychological resilience is a critical resource for vocational high school students navigating social biases and fostering mental well-being.This six-month longitudinal study investigated the developmental trajectories of discrimination perception,vocational identity,and psychological resilience in this population.It further examined the longitudinal mediating role of vocational identity in the relationship between discrimination perception and psychological resilience.Methods:A total of 526 students from five vocational high schools in Guangdong,China,were assessed via convenience sampling at two time points:baseline(T1,September 2023)and six-month follow-up(T2,March 2024).Measures of discrimination perception,psychological resilience,and vocational identity were administered.Data were analyzed using a cross-lagged panel model to test for bidirectional relationships.Results:Over the six-month period,students showed significant decreases in discrimination perception and vocational identity,but a significant increase in psychological resilience.The cross-lagged model revealed significant bidirectional relationships:discrimination perception and psychological resilience negatively predicted each other over time(β=−0.124,p<0.01;β=−0.200,p<0.001),while psychological resilience and vocational identity positively predicted each other(β=0.084,p<0.05;β=0.076,p<0.05).The mediation analysis revealed a dual-pathway mechanism.T1 discrimination perception exerted both a significant direct negative effect on T2 psychological resilience(β=−0.332,p<0.001)and a significant indirect positive effect via T1 vocational identity(indirect effect=0.020,95%CI[0.001,0.046]).This confirms a partial mediating role,indicating that vocational identity functions as a compensatory mechanism,transforming the experience of discrimination perception into a potential source of psychological resilience.Conclusions:For vocational high school students,perception of discrimination directly undermines psychological resilience,but also indirectly fosters it through the positive development of vocational identity.These findings highlight vocational identity as a pivotal mechanism in the complex relationship between social adversity and mental resilience.展开更多
Cyber-criminals target smart connected devices for spyware distribution and security breaches,but existing Internet of Things(IoT)security standards are insufficient.Major IoT industry players prioritize market share ...Cyber-criminals target smart connected devices for spyware distribution and security breaches,but existing Internet of Things(IoT)security standards are insufficient.Major IoT industry players prioritize market share over security,leading to insecure smart products.Traditional host-based protection solutions are less effective due to limited resources.Overcoming these challenges and enhancing the security of IoT Devices requires a security design at the network level that uses lightweight cryptographic parameters.In order to handle control,administration,and security concerns in traditional networking,the Gateway Node offers a contemporary networking architecture.By managing all network-level computations and complexity,the Gateway Node relieves IoT devices of these responsibilities.In this study,we introduce a novel privacy-preserving security architecture for gateway-node smart homes.Subsequently,we develop Smart Homes,An Efficient,Anonymous,and Robust Authentication Scheme(EARAS)based on the foundational principles of this security architecture.Furthermore,we formally examine the security characteristics of our suggested protocol that makes use of methodology such as ProVerif,supplemented by an informal analysis of security.Lastly,we conduct performance evaluations and comparative analyses to assess the efficacy of our scheme.Performance analysis shows that EARAS achieves up to 30%to 54%more efficient than most protocols and lower computation cost compared to Banerjee et al.’s scheme,and significantly reduces communication overhead compared to other recent protocols,while ensuring comprehensive security.Our objective is to provide robust security measures for smart homes while addressing resource constraints and preserving user privacy.展开更多
Within contemporary healthcare systems, professional identity among specialized nurses serves as a pivotal intrinsic factor influencing the development of their core competencies. This review synthesizes existing rese...Within contemporary healthcare systems, professional identity among specialized nurses serves as a pivotal intrinsic factor influencing the development of their core competencies. This review synthesizes existing research, revealing that professional identity positively impacts the development of core competencies through multiple pathways, including psychological drive, behavioral facilitation, teamwork, and career stability. Building on this analysis, this paper proposes systematic enhancement strategies from four dimensions: education and training, organizational environment, cultural development, and individual growth, aiming to provide a reference for nursing practice and professional development.展开更多
Recognizing frontal faces from non-frontal or profile images is a major problem due to pose changes,self-occlusions,and the complete loss of important structural and textural components,depressing recognition accuracy...Recognizing frontal faces from non-frontal or profile images is a major problem due to pose changes,self-occlusions,and the complete loss of important structural and textural components,depressing recognition accuracy and visual fidelity.This paper introduces a new deep generative framework,Modified Multi-Scale Fused CycleGAN(MMF-CycleGAN),for robust and photo-realistic profile-to-frontal face synthesis.The MMF-CycleGAN framework utilizes pre-processing and then the generator employs a Deep Dilated DenseNet encoder-based hierarchical feature extraction along with a transformer and decoder.The proposed Multi-Scale Fusion PatchGAN discriminator enforces consistency at multiple spatial resolutions,leading to sharper textures and improved global facial geometry.Also,GAN training stability and identity preservation are improved through the Ranger optimizer,which effectively balances adversarial,identity,and cycle-consistency losses.Experiments on three benchmark datasets show that MMFCycleGAN achieves accuracy of 0.9541,0.9455,and 0.9422,F1-scores of 0.9654,0.9641,and 0.9614,and AUC values of 0.9742,0.9714,and 0.9698,respectively,and the extreme-pose accuracy(yaw>60°)reaches 0.92.Despite its enhanced architecture,the framework maintains an efficient inference time of 0.042 s per image,making it suitable for real-time biometric authentication,surveillance,and security applications in unconstrained environments.展开更多
Background:Emerging adulthood is a critical period for ego identity exploration and consolidation,and self-presentation on social media constitutes a salient online context for this developmental process.However,limit...Background:Emerging adulthood is a critical period for ego identity exploration and consolidation,and self-presentation on social media constitutes a salient online context for this developmental process.However,limited research has explored the associations between self-presentation on WeChat Moments and ego identity.This study aims to examine these associations,focusing on the mediating role of online positive feedback and the moderating role of gender.Methods:Using a three-wave longitudinal design,this study followed 767 Chinese college students(Mean age=18.96 years)through cluster sampling.Participants completed self-report questionnaires assessing self-presentation on WeChat Moments,online positive feedback,and ego identity status.Data analyses were conducted using mediation modeling and multi-group structural equation modeling.Results:Authentic self-presentation was positively associated with identity achievement and negatively associated with identity diffusion,whereas positive self-presentation was linked to higher levels of identity foreclosure.Online positive feedback played a significant mediating role in the associations between self-presentation strategies and identity statuses,and gender differences were observed in this mediating pathway.For both males and females,authentic self-presentation was associated with higher identity achievement through online positive feedback.However,indirect associations with identity foreclosure and diffusion were observed only among females:authentic self-presentation was linked to lower levels,whereas positive self-presentation was linked to higher levels of foreclosure and diffusion through online positive feedback.No comparable indirect associations were detected among males.Conclusions:Online positive feedback is closely linked to self-presentation strategies and ego identity statuses,with these associations varying by gender.展开更多
A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit tw...A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer.展开更多
A multiparty simultaneous quantum identity authentication protocol based on Creenberger-Horne-Zeilinger (GHZ) states is proposed. The multi-user can be authenticated by a trusted third party (TTP) simultaneously. ...A multiparty simultaneous quantum identity authentication protocol based on Creenberger-Horne-Zeilinger (GHZ) states is proposed. The multi-user can be authenticated by a trusted third party (TTP) simultaneously. Compared with the scheme proposed recently (Wang et al 2006 Chin. Phys. Lett. 23(9) 2360), the proposed scheme has the advantages of consuming fewer quantum and classical resources and lessening the difficulty and intensity of necessary operations.展开更多
With the popularity of the internet,users hope to better protect their privacy while obtaining network services.However,in the traditional centralized authentication scheme,identity information such as the user's ...With the popularity of the internet,users hope to better protect their privacy while obtaining network services.However,in the traditional centralized authentication scheme,identity information such as the user's private key is generated,stored,and managed by the network operator.Users can't control their identity information,which will lead to a great threat to the privacy of users.Based on redactable blockchain,we propose a fine-grained and fair identity authentication scheme for mobile networks.In our proposed scheme,the user's identity information is generated and controlled by the users.We first propose a notion of score chameleon hash(SCH),which can delete or update the information of illegal users so as to dynamically update the status of users and provide users with more fine-grained and fair services.We propose another notion of self-updating secret sharing(SUSS),which allows users to update the trapdoor and the corresponding hash key after redacting the blockchain without requiring trusted authority to redistribute the trapdoor.Experimental results show that,compared with the immutable blockchain Bitcoin,the redactable blockchain in our identity authentication scheme provides users with fine-grained and fair redacting functions,and can be adopted with a small additional overhead.展开更多
In the cloud computing, different cloud service providers are often in different trust domains. As the traditional identity authentication mode cannot be applied to the cloud computing, the cross-domain identity authe...In the cloud computing, different cloud service providers are often in different trust domains. As the traditional identity authentication mode cannot be applied to the cloud computing, the cross-domain identity authentication mechanism is needed to solve the identity authentication problem in the cloud computing. In view of the security problems in cloud computing, a cross-domain identity authentication scheme based on group signature is proposed. This scheme introduces a group of cloud service providers and users who are located in different trust domains. Any member of the group can generate the signature on behalf of the whole group, making the user access the cloud service provider in the case of privacy security. At the same time, with traceability it can track illegal operation of illegal users. In addition, the scheme uses the Chinese Remainder Theorem to integrate the message, and it can control the length of the data in the calculation process, simplifying the calculation process. It also realizes the join and revocation of group members without changing the key of other legitimate group members, and the maintenance cost of authentication schemes is low. The results show that the scheme has the advantages of anonymity, anti-counterfeit, traceability, anti-joint attack and so on. It can not only realize tracking function under the condition of guaranteeing user's privacy, but can also simplify the authentication calculation process to improve the efficiency of the cross domain identity authentication, and its performance is more suitable for large-scale cloud computing environment.展开更多
From the viewpoint of protocol sequence, analyses are made of the sequence patterns of possible identity authentication protocol under two cases: with or without the trusted third party (TFP). Ten feasible sequence...From the viewpoint of protocol sequence, analyses are made of the sequence patterns of possible identity authentication protocol under two cases: with or without the trusted third party (TFP). Ten feasible sequence patterns of authentication protocol with TIP and 5 sequence patterns without TFP are gained. These gained sequence patterns meet the requirements for identity authentication, and basically cover almost all the authentication protocols with TFP and without TFP at present. All of the sequence patterns gained are classified into unilateral or bilateral authentication. Then, according to the sequence symmetry, several good sequence patterns with TFP are evaluated. The accompolished results can provide a reference to design of new identity authentication protocols.展开更多
基金supported by the National Natural Science Foundation of China under Grant No.62472075the Innovation Theory and Technology Group Fund of the Southwest China Institute of Electronic Technology under Grant No.2024jsq0207.
文摘With the growing deployment of unmanned aerial vehicles(UAVs)swarms in national defense,military operations,and emergency response,secure and reliable intra-swarm identity authentication has become critical for ensuring coordinated action and mission reliability.To address the drawbacks of public key infrastructure(PKI)based authentication in UAV swarms,namely,complex certificate management,strong dependence on centralized authorities,and authentication latency.We propose a certificateless identity authentication scheme for UAV swarms built on blockchain sharding.The scheme leverages sharding to execute authentication in parallel across multiple shards,significantly improving efficiency.Each UAV locally generates its public/private key pair and then adopts a registration-based encryption(RBE)mechanism:A registration algorithm binds the device identity to its key on the blockchain,ensuring public verifiability and immutability of identity mapping.On this basis,an authentication algorithm runs in which the initiator produces an authentication signature using a common reference string(CRS),on-chain public-key registration information,and its local private key,and the verifier rapidly validates the authentication message using the on-chain registration data and the identity of the initiator.The experimental results demonstrate that the proposed scheme achieves low-latency and high-throughput identity authentication in large-scale UAV swarm environments,providing a solid technical foundation and broad application prospects for trustworthy UAV swarm identity authentication.
文摘The integration of artificial intelligence(AI)with advanced power technologies is transforming energy system management,particularly through real-time data monitoring and intelligent decision-making driven by Artificial Intelligence Generated Content(AIGC).However,the openness of power system channels and the resource-constrained nature of power sensors have led to new challenges for the secure transmission of power data and decision instructions.Although traditional public key cryptographic primitives can offer high security,the substantial key management and computational overhead associated with these primitives make them unsuitable for power systems.To ensure the real-time and security of power data and command transmission,we propose a lightweight identity authentication scheme tailored for power AIGC systems.The scheme utilizes lightweight symmetric encryption algorithms,minimizing the resource overhead on power sensors.Additionally,it incorporates a dynamic credential update mechanism,which can realize the rotation and update of temporary credentials to ensure anonymity and security.We rigorously validate the security of the scheme using the Real-or-Random(ROR)model and AVISPA simulation,and the results show that our scheme can resist various active and passive attacks.Finally,performance comparisons and NS3 simulation results demonstrate that our proposed scheme offers enhanced security features with lower overhead,making it more suitable for power AIGC systems compared to existing solutions.
基金supported by the National Natural Science Foundation of China(Grant Nos.12175106 and 92365110)the Postgraduate Research and Practice Innovation Program of Jiangsu Province,China(Grant No.KYCX23-0987).
文摘Quantum dialogue(QD)realizes the real-time secure bidirectional quantum communication.Measurement-deviceindependent(MDI)QD can resist all possible attacks focusing on the imperfect measurement devices and enhance QD’s practical security.However,in practical applications,any secure communication requires identity authentication as a prerequisite.In this paper,we propose an MDI QD protocol with bidirectional identity authentication.The practical communication parties can first authenticate the identity of each other simultaneously before the message exchange.In theory,our MDI QD protocol has unconditional security and the communication parties can exchange 1.5 bits of messages in each communication round with linear optical Bell state measurement.We numerically simulate the secrecy message capacity of our MDI QD protocol.Our protocol has two advantages.First,it can effectively resist the impersonation attack and enhance MDI QD’s practical security.Second,it does not require keys to assist the message exchange and has relatively high efficiency.Our protocol has application potential in the future quantum communication field.
基金This work is part of the‘Intelligent and Cyber-Secure Platform for Adaptive Optimization in the Simultaneous Operation of Heterogeneous Autonomous Robots(PICRAH4.0)’with reference MIG-20232082,funded by MCIN/AEI/10.13039/501100011033supported by the Universidad Internacional de La Rioja(UNIR)through the Precompetitive Research Project entitled“Nuevos Horizontes en Internet de las Cosas y NewSpace(NEWIOT)”,reference PP-2024-13,funded under the 2024 Call for Research Projects.
文摘This work evaluates an architecture for decentralized authentication of Internet of Things(IoT)devices in Low Earth Orbit(LEO)satellite networks using IOTA Identity technology.To the best of our knowledge,it is the first proposal to integrate IOTA’s Directed Acyclic Graph(DAG)-based identity framework into satellite IoT environments,enabling lightweight and distributed authentication under intermittent connectivity.The system leverages Decentralized Identifiers(DIDs)and Verifiable Credentials(VCs)over the Tangle,eliminating the need for mining and sequential blocks.An identity management workflow is implemented that supports the creation,validation,deactivation,and reactivation of IoT devices,and is experimentally validated on the Shimmer Testnet.Three metrics are defined and measured:resolution time,deactivation time,and reactivation time.To improve robustness,an algorithmic optimization is introduced that minimizes communication overhead and reduces latency during deactivation.The experimental results are compared with orbital simulations of satellite revisit times to assess operational feasibility.Unlike blockchain-based approaches,which typically suffer from high confirmation delays and scalability constraints,the proposed DAG architecture provides fast,cost-free operations suitable for resource-constrained IoT devices.The results show that authentication can be efficiently performed within satellite connectivity windows,positioning IOTA Identity as a viable solution for secure and scalable IoT authentication in LEO satellite networks.
文摘The developing Sixth-Generation(6G)network aims to establish seamless global connectivity for billions of humans,machines,and devices.However,the rich digital service and the explosive heterogeneous connection between various entities in 6G networks can not only induce increasing complications of digital identity management,but also raise material concerns about the security and privacy of the user identity.In this paper,we design a user-centric identity management that returns the sole control to the user self and achieves identity sovereignty toward 6G networks.Specifically,we propose a blockchain-based Identity Management(IDM)architecture for 6G networks,which provides a practical method to secure digital identity management.Subsequently,we develop a fully privacy-preserving identity attribute management scheme by using zero-knowledge proof to protect the privacy-sensitive identity attribute.In particular,the scheme achieves an identity attribute hiding and verification protocol to support users in obtaining and applying their identity attributes without revealing concrete data.Finally,we analyze the security of the proposed architecture and implement a prototype system to evaluate its performance.The results demonstrate that our architecture ensures effective user digital identity management in 6G networks.
基金supported by the Key Project of Science and Technology Research by Chongqing Education Commission under Grant KJZD-K202400610the Chongqing Natural Science Foundation General Project Grant CSTB2025NSCQ-GPX1263.
文摘The ubiquitous adoption of mobile devices as essential platforms for sensitive data transmission has heightened the demand for secure client-server communication.Although various authentication and key agreement protocols have been developed,current approaches are constrained by homogeneous cryptosystem frameworks,namely public key infrastructure(PKI),identity-based cryptography(IBC),or certificateless cryptography(CLC),each presenting limitations in client-server architectures.Specifically,PKI incurs certificate management overhead,IBC introduces key escrow risks,and CLC encounters cross-system interoperability challenges.To overcome these shortcomings,this study introduces a heterogeneous signcryption-based authentication and key agreement protocol that synergistically integrates IBC for client operations(eliminating PKI’s certificate dependency)with CLC for server implementation(mitigating IBC’s key escrow issue while preserving efficiency).Rigorous security analysis under the mBR(modified Bellare-Rogaway)model confirms the protocol’s resistance to adaptive chosen-ciphertext attacks.Quantitative comparisons demonstrate that the proposed protocol achieves 10.08%–71.34%lower communication overhead than existing schemes across multiple security levels(80-,112-,and 128-bit)compared to existing protocols.
基金supported by National Natural Science Foundation of China:Space-based occultation detection with ground-based GNSS atmospheric horizontal gradient model(41904033).
文摘The satellite-based augmentation system(SBAS)provides differential and integrity augmentation services for life safety fields of aviation and navigation.However,the signal structure of SBAS is public,which incurs a risk of spoofing attacks.To improve the anti-spoofing capability of the SBAS,European Union and the United States conduct research on navigation message authentication,and promote the standardization of SBAS message authentication.For the development of Beidou satellite-based augmentation system(BDSBAS),this paper proposes navigation message authentication based on the Chinese commercial cryptographic standards.Firstly,this paper expounds the architecture and principles of the SBAS message authentication,and then carries out the design of timed efficient streaming losstolerant authentication scheme(TESLA)and elliptic curve digital signature algorithm(ECDSA)authentication schemes based on Chinese commercial cryptographic standards,message arrangement and the design of over-the-air rekeying(OTAR)message.Finally,this paper conducts a theoretical analysis of the time between authentications(TBA)and maximum authentication latency(MAL)for L5 TESLA-I and L5 ECDSA-Q,and further simulates the reception time of OTAR message,TBA and MAL from the aspects of OTAR message weight and demodulation error rate.The simulation results can provide theoretical supports for the standardization of BDSBAS message authentication.
基金supported in part by National Natural Science Foundation of China(under Grant 61902163)the Jiangsu“Qing Lan Project”,Natural Science Foundation of the Jiangsu Higher Education Institutions of China(Major Research Project:23KJA520007)Postgraduate Research&Practice Innovation Program of Jiangsu Province(No.SJCX25_1303).
文摘Unmanned Aerial Vehicles(UAVs)in Flying Ad-Hoc Networks(FANETs)are widely used in both civilian and military fields,but they face severe security,trust,and privacy vulnerabilities due to their high mobility,dynamic topology,and open wireless channels.Existing security protocols for Mobile Ad-Hoc Networks(MANETs)cannot be directly applied to FANETs,as FANETs require lightweight,high real-time performance,and strong anonymity.The current FANETs security protocol cannot simultaneously meet the requirements of strong anonymity,high security,and low overhead in high dynamic and resource-constrained scenarios.To address these challenges,this paper proposes an Anonymous Authentication and Key Exchange Protocol(AAKE-OWA)for UAVs in FANETs based on OneWay Accumulators(OWA).During the UAV registration phase,the Key Management Center(KMC)generates an identity ticket for each UAV using OWA and transmits it securely to the UAV’s on-board tamper-proof module.In the key exchange phase,UAVs generate temporary authentication tickets with random numbers and compute the same session key leveraging the quasi-commutativity of OWA.For mutual anonymous authentication,UAVs encrypt random numbers with the session key and verify identities by comparing computed values with authentication values.Formal analysis using the Scyther tool confirms that the protocol resists identity spoofing,man-in-the-middle,and replay attacks.Through Burrows Abadi Needham(BAN)logic proof,it achieves mutual anonymity,prevents simulation and physical capture attacks,and ensures secure connectivity of 1.Experimental comparisons with existing protocols prove that the AAKE-OWA protocol has lower computational overhead,communication overhead,and storage overhead,making it more suitable for resource-constrained FANET scenarios.Performance comparison experiments show that,compared with other schemes,this scheme only requires 8 one-way accumulator operations and 4 symmetric encryption/decryption operations,with a total computational overhead as low as 2.3504 ms,a communication overhead of merely 1216 bits,and a storage overhead of 768 bits.We have achieved a reduction in computational costs from 6.3%to 90.3%,communication costs from 5.0%to 69.1%,and overall storage costs from 33%to 68%compared to existing solutions.It can meet the performance requirements of lightweight,real-time,and anonymity for unmanned aerial vehicles(UAVs)networks.
文摘The current study examined the roles of collective self-esteem and personal self-esteem in the relationship between national identity and subjective well-being.Participants were 583 Chinese college students(females=49%;mean age=19.25±1.85 years).They completed measures of national identity,collective self-esteem,personal self-esteem,and subjective well-being.Path analysis findings result indicated national identity to influence the students’subjective wellbeing through three pathways:(1)national identity→collective self-esteem→subjective well-being,meaning higher subjective wellbeing with collective self-esteem.(2)national identity→personal self-esteem→subjective well-being,to suggest higher personal self-esteem was associated with subjective wellbeing;(3)national identity→collective selfesteem→personal self-esteem→subjective well-being.Compared to simple mediation models constructed with only personal self-esteem or collective self-esteem as a single mediating variable,the chain mediation model better explains the mediating mechanism of national identity on subjective well-being(the variance explained by the mediating variables increased by 65.38%and 59.26%,respectively).The collective self-esteem and personal self-esteem mediation is consistent with social identity theory,whereby national identity enhances collective self-evaluation,which in turn bolsters personal self-worth and subjective well-being.These findings of the current study offer new insights into how national identity affects subjective well-being in collectivistic culture.
基金supported by the Guangdong Provincial Philosophy and Social Science“14th Five-Year Plan”Discipline Co-Construction Project(Grant No.GD22XJY14)the 2022 Guangdong Provincial Higher Education Teaching Reform Project(Grant No.Yue Jiao Gao[2023]4)Guangdong Polytechnic Normal University’s Project for Enhancing the Research Capacity of Doctoral Application Institution(Grant No.22GPNUZDJS48).
文摘Objectives:Psychological resilience is a critical resource for vocational high school students navigating social biases and fostering mental well-being.This six-month longitudinal study investigated the developmental trajectories of discrimination perception,vocational identity,and psychological resilience in this population.It further examined the longitudinal mediating role of vocational identity in the relationship between discrimination perception and psychological resilience.Methods:A total of 526 students from five vocational high schools in Guangdong,China,were assessed via convenience sampling at two time points:baseline(T1,September 2023)and six-month follow-up(T2,March 2024).Measures of discrimination perception,psychological resilience,and vocational identity were administered.Data were analyzed using a cross-lagged panel model to test for bidirectional relationships.Results:Over the six-month period,students showed significant decreases in discrimination perception and vocational identity,but a significant increase in psychological resilience.The cross-lagged model revealed significant bidirectional relationships:discrimination perception and psychological resilience negatively predicted each other over time(β=−0.124,p<0.01;β=−0.200,p<0.001),while psychological resilience and vocational identity positively predicted each other(β=0.084,p<0.05;β=0.076,p<0.05).The mediation analysis revealed a dual-pathway mechanism.T1 discrimination perception exerted both a significant direct negative effect on T2 psychological resilience(β=−0.332,p<0.001)and a significant indirect positive effect via T1 vocational identity(indirect effect=0.020,95%CI[0.001,0.046]).This confirms a partial mediating role,indicating that vocational identity functions as a compensatory mechanism,transforming the experience of discrimination perception into a potential source of psychological resilience.Conclusions:For vocational high school students,perception of discrimination directly undermines psychological resilience,but also indirectly fosters it through the positive development of vocational identity.These findings highlight vocational identity as a pivotal mechanism in the complex relationship between social adversity and mental resilience.
基金Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘Cyber-criminals target smart connected devices for spyware distribution and security breaches,but existing Internet of Things(IoT)security standards are insufficient.Major IoT industry players prioritize market share over security,leading to insecure smart products.Traditional host-based protection solutions are less effective due to limited resources.Overcoming these challenges and enhancing the security of IoT Devices requires a security design at the network level that uses lightweight cryptographic parameters.In order to handle control,administration,and security concerns in traditional networking,the Gateway Node offers a contemporary networking architecture.By managing all network-level computations and complexity,the Gateway Node relieves IoT devices of these responsibilities.In this study,we introduce a novel privacy-preserving security architecture for gateway-node smart homes.Subsequently,we develop Smart Homes,An Efficient,Anonymous,and Robust Authentication Scheme(EARAS)based on the foundational principles of this security architecture.Furthermore,we formally examine the security characteristics of our suggested protocol that makes use of methodology such as ProVerif,supplemented by an informal analysis of security.Lastly,we conduct performance evaluations and comparative analyses to assess the efficacy of our scheme.Performance analysis shows that EARAS achieves up to 30%to 54%more efficient than most protocols and lower computation cost compared to Banerjee et al.’s scheme,and significantly reduces communication overhead compared to other recent protocols,while ensuring comprehensive security.Our objective is to provide robust security measures for smart homes while addressing resource constraints and preserving user privacy.
文摘Within contemporary healthcare systems, professional identity among specialized nurses serves as a pivotal intrinsic factor influencing the development of their core competencies. This review synthesizes existing research, revealing that professional identity positively impacts the development of core competencies through multiple pathways, including psychological drive, behavioral facilitation, teamwork, and career stability. Building on this analysis, this paper proposes systematic enhancement strategies from four dimensions: education and training, organizational environment, cultural development, and individual growth, aiming to provide a reference for nursing practice and professional development.
文摘Recognizing frontal faces from non-frontal or profile images is a major problem due to pose changes,self-occlusions,and the complete loss of important structural and textural components,depressing recognition accuracy and visual fidelity.This paper introduces a new deep generative framework,Modified Multi-Scale Fused CycleGAN(MMF-CycleGAN),for robust and photo-realistic profile-to-frontal face synthesis.The MMF-CycleGAN framework utilizes pre-processing and then the generator employs a Deep Dilated DenseNet encoder-based hierarchical feature extraction along with a transformer and decoder.The proposed Multi-Scale Fusion PatchGAN discriminator enforces consistency at multiple spatial resolutions,leading to sharper textures and improved global facial geometry.Also,GAN training stability and identity preservation are improved through the Ranger optimizer,which effectively balances adversarial,identity,and cycle-consistency losses.Experiments on three benchmark datasets show that MMFCycleGAN achieves accuracy of 0.9541,0.9455,and 0.9422,F1-scores of 0.9654,0.9641,and 0.9614,and AUC values of 0.9742,0.9714,and 0.9698,respectively,and the extreme-pose accuracy(yaw>60°)reaches 0.92.Despite its enhanced architecture,the framework maintains an efficient inference time of 0.042 s per image,making it suitable for real-time biometric authentication,surveillance,and security applications in unconstrained environments.
基金supported by the National Social Science Fund of China(No.23BSH123).
文摘Background:Emerging adulthood is a critical period for ego identity exploration and consolidation,and self-presentation on social media constitutes a salient online context for this developmental process.However,limited research has explored the associations between self-presentation on WeChat Moments and ego identity.This study aims to examine these associations,focusing on the mediating role of online positive feedback and the moderating role of gender.Methods:Using a three-wave longitudinal design,this study followed 767 Chinese college students(Mean age=18.96 years)through cluster sampling.Participants completed self-report questionnaires assessing self-presentation on WeChat Moments,online positive feedback,and ego identity status.Data analyses were conducted using mediation modeling and multi-group structural equation modeling.Results:Authentic self-presentation was positively associated with identity achievement and negatively associated with identity diffusion,whereas positive self-presentation was linked to higher levels of identity foreclosure.Online positive feedback played a significant mediating role in the associations between self-presentation strategies and identity statuses,and gender differences were observed in this mediating pathway.For both males and females,authentic self-presentation was associated with higher identity achievement through online positive feedback.However,indirect associations with identity foreclosure and diffusion were observed only among females:authentic self-presentation was linked to lower levels,whereas positive self-presentation was linked to higher levels of foreclosure and diffusion through online positive feedback.No comparable indirect associations were detected among males.Conclusions:Online positive feedback is closely linked to self-presentation strategies and ego identity statuses,with these associations varying by gender.
基金Project supported by the National Natural Science Foundation of China (Grant Nos 60572071 and 60873101)Natural Science Foundation of Jiangsu Province (Grant Nos BM2006504, BK2007104 and BK2008209)College Natural Science Foundation of Jiangsu Province (Grant No 06KJB520137)
文摘A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer.
基金supported by the National High-Tech Research,Development Plan of China (Grant Nos 2006AA01Z440,2009AA012441 and 2009AA012437)National Basic Research Program of China (973 Program) (Grant No 2007CB311100)+5 种基金the National Natural Science Foundation of China (Grant Nos 60873191 and 60821001)the Scientific Research Common Program of Beijing Municipal Commission of Education (Grant No KM200810005004)Beijing Natural Science Foundation (Grant No 1093015)the Open Research Fund of National Mobile Communications Research Laboratory,Southeast Universitythe ISN Open FoundationScience and Technology Program of Beijing (Grant No Z07000100720706)
文摘A multiparty simultaneous quantum identity authentication protocol based on Creenberger-Horne-Zeilinger (GHZ) states is proposed. The multi-user can be authenticated by a trusted third party (TTP) simultaneously. Compared with the scheme proposed recently (Wang et al 2006 Chin. Phys. Lett. 23(9) 2360), the proposed scheme has the advantages of consuming fewer quantum and classical resources and lessening the difficulty and intensity of necessary operations.
基金supported by the Natural Science Foundation of Shanghai(20ZR1419700 and 22ZR1481000)Open Foundation of Henan Key Laboratory of Cyberspace Situation Awareness(HNTS2022011)。
文摘With the popularity of the internet,users hope to better protect their privacy while obtaining network services.However,in the traditional centralized authentication scheme,identity information such as the user's private key is generated,stored,and managed by the network operator.Users can't control their identity information,which will lead to a great threat to the privacy of users.Based on redactable blockchain,we propose a fine-grained and fair identity authentication scheme for mobile networks.In our proposed scheme,the user's identity information is generated and controlled by the users.We first propose a notion of score chameleon hash(SCH),which can delete or update the information of illegal users so as to dynamically update the status of users and provide users with more fine-grained and fair services.We propose another notion of self-updating secret sharing(SUSS),which allows users to update the trapdoor and the corresponding hash key after redacting the blockchain without requiring trusted authority to redistribute the trapdoor.Experimental results show that,compared with the immutable blockchain Bitcoin,the redactable blockchain in our identity authentication scheme provides users with fine-grained and fair redacting functions,and can be adopted with a small additional overhead.
基金Supported by the National Natural Science Foundation of China(U1304614,U1204703)the Construct Program of the Key Discipline in Zhengzhou Normal UniversityAid Program for Science and Technology Innovative Research Team of Zhengzhou Normal University,Henan Province Education Science Plan General Topic((2018)-JKGHYB-0279)
文摘In the cloud computing, different cloud service providers are often in different trust domains. As the traditional identity authentication mode cannot be applied to the cloud computing, the cross-domain identity authentication mechanism is needed to solve the identity authentication problem in the cloud computing. In view of the security problems in cloud computing, a cross-domain identity authentication scheme based on group signature is proposed. This scheme introduces a group of cloud service providers and users who are located in different trust domains. Any member of the group can generate the signature on behalf of the whole group, making the user access the cloud service provider in the case of privacy security. At the same time, with traceability it can track illegal operation of illegal users. In addition, the scheme uses the Chinese Remainder Theorem to integrate the message, and it can control the length of the data in the calculation process, simplifying the calculation process. It also realizes the join and revocation of group members without changing the key of other legitimate group members, and the maintenance cost of authentication schemes is low. The results show that the scheme has the advantages of anonymity, anti-counterfeit, traceability, anti-joint attack and so on. It can not only realize tracking function under the condition of guaranteeing user's privacy, but can also simplify the authentication calculation process to improve the efficiency of the cross domain identity authentication, and its performance is more suitable for large-scale cloud computing environment.
文摘From the viewpoint of protocol sequence, analyses are made of the sequence patterns of possible identity authentication protocol under two cases: with or without the trusted third party (TFP). Ten feasible sequence patterns of authentication protocol with TIP and 5 sequence patterns without TFP are gained. These gained sequence patterns meet the requirements for identity authentication, and basically cover almost all the authentication protocols with TFP and without TFP at present. All of the sequence patterns gained are classified into unilateral or bilateral authentication. Then, according to the sequence symmetry, several good sequence patterns with TFP are evaluated. The accompolished results can provide a reference to design of new identity authentication protocols.
