A secure spectrum auction scheme without the trusted party based on the smart contract

With the development of communication 5G networks and technologies,spectrum resources are increasingly scarce.The scarcity of the spectrum resource makes market-driven spectrum auction become an important means of spectrum allocation,and due to the complexity of the network environment,the security of spectrum auctions can not be ignored.Most existing secure spectrum auction schemes introduce a semi-honest agent to complete spectrum auction.However,the hypothetical semi-honest model does not guarantee the security of spectnim auction in the actual application scenario,which may lead to potential security threats:the agent may reveal the privacy of bidders,agent or auctioneer may collude with the bidder to manipulate the spectrum auction,and so on.In this paper,a secure spectrum auction scheme without a trusted party is proposed based on the smart contract technology,and the smart contract written into the blockchain replaces the traditional semi-honest agent to cooperate with the auctioneer server to complete the auction.In order to ensure the security of our scheme,a secure spectrum auction protocol is designed,in which the Software Guard Extensions(SGX)technology and Paillier cryptosystem are used to protect the privacy of bidders.Public verification is provided in our protocol by using extensive Pedersen commitment,which prevents the auctioneer server and the bidder from colluding with each other and verifies group bid sum values.Finally,the security analysis is given to propose several types of attacks that can be defended.Besides,theoretical analysis and simulation experiments of our protocol are also provided.

An Image Steganography Algorithm Based on Quantization Index Modulation Resisting Scaling Attacks and Statistical Detection

In view of the fact that the current adaptive steganography algorithms are difficult to resist scaling attacks and that a method resisting scaling attack is only for the nearest neighbor interpolation method,this paper proposes an image steganography algorithm based on quantization index modulation resisting both scaling attacks and statistical detection.For the spatial image,this paper uses the watermarking algorithm based on quantization index modulation to extract the embedded domain.Then construct the embedding distortion function of the new embedded domain based on S-UNIWARD steganography,and use the minimum distortion coding to realize the embedding of the secret messages.Finally,according to the embedding modification amplitude of secret messages in the new embedded domain,the quantization index modulation algorithm is applied to realize the final embedding of secret messages in the original embedded domain.The experimental results show that the algorithm proposed is robust to the three common interpolation attacks including the nearest neighbor interpolation,the bilinear interpolation and the bicubic interpolation.And the average correct extraction rate of embedded messages increases from 50%to over 93% after 0.5 times-fold scaling attack using the bicubic interpolation method,compared with the classical steganography algorithm S-UNIWARD.Also the algorithm proposed has higher detection resistance than the original watermarking algorithm based on quantization index modulation.

A fine-grained privacy protection data aggregation scheme for outsourcing smart grid

Compared with the traditional power grid,smart grid involves many advanced technologies and applications.However,due to the rapid development of various network technologies,smart grid is facing the challenges of balancing privacy,security,efficiency,and functionality.In the proposed scheme,we design a privacy protection scheme for outsourcing smart grid aided by fog computing,which supports fine-grained privacy-protected data aggregation based on user characteristics.The fog server matches the encrypted characteristics in the received message with the encrypted aggregation rules issued by the service provider.Therefore,the service provider can get more fine-grained analysis data based on user characteristics.Different from the existing outsourcing smart grid schemes,the proposed scheme can achieve real-time pricing on the premise of protecting user privacy and achieving system fault tolerance.Finally,experiment analyses demonstrate that the proposed scheme has less computation overhead and lower transmission delay than existing schemes.

面向车联网的抗设备捕获认证密钥协商协议

随着汽车保有量的持续增长和道路交通的饱和,车联网被视为有效提高交通效率,改善驾乘体验的有效技术之一.认证密钥协商协议是保证车载单元(onboard unit,OBU)与各种信息服务器安全交互的关键手段.通常,认证密钥协商协议所需的密钥被存储于OBU中.然而,由于车辆常处于无人值守状态,OBU失盗事件时有发生.因此,如何确保私钥的存储安全是一个具有挑战性的难题.为了解决上述问题,本文提出了基于不经意伪随机函数(oblivious pseudorandom functions,OPRF)和两方协同签名的抗捕获认证密钥协商协议.借助于两方协同签名,私钥被分成两个部分,一部分使用辅助设备的公钥加密,另一部分通过OBU和辅助设备运行OPRF协议才能恢复.由于OBU中没有存储任何秘密信息,即使OBU被盗取,攻击者仍然无法获取私钥.本文对提出的方案进行了全面的安全性分析和性能比较.结果表明所提出的方案可以抵抗各种已知的攻击,特别是设备被捕获导致的密钥泄露.此外,所提出的方案可以实现计算开销和通信开销的平衡.

An efficient and authenticated key establishment scheme based on fog computing for healthcare system

Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-based healthcare system,Jia et al.proposed an authenticated key agreement scheme.Moreover,in view of the high computation cost existing in Jia et al.’s scheme,Ma et al.presented an efficient one using elliptic curve cryptography.In this paper,we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving.Therefore,to overcome this potential risk,we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions.Additionally,we provide provable security under the adopted adversarial model and ProVerif simulation,and also analyze the performance in terms of computation and communication costs by comparisons.The analysis results show that the improved scheme resists the common attacks,reduces computation overhead,and has a certain significance.

Improvement on a batch authenticated key agreement scheme

The rapid advancement in 5G networks calls for more key technologies to support.To promote its wide deployment and application,ultra-dense network(UDN)plays a significant part by providing high data rate and realizing seamless coverage and low delay.There have proposed many related works on 5G UDN,such as the literatures[1,2].However,UDN still faces some security challenges.For instance,it needs to guarantee the reliable and continuous connection and provide communication security.

An anonymous authentication and secure data transmission scheme for the Internet of Things based on blockchain

With the widespread use of network infrastructures such as 5G and low-power wide-area networks,a large number of the Internet of Things(IoT)device nodes are connected to the network,generating massive amounts of data.Therefore,it is a great challenge to achieve anonymous authentication of IoT nodes and secure data transmission.At present,blockchain technology is widely used in authentication and s data storage due to its decentralization and immutability.Recently,Fan et al.proposed a secure and efficient blockchain-based IoT authentication and data sharing scheme.We studied it as one of the state-of-the-art protocols and found that this scheme does not consider the resistance to ephemeral secret compromise attacks and the anonymity of IoT nodes.To overcome these security flaws,this paper proposes an enhanced authentication and data transmission scheme,which is verified by formal security proofs and informal security analysis.Furthermore,Scyther is applied to prove the security of the proposed scheme.Moreover,it is demonstrated that the proposed scheme achieves better performance in terms of communication and computational cost compared to other related schemes.