Incorporating electric vehicles into smart grid,vehicle-to-Grid(V2G) makes it feasible to charge for large-scale electric vehicles,and in turn support electric vehicles,as mobile and distributed storage units,to disch...Incorporating electric vehicles into smart grid,vehicle-to-Grid(V2G) makes it feasible to charge for large-scale electric vehicles,and in turn support electric vehicles,as mobile and distributed storage units,to discharge to smart grid.In order to provide reliable and efficient services,the operator of V2 G networks needs to monitor realtime status of every plug-in electric vehicle(PEV) and then evaluate current electricity storage capability.Anonymity,aggregation and dynamic management are three basic but crucial characteristics of which the services of V2 G networks should be.However,few of existing authentication schemes for V2 G networks could satisfy them simultaneously.In this paper,we propose a secure and efficient authentication scheme with privacy-preserving for V2 G networks.The scheme makes the charging/discharging station authenticate PEVs anonymously and manage them dynamically.Moreover,the monitoring data collected by the charging/discharging station could be sent to a local aggregator(LAG)in batch mode.In particular,time overheads during verification stage are independent with the number of involved PEVs,and there is no need to update the membership certificate and key pair before PEV logs out.展开更多
Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, w...Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.展开更多
By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue eith...By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue either incur inter-generation pollution attacks(among multiple generations)or suffer high computation/bandwidth overhead.Using a dynamic public key technique,we propose a novel homomorphic signature scheme for network coding for each generation authentication without updating the initial secret key used.As per this idea,the secret key is scrambled for each generation by using the generation identifier,and each packet can be fast signed using the scrambled secret key for the generation to which the packet belongs.The scheme not only can resist intra-generation pollution attacks effectively but also can efficiently prevent inter-generation pollution attacks.Further,the communication overhead of the scheme is small and independent of the size of the transmitting files.展开更多
With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has b...With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has become the important challenge, but network information security has become a top priority. In the field of authentication, dynamic password technology has gained users’ trust and favor because of its safety and ease of operation. Dynamic password, SHA (Secure Hash Algorithm) is widely used globally and acts as information security mechanism against potential threat. The cryptographic algorithm is an open research area, and development of these state-owned technology products helps secure encryption product and provides safeguard against threats. Dynamic password authentication technology is based on time synchronization, using the state-owned password algorithm. SM3 hash algorithm can meet the security needs of a variety of cryptographic applications for commercial cryptographic applications and verification of digital signatures, generation and verification of message authentication code. Dynamic password basically generates an unpredictable random numbers based on a combination of specialized algorithms. Each password can only be used once, and help provide high safety. Therefore, the dynamic password technology for network information security issues is of great significance. In our proposed algorithm, dynamic password is generated by SM3 Hash Algorithm using current time and the identity ID and it varies with time and changes randomly. Coupled with the SM3 hash algorithm security, dynamic password security properties can be further improved, thus it effectively improves network authentication security.展开更多
This paper presents how to apply the RADIUS (Remote Authentication Dial In User Service)protocol ,which is generally applied to dial-up network, to the authentication & charge of Broad Band accessing control syste...This paper presents how to apply the RADIUS (Remote Authentication Dial In User Service)protocol ,which is generally applied to dial-up network, to the authentication & charge of Broad Band accessing control system on Ethernet. It is provided that the Broad Band accessing control system included a self-designed communication protocol is used in communicating between an terminal user and Network Access Server .The interface module on the servers side and the Radius system is also given in this article.展开更多
One of the goals of sixth-generation mobile networks(6G)is to achieve a larger network coverage area.Satellite networks enable global coverage and aerial nodes such as Unmanned Aerial Vehicle(UAV)can serve as a supple...One of the goals of sixth-generation mobile networks(6G)is to achieve a larger network coverage area.Satellite networks enable global coverage and aerial nodes such as Unmanned Aerial Vehicle(UAV)can serve as a supplement to ground networks in remote environments.Therefore,6G networks are gradually evolving towards Space-AirGround integrated networks.The combination of UAV networks and satellite networks is a research hotspot in the field of Space-Air integrated networks.However,the combination of UAV networks and satellite networks currently faces many challenges in terms of security.The characteristics of large propagation delay and unstable communication links in satellite networks make them vulnerable to various attacks,including eavesdropping,tampering,and impersonation.Meanwhile,existing research on UAV networks mainly focuses on UAV-Ground networking authentication mechanisms,which are not suitable for resourceconstrained nodes in the Space-Air integration scenario.Therefore,based on elliptic curve public key cryptography and Chebyshev polynomial,we propose a secure networking authentication scheme for satellite nodes and UAV nodes in the Space-Air integration scenario.The security analysis indicates that our scheme possesses security attributes such as mutual authentication,key agreement,identity anonymity,unlinkability,perfect forward-backward security,and resistance against various protocol attacks,among other security properties.Performance analysis also indicates certain advantages of our scheme over existing schemes in terms of signaling,bandwidth,and computational overhead.展开更多
基金the Natural Science Foundation of China(61102056,61201132)Fundamental Research Funds for the Central Universities of China(K5051301013)the 111 Project of China(B08038)
文摘Incorporating electric vehicles into smart grid,vehicle-to-Grid(V2G) makes it feasible to charge for large-scale electric vehicles,and in turn support electric vehicles,as mobile and distributed storage units,to discharge to smart grid.In order to provide reliable and efficient services,the operator of V2 G networks needs to monitor realtime status of every plug-in electric vehicle(PEV) and then evaluate current electricity storage capability.Anonymity,aggregation and dynamic management are three basic but crucial characteristics of which the services of V2 G networks should be.However,few of existing authentication schemes for V2 G networks could satisfy them simultaneously.In this paper,we propose a secure and efficient authentication scheme with privacy-preserving for V2 G networks.The scheme makes the charging/discharging station authenticate PEVs anonymously and manage them dynamically.Moreover,the monitoring data collected by the charging/discharging station could be sent to a local aggregator(LAG)in batch mode.In particular,time overheads during verification stage are independent with the number of involved PEVs,and there is no need to update the membership certificate and key pair before PEV logs out.
文摘Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.
基金supported by the National Natural Science Foundation of China under Grant No. 61271174
文摘By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue either incur inter-generation pollution attacks(among multiple generations)or suffer high computation/bandwidth overhead.Using a dynamic public key technique,we propose a novel homomorphic signature scheme for network coding for each generation authentication without updating the initial secret key used.As per this idea,the secret key is scrambled for each generation by using the generation identifier,and each packet can be fast signed using the scrambled secret key for the generation to which the packet belongs.The scheme not only can resist intra-generation pollution attacks effectively but also can efficiently prevent inter-generation pollution attacks.Further,the communication overhead of the scheme is small and independent of the size of the transmitting files.
文摘With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has become the important challenge, but network information security has become a top priority. In the field of authentication, dynamic password technology has gained users’ trust and favor because of its safety and ease of operation. Dynamic password, SHA (Secure Hash Algorithm) is widely used globally and acts as information security mechanism against potential threat. The cryptographic algorithm is an open research area, and development of these state-owned technology products helps secure encryption product and provides safeguard against threats. Dynamic password authentication technology is based on time synchronization, using the state-owned password algorithm. SM3 hash algorithm can meet the security needs of a variety of cryptographic applications for commercial cryptographic applications and verification of digital signatures, generation and verification of message authentication code. Dynamic password basically generates an unpredictable random numbers based on a combination of specialized algorithms. Each password can only be used once, and help provide high safety. Therefore, the dynamic password technology for network information security issues is of great significance. In our proposed algorithm, dynamic password is generated by SM3 Hash Algorithm using current time and the identity ID and it varies with time and changes randomly. Coupled with the SM3 hash algorithm security, dynamic password security properties can be further improved, thus it effectively improves network authentication security.
基金This research is supported by the key Project of Chinese Ministry of Education (No.01083)
文摘This paper presents how to apply the RADIUS (Remote Authentication Dial In User Service)protocol ,which is generally applied to dial-up network, to the authentication & charge of Broad Band accessing control system on Ethernet. It is provided that the Broad Band accessing control system included a self-designed communication protocol is used in communicating between an terminal user and Network Access Server .The interface module on the servers side and the Radius system is also given in this article.
基金supported by the National Key Research and Development Program of China(No.2022YFB2902203)the National Natural Science Foundation of China(No.62172317,No.62102298)the Fundamental Research Funds for the Central Universities(No.YJSJ23007)
文摘One of the goals of sixth-generation mobile networks(6G)is to achieve a larger network coverage area.Satellite networks enable global coverage and aerial nodes such as Unmanned Aerial Vehicle(UAV)can serve as a supplement to ground networks in remote environments.Therefore,6G networks are gradually evolving towards Space-AirGround integrated networks.The combination of UAV networks and satellite networks is a research hotspot in the field of Space-Air integrated networks.However,the combination of UAV networks and satellite networks currently faces many challenges in terms of security.The characteristics of large propagation delay and unstable communication links in satellite networks make them vulnerable to various attacks,including eavesdropping,tampering,and impersonation.Meanwhile,existing research on UAV networks mainly focuses on UAV-Ground networking authentication mechanisms,which are not suitable for resourceconstrained nodes in the Space-Air integration scenario.Therefore,based on elliptic curve public key cryptography and Chebyshev polynomial,we propose a secure networking authentication scheme for satellite nodes and UAV nodes in the Space-Air integration scenario.The security analysis indicates that our scheme possesses security attributes such as mutual authentication,key agreement,identity anonymity,unlinkability,perfect forward-backward security,and resistance against various protocol attacks,among other security properties.Performance analysis also indicates certain advantages of our scheme over existing schemes in terms of signaling,bandwidth,and computational overhead.
