In this work,a novel one-time-programmable memory unit based on a Schottky-type p-GaN diode is proposed.During the programming process,the junction switches from a high-resistance state to a low-resistance state throu...In this work,a novel one-time-programmable memory unit based on a Schottky-type p-GaN diode is proposed.During the programming process,the junction switches from a high-resistance state to a low-resistance state through Schottky junction breakdown,and the state is permanently preserved.The memory unit features a current ratio of more than 10^(3),a read voltage window of 6 V,a programming time of less than 10^(−4)s,a stability of more than 108 read cycles,and a lifetime of far more than 10 years.Besides,the fabrication of the device is fully compatible with commercial Si-based GaN process platforms,which is of great significance for the realization of low-cost read-only memory in all-GaN integration.展开更多
Objective:To observe the effectiveness and safety of one-time endodontics in the treatment of chronic apical periodontitis with sinus tract in pediatric deciduous teeth.Methods:109 cases of children with chronic apica...Objective:To observe the effectiveness and safety of one-time endodontics in the treatment of chronic apical periodontitis with sinus tract in pediatric deciduous teeth.Methods:109 cases of children with chronic apical periodontitis with sinus tract in the deciduous teeth treated in our hospital from January 2022 to December 2023 were selected and grouped by the randomized numerical table method,with 54 cases in the experimental group and 55 cases in the control group.The experimental group was treated with one-time endodontics and the control group was treated with conventional endodontics.Results:After the treatment,the total effective rate of treatment was higher in the experimental group than in the control group(P<0.05);the incidence of adverse events was lower in the experimental group than in the control group(P<0.05);the satisfaction of the children's family members was higher in the experimental group than in the control group(P<0.05);the pain duration was lower in the experimental group than in the control group(P<0.05).Conclusion:In the experimental group,children with chronic apical periodontitis with sinus tract of the deciduous teeth were given one-time endodontic treatment,and the results of its implementation were relatively good.展开更多
Cotton producers have substantially reduced their inputs(labor,nutrients,and management)mainly by adopting a shortseason cropping management that is characterized by late sowing,high density,and reduced fertilization ...Cotton producers have substantially reduced their inputs(labor,nutrients,and management)mainly by adopting a shortseason cropping management that is characterized by late sowing,high density,and reduced fertilization with one-time application at the first bloom stage without lint yield reduction.However,it has been hypothesized that one-time fertilization at an earlier growth stage could be a more effective and economic management practice.A two-year field experiment was conducted by applying five fertilizer one-time fertilization at 0(FT1),5(FT2),10(FT3),15(FT4),and 20(FT5)days after the first flower appeared in the field and one three-split fertilizer application taken as the conventional control(FT6),making six treatments altogether.Cotton growth period,biomass accumulation,yield,and its formation were quantified.The results showed that the one-time fertilization did not affect the cotton growth progress as compared to FT6,however,the total crop cycles for FT3–FT5 were 3 days shorter.FT1 produced the highest cotton lint yield(1396 kg ha–1),which was similar to the FT6 but higher than the other treatments,and could be attributed to more bolls per unit area and higher lint percentage.Cotton yield was positively correlated with cotton plant biomass accumulated.FT1 had both the highest average(VT)(193.7 kg ha–1 d–1)and the highest maximum(VM)(220.9 kg ha–1 d–1)rates during the fast biomass accumulation period.These results suggest that one-time fertilizer application at the first flower stage might be an adjustment that is more effective than at first bloom,and allowed for easier decision making for application date due to non counting of plants with flowers is needed.展开更多
To solve the critical problems of lithium rich cathode materials, e.g., structure instability and short cycle life, we have successfully prepared a ZrO2-coated and Zr-doping xLi2MnO3·(1–x)LiMO2 hollow architectu...To solve the critical problems of lithium rich cathode materials, e.g., structure instability and short cycle life, we have successfully prepared a ZrO2-coated and Zr-doping xLi2MnO3·(1–x)LiMO2 hollow architecture via one-time sintering process. The modified structural materials as lithium-ion cathodes present good structural stability and superior cycle performance in LIBs. The discharge capacity of the ZrO2-coated and Zr-doped hollow pristine is 220 mAh g-1 at the 20th cycle at 0.2 C(discharge capacity loss, 2.7%)and 150 m Ah g-1 at the 100 th cycle at 1 C(discharge capacity loss, 17.7%), respectively. However, hollow pristine electrode only delivers 203 m Ah g-1 at the 20 th cycle at 0.2 C and 124 mAh g-1 at the 100 th cycle at 1 C, respectively, and the corresponding to capacity retention is 92.2% and 72.8%, respectively.Diffusion coefficients of modified hollow pristine electrode are much higher than that of hollow pristine electrode after 100 cycles(approach to 1.4 times). In addition, we simulate the adsorption reaction of HF on the surface of ZrO2-coated layer by the first-principles theory. The calculations prove that the adsorption energy of HF on the surface of ZrO2-coated layer is about-1.699 e V, and the ZrO2-coated layer could protect the hollow spherical xLi2MnO3·(1–x)LiMO2 from erosion by HF. Our results would be applicable for systematic amelioration of high-performance lithium rich material for anode with the respect of practical application.展开更多
We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy sig...We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.展开更多
A 32 kbit OTP(one-time programmable)memory for MCUs(micro-controller units)used in remote controllers was designed.This OTP memory is used for program and data storage.It is required to apply 5.5V to BL(bit-line)and 1...A 32 kbit OTP(one-time programmable)memory for MCUs(micro-controller units)used in remote controllers was designed.This OTP memory is used for program and data storage.It is required to apply 5.5V to BL(bit-line)and 11V to WL(word-line)for a OTP cell of 0.35μm ETOX(EEPROM tunnel oxide)type by MagnaChip.We use 5V transistors on column data paths to reduce the area of column data paths since they require small areas.In addition,we secure device reliability by using HV(high-voltage)transistors in the WL driver.Furthermore,we change from a static logic to a dynamic logic used for the WL driver in the core circuit.Also,we optimize the WD(write data)switch circuit.Thus,we can implement them with a small-area design.In addition,we implement the address predecoder with a small-area logic circuit.The area of the designed 32 kbit OTP with 5V and HV devices is 674.725μm×258.75μm(=0.1745mm2)and is 56.3% smaller than that using 3.3V devices.展开更多
Lightweight roof greening is an important way for improving urban ecological environment and has good ecological and social benefits, but the investment is- too-high for the investors. Therefore, it is necessary to im...Lightweight roof greening is an important way for improving urban ecological environment and has good ecological and social benefits, but the investment is- too-high for the investors. Therefore, it is necessary to improve the system of lightweight roof greening. This study introduced a lightweight roof greening mode with low cost, simple construction, rapid formation, good economic benefit and convenient curing.展开更多
Glass ceramics was made by the one-time sintering method using the main raw material of iron tailings. On the basis of quaternary system of CaO-MgO-Al2O3-SiO2, using DTA, XRD and SEM, the effects of different nucleati...Glass ceramics was made by the one-time sintering method using the main raw material of iron tailings. On the basis of quaternary system of CaO-MgO-Al2O3-SiO2, using DTA, XRD and SEM, the effects of different nucleating agents and mixing amounts as well as heat treatment on the crystallization of railings glass ceramics were studied. The experimental results show that, nucleating agent and heat treatment are two necessary conditions for one-time sintering preparation of tailings glass ceramics namely, only adding nucleating agent or experiencing heat treatment, the quaternary system can not crystallize. The composite nucleating agent consisting of Cr2O3 and TiO2 can further lead to the crystallization of the CaO-MgO-A1203-SiO2 quaternary system at the lower temperature, with the major phase of diopside. In the range of mass content, 0%-4%, crystal intensity and crystal content grow. But when mass content is more than 4%, the crystal size will become coarser and the crystal distribution will be less regular. Different heat treatment regimes do not change the composition of the crystalline major phase in the glass ceramics crystallization of CaO-MgO-Al2O3-SiO2 system. In the range of 30-60 minutes, with the extension of nucleation and crystallization, crystallization degree enhanced, but if the holding time surpasses 60 minutes, the crystallization is worse.展开更多
The one-time pad(OTP)is an applicationlayer encryption technique to achieve the informationtheoretic security,and the physical-layer secret key generation(SKG)technique is a promising candidate to provide the random k...The one-time pad(OTP)is an applicationlayer encryption technique to achieve the informationtheoretic security,and the physical-layer secret key generation(SKG)technique is a promising candidate to provide the random keys for OTP.In this paper,we propose a joint SKG and OTP encryption scheme with the aid of a reconfigurable intelligent surface(RIS)to boost secret key rate.To maximize the efficiency of secure communication,we divide the process of secure transmission into two stages:SKG and then encrypted packet transmission.Meanwhile,we design an optimal algorithm for allocating time slots for SKG to maximize SKG efficiency without security risk.Furthermore,we design a key updating protocol based on our SKG scheme for OTP encryption.Simulation results verify that our scheme can generate keys securely and efficiently,and significantly improve the secure communication performance in an intelligent IoT system.展开更多
In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approac...In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates.展开更多
Text-based passwords are heavily used to defense for many web and mobile applications. In this paper, we investigated the patterns and vulnerabilities for both web and mobile applications based on conditions of the Sh...Text-based passwords are heavily used to defense for many web and mobile applications. In this paper, we investigated the patterns and vulnerabilities for both web and mobile applications based on conditions of the Shannon entropy, Guessing entropy and Minimum entropy. We show how to substantially improve upon the strength of passwords based on the analysis of text-password entropies. By analyzing the passwords datasets of Rockyou and 163.com, we believe strong password can be designed based on good usability, deployability, rememberbility, and security entropies.展开更多
Identity authentication is the first line of defense for network security.Passwords have been the most widely used authentication method in recent years.Although there are security risks in passwords,they will be the ...Identity authentication is the first line of defense for network security.Passwords have been the most widely used authentication method in recent years.Although there are security risks in passwords,they will be the primary method in the future due to their simplicity and low cost.Considering the security and usability of passwords,we propose AvoidPwd,which is a novel mnemonic password generation strategy that is based on keyboard transformation.AvoidPwd helps users customize a“route”to bypass an“obstacle”and choose the characters on the“route”as the final password.The“obstacle”is a certain word using any language and the keys adjacent to the“obstacle”are typed with the“Shift”key.A two-part experiment was conducted to examine the memorability and security of the AvoidPwd strategy with other three password strategies and three leaked password sets.The results showed that the passwords generated by the AvoidPwd strategy were more secure than the other leaked password sets.Meanwhile,AvoidPwd outperformed the KbCg,SpIns,and Alphapwd in balancing security and usability.In addition,there are more symbols in the character distribution of AvoidPwd than the other strategies.AvoidPwd is hopeful to solve the security problem that people are difficult to remember symbols and they tend to input letters and digits when creating passwords.展开更多
To achieve privacy and authentication sinmltaneously in mobile applications, various Three-party Password-authenticated key exchange (3PAKE) protocols have been proposed. However, some of these protocols are vulnera...To achieve privacy and authentication sinmltaneously in mobile applications, various Three-party Password-authenticated key exchange (3PAKE) protocols have been proposed. However, some of these protocols are vulnerable to conventional attacks or have low efficiency so that they cannot be applied to mobile applications. In this paper, we proposed a password-authenticated multiple key exchange protocol for mobile applications using elliptic curve cryptosystem. The proposed protocol can achieve efficiency, reliability, flexibility and scalability at the same time. Compared with related works, the proposed protocol is more suitable and practical for mobile applications.展开更多
Android applications are associated with a large amount of sensitive data,therefore application developers use encryption algorithms to provide user data encryption,authentication and data integrity protection.However...Android applications are associated with a large amount of sensitive data,therefore application developers use encryption algorithms to provide user data encryption,authentication and data integrity protection.However,application developers do not have the knowledge of cryptography,thus the cryptographic algorithm may not be used correctly.As a result,security vulnerabilities are generated.Based on the previous studies,this paper summarizes the characteristics of password misuse vulnerability of Android application software,establishes an evaluation model to rate the security level of the risk of password misuse vulnerability and develops a repair strategy for password misuse vulnerability.And on this basis,this paper designs and implements a secure container for Android application software password misuse vulnerability:CM-Droid.展开更多
Mobile Ad hoc NETwork (MANET) is a part of the Internet of Things (IoT). In battlefield communication systems, ground soldiers, tanks, and unmanned aerial vehicles comprise a heterogeneous MANET. In 2006, Byun et ...Mobile Ad hoc NETwork (MANET) is a part of the Internet of Things (IoT). In battlefield communication systems, ground soldiers, tanks, and unmanned aerial vehicles comprise a heterogeneous MANET. In 2006, Byun et al. proposed the first constant-round password-based group key ex- change with different passwords for such net- works. In 2008, Nam et al. discovered the short- comings of the scheme, and modified it. But the works only provide the group key. In this paper, we propose a password-based secure communication scheme for the loT, which could be applied in the battlefield communication systems and support dy- namic group, in which the nodes join or leave. By performing the scheme, the nodes in the heteroge- neous MANET can realize secure broadcast, secure unicast, and secure direct communication across realms. After the analyses, we demonstrate that the scheme is secure and efficient.展开更多
Because cross-realm C2C-PAKE (client-to-client password authenticated key exchange) protocols can not resist some attacks, this paper writes up new attacks on two representative protocols, then designs a new cross-r...Because cross-realm C2C-PAKE (client-to-client password authenticated key exchange) protocols can not resist some attacks, this paper writes up new attacks on two representative protocols, then designs a new cross-realm C2C-PAKE protocol with signature and optimal number of rounds for a client (only 2-rounds between a client and a server). Finally, it is proved that the new protocol can be resistant to all known attacks through heuristic analysis and that it brings more security through the comparisons of security properties with other protocols.展开更多
We presented a simple and efficient password-based encrypted key exchange protocol that allows a user to establish secure session keys with remote servers from client terminals in low resource environments. He does no...We presented a simple and efficient password-based encrypted key exchange protocol that allows a user to establish secure session keys with remote servers from client terminals in low resource environments. He does not need to carry smart card storing his private information but just needs to know his identity and password. For this purpose, the scheme was implemented over elliptic curves because of their well-known advantages with regard to processing and size constraints. Furthermore, the scheme is provably secure under the assumptions that the hash function closely behaves like a random oracle and that the elliptic curve computational Diffie-Hellman problem is difficult.展开更多
基金supported in part by the National Key Research and Development Program of China under Grant 2022YFB3604400in part by the Youth Innovation Promotion Association of Chinese Academy Sciences (CAS)+4 种基金in part by the CAS-Croucher Funding Scheme under Grant CAS22801in part by National Natural Science Foundation of China under Grant 62334012, Grant 62074161, Grant 62004213, Grant U20A20208, and Grant 62304252in part by the Beijing Municipal Science and Technology Commission project under Grant Z201100008420009 and Grant Z211100007921018in part by the University of CASin part by the IMECAS-HKUST-Joint Laboratory of Microelectronics
文摘In this work,a novel one-time-programmable memory unit based on a Schottky-type p-GaN diode is proposed.During the programming process,the junction switches from a high-resistance state to a low-resistance state through Schottky junction breakdown,and the state is permanently preserved.The memory unit features a current ratio of more than 10^(3),a read voltage window of 6 V,a programming time of less than 10^(−4)s,a stability of more than 108 read cycles,and a lifetime of far more than 10 years.Besides,the fabrication of the device is fully compatible with commercial Si-based GaN process platforms,which is of great significance for the realization of low-cost read-only memory in all-GaN integration.
文摘Objective:To observe the effectiveness and safety of one-time endodontics in the treatment of chronic apical periodontitis with sinus tract in pediatric deciduous teeth.Methods:109 cases of children with chronic apical periodontitis with sinus tract in the deciduous teeth treated in our hospital from January 2022 to December 2023 were selected and grouped by the randomized numerical table method,with 54 cases in the experimental group and 55 cases in the control group.The experimental group was treated with one-time endodontics and the control group was treated with conventional endodontics.Results:After the treatment,the total effective rate of treatment was higher in the experimental group than in the control group(P<0.05);the incidence of adverse events was lower in the experimental group than in the control group(P<0.05);the satisfaction of the children's family members was higher in the experimental group than in the control group(P<0.05);the pain duration was lower in the experimental group than in the control group(P<0.05).Conclusion:In the experimental group,children with chronic apical periodontitis with sinus tract of the deciduous teeth were given one-time endodontic treatment,and the results of its implementation were relatively good.
基金supported by the National Natural Science Foundation of China (31271665)the Pairing Program of Key Laboratory of Oasis Ecology Agriculture, Xinjiang Production and Construction Group with Eminent Scholars in Elite Universities, China (201601)
文摘Cotton producers have substantially reduced their inputs(labor,nutrients,and management)mainly by adopting a shortseason cropping management that is characterized by late sowing,high density,and reduced fertilization with one-time application at the first bloom stage without lint yield reduction.However,it has been hypothesized that one-time fertilization at an earlier growth stage could be a more effective and economic management practice.A two-year field experiment was conducted by applying five fertilizer one-time fertilization at 0(FT1),5(FT2),10(FT3),15(FT4),and 20(FT5)days after the first flower appeared in the field and one three-split fertilizer application taken as the conventional control(FT6),making six treatments altogether.Cotton growth period,biomass accumulation,yield,and its formation were quantified.The results showed that the one-time fertilization did not affect the cotton growth progress as compared to FT6,however,the total crop cycles for FT3–FT5 were 3 days shorter.FT1 produced the highest cotton lint yield(1396 kg ha–1),which was similar to the FT6 but higher than the other treatments,and could be attributed to more bolls per unit area and higher lint percentage.Cotton yield was positively correlated with cotton plant biomass accumulated.FT1 had both the highest average(VT)(193.7 kg ha–1 d–1)and the highest maximum(VM)(220.9 kg ha–1 d–1)rates during the fast biomass accumulation period.These results suggest that one-time fertilizer application at the first flower stage might be an adjustment that is more effective than at first bloom,and allowed for easier decision making for application date due to non counting of plants with flowers is needed.
基金the financial support by the Natural Science Foundation of Guangdong Province(2019A1515012111)the National Natural Science Foundation of China(51804199 and 51604081)+2 种基金the Science and Technology Innovation Commission of Shenzhen(JCYJ20190808173815205 and 20180123)the Shenzhen Science and Technology Program(KQTD20180412181422399)“Chenguang Program”supported by Shanghai Education Development Foundation and Shanghai Municipal Education Commission(16CG40)。
文摘To solve the critical problems of lithium rich cathode materials, e.g., structure instability and short cycle life, we have successfully prepared a ZrO2-coated and Zr-doping xLi2MnO3·(1–x)LiMO2 hollow architecture via one-time sintering process. The modified structural materials as lithium-ion cathodes present good structural stability and superior cycle performance in LIBs. The discharge capacity of the ZrO2-coated and Zr-doped hollow pristine is 220 mAh g-1 at the 20th cycle at 0.2 C(discharge capacity loss, 2.7%)and 150 m Ah g-1 at the 100 th cycle at 1 C(discharge capacity loss, 17.7%), respectively. However, hollow pristine electrode only delivers 203 m Ah g-1 at the 20 th cycle at 0.2 C and 124 mAh g-1 at the 100 th cycle at 1 C, respectively, and the corresponding to capacity retention is 92.2% and 72.8%, respectively.Diffusion coefficients of modified hollow pristine electrode are much higher than that of hollow pristine electrode after 100 cycles(approach to 1.4 times). In addition, we simulate the adsorption reaction of HF on the surface of ZrO2-coated layer by the first-principles theory. The calculations prove that the adsorption energy of HF on the surface of ZrO2-coated layer is about-1.699 e V, and the ZrO2-coated layer could protect the hollow spherical xLi2MnO3·(1–x)LiMO2 from erosion by HF. Our results would be applicable for systematic amelioration of high-performance lithium rich material for anode with the respect of practical application.
文摘We ayptanalyze Kim et. al's one-time proxy signature scheme used in mobileagents, and then a successful forgery is introduced It is showed that a dishonest customer cansuccessfully forge a valid one-time proxy signature by impersonating the stiver Furthermore, he canrequest the server with responsibility for the forged bidding information.
基金Project supported by the Second Stage of Brain Korea 21 Projects,Korea
文摘A 32 kbit OTP(one-time programmable)memory for MCUs(micro-controller units)used in remote controllers was designed.This OTP memory is used for program and data storage.It is required to apply 5.5V to BL(bit-line)and 11V to WL(word-line)for a OTP cell of 0.35μm ETOX(EEPROM tunnel oxide)type by MagnaChip.We use 5V transistors on column data paths to reduce the area of column data paths since they require small areas.In addition,we secure device reliability by using HV(high-voltage)transistors in the WL driver.Furthermore,we change from a static logic to a dynamic logic used for the WL driver in the core circuit.Also,we optimize the WD(write data)switch circuit.Thus,we can implement them with a small-area design.In addition,we implement the address predecoder with a small-area logic circuit.The area of the designed 32 kbit OTP with 5V and HV devices is 674.725μm×258.75μm(=0.1745mm2)and is 56.3% smaller than that using 3.3V devices.
基金Supported by Science and Technology Planning Project of Guangdong Province,China(No.2015B090904008)Soft Science Planning Project of Guangdong Province(2014B090903015)Ecological Environment Construction and Protection(Techand)Engineering and Technological Research Center(YKHZZ[2013]1589)~~
文摘Lightweight roof greening is an important way for improving urban ecological environment and has good ecological and social benefits, but the investment is- too-high for the investors. Therefore, it is necessary to improve the system of lightweight roof greening. This study introduced a lightweight roof greening mode with low cost, simple construction, rapid formation, good economic benefit and convenient curing.
基金Funded by The National Key Technology R & D Program of China for the 11th Five-Year Plan(2006BAJ04A04)
文摘Glass ceramics was made by the one-time sintering method using the main raw material of iron tailings. On the basis of quaternary system of CaO-MgO-Al2O3-SiO2, using DTA, XRD and SEM, the effects of different nucleating agents and mixing amounts as well as heat treatment on the crystallization of railings glass ceramics were studied. The experimental results show that, nucleating agent and heat treatment are two necessary conditions for one-time sintering preparation of tailings glass ceramics namely, only adding nucleating agent or experiencing heat treatment, the quaternary system can not crystallize. The composite nucleating agent consisting of Cr2O3 and TiO2 can further lead to the crystallization of the CaO-MgO-A1203-SiO2 quaternary system at the lower temperature, with the major phase of diopside. In the range of mass content, 0%-4%, crystal intensity and crystal content grow. But when mass content is more than 4%, the crystal size will become coarser and the crystal distribution will be less regular. Different heat treatment regimes do not change the composition of the crystalline major phase in the glass ceramics crystallization of CaO-MgO-Al2O3-SiO2 system. In the range of 30-60 minutes, with the extension of nucleation and crystallization, crystallization degree enhanced, but if the holding time surpasses 60 minutes, the crystallization is worse.
基金supported by National key research and development program of China, Joint research of IoT security system and key technologies based on quantum key (2020YFE0200600)
文摘The one-time pad(OTP)is an applicationlayer encryption technique to achieve the informationtheoretic security,and the physical-layer secret key generation(SKG)technique is a promising candidate to provide the random keys for OTP.In this paper,we propose a joint SKG and OTP encryption scheme with the aid of a reconfigurable intelligent surface(RIS)to boost secret key rate.To maximize the efficiency of secure communication,we divide the process of secure transmission into two stages:SKG and then encrypted packet transmission.Meanwhile,we design an optimal algorithm for allocating time slots for SKG to maximize SKG efficiency without security risk.Furthermore,we design a key updating protocol based on our SKG scheme for OTP encryption.Simulation results verify that our scheme can generate keys securely and efficiently,and significantly improve the secure communication performance in an intelligent IoT system.
文摘In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates.
文摘Text-based passwords are heavily used to defense for many web and mobile applications. In this paper, we investigated the patterns and vulnerabilities for both web and mobile applications based on conditions of the Shannon entropy, Guessing entropy and Minimum entropy. We show how to substantially improve upon the strength of passwords based on the analysis of text-password entropies. By analyzing the passwords datasets of Rockyou and 163.com, we believe strong password can be designed based on good usability, deployability, rememberbility, and security entropies.
基金supported in part by the National Natural Science Foundation of China (No. 61803149 and No. 61977021)in part by the Technology Innovation Special Program of Hubei Province (No. 2020AEA008)in part by the Hubei Province Project of Key Research Institute of Humanities and Social Sciences at Universities (Research Center of Information Management for Performance Evaluation)
文摘Identity authentication is the first line of defense for network security.Passwords have been the most widely used authentication method in recent years.Although there are security risks in passwords,they will be the primary method in the future due to their simplicity and low cost.Considering the security and usability of passwords,we propose AvoidPwd,which is a novel mnemonic password generation strategy that is based on keyboard transformation.AvoidPwd helps users customize a“route”to bypass an“obstacle”and choose the characters on the“route”as the final password.The“obstacle”is a certain word using any language and the keys adjacent to the“obstacle”are typed with the“Shift”key.A two-part experiment was conducted to examine the memorability and security of the AvoidPwd strategy with other three password strategies and three leaked password sets.The results showed that the passwords generated by the AvoidPwd strategy were more secure than the other leaked password sets.Meanwhile,AvoidPwd outperformed the KbCg,SpIns,and Alphapwd in balancing security and usability.In addition,there are more symbols in the character distribution of AvoidPwd than the other strategies.AvoidPwd is hopeful to solve the security problem that people are difficult to remember symbols and they tend to input letters and digits when creating passwords.
基金Acknowledgements This work was supported by the National Natural ScienceFoundation of China under Grants No. 60873191, No. 60903152, No. 60821001, and the Beijing Natural Science Foundation under Grant No. 4072020.
文摘To achieve privacy and authentication sinmltaneously in mobile applications, various Three-party Password-authenticated key exchange (3PAKE) protocols have been proposed. However, some of these protocols are vulnerable to conventional attacks or have low efficiency so that they cannot be applied to mobile applications. In this paper, we proposed a password-authenticated multiple key exchange protocol for mobile applications using elliptic curve cryptosystem. The proposed protocol can achieve efficiency, reliability, flexibility and scalability at the same time. Compared with related works, the proposed protocol is more suitable and practical for mobile applications.
基金This work is supported by The National Natural Science Foundation of China (Nos.U1536121,61370195).
文摘Android applications are associated with a large amount of sensitive data,therefore application developers use encryption algorithms to provide user data encryption,authentication and data integrity protection.However,application developers do not have the knowledge of cryptography,thus the cryptographic algorithm may not be used correctly.As a result,security vulnerabilities are generated.Based on the previous studies,this paper summarizes the characteristics of password misuse vulnerability of Android application software,establishes an evaluation model to rate the security level of the risk of password misuse vulnerability and develops a repair strategy for password misuse vulnerability.And on this basis,this paper designs and implements a secure container for Android application software password misuse vulnerability:CM-Droid.
基金supported by National Natural Science Foundation of China(Grant Nos.60873191,60903152,61003286,60821001)
文摘Mobile Ad hoc NETwork (MANET) is a part of the Internet of Things (IoT). In battlefield communication systems, ground soldiers, tanks, and unmanned aerial vehicles comprise a heterogeneous MANET. In 2006, Byun et al. proposed the first constant-round password-based group key ex- change with different passwords for such net- works. In 2008, Nam et al. discovered the short- comings of the scheme, and modified it. But the works only provide the group key. In this paper, we propose a password-based secure communication scheme for the loT, which could be applied in the battlefield communication systems and support dy- namic group, in which the nodes join or leave. By performing the scheme, the nodes in the heteroge- neous MANET can realize secure broadcast, secure unicast, and secure direct communication across realms. After the analyses, we demonstrate that the scheme is secure and efficient.
基金the National Natural Science Foundation of China (2007AA01Z431)
文摘Because cross-realm C2C-PAKE (client-to-client password authenticated key exchange) protocols can not resist some attacks, this paper writes up new attacks on two representative protocols, then designs a new cross-realm C2C-PAKE protocol with signature and optimal number of rounds for a client (only 2-rounds between a client and a server). Finally, it is proved that the new protocol can be resistant to all known attacks through heuristic analysis and that it brings more security through the comparisons of security properties with other protocols.
基金Supported by the National Natural Science Foun-dation of China (60473021)
文摘We presented a simple and efficient password-based encrypted key exchange protocol that allows a user to establish secure session keys with remote servers from client terminals in low resource environments. He does not need to carry smart card storing his private information but just needs to know his identity and password. For this purpose, the scheme was implemented over elliptic curves because of their well-known advantages with regard to processing and size constraints. Furthermore, the scheme is provably secure under the assumptions that the hash function closely behaves like a random oracle and that the elliptic curve computational Diffie-Hellman problem is difficult.
