An Enhanced Direct Anonymous Attestation Scheme with Mutual Authentication for Network-Connected UAV Communication Systems

In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.

Anonymous voting for multi-dimensional CV quantum system

We investigate the design of anonymous voting protocols,CV-based binary-valued ballot and CV-based multi-valued ballot with continuous variables（CV） in a multi-dimensional quantum cryptosystem to ensure the security of voting procedure and data privacy.The quantum entangled states are employed in the continuous variable quantum system to carry the voting information and assist information transmission,which takes the advantage of the GHZ-like states in terms of improving the utilization of quantum states by decreasing the number of required quantum states.It provides a potential approach to achieve the efficient quantum anonymous voting with high transmission security,especially in large-scale votes.

Restricted common data in anonymous E-cash system

Discuss the problem of infinite increasing coin list in anonymous E-cash systems, which reduce the efficiency of whole system greatly. Though some methods are suggested, no one can solve the problem with high efficiency and flexibility. Here, we use the technique of adding information in blind signatures to deal with this problem. Through adding timestamp in signatures, we can separate the valid period of all used coins into pieces. Only the coins in the last stage are recorded. So the scale of the coins list is controlled. We also analyze the anonymity of these data, and add some indispensable restrictions to them. These restrictions can ensure that the imported data don’t break the anonymity of the customers. In order to fulfill these qualifications, we lead to the concept of restricted common data (RCD). Furthermore, we propose two schemes to add RCD in the blind signature. The simple one is easy to implement, while the complex one can note the value of the coin. The usage of RCD leads to little additional cost, as well as maintaining the anonymity of customers. This method fits for most kinds of anonymous E-cash systems.

Secure and Anonymous Three-Factor Authentication Scheme for Remote Healthcare Systems

Wireless medical sensor networks(WMSNs)play a significant role in increasing the availability of remote healthcare systems.The vital and physiological data of the patient can be collected using the WMSN via sensor nodes that are placed on his/her body and then transmitted remotely to a healthcare professional for proper diagnosis.The protection of the patient’s privacy and their data from unauthorized access is a major concern in such systems.Therefore,an authentication scheme with a high level of security is one of the most effective mechanisms by which to address these security concerns.Many authentication schemes for remote patient monitoring have been proposed recently.However,the majority of these schemes are extremely vulnerable to attacks and are unsuitable for practical use.This paper proposes a secure three-factor authentication scheme for a patient-monitoring healthcare system that operates remotely using a WMSN.The proposed authentication scheme is formally verified using the Burrows,Abadi and Needham’s(BAN)logic model and an automatic cryptographic protocol verifier(ProVerif)tool.We show that our authentication scheme can prevent relevant types of security breaches in a practical context according to the discussed possible attack scenarios.Comparisons of the security and performance are carried out with recently proposed authentication schemes.The results of the analysis show that the proposed authentication scheme is secure and practical for use,with reasonable storage space,computation,and communication efficiency.

Design and analysis of two-layer anonymous communication system

A new architecture for scalable anonymous communication system（SACS） was proposed. The users were divided into several subgroups managed by different sub-blenders, and all sub-blenders were managed by the main-blender using two layers management scheme. The identity information of members are distributed on different sub-blenders, which makes each member keep much less information and network overload greatly reduce. The anonymity and the overhead of the new scheme were analyzed and compared with that of Crowds, which shows the cost of storage and network overhead for the new scheme largely decreases while the anonymity is little degraded. The experiment results also show that the new system architecture is well scalable. The ratio of management cost of SACS to that of Crowds is about 1：25 while the value of P（1｜H1＋） only increases by 0.001-0.020, which shows that SACS keeps almost the same anonymity with Crowds.

Double-Blockchain Assisted Secure and Anonymous Data Aggregation for Fog-Enabled Smart Grid

As a future energy system,the smart grid is designed to improve the efficiency of traditional power systems while providing more stable and reliable services.However,this efficient and reliable service relies on collecting and analyzing users’electricity consumption data frequently,which induces various security and privacy threats.To address these challenges,we propose a double-blockchain assisted secure and anonymous data aggregation scheme for fog-enabled smart grid named DA-SADA.Specifically,we design a three-tier architecture-based data aggregation framework by integrating fog computing and the blockchain,which provides strong support for achieving efficient and secure data collection in smart grids.Subsequently,we develop a secure and anonymous data aggregation mechanism with low computational overhead by jointly leveraging the Paillier encryption,batch aggregation signature and anonymous authentication.In particular,the system achieves fine-grained data aggregation and provides effective support for power dispatching and price adjustment by the designed double-blockchain and two-level data aggregation.Finally,the superiority of the proposed scheme is illustrated by a series of security and computation cost analyses.

A Novel Direct Anonymous Attestation Protocol Based on Zero Knowledge Proof for Different Trusted Domains

In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.

A Novel Anonymous Authentication Scheme Based on Edge Computing in Internet of Vehicles

The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying trafc management applications.However,cloud computing has disadvantages such as high delay,low privacy and high communication cost,which can not meet the needs of realtime interactive information of Internet of vehicles.Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges.Therefore,in order to ensure the user information security and improve the real-time of vehicle information interaction,this paper proposes an anonymous authentication scheme based on edge computing.In this scheme,the concept of edge computing is introduced into the Internet of vehicles,which makes full use of the redundant computing power and storage capacity of idle edge equipment.The edge vehicle nodes are determined by simple algorithm of dening distance and resources,and the improved RSA encryption algorithm is used to encrypt the user information.The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters.Compared with the traditional RSA algorithm,it can resist more attacks,so it is used to ensure the security of user information.It can not only protect the privacy of vehicles,but also avoid anonymous abuse.Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.

A Method to Implement Full Anonymous Attestation for Trusted Computing Platform

Trusted computing （TC） technology is brought out by trusted computing group （TCG） to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform＇s real identity, which are Privacy CA-based protocol and direct anonymous attestation （DAA） protocol. However, in the first protocol the privacy CA is the bottleneck and the platform＇s identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM＇s real identity.

Security Enhanced Anonymous User Authenticated Key Agreement Scheme Using Smart Card

Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.

Anonymous multipath routing protocol based on secret sharing in mobile ad hoc networks

Because the intrinsic characteristics of mobile ad hoc networks（MANETs） cause several vulnerabilities,anonymous routing protocols attract much more attention in secure mobile ad hoc networks for the purposes of security and privacy concerns.Until recently,lots of anonymous routing protocols have been proposed.However,most of them are single path or use one path at a time,and the multipath schemes can not thwart both the passive attacks and active attacks simultaneously.Thus an anonymous multipath routing protocol based on secret sharing is proposed.The protocol provides identity anonymity,location anonymity,data and traffic anonymity by employing cryptograph technology and secret sharing in MANET communication process.Meanwhile,a hash function is introduced to detect active attacks in the data transmission process.The protocol can effectively thwart various passive attacks and reduce the successful probability of active attacks（such as interception and physical destroy attacks）.Simulation results show that the proposed scheme provides a reasonably good level of network security and performance.

A Secure Trust Model for P2P Systems Based on Trusted Computing

Trust is one of the most important security requirements in the design and implementation of peer-to-peer （P2P） systems. In an environment where peers＇ identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer＇s identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing （TC） technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group （DAWG） is up to 0.6 and the percentage of malicious peers is up to 70%7 the service selection failure rate is less than 0.15.

对于中国传统服装“开裆裤”的调查与研究——应用Anonymous Design为卧床癌病患者设计的下装研究

本文是日本学术振兴会科学研究费基金项目中以“应用Anonymous Design来为卧床癌症患者设计的下装研究”阶段性成果。在这项研究中,笔者于2019年2月对中国开裆裤进行了实物调研。开裆裤通常被认为是幼儿使用的、裆部有开口的裤子,其原型具有很悠久的历史,有不同的样式。关于Anonymous Design,没有统一的定义,笔者在这项研究中将其界定为“没有特定的作者或设计师设计过的物品。典型的例子如传统服装,它是前人的创造力与智慧的结果、产物、或行为。虽质朴但其易于使用的功能性得以长期被沿用,现代人认为“理所当然”的事物原点”。开裆裤完全符合笔者定义的Anonymous Design。本文主要论述笔者在中国进行的开裆裤调研成果,以及整理归纳开裆裤的结构和款式,并提出开裆裤的设计具有“卧床癌症患者使用的下装”所需的应用可能性。

The Internet of Things and Next-generation Public Health Information Systems

The Internet of things has particularly novel implications in the area of public health. This is due to (1) The rapid and widespread adoption of powerful contemporary Smartphone’s;(2) The increasing availability and use of health and fitness sensors, wearable sensor patches, smart watches, wireless-enabled digital tattoos and ambient sensors;and (3) The nature of public health to implicitly involve connectivity with and the acquisition of data in relation to large numbers of individuals up to population scale. Of particular relevance in relation to the Internet of Things (IoT) and public health is the need for privacy and anonymity of users. It should be noted that IoT capabilities are not inconsistent with maintaining privacy, due to the focus of public health on aggregate data not individual data and broad public health interventions. In addition, public health information systems utilizing IoT capabilities can be constructed to specifically ensure privacy, security and anonymity, as has been developed and evaluated in this work. In this paper we describe the particular characteristics of the IoT that can play a role in enabling emerging public health capabilities;we describe a privacy-preserving IoT-based public health information system architecture;and provide a privacy evaluation.

An Anonymous Authentication Scheme for Plugin Electric Vehicles Joining to Charging/Discharging Station in Vehicle-to-Grid(V2G) Networks

Incorporating electric vehicles into smart grid,vehicle-to-Grid(V2G) makes it feasible to charge for large-scale electric vehicles,and in turn support electric vehicles,as mobile and distributed storage units,to discharge to smart grid.In order to provide reliable and efficient services,the operator of V2 G networks needs to monitor realtime status of every plug-in electric vehicle(PEV) and then evaluate current electricity storage capability.Anonymity,aggregation and dynamic management are three basic but crucial characteristics of which the services of V2 G networks should be.However,few of existing authentication schemes for V2 G networks could satisfy them simultaneously.In this paper,we propose a secure and efficient authentication scheme with privacy-preserving for V2 G networks.The scheme makes the charging/discharging station authenticate PEVs anonymously and manage them dynamically.Moreover,the monitoring data collected by the charging/discharging station could be sent to a local aggregator(LAG)in batch mode.In particular,time overheads during verification stage are independent with the number of involved PEVs,and there is no need to update the membership certificate and key pair before PEV logs out.

Characterization of 14 anonymous nuclear loci in Pinus thunbergii and their cross-species transferability

We characterized 14 anonymous nuclear loci from Pinus thunbergii Parl., an important pine species native to Japan. One hundred and twenty-six single nucleotide polymorphisms （SNPs） were identified from these loci, giving a frequency of 1 SNP per 51 bp. Nucleotide di- versity （0） ranged from 1.06 × 10^-3 to 11.87 × 10^-3, with all average of 4.99 × 10^-3. Only one locus （mK45） deviated significantly from the Hardy-Weinberg equilibrium. Thirteen of 14 loci were applicable in other pine species. These loci will be useful for nucleotide variation studies and will provide material for SNP-based marker development in P. thun- bergii and related species.

Novel traveling quantum anonymous voting scheme via GHZ states

Based on traveling ballot mode,we propose a secure quantum anonymous voting via Greenberger–Horne–Zeilinger(GHZ)states.In this scheme,each legal voter performs unitary operation on corresponding position of particle sequence to encode his/her voting content.The voters have multiple ballot items to choose rather than just binary options“yes”or“no”.After counting votes phase,any participant who is interested in voting results can obtain the voting results.To improve the efficiency of the traveling quantum anonymous voting scheme,an optimization method based on grouping strategy is also presented.Compared with the most existing traveling quantum voting schemes,the proposed scheme is more practical because of its privacy,verifiability and non-repeatability.Furthermore,the security analysis shows that the proposed traveling quantum anonymous voting scheme can prevent various attacks and ensure high security.

Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

In three-party password authenticated key exchange （AKE） protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password- based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well- organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency.

An Anonymous Payment Protocol withMobile Agents in Hostile Environments

By using Pedersen's verifiable secret sharing scheme and the theory of crossvalidation, we propose an a-nonymous payment protocol which have following features: protecting theconfidentiality of sensitive payment information from spying by malicioushosts; using a trustedthird party in a minimal way; verifying the validity of the share by the merchant; allowing agent toverify that the product which it is a-bout to receive is the one it is paying for; keeping thecustomer anonymous.

Design on PKI-Based Anonymous Mobile Agent Security in E-Commerce

The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users＇ private information is becoming more important now and future. So an anonymous mobile agent security mechanism with the secure authentication infrastructure based on PKI （public key infrastructure） is proposed in the paper. The multi-agent system is programmed by java language and every agent must register itself in CA （certificate authority） before working in the net and express his legit identity which is temptly produced and used only once. The CA ensures the legal of all agents＇ identity which take part in communicaiton or trade. And every user agent identity only is used once which makes other agents cannot decipher users＇ private information. The security mechanism of the multi-agent system implements anonymity, integrity, data confidentiality of mobile agent based on the MH（multiple hop） integrity protection regard to PKI limit.