AES RSA-SM2 Algorithm against Man-in-the-Middle Attack in IEC 60870-5-104 Protocol

The IEC60870-5-104 protocol lacks an integrated authentication mechanism during plaintext transmission, and is vulnerable to security threats, monitoring, tampering, or cutting off communication connections. In order to verify the security problems of 104 protocol, the 104 master-slave communication implemented DoS attacks, ARP spoofing and Ettercap packet filtering and other man-in-the-middle attacks. DoS attacks may damage the network functions of the 104 communication host, resulting in communication interruption. ARP spoofing damaged the data privacy of the 104 protocol, and Ettercap packet filtering cut off the communication connection between the master and the slave. In order to resist the man-in-the-middle attack, the AES and RSA hybrid encryption signature algorithm and the national secret SM2 elliptic curve algorithm are proposed. AES and RSA hybrid encryption increases the security strength of communication data and realizes identity authentication. The digital signature implemented by the SM2 algorithm can realize identity verification, ensure that the data has not been tampered with, and can ensure the integrity of the data. Both of them improve the communication security of the 104 protocol.

A New Method for Meet-in-the-Middle Attacks on Reduced AES

A new 5-round distinguisher of AES with key whitening is presented by using the properties of its round transformation. Based on this distinguisher,we present new meet-in-the-middle attacks on reduced AES considering the key schedule and the time-memory tradeoff approach. New attacks improve the best known meet-in-the-middle attacks on reduced AES presented at FSE2008.We reduce the time complexity of attacks on 7-round AES-192 and 8-round AES-256 by a factor of at least 28. Moreover,the distinguisher can be exploited to develop the attack on 8-round AES-192.

Improving continuous-variable quantum key distribution under local oscillator intensity attack using entanglement in the middle

A modified continuous-variable quantum key distribution （CVQKD） protocol is proposed by originating the entangled source from a malicious third party Eve in the middle instead of generating it from the trustworthy Alice or Bob. This method is able to enhance the efficiency of the CVQKD scheme attacked by local oscillator （LO） intensity attack in terms of the generated secret key rate in quantum communication. The other indication of the improvement is that the maximum transmission distance and the maximum loss tolerance can be increased significantly, especially for CVQKD schemes based on homodyne detection.

Finite-size analysis of continuous-variable quantum key distribution with entanglement in the middle

Continuous-variable quantum key distribution(CVQKD) protocols with entanglement in the middle(EM) enable long maximal transmission distances for quantum communications. For the security analysis of the protocols, it is usually assumed that Eve performs collective Gaussian attacks and there is a lack of finite-size analysis of the protocols. However,in this paper we consider the finite-size regime of the EM-based CVQKD protocols by exposing the protocol to collective attacks and coherent attacks. We differentiate between the collective attacks and the coherent attacks while comparing asymptotic key rate and the key rate in the finite-size scenarios. Moreover, both symmetric and asymmetric configurations are collated in a contrastive analysis. As expected, the derived results in the finite-size scenarios are less useful than those acquired in the asymptotic regime. Nevertheless, we find that CVQKD with entanglement in the middle is capable of providing fully secure secret keys taking the finite-size effects into account with transmission distances of more than 30 km.

25轮T-TWINE-128的中间相遇攻击

T-TWINE-128是基于广义Feistel结构的轻量级可调分组密码,密钥长度为128比特,加密的数据块大小为64比特.由于轻量级分组密码在设计时为了追求更高的软硬件实现效率,往往会牺牲部分安全性,因此必须评估其安全强度.本文通过计算机编程得到了T-TWINE-128的轮密钥的一些线性关系,再结合调柄值生成算法的特性,利用区分器自动搜索算法,搜索出11轮T-TWINE-128的中间相遇攻击区分器,在此区分器前面接5轮,后面接9轮,形成25轮T-TWINE-128的中间相遇攻击路径,整个攻击过程共耗时652.39ms,攻击需要数据、时间和存储复杂度分别为256个选择明文、2126.41次加密、265个64比特块;最后搜索密钥编排算法的冗余性发现T-TWINE-128很难进行更高轮中间相遇攻击.

RAIN-128算法的中间相遇攻击

RAIN是一族SPN结构的轻量级分组密码算法,该算法具有软硬件实现效率高、安_全性强等特点。中间相遇攻击被广泛应用于分组密码算法的安全性分析中。该文通过分析RAIN-128的结构特性和截断差分特征,利用差分枚举技术分别构造了4轮和6轮中间相遇区分器,给出了8轮及10轮的中间相遇攻击。当攻击轮数为8轮时,预计算阶段的时间复杂度为2^(68)次8轮RAIN-128加密,存储复杂度为2^(75)bit,在线攻击阶段的时间复杂度为2^(109)次8轮加密,数据复杂度是2^(72)个选择明文;当攻击轮数为10轮时,预计算阶段的时间复杂度为2^(214)次10轮加密,存储复杂度为2^(219)bit,在线攻击阶段的时间复杂度为2^(109)次10轮加密,数据复杂度是2^(72)个选择明文,分析结果显示,RAIN-128可以抵抗中间相遇攻击,并具有较高的安全冗余。

改进的Joltik-BC-128算法的中间相遇攻击

Joltik-BC是在2014年亚密会上发布的一种轻量级可调分组密码算法,该算法采用替换-置换网络(SPN,substitution-permutation network)结构和Tweakey框架。通过研究Joltik-BC算法的内部特征,利用控制调柄差分方法,并结合差分枚举技术和S盒的差分特性,构造了6轮Joltik-BC-128算法的中间相遇区分器。利用此区分器改进了9轮Joltik-BC-128算法的中间相遇攻击结果。改进后的9轮Joltik-BC-128算法的中间相遇攻击的存储复杂度为244.91个长度为64的比特块,时间复杂度为248次9轮Joltik-BC-128加密。相比已有中间相遇攻击结果,该算法的时间复杂度和存储复杂度均显著降低。

改进的减轮E2算法中间相遇攻击

E2算法是AES首轮征集的15个候选算法之一,具有优良的软硬件实现效率和较强的安全性。该文利用多重集和差分枚举技术,对E2算法进行中间相遇攻击。首先以E2-128为例,改进了已有的4轮中间相遇区分器,将5轮密钥恢复攻击预计算复杂度降低为2^(31)次5轮算法加密。其次针对E2-256,将所得区分器向后增加两轮,构造了6轮中间相遇区分器,并实现了9轮中间相遇攻击,攻击所需的数据复杂度为2^(105)个选择明文,存储复杂度为2^(200)Byte,时间复杂度为2^(205)次9轮算法加密。与现有对E2算法的安全性分析结果相比,该文实现了对E2-256最长轮数的攻击。

Camellia和CLEFIA的自动化中间相遇攻击

中间相遇(MitM)是一种高效构造哈希函数原像和碰撞攻击的策略.近年来,基于混合整数线性规划(MILP)的MitM原像、碰撞和密钥恢复攻击被广泛应用于AES-like密码学原语.在ASIACRYPT 2023上,Hou等人将自动化MitM攻击扩展到具有Feistel或广义Feistel结构的哈希函数中,其关注的(广义)Feistel结构轮函数的线性变换层往往是基于MDS矩阵构造.在实际密码设计中,轮函数线性变换可以有多种构造方式,而不一定基于MDS矩阵设计.本文将针对一般化的轮函数线性变换进行自动化MitM攻击建模,提出了n-XOR的模型,将输出字描述为任意数目输入字的异或,并应用在一般化的布尔矩阵中.结合Hou等人的模型,对ISO标准分组密码Camellia和CLEFIA哈希模式原像进行分析.对于省略了白化层和FL/FL^(−1)变换的弱化Camellia-MMO,最高可以搜索到14轮的中间相遇原像特征;对于CLEFIA-MMO,在适当增加存储的代价下,最高搜索到13轮的中间相遇原像特征.两个攻击的时间复杂度均为2^(120),相较于之前的最优结果(Sasaki,ACNS 2013),攻击轮数均有1轮的提高.

一种Deoxys-BC算法的中间相遇攻击方法

Deoxys-BC密码算法是在2014年亚密会上发布的一种轻量级可调分组密码算法,该算法的设计采用SPN结构和TWEAK框架。通过研究Deoxys-BC密码算法的内部特征与密钥扩展的特点,利用控制调柄差分的方法,并结合差分枚举技术和轮密钥调柄差分叠加消除特性,构造6轮Deoxys-BC-256和7轮Deoxys-BC-384的中间相遇区分器。利用此区分器,通过减少猜测的字节量,来达到降低复杂度的效果,改进了9轮Deoxys-BC-256和11轮Deoxys-BC-384中间相遇攻击的结果。相比Deoxys-BC系列密码算法现有的中间相遇攻击结果,该攻击的时间复杂度和存储复杂度均大幅下降。

CTA结合临床特征预测中高海拔地区伴头颈部动脉粥样硬化的TIA患者脑梗死风险研究

目的 基于头颈部CTA结合临床特征,探讨中高海拔地区伴头颈部动脉粥样硬化的TIA患者1年内发生脑梗死的危险因素,并构建风险预测模型,评价其预测效能。方法 采用回顾性分析,连续纳入2018年1月—2021年9月青海省第五人民医院收治的TIA患者(居住海拔2000~3000 m),所有患者均经头颈部CTA证实存在动脉粥样硬化斑块。随访1年,根据是否发生脑梗死分为未梗死组与梗死组。首先对两组患者的临床资料和头颈部CTA检查结果进行单因素分析,筛选出有意义的变量,再通过多因素logistic回归分析脑梗死的独立影响因素,构建TIA后1年内发生脑梗死的风险预测模型以绘制ROC曲线。结果 初步纳入患者111例。随访中出现9例失访,1例于外院放置颈动脉支架,1例发生硬膜下血肿,均不符合最终的纳入标准。最终纳入100例患者,其中梗死组26例,未梗死组74例。单因素分析显示梗死组ABCD2评分高于未梗死组[4.00(3.75~5.00)分vs. 3.00(2.00~4.00)分,P=0.004];梗死组高血压分级>1级(69.23%vs. 41.89%,P=0.022)、具不稳定斑块(88.46%vs. 67.57%,P=0.039)、血管中重度狭窄(53.85%vs. 12.16%,P<0.001)和不稳定斑块累及血管数>1支(69.23%vs. 31.08%,P=0.001)的患者比例高于未梗死组,以上差异均有统计学意义。logistic回归分析显示,高血压分级>1级、ABCD2评分偏高及血管中重度狭窄是TIA后1年内发生脑梗死的独立危险因素,其风险预测模型为:P=1/[1+exp(-4.782+1.407×高血压分级+0.574×ABCD2评分+2.734×血管狭窄程度)]。该模型预测脑梗死的AUC为0.848(95%CI 0.763~0.933),敏感度为92.31%,特异度为70.27%。结论 高血压分级>1级、ABCD2评分偏高及血管中重度狭窄是中高海拔地区伴头颈部动脉粥样硬化的TIA患者1年内发生脑梗死的危险因素,三者联合构建的预测模型对脑梗死有良好的预测价值。

MANTIS_(4.5)密码算法的中间相遇攻击

MANTIS密码算法是一种轻量级可调分组密码算法,该算法采用代换—置换网络(Substitution-Permutation Network,SPN)结构和TWEAKEY框架。通过研究MANTIS密码算法结构特点,利用多重集、相关密钥筛选以及密钥桥等技术手段,构造了一个r=3的MANTIS算法的中间相遇区分器。利用此区分器,实现了r=4.5的MANTIS算法中间相遇攻击,攻击的存储复杂度为268个128比特块,数据复杂度为253个选择明文,时间复杂度为2121.8次MANTIS_(4.5)加密。

基于CNN-BiGRU的DNS协议中间人攻击检测方法

针对基于DNS协议的中间人攻击检测准确率不高且特征选取不够充分、缺乏显著有效特征的问题,本文提出一种基于卷积神经网络的双向门控循环单元的检测方法CNN-BiGRU,用于检测DNS协议的中间人攻击。该方法首先通过引入关键特征资源记录,通过卷积神经网络提取特征获得中间人攻击流量时间序列信息,最终将组合特征输入双向门控循环单元实现对中间人攻击的检测。该方法在自建Jefe数据集中准确率达99.67%,精确率为99.68%,召回率为99.42%,F1-score为99.47%,能够有效地检测DNS中间人攻击。

血清中性粒细胞胞外陷阱水平与短暂性脑缺血患者大脑中动脉粥样硬化斑块特征的关系及对近期脑卒中的预测研究

目的分析血清中性粒细胞胞外陷阱(NETs)水平与短暂性脑缺血患者大脑中动脉粥样硬化斑块特征的关系及对近期脑卒中的预测效能。方法回顾性选择自2021年1月至2023年7月咸阳市中心医院收治的120例短暂性脑缺血患者作为研究对象,随访6个月,根据患者是否发生脑卒中,将其分为脑卒中组(n=32)和非脑卒中组(n=88)。所有患者在入组时均检测血清NETs的标记物游离DNA(cf-DNA/NETs),对大脑中动脉开展三维高分辨磁共振成像检查,定量测量大脑中动脉粥样硬化斑块特征(大脑中动脉狭窄率、斑块负荷百分比、斑块面积、重构指数、偏心指数)。比较脑卒中组和非脑卒中组血清cf-DNA/NETs表达水平、大脑中动脉粥样硬化斑块特征;采用Pearson相关性分析对血清cf-DNA/NETs与大脑中动脉粥样硬化斑块特征的关系进行分析;使用多因素Logistic回归分析对影响短暂性脑缺血患者近期脑卒中的因素进行分析;通过受试者操作特征(ROC)曲线评价血清cf-DNA/NETs与大脑中动脉粥样硬化斑块特征对短暂性脑缺血患者近期脑卒中的预测效能。结果脑卒中组血清cf-DNA/NETs表达水平为(480.51±89.87)ng/mL,高于非脑卒中组[(158.72±41.26)ng/mL],脑卒中组大脑中动脉狭窄率、斑块负荷百分比、斑块面积、重构指数、偏心指数分别为(71.15±7.08)%、(29.56±7.67)%、(6.55±1.79)mm 2、0.95±0.19、0.80±0.27,均大于非脑卒中组[(65.23±5.43)%、(23.25±4.51)%、(5.27±0.86)mm 2、0.76±0.13、0.56±0.16],差异均有统计学意义(P<0.05)。经Pearson相关性分析,短暂性脑缺血患者血清cf-DNA/NETs表达水平与大脑中动脉狭窄率、斑块负荷百分比、斑块面积、重构指数、偏心指数均呈正相关(r=0.325、0.416、0.387、0.379、0.423,P<0.05)。经多因素Logistic回归分析,血清cf-DNA/NETs、斑块负荷百分比、重构指数和偏心指数均是短暂性脑缺血患者近期脑卒中的独立危险因素(P<0.05)。经ROC曲线分析,血清cf-DNA/NETs预测短暂性脑缺血患者近期脑卒中的曲线下面积(AUC)为0.900,大于斑块负荷百分比、重构指数或偏心指数的AUC(P<0.05)。结论NETs在短暂性脑缺血患者血清中呈高表达,与大脑中动脉粥样硬化斑块特征密切相关,且预测近期脑卒中的效能较好,值得进一步研究应用。

基于时间特征的HTTPS中间人攻击检测方法

中间人攻击是网络攻击的一种常用手段,其中超文本传输安全(Hypertext Transfer Protocol Secure,HTTPS)协议的中间人攻击危害较大,已有检测方法主要面向单客户端,以证书匹配验证为主要手段,部署成本和性能开销较高。通过分析SSL(Secure Sockets Layer)握手阶段的密钥协商、证书验证等关键报文,提出基于时间特征的HTTPS中间人攻击检测方法,从流量角度提供了一种检测思路,具有更广泛的适用场景。实验结果表明,该方法在互联网环境测试数据集下具有较高的准确率。

论Man-in-the-Middle Attack对“云”资源威胁

本文主要论述了Man-in-the-Middle Attack(中间人攻击)原理以及中间人攻击如何对"云"资源进行攻击可行性,并讨论了相应的防御机制,最后对云资源安全做出了总结和展望。

A Dual Detection Method for Siemens Inverter Motor Modbus RTU Attack

Since the Modbus RTU wired communication protocol of Siemens variable frequency motors is unstable and lacks a protection mechanism, there is a risk of user information leakage. Aiming at the problems of insufficient flexibility of traditional defense methods and poor defense effects, The present work proposed a new dual detection method based on MODBUS RTU, which combines the dual monitoring mechanism of “Address Resolution Protocol (ARP) request detection” and “ARP response detection”. In order to improve detection efficiency, two real-time updated linear tables are introduced, which can effectively deal with the three ARP spoofing methods of updating the ARP buffer. Based on the analysis of the hidden dangers of the Modbus RTU wired communication protocol, a wired connection between the S7-1200 PLC and the variable frequency motor was established, and a real experimental platform was constructed to demonstrate the attack. The intensity of ARP attacks has gradually increased over time. Through comparative experiments with traditional defense methods, it is proved that the algorithm enhances the protocol mechanism in principle, and is more flexible and reliable than traditional methods.

Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense

Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim’s machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker’s machine. This enables the attacker to inspect victim’s data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.

PRESENT轻量级密码的中间相遇统计故障分析

PRESENT算法是于2007年在国际密码硬件与嵌入式系统会议提出的一种轻量级分组密码,2012年成为国际轻量级算法标准ISO/IEC-29192-2,适用于物联网中射频识别标签、网络传感器、智能卡等设备的数据保护.本文结合PRESENT密码的设计结构和实现特点,基于统计分析和中间相遇分析策略,提出了一种中间相遇统计故障分析方法,设计了皮尔逊相关系数-汉明重量、库尔贝克莱布勒散度-汉明重量区分器和杰卡德相似系数-汉明重量-极大似然估计等区分器,可以分别破译PRESENT密码全部版本的80比特和128比特原始密钥.该方法攻击轮数更深,故障数和耗时更少,有效地扩展了攻击范围,提升了攻击能力.结果表明,中间相遇统计故障分析对PRESENT密码构成了严重威胁.该研究为轻量级密码的实现安全研究提供了有价值的参考.

多AES分组杂凑模型原像攻击研究

压缩函数采用高级加密标准AES(Advanced Encryption Standard)的杂凑模型是杂凑函数设计的重要方式之一,研究者已经提出了针对7轮单AES分组杂凑模型的原像攻击和6轮单AES分组杂凑模型的碰撞攻击,而针对多AES分组的杂凑模型安全性仍未知.本文提出了适应于后量子时代的两AES分组和四AES分组的杂凑函数模型的原像攻击,该攻击中采用了初始结构、连接剪切、部分匹配等技巧,恢复了7轮双AES分组和6轮四AES分组的杂凑函数的原像,与已有7轮单AES分组杂凑模型的原像攻击相比,双AES分组杂凑模型可以达到几乎相当的安全强度,而四AES分组杂凑模型安全强度更强.此研究成果是对AES分组杂凑模型原像攻击的一个重要补充,为AES分组杂凑模型的设计提供了有力的理论保障.