Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practic...Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practical multi-party quantum communication. In order to mitigate the experimental complexity of MDI-QCC and remove the key assumption(the sources are trusted) in MDI-QCC, we extend the framework of MDI-QKD with an untrusted source to MDI-QCC and give the rigorous security analysis of MDI-QCC with an untrusted source. What is more, in the security analysis we clearly provide a rigorous analytical method for parameters' estimation, which with simple modifications can be applied to not only MDI-QKD with an untrusted source but also arbitrary multi-party communication protocol with an untrusted source. The simulation results show that at reasonable distances the asymptotic key rates for the two cases(with trusted and untrusted sources) almost overlap, which indicates the feasibility of our protocol.展开更多
When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models ...When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models use formalized approach to describe the frame of cryptology and the structure of cryptographic function, complete the mapping from cryptographic function property to its architecture, and accomplish the result presentation of data analysis and mapping at last. The model can solve two problems: the first one is to know the hierarchy of the cryptographic function in the library well;the second one is to know some kinds of information, such as related cryptology algorithm and protocol, etc. These function implements can display the result graphically. The model can find relevant knowledge for the analysts automatically and rapidly, which is helpful to the learning of the overall abstract structure of cryptology.展开更多
The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their...The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.展开更多
Watermarking is an effective approach to the copyright protection of digital media such as audio, image, and video. By inspiration from cryptography and considering the immensity of the set of all possible wavelets, i...Watermarking is an effective approach to the copyright protection of digital media such as audio, image, and video. By inspiration from cryptography and considering the immensity of the set of all possible wavelets, it is presented that in wavelet domain watermarking, the associated wavelet can be considered as the private key for encrypting the watermark so as to enhance the security of the embedded mark. This idea is partly supported by the fact that from computational complexity viewpoint, it is very time-consuming to search over the immense set of all candidate wavelets for the right one if no a priori knowledge is known about it. To verify our proposal, the standard image 'Lena' is first watermarked in a specific wavelet domain, the watermark recovery experiments are then conducted in the wavelet domain for a set of wavelets with the one used for mark embedded in it,separately. It follows from the experimental results that the mark can be recovered only in the right wavelet domain, which justifies the suggestion.展开更多
Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerpr...Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.展开更多
With the increasing of communication applications in recent years, the demand for radio spectral resources has increased significantly. Cognitive radio scenario was proposed to improve spectrum efficiency in wireless ...With the increasing of communication applications in recent years, the demand for radio spectral resources has increased significantly. Cognitive radio scenario was proposed to improve spectrum efficiency in wireless communication systems. In cognitive radio network, it is essential that control information is sent securely and reliably. Ensuring the trustworthiness of the transmitting of spectrum sensing information is important in the CR networks since spectrum sensing directly affects spectrum management and incumbent coexistence. In this paper, the first secondary link channel model is presented, then a secure LT Code is proposed to be compatible with presented channel model and acquires good QoS. As we may know, LT code overcomes packet loss when the channel of the SU is reclaimed by PU. In the new proposed combined encoding and ciphered block, a LT code matrix is used to generate a symmetric cryptographic key. Thus, less complexity observed in the processing computation. Besides, cryptographic key is not sent over the channel. As a result, an attacker has no way to eavesdrop the key unless he is prepared to consider all possible key combinations. This replaced block supplies secure controlling channel and increases spectrum efficiency too.展开更多
When initializing cryptographic systems or running cryptographic protocols, the randomness of critical parameters, like keys or key components, is one of the most crucial aspects. But, randomly chosen parameters come ...When initializing cryptographic systems or running cryptographic protocols, the randomness of critical parameters, like keys or key components, is one of the most crucial aspects. But, randomly chosen parameters come with the intrinsic chance of duplicates, which finally may cause cryptographic systems including RSA, ElGamal and Zero-Knowledge proofs to become insecure. When concerning digital identifiers, we need uniqueness in order to correctly identify a specific action or object. Unfortunately we also need randomness here. Without randomness, actions become linkable to each other or to their initiator’s digital identity. So ideally the employed (cryptographic) parameters should fulfill two potentially conflicting requirements simultaneously: randomness and uniqueness. This article proposes an efficient mechanism to provide both attributes at the same time without highly constraining the first one and never violating the second one. After defining five requirements on random number generators and discussing related work, we will describe the core concept of the generation mechanism. Subsequently we will prove the postulated properties (security, randomness, uniqueness, efficiency and privacy protection) and present some application scenarios including system-wide unique parameters, cryptographic keys and components, identifiers and digital pseudonyms.展开更多
In order to solve the problems resulted from dynamic access control in a userhierarchy, a cryptographic key assignment scheme is proposed by Prof. Lin to promote the performingability and to simplify the procedure. Ho...In order to solve the problems resulted from dynamic access control in a userhierarchy, a cryptographic key assignment scheme is proposed by Prof. Lin to promote the performingability and to simplify the procedure. However, it may cause the security in danger as the userchanges his secret key; besides, some secret keys may be disclosed due to the unsuitable selectionof the security classes' identities. Through setting up a one-way hash function onto Lin's scheme,the proposed modification can greatly improve the security of Lin's scheme.展开更多
Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. Thi...Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham's protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user's secret key and it is very beneficial to today's communication with portable devices.展开更多
基金supported by the National Basic Research Program of China(Grant No.2013CB338002)the National Natural Science Foundation of China(Grant Nos.11304397 and 61505261)
文摘Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practical multi-party quantum communication. In order to mitigate the experimental complexity of MDI-QCC and remove the key assumption(the sources are trusted) in MDI-QCC, we extend the framework of MDI-QKD with an untrusted source to MDI-QCC and give the rigorous security analysis of MDI-QCC with an untrusted source. What is more, in the security analysis we clearly provide a rigorous analytical method for parameters' estimation, which with simple modifications can be applied to not only MDI-QKD with an untrusted source but also arbitrary multi-party communication protocol with an untrusted source. The simulation results show that at reasonable distances the asymptotic key rates for the two cases(with trusted and untrusted sources) almost overlap, which indicates the feasibility of our protocol.
文摘When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models use formalized approach to describe the frame of cryptology and the structure of cryptographic function, complete the mapping from cryptographic function property to its architecture, and accomplish the result presentation of data analysis and mapping at last. The model can solve two problems: the first one is to know the hierarchy of the cryptographic function in the library well;the second one is to know some kinds of information, such as related cryptology algorithm and protocol, etc. These function implements can display the result graphically. The model can find relevant knowledge for the analysts automatically and rapidly, which is helpful to the learning of the overall abstract structure of cryptology.
基金the National Natural Science Foundation of China (60773086)
文摘The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation (K-CI) resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.
基金Funded by the visit scholar Foundation of the Electrooptical Technique & System key Lab of Chinese Ministry of Education in Chongqing.
文摘Watermarking is an effective approach to the copyright protection of digital media such as audio, image, and video. By inspiration from cryptography and considering the immensity of the set of all possible wavelets, it is presented that in wavelet domain watermarking, the associated wavelet can be considered as the private key for encrypting the watermark so as to enhance the security of the embedded mark. This idea is partly supported by the fact that from computational complexity viewpoint, it is very time-consuming to search over the immense set of all candidate wavelets for the right one if no a priori knowledge is known about it. To verify our proposal, the standard image 'Lena' is first watermarked in a specific wavelet domain, the watermark recovery experiments are then conducted in the wavelet domain for a set of wavelets with the one used for mark embedded in it,separately. It follows from the experimental results that the mark can be recovered only in the right wavelet domain, which justifies the suggestion.
基金This project was supported by the National Science Foundation of China (60763009)China Postdoctoral Science Foundation (2005038041)Hainan Natural Science Foundation (80528).
文摘Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.
文摘With the increasing of communication applications in recent years, the demand for radio spectral resources has increased significantly. Cognitive radio scenario was proposed to improve spectrum efficiency in wireless communication systems. In cognitive radio network, it is essential that control information is sent securely and reliably. Ensuring the trustworthiness of the transmitting of spectrum sensing information is important in the CR networks since spectrum sensing directly affects spectrum management and incumbent coexistence. In this paper, the first secondary link channel model is presented, then a secure LT Code is proposed to be compatible with presented channel model and acquires good QoS. As we may know, LT code overcomes packet loss when the channel of the SU is reclaimed by PU. In the new proposed combined encoding and ciphered block, a LT code matrix is used to generate a symmetric cryptographic key. Thus, less complexity observed in the processing computation. Besides, cryptographic key is not sent over the channel. As a result, an attacker has no way to eavesdrop the key unless he is prepared to consider all possible key combinations. This replaced block supplies secure controlling channel and increases spectrum efficiency too.
文摘When initializing cryptographic systems or running cryptographic protocols, the randomness of critical parameters, like keys or key components, is one of the most crucial aspects. But, randomly chosen parameters come with the intrinsic chance of duplicates, which finally may cause cryptographic systems including RSA, ElGamal and Zero-Knowledge proofs to become insecure. When concerning digital identifiers, we need uniqueness in order to correctly identify a specific action or object. Unfortunately we also need randomness here. Without randomness, actions become linkable to each other or to their initiator’s digital identity. So ideally the employed (cryptographic) parameters should fulfill two potentially conflicting requirements simultaneously: randomness and uniqueness. This article proposes an efficient mechanism to provide both attributes at the same time without highly constraining the first one and never violating the second one. After defining five requirements on random number generators and discussing related work, we will describe the core concept of the generation mechanism. Subsequently we will prove the postulated properties (security, randomness, uniqueness, efficiency and privacy protection) and present some application scenarios including system-wide unique parameters, cryptographic keys and components, identifiers and digital pseudonyms.
文摘In order to solve the problems resulted from dynamic access control in a userhierarchy, a cryptographic key assignment scheme is proposed by Prof. Lin to promote the performingability and to simplify the procedure. However, it may cause the security in danger as the userchanges his secret key; besides, some secret keys may be disclosed due to the unsuitable selectionof the security classes' identities. Through setting up a one-way hash function onto Lin's scheme,the proposed modification can greatly improve the security of Lin's scheme.
基金Supported by the National Natural Science Foundation of China (60873233)the Nature Science Foundation of Shaanxi Province, China (2006F19)the Technology Research Program of Xi’an, China (CXY08016)
文摘Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham's protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user's secret key and it is very beneficial to today's communication with portable devices.
