Blockchain-Based Key Management Scheme Using Rational Secret Sharing

Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes have become a research focus for blockchain private key protection.The security of private keys for blockchain user wallet is highly related to user identity authentication and digital asset security.The threshold blockchain private key management schemes based on verifiable secret sharing have made some progress,but these schemes do not consider participants’self-interested behavior,and require trusted nodes to keep private key fragments,resulting in a narrow application scope and low deployment efficiency,which cannot meet the needs of personal wallet private key escrow and recovery in public blockchains.We design a private key management scheme based on rational secret sharing that considers the self-interest of participants in secret sharing protocols,and constrains the behavior of rational participants through reasonable mechanism design,making it more suitable in distributed scenarios such as the public blockchain.The proposed scheme achieves the escrow and recovery of personal wallet private keys without the participation of trusted nodes,and simulate its implementation on smart contracts.Compared to other existing threshold wallet solutions and keymanagement schemes based on password-protected secret sharing(PPSS),the proposed scheme has a wide range of applications,verifiable private key recovery,low communication overhead,higher computational efficiency when users perform one-time multi-key escrow,no need for trusted nodes,and personal rational constraints and anti-collusion attack capabilities.

Analysis and Application of Endogenous Wireless Security Principle for Key Generation

The open and broadcast nature of wireless channels leads to the inherent security problem of information leakage in wireless communication.We can utilize endogenous security functions to resolve this problem.The fundamental solution is channel-based mechanisms,like physical layer secret keys.Unfortunately,current investigations have not fully exploited the randomness of wireless channels,making secret key rates not high.Consequently,user data can be encrypted by reducing the data rate to match the secret key rate.Based on the analysis of the endogenous wireless security principle,we proposed that the channel-based endogenous secret key rate can nearly match the maximum data rate in the fast-fading environments.After that,we validated the proposition in an instantiation system with multiple phase shift keying(MPSK)inputs from the perspectives of both theoretical analysis and simulation experiments.The results indicate that it is possible to accomplish the onetime pad without decreasing the data rate via channelbased endogenous keys.Besides,we can realize highspeed endogenously secure transmission by introducing independent channels in the domains of frequency,space,or time.The conclusions derived provide a new idea for wireless security and promote the application of the endogenous security theory.

Key Management Using Chebyshev Polynomials for Mobile Ad Hoc Networks

A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mobile Ad hoc Networks(MANETs). The polynomial interpolation by Lagrange and curve fitting requires high computational efforts for higher order polynomials and moreover they are susceptible to Runge's phenomenon. The Chebyshev polynomials are secure, accurate, and stable and there is no limit to the degree of the polynomials. The distributed key management is a big challenge in these time varying networks. In this work, the Chebyshev polynomials are used to perform key management and tested in various conditions. The secret key shares generation, symmetric key construction and key distribution by using Chebyshev polynomials are the main elements of this projected work. The significance property of Chebyshev polynomials is its recursive nature. The mobile nodes usually have less computational power and less memory, the key management by using Chebyshev polynomials reduces the burden of mobile nodes to implement the overall system.

A Key Recovery System Based on Password-Protected Secret Sharing in a Permissioned Blockchain

In today’s fourth industrial revolution,various blockchain technologies are being actively researched.A blockchain is a peer-to-peer data-sharing structure lacking central control.If a user wishes to access stored data,she/he must employ a private key to prove ownership of the data and create a transaction.If the private key is lost,blockchain data cannot be accessed.To solve such a problem,public blockchain users can recover the key using a wallet program.However,key recovery in a permissioned blockchain(PBC)has been but little studied.The PBC server is Honest-but-Curious(HBC),and should not be able to learn anything of the user;the server should simply recover and store the key.The server must also be resistant to malicious attacks.Therefore,key recovery in a PBC must satisfy various security requirements.Here,we present a password-protected secret sharing(PPSS)key recovery system,protected by a secure password from a malicious key storage server of a PBC.We describe existing key recovery schemes and our PPSS scheme.

SECRET KEY SHARING SCHEME BASED ON THE THEORY OF ALGEBRAIC SEMIGROUPS

How to distribute a secret key information to n authorized departments, denoted as: S1, S2,…, Sn, respectively. For every autherized department Si(i = 1,2,… ,n), there are qi authorized persons, and every authorized person has the same secret key information as that of any other authorized persons in the same authorized department. The secret key information can be reconstructed completely from the secret key information of any k authorized persons, if there is at least one authorized person included for every authorized department. But other cases, the secret key information cannot be reconstructed completely. In this paper, based on the algebraic semigroup theory, a secret key sharing scheme is proposed, which can satisfy the demand.

Key Technologies of 3G WCDMA Network Sharing

Based on the latest research findings of 3GPP on network sharing, this paper introduces 4 solutions to WCDMA 3G network sharing: site sharing, common network sharing, geographically split network sharing, and radio access network sharing. It also analyzes the key network sharing technologies, including the lu-Flex function in Release 5, the UTRAN sharing mechanism in the connected mode in Release 5 and the mechanism of network sharing support enhancement in Release 6.

NTRU_SSS:Anew Method Signcryption Post Quantum Cryptography Based on Shamir’s Secret Sharing

With the advent of quantum computing,numerous efforts have been made to standardize post-quantum cryptosystems with the intention of(eventually)replacing Elliptic Curve Cryptography(ECC)and Rivets-Shamir-Adelman(RSA).A modified version of the traditional N-Th Degree Truncated Polynomial Ring(NTRU)cryptosystem called NTRU Prime has been developed to reduce the attack surface.In this paper,the Signcryption scheme was proposed,and it is most efficient than others since it reduces the complexity and runs the time of the code execution,and at the same time,provides a better security degree since it ensures the integrity of the sent message,confidentiality of the data,forward secrecy when using refreshed parameters for each session.Unforgeability to prevent the man-in-the-middle attack from being active or passive,and non-repudiation when the sender can’t deny the recently sent message.This study aims to create a novel NTRU cryptography algorithm system that takes advantage of the security features of curve fitting operations and the valuable characteristics of chaotic systems.The proposed algorithm combines the(NTRU Prime)and Shamir’s Secret Sharing(SSS)features to improve the security of the NTRU encryption and key generation stages that rely on robust polynomial generation.Based on experimental results and a comparison of the time required for crucial exchange between NTRU-SSS and the original NTRU,this study shows a rise in complexity with a decrease in execution time in the case when compared to the original NTRU.It’s encouraging to see signs that the suggested changes to the NTRU work to increase accuracy and efficiency.

Enhanced Rsa (Ersa): An Advanced Mechanism for Improving the Security

Cloud computing has become ubiquitous in our daily lives in recent years.Data are the source of technology that is generated hugely by various sources.Big data is dealing with huge data volumes or complex data.The major concern in big data is security threats.Security concerns create a negative impact on the user on the aspect of trust.In big data still,security threats exist as com-monly known as DDOS(Distributed-Denial-of-Service)attacks,data loss,Inade-quate Data Backups,System Vulnerabilities,and Phishing as well as Social Engineering Attacks.In our work,we have taken the data loss and Inadequate Data Backups issues into consideration.We analyze that RSA(Rivest,Shamir,&Adleman)is the most secure cryptography mechanism.In cloud computing,user authentication is the weaker section to be secured.Generally,the cryptogra-phy mechanism is done in the authentication section only.We implemented our new idea of registration with selected images and pins for processing RSA.By valid authentication approval earned by the proposed mechanism,the user is allowed to use the cloud database,encryption,decryption,etc.To prove the effi-ciency level of our proposed system,a comparison work is conducted between DSSE(Digital Signature Standard Encryption)and EFSSA(Efficient framework for securely sharing afile using asymmetric key distribution management).The experimental work is carried out and the performance evaluation is done using encryption time and decryption time analysis,throughput,and processing time.On this observation,the security level attained by ERSA is far better in compar-ison to DSSE and EFSSA with the maximum throughput attained by the proposed E-RSA being 500 Mb/Min and encryption time of 3.2 s,thus ensuring the user trust in using the cloud environment.

One-Time Rational Secret Sharing Scheme Based on Bayesian Game

The rational secret sharing cannot be realized in the case of being played only once, and some punishments in the one-time rational secret sharing schemes turn out to be empty threats. In this paper, after modeling 2-out-of-2 rational secret sharing based on Bayesian game and considering different classes of protocol parties, we propose a 2-out-of-2 secret sharing scheme to solve cooperative problem of a rational secret sharing scheme being played only once. Moreover, we prove that the strategy is a perfect Bayesian equilibrium, adopted only by the parties in their decision-making according to their belief system （denoted by the probability distribution） and Bayes rule, without requiring simultaneous channels.

Application of PowerBuilder User Objects in Developing Distributed Programs

User Objects are the basement in developing distributed PowerBuilder applications. There are two kinds of PowerBuilder objects: visual objects and non-visual objects. Usually we use non-visual objects to perform the PowerBuilder distriuted application. This paper introduces the method of developing PowerBuilder distributed application program, mainly discusses the application of nonvisual objects when developing PowerBuilder distributed application programs.

SAC-TA: A Secure Area Based Clustering for Data Aggregation Using Traffic Analysis in WSN

Clustering is the most significant task characterized in Wireless Sensor Networks (WSN) by data aggregation through each Cluster Head (CH). This leads to the reduction in the traffic cost. Due to the deployment of the WSN in the remote and hostile environments for the transmission of the sensitive information, the sensor nodes are more prone to the false data injection attacks. To overcome these existing issues and enhance the network security, this paper proposes a Secure Area based Clustering approach for data aggregation using Traffic Analysis (SAC-TA) in WSN. Here, the sensor network is clustered into small clusters, such that each cluster has a CH to manage and gather the information from the normal sensor nodes. The CH is selected based on the predefined time slot, cluster center, and highest residual energy. The gathered data are validated based on the traffic analysis and One-time Key Generation procedures to identify the malicious nodes on the route. It helps to provide a secure data gathering process with improved energy efficiency. The performance of the proposed approach is compared with the existing Secure Data Aggregation Technique (SDAT). The proposed SAC-TA yields lower average energy consumption rate, lower end-to-end delay, higher average residual energy, higher data aggregation accuracy and false data detection rate than the existing technique.

SSEM： Secure, Scalable and Efficient Multi-Owner Data Sharing in Clouds

Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.

无限云网络可靠性建设：一种新的健壮且节能的网络拓扑控制方法(英文)

The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptographic protection on wireless communication respectively, as well as minimizing energy consumption (i.e., Green criteria) by switching off unnecessary resources as much as possible. There is a contradiction to satisfy both Blue and Green design criteria simultaneously. In this paper, we propose a new BlueGreen topological control scheme to leverage the wireless link connectivity for WCNs using an adaptive encryption key allocation mechanism, named as Shared Backup Path Keys (SBPK). The BlueGreen SBPK can take into account the network dependable requirements such as service resilience, security assurance and energy efficiency as a whole, so as trading off between them to find an optimal solution. Actually, this challenging problem can be modeled as a global optimization problem, where the network working and backup elements such as nodes, links, encryption keys and their energy consumption are considered as a resource, and their utilization should be minimized. The case studies confirm that there is a trade-off optimal solution between the capacity efficiency and energy efficiency to achieve the dependable WCNs.

An Effective Secure MAC Protocol for Cognitive Radio Networks

The vast revolution in networking is increasing rapidly along with tech-nology advancements,which requires more effort from all cyberspace profes-sionals to cope with the challenges that come with advanced technology privileges and services.Hence,Cognitive Radio Network is one of the promising approaches that permit a dynamic type of smart network for improving the utili-zation of idle spectrum portions of wireless communications.However,it is vul-nerable to security threats and attacks and demands security mechanisms to preserve and protect the cognitive radio networks for ensuring a secure commu-nication environment.This paper presents an effective secure MAC protocol for cognitive radio networks,significantly enhancing the security level of the existing DSMCRN and SSMCRN protocols by eliminating the authentication server’s necessity,which can be a single point of failure to compromise the entire network communication.The proposed protocol has proven to be effective and reliable since it does not rely on a centralized entity for providing the required security for a single pair of cognitive users.The protocol also improves the performance in the context of fast switching to data channels leading to higher throughput is achieved compared to the benchmark protocols.

Cryptographic Protocols Based on Nielsen Transformations

We introduce in this paper cryptographic protocols which use combinatorial group theory. Based on a combinatorial distribution of shares we present secret sharing schemes and cryptosystems using Nielsen transformations. Nielsen transformations are a linear technique to study free groups and general infinite groups. In addition the group of all automorphisms of a free group F, denoted by AUT (F), is generated by a regular Nielsen transformation between two basis of F, and each regular Nielsen transformation between two basis of F defines an automorphism of F.

Public key based bidirectional shadow image authentication without pixel expansion in image secret sharing

Image secret sharing(ISS)is gaining popularity due to the importance of digital images and its wide application to cloud-based distributed storage and multiparty secure computing.Shadow image authentication generally includes shadow image detection and identification,and plays an important role in ISS.However,traditional dealer-participatory methods,which suffer from significant pixel expansion or storing auxiliary information,authenticate the shadow image mainly during the decoding phase,also known as unidirectional authentication.The authentication of the shadow image in the distributing(encoding)phase is also important for the participant.In this study,we introduce a public key based bidirectional shadow image authentication method in ISS without pixel expansion for a(k,n)threshold.When the dealer distributes each shadow image to a corresponding participant,the participant can authenticate the received shadow image with his/her private key.In the decoding phase,the dealer can authenticate each received shadow image with a secret key;in addition,the dealer can losslessly decode the secret image with any k or more shadow images.The proposed method is validated using theoretical analyses,illustrations,and comparisons.

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

In current cloud computing system, large amounts of sensitive data are shared to other cloud users.To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption(PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE(CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational DiffieHellman(CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.

Security of account and privacy of transaction for bitcoin

As a kind of cryptocurrency, bitcoin has attracted much attention with its decentralization. However, there is two problems in the bitcoin transactions ： the account security and transaction privacy. In view of the above problems, a new partially blind threshold signature scheme is proposed, which can both enhance the security of bitcoin account and preserve the privacy of transaction. Firstly, transaction amounts are encrypted by employing the homomorphic Paillier cryptosystem, and output address is disturbed by using one-time public key. Then the encrypted or disrupted transaction information is signed by multiple participants who are authorized by using threshold secret sharing. Compared with partially blind fuzzy signature scheme, the proposed scheme can fully preserve the transaction privacy. Furthermore, performance analysis shows that the proposed scheme is secure and effective in practical applications.

Research on the Realization Path and Application of a Data Governance System Based on Data Architecture

The construction and development of the digital economy,digital society and digital government are facing some common basic problems.Among them,the construction of the data governance system and the improvement of data governance capacity are short boards and weak links,which have seriously restricted the construction and development of the digital economy,digital society and digital government.At present,the broad concept of data governance goes beyond the scope of traditional data governance,which“involves at least four aspects:the establishment of data asset status,management system and mechanism,sharing and openness,security and privacy protection”.Traditional information technologies and methods are powerless to comprehensively solve these problems,so it is urgent to improve understanding and find another way to reconstruct the information technology architecture to provide a scientific and reasonable technical system for effectively solving the problems of data governance.This paper redefined the information technology architecture and proposed the data architecture as the connection link and application support system between the traditional hardware architecture and software architecture.The data registration system is the core composition of the data architecture,and the public key encryption and authentication system is the key component of the data architecture.This data governance system based on the data architecture supports complex,comprehensive,collaborative and cross-domain business application scenarios.It provides scientific and feasible basic support for the construction and development of the digital economy,digital society and digital government.