This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.W...This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.展开更多
LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We ...LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We divide SLEACH into four phases and fit inexpensivecryplp-graphic operations to each part of the protocol functionality to create an efficient,practical protocol. Then we give security analyses of SLEACH. Our security analyses show that ourschemeis robust against any external attacker or compromised nodes in the sensor network.展开更多
This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by ...This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.展开更多
With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses ...With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.展开更多
Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between th...Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between the UAV and Ground Control Station.The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS.In order to increase the transfer speed and efficiency,the Mavlink does not encrypt the messages.As a result,the protocol is vulnerable to various security attacks such as Eavesdropping,GPS Spoofing,and DDoS.In this study,we tackle the problem and secure the Mavlink communication protocol.By leveraging the Mavlink packet’s vulnerabilities,this research work introduces an experiment in which,first,the Mavlink packets are compromised in terms of security requirements based on our threat model.The results show that the protocol is insecure and the attacks carried out are successful.To overcomeMavlink security,an additional security layer is added to encrypt and secure the protocol.An encryption technique is proposed that makes the communication between the UAV and GCS secure.The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency.The results are validated in terms of transfer speed,performance,and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol.Our achieved results have significant improvement over the literature and Mavlink in terms of security.展开更多
According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the stan...According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure (WPKI). Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module (SIM) tool kit (STK) applications based on our protocol suit well for all kinds of mobile terminals in practical application.展开更多
Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic s...Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.展开更多
To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. I...To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.' s protocol.展开更多
Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free...Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free states are introduced for resisting against collective-dephasing noise, collective-rotation noise and all kinds of unitary collective noise, respectively. Compared with the existing similar protocols, the analyses on security and information-theoretical emciency show that the proposed protocol is more secure and emeient.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been p...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiendy to solve the above problems.Firstly,a novel privacy-preserving point-inclusion(PPPI) protocol is designed based on the classic homomorphic encryption and secure cross product protocol,and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull.And then on the basis of the novel PPPI protocol,an effective SPCH protocol is presented.Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions.Moreover,analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, n...We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.展开更多
基金supported in part by Major Science and Technology Demonstration Project of Jiangsu Provincial Key R&D Program under Grant No.BE2023025in part by the National Natural Science Foundation of China under Grant No.62302238+2 种基金in part by the Natural Science Foundation of Jiangsu Province under Grant No.BK20220388in part by the Natural Science Research Project of Colleges and Universities in Jiangsu Province under Grant No.22KJB520004in part by the China Postdoctoral Science Foundation under Grant No.2022M711689.
文摘This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.
文摘LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We divide SLEACH into four phases and fit inexpensivecryplp-graphic operations to each part of the protocol functionality to create an efficient,practical protocol. Then we give security analyses of SLEACH. Our security analyses show that ourschemeis robust against any external attacker or compromised nodes in the sensor network.
文摘This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.
基金supported by the National Natural Science Foundation of China under Grant No.(62202118.61962009)And in part by Natural Science Foundation of Shandong Province(ZR2021MF086)+1 种基金And in part by Top Technology Talent Project from Guizhou Education Department(Qian jiao ji[2022]073)And in part by Foundation of Guangxi Key Laboratory of Cryptography and Information Security(GCIS202118).
文摘With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.
文摘Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between the UAV and Ground Control Station.The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS.In order to increase the transfer speed and efficiency,the Mavlink does not encrypt the messages.As a result,the protocol is vulnerable to various security attacks such as Eavesdropping,GPS Spoofing,and DDoS.In this study,we tackle the problem and secure the Mavlink communication protocol.By leveraging the Mavlink packet’s vulnerabilities,this research work introduces an experiment in which,first,the Mavlink packets are compromised in terms of security requirements based on our threat model.The results show that the protocol is insecure and the attacks carried out are successful.To overcomeMavlink security,an additional security layer is added to encrypt and secure the protocol.An encryption technique is proposed that makes the communication between the UAV and GCS secure.The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency.The results are validated in terms of transfer speed,performance,and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol.Our achieved results have significant improvement over the literature and Mavlink in terms of security.
基金This work was supported by the Mobile Police Project of China(No.J1GAB23W013)National High Technology Research and Development Program of China(863 Program,No.2007AA01Z479).
文摘According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure (WPKI). Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module (SIM) tool kit (STK) applications based on our protocol suit well for all kinds of mobile terminals in practical application.
文摘Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61370145,61173183,and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China(Grant No.20070141014)+2 种基金the Program for Excellent Talents in Universities of Liaoning Province,China(Grant No.LR2012003)the Natural Science Foundation of Liaoning Province,China(Grant No.20082165)the Fundamental Research Funds for the Central Universities of China(Grant No.DUT12JB06)
文摘To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.' s protocol.
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
基金Supported by the Foundation and Frontier Research Program of Chongqing Science and Technology Commission of China under Grant No cstc2016jcyjA0571
文摘Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free states are introduced for resisting against collective-dephasing noise, collective-rotation noise and all kinds of unitary collective noise, respectively. Compared with the existing similar protocols, the analyses on security and information-theoretical emciency show that the proposed protocol is more secure and emeient.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry(SMCG).In this work a secure planar convex hull(SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiendy to solve the above problems.Firstly,a novel privacy-preserving point-inclusion(PPPI) protocol is designed based on the classic homomorphic encryption and secure cross product protocol,and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull.And then on the basis of the novel PPPI protocol,an effective SPCH protocol is presented.Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions.Moreover,analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
基金Supported by the Natural Science Foundation ofthe Department of Education of Guangdong Province (Z03001)
文摘We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.
