The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single ...The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.展开更多
With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic techniqu...With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic technique used in each field of the network applications. In a high-speed network, the heavy traffic of network transmission challenges the packet capture techniques. This paper does an in-depth analysis on the traditional packet capture mechanisms in Linux, and then measures the performance bottleneck in the process of packet capture. The methods for improving the packet capture performance are presented and an optimized packet capture scheme is also designed and implemented. The test demonstrates that the new packet capture mechanism (Libpacket) can greatly improve the packet capture performance of the network application systems in a high-speed network.展开更多
Simple authenticated key agrcement algorithm is one of the Diffie-Hellman key agreement variations. It prevents man-inthe-middle attack with only two more packets required to agree on the secret session key, but it ha...Simple authenticated key agrcement algorithm is one of the Diffie-Hellman key agreement variations. It prevents man-inthe-middle attack with only two more packets required to agree on the secret session key, but it has some weaknesses. In this paper, a new enhanced simple authenticated key agreement algorithm is proposed to overcome these weaknesses on the basis of analyzing the weaknesses of the related protocols. The new enhanced simple authenticated key agreement algorithm can get over replay attack and password guessing attack, provide perfect forward secrecy, and hold the merits of the simple authenticated key agreement algorithm.展开更多
The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately....The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately. The technique that we adopted is inspired by long range dependence ideas. We use the number of packet arrivals of a flow in fixed-length time intervals as the signal and attempt to extend traffic invariant “self-similarity”. We validate the effectiveness of the approach with simulation and trace analysis.展开更多
We propose a protocol for information sharing between two legitimate parties (Bob and Alice) via public-key cryptography. In particular, we specialize the protocol by employing discrete algorithm under mod that maps...We propose a protocol for information sharing between two legitimate parties (Bob and Alice) via public-key cryptography. In particular, we specialize the protocol by employing discrete algorithm under mod that maps integers to quantum states via photon rotations. Based on this algorithm, we find that the protocol is secure under various classes of attacks. Specially, owe to the algorithm, the security of the classical privacy contained in the quantum public-key and the corresponding ciphertext is guaranteed. And the protocol is robust against the impersonation attack and the active wiretapping attack by designing particular checking processing, thus the protocol is valid.展开更多
We propose a three-party quantum secure direct communication(QSDC) protocol with hyperentanglement in both spatial-mode and polarization degrees of freedom. The secret message can be encoded independently with desired...We propose a three-party quantum secure direct communication(QSDC) protocol with hyperentanglement in both spatial-mode and polarization degrees of freedom. The secret message can be encoded independently with desired unitary operations in two degrees of freedom. In this protocol, a party can synchronously obtain the other two parties' messages. Compared with previous three-party QSDC protocols, our protocol has several advantages. First, the single photons in our protocol are only required to transmit for three times. This advantage makes this protocol simple and useful. Second, Alice and Bob can send different secret messages to Charlie, respectively. Finally, with hyperentanglement, this protocol has a higher information capacity than other protocols.展开更多
Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first.In the existing schemes,quantum secure direct communication is possible only w...Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first.In the existing schemes,quantum secure direct communication is possible only when both parties are quantum.In this paper,we construct a three-step semiquantum secure direct communication(SQSDC)protocol based on single photon sources in which the sender Alice is classical.In a semiquantum protocol,a person is termed classical if he(she)can measure,prepare and send quantum states only with the fixed orthogonal quantum basis{|0,|1}.The security of the proposed SQSDC protocol is guaranteed by the complete robustness of semiquantum key distribution protocols and the unconditional security of classical one-time pad encryption.Therefore,the proposed SQSDC protocol is also completely robust.Complete robustness indicates that nonzero information acquired by an eavesdropper Eve on the secret message implies the nonzero probability that the legitimate participants can find errors on the bits tested by this protocol.In the proposed protocol,we suggest a method to check Eves disturbing in the doves returning phase such that Alice does not need to announce publicly any position or their coded bits value after the photons transmission is completed.Moreover,the proposed SQSDC protocol can be implemented with the existing techniques.Compared with many quantum secure direct communication protocols,the proposed SQSDC protocol has two merits:firstly the sender only needs classical capabilities;secondly to check Eves disturbing after the transmission of quantum states,no additional classical information is needed.展开更多
By analyzing the basic properties of unitary transformations used in a quantum secure direct communication (QSDC) protocol, we show the main idea why a covert channel can be established within any QSDC channel which e...By analyzing the basic properties of unitary transformations used in a quantum secure direct communication (QSDC) protocol, we show the main idea why a covert channel can be established within any QSDC channel which employs unitary transformations to encode information. On the basis of the fact that the unitary transformations used in a QSDC protocol are secret and independent, a novel quantum covert channel protocol is proposed to transfer secret messages with unconditional security. The performance, including the imperceptibility, capacity and security of the proposed protocol are analyzed in detail.展开更多
基金Supported by the National High Technology Research and Development Program of China("863"Program)(2006AA706103)~~
文摘The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.
基金Sponsored by the National High Technology Development Program of China (Grant No. 2002AA142020).
文摘With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic technique used in each field of the network applications. In a high-speed network, the heavy traffic of network transmission challenges the packet capture techniques. This paper does an in-depth analysis on the traditional packet capture mechanisms in Linux, and then measures the performance bottleneck in the process of packet capture. The methods for improving the packet capture performance are presented and an optimized packet capture scheme is also designed and implemented. The test demonstrates that the new packet capture mechanism (Libpacket) can greatly improve the packet capture performance of the network application systems in a high-speed network.
基金This work was supported by National"863"High Technology Research and Development Programof China under grant 2002AA145090
文摘Simple authenticated key agrcement algorithm is one of the Diffie-Hellman key agreement variations. It prevents man-inthe-middle attack with only two more packets required to agree on the secret session key, but it has some weaknesses. In this paper, a new enhanced simple authenticated key agreement algorithm is proposed to overcome these weaknesses on the basis of analyzing the weaknesses of the related protocols. The new enhanced simple authenticated key agreement algorithm can get over replay attack and password guessing attack, provide perfect forward secrecy, and hold the merits of the simple authenticated key agreement algorithm.
文摘The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately. The technique that we adopted is inspired by long range dependence ideas. We use the number of packet arrivals of a flow in fixed-length time intervals as the signal and attempt to extend traffic invariant “self-similarity”. We validate the effectiveness of the approach with simulation and trace analysis.
基金Supported by National Natural Science Foundation of China under Grant No.10374025the Education Ministry of Hunan Province under Grant No.06A038the Natural Science Foundation of Hunan Province under Grant No.07JJ3013
文摘We propose a protocol for information sharing between two legitimate parties (Bob and Alice) via public-key cryptography. In particular, we specialize the protocol by employing discrete algorithm under mod that maps integers to quantum states via photon rotations. Based on this algorithm, we find that the protocol is secure under various classes of attacks. Specially, owe to the algorithm, the security of the classical privacy contained in the quantum public-key and the corresponding ciphertext is guaranteed. And the protocol is robust against the impersonation attack and the active wiretapping attack by designing particular checking processing, thus the protocol is valid.
基金supported by the National Natural Science Foundation of China (Grant Nos. 11474168, and 11747161)the Natural Science Foundation of Jiangsu (Grant No. BK20151502)the Priority Academic Development Program of Jiangsu Higher Education Institutions, China
文摘We propose a three-party quantum secure direct communication(QSDC) protocol with hyperentanglement in both spatial-mode and polarization degrees of freedom. The secret message can be encoded independently with desired unitary operations in two degrees of freedom. In this protocol, a party can synchronously obtain the other two parties' messages. Compared with previous three-party QSDC protocols, our protocol has several advantages. First, the single photons in our protocol are only required to transmit for three times. This advantage makes this protocol simple and useful. Second, Alice and Bob can send different secret messages to Charlie, respectively. Finally, with hyperentanglement, this protocol has a higher information capacity than other protocols.
基金supported by the National Natural Science Foundation of China(Grant Nos.61272058 and 61073054)the Natural Science Foundation of Guangdong Province of China(Grant Nos.10251027501000004 and S2012040007324)+1 种基金the Specialized Research Fund for the Doctoral Programof Higher Education of China(Grant No.20100171110042)the Science and Technology Project of Jiangmen City of China(Grant No.[2011]131)
文摘Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first.In the existing schemes,quantum secure direct communication is possible only when both parties are quantum.In this paper,we construct a three-step semiquantum secure direct communication(SQSDC)protocol based on single photon sources in which the sender Alice is classical.In a semiquantum protocol,a person is termed classical if he(she)can measure,prepare and send quantum states only with the fixed orthogonal quantum basis{|0,|1}.The security of the proposed SQSDC protocol is guaranteed by the complete robustness of semiquantum key distribution protocols and the unconditional security of classical one-time pad encryption.Therefore,the proposed SQSDC protocol is also completely robust.Complete robustness indicates that nonzero information acquired by an eavesdropper Eve on the secret message implies the nonzero probability that the legitimate participants can find errors on the bits tested by this protocol.In the proposed protocol,we suggest a method to check Eves disturbing in the doves returning phase such that Alice does not need to announce publicly any position or their coded bits value after the photons transmission is completed.Moreover,the proposed SQSDC protocol can be implemented with the existing techniques.Compared with many quantum secure direct communication protocols,the proposed SQSDC protocol has two merits:firstly the sender only needs classical capabilities;secondly to check Eves disturbing after the transmission of quantum states,no additional classical information is needed.
基金Supported by the National Natural Science Foundation of China under Grant Nos.61170272, 61272514, 61003287, and 61070163Asia Foresight Program under National Natural Science Foundation of China under Grant No.61161140320+4 种基金the Specialized Research Fund for the Doctoral Program of Higher Education under Grant No.20100005120002the Fok Ying Tong Education Foundation under Grant No.131067the Shandong Provincial Natural Science Foundation, China under Grant No.ZR2011FM023the Shandong Province Outstanding Research Award Fund for Young Scientists of China under Grant No.BS2011DX034the Fundamental Research Funds for the Central Universities under Grant No.BUPT2012RC0221
文摘By analyzing the basic properties of unitary transformations used in a quantum secure direct communication (QSDC) protocol, we show the main idea why a covert channel can be established within any QSDC channel which employs unitary transformations to encode information. On the basis of the fact that the unitary transformations used in a QSDC protocol are secret and independent, a novel quantum covert channel protocol is proposed to transfer secret messages with unconditional security. The performance, including the imperceptibility, capacity and security of the proposed protocol are analyzed in detail.
