Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear ...Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.展开更多
A new integrity metric for navigation systems is proposed based on the measurement domain. Proba-hilistic optimization design offers tools for fault detection by considering the required navigation performance (RNP)...A new integrity metric for navigation systems is proposed based on the measurement domain. Proba-hilistic optimization design offers tools for fault detection by considering the required navigation performance (RNP) parameter and the uncertainty noise. The choice of the proper performance parameter provided the single-valued mapping with the missed detection probability estimates the probability of failure. The desirable characteristics of the residual sensitivity matrix are exploited to increase the efficiency for identifying erroneous observations. The algorithm can be used to support the performance specification and the efficient calculation of the integrity monitoring process. The simulation for non-precision approach (NPA) validates both the viability and the effectiveness of the proposed algorithm.展开更多
Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its ap...Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.展开更多
In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitra...In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitrary partially ordered user hierarchy. The advantage is in ensuring that the security class in the higher level can derive any of its successor’s secret keys directly and efficiently and show it is dynamic while a new security class is added into or a class is removed from the hierarchy. Even the ex-member problem can be solved efficiently. Moreover, any user can freely change its own key for some security reasons.展开更多
Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the app...Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.展开更多
Nowadays, an increasing number of web applications require identification registration. However, the behavior of website registration has not ever been thoroughly studied. We use the database provided by the Chinese S...Nowadays, an increasing number of web applications require identification registration. However, the behavior of website registration has not ever been thoroughly studied. We use the database provided by the Chinese Software Develop Net (CSDN) to provide a complete perspective on this research point. We concentrate on the following three aspects: complexity, correlation, and preference. From these analyses, we draw the following conclusions: firstly, a considerable number of users have not realized the importance of identification and are using very simple identifications that can be attacked very easily. Secondly, there is a strong complexity correlation among the three parts of identification. Thirdly, the top three passwords that users like are 123456789, 12345678 and 11111111, and the top three email providers that they prefer are NETEASE, qq and sina. Further, we provide some suggestions to improve the quality of user passwords.展开更多
To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm...To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm is not static and uniform.For each encryption,this algorithm is adaptively and dynamically selected from the algorithm set in the mobile phone encryption system.From the mobile phone's character,the detail encryption algorithm selection strategy is confirmed based on the user's mobile phone hardware information,personalization information and a pseudo-random number.Secondly,the data is rearranged with a randomly selected start position in the data before being encrypted.The start position's randomness makes the mobile phone data encryption safer.Thirdly,the rearranged data is encrypted by the selected algorithm and generated key.Finally,the analysis shows this method possesses the higher security because the more dynamics and randomness are adaptively added into the encryption process.展开更多
Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the securi...Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the security of cloud data, how to increase data availability and how to improve user privacy perception are the key issues of cloud storage research, especially when the cloud service provider is not completely trusted. In this paper, a cloud storage ciphertext retrieval scheme based on AES and homomorphic encryption is presented. This ciphertext retrieval scheme will not only conceal the user retrieval information, but also prevent the cloud from obtaining user access pattern such as read-write mode, and access frequency, thereby ensuring the safety of the ciphertext retrieval and user privacy. The results of simulation analysis show that the performance of this ciphertext retrieval scheme requires less overhead than other schemes on the same security level.展开更多
An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It ...An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.展开更多
To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption...To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)scheme in the 5G D2D environment is proposed.On the basis of the ciphertext policy attribute-based encryption algorithm,fine-grained access control and secure attribute revocation are realized,and the confidentiality of data is guaranteed.A polynomial function is adopted in the ciphertext generation phase to realize dynamic user management.A random number is used to prevent a collusion attack among the legitimate user equipment(UE),revoked UE,and external network attackers.Finally,on the basis of the Diffie-Hellman problem,the NDA-CP-ABE scheme is formally proved,and the simulation performances are compared with those of similar schemes.The results show that data can be securely shared through a D2D channel with secure attribute revocation,anti-collusion,and dynamic user management.Moreover,compared with similar schemes,the NDA-CP-ABE scheme has higher efficiency in encryption,decryption,and storage.展开更多
Cloud data sharing service, which allows a group of people to work together to access and modify the shared data, is one of the most popular and efficient working styles in the enterprises. However, the cloud server i...Cloud data sharing service, which allows a group of people to work together to access and modify the shared data, is one of the most popular and efficient working styles in the enterprises. However, the cloud server is not completely trusted, and its security could be compromised by monetary reasons or caused by hacking and hardware errors. Therefore, despite of having advantages of scalability and flexibility, cloud storage service comes with privacy and the security concerns. A straightforward method to protect the user's privacy is to encrypt the data stored at the cloud. To enable the authenticated users to access the encrypted cloud data, a practical group key management algorithm for the cloud data sharing application is highly desired. The existing group key management mechanisms presume that the server is trusted. But, the cloud data service mode does not always meet this condition. How to manage the group keys to support the scenario of the cloud storage with a semi-trusted cloud server is still a challenging task. Moreover, the cloud storage system is a large-scale and open application, in which the user group is dynamic. To address this problem, we propose a practical group key management algorithm based on a proxy re-encryption mechanism in this paper. We use the cloud server to act as a proxy tore-encrypt the group key to allow authorized users to decrypt and get the group key by their private key. To achieve the hierarchical access control policy, our scheme enables the cloud server to convert the encrypted group key of the lower group to the upper group. The numerical analysis and experimental results further validate the high efficiency and security of the proposed scheme.展开更多
As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and mos...As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and most of them were proven secure under certain complexity assumptions. In this paper, however, we find that although some schemes are secure in a single-user setting, they are not secure in a multi-user setting any more. We show that Zhang, et al. ' s scheme, Gorantla, et al. ' s scheme and Ming, et al. ' s scheme are vulnerable to key substitution attacks, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. We also show that this kind of attacks can breach the fairness when they are used in fair exchange in a multi-user setting.展开更多
LDPE (low-density polyethylene) photo degraded through various accelerated weathering tests has the molecular weight distribution curves unlike that through outdoor exposure. The authors therefore developed new weat...LDPE (low-density polyethylene) photo degraded through various accelerated weathering tests has the molecular weight distribution curves unlike that through outdoor exposure. The authors therefore developed new weathering test condition based on the existing accelerated weathering test using a xenon arc lamp. Samples of LDPE were photo degraded using various accelerated weathering test conditions and outdoor exposure. The physical properties and chemical structures of the photo degraded samples were studied through a tensile test, infrared spectroscopy, and gel chromatography. The authors found that the molecular weight distribution curve of a sample photo degraded using a xenon lamp at a higher BPT (black panel temperature) (73 ~C) was more similar to that of an outdoor-exposed sample than that of a sample photo degraded at the standard BPT (63 ~C). It is considered that higher temperature accelerates radical recombination, consequently recreating molecular enlargement similar to the outdoor-exposed sample. Multiple regression analysis using newly introduced Mp (peak-top molecular weight) and Mw (weight-average molecular weight) as explanatory variables was conducted, which successfully enabled the authors to provide a simple explanation for the decrease in polymer tensile strength.展开更多
The focus of this paper is to design an efficient and secure solution addressing the semi trusted issue in proxy re-signature schemes, i.e., the proxy knows the re-signature key from user A to user B, so he is able to...The focus of this paper is to design an efficient and secure solution addressing the semi trusted issue in proxy re-signature schemes, i.e., the proxy knows the re-signature key from user A to user B, so he is able to translate any signatures made by user A to user B, which damages the essential requirement ("non-repudiation" property) of proxy re-signature schemes. In this paper, the authors first define the security model for threshold proxy re-signature scheme, and then propose two threshold proxy re-signature schemes based on Ateniese-Hohenberger's and Shao-Cao-Wang-Liang's approach.展开更多
Determined to become a new member of the well-established GNSS family,COMPASS(or BeiDou-2) is developing its capabilities to provide high accuracy positioning services.Two positioning modes are investigated in this st...Determined to become a new member of the well-established GNSS family,COMPASS(or BeiDou-2) is developing its capabilities to provide high accuracy positioning services.Two positioning modes are investigated in this study to assess the positioning accuracy of COMPASS' 4GEO/5IGSO/2MEO constellation.Precise Point Positioning(PPP) for geodetic users and real-time positioning for common navigation users are utilized.To evaluate PPP accuracy,coordinate time series repeatability and discrepancies with GPS' precise positioning are computed.Experiments show that COMPASS PPP repeatability for the east,north and up components of a receiver within China's Mainland is better than 2 cm,2 cm and 5 cm,respectively.Apparent systematic offsets of several centimeters exist between COMPASS precise positioning and GPS precise positioning,indicating errors remaining in the treatments of COMPASS measurement and dynamic models and reference frame differences existing between two systems.For common positioning users,COMPASS provides both open and authorized services with rapid differential corrections and integrity information available to authorized users.Our assessment shows that in open service positioning accuracy of dual-frequency and single-frequency users is about 5 m and 6 m(RMS),respectively,which may be improved to about 3 m and 4 m(RMS) with the addition of differential corrections.Less accurate Signal In Space User Ranging Error(SIS URE) and Geometric Dilution of Precision(GDOP) contribute to the relatively inferior accuracy of COMPASS as compared to GPS.Since the deployment of the remaining 1 GEO and 2 MEO is not able to significantly improve GDOP,the performance gap could only be overcome either by the use of differential corrections or improvement of the SIS URE,or both.展开更多
Generalized Poisson l3oltzmann equation which takes into account both ionic interaction in bulk solution and steric effects of adsorbed ions has been suggested. We found that, for inorganic cations adsorption on negat...Generalized Poisson l3oltzmann equation which takes into account both ionic interaction in bulk solution and steric effects of adsorbed ions has been suggested. We found that, for inorganic cations adsorption on negatively charged surface, the steric effect is not significant for surface charge density 〈 0.0032 C/dm2, while the ionic interaction is an important effect for electrolyte concentration 〉 0.15 tool/1 in bulk solution. We conclude that for most actual cases the original PB equation can give reliable result in describing inorganic cation adsorption.展开更多
Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from t...Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.展开更多
Telecom-band polarization-entangled photon- pair source has been widely used in quantum communi- cation due to its acceptable transmission loss. It is also used in cooperation with wavelength-division multiplexing (...Telecom-band polarization-entangled photon- pair source has been widely used in quantum communi- cation due to its acceptable transmission loss. It is also used in cooperation with wavelength-division multiplexing (WDM) to construct entanglement distributor. However, previous schemes generally are not suitable for multinode scenario. In this paper, we construct a telecom-band po- larization-entangled photon-pair source, and it shows ul- trahigh fidelity and concurrence which are both greater than 90 % (raw data). Moreover, we set up a four-by-four entanglement distributor based on WDM. We check the 16 Clauser-Horne-Shimony-Holt inequalities, which show nonlocality. Lastly, as an example of practical application of this source, we estimate the quantum bit error rates and quantum secret key rates when it is used in quantum key distribution. Furthermore, the transmission of entanglement in long optical fibers is also demonstrated.展开更多
基金Supported by the National Science Foundation for Young Scholars of China(61001091)~~
文摘Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.
基金Supported by the National High Technology Research and Development Program of China (‘863’Program) (2006AA12Z313)~~
文摘A new integrity metric for navigation systems is proposed based on the measurement domain. Proba-hilistic optimization design offers tools for fault detection by considering the required navigation performance (RNP) parameter and the uncertainty noise. The choice of the proper performance parameter provided the single-valued mapping with the missed detection probability estimates the probability of failure. The desirable characteristics of the residual sensitivity matrix are exploited to increase the efficiency for identifying erroneous observations. The algorithm can be used to support the performance specification and the efficient calculation of the integrity monitoring process. The simulation for non-precision approach (NPA) validates both the viability and the effectiveness of the proposed algorithm.
文摘Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.
文摘In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitrary partially ordered user hierarchy. The advantage is in ensuring that the security class in the higher level can derive any of its successor’s secret keys directly and efficiently and show it is dynamic while a new security class is added into or a class is removed from the hierarchy. Even the ex-member problem can be solved efficiently. Moreover, any user can freely change its own key for some security reasons.
文摘Attribute revocation is inevitable and al- so important for Attribute-Based Encryption (ABE) in practice. However, little attention has been paid to this issue, and it retrains one of the rmin obsta-cles for the application of ABE. Most of existing ABE schemes support attribute revocation work under indirect revocation model such that all the users' private keys will be affected when the revo-cation events occur. Though some ABE schemes have realized revocation under direct revocation model such that the revocation list is embedded in the ciphertext and none of the users' private keys will be affected by revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or they can only be proven to be selectively secure. In this paper, we first define a model of adaptively secure ABE supporting the at- tribute revocation under direct revocation model. Then we propose a Key-Policy ABE (KP-ABE) scheme and a Ciphertext-Policy ABE (CP-ABE) scheme on composite order bilinear groups. Finally, we prove our schemes to be adaptively secure by employing the methodology of dual system eno cryption.
基金supported by the Foundation for Key Program of Ministry of Education, China under Grant No.311007National Science Foundation Project of China under Grants No. 61202079, No.61170225, No.61271199+1 种基金the Fundamental Research Funds for the Central Universities under Grant No.FRF-TP-09-015Athe Fundamental Research Funds in Beijing Jiaotong University under Grant No.W11JB00630
文摘Nowadays, an increasing number of web applications require identification registration. However, the behavior of website registration has not ever been thoroughly studied. We use the database provided by the Chinese Software Develop Net (CSDN) to provide a complete perspective on this research point. We concentrate on the following three aspects: complexity, correlation, and preference. From these analyses, we draw the following conclusions: firstly, a considerable number of users have not realized the importance of identification and are using very simple identifications that can be attacked very easily. Secondly, there is a strong complexity correlation among the three parts of identification. Thirdly, the top three passwords that users like are 123456789, 12345678 and 11111111, and the top three email providers that they prefer are NETEASE, qq and sina. Further, we provide some suggestions to improve the quality of user passwords.
文摘To enhance the security of user data in the clouds,we present an adaptive and dynamic data encryption method to encrypt user data in the mobile phone before it is uploaded.Firstly,the adopted data encryption algorithm is not static and uniform.For each encryption,this algorithm is adaptively and dynamically selected from the algorithm set in the mobile phone encryption system.From the mobile phone's character,the detail encryption algorithm selection strategy is confirmed based on the user's mobile phone hardware information,personalization information and a pseudo-random number.Secondly,the data is rearranged with a randomly selected start position in the data before being encrypted.The start position's randomness makes the mobile phone data encryption safer.Thirdly,the rearranged data is encrypted by the selected algorithm and generated key.Finally,the analysis shows this method possesses the higher security because the more dynamics and randomness are adaptively added into the encryption process.
基金the National Natural Science Foundation of China under Grant,the Fundamental Research Funds for the Central Universities under Grant No.FRF-TP-14-046A2
文摘Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User's data is stored in the cloud, which separated the ownership from management. How to ensure the security of cloud data, how to increase data availability and how to improve user privacy perception are the key issues of cloud storage research, especially when the cloud service provider is not completely trusted. In this paper, a cloud storage ciphertext retrieval scheme based on AES and homomorphic encryption is presented. This ciphertext retrieval scheme will not only conceal the user retrieval information, but also prevent the cloud from obtaining user access pattern such as read-write mode, and access frequency, thereby ensuring the safety of the ciphertext retrieval and user privacy. The results of simulation analysis show that the performance of this ciphertext retrieval scheme requires less overhead than other schemes on the same security level.
基金Supported by the National Natural Science Foundation of China(No.60970111,60903189,60903020)the National High Technology Research and Development Programme of China(No.2009AA012418)+1 种基金the National Basic Research Program of China(No.2007CB311201)the Foundation of NLMC(No.9140C1103020803)
文摘An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.
基金The National Natural Science Foundation of China(No.61372103)the Natural Science Foundation of Jiangsu Province(No.SBK2020020282)+1 种基金the Program of Key Laboratory of Information Network Security of the Ministry of Public Security(No.C19607)the Program of Key Laboratory of Computer Network Technology of Jiangsu Province.
文摘To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)scheme in the 5G D2D environment is proposed.On the basis of the ciphertext policy attribute-based encryption algorithm,fine-grained access control and secure attribute revocation are realized,and the confidentiality of data is guaranteed.A polynomial function is adopted in the ciphertext generation phase to realize dynamic user management.A random number is used to prevent a collusion attack among the legitimate user equipment(UE),revoked UE,and external network attackers.Finally,on the basis of the Diffie-Hellman problem,the NDA-CP-ABE scheme is formally proved,and the simulation performances are compared with those of similar schemes.The results show that data can be securely shared through a D2D channel with secure attribute revocation,anti-collusion,and dynamic user management.Moreover,compared with similar schemes,the NDA-CP-ABE scheme has higher efficiency in encryption,decryption,and storage.
基金partially supported by National Natural Science Foundation of China No.61202034,61232002,61303026,6157237861402339CCF Opening Project of Chinese Information Processing No.CCF2014-01-02+2 种基金the Program for Innovative Research Team of Wuhan No.2014070504020237Fundamental Application Research Plan of Suzhou City No.SYG201312Natural Science Foundation of Wuhan University No.2042016gf0020
文摘Cloud data sharing service, which allows a group of people to work together to access and modify the shared data, is one of the most popular and efficient working styles in the enterprises. However, the cloud server is not completely trusted, and its security could be compromised by monetary reasons or caused by hacking and hardware errors. Therefore, despite of having advantages of scalability and flexibility, cloud storage service comes with privacy and the security concerns. A straightforward method to protect the user's privacy is to encrypt the data stored at the cloud. To enable the authenticated users to access the encrypted cloud data, a practical group key management algorithm for the cloud data sharing application is highly desired. The existing group key management mechanisms presume that the server is trusted. But, the cloud data service mode does not always meet this condition. How to manage the group keys to support the scenario of the cloud storage with a semi-trusted cloud server is still a challenging task. Moreover, the cloud storage system is a large-scale and open application, in which the user group is dynamic. To address this problem, we propose a practical group key management algorithm based on a proxy re-encryption mechanism in this paper. We use the cloud server to act as a proxy tore-encrypt the group key to allow authorized users to decrypt and get the group key by their private key. To achieve the hierarchical access control policy, our scheme enables the cloud server to convert the encrypted group key of the lower group to the upper group. The numerical analysis and experimental results further validate the high efficiency and security of the proposed scheme.
基金Supported by the National High Technology Research and Development Programme of China ( No. 2008AA092301 ) and the National Natural Science Foundation of China (No. 50879014).
文摘As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and most of them were proven secure under certain complexity assumptions. In this paper, however, we find that although some schemes are secure in a single-user setting, they are not secure in a multi-user setting any more. We show that Zhang, et al. ' s scheme, Gorantla, et al. ' s scheme and Ming, et al. ' s scheme are vulnerable to key substitution attacks, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. We also show that this kind of attacks can breach the fairness when they are used in fair exchange in a multi-user setting.
文摘LDPE (low-density polyethylene) photo degraded through various accelerated weathering tests has the molecular weight distribution curves unlike that through outdoor exposure. The authors therefore developed new weathering test condition based on the existing accelerated weathering test using a xenon arc lamp. Samples of LDPE were photo degraded using various accelerated weathering test conditions and outdoor exposure. The physical properties and chemical structures of the photo degraded samples were studied through a tensile test, infrared spectroscopy, and gel chromatography. The authors found that the molecular weight distribution curve of a sample photo degraded using a xenon lamp at a higher BPT (black panel temperature) (73 ~C) was more similar to that of an outdoor-exposed sample than that of a sample photo degraded at the standard BPT (63 ~C). It is considered that higher temperature accelerates radical recombination, consequently recreating molecular enlargement similar to the outdoor-exposed sample. Multiple regression analysis using newly introduced Mp (peak-top molecular weight) and Mw (weight-average molecular weight) as explanatory variables was conducted, which successfully enabled the authors to provide a simple explanation for the decrease in polymer tensile strength.
基金supported in part by the National Natural Science Foundation of China under Grant Nos. 61033014,60970110,60972034the National 973 Program under Grant No.2007CB311201
文摘The focus of this paper is to design an efficient and secure solution addressing the semi trusted issue in proxy re-signature schemes, i.e., the proxy knows the re-signature key from user A to user B, so he is able to translate any signatures made by user A to user B, which damages the essential requirement ("non-repudiation" property) of proxy re-signature schemes. In this paper, the authors first define the security model for threshold proxy re-signature scheme, and then propose two threshold proxy re-signature schemes based on Ateniese-Hohenberger's and Shao-Cao-Wang-Liang's approach.
基金supported by the Shanghai Committee of Science and Technology(Grant No.11ZR1443500)the National Natural Sciences Foundation of China(Grant Nos.11033004 and 11203009)China Satellite Navigation Conference(Grant No.CSNC2011-QY-01)
文摘Determined to become a new member of the well-established GNSS family,COMPASS(or BeiDou-2) is developing its capabilities to provide high accuracy positioning services.Two positioning modes are investigated in this study to assess the positioning accuracy of COMPASS' 4GEO/5IGSO/2MEO constellation.Precise Point Positioning(PPP) for geodetic users and real-time positioning for common navigation users are utilized.To evaluate PPP accuracy,coordinate time series repeatability and discrepancies with GPS' precise positioning are computed.Experiments show that COMPASS PPP repeatability for the east,north and up components of a receiver within China's Mainland is better than 2 cm,2 cm and 5 cm,respectively.Apparent systematic offsets of several centimeters exist between COMPASS precise positioning and GPS precise positioning,indicating errors remaining in the treatments of COMPASS measurement and dynamic models and reference frame differences existing between two systems.For common positioning users,COMPASS provides both open and authorized services with rapid differential corrections and integrity information available to authorized users.Our assessment shows that in open service positioning accuracy of dual-frequency and single-frequency users is about 5 m and 6 m(RMS),respectively,which may be improved to about 3 m and 4 m(RMS) with the addition of differential corrections.Less accurate Signal In Space User Ranging Error(SIS URE) and Geometric Dilution of Precision(GDOP) contribute to the relatively inferior accuracy of COMPASS as compared to GPS.Since the deployment of the remaining 1 GEO and 2 MEO is not able to significantly improve GDOP,the performance gap could only be overcome either by the use of differential corrections or improvement of the SIS URE,or both.
基金Supported by the National Natural Science Foundation of China under Grant Nos.40971146 and 40740420660the National Basic Research Program of China under Grant No.2010CB134511Scientific and Technological Innovation Foundation of Southwest University for Graduates under Grant No.kb2010013
文摘Generalized Poisson l3oltzmann equation which takes into account both ionic interaction in bulk solution and steric effects of adsorbed ions has been suggested. We found that, for inorganic cations adsorption on negatively charged surface, the steric effect is not significant for surface charge density 〈 0.0032 C/dm2, while the ionic interaction is an important effect for electrolyte concentration 〉 0.15 tool/1 in bulk solution. We conclude that for most actual cases the original PB equation can give reliable result in describing inorganic cation adsorption.
基金Project partly supported by the Ministry of Higher Education of Malaysia under Grant LRGS/TD/2011/UKM/ICT/02
文摘Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.
基金This work was supported by the National Nat- ural Science Foundation of China (61327901, 61490711, 11274289, 11325419, 11374288 and 11104261), the National Basic Research Program of China (2011CB921200), the Strategic Priority Research Program (B) of the Chinese Academy of Sciences (XDB01030300), the National Science Ftmd for Distinguished Young Scholars (61225025), and the Fundamental Research Funds for Central Universities (WK2470000011).
文摘Telecom-band polarization-entangled photon- pair source has been widely used in quantum communi- cation due to its acceptable transmission loss. It is also used in cooperation with wavelength-division multiplexing (WDM) to construct entanglement distributor. However, previous schemes generally are not suitable for multinode scenario. In this paper, we construct a telecom-band po- larization-entangled photon-pair source, and it shows ul- trahigh fidelity and concurrence which are both greater than 90 % (raw data). Moreover, we set up a four-by-four entanglement distributor based on WDM. We check the 16 Clauser-Horne-Shimony-Holt inequalities, which show nonlocality. Lastly, as an example of practical application of this source, we estimate the quantum bit error rates and quantum secret key rates when it is used in quantum key distribution. Furthermore, the transmission of entanglement in long optical fibers is also demonstrated.
