A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has be...A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.展开更多
The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant qua...The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant quantum cryptography very urgent. This motivate us to design a new key exchange protocol and eneryption scheme in this paper. Firstly, some acknowledged mathematical problems was introduced, such as ergodic matrix problem and tensor decomposition problem, the two problems have been proved to NPC hard. From the computational complexity prospective, NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them. From the algebraic structures prospective, non-commutative cryptography has been considered to resist quantum. The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures, so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures. Secondly, a new problem was constructed based on the introduced problems in this paper, then a key exchange protocol and a public key encryption scheme were proposed based on it. Finally the security analysis, efficiency, recommended parameters, performance evaluation and etc. were also been given. The two schemes has the following characteristics, provable security,security bits can be scalable, to achieve high efficiency, quantum resistance, and etc.展开更多
The idempotent semirings Rmax and Rmin play a crucial role in several areas of mathematics and their applications such as discrete mathematics, algebraic geometry, computer science, computer languages, linguistic prob...The idempotent semirings Rmax and Rmin play a crucial role in several areas of mathematics and their applications such as discrete mathematics, algebraic geometry, computer science, computer languages, linguistic problems, optimization theory, discrete event systems, fuzzy logics. In this paper we consider the expansion of the semirings Rmax and Rmin with residuals and describe how to use these expended semirings in public key cryptography.展开更多
The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography ...The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography can eliminate much of the overhead associated with the deployment and management of certificate.However,exposure of private keys can be the most devastating attack on a public key based cryptosystem since such that all security guarantees are lost.In this paper,an ID-based authenticated key agreement protocol was presented.For solving the problem of key exposure of the basic scheme,the technique of key insulation was applied and a key insulated version is developed.展开更多
Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signat...Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al.(2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.展开更多
This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The pro...This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.展开更多
Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitab...Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.展开更多
The isomorphism of polynomials (IP), one of the hard problems in multivariate public key cryptography induces an equivalence relation on a set of systems of polynomials. Then the enumeration problem of IP consists o...The isomorphism of polynomials (IP), one of the hard problems in multivariate public key cryptography induces an equivalence relation on a set of systems of polynomials. Then the enumeration problem of IP consists of counting the numbers of different classes and counting the cardinality of each class that is highly related to the scale of key space for a multivariate publi9 key cryptosystem. In this paper we show the enumeration of the equivalence classes containing ∑n-1 i=0 aiX^2qi when char(Fq) = 2, which implies that these polynomials are all weak IP instances. Moreover, we study the cardinality of an equivalence class containing the binomial aX2qi + bX2qj (i ≠ j) over Fqn without the restriction that char(Fq) = 2, which gives us a deeper understanding of finite geometry as a tool to investigate the enumeration problem of IP.展开更多
文摘A safe and reliable application system frame based on Internet and Intranet for Stock Supervision and Administration Council of China is built up. An all sided, multi tier and multi technical security method has been adopted, which includes identity recognition, data encryption, digital signature, Domino and WWW servers, access control list, directory service, certificate authorization server, IC card and so on. The recognition system based on CA server is a high efficient, convenient and reliable system. The encryption technology and security method are proved to be reliable. The recognition system is of high security and is worthy of being popularized in some places where some special security requirements need meeting. Multi tier technology can improve the security of database. Double keys method is a useful data encryption method.
基金the National Natural Science Foundation of China,the State Key Program of National Natural Science of China,the Major Research Plan of the National Natural Science Foundation of China,Major State Basic Research Development Program of China (973 Program),the Hubei Natural Science Foundation of China
文摘The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant quantum cryptography very urgent. This motivate us to design a new key exchange protocol and eneryption scheme in this paper. Firstly, some acknowledged mathematical problems was introduced, such as ergodic matrix problem and tensor decomposition problem, the two problems have been proved to NPC hard. From the computational complexity prospective, NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them. From the algebraic structures prospective, non-commutative cryptography has been considered to resist quantum. The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures, so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures. Secondly, a new problem was constructed based on the introduced problems in this paper, then a key exchange protocol and a public key encryption scheme were proposed based on it. Finally the security analysis, efficiency, recommended parameters, performance evaluation and etc. were also been given. The two schemes has the following characteristics, provable security,security bits can be scalable, to achieve high efficiency, quantum resistance, and etc.
文摘The idempotent semirings Rmax and Rmin play a crucial role in several areas of mathematics and their applications such as discrete mathematics, algebraic geometry, computer science, computer languages, linguistic problems, optimization theory, discrete event systems, fuzzy logics. In this paper we consider the expansion of the semirings Rmax and Rmin with residuals and describe how to use these expended semirings in public key cryptography.
文摘The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography can eliminate much of the overhead associated with the deployment and management of certificate.However,exposure of private keys can be the most devastating attack on a public key based cryptosystem since such that all security guarantees are lost.In this paper,an ID-based authenticated key agreement protocol was presented.For solving the problem of key exposure of the basic scheme,the technique of key insulation was applied and a key insulated version is developed.
基金Project (Nos 60573032, 60773092, 60842002, 60873229, and 90604036) supported by the National Natural Science Foundation of China
文摘Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al.(2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al.(2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.
基金the National Basic Research Program(973)of China(No.2007CB311201)the National High Technology Research and Development Program(863) of China(Nos.2006AA01Z422,2007AA01Z456)
文摘This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.
基金the National Natural Science Foundationof China(No.60773085)
文摘Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.
基金supported by National Basic Research Program of China (973 Program)(Grant No. 2011CB302400)National Natural Science Foundation of China (Grant No. 60970152)Grand Project of Institute of Software (Grant No. YOCX285056)
文摘The isomorphism of polynomials (IP), one of the hard problems in multivariate public key cryptography induces an equivalence relation on a set of systems of polynomials. Then the enumeration problem of IP consists of counting the numbers of different classes and counting the cardinality of each class that is highly related to the scale of key space for a multivariate publi9 key cryptosystem. In this paper we show the enumeration of the equivalence classes containing ∑n-1 i=0 aiX^2qi when char(Fq) = 2, which implies that these polynomials are all weak IP instances. Moreover, we study the cardinality of an equivalence class containing the binomial aX2qi + bX2qj (i ≠ j) over Fqn without the restriction that char(Fq) = 2, which gives us a deeper understanding of finite geometry as a tool to investigate the enumeration problem of IP.
