Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks con...Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.展开更多
To provide a high-security guaran- tee to network coding and lower the comput- ing complexity induced by signature scheme, we take full advantage of homomorphic prop- erty to build lattice signature schemes and sec- u...To provide a high-security guaran- tee to network coding and lower the comput- ing complexity induced by signature scheme, we take full advantage of homomorphic prop- erty to build lattice signature schemes and sec- ure network coding algorithms. Firstly, by means of the distance between the message and its sig- nature in a lattice, we propose a Distance-bas- ed Secure Network Coding (DSNC) algorithm and stipulate its security to a new hard problem Fixed Length Vector Problem (FLVP), which is harder than Shortest Vector Problem (SVP) on lattices. Secondly, considering the bound- ary on the distance between the message and its signature, we further propose an efficient Bo- undary-based Secure Network Coding (BSNC) algorithm to reduce the computing complexity induced by square calculation in DSNC. Sim- ulation results and security analysis show that the proposed signature schemes have stronger unforgeability due to the natural property of lattices than traditional Rivest-Shamir-Adleman (RSA)-based signature scheme. DSNC algo- rithm is more secure and BSNC algorithm greatly reduces the time cost on computation.展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmissio...A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.展开更多
基金This work was supported in part by the National Natural Science Foundation of China under Grant No.61170217,61272469,61303212,61332019,and Grant No.U1135004,and by the Fundamental Research Founds for National University,China University of Geosciences
文摘Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.
基金ACKNOWLEDGEMENT This work was partially supported by the National Basic Research Program of China under Grant No. 2012CB315905 the National Natural Sci- ence Foundation of China under Grants No. 61272501, No. 61173154, No. 61370190 and the Beijing Natural Science Foundation under Grant No. 4132056.
文摘To provide a high-security guaran- tee to network coding and lower the comput- ing complexity induced by signature scheme, we take full advantage of homomorphic prop- erty to build lattice signature schemes and sec- ure network coding algorithms. Firstly, by means of the distance between the message and its sig- nature in a lattice, we propose a Distance-bas- ed Secure Network Coding (DSNC) algorithm and stipulate its security to a new hard problem Fixed Length Vector Problem (FLVP), which is harder than Shortest Vector Problem (SVP) on lattices. Secondly, considering the bound- ary on the distance between the message and its signature, we further propose an efficient Bo- undary-based Secure Network Coding (BSNC) algorithm to reduce the computing complexity induced by square calculation in DSNC. Sim- ulation results and security analysis show that the proposed signature schemes have stronger unforgeability due to the natural property of lattices than traditional Rivest-Shamir-Adleman (RSA)-based signature scheme. DSNC algo- rithm is more secure and BSNC algorithm greatly reduces the time cost on computation.
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
基金National Natural Science Foundation ofChina (No.90104029)
文摘A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.
