This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification aut...This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification authority functions through a threshold secret sharing mechanism, in which each node holds a secret share and multiple nodes jointly provide complete services. Certification authority is not limited in a local neighborhood but can be completed within multi-hop location. In addition, we replace broadcast by multicast to improve system performance and reduce communication overhead. This paper resolves some technical problems of ubiquitous certification authority services, and presents a wieldy multi-hop certification authority algorithm. Simulation results confirm the availability and effectiveness of our design.展开更多
Certificate Authority (CA) is the core of public key infrastructure. However, the traditional structure of CA is either hierarchical or reticular, and none of them is suitable for security require-nients come from the...Certificate Authority (CA) is the core of public key infrastructure. However, the traditional structure of CA is either hierarchical or reticular, and none of them is suitable for security require-nients come from the new trend in enterprise cooperation, namely virtual enterprise (VE). In this paper a new idea - virtual certificate authority (VCA), is proposed, as well as its implemen-tation. The goal of VCA is to provide global certificate service over vital enterprise while keeping CA of each participant intact as much as possible. Unlike PEM, PGP, and BCA, by using secret sharing scheme, virtual CA avoids the need for TTP and supports virtual enterprise's feature of dynamical construction and destruction.展开更多
Smart parks serve as integral components of smart cities,where they play a pivotal role in the process of urban modernization.The demand for cross-domain cooperation among smart devices from various parks has witnesse...Smart parks serve as integral components of smart cities,where they play a pivotal role in the process of urban modernization.The demand for cross-domain cooperation among smart devices from various parks has witnessed a significant increase.To ensure secure communication,device identities must undergo authentication.The existing cross-domain authentication schemes face issues such as complex authentication paths and high certificate management costs for devices,making it impractical for resource-constrained devices.This paper proposes a blockchain-based lightweight and efficient cross-domain authentication protocol for smart parks,which simplifies the authentication interaction and requires every device to maintain only one certificate.To enhance cross-domain cooperation flexibility,a comprehensive certificate revocation mechanism is presented,significantly reducing certificate management costs while ensuring efficient and secure identity authentication.When a park needs to revoke access permissions of several cooperative partners,the revocation of numerous cross-domain certificates can be accomplished with a single blockchain write operation.The security analysis and experimental results demonstrate the security and effectiveness of our scheme.展开更多
门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容...门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容忍CA中的应用。最后,对比ITTC项目中关于入侵容忍CA设计的方案,分析显示该方案在安全性、效率和可用性方面具有良好的性能。展开更多
文摘This paper theoretically analyzes a deficiency of the existing scheme, and proposes a distributed multi-hop certification authority scheme for mobile Ad Hoc networks. In our design, we distribute the certification authority functions through a threshold secret sharing mechanism, in which each node holds a secret share and multiple nodes jointly provide complete services. Certification authority is not limited in a local neighborhood but can be completed within multi-hop location. In addition, we replace broadcast by multicast to improve system performance and reduce communication overhead. This paper resolves some technical problems of ubiquitous certification authority services, and presents a wieldy multi-hop certification authority algorithm. Simulation results confirm the availability and effectiveness of our design.
基金the High Technoeogy Research and Debelopment Program of China
文摘Certificate Authority (CA) is the core of public key infrastructure. However, the traditional structure of CA is either hierarchical or reticular, and none of them is suitable for security require-nients come from the new trend in enterprise cooperation, namely virtual enterprise (VE). In this paper a new idea - virtual certificate authority (VCA), is proposed, as well as its implemen-tation. The goal of VCA is to provide global certificate service over vital enterprise while keeping CA of each participant intact as much as possible. Unlike PEM, PGP, and BCA, by using secret sharing scheme, virtual CA avoids the need for TTP and supports virtual enterprise's feature of dynamical construction and destruction.
基金supported in part by the National Natural Science Foundation Project of China under Grant No.62062009the Guangxi Innovation-Driven Development Project under Grant Nos.AA17204058-17 and AA18118047-7.
文摘Smart parks serve as integral components of smart cities,where they play a pivotal role in the process of urban modernization.The demand for cross-domain cooperation among smart devices from various parks has witnessed a significant increase.To ensure secure communication,device identities must undergo authentication.The existing cross-domain authentication schemes face issues such as complex authentication paths and high certificate management costs for devices,making it impractical for resource-constrained devices.This paper proposes a blockchain-based lightweight and efficient cross-domain authentication protocol for smart parks,which simplifies the authentication interaction and requires every device to maintain only one certificate.To enhance cross-domain cooperation flexibility,a comprehensive certificate revocation mechanism is presented,significantly reducing certificate management costs while ensuring efficient and secure identity authentication.When a park needs to revoke access permissions of several cooperative partners,the revocation of numerous cross-domain certificates can be accomplished with a single blockchain write operation.The security analysis and experimental results demonstrate the security and effectiveness of our scheme.
文摘门限密码学提供了建立入侵容忍应用的新方法。文中在介绍并分析了基于ECC的ElGamal数字签名方案和t out of n秘密共享方案的基础上,提出了一个基于ECC的零知识证明方法和一个基于ECC的门限数字签名方案;研究了该方法和方案在建立入侵容忍CA中的应用。最后,对比ITTC项目中关于入侵容忍CA设计的方案,分析显示该方案在安全性、效率和可用性方面具有良好的性能。