To further improve the secrecy rate,a joint optimization scheme for the reconfigurable intelligent surface(RIS)phase shift and the power allocation is proposed in the untrusted relay(UR)networks assisted by the RIS.Th...To further improve the secrecy rate,a joint optimization scheme for the reconfigurable intelligent surface(RIS)phase shift and the power allocation is proposed in the untrusted relay(UR)networks assisted by the RIS.The eavesdropping on the UR is interfered by a source-based jamming strategy.Under the constraints of unit modulus and total power,the RIS phase shift,the power allocation between the confidential signal and the jamming signal,and the power allocation between the source node and the UR are jointly optimized to maximize the secrecy rate.The complex multivariable coupling problem is decomposed into three sub-problems,and the non-convexity of the objective function and the constraints is solved with semi-definite relaxation.Simulation results indicate that the secrecy rate is remarkably enhanced with the proposed scheme compared with the equal power allocation scheme,the random phase shift scheme,and the no-RIS scheme.展开更多
Measurement-device-independent quantum key distribution (MDI-QKD) can be immune to all detector side- channel attacks and guarantee the information-theoretical security even with uncharacterized single photon detect...Measurement-device-independent quantum key distribution (MDI-QKD) can be immune to all detector side- channel attacks and guarantee the information-theoretical security even with uncharacterized single photon detectors. MDI-QKD has been demonstrated in both laboratories and field-tests by using attenuated lasers combined with the decoy-state technique. However, it is a critical assumption that the sources used by legitimate participants are trusted in MDI-QKD. Hence, it is possible that a potential security risk exists. Here we propose a new scheme of polarization-encoding-based MDI-QKD with a single untrusted source, by which the complexity of the synchronization system can be reduced and the success rate of the Bell-state measurement can be improved. Meanwhile, the decoy-state method is employed to avoid the security issues introduced by a non-ideal single photon source. We also derive a security analysis of the proposed system. In addition, it seems to be a promising candidate for the implementation for QKD network in the near future.展开更多
Reference frame independent quantum key distribution(RFI-QKD) allows two legitimate parties to share the common secret keys with the drift of reference frames. In order to reduce the actual requirements of RFI-QKD pro...Reference frame independent quantum key distribution(RFI-QKD) allows two legitimate parties to share the common secret keys with the drift of reference frames. In order to reduce the actual requirements of RFI-QKD protocol on light source and make it more suitable for practical applications, this paper gives a specific description of RFI-QKD protocol with an untrusted source and analyzes the practical security of this protocol based on the two-way "plug and play" structure commonly used in practical systems. In addition, we also investigate the performance of RFI-QKD with an untrusted source considering statistical fluctuations based on Chernoff bound. Using simulations, we compare the secret key rate of RFIQKD with an untrusted source to RFI-QKD with trusted source. The results show that the performance of RFI-QKD with an untrusted source is similar to that of RFI-QKD with trusted source, and the finite data size clearly effects the performance of our protocol.展开更多
To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor int...To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor into account. A nonzero-sum game is established to capture the interaction among URs and detection strategies. Secrecy capacity is investigated as game payoff to indicate the untrusted behaviors of the relays. The maximum probabilities of the behaviors of relay and the optimal system detection strategy can be obtained by using the proposed algorithm.展开更多
Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practic...Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practical multi-party quantum communication. In order to mitigate the experimental complexity of MDI-QCC and remove the key assumption(the sources are trusted) in MDI-QCC, we extend the framework of MDI-QKD with an untrusted source to MDI-QCC and give the rigorous security analysis of MDI-QCC with an untrusted source. What is more, in the security analysis we clearly provide a rigorous analytical method for parameters' estimation, which with simple modifications can be applied to not only MDI-QKD with an untrusted source but also arbitrary multi-party communication protocol with an untrusted source. The simulation results show that at reasonable distances the asymptotic key rates for the two cases(with trusted and untrusted sources) almost overlap, which indicates the feasibility of our protocol.展开更多
This work investigates the security issue of the energy-constrained untrusted relay network with imperfect channel reciprocity,where the relay without the built-in power supply can only scavenge energy from radio-freq...This work investigates the security issue of the energy-constrained untrusted relay network with imperfect channel reciprocity,where the relay without the built-in power supply can only scavenge energy from radio-frequency signals radiated by the source and destination.A hybrid power-splitting(PS)-and time-switching(TS)-based relaying(HPTR)protocol is presented to improve the degraded secrecy performance due to the incomplete self-interference cancellation at the destination.To evaluate the secrecy throughput(ST)of the studied system,the analytical expression of the secrecy outage probability under the delay-limited transmission mode and the closed-form lower bound of the ergodic secrecy capacity under delay-tolerant transmission mode are derived.Both linear and nonlinear models for the energy harvester at the relay are compared.The optimal PS and TS ratios are evaluated numerically.The theoretical derivations are validated by numerical results,revealing that the residual jamming has a negative effect on the secrecy performance of untrusted relay networks,which can be alleviated by the HPTR protocol.Besides,we compare the ST performance of the HPTR protocol with that of the PS and TS relaying schemes,and the results show that the HPTR protocol outperforms both PS and TS relaying protocols in terms of the ST.展开更多
The most severe problem of a two-way "plug-and-play" (p &: p) quantum key distribution system is that the source can be controlled by the eavesdropper. This kind of source is defined as an "untrusted source". ...The most severe problem of a two-way "plug-and-play" (p &: p) quantum key distribution system is that the source can be controlled by the eavesdropper. This kind of source is defined as an "untrusted source". This paper discusses the effects of the fluctuation of internal transmittance on the final key generation rate and the transmission distance. The security of the standard BB84 protocol, one-decoy state protocol, and weak+vacuum decoy state protocol, with untrusted sources and the fluctuation of internal transmittance are studied. It is shown that the one-decoy state is sensitive to the statistical fluctuation but weak+vacuum decoy state is only slightly affected by the fluctuation. It is also shown that both the maximum secure transmission distance and final key generation rate are reduced when Alice's laboratory transmittance fluctuation is considered.展开更多
In this paper, we proposed the scheme for a passive round-robin differential-phase-shift quantum key distribution(RRDPS-QKD) set-up based on the principle of Hong–Ou–Mandel interference. Our scheme requires two le...In this paper, we proposed the scheme for a passive round-robin differential-phase-shift quantum key distribution(RRDPS-QKD) set-up based on the principle of Hong–Ou–Mandel interference. Our scheme requires two legitimate parties to prepare their signal state with two different non-orthogonal bases instead of single in original protocol. Incorporating this characteristic, we establish the level of security of our protocol under the intercept-resend attack and demonstrate its detector-flaw-immune feature. Furthermore, we show that our scheme not only inherits the merit of better tolerance of bit errors and finite-sized-key effects but can be implemented using hardware similar to the measurement device independent QKD(MDI-QKD). This ensures good compatibility with the current commonly used quantum system.展开更多
Two key issues exist during virtual machine (VM) migration in cloud computing. One is when to start migration, and the other is how to determine a reliable target, both of which totally depend on whether the source ...Two key issues exist during virtual machine (VM) migration in cloud computing. One is when to start migration, and the other is how to determine a reliable target, both of which totally depend on whether the source hypervisor is trusted or not in previous studies. However, once the source hypervisor is not trusted any more, migration will be facing unprecedented challenges. To address the problems, we propose a secure architecture SMIG (secure migration), which defines a new concept of Region Critical TCB and leverages an innovative adjacent integrity measurement (AIM) mechanism. AIM dynamically monitors the integrity of its adjacent hypervisor, and passes the results to the Re- gion Critical TCB, which then determines whether to start migration and where to migrate according to a table named integrity validation table. We have implemented a prototype of SMIG based on the Xen hypervisor. Experimental evaluation result shows that SMIG could detect a malicious hypervisor and start migration to a trusted one rapidly, only incurring a moderate overhead for computing intensive and I/O intensive tasks, and small for others.展开更多
In this paper, we present two forward-secure signature schemes (FSS) with untrusted update. Our constructions use ideas from the work of Abdalla et al. [1] and Kozlov and Reyzin [2] in their forward-secure digital s...In this paper, we present two forward-secure signature schemes (FSS) with untrusted update. Our constructions use ideas from the work of Abdalla et al. [1] and Kozlov and Reyzin [2] in their forward-secure digital signature schemes. Our schemes are proven to be forward-secure based on the hardness of factoring in the random oracle model. Both schemes use the same method to encrypt the private key and are more efficient than Libert scheme [3] without adding any burden to the original forward-secure schemes.展开更多
Measurement-device-independent quantum key distribution(MDI-QKD) is immune to detector side channel attacks, which is a crucial security loophole problem in traditional QKD. In order to relax a key assumption that the...Measurement-device-independent quantum key distribution(MDI-QKD) is immune to detector side channel attacks, which is a crucial security loophole problem in traditional QKD. In order to relax a key assumption that the sources are trusted in MDI-QKD, an MDI-QKD protocol with an untrusted source has been proposed. For the security of MDI-QKD with an untrusted source, imperfections in the practical experiment should also be taken into account. In this paper, we analyze the effects of fluctuations of internal transmittance on the security of a decoy-state MDI-QKD protocol with an untrusted source. Our numerical results show that both the secret key rate and the maximum secure transmission distance decrease when taken fluctuations of internal transmittance into consideration. Especially, they are more sensitive when Charlie's mean photon number per pulse is smaller. Our results emphasize that the stability of correlative optical devices is important for practical implementations.展开更多
Nowadays many devices that make up a computer network are being equipped with security hardware and software features to prevent cyber security attacks. The idea is to distribute security features to intermediate syst...Nowadays many devices that make up a computer network are being equipped with security hardware and software features to prevent cyber security attacks. The idea is to distribute security features to intermediate systems in the network to mitigate the overall adverse effect of cyber attacks. In this paper, we will be focusing on the Juniper J4350 router with the Junos Software Enhanced, and it has security-attack protections in the router. We are going to evaluate how the Juniper router with built-in security protections affected the overall server performance under a cyber security attack.展开更多
The security properties of quantum key distribution(QKD) system are analyzed with the practical light source using decoy state method. The secure key rate with the change of transmission distance is computed under the...The security properties of quantum key distribution(QKD) system are analyzed with the practical light source using decoy state method. The secure key rate with the change of transmission distance is computed under the condition of ideal system, infinite light source system, untrusted light source and passive system. The influence of the fluctuation of transmission rate on the security characteristics of the system is discussed. Our numerical simulation results offer a useful reference for the practical QKD experiment.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.61961024)the Top Double 1000 Talent Programme of Jiangxi Province(Grant No.JXSQ2019201055)+1 种基金the Natural Science Foundation of Jiangxi Province(Grant No.20181BAB202001)the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security(Grant No.AGK201602)。
文摘To further improve the secrecy rate,a joint optimization scheme for the reconfigurable intelligent surface(RIS)phase shift and the power allocation is proposed in the untrusted relay(UR)networks assisted by the RIS.The eavesdropping on the UR is interfered by a source-based jamming strategy.Under the constraints of unit modulus and total power,the RIS phase shift,the power allocation between the confidential signal and the jamming signal,and the power allocation between the source node and the UR are jointly optimized to maximize the secrecy rate.The complex multivariable coupling problem is decomposed into three sub-problems,and the non-convexity of the objective function and the constraints is solved with semi-definite relaxation.Simulation results indicate that the secrecy rate is remarkably enhanced with the proposed scheme compared with the equal power allocation scheme,the random phase shift scheme,and the no-RIS scheme.
基金Supported by the National Natural Science Foundation of China under Grant Nos 61372076 and 61301171the 111 Project under Grant No B08038
文摘Measurement-device-independent quantum key distribution (MDI-QKD) can be immune to all detector side- channel attacks and guarantee the information-theoretical security even with uncharacterized single photon detectors. MDI-QKD has been demonstrated in both laboratories and field-tests by using attenuated lasers combined with the decoy-state technique. However, it is a critical assumption that the sources used by legitimate participants are trusted in MDI-QKD. Hence, it is possible that a potential security risk exists. Here we propose a new scheme of polarization-encoding-based MDI-QKD with a single untrusted source, by which the complexity of the synchronization system can be reduced and the success rate of the Bell-state measurement can be improved. Meanwhile, the decoy-state method is employed to avoid the security issues introduced by a non-ideal single photon source. We also derive a security analysis of the proposed system. In addition, it seems to be a promising candidate for the implementation for QKD network in the near future.
基金Project supported by the National Basic Research Program of China(Grant No.2013CB338002)the National Natural Science Foundation of China(Grant Nos.61505261,61675235,61605248,and 11304397)。
文摘Reference frame independent quantum key distribution(RFI-QKD) allows two legitimate parties to share the common secret keys with the drift of reference frames. In order to reduce the actual requirements of RFI-QKD protocol on light source and make it more suitable for practical applications, this paper gives a specific description of RFI-QKD protocol with an untrusted source and analyzes the practical security of this protocol based on the two-way "plug and play" structure commonly used in practical systems. In addition, we also investigate the performance of RFI-QKD with an untrusted source considering statistical fluctuations based on Chernoff bound. Using simulations, we compare the secret key rate of RFIQKD with an untrusted source to RFI-QKD with trusted source. The results show that the performance of RFI-QKD with an untrusted source is similar to that of RFI-QKD with trusted source, and the finite data size clearly effects the performance of our protocol.
基金Supported by the National Natural Science Foundation of China(No.61101223)
文摘To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor into account. A nonzero-sum game is established to capture the interaction among URs and detection strategies. Secrecy capacity is investigated as game payoff to indicate the untrusted behaviors of the relays. The maximum probabilities of the behaviors of relay and the optimal system detection strategy can be obtained by using the proposed algorithm.
基金supported by the National Basic Research Program of China(Grant No.2013CB338002)the National Natural Science Foundation of China(Grant Nos.11304397 and 61505261)
文摘Measurement-device-independent quantum cryptographic conferencing(MDI-QCC) protocol puts MDI quantum key distribution(MDI-QKD) forwards to multi-party applications, and suggests a significant framework for practical multi-party quantum communication. In order to mitigate the experimental complexity of MDI-QCC and remove the key assumption(the sources are trusted) in MDI-QCC, we extend the framework of MDI-QKD with an untrusted source to MDI-QCC and give the rigorous security analysis of MDI-QCC with an untrusted source. What is more, in the security analysis we clearly provide a rigorous analytical method for parameters' estimation, which with simple modifications can be applied to not only MDI-QKD with an untrusted source but also arbitrary multi-party communication protocol with an untrusted source. The simulation results show that at reasonable distances the asymptotic key rates for the two cases(with trusted and untrusted sources) almost overlap, which indicates the feasibility of our protocol.
基金Special Foundation for Chongqing Science and Technology Talent(cstc2019yszx-jcyj X0006 and cstc2020yszx-jscx X0004)Advanced Research Project of Civil Aerospace Technologies in 13th Five-year Plan(D010201)。
文摘This work investigates the security issue of the energy-constrained untrusted relay network with imperfect channel reciprocity,where the relay without the built-in power supply can only scavenge energy from radio-frequency signals radiated by the source and destination.A hybrid power-splitting(PS)-and time-switching(TS)-based relaying(HPTR)protocol is presented to improve the degraded secrecy performance due to the incomplete self-interference cancellation at the destination.To evaluate the secrecy throughput(ST)of the studied system,the analytical expression of the secrecy outage probability under the delay-limited transmission mode and the closed-form lower bound of the ergodic secrecy capacity under delay-tolerant transmission mode are derived.Both linear and nonlinear models for the energy harvester at the relay are compared.The optimal PS and TS ratios are evaluated numerically.The theoretical derivations are validated by numerical results,revealing that the residual jamming has a negative effect on the secrecy performance of untrusted relay networks,which can be alleviated by the HPTR protocol.Besides,we compare the ST performance of the HPTR protocol with that of the PS and TS relaying schemes,and the results show that the HPTR protocol outperforms both PS and TS relaying protocols in terms of the ST.
基金supported by the National Natural Science Foundation of China (Grant No. 11074072)
文摘The most severe problem of a two-way "plug-and-play" (p &: p) quantum key distribution system is that the source can be controlled by the eavesdropper. This kind of source is defined as an "untrusted source". This paper discusses the effects of the fluctuation of internal transmittance on the final key generation rate and the transmission distance. The security of the standard BB84 protocol, one-decoy state protocol, and weak+vacuum decoy state protocol, with untrusted sources and the fluctuation of internal transmittance are studied. It is shown that the one-decoy state is sensitive to the statistical fluctuation but weak+vacuum decoy state is only slightly affected by the fluctuation. It is also shown that both the maximum secure transmission distance and final key generation rate are reduced when Alice's laboratory transmittance fluctuation is considered.
基金Project supported by the Fund from the State Key Laboratory of Information Photonics and Optical Communications(Beijing University of Posts and Telecommunications)(Grant No.IPOC2017ZT0)
文摘In this paper, we proposed the scheme for a passive round-robin differential-phase-shift quantum key distribution(RRDPS-QKD) set-up based on the principle of Hong–Ou–Mandel interference. Our scheme requires two legitimate parties to prepare their signal state with two different non-orthogonal bases instead of single in original protocol. Incorporating this characteristic, we establish the level of security of our protocol under the intercept-resend attack and demonstrate its detector-flaw-immune feature. Furthermore, we show that our scheme not only inherits the merit of better tolerance of bit errors and finite-sized-key effects but can be implemented using hardware similar to the measurement device independent QKD(MDI-QKD). This ensures good compatibility with the current commonly used quantum system.
基金Acknowledgements The subject was sponsored by the National Science and Technology Major Project (2012ZX01039-004) and the National Natural Science Foundation of China (Grant No. 61305054)
文摘Two key issues exist during virtual machine (VM) migration in cloud computing. One is when to start migration, and the other is how to determine a reliable target, both of which totally depend on whether the source hypervisor is trusted or not in previous studies. However, once the source hypervisor is not trusted any more, migration will be facing unprecedented challenges. To address the problems, we propose a secure architecture SMIG (secure migration), which defines a new concept of Region Critical TCB and leverages an innovative adjacent integrity measurement (AIM) mechanism. AIM dynamically monitors the integrity of its adjacent hypervisor, and passes the results to the Re- gion Critical TCB, which then determines whether to start migration and where to migrate according to a table named integrity validation table. We have implemented a prototype of SMIG based on the Xen hypervisor. Experimental evaluation result shows that SMIG could detect a malicious hypervisor and start migration to a trusted one rapidly, only incurring a moderate overhead for computing intensive and I/O intensive tasks, and small for others.
文摘In this paper, we present two forward-secure signature schemes (FSS) with untrusted update. Our constructions use ideas from the work of Abdalla et al. [1] and Kozlov and Reyzin [2] in their forward-secure digital signature schemes. Our schemes are proven to be forward-secure based on the hardness of factoring in the random oracle model. Both schemes use the same method to encrypt the private key and are more efficient than Libert scheme [3] without adding any burden to the original forward-secure schemes.
基金Supported by the National Basic Research Program of China under Grant No.2013CB338002the National Natural Science Foundation of China under Grant Nos.61505261,61675235,61605248,11304397
文摘Measurement-device-independent quantum key distribution(MDI-QKD) is immune to detector side channel attacks, which is a crucial security loophole problem in traditional QKD. In order to relax a key assumption that the sources are trusted in MDI-QKD, an MDI-QKD protocol with an untrusted source has been proposed. For the security of MDI-QKD with an untrusted source, imperfections in the practical experiment should also be taken into account. In this paper, we analyze the effects of fluctuations of internal transmittance on the security of a decoy-state MDI-QKD protocol with an untrusted source. Our numerical results show that both the secret key rate and the maximum secure transmission distance decrease when taken fluctuations of internal transmittance into consideration. Especially, they are more sensitive when Charlie's mean photon number per pulse is smaller. Our results emphasize that the stability of correlative optical devices is important for practical implementations.
文摘Nowadays many devices that make up a computer network are being equipped with security hardware and software features to prevent cyber security attacks. The idea is to distribute security features to intermediate systems in the network to mitigate the overall adverse effect of cyber attacks. In this paper, we will be focusing on the Juniper J4350 router with the Junos Software Enhanced, and it has security-attack protections in the router. We are going to evaluate how the Juniper router with built-in security protections affected the overall server performance under a cyber security attack.
基金Supported by the National Natural Science Foundation of China under Grant No.61571060Ministry of Science and Technology of China under Grant No.2016YFA0301300
文摘The security properties of quantum key distribution(QKD) system are analyzed with the practical light source using decoy state method. The secure key rate with the change of transmission distance is computed under the condition of ideal system, infinite light source system, untrusted light source and passive system. The influence of the fluctuation of transmission rate on the security characteristics of the system is discussed. Our numerical simulation results offer a useful reference for the practical QKD experiment.
