A Holistic Secure Communication Mechanism Using a Multilayered Cryptographic Protocol to Enhanced Security

In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.

Game-Based Automated Security Proofs for Cryptographic Protocols

Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof framework with sequences of games.We make slight modifications to Blanchet's calculus to make it easy for parsing the initial game.The main contribution of this work is that it introduces algebraic properties with observational equivalences to automatic security proofs,and thus can deal with some practical cryptographic schemes with hard problems.We illustrate the use of algebraic properties in the framework by proving the semantic security of the ElGamal encryption scheme.

C3SM: Information Assurance Based on Cryptographic Checksum with Clustering Security Management Protocol

Wireless Sensor Networks (WSNs) are resource-constrained networks in which sensor nodes operate in an aggressive and uncontrolled environment and interact with sensitive data. Traffic aggregated by sensor nodes is susceptible to attacks and, due to the nature of WSNs, security mechanisms used in wired networks and other types of wireless networks are not suitable for WSNs. In this paper, we propose a mechanism to assure information security against security attacks and particularly node capturing attacks. We propose a cluster security management protocol, called Cryptographic Checksum Clustering Security Management (C3SM), to provide an efficient decentralized security management for hierarchal networks. In C3SM, every cluster selects dynamically and alternately a node as a cluster security manager (CSM) which distributes a periodic shared secrete key for all nodes in the cluster. The cluster head, then, authenticates identity of the nodes and derive a unique pairwise key for each node in the cluster. C3SM provides sufficient security regardless how many nodes are compromised, and achieves high connectivity with low memory cost and low energy consumption. Compared to existing protocols, our protocol provides stronger resilience against node capture with lower key storage overhead.

A Partially Non-Cryptographic Security Routing Protocol in Mobile Ad Hoc Networks

In this paper, we propose a partially non-cryptographic security routing protocol （PNCSR） that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn＇t utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.

An Improved Grid Security Infrastructure by Trusted Computing

Current delegation mechanism of grid security infrastructure （GSI） can＇t satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.

A Security Kernel Architecture Based Trusted Computing Platform

A security kernel architeclrne built on trusted computing platform in thelight of thinking about trusted computing is presented According to this architecture, a newsecurity module TCB (Trusted Computing Base) is added to the operation system kerneland twooperation interface modes are provided for the sake of self-protection. The security kernel isdivided into two parts and trusted mechanism Is separated from security functionality. Ihe TCBmodule implements the trusted mechanism such as measurement and attestation, while the othercomponents of security kernel provide security functionality based on these mechanisms. Thisarchitecture takes full advantage of functions provided by trusted platform and clearly defines thesecurity perimeter of TCB so as to assure stlf-securily from architcetmal vision. We also presentfunction description of TCB and discuss the strengths and limitations comparing with other relatedresearches.

Security Communication Model of Wireless Trade System

This paper proposes a C/S system model for K-Java and PDA named Net-Wireless.It is a discussion and proposal on information security and solutions for R-Java handsets and PDAsin wireless network. It also explains the scheme which between client security module and serversecurity module. Also, We have developed a Security Server and a K-Java encryption module fore-commerce system and other trade systems.

Corporate Intranet Security: Packet-Level Protocols for Preventing Leakage of Sensitive Information and Assuring Authorized Network Traffic

Securing large corporate communication networks has become an increasingly difficult task. Sensitive information routinely leaves the company network boundaries and falls into the hands of unauthorized users. New techniques are required in order to classify packets based on user identity in addition to the traditional source and destination host addresses. This paper introduces Gaussian cryptographic techniques and protocols to assist network administrators in the complex task of identifying the originators of data packets on a network and more easily policing their behavior. The paper provides numerical examples that illustrate certain basic ideas.

Two-dimensional directional modulation with dual-mode vortex beam for security transmission

A two-dimensional directional modulation(DM)technology with dual-mode orbital angular momentum(OAM)beam is proposed for physical-layer security of the relay unmanned aerial vehicle(UAV)tracking transmission.The elevation and azimuth of the vortex beam are modulated into the constellation.which can form the digital waveform with the encoding modulation.Since the signal is direction-dependent,the modulated waveform is purposely distorted in other directions to offer a security technology.Two concentric uniform circular arrays(UCAs)with different radii are excited to generate dual vortex beams with orthogonality for the composite signal,which can increase the demodulation difficulty.Due to the phase propagation characteristics of vortex beam,the constellation at the desired azimuth angle will change continuously within a wavelength.A desired single antenna receiver can use the propagation phase compensation and an opposite helical phase factor for the signal demodulation in the desired direction.Simulations show that the proposed OAM-DM scheme offers a security approach with direction sensitivity transmission.

Physical Layer Security for MmWave Communications:Challenges and Solutions

The mmWave communication is a promising technique to enable human commutation and a large number of machine-type commu⁃nications of massive data from various non-cellphone devices like Internet of Things(IoT)devices,autonomous vehicles and remotely con⁃trolled robots.For this reason,information security,in terms of the confidentiality,integrity and availability(CIA),becomes more important in the mmWave communication than ever since.The physical layer security(PLS),which is based on the information theory and focuses on the secrecy capacity of the wiretap channel model,is a cost effective and scalable technique to protect the CIA,compared with the traditional cryptographic techniques.In this paper,the theory foundation of PLS is briefly introduced together with the typical PLS performance metrics secrecy rate and outage probability.Then,the most typical PLS techniques for mmWave are introduced,analyzed and compared,which are classified into three major categories of directional modulation(DM),artificial noise(AN),and directional precoding(DPC).Finally,several mmWave PLS research problems are briefly discussed,including the low-complexity DM weight vector codebook construction,impact of phase shifter(PS)with finite precision on PLS,and DM-based communications for multiple target receivers.

Implementation of an Efficient Light Weight Security Algorithm for Energy-Constrained Wireless Sensor Nodes

In-network data aggregation is severely affected due to information in transmits attack. This is an important problem since wireless sensor networks (WSN) are highly vulnerable to node compromises due to this attack. As a result, large error in the aggregate computed at the base station due to false sub aggregate values contributed by compromised nodes. When falsified event messages forwarded through intermediate nodes lead to wastage of their limited energy too. Since wireless sensor nodes are battery operated, it has low computational power and energy. In view of this, the algorithms designed for wireless sensor nodes should be such that, they extend the lifetime, use less computation and enhance security so as to enhance the network life time. This article presents Vernam Cipher cryptographic technique based data compression algorithm using huff man source coding scheme in order to enhance security and lifetime of the energy constrained wireless sensor nodes. In addition, this scheme is evaluated by using different processor based sensor node implementations and the results are compared against to other existing schemes. In particular, we present a secure light weight algorithm for the wireless sensor nodes which are consuming less energy for its operation. Using this, the entropy improvement is achieved to a greater extend.

Algebra model and security analysis for cryptographic protocols

More and more cryptographic protocols have been used to achieve various security requirements of distributed systems in the open network environment. However cryptographic protocols are very difficult to design and analyze due to the complexity of the cryptographic protocol execution, and a large number of problems are unsolved that range from the theory framework to the concrete analysis technique. In this paper, we build a new algebra called cryptographic protocol algebra (CPA) for describing the message operations with many cryptographic primitives, and proposed a new algebra model for cryptographic protocols based on the CPA. In the model, expanding processes of the participants knowledge on the protocol runs are characterized with some algebraic notions such as subalgebra, free generator and polynomial algebra, and attack processes are modeled with a new notion similar to that of the exact sequence used in homological algebra. Then we develope a mathematical approach to the cryptographic protocol security analysis. By using algebraic techniques, we have shown that for those cryptographic protocols with some symmetric properties, the execution space generated by an arbitrary number of participants may boil down to a smaller space generated by several honest participants and attackers. Furthermore we discuss the composability problem of cryptographic protocols and give a sufficient condition under which the protocol composed of two correct cryptographic protocols is still correct, and we finally offer a counterexample to show that the statement may not be true when the condition is not met.

Cryptographic protocol security analysis based on bounded constructing algorithm

An efficient approach to analyzing cryptographic protocols is to develop automatic analysis tools based on formal methods. However, the approach has encountered the high computational complexity problem due to reasons that participants of protocols are arbitrary, their message concurrent. We propose an efficient structures are complex and their executions are automatic verifying algorithm for analyzing cryptographic protocols based on the Cryptographic Protocol Algebra （CPA） model proposed recently, in which algebraic techniques are used to simplify the description of cryptographic protocols and their executions. Redundant states generated in the analysis processes are much reduced by introducing a new algebraic technique called Universal Polynomial Equation and the algorithm can be used to verify the correctness of protocols in the infinite states space. We have implemented an efficient automatic analysis tool for cryptographic protocols, called ACT-SPA, based on this algorithm, and used the tool to check more than 20 cryptographic protocols. The analysis results show that this tool is more efficient, and an attack instance not offered previously is checked by using this tool.

An FPGA Implementation of GF(p) Elliptic Curve Cryptographic Coprocessor

A GF(p) elliptic curve cryptographic coprocessor is proposed and implemented on Field Programmable Gate Array (FPGA). The focus of the coprocessor is on the most critical, complicated and time-consuming point multiplications. The technique of coordinates conversion and fast multiplication algorithm of two large integers are utilized to avoid frequent inversions and to accelerate the field multiplications used in point multiplications. The characteristic of hardware parallelism is considered in the implementation of point multiplications. The coprocessor implemented on XILINX XC2V3000 computes a point multiplication for an arbitrary point on a curve defined over GF(2192?264?1) with the frequency of 10 MHz in 4.40 ms in the average case and 5.74 ms in the worst case. At the same circumstance, the coprocessor implemented on XILINX XC2V4000 takes 2.2 ms in the average case and 2.88 ms in the worst case.

All-Optical Cryptographic Device for Secure Communication

An all-optical cryptographic device for secure communication, based on the properties of soliton beams, is presented. It can encode a given bit stream of optical pulses, changing their phase and their amplitude as a function of an encryption serial key that merge with the data stream, generating a ciphered stream. The greatest advantage of the device is real-time encrypting – data can be transmitted at the original speed without slowing down.

术前调强放疗联合新辅助治疗可切除局部晚期食管鳞状细胞癌的疗效分析

目的探讨调强放疗(IMRT)联合特瑞普利单抗和铂类方案治疗可切除局部晚期食管鳞状细胞癌(ESCC)的疗效与安全性。方法收集2019年12月—2022年11月在厦门大学附属中山医院接受新辅助治疗的局部晚期ESCC患者120例,根据治疗方法的不同将120例ESCC患者分为对照组(n=60)和观察组(n=60)。对照组接受特瑞普利单抗联合紫衫醇和卡铂治疗,观察组在此基础上应用IMRT治疗。治疗后评价是否可进行手术,比较两组的R0切除率、病理完全缓解(pCR)率、主要病理反应(MPR)率、客观缓解率(ORR)及疾病控制率(DCR)。观察两组围术期相关指标,术后随访24个月比较两组远期疗效及安全性。结果两组患者的新辅助治疗完成率均达100%,观察组的R0切除率为91.67%,pCR率为40.00%,MPR率为61.67%,ORR为86.67%,DCR为96.67%,均显著高于对照组(P<0.05)。两组在手术时间、术中出血量及术后并发症方面比较差异无统计学意义(P>0.05)。随访24个月后,两组的无进展生存率和总生存率比较差异无统计学意义(P>0.05)。两组患者发生贫血、恶心、呕吐、白细胞减少等不良反应情况比较差异无统计学意义(P>0.05)。结论IMRT联合特瑞普利单抗加紫杉醇加卡铂的新辅助治疗模式可提高局部晚期可切除ESCC的临床疗效,且安全性良好。

基于后量子密码算法的安全SoC芯片设计

后量子密码算法已经成为当前安全领域的研究热点。本文通过对NIST后量子密码算法竞赛候选的Saber算法进行研究,提出一种基于后量子密码算法的安全SoC芯片设计方案。该方案首先分析算法的硬件架构,优化矩阵运算和数值拼接等操作提升硬件效率,采用二次验证方式加强算法解密过程的安全性;然后,设计Hash随机数拓展生成模块、加解密模块和数据存储器以及随机数种子生成器,完成Saber算法的硬件IP核;其次,在RISC V处理器、总线和接口电路的基础上,结合时钟门控技术降低功耗,设计基于后量子密码算法的安全SoC芯片。实验结果表明,所设计的安全SoC芯片面积为2.6 mm^(2),等效逻辑门数为90k,芯片内核面积占比为75.2%,PAD面积占比为24.8%,芯片功耗为9.467 mW。

OFDM with Generalized Cascade Index Modulation for Secure Communications

Cascade index modulation(CIM) is a recently proposed improvement of orthogonal frequency division multiplexing with index modulation(OFDM-IM) and achieves better error performance.In CIM, at least two different IM operations construct a super IM operation or achieve new functionality. First, we propose a OFDM with generalized CIM(OFDM-GCIM) scheme to achieve a joint IM of subcarrier selection and multiple-mode(MM)permutations by using a multilevel digital algorithm.Then, two schemes, called double CIM(D-CIM) and multiple-layer CIM(M-CIM), are proposed for secure communication, which combine new IM operation for disrupting the original order of bits and symbols with conventional OFDM-IM, to protect the legitimate users from eavesdropping in the wireless communications. A subcarrier-wise maximum likelihood(ML) detector and a low complexity log-likelihood ratio(LLR) detector are proposed for the legitimate users. A tight upper bound on the bit error rate(BER) of the proposed OFDM-GCIM, D-CIM and MCIM at the legitimate users are derived in closed form by employing the ML criteria detection. Computer simulations and numerical results show that the proposed OFDM-GCIM achieves superior error performance than OFDM-IM, and the error performance at the eavesdroppers demonstrates the security of D-CIM and M-CIM.

基于半导体桥和含能材料的信息储存介质自毁模块研究

针对高安全等级信息储存介质硬件层面的防护,开展了基于半导体桥(SCB)和含能材料的低驱动能量自毁模块的研究.建立了SCB等离子体发火、能量传递、含能材料点火的数学模型并完成了理论计算,利用COMSOL搭建SCB多物理场仿真模型并校核其性能,搭建了试验平台并进行SCB与含能材料发火性能测试的试验.仿真和试验结果表明:含能自毁模块具有优良的发火性能,能在5 V充电电压的激励下,起爆SCB桥区并使桥区温度能在18μs内达到2700 K,从而激发0.43 mg叠氮化铜在50μs内起爆产生爆轰波.含能自毁模块能够完成能量的传递并摧毁目标信息储存介质,有效避免信息储存介质关键信息被窃取,保证了信息储存介质的安全性.