As the extensive use of cloud computing raises questions about the security of any personal data stored there,cryptography is being used more frequently as a security tool to protect data confidentiality and privacy i...As the extensive use of cloud computing raises questions about the security of any personal data stored there,cryptography is being used more frequently as a security tool to protect data confidentiality and privacy in the cloud environment.A hypervisor is a virtualization software used in cloud hosting to divide and allocate resources on various pieces of hardware.The choice of hypervisor can significantly impact the performance of cryptographic operations in the cloud environment.An important issue that must be carefully examined is that no hypervisor is completely superior in terms of performance;Each hypervisor should be examined to meet specific needs.The main objective of this study is to provide accurate results to compare the performance of Hyper-V and Kernel-based Virtual Machine(KVM)while implementing different cryptographic algorithms to guide cloud service providers and end users in choosing the most suitable hypervisor for their cryptographic needs.This study evaluated the efficiency of two hypervisors,Hyper-V and KVM,in implementing six cryptographic algorithms:Rivest,Shamir,Adleman(RSA),Advanced Encryption Standard(AES),Triple Data Encryption Standard(TripleDES),Carlisle Adams and Stafford Tavares(CAST-128),BLOWFISH,and TwoFish.The study’s findings show that KVM outperforms Hyper-V,with 12.2%less Central Processing Unit(CPU)use and 12.95%less time overall for encryption and decryption operations with various file sizes.The study’s findings emphasize how crucial it is to pick a hypervisor that is appropriate for cryptographic needs in a cloud environment,which could assist both cloud service providers and end users.Future research may focus more on how various hypervisors perform while handling cryptographic workloads.展开更多
The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algo...The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algorithm, the data transfer system with the cryptographic algorithm library has many remarkable advantages in algorithm rebuilding and optimization,easily adding and deleting algorithm, and improving the security power over the traditional algorithm. The user can choose any one in all algorithms with the method against any attack because the cryptographic algorithm library is extensible.展开更多
When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models ...When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models use formalized approach to describe the frame of cryptology and the structure of cryptographic function, complete the mapping from cryptographic function property to its architecture, and accomplish the result presentation of data analysis and mapping at last. The model can solve two problems: the first one is to know the hierarchy of the cryptographic function in the library well;the second one is to know some kinds of information, such as related cryptology algorithm and protocol, etc. These function implements can display the result graphically. The model can find relevant knowledge for the analysts automatically and rapidly, which is helpful to the learning of the overall abstract structure of cryptology.展开更多
目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延...目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延迟门限实现方案.此外,我们引入了Changing of the Guards技术来避免防护方案在执行过程中需要额外随机数.对于防护方案的安全性,我们用自动化评估工具SILVER验证了S盒的毛刺探测安全性,并用泄露评估技术TVLA(Test Vector Leakage Assessment)验证了防护方案的整个电路的安全性.最后,我们用Design Compiler工具对防护方案的性能消耗情况进行了评估.评估结果显示,与序列化实现方式的uBlock防护方案相比,我们的防护方案的延迟能够减少约95%.展开更多
无线通信网络对行业用户的安全保卫、突发事件处置、日常业务开展等方面的通信保障起着十分重要的作用,但现有无线通信网络存在通信体制繁杂、集群调度能力弱、安全性低等不足,已无法满足业务发展需求。针对现有无线通信网络痛点,充分...无线通信网络对行业用户的安全保卫、突发事件处置、日常业务开展等方面的通信保障起着十分重要的作用,但现有无线通信网络存在通信体制繁杂、集群调度能力弱、安全性低等不足,已无法满足业务发展需求。针对现有无线通信网络痛点,充分考虑未来发展要求,结合用户安全及使用需求,采用国产警用数字集群(Police Digital Trunking,PDT)通信体制、国密算法和加密标准,为行业用户构建无线通信专网。通过对专网通信体制、安全保密体系架构、技术路线等的研究,对专网进行了总体设计,并提出了实现途径。展开更多
Being as unique nonlinear components of block ciphers,substitution boxes(S-boxes) directly affect the security of the cryptographic systems.It is important and difficult to design cryptographically strong S-boxes th...Being as unique nonlinear components of block ciphers,substitution boxes(S-boxes) directly affect the security of the cryptographic systems.It is important and difficult to design cryptographically strong S-boxes that simultaneously meet with multiple cryptographic criteria such as bijection,non-linearity,strict avalanche criterion(SAC),bits independence criterion(BIC),differential probability(DP) and linear probability(LP).To deal with this problem,a chaotic S-box based on the artificial bee colony algorithm(CSABC) is designed.It uses the S-boxes generated by the six-dimensional compound hyperchaotic map as the initial individuals and employs ABC to improve their performance.In addition,it considers the nonlinearity and differential uniformity as the fitness functions.A series of experiments have been conducted to compare multiple cryptographic criteria of this algorithm with other algorithms.Simulation results show that the new algorithm has cryptographically strong S-box while meeting multiple cryptographic criteria.展开更多
文摘As the extensive use of cloud computing raises questions about the security of any personal data stored there,cryptography is being used more frequently as a security tool to protect data confidentiality and privacy in the cloud environment.A hypervisor is a virtualization software used in cloud hosting to divide and allocate resources on various pieces of hardware.The choice of hypervisor can significantly impact the performance of cryptographic operations in the cloud environment.An important issue that must be carefully examined is that no hypervisor is completely superior in terms of performance;Each hypervisor should be examined to meet specific needs.The main objective of this study is to provide accurate results to compare the performance of Hyper-V and Kernel-based Virtual Machine(KVM)while implementing different cryptographic algorithms to guide cloud service providers and end users in choosing the most suitable hypervisor for their cryptographic needs.This study evaluated the efficiency of two hypervisors,Hyper-V and KVM,in implementing six cryptographic algorithms:Rivest,Shamir,Adleman(RSA),Advanced Encryption Standard(AES),Triple Data Encryption Standard(TripleDES),Carlisle Adams and Stafford Tavares(CAST-128),BLOWFISH,and TwoFish.The study’s findings show that KVM outperforms Hyper-V,with 12.2%less Central Processing Unit(CPU)use and 12.95%less time overall for encryption and decryption operations with various file sizes.The study’s findings emphasize how crucial it is to pick a hypervisor that is appropriate for cryptographic needs in a cloud environment,which could assist both cloud service providers and end users.Future research may focus more on how various hypervisors perform while handling cryptographic workloads.
文摘The variety of encryption mechanism and algorithms which were conventionally used have some limitations.The kernel operator library based on Cryptographic algorithm is put forward. Owing to the impenetrability of algorithm, the data transfer system with the cryptographic algorithm library has many remarkable advantages in algorithm rebuilding and optimization,easily adding and deleting algorithm, and improving the security power over the traditional algorithm. The user can choose any one in all algorithms with the method against any attack because the cryptographic algorithm library is extensible.
文摘When doing reverse analysis of program’s binary codes, it is often to encounter the function of cryptographic library. In order to reduce workload, a cryptographic library model has been designed by analysts. Models use formalized approach to describe the frame of cryptology and the structure of cryptographic function, complete the mapping from cryptographic function property to its architecture, and accomplish the result presentation of data analysis and mapping at last. The model can solve two problems: the first one is to know the hierarchy of the cryptographic function in the library well;the second one is to know some kinds of information, such as related cryptology algorithm and protocol, etc. These function implements can display the result graphically. The model can find relevant knowledge for the analysts automatically and rapidly, which is helpful to the learning of the overall abstract structure of cryptology.
文摘目前已有文献给出了uBlock分组密码算法的侧信道防护方案,但是这些方案不仅延迟较高,难以适用于低延迟高吞吐场景,而且在毛刺探测模型下缺乏可证明安全性.针对这一问题,本文给出了在毛刺探测模型下具有可证明安全性的uBlock算法的低延迟门限实现方案.此外,我们引入了Changing of the Guards技术来避免防护方案在执行过程中需要额外随机数.对于防护方案的安全性,我们用自动化评估工具SILVER验证了S盒的毛刺探测安全性,并用泄露评估技术TVLA(Test Vector Leakage Assessment)验证了防护方案的整个电路的安全性.最后,我们用Design Compiler工具对防护方案的性能消耗情况进行了评估.评估结果显示,与序列化实现方式的uBlock防护方案相比,我们的防护方案的延迟能够减少约95%.
文摘无线通信网络对行业用户的安全保卫、突发事件处置、日常业务开展等方面的通信保障起着十分重要的作用,但现有无线通信网络存在通信体制繁杂、集群调度能力弱、安全性低等不足,已无法满足业务发展需求。针对现有无线通信网络痛点,充分考虑未来发展要求,结合用户安全及使用需求,采用国产警用数字集群(Police Digital Trunking,PDT)通信体制、国密算法和加密标准,为行业用户构建无线通信专网。通过对专网通信体制、安全保密体系架构、技术路线等的研究,对专网进行了总体设计,并提出了实现途径。
基金supported by the National Natural Science Foundation of China(6060309260975042)
文摘Being as unique nonlinear components of block ciphers,substitution boxes(S-boxes) directly affect the security of the cryptographic systems.It is important and difficult to design cryptographically strong S-boxes that simultaneously meet with multiple cryptographic criteria such as bijection,non-linearity,strict avalanche criterion(SAC),bits independence criterion(BIC),differential probability(DP) and linear probability(LP).To deal with this problem,a chaotic S-box based on the artificial bee colony algorithm(CSABC) is designed.It uses the S-boxes generated by the six-dimensional compound hyperchaotic map as the initial individuals and employs ABC to improve their performance.In addition,it considers the nonlinearity and differential uniformity as the fitness functions.A series of experiments have been conducted to compare multiple cryptographic criteria of this algorithm with other algorithms.Simulation results show that the new algorithm has cryptographically strong S-box while meeting multiple cryptographic criteria.