Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here...Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.展开更多
This paper proposes a scheme for secure authentication of classical messages with single photons and a hashed function. The security analysis of this scheme is also given, which shows that anyone cannot forge valid me...This paper proposes a scheme for secure authentication of classical messages with single photons and a hashed function. The security analysis of this scheme is also given, which shows that anyone cannot forge valid message authentication codes (MACs). In addition, the lengths of the authentication key and the MACs are invariable and shorter, in comparison with those presented authentication schemes. Moreover, quantum data storage and entanglement are not required in this scheme. Therefore, this scheme is more efficient and economical.展开更多
A novel video data authentication model based on digital video watermarking and MAC (message authentication code) in multicast protocol is proposed in this paper, The digital watermarking which composes of the MAC o...A novel video data authentication model based on digital video watermarking and MAC (message authentication code) in multicast protocol is proposed in this paper, The digital watermarking which composes of the MAC of the significant vid eo content, the key and instant authentication data is embedded into the insignificant video component by the MLUT (modified look-up table) video watermarking technology. We explain a method that does not require storage of each data packet for a time, thus making receiver not vulnerable to DOS (denial of service) attack. So the video packets can be authenticated instantly without large volume buffer in the receivers. TESLA (timed efficient stream loss tolerant authentication) does not explain how to select the suitable value for d, which is an important parameter in multicast source authentication. So we give a method to calculate the key disclosure delay (number of intervals). Simulation results show that the proposed algorithms improve the performance of data source authentication in multicast.展开更多
A wireless sensor network (WSN) commonly whilst a body sensor network (BSN) must be secured with requires lower level security for public information gathering, strong authenticity to protect personal health infor...A wireless sensor network (WSN) commonly whilst a body sensor network (BSN) must be secured with requires lower level security for public information gathering, strong authenticity to protect personal health information. In this paper, some practical problems with the message authentication codes (MACs), which were proposed in the popular security architectures for WSNs, are reconsidered. The analysis shows that the recommended MACs for WSNs, e.g., CBC- MAC (TinySec), OCB-MAC (MiniSec), and XCBC-MAC (SenSee), might not be exactly suitable for BSNs. Particularly an existential forgery attack is elaborated on XCBC-MAC. Considering the hardware limitations of BSNs, we propose a new family of tunable lightweight MAC based on the PRESENT block cipher. The first scheme, which is named TukP, is a new lightweight MAC with 64-bit output range. The second scheme, which is named TuLP-128, is a 128-bit variant which provides a higher resistance against internal collisions. Compared with the existing schemes, our lightweight MACs are both time and resource efficient on hardware-constrained devices.展开更多
Wireless Network security management is difficult because of the ever-increasing number of wireless network malfunctions,vulnerabilities,and assaults.Complex security systems,such as Intrusion Detection Systems(IDS),a...Wireless Network security management is difficult because of the ever-increasing number of wireless network malfunctions,vulnerabilities,and assaults.Complex security systems,such as Intrusion Detection Systems(IDS),are essential due to the limitations of simpler security measures,such as cryptography and firewalls.Due to their compact nature and low energy reserves,wireless networks present a significant challenge for security procedures.The features of small cells can cause threats to the network.Network Coding(NC)enabled small cells are vulnerable to various types of attacks.Avoiding attacks and performing secure“peer”to“peer”data transmission is a challenging task in small cells.Due to the low power and memory requirements of the proposed model,it is well suited to use with constrained small cells.An attacker cannot change the contents of data and generate a new Hashed Homomorphic Message Authentication Code(HHMAC)hash between transmissions since the HMAC function is generated using the shared secret.In this research,a chaotic sequence mapping based low overhead 1D Improved Logistic Map is used to secure“peer”to“peer”data transmission model using lightweight H-MAC(1D-LM-P2P-LHHMAC)is proposed with accurate intrusion detection.The proposed model is evaluated with the traditional models by considering various evaluation metrics like Vector Set Generation Accuracy Levels,Key Pair Generation Time Levels,Chaotic Map Accuracy Levels,Intrusion Detection Accuracy Levels,and the results represent that the proposed model performance in chaotic map accuracy level is 98%and intrusion detection is 98.2%.The proposed model is compared with the traditional models and the results represent that the proposed model secure data transmission levels are high.展开更多
Civil receivers of Global Navigation Satellite System (GNSS) are vulnerable to spoofing and jamming attacks due to their signal structures. The Spreading Code Authentication (SCA) technique is one of the GNSS message ...Civil receivers of Global Navigation Satellite System (GNSS) are vulnerable to spoofing and jamming attacks due to their signal structures. The Spreading Code Authentication (SCA) technique is one of the GNSS message encryption identity authentication techniques. Its robustness and complexity are in between Navigation Message Authentication (NMA) and Navigation Message Encryption (NME)/Spreading Code Encryption (SCE). A commonly used spreading code authentication technique inserts unpredictable chips into the public spreading code. This method changes the signal structure, degrades the correlation of the spreading code, and causes performance loss. This paper proposes a binary phase hopping based spreading code authentication technique, which can achieve identity authentication without changing the existing signal structure. Analysis shows that this method can reduce the performance loss of the original signal and has good compatibility with the existing receiver architecture.展开更多
基金supported in part by the Joint Foundation of National Natural Science Committee of China and Civil Aviation Administration of China under Grant U1933108in part by the Scientific Research Project of Tianjin Municipal Education Commission under Grant 2019KJ117.
文摘Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.
基金supported by the National Natural Science Foundation of China (Grant Nos 60873191 and 60821001)the Specialized Research Fund for the Doctoral Program of Higher Education (Grant No 200800131016)+5 种基金Beijing Nova Program (Grant No2008B51)Key Project of the Chinese Ministry of Education (Grant No 109014)the Natural Science Foundation of Beijing (Grant No 4072020)the National Laboratory for Modern Communications Science Foundation of China (Grant No 9140C1101010601)the Natural Science Foundation of Education Bureau of Henan Province (Grant No 2008B120005)the Youth Foundation of Luoyang Normal University
文摘This paper proposes a scheme for secure authentication of classical messages with single photons and a hashed function. The security analysis of this scheme is also given, which shows that anyone cannot forge valid message authentication codes (MACs). In addition, the lengths of the authentication key and the MACs are invariable and shorter, in comparison with those presented authentication schemes. Moreover, quantum data storage and entanglement are not required in this scheme. Therefore, this scheme is more efficient and economical.
基金Supported bythe National Natural Science Foundationof China (60175001)
文摘A novel video data authentication model based on digital video watermarking and MAC (message authentication code) in multicast protocol is proposed in this paper, The digital watermarking which composes of the MAC of the significant vid eo content, the key and instant authentication data is embedded into the insignificant video component by the MLUT (modified look-up table) video watermarking technology. We explain a method that does not require storage of each data packet for a time, thus making receiver not vulnerable to DOS (denial of service) attack. So the video packets can be authenticated instantly without large volume buffer in the receivers. TESLA (timed efficient stream loss tolerant authentication) does not explain how to select the suitable value for d, which is an important parameter in multicast source authentication. So we give a method to calculate the key disclosure delay (number of intervals). Simulation results show that the proposed algorithms improve the performance of data source authentication in multicast.
基金supported by the National Foundation of Netherlands with SenterNovem for the ALwEN project under Grant No.PNE07007the National Natural Science Foundation of China under Grant Nos.61100201,U1135004,and 61170080+3 种基金the Universities and Colleges Pearl River Scholar Funded Scheme of Guangdong Province of China(2011)the High-Level Talents Project of Guangdong Institutions of Higher Education of China(2012)the Project on the Integration of Industry,Education and Research of Guangdong Province of China under Grant No.2012B091000035the Project of Science and Technology New Star of Guangzhou Pearl River of China(2014)
文摘A wireless sensor network (WSN) commonly whilst a body sensor network (BSN) must be secured with requires lower level security for public information gathering, strong authenticity to protect personal health information. In this paper, some practical problems with the message authentication codes (MACs), which were proposed in the popular security architectures for WSNs, are reconsidered. The analysis shows that the recommended MACs for WSNs, e.g., CBC- MAC (TinySec), OCB-MAC (MiniSec), and XCBC-MAC (SenSee), might not be exactly suitable for BSNs. Particularly an existential forgery attack is elaborated on XCBC-MAC. Considering the hardware limitations of BSNs, we propose a new family of tunable lightweight MAC based on the PRESENT block cipher. The first scheme, which is named TukP, is a new lightweight MAC with 64-bit output range. The second scheme, which is named TuLP-128, is a 128-bit variant which provides a higher resistance against internal collisions. Compared with the existing schemes, our lightweight MACs are both time and resource efficient on hardware-constrained devices.
文摘Wireless Network security management is difficult because of the ever-increasing number of wireless network malfunctions,vulnerabilities,and assaults.Complex security systems,such as Intrusion Detection Systems(IDS),are essential due to the limitations of simpler security measures,such as cryptography and firewalls.Due to their compact nature and low energy reserves,wireless networks present a significant challenge for security procedures.The features of small cells can cause threats to the network.Network Coding(NC)enabled small cells are vulnerable to various types of attacks.Avoiding attacks and performing secure“peer”to“peer”data transmission is a challenging task in small cells.Due to the low power and memory requirements of the proposed model,it is well suited to use with constrained small cells.An attacker cannot change the contents of data and generate a new Hashed Homomorphic Message Authentication Code(HHMAC)hash between transmissions since the HMAC function is generated using the shared secret.In this research,a chaotic sequence mapping based low overhead 1D Improved Logistic Map is used to secure“peer”to“peer”data transmission model using lightweight H-MAC(1D-LM-P2P-LHHMAC)is proposed with accurate intrusion detection.The proposed model is evaluated with the traditional models by considering various evaluation metrics like Vector Set Generation Accuracy Levels,Key Pair Generation Time Levels,Chaotic Map Accuracy Levels,Intrusion Detection Accuracy Levels,and the results represent that the proposed model performance in chaotic map accuracy level is 98%and intrusion detection is 98.2%.The proposed model is compared with the traditional models and the results represent that the proposed model secure data transmission levels are high.
基金Key-Area Research and Development Program of Guangdong Province(Grant No.2019B010158001).
文摘Civil receivers of Global Navigation Satellite System (GNSS) are vulnerable to spoofing and jamming attacks due to their signal structures. The Spreading Code Authentication (SCA) technique is one of the GNSS message encryption identity authentication techniques. Its robustness and complexity are in between Navigation Message Authentication (NMA) and Navigation Message Encryption (NME)/Spreading Code Encryption (SCE). A commonly used spreading code authentication technique inserts unpredictable chips into the public spreading code. This method changes the signal structure, degrades the correlation of the spreading code, and causes performance loss. This paper proposes a binary phase hopping based spreading code authentication technique, which can achieve identity authentication without changing the existing signal structure. Analysis shows that this method can reduce the performance loss of the original signal and has good compatibility with the existing receiver architecture.
