Chaotic Map-Based Authentication and Key Agreement Protocol with Low-Latency for Metasystem

With the rapid advancement in exploring perceptual interactions and digital twins,metaverse technology has emerged to transcend the constraints of space-time and reality,facilitating remote AI-based collaboration.In this dynamic metasystem environment,frequent information exchanges necessitate robust security measures,with Authentication and Key Agreement(AKA)serving as the primary line of defense to ensure communication security.However,traditional AKA protocols fall short in meeting the low-latency requirements essential for synchronous interactions within the metaverse.To address this challenge and enable nearly latency-free interactions,a novel low-latency AKA protocol based on chaotic maps is proposed.This protocol not only ensures mutual authentication of entities within the metasystem but also generates secure session keys.The security of these session keys is rigorously validated through formal proofs,formal verification,and informal proofs.When confronted with the Dolev-Yao(DY)threat model,the session keys are formally demonstrated to be secure under the Real-or-Random(ROR)model.The proposed protocol is further validated through simulations conducted using VMware workstation compiled in HLPSL language and C language.The simulation results affirm the protocol’s effectiveness in resisting well-known attacks while achieving the desired low latency for optimal metaverse interactions.

Cautionary Remarks When Testing Agreement between Two Raters for Continuous Scale Measurements: A Tutorial in Clinical Epidemiology with Implementation Using R

Background: When continuous scale measurements are available, agreements between two measuring devices are assessed both graphically and analytically. In clinical investigations, Bland and Altman proposed plotting subject-wise differences between raters against subject-wise averages. In order to scientifically assess agreement, Bartko recommended combining the graphical approach with the statistical analytic procedure suggested by Bradley and Blackwood. The advantage of using this approach is that it enables significance testing and sample size estimation. We noted that the direct use of the results of the regression is misleading and we provide a correction in this regard. Methods: Graphical and linear models are used to assess agreements for continuous scale measurements. We demonstrate that software linear regression results should not be readily used and we provided correct analytic procedures. The degrees of freedom of the F-statistics are incorrectly reported, and we propose methods to overcome this problem by introducing the correct analytic form of the F statistic. Methods for sample size estimation using R-functions are also given. Results: We believe that the tutorial and the R-codes are useful tools for testing and estimating agreement between two rating protocols for continuous scale measurements. The interested reader may use the codes and apply them to their available data when the issue of agreement between two raters is the subject of interest.

Improved quantum key agreement protocol with authentication

In order to make the quantum key agreement process immune to participant attacks, it is necessary to introduce the authentication in the communication process. A quantum key agreement protocol with identity authentication that exploits the measurement correlation of six-particle entangled states is proposed. In contrast to some recently proposed quantum key agreement protocols with authentication, this protocol requires neither a semi-trusted third party nor additional private keys in the authentication process. The entire process of authentication and key agreement can be achieved using only n six-particle entangled states, which saves communication costs and reduces the complexity of the authentication process.Finally, security analysis shows that this scheme is resistant to some important attacks.

Efficient Certificateless Authenticated Key Agreement for Blockchain-Enabled Internet of Medical Things

Internet of Medical Things(IoMT)plays an essential role in collecting and managing personal medical data.In recent years,blockchain technology has put power in traditional IoMT systems for data sharing between different medical institutions and improved the utilization of medical data.However,some problems in the information transfer process between wireless medical devices and mobile medical apps,such as information leakage and privacy disclosure.This paper first designs a cross-device key agreement model for blockchain-enabled IoMT.This model can establish a key agreement mechanism for secure medical data sharing.Meanwhile,a certificateless authenticated key agreement(KA)protocol has been proposed to strengthen the information transfer security in the cross-device key agreement model.The proposed KA protocol only requires one exchange of messages between the two parties,which can improve the protocol execution efficiency.Then,any unauthorized tampering of the transmitted signed message sent by the sender can be detected by the receiver,so this can guarantee the success of the establishment of a session key between the strange entities.The blockchain ledger can ensure that the medical data cannot be tampered with,and the certificateless mechanism can weaken the key escrow problem.Moreover,the security proof and performance analysis are given,which show that the proposed model and KA protocol are more secure and efficient than other schemes in similar literature.

A Provably Secure and PUF-Based Authentication Key Agreement Scheme for Cloud-Edge IoT

With the exponential growth of intelligent Internet of Things(IoT)applications,Cloud-Edge(CE)paradigm is emerging as a solution that facilitates resource-efficient and timely services.However,it remains an underlying issue that frequent end-edgecloud communication is over a public or adversarycontrolled channel.Additionally,with the presence of resource-constrained devices,it’s imperative to conduct the secure communication mechanism,while still guaranteeing efficiency.Physical unclonable functions(PUF)emerge as promising lightweight security primitives.Thus,we first construct a PUF-based security mechanism for vulnerable IoT devices.Further,a provably secure and PUF-based authentication key agreement scheme is proposed for establishing the secure channel in end-edge-cloud empowered IoT,without requiring pre-loaded master keys.The security of our scheme is rigorously proven through formal security analysis under the random oracle model,and security verification using AVISPA tool.The comprehensive security features are also elaborated.Moreover,the numerical results demonstrate that the proposed scheme outperforms existing related schemes in terms of computational and communication efficiency.

药品数据专有权国际立法溯源与中国制度安排

药品上市审批对于药品安全有效性数据的专门审查要求,造就了涉及药品数据的独特知识产权保护机制。基于药品数据获取的高昂投入及其对于药品仿制与后续创新的重要价值,美欧发达国家在世界范围内率先建立了药品数据保护机制,其逐渐成为一项国际性的法律规则。无论是美欧发达国家的立法,还是相关国际法律规则,对于药品数据的知识产权保护都呈现从商业秘密模式向专有权机制转变的立法格局。产业利益驱动无疑是其中的一个重要诱因,但归根结底是源自药品数据专有权有效兼顾原研发药企经济利益与社会公众健康权益的制度优势。鉴于此,在药品数据专有权保护的国际趋势下,我国应从本土药品产业激励创新与规范仿制的基本诉求出发,以必要的内部限制与外部监管明确药品数据专有权的法律边界,并通过药品数据动态化公示平台的设置与药品数据付费使用模式的创设,建构起与药品专利制度有机衔接的数据专有权保护机制。

智能家居网络下基于多因子的认证密钥协商方案

智能家居网络通过物联网技术将智能设备相连,用户可以远程查看和控制家居设备,但信息在不安全的公共网络上传输将面临各种网络威胁,因此研究和设计安全高效且符合智能家居网络的认证密钥协商协议非常必要。2020年,WAZID等人针对智能家居网络提出轻量级认证密钥协商方案(Wazid-Das方案),经过安全性分析和证明后发现,该方案过于依赖智能家居网关节点(Gateway Node,GWN),系统健壮性不高;该方案将用户和设备密钥存储在GWN中,但GWN面临特权攻击和各种外部网络攻击,并不绝对安全,且没有考虑用户的访问控制。文章在Wazid-Das方案的基础上针对智能家居网络提出一种基于切比雪夫映射(Chebyshev Chaotic Map)和安全略图(Secure Sketch)的多因子认证密钥协商方案。安全性证明和仿真实验结果表明,该方案虽然计算开销有所增加,但安全性显著提高,且通信开销大幅降低。

自适应光学视觉模拟器测量波前像差的重复性及与OPD-Scan Ⅲ的一致性研究

目的:评价自适应光学视觉模拟器(VAO)测量全眼高阶像差的重复性及与OPD-ScanⅢ测量全眼高阶像差的一致性。方法:采用横断面研究方法。纳入2023-08/09在成都东区爱尔眼科医院屈光科就诊的近视患者204例204眼(均取右眼数据)。由同一位操作熟练的检查者分别使用两种设备进行检查,使用VAO测量4.5 mm瞳孔直径下3-6阶的高阶像差,VAO和OPD-ScanⅢ测量3-6 mm瞳孔直径下全眼总高阶像差(tHOA)、球差(SA)、彗差(Coma)和三叶草像差(Trefoil),评估VAO测量全眼像差的重复性及两种设备的一致性。结果:VAO测量全眼的高阶像差均显示较高的重复性(0.767≤ICC≤0.941、Sw<0.01μm、TRT<0.1μm)。4-6 mm瞳孔直径下VAO与OPD-ScanⅢ的Coma测量值无差异(P>0.05),其余瞳孔直径下全眼总高阶像差的测量值均有差异(均P<0.05)。VAO与OPD-ScanⅢ的3 mm瞳孔直径下各阶像差以及4、5 mm瞳孔直径下的SA、4 mm瞳孔直径下的Coma测量值的95%LoA<0.1,显示一致性较好,其余瞳孔直径下的像差测量值的95%LoA>0.1,显示一致性较差,两种设备3 mm(r=0.218-0.317,P<0.01)、4 mm(r=0.406-0.672,P<0.01)、5 mm(r=0.538-0.839,P<0.01;r=0.030-0.109,P>0.01)以及6 mm(r=0.369-0.766,P<0.01)瞳孔直径下高阶像差测量值差异较大。结论:VAO测量3-6 mm瞳孔直径下全眼高阶像差结果时具有良好的重复性,但VAO与OPD-ScanⅢ的3-6 mm瞳孔直径下的全眼高阶像差测量值存在差异性,一致性较差,临床应用不可互换。

面向车联网通勤的双阶段认证密钥协商协议

针对通勤车辆在车联网中向路边单元(RSU)获取服务的安全与效率问题,提出了一种双阶段的认证密钥协商协议。在初始认证阶段,利用车辆、RSU和可信机构(TA)间协商的3个独立会话密钥,保障2个实体间传输的隐私不被第三方实体窃取。在快速认证阶段,车辆和RSU间利用车辆旅行时间表高效地完成相互认证。协议支持车辆匿名与匿名追溯,且能防止通勤路线等隐私泄露。此外,通过随机预言机证明了协议的安全性。仿真结果表明,在典型通勤场景下,所提方案比同类方案降低了59.35%的计算开销和44.21%的通信开销。

越南自贸协定中的农业开放策略及对中国的启示

近年来,越南作为亚太地区重要的新兴经济体,构建了面向主要贸易伙伴的自由贸易区网络,积极推动农业对外开放,促进了农业贸易与投资的增长,并通过对标国际高标准经贸规则倒逼国内农业改革,巩固了农业产业优势,将自身农业发展更深地嵌入全球农业供应链。与越南相比,中国目前签署的自由贸易协定涵盖的农产品贸易额较低,农业货物贸易自由化水平及服务贸易和投资开放水平有待提升。在新发展阶段,基于建设农业强国和贸易强国的现实要求,中国应继续积极推进高标准、高水平自由贸易区建设,分类设计自由贸易协定中的农业货物贸易开放方案,加大涉农服务投资开放的压力测试,并关注农业开放中的产业损害问题。

部际信用治理合作备忘录:性质、效力与优化

合作备忘录是部际信用合作治理的重要方式。不同于行政规范性文件,合作备忘录既是公法协定中的部际协定,也是一种契约治理形态。合作备忘录遵循契约相对性一般原理,具有相对效力,但这种效力相对性也是相对的。由于科层制特有的权力结构与行政服从义务、不完善的信用立法、对个人利益的保护等,合作备忘录的效力溢出至地方公权力主体和相对人。合作备忘录具有补充信用立法、强化行政协助、促进参与式治理等优势,也存在冲击法律体系、违反法律保留原则、规避监督、缺乏合作保障等不足,因而需从合法性、规范性、民主性等方面加以优化。

国家力量的双重进入与村规民约的重塑——基于215份优秀村规民约的文本分析

国家权力主要通过国家的“村规民约化”和村规民约的“国家化”两种方式进入到乡土社会中。国家力量与地方非正式规范的遭遇中,嵌入地方知识的同时将其纳入到国家的规则体系之下规范化地运行。当代村规民约在承担更多的国家政策的转译与国家规范化要求的同时也面临着治理资源不足的困境,因此当代村规民约需要以治理有效为目标引入多元复合的治理手段,以交错配置的方式来完成其治理内容。村规民约的性质也从传统时期的非正式制度转向“自治、法治、德治”相融合的制度载体。

基于格密码的5G-R车地认证密钥协商方案

5G-R作为我国下一代高速铁路无线通信系统,其安全性对于保障行车安全至关重要。针对5G-AKA协议存在隐私泄露、根密钥不变和效率低等问题,基于格密码理论提出一种新型5G-R车地认证方案。首先,使用临时身份信息GUTI代替SUCI,克服了SUCI明文传输的缺点。其次,设计基于格密码的根密钥更新策略,采用格上公钥密码体制、近似平滑投射散列函数和密钥共识算法,实现了根密钥的动态更新和前后向安全性。再次,加入随机质询和消息认证码,实现了通信三方的相互认证,可有效防范重放、DoS等多种恶意攻击。最后,采用串空间形式化方法进行安全验证,结果表明:本文方法较其他方法有更高的安全性,被攻击成功的概率最低,仅为O(n^(2))×2^(-128),且有较低的计算开销和通信开销,能够满足5G-R高安全性的需求。

区域贸易协定中竞争政策规则对出口国内增加值的影响研究

以64个国家1995—2017年141个区域贸易协定为样本,在测度竞争政策规则深度的基础上,实证考察其对出口国内增加值的影响。研究结果表明:竞争政策规则的强化有助于提升缔约方出口国内增加值。该结果经过稳健性检验后依然成立。机制分析结果表明,缔约方制度质量加强了竞争政策规则对出口国内增加值的促进作用,但区域贸易协定灵活度会阻碍该促进作用。区分条款发现,横向原则与国有企业条款可以促进出口国内增加值;区分国别发现,竞争政策规则对不同经济发展水平国家出口国内增加值存在异质性影响。进一步分析发现,竞争政策规则的强化对第三方国家存在溢出效应。因此,中国应有意识地强化竞争政策的基础性地位,合理设计竞争政策条款并逐步提升执行度,打造更为开放透明、公平竞争的市场环境。

RCEP背景下我国纺织产业高质量发展路径探析

分析了RCEP给我国纺织产业在开拓出口市场、加快海外产业链布局等方面带来的机遇,以及我国纺织产业在更加激烈的国际竞争中所面临的挑战。认为在RCEP背景下,我国纺织产业应当通过研判协定规则、聚力创新研发、树立法律意识、强化智力支撑等措施,不断优化纺织产业链合理布局、加快转型升级步伐、提升纺织产品国际竞争力,同时,也应当加强投资及外贸风险防范,进一步加速我国纺织产业对外开放的步伐。

论清偿型以物抵债协议产生的选择权——以《合同编通则解释》第27条为中心

《合同编通则解释》第27条规定的“债务履行期限届满后所达成的以物抵债协议”属于“清偿型以物抵债协议”。该条在总结司法实践经验的基础上,围绕对债权人的保护,将以物抵债协议规定为诺成合同,确立了清偿型以物抵债协议生效后新旧债并存的规则。在解释当事人之间达成的以物抵债协议时,应当采取两步走的方式:第一步是确定当事人是否有以新债代替旧债的合意,第二步是在不能确定合同发生变更时,出现新旧债并存的局面。在新旧债并存时,该条并未明确债务人的选择权,但该条规定与民法典第515条选择之债的规定是一致的,该条规定内容可以解释为在新旧债并存时,债务人享有选择权。同时,该条也确认了,在债务人不履行新债务时债权人的选择规则,并与民法典第515条规定保持了一致。债务人不履行新债时债权人有选择权。债权人一旦行使选择权,债务人就应当履行相应的债务。通过选择权的行使将使选择之债变成简单之债。

网络通信中嵌入式TCP/IP协议单片机技术的应用

嵌入式系统已经是当前网络通信的主要技术。单片机在嵌入式系统开发与实现中的多个环节发生作用。为此,文章重点探讨在网络通信系统嵌入式协议中单片机的具体应用。首先对嵌入式协议技术的总体架构与技术细节进行了汇总;其次对单片机技术及其作用进行了探讨;最后从多个方面分别分析了单片机在具体电路中的应用。以期为后续的产品开发与技术应用奠定基础。

面向无线传感器网络的认证密钥协商机制

无线传感器网络(Wireless Sensor Networks,WSN)是物联网的重要组成部分,因为WSN能通过因特网将采集到的数据发送到云服务器.认证和密钥协商机制是一个重要的密码学概念,可以确保数据传输的安全和完整性.传感器节点是资源受限的设备,因此目前多数认证和密钥协商机制在计算效率上并不适用于WSN.针对该问题,本文提出了一种新的认证和密钥协商机制,该方案是一种基于椭圆曲线的轻量级认证和密钥协商方案.在eCK安全模型下,将方案的安全性规约到CDH数学困难假设之上,形式化的证明了方案的安全性.最后通过方案对比,表明文章所提出的方案实现了计算效率和安全属性之间的平衡.

区域贸易协定对全球价值链参与度的影响——基于区域贸易协定深度水平的视角

针对全球价值链分工日益深化与区域贸易协定(RTA)不断增加的局面,在测算全球价值链参与度的基础上,利用WTO区域贸易协定数据库的资料,参照对RTA条款深度的划分,实证检验了RTA对经济体全球价值链参与度的影响。整体上,RTA对经济体的全球价值链参与度具有显著促进作用,但不同深度水平的RTA影响效应有所差别。其中,“WTO+”比“WTO-X”条款对经济体价值链参与度的影响更大,且RTA对发展中经济体价值链地位提升的影响大于发达经济体。地理距离、区域竞争在RTA对经济体价值链参与度影响中发挥着一定的调节作用。地理距离越近,RTA对价值链分工参与度的影响越大;RTA达成得越早,越有利于发挥RTA建立的竞争优势,保护本经济体在其他经济体的市场地位。机制检验表明,RTA可通过降低关税壁垒和促进对外投资推动经济体价值链地位的提升。

全球气温控制与企业投资效率——基于《巴黎协定》的准自然实验

本文以2015年12月12日巴黎气候大会通过《巴黎协定》为准自然实验,采用双重差分法,实证检验了全球气温控制对企业投资效率的影响。研究发现,相比非能源行业企业,能源行业企业的投资效率在设置2℃的全球平均气温上升幅度上限之后显著提高,并且主要表现为投资不足问题的缓解。这一现象在全球气温控制后公司生产经营活力提高、资金支持更多和社会责任表现更好的样本中更加显著。当企业受到更加严格的环境监管时,全球气温控制对能源行业企业投资效率的影响更加显著;能源行业企业投资效率的提高确实来自全球气温控制而非来自能源公司原本对环保问题的关注;地区升温污染物排放水平较高时,能源公司更需要通过提高投资效率来增加环保投资。进一步研究发现,能源行业企业提高投资效率可以显著增加公司的环保投资总额。本文直接检验了全球气温控制是否促进企业提高投资效率,进而促进它们增加环保投资,具有重要的理论和政策含义。