Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like Chi...Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.展开更多
Software-Defined Networking (SDN) has been a hot topic for future network development, which implements the different layers of control plane and data plane respectively. Despite providing high openness and programmab...Software-Defined Networking (SDN) has been a hot topic for future network development, which implements the different layers of control plane and data plane respectively. Despite providing high openness and programmability, the “three-layer two-interface” architecture of SDN changes the traditional network and increases the network attack nodes, which results in new security issues. In this paper, we firstly introduced the background, architecture and working process of SDN. Secondly, we summarized and analyzed the typical security issues from north to south: application layer, northbound interface, control layer, southbound interface and data layer. Another contribution is to review and analyze the existing solutions and latest research progress of each layer, mainly including: authorized authentication module, application isolation, DoS/DDoS defense, multi-controller deployment and flow rule consistency detection. Finally, a conclusion about the future works of SDN security and an idealized global security architecture is proposed.展开更多
Orthomorphism on F n2 is a kind of elementary permutation with good cryptographic properties. This paper proposes a hybrid strategy of Particle Swarm Optimization (PSO) and Simulated Annealing (SA) for finding orthomo...Orthomorphism on F n2 is a kind of elementary permutation with good cryptographic properties. This paper proposes a hybrid strategy of Particle Swarm Optimization (PSO) and Simulated Annealing (SA) for finding orthomorphisms with good cryptographic properties. By experiment based on this strategy, we get some orthomorphisms on F n2(n=5, 6, 7, 9, 10) with good cryptographic properties in the open document for the first time, and the optimal orthomorphism on F 82 found in this paper also does better than the one proposed by Feng Dengguo et al. in stream cipher Loiss in difference uniformity, algebraic degree, algebraic immunity and corresponding permutation polynomial degree. The PSOSA hybrid strategy for optimizing orthomorphism in this paper makes design of orthomorphisms with good cryptographic properties automated, efficient and convenient, which proposes a new approach to design orthomorphisms.展开更多
Frame resolution and physical layer (PHY) protocol type detection are the basis of research and development of intrusion prevention systems for IEEE 802.11 wireless network. Aiming at the problems which cannot be solv...Frame resolution and physical layer (PHY) protocol type detection are the basis of research and development of intrusion prevention systems for IEEE 802.11 wireless network. Aiming at the problems which cannot be solved by the specifications export, this paper proposed a MAC frame analytical method and a PHY protocol type detection algorithm based on parsing the IEEE 802.11packets captured by the library Libpcap. The packet structure and the length of the frame preamble (18 or 26 bytes) are presented. Then the methods of transforming byte-order and resolving sub-fields are given. A detection algorithm of PHY protocol type is proposed based on the experiments and examples are given to verify these methods. This work can be a reference for the R & D related to link layer frame analysis.展开更多
The rapid development of location-based service(LBS) drives one special kind of LBS, in which the service provider verifies user location before providing services. In distributed location proof generating schemes, pr...The rapid development of location-based service(LBS) drives one special kind of LBS, in which the service provider verifies user location before providing services. In distributed location proof generating schemes, preventing users from colluding with each other to create fake location proofs and protecting user's location privacy at the same time, are the main technical challenges to bring this kind of LBS into practical. Existing solutions tackle these challenges with low collusion-detecting efficiency and defected collusion-detecting method. We proposed two novel location proof generating schemes, which inversely utilized a secure secret-sharing scheme and a pseudonym scheme to settle these shortcomings. Our proposed solution resists and detects user collusion attacks in a more efficient and correct way. Meanwhile, we achieve a higher level of location privacy than that of previous work. The correctness and efficiency of our proposed solution is testified by intensive security analysis, performance analysis, as well as experiments and simulation results.展开更多
The security of classical cryptography based on computational complexity assumptions has been severely challenged with the rapid development of quantum computers and quantum algorithms. Quantum cryptography, which off...The security of classical cryptography based on computational complexity assumptions has been severely challenged with the rapid development of quantum computers and quantum algorithms. Quantum cryptography, which offers unconditional security based on some principles of quantum mechanics, has become a significant branch and hotspot in the field of modern cryptography research. In this paper, we review the research and development of several important and well-studied branches of quantum cryptography in terms of theory and experiment, including quantum key distribution, quantum secret sharing, quantum secure direct communication, quantum signature, and quantum private query. We also briefly review the research and development of some other branches which are currently in the stage of theoretical research but receive widespread concern from academia, including quantum private comparison, quantum anonymous voting, quantum secure multi-party summation, quantum sealed-bid auction, quantum public key cryptosystem, quantum key agreement, quantum dialogue, and quantum identity authentication. In addition, we discuss some open issues and future research directions for the branches referred to above.展开更多
Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certai...Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.展开更多
A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryp...A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.展开更多
Power Shell has been widely deployed in fileless malware and advanced persistent threat(APT)attacks due to its high stealthiness and live-off-theland technique.However,existing works mainly focus on deobfuscation and ...Power Shell has been widely deployed in fileless malware and advanced persistent threat(APT)attacks due to its high stealthiness and live-off-theland technique.However,existing works mainly focus on deobfuscation and malicious detection,lacking the malicious Power Shell families classification and behavior analysis.Moreover,the state-of-the-art methods fail to capture fine-grained features and semantic relationships,resulting in low robustness and accuracy.To this end,we propose Power Detector,a novel malicious Power Shell script detector based on multimodal semantic fusion and deep learning.Specifically,we design four feature extraction methods to extract key features from character,token,abstract syntax tree(AST),and semantic knowledge graph.Then,we intelligently design four embeddings(i.e.,Char2Vec,Token2Vec,AST2Vec,and Rela2Vec) and construct a multi-modal fusion algorithm to concatenate feature vectors from different views.Finally,we propose a combined model based on transformer and CNN-Bi LSTM to implement Power Shell family detection.Our experiments with five types of Power Shell attacks show that PowerDetector can accurately detect various obfuscated and stealth PowerShell scripts,with a 0.9402 precision,a 0.9358 recall,and a 0.9374 F1-score.Furthermore,through singlemodal and multi-modal comparison experiments,we demonstrate that PowerDetector’s multi-modal embedding and deep learning model can achieve better accuracy and even identify more unknown attacks.展开更多
The hardness of tensor decomposition problem has many achievements, but limited applications in cryptography, and the tensor decomposition problem has been considered to have the potential to resist quantum computing....The hardness of tensor decomposition problem has many achievements, but limited applications in cryptography, and the tensor decomposition problem has been considered to have the potential to resist quantum computing. In this paper, we firstly proposed a new variant of tensor decomposition problem, then two one-way functions are proposed based on the hard problem. Secondly we propose a key exchange protocol based on the one-way functions, then the security analysis, efficiency, recommended parameters and etc. are also given. The analyses show that our scheme has the following characteristics: easy to implement in software and hardware, security can be reduced to hard problems, and it has the potential to resist quantum computing.Besides the new key exchange can be as an alternative comparing with other classical key protocols.展开更多
Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented...Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.展开更多
Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are ...Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.展开更多
In this paper, we propose a trusted mobile payment environment (TMPE) based on trusted computing and virtualization technology. There are a normal operating system (OS) and a trusted OS (TOS) in TMPE. We store t...In this paper, we propose a trusted mobile payment environment (TMPE) based on trusted computing and virtualization technology. There are a normal operating system (OS) and a trusted OS (TOS) in TMPE. We store the image of TOS in a memory card to hinder tampering. The integrity of TOS is protected by means of a trusted platform module (TPM). TOS can only be updated through a trusted third party. In addition, virtualization technology is applied to isolate TOS from normal OS. Users complete ordinary affairs in normal OS and security-sensitive affairs in TOS. TMPE can offer users a highly protected environment for mobile payment. Moreover, TMPE has good compatibility in different hardware architectures of mobile platforms. As the evaluation shows, TMPE satisfies the requirement of mobile payment well.展开更多
In order to reduce physical unclonable fixnction (PUF) response instability and imbalance caused by the metastability and the bias of arbiter, this paper uses an improved balanced D flip-plop (DFF) based on the un...In order to reduce physical unclonable fixnction (PUF) response instability and imbalance caused by the metastability and the bias of arbiter, this paper uses an improved balanced D flip-plop (DFF) based on the unbalanced DFF to reduce the bias in response output and enhances the security of PUF by adopting two balanced DFFs in series. The experimental results show that two cascaded balanced DFFs improve the stability of the DFF, and the output of two balanced DFFs is more reliable. The entropy of output is fixed at 98.7%.展开更多
Recently, Wu et al(2019 Int. J. Theor. Phys. 58 1854) found a serious information leakage problem in Ye and Ji’s quantum private comparison protocol(2017 Int. J. Theor. Phys. 561517), that is, a malicious participant...Recently, Wu et al(2019 Int. J. Theor. Phys. 58 1854) found a serious information leakage problem in Ye and Ji’s quantum private comparison protocol(2017 Int. J. Theor. Phys. 561517), that is, a malicious participant can steal another’s secret data without being detected through an active attack means. In this paper, we show that Wu et al’s active attack is also effective for several other existing protocols, including the ones proposed by Ji et al and Zha et al(2016 Commun. Theor. Phys. 65 711;2018 Int. J. Theor. Phys. 57 3874). In addition,we propose what a passive attack means, which is different from Wu et al’s active attack in that the malicious participant can easily steal another’s secret data only by using his own secret data after finishing the protocol, instead of stealing the data by forging identities when executing the protocol. Furthermore, we find that several other existing quantum private comparison protocols also have such an information leakage problem. In response to the problem, we propose a simple solution, which is more efficient than the ones proposed by Wu et al, because it does not consume additional classical and quantum resources.展开更多
Security mechanism detection is not only an important content of vulnerabilities evaluation but also the foundation of key strength test for wireless local area network (WLAN). This paper analyzes the specifications...Security mechanism detection is not only an important content of vulnerabilities evaluation but also the foundation of key strength test for wireless local area network (WLAN). This paper analyzes the specifications of WLAN security mechanisms and points out the defects in design of security mechanisms detection algorithm based on the standards. By capturing and analyzing a large number of Beacon frames from different vendor's access points (APs), we summarize the relevant fields and information elements in a Beacon frame, and present their values or status when an AP is set to every specific security mechanism. A detection algorithm of WLAN security mechanisms is proposed based on the experimental study result and the pseudo code of a reference implementation for the algorithm is designed. The validity of the algorithm is illustrated by examples, which shows it can detect every WLAN security mechanism accurately.展开更多
Rust is a system-level programming language that provides thread and memory safety guarantee through a suite of static compiler checking rules and prevents segmentation errors.However,since compiler checking is too st...Rust is a system-level programming language that provides thread and memory safety guarantee through a suite of static compiler checking rules and prevents segmentation errors.However,since compiler checking is too strict to confine Rust's programmability,the developers prefer to use the keyword"unsafe"to bypass compiler checking,through which the caller could interact with OS directly.Unfortunately,the code block with"unsafe"would easily lead to some serious bugs such as memory safety violation,race condition and so on.In this paper,to verify memory and concurrency safety of Rust programs,we present RSMC(Safety Model Checker for Rust),a tool based on Smack to detect concurrency bugs and memory safety errors in Rust programs,in which we combine concurrency primitives model checking and memory boundary model checking.RSMC,with an assertion generator,can automatically insert assertions and requires no programmer annotations to verify Rust programs.We evaluate RSMC on two categories of Rust programs,and the result shows that RSMC can effectively find concurrency bugs and memory safety errors in vulnerable Rust programs,which include unsafe code.展开更多
MSU Stego Video is a public video steganographic tool, which has strong robustness and is regarded as a real video steganographic tool. In order to increase the detection rate, this paper proposes a new steganoalysis ...MSU Stego Video is a public video steganographic tool, which has strong robustness and is regarded as a real video steganographic tool. In order to increase the detection rate, this paper proposes a new steganoalysis method against MSU, which uses the chessboard character of MSU embedded video, proposes a down-sample block-based collusion method to estimate the original frame and checks the chessboard mode of the different frame between tested frame and estimated frame to detect MSU steganographic evidences. To reduce the error introduced by severe movement of the video content, a method that abandons severe motion blocks from detecting is proposed. The experiment results show that the false negative rate of the proposed algorithm is lower than 5%, and the false positive rate is lower than 2%. Our algorithm has significantly better performance than existing algorithms. Especially to the video that has fast motion, the algorithm has more remarkable performance.展开更多
Technological advancements in data analysis and data releasing have put forward higher security requirements, such as privacy guarantee and strictly provable security, this new area of research is called differential ...Technological advancements in data analysis and data releasing have put forward higher security requirements, such as privacy guarantee and strictly provable security, this new area of research is called differential privacy. As for geospatial point data, the exiting methods use the tree structure to split the data space to enhance the data utility and usually adopt uniform budgeting method. Different from this, we propose a novel non-uniform allocation scheme for privacy budget which is a parameter to specify the degree of privacy guarantee. Firstly, the spatial data is indexed by quadtree, then, different privacy budget is allocated to each layer of quadtree using Fibonacci series features, and we designate this budgeting method as Fibonacci allocation. Experimental results show that Fibonacci allocation is significantly more accurate in data queries than the state-of-the-art methods under the same privacy guarantee level and fits for arbitrary range queries. Furthermore, data utility can be improved by post-processing and threshold determination.展开更多
Chaotic systems perform well as a new rich source of cryptography and pseudo-random coding. Unfortunately their digital dynamical properties would degrade due to the finite computing precision. Proposed in this paper ...Chaotic systems perform well as a new rich source of cryptography and pseudo-random coding. Unfortunately their digital dynamical properties would degrade due to the finite computing precision. Proposed in this paper is a modified digital chaotic sequence generator based on chaotic logistic systems with a coupling structure where one chaotic subsystem generates perturbation signals to disturb the control parameter of the other one. The numerical simulations show that the length of chaotic orbits, the output distribution of chaotic system, and the security of chaotic sequences have been greatly improved. Moreover the chaotic sequence period can be extended at least by one order of magnitude longer than that of the uncoupled logistic system and the difficulty in decrypting increases 2^128*2^128 times indicating that the dynamical degradation of digital chaos is effectively improved. A field programmable gate array (FPGA) implementation of an algorithm is given and the corresponding experiment shows that the output speed of the generated chaotic sequences can reach 571.4 Mbps indicating that the designed generator can he applied to the real-time video image encryption.展开更多
基金supported by the National Natural Science Foundation of China (Grant NO.61332019, NO.61402342, NO.61202387)the National Basic Research Program of China ("973" Program) (Grant No.2014CB340600)the National High–Tech Research and Development Program of China ("863" Program) (Grant No.2015AA016002)
文摘Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.
基金supported by the Wuhan Frontier Program of Application Foundation (No.2018010401011295)National High Technology Research and Development Program of China (“863” Program) (Grant No. 2015AA016002)
文摘Software-Defined Networking (SDN) has been a hot topic for future network development, which implements the different layers of control plane and data plane respectively. Despite providing high openness and programmability, the “three-layer two-interface” architecture of SDN changes the traditional network and increases the network attack nodes, which results in new security issues. In this paper, we firstly introduced the background, architecture and working process of SDN. Secondly, we summarized and analyzed the typical security issues from north to south: application layer, northbound interface, control layer, southbound interface and data layer. Another contribution is to review and analyze the existing solutions and latest research progress of each layer, mainly including: authorized authentication module, application isolation, DoS/DDoS defense, multi-controller deployment and flow rule consistency detection. Finally, a conclusion about the future works of SDN security and an idealized global security architecture is proposed.
基金supported by the National Natural Science Foundation of China under Grants No.60673071,No.60970115,No.60970116,No.61003267partially supported by the National Hi-Tech Research and Department Program of China under Grants No.2006AA01Z442,No.2007AA01Z411
文摘Orthomorphism on F n2 is a kind of elementary permutation with good cryptographic properties. This paper proposes a hybrid strategy of Particle Swarm Optimization (PSO) and Simulated Annealing (SA) for finding orthomorphisms with good cryptographic properties. By experiment based on this strategy, we get some orthomorphisms on F n2(n=5, 6, 7, 9, 10) with good cryptographic properties in the open document for the first time, and the optimal orthomorphism on F 82 found in this paper also does better than the one proposed by Feng Dengguo et al. in stream cipher Loiss in difference uniformity, algebraic degree, algebraic immunity and corresponding permutation polynomial degree. The PSOSA hybrid strategy for optimizing orthomorphism in this paper makes design of orthomorphisms with good cryptographic properties automated, efficient and convenient, which proposes a new approach to design orthomorphisms.
文摘Frame resolution and physical layer (PHY) protocol type detection are the basis of research and development of intrusion prevention systems for IEEE 802.11 wireless network. Aiming at the problems which cannot be solved by the specifications export, this paper proposed a MAC frame analytical method and a PHY protocol type detection algorithm based on parsing the IEEE 802.11packets captured by the library Libpcap. The packet structure and the length of the frame preamble (18 or 26 bytes) are presented. Then the methods of transforming byte-order and resolving sub-fields are given. A detection algorithm of PHY protocol type is proposed based on the experiments and examples are given to verify these methods. This work can be a reference for the R & D related to link layer frame analysis.
基金supported by the National Natural Science Foundation of China(Grant No.41371402)the National Basic Research Program of China("973"Program)(Grant No.2011CB302306)the Fundamental Research Funds for the Central University(Grant No.2015211020201 and No.211274230)
文摘The rapid development of location-based service(LBS) drives one special kind of LBS, in which the service provider verifies user location before providing services. In distributed location proof generating schemes, preventing users from colluding with each other to create fake location proofs and protecting user's location privacy at the same time, are the main technical challenges to bring this kind of LBS into practical. Existing solutions tackle these challenges with low collusion-detecting efficiency and defected collusion-detecting method. We proposed two novel location proof generating schemes, which inversely utilized a secure secret-sharing scheme and a pseudonym scheme to settle these shortcomings. Our proposed solution resists and detects user collusion attacks in a more efficient and correct way. Meanwhile, we achieve a higher level of location privacy than that of previous work. The correctness and efficiency of our proposed solution is testified by intensive security analysis, performance analysis, as well as experiments and simulation results.
基金supported by the State Key Program of National Natural Science of China No. 61332019the Major State Basic Research Development Program of China (973 Program) No. 2014CB340601+2 种基金the National Science Foundation of China No. 61202386, 61402339the National Cryptography Development Fund No. MMJJ201701304the Science and Technology Research Project of Hebei higher education No. QN2017020
文摘The security of classical cryptography based on computational complexity assumptions has been severely challenged with the rapid development of quantum computers and quantum algorithms. Quantum cryptography, which offers unconditional security based on some principles of quantum mechanics, has become a significant branch and hotspot in the field of modern cryptography research. In this paper, we review the research and development of several important and well-studied branches of quantum cryptography in terms of theory and experiment, including quantum key distribution, quantum secret sharing, quantum secure direct communication, quantum signature, and quantum private query. We also briefly review the research and development of some other branches which are currently in the stage of theoretical research but receive widespread concern from academia, including quantum private comparison, quantum anonymous voting, quantum secure multi-party summation, quantum sealed-bid auction, quantum public key cryptosystem, quantum key agreement, quantum dialogue, and quantum identity authentication. In addition, we discuss some open issues and future research directions for the branches referred to above.
基金supported in part by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant Nos.2011CDB453,2014CFB440)
文摘Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.
基金supported by the State Key Program of National Natural Science of China(Grant Nos. 61332019)the National Natural Science Foundation of China (61572303)+7 种基金National Key Research and Development Program of China ( 2017YFB0802003 , 2017YFB0802004)National Cryptography Development Fund during the 13th Five-year Plan Period (MMJJ20170216)the Foundation of State Key Laboratory of Information Security (2017-MS-03)the Fundamental Research Funds for the Central Universities(GK201702004,GK201603084)Major State Basic Research Development Program of China (973 Program) (No.2014CB340600)National High-tech R&D Program of China(2015AA016002, 2015AA016004)Natural Science Foundation of He Bei Province (No. F2017201199)Science and technology research project of Hebei higher education (No. QN2017020)
文摘A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
基金This work was supported by National Natural Science Foundation of China(No.62172308,No.U1626107,No.61972297,No.62172144,and No.62062019).
文摘Power Shell has been widely deployed in fileless malware and advanced persistent threat(APT)attacks due to its high stealthiness and live-off-theland technique.However,existing works mainly focus on deobfuscation and malicious detection,lacking the malicious Power Shell families classification and behavior analysis.Moreover,the state-of-the-art methods fail to capture fine-grained features and semantic relationships,resulting in low robustness and accuracy.To this end,we propose Power Detector,a novel malicious Power Shell script detector based on multimodal semantic fusion and deep learning.Specifically,we design four feature extraction methods to extract key features from character,token,abstract syntax tree(AST),and semantic knowledge graph.Then,we intelligently design four embeddings(i.e.,Char2Vec,Token2Vec,AST2Vec,and Rela2Vec) and construct a multi-modal fusion algorithm to concatenate feature vectors from different views.Finally,we propose a combined model based on transformer and CNN-Bi LSTM to implement Power Shell family detection.Our experiments with five types of Power Shell attacks show that PowerDetector can accurately detect various obfuscated and stealth PowerShell scripts,with a 0.9402 precision,a 0.9358 recall,and a 0.9374 F1-score.Furthermore,through singlemodal and multi-modal comparison experiments,we demonstrate that PowerDetector’s multi-modal embedding and deep learning model can achieve better accuracy and even identify more unknown attacks.
基金supported by the National Natural Science Foundation of China(Grant Nos.61303212,61170080,61202386)the State Key Program of National Natural Science of China(Grant Nos.61332019,U1135004)+2 种基金the Major Research Plan of the National Natural Science Foundation of China(Grant No.91018008)Major State Basic Research Development Program of China(973 Program)(No.2014CB340600)the Hubei Natural Science Foundation of China(Grant No.2011CDB453,2014CFB440)
文摘The hardness of tensor decomposition problem has many achievements, but limited applications in cryptography, and the tensor decomposition problem has been considered to have the potential to resist quantum computing. In this paper, we firstly proposed a new variant of tensor decomposition problem, then two one-way functions are proposed based on the hard problem. Secondly we propose a key exchange protocol based on the one-way functions, then the security analysis, efficiency, recommended parameters and etc. are also given. The analyses show that our scheme has the following characteristics: easy to implement in software and hardware, security can be reduced to hard problems, and it has the potential to resist quantum computing.Besides the new key exchange can be as an alternative comparing with other classical key protocols.
基金supported in part by National High-Tech Research and Development Program of China(“863”Program)under Grant No.2015AA016004National Natural Science Foundation of China under Grants No.61173154,61272451,61572380
文摘Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.
基金National Natural Science Foundation of China(No.62172308,U1626107,61972297,62172144)。
文摘Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.
基金Supported by the National Basic Research Program of China(973 Program)(2014CB340600)the National Natural Science Foundation of China(61173138,61103628,61103220)the Intel Collaborative Research Project
文摘In this paper, we propose a trusted mobile payment environment (TMPE) based on trusted computing and virtualization technology. There are a normal operating system (OS) and a trusted OS (TOS) in TMPE. We store the image of TOS in a memory card to hinder tampering. The integrity of TOS is protected by means of a trusted platform module (TPM). TOS can only be updated through a trusted third party. In addition, virtualization technology is applied to isolate TOS from normal OS. Users complete ordinary affairs in normal OS and security-sensitive affairs in TOS. TMPE can offer users a highly protected environment for mobile payment. Moreover, TMPE has good compatibility in different hardware architectures of mobile platforms. As the evaluation shows, TMPE satisfies the requirement of mobile payment well.
基金Supported by the National Natural Science Foundation of China(41371402)the Fundamental Research Funds for the Central Universities(2015211020201)
文摘In order to reduce physical unclonable fixnction (PUF) response instability and imbalance caused by the metastability and the bias of arbiter, this paper uses an improved balanced D flip-plop (DFF) based on the unbalanced DFF to reduce the bias in response output and enhances the security of PUF by adopting two balanced DFFs in series. The experimental results show that two cascaded balanced DFFs improve the stability of the DFF, and the output of two balanced DFFs is more reliable. The entropy of output is fixed at 98.7%.
基金supported by the State Key Program of National Natural Science Foundation of China under grant 61332019the Major State Basic Research Development Program of China(973 Program)under grant 2014CB340601+1 种基金the National Science Foundation of China under grant 61202386 and grant 61402339the National Cryptography Development Fund of China under grant MMJJ201701304。
文摘Recently, Wu et al(2019 Int. J. Theor. Phys. 58 1854) found a serious information leakage problem in Ye and Ji’s quantum private comparison protocol(2017 Int. J. Theor. Phys. 561517), that is, a malicious participant can steal another’s secret data without being detected through an active attack means. In this paper, we show that Wu et al’s active attack is also effective for several other existing protocols, including the ones proposed by Ji et al and Zha et al(2016 Commun. Theor. Phys. 65 711;2018 Int. J. Theor. Phys. 57 3874). In addition,we propose what a passive attack means, which is different from Wu et al’s active attack in that the malicious participant can easily steal another’s secret data only by using his own secret data after finishing the protocol, instead of stealing the data by forging identities when executing the protocol. Furthermore, we find that several other existing quantum private comparison protocols also have such an information leakage problem. In response to the problem, we propose a simple solution, which is more efficient than the ones proposed by Wu et al, because it does not consume additional classical and quantum resources.
基金Supported by the National Natural Science Foundation of China(51377122)
文摘Security mechanism detection is not only an important content of vulnerabilities evaluation but also the foundation of key strength test for wireless local area network (WLAN). This paper analyzes the specifications of WLAN security mechanisms and points out the defects in design of security mechanisms detection algorithm based on the standards. By capturing and analyzing a large number of Beacon frames from different vendor's access points (APs), we summarize the relevant fields and information elements in a Beacon frame, and present their values or status when an AP is set to every specific security mechanism. A detection algorithm of WLAN security mechanisms is proposed based on the experimental study result and the pseudo code of a reference implementation for the algorithm is designed. The validity of the algorithm is illustrated by examples, which shows it can detect every WLAN security mechanism accurately.
基金Supported by the National Basic Research Program of China(973 Program)(2014CB340601)。
文摘Rust is a system-level programming language that provides thread and memory safety guarantee through a suite of static compiler checking rules and prevents segmentation errors.However,since compiler checking is too strict to confine Rust's programmability,the developers prefer to use the keyword"unsafe"to bypass compiler checking,through which the caller could interact with OS directly.Unfortunately,the code block with"unsafe"would easily lead to some serious bugs such as memory safety violation,race condition and so on.In this paper,to verify memory and concurrency safety of Rust programs,we present RSMC(Safety Model Checker for Rust),a tool based on Smack to detect concurrency bugs and memory safety errors in Rust programs,in which we combine concurrency primitives model checking and memory boundary model checking.RSMC,with an assertion generator,can automatically insert assertions and requires no programmer annotations to verify Rust programs.We evaluate RSMC on two categories of Rust programs,and the result shows that RSMC can effectively find concurrency bugs and memory safety errors in vulnerable Rust programs,which include unsafe code.
基金Supported by the National Natural Science Foundation of China(60970114)Doctoral Fund of Ministry of Education of China(20110141130006)
文摘MSU Stego Video is a public video steganographic tool, which has strong robustness and is regarded as a real video steganographic tool. In order to increase the detection rate, this paper proposes a new steganoalysis method against MSU, which uses the chessboard character of MSU embedded video, proposes a down-sample block-based collusion method to estimate the original frame and checks the chessboard mode of the different frame between tested frame and estimated frame to detect MSU steganographic evidences. To reduce the error introduced by severe movement of the video content, a method that abandons severe motion blocks from detecting is proposed. The experiment results show that the false negative rate of the proposed algorithm is lower than 5%, and the false positive rate is lower than 2%. Our algorithm has significantly better performance than existing algorithms. Especially to the video that has fast motion, the algorithm has more remarkable performance.
基金supported by National Basic Research Program of China(973 Program)under Grant No.2011CB302306The National Natural Science Foundation of China under Grant No.41371402The Fundamental Research Funds for the Central Universities under Grant No.2015211020201
文摘Technological advancements in data analysis and data releasing have put forward higher security requirements, such as privacy guarantee and strictly provable security, this new area of research is called differential privacy. As for geospatial point data, the exiting methods use the tree structure to split the data space to enhance the data utility and usually adopt uniform budgeting method. Different from this, we propose a novel non-uniform allocation scheme for privacy budget which is a parameter to specify the degree of privacy guarantee. Firstly, the spatial data is indexed by quadtree, then, different privacy budget is allocated to each layer of quadtree using Fibonacci series features, and we designate this budgeting method as Fibonacci allocation. Experimental results show that Fibonacci allocation is significantly more accurate in data queries than the state-of-the-art methods under the same privacy guarantee level and fits for arbitrary range queries. Furthermore, data utility can be improved by post-processing and threshold determination.
基金Project supported by the National Basic Research Program of China (Grant No 2006CB303104)the National Natural Science Foundation of China (Grant No 40871200)
文摘Chaotic systems perform well as a new rich source of cryptography and pseudo-random coding. Unfortunately their digital dynamical properties would degrade due to the finite computing precision. Proposed in this paper is a modified digital chaotic sequence generator based on chaotic logistic systems with a coupling structure where one chaotic subsystem generates perturbation signals to disturb the control parameter of the other one. The numerical simulations show that the length of chaotic orbits, the output distribution of chaotic system, and the security of chaotic sequences have been greatly improved. Moreover the chaotic sequence period can be extended at least by one order of magnitude longer than that of the uncoupled logistic system and the difficulty in decrypting increases 2^128*2^128 times indicating that the dynamical degradation of digital chaos is effectively improved. A field programmable gate array (FPGA) implementation of an algorithm is given and the corresponding experiment shows that the output speed of the generated chaotic sequences can reach 571.4 Mbps indicating that the designed generator can he applied to the real-time video image encryption.