Survey on Key Technology Development and Application in Trusted Computing

Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.

A Survey: Typical Security Issues of Software-Defined Networking

Software-Defined Networking (SDN) has been a hot topic for future network development, which implements the different layers of control plane and data plane respectively. Despite providing high openness and programmability, the “three-layer two-interface” architecture of SDN changes the traditional network and increases the network attack nodes, which results in new security issues. In this paper, we firstly introduced the background, architecture and working process of SDN. Secondly, we summarized and analyzed the typical security issues from north to south: application layer, northbound interface, control layer, southbound interface and data layer. Another contribution is to review and analyze the existing solutions and latest research progress of each layer, mainly including: authorized authentication module, application isolation, DoS/DDoS defense, multi-controller deployment and flow rule consistency detection. Finally, a conclusion about the future works of SDN security and an idealized global security architecture is proposed.

Hybrid Strategy of Particle Swarm Optimization and Simulated Annealing for Optimizing Orthomorphisms

Orthomorphism on F n2 is a kind of elementary permutation with good cryptographic properties. This paper proposes a hybrid strategy of Particle Swarm Optimization (PSO) and Simulated Annealing (SA) for finding orthomorphisms with good cryptographic properties. By experiment based on this strategy, we get some orthomorphisms on F n2(n=5, 6, 7, 9, 10) with good cryptographic properties in the open document for the first time, and the optimal orthomorphism on F 82 found in this paper also does better than the one proposed by Feng Dengguo et al. in stream cipher Loiss in difference uniformity, algebraic degree, algebraic immunity and corresponding permutation polynomial degree. The PSOSA hybrid strategy for optimizing orthomorphism in this paper makes design of orthomorphisms with good cryptographic properties automated, efficient and convenient, which proposes a new approach to design orthomorphisms.

MAC Frame Resolution and PHY Protocol Type Detection of IEEE 802.11

Frame resolution and physical layer (PHY) protocol type detection are the basis of research and development of intrusion prevention systems for IEEE 802.11 wireless network. Aiming at the problems which cannot be solved by the specifications export, this paper proposed a MAC frame analytical method and a PHY protocol type detection algorithm based on parsing the IEEE 802.11packets captured by the library Libpcap. The packet structure and the length of the frame preamble (18 or 26 bytes) are presented. Then the methods of transforming byte-order and resolving sub-fields are given. A detection algorithm of PHY protocol type is proposed based on the experiments and examples are given to verify these methods. This work can be a reference for the R & D related to link layer frame analysis.

Privacy-preserving Distributed Location Proof Generating System

The rapid development of location-based service(LBS) drives one special kind of LBS, in which the service provider verifies user location before providing services. In distributed location proof generating schemes, preventing users from colluding with each other to create fake location proofs and protecting user's location privacy at the same time, are the main technical challenges to bring this kind of LBS into practical. Existing solutions tackle these challenges with low collusion-detecting efficiency and defected collusion-detecting method. We proposed two novel location proof generating schemes, which inversely utilized a secure secret-sharing scheme and a pseudonym scheme to settle these shortcomings. Our proposed solution resists and detects user collusion attacks in a more efficient and correct way. Meanwhile, we achieve a higher level of location privacy than that of previous work. The correctness and efficiency of our proposed solution is testified by intensive security analysis, performance analysis, as well as experiments and simulation results.

Survey on Quantum Information Security

The security of classical cryptography based on computational complexity assumptions has been severely challenged with the rapid development of quantum computers and quantum algorithms. Quantum cryptography, which offers unconditional security based on some principles of quantum mechanics, has become a significant branch and hotspot in the field of modern cryptography research. In this paper, we review the research and development of several important and well-studied branches of quantum cryptography in terms of theory and experiment, including quantum key distribution, quantum secret sharing, quantum secure direct communication, quantum signature, and quantum private query. We also briefly review the research and development of some other branches which are currently in the stage of theoretical research but receive widespread concern from academia, including quantum private comparison, quantum anonymous voting, quantum secure multi-party summation, quantum sealed-bid auction, quantum public key cryptosystem, quantum key agreement, quantum dialogue, and quantum identity authentication. In addition, we discuss some open issues and future research directions for the branches referred to above.

Cryptanalysis of Cryptosystems Based on General Linear Group

Advances in quantum computers threaten to break public key cryptosystems such as RSA, ECC, and EIGamal on the hardness of factoring or taking a discrete logarithm, while no quantum algorithms are found to solve certain mathematical problems on non-commutative algebraic structures until now. In this background, Majid Khan et al.proposed two novel public-key encryption schemes based on large abelian subgroup of general linear group over a residue ring. In this paper we show that the two schemes are not secure. We present that they are vulnerable to a structural attack and that, it only requires polynomial time complexity to retrieve the message from associated public keys respectively. Then we conduct a detailed analysis on attack methods and show corresponding algorithmic description and efficiency analysis respectively. After that, we propose an improvement assisted to enhance Majid Khan's scheme. In addition, we discuss possible lines of future work.

Cryptanalysis of a Cryptosystem with Non- Commutative Platform Groups

A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.

PowerDetector:Malicious PowerShell Script Family Classification Based on Multi-Modal Semantic Fusion and Deep Learning

Power Shell has been widely deployed in fileless malware and advanced persistent threat(APT)attacks due to its high stealthiness and live-off-theland technique.However,existing works mainly focus on deobfuscation and malicious detection,lacking the malicious Power Shell families classification and behavior analysis.Moreover,the state-of-the-art methods fail to capture fine-grained features and semantic relationships,resulting in low robustness and accuracy.To this end,we propose Power Detector,a novel malicious Power Shell script detector based on multimodal semantic fusion and deep learning.Specifically,we design four feature extraction methods to extract key features from character,token,abstract syntax tree(AST),and semantic knowledge graph.Then,we intelligently design four embeddings(i.e.,Char2Vec,Token2Vec,AST2Vec,and Rela2Vec) and construct a multi-modal fusion algorithm to concatenate feature vectors from different views.Finally,we propose a combined model based on transformer and CNN-Bi LSTM to implement Power Shell family detection.Our experiments with five types of Power Shell attacks show that PowerDetector can accurately detect various obfuscated and stealth PowerShell scripts,with a 0.9402 precision,a 0.9358 recall,and a 0.9374 F1-score.Furthermore,through singlemodal and multi-modal comparison experiments,we demonstrate that PowerDetector’s multi-modal embedding and deep learning model can achieve better accuracy and even identify more unknown attacks.

Key Exchange Protocol Based on Tensor Decomposition Problem

The hardness of tensor decomposition problem has many achievements, but limited applications in cryptography, and the tensor decomposition problem has been considered to have the potential to resist quantum computing. In this paper, we firstly proposed a new variant of tensor decomposition problem, then two one-way functions are proposed based on the hard problem. Secondly we propose a key exchange protocol based on the one-way functions, then the security analysis, efficiency, recommended parameters and etc. are also given. The analyses show that our scheme has the following characteristics: easy to implement in software and hardware, security can be reduced to hard problems, and it has the potential to resist quantum computing.Besides the new key exchange can be as an alternative comparing with other classical key protocols.

SSEM： Secure, Scalable and Efficient Multi-Owner Data Sharing in Clouds

Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.

DEEPNOISE:Learning Sensor and Process Noise to Detect Data Integrity Attacks in CPS

Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.

A Trusted Mobile Payment Environment Based on Trusted Computing and Virtualization Technology

In this paper, we propose a trusted mobile payment environment （TMPE） based on trusted computing and virtualization technology. There are a normal operating system （OS） and a trusted OS （TOS） in TMPE. We store the image of TOS in a memory card to hinder tampering. The integrity of TOS is protected by means of a trusted platform module （TPM）. TOS can only be updated through a trusted third party. In addition, virtualization technology is applied to isolate TOS from normal OS. Users complete ordinary affairs in normal OS and security-sensitive affairs in TOS. TMPE can offer users a highly protected environment for mobile payment. Moreover, TMPE has good compatibility in different hardware architectures of mobile platforms. As the evaluation shows, TMPE satisfies the requirement of mobile payment well.

Security Enhancement of Arbiter-Based Physical Unclonable Function on FPGA

In order to reduce physical unclonable fixnction （PUF） response instability and imbalance caused by the metastability and the bias of arbiter, this paper uses an improved balanced D flip-plop （DFF） based on the unbalanced DFF to reduce the bias in response output and enhances the security of PUF by adopting two balanced DFFs in series. The experimental results show that two cascaded balanced DFFs improve the stability of the DFF, and the output of two balanced DFFs is more reliable. The entropy of output is fixed at 98.7%.

Cryptanalysis and improvement of several quantum private comparison protocols

Recently, Wu et al(2019 Int. J. Theor. Phys. 58 1854) found a serious information leakage problem in Ye and Ji’s quantum private comparison protocol(2017 Int. J. Theor. Phys. 561517), that is, a malicious participant can steal another’s secret data without being detected through an active attack means. In this paper, we show that Wu et al’s active attack is also effective for several other existing protocols, including the ones proposed by Ji et al and Zha et al(2016 Commun. Theor. Phys. 65 711;2018 Int. J. Theor. Phys. 57 3874). In addition,we propose what a passive attack means, which is different from Wu et al’s active attack in that the malicious participant can easily steal another’s secret data only by using his own secret data after finishing the protocol, instead of stealing the data by forging identities when executing the protocol. Furthermore, we find that several other existing quantum private comparison protocols also have such an information leakage problem. In response to the problem, we propose a simple solution, which is more efficient than the ones proposed by Wu et al, because it does not consume additional classical and quantum resources.

A Detection Method of WLAN Security Mechanisms Based on MAC Frame Resolution

Security mechanism detection is not only an important content of vulnerabilities evaluation but also the foundation of key strength test for wireless local area network （WLAN）. This paper analyzes the specifications of WLAN security mechanisms and points out the defects in design of security mechanisms detection algorithm based on the standards. By capturing and analyzing a large number of Beacon frames from different vendor＇s access points （APs）, we summarize the relevant fields and information elements in a Beacon frame, and present their values or status when an AP is set to every specific security mechanism. A detection algorithm of WLAN security mechanisms is proposed based on the experimental study result and the pseudo code of a reference implementation for the algorithm is designed. The validity of the algorithm is illustrated by examples, which shows it can detect every WLAN security mechanism accurately.

RSMC:A Safety Model Checker for Concurrency and Memory Safety of Rust

Rust is a system-level programming language that provides thread and memory safety guarantee through a suite of static compiler checking rules and prevents segmentation errors.However,since compiler checking is too strict to confine Rust's programmability,the developers prefer to use the keyword"unsafe"to bypass compiler checking,through which the caller could interact with OS directly.Unfortunately,the code block with"unsafe"would easily lead to some serious bugs such as memory safety violation,race condition and so on.In this paper,to verify memory and concurrency safety of Rust programs,we present RSMC(Safety Model Checker for Rust),a tool based on Smack to detect concurrency bugs and memory safety errors in Rust programs,in which we combine concurrency primitives model checking and memory boundary model checking.RSMC,with an assertion generator,can automatically insert assertions and requires no programmer annotations to verify Rust programs.We evaluate RSMC on two categories of Rust programs,and the result shows that RSMC can effectively find concurrency bugs and memory safety errors in vulnerable Rust programs,which include unsafe code.

Steganalysis of MSU Stego Video Based on Block Matching of Interframe Collusion and Motion Detection

MSU Stego Video is a public video steganographic tool, which has strong robustness and is regarded as a real video steganographic tool. In order to increase the detection rate, this paper proposes a new steganoalysis method against MSU, which uses the chessboard character of MSU embedded video, proposes a down-sample block-based collusion method to estimate the original frame and checks the chessboard mode of the different frame between tested frame and estimated frame to detect MSU steganographic evidences. To reduce the error introduced by severe movement of the video content, a method that abandons severe motion blocks from detecting is proposed. The experiment results show that the false negative rate of the proposed algorithm is lower than 5%, and the false positive rate is lower than 2%. Our algorithm has significantly better performance than existing algorithms. Especially to the video that has fast motion, the algorithm has more remarkable performance.

Differentially Private Spatial Decompositions for Geospatial Point Data

Technological advancements in data analysis and data releasing have put forward higher security requirements, such as privacy guarantee and strictly provable security, this new area of research is called differential privacy. As for geospatial point data, the exiting methods use the tree structure to split the data space to enhance the data utility and usually adopt uniform budgeting method. Different from this, we propose a novel non-uniform allocation scheme for privacy budget which is a parameter to specify the degree of privacy guarantee. Firstly, the spatial data is indexed by quadtree, then, different privacy budget is allocated to each layer of quadtree using Fibonacci series features, and we designate this budgeting method as Fibonacci allocation. Experimental results show that Fibonacci allocation is significantly more accurate in data queries than the state-of-the-art methods under the same privacy guarantee level and fits for arbitrary range queries. Furthermore, data utility can be improved by post-processing and threshold determination.

Digital chaotic sequence generator based on coupled chaotic systems

Chaotic systems perform well as a new rich source of cryptography and pseudo-random coding. Unfortunately their digital dynamical properties would degrade due to the finite computing precision. Proposed in this paper is a modified digital chaotic sequence generator based on chaotic logistic systems with a coupling structure where one chaotic subsystem generates perturbation signals to disturb the control parameter of the other one. The numerical simulations show that the length of chaotic orbits, the output distribution of chaotic system, and the security of chaotic sequences have been greatly improved. Moreover the chaotic sequence period can be extended at least by one order of magnitude longer than that of the uncoupled logistic system and the difficulty in decrypting increases 2^128＊2^128 times indicating that the dynamical degradation of digital chaos is effectively improved. A field programmable gate array （FPGA） implementation of an algorithm is given and the corresponding experiment shows that the output speed of the generated chaotic sequences can reach 571.4 Mbps indicating that the designed generator can he applied to the real-time video image encryption.