一种新的MPLS网络故障恢复算法

提出了一种新的MPLS网络故障恢复算法设计——MD方案。该方案既预留了备用路线,又兼具动态重路由的优点。理论分析和仿真实验表明,MD方案显著地改善了恢复时间和丢包,并且在时延上也有很好的表现。该方案具有灵活性,总体表现优于现有的算法。     

权限可控的公开验证代理签密方案

对Shin等人的可公开验证签密方案和Jung等人的可公开验证代理签密方案进行了密码学分析,研究了它们的机密性和代理权限问题,发现这两个方案中的公开验证过程都是以泄漏消息的机密性为代价的,同时发现Jung等人的方案没有实现代理权限的管理。在此基础上提出对Shin方案改进的一个权限可控的公开验证性代理签密方案,克服了其公开验证过程中的安全漏洞,并对代理权限进行了全面限制。在基于某些密码学假设的前提下,证明了方案的安全性。     

The PSTR/SNS scheme for real-time fault tolerance via active objectreplication and network surveillance

The TMO (Time-triggered Message-triggered Object) scheme was formulated as a major extension of the conventional object structuring schemes with the idealistic goal of facilitating general-form design and timeliness-guaranteed design of complex real-time application systems. Recently, as a new scheme for realizing TMO-structured distributed and parallel computer systems that are capable of both hardware and software fault tolerance, we have formulated and demonstrated the PSTR (Primary-Shadow TMO Replication) scheme. An important new extension of the PSTR scheme discussed in this paper is an integration of the PSTR scheme and a network surveillance (NS) scheme. This extension results in a significant improvement in the fault coverage and recovery time bound achieved. The NS scheme adopted is a recently-developed scheme that is effective in a wide range of point-to-point networks, and it is called the SNS (Supervisor-based Network Surveillance) scheme. The integration of the PSTR scheme and the SNS scheme is called the PSTR/SNS scheme. The recovery time bound of the PSTR/SNS scheme is analyzed on the basis of an implementation model that can be easily adapted to various commercial operating system kernels     

一个强指定验证者签名方案的密码学分析

对李明祥等提出的一个基于身份的强指定验证者签名方案进行了安全性分析,指出其存在两个重大的安全缺陷：（1）该方案是可以普遍伪造的;（2）该方案不是一个指定验证者签名方案,非指定验证者也可以验证签名的有效性。提出了改进方案,克服了原方案的缺陷,提高了系统的安全性,并保留了原方案的优点。     

一个安全的多方交易微支付方案

基于RiVest等人的微支付方案,提出了一个新的适用多方交易的微支付方案。新方案克服了Rivest等人的方案中的一个Payword链只能对一个商家花费的缺点,实现了一个Payword链能对多个商家花费的特性,而且效率也比Rivest等人的方案高。     

Optimal resilient threshold GQ signatures

GQ signature scheme is widely used in many cryptographic protocols, such as forward-secure signature scheme, identity-based signature scheme, etc. However, there is no threshold version of this important signature scheme in the open literature. We proposed the first threshold GQ signature scheme. The scheme is proved unforgeable and robust against any adaptive adversary by assuming hardness of computing discrete logarithm modulo a safe prime and existence of fully synchronous broadcast channel. Furthermore, with some modifications, our scheme achieves optimal resilience such that the adversary can corrupt up to a half of the players. As an extension of our work, we provided a threshold identity-based signature scheme and a threshold forward-secure signature scheme, which is the threshold version of the most efficient forward-secure signature scheme up to now.     

标准模型下一种实用的和可证明安全的IBE方案

组合公钥方案是一种用于基于身份密码体制中生成用户加密密钥和私钥的知名方案.针对组合公钥方案存在合谋攻击的问题,通过仅扩展该方案的私钥生成过程,实现了扩展方案的抗合谋攻击性.在此基础上构建标准模型下基于Decisional Bilinear Diffie-Hell man假设可证明安全的一种新的基于身份加密方案.最后,为了说明所构新方案的实用性,分析了扩展组合公钥方案的用户加密密钥抗碰撞性;对比了新方案和同类的3个知名方案在安全性证明的归约程度方面、加解密的时间复杂度方面和密文的长度方面的性能,表明了新方案在以上3点上具有目前最优的指标.因此新方案是相对较实用的.     

一种可验证的多秘密共享方案

YCH方案是一个基于二元单向函数和Shamir(t,n)门限方案的有效多秘密共享方案,但其不具有可验证性。该文基于YCH方案、RSA密码体制和离散对数问题,提出一个可验证的多秘密共享方案,使YCH方案保留原有性质的同时实现了可验证性。该方案中参与者的秘密份额由自己选择产生且无需安全信道,有较强的实用价值。     

Examination of characteristics method with cubic interpolation for advection–diffusion equation

In this study, the use of the characteristics method integrated with the Hermite cubic interpolation or the cubic-spline interpolation on the space line or the time line, i.e., the HCSL scheme, the CSSL scheme, the HCTL scheme, and the CSTL scheme, respectively, for solving the advection–diffusion equation is examined. The advection and diffusion of a Gaussian concentration distribution in a uniform flow with constant diffusion coefficient is used to conduct this investigation. The effects of parameters, such as Peclet number, Courant number, and the reachback number, on these four schemes used herein for solving the advection–diffusion equation are investigated. The simulated results show that the CSSL scheme is comparable to the HCSL scheme, and the two schemes seem insensitive to Courant number as compared with the HCTL scheme and the CSTL scheme. With large Peclet number, for small Courant number the HCTL scheme is more accurate than the HCSL scheme and the CSSL scheme. However, for large Courant number the HCTL scheme has worse computed results in comparison with the HCSL scheme and the CSSL scheme. With small Peclet number, the HCTL scheme, the HCSL scheme, and the CSSL scheme have close simulated results. Despite Peclet number, for small Courant number the CSTL scheme is comparable to the HCTL scheme, but for large Courant number the former scheme provides unacceptable simulated results in which very large numerical diffusion is induced due to the effect of the natural endpoint constraint. For large Peclet number the HCSL scheme and the CSSL scheme integrated with the reachback technique can improve simulated results, but for small Peclet number the HCSL scheme and the CSSL scheme seem not to be influenced by increasing the reachback number.     

具有已知代理人的不可否认门限代理签密方案

1996年,Mambo等人提出了代理签名概念.但是,代理签名仅能提供授权的认证而不能提供保密性.Chan和Wei提出一个门限代理签密方案(记为Chan-Wei方案),扩展了代理签名的概念.指出他们的方案不满足强不可伪造性、强不可否认性和强识别性.基于Chan-Wei方案,提出一个能够克服Chan-Wei方案缺点的不可否认门限代理签密方案.给出方案的完备性证明和安全性分析.此外,与Chan-Wei方案相比,所提出的方案能够确切地发现哪些代理人提供假子密钥或篡改子密钥.     

一种改进的PETKS原型方案及其扩展

关键字可搜索的公钥加密是对基于身份加密方案的直接应用,是一种具有特殊功能和全新应用环境的方案.2005年Abdalla等人首次提出了具有临时关键字可搜索的公钥加密的原型方案.在该原型方案的基础上,研究了该方案存在的效率问题,提出了一种更高效的实例方案,并从中抽象出更高效的原型方案.在原型方案的基础上,提出了两种扩展的原型方案,从而进一步丰富了该方案的应用环境.     

Efficient forwarding scheme for downlink broadcast messages in IEEE 802.16j multi-hop relay networks

Although the IEEE 802.16j standard introduces a connection identifier (CID)-based forwarding scheme and a tunnel-based forwarding scheme, these schemes exhibit poor performance when forwarding broadcast messages. This study considers a CID translation strategy and proposes two CID-translated forwarding schemes for IEEE 802.16 multi-hop relay networks. The basic CID-translated forwarding scheme does not require to append the relay MAC header of the tunnel-based scheme to the broadcast messages. The enhanced CID-translated forwarding scheme further divides a broadcast message into a common part and a specific part and forwards these parts in a multicast manner and a broadcast manner, respectively. Simulation results validate that the basic CID-translated forwarding scheme uses fewer resources than the tunnel-based forwarding scheme. Moreover, the enhanced CID-translated forwarding scheme outperforms the basic CID-translated forwarding scheme in terms of the system resources used and transmission latency.     

基于双线性对的可验证秘密共享及其应用

利用双线性对设计一个知识承诺方案,该承诺方案满足知识承诺的隐藏性和绑定性要求。利用该承诺方案构造一个秘密共享方案,该方案是可验证的、子密钥能定期更新的（t,n）门限方案。根据秘密共享方案设计一个可验证的门限签名方案。该签名方案是前向安全的,各成员的签名子密钥能定期更新,无需求逆运算,执行效率更高。     

基于双密钥的对称加密方案

在对混沌加密和传统加密特性进行分析的基础上,该文提出一个基于双密钥的对称加密方案,该方案通过一个对密钥极其敏感的函数及一个公开的动态密钥,可以实现类似于“一次一密”的加密目标。给出一个基于Lorenz混沌系统的实现方案,理论分析和实验结果表明,该方案可以提高传统加密方案的安全性能,并且实现简单。     

一个完全分布式的可追踪门限-多重签名方案

门限-多重签名是结合了门限签名和多重签名的特点而产生的新的签名,这种签名体制既可以使多于门限t个以上的签名者产生合法的签名,同时又具有签名者可追踪的特性。提出了一个完全分布式的可追踪门限-多重签名,使得必须有t个或t个以上的诚实组成员合作才可能产生一个门限-多重签名,并且可以公开验证签名中每个签名成员的身份。该门限-多重签名方案是基于可证明安全的单签名变体改进的,具有较高的安全性。在协议的整个过程中利用了已证明安全的签名和签密技术,保障了协议过程的安全性及可验证性。方案本身及协议的安全性和高效性使得此方案具有较高的实用性。     

基于椭圆曲线密码体制的(t,n)门限签密方案*

首先提出一个基于椭圆曲线密码体制的签密方案。该方案是数字签名和公钥加密的有机集成,除了具有认证性、保密性外,还具有计算量与通信量小等特点。在此基础上,构造了一个基于椭圆曲线密码体制的（t,n）门限签密方案。该方案具有数据传输安全、鲁棒性、通信代价更小、执行效率更高等特点。还给出两种方案的安全性分析。     

一种高效的短签名

提出一种新的短签名方案,长度只有160bits,但其计算效率远远高于BLS短签名方案。基于大整数分解的困难性,该方案在选择消息攻击下是存在不可伪造的。作为短签名时,签名是一次性的,该方案的安全性证明不需要随机预言机模型。该方案很容易修改为一般的签名方案进行多次签名。     

主动多秘密共享方案

主动秘密共享机制是在保持被共享的秘密不变的情况下,定期地对各参与者的秘密份额进行更新。许春香等人提出了一种定期更新防欺诈的秘密共享方案,该方案在秘密共享过程中仅支持共享单个秘密。在许春香等人方案的基础上,结合YCH(C C Yang,T Y Chang和M S Hwang)多秘密共享机制提出了一种主动多秘密共享方案。在方案中,秘密份额能够在不改变秘密的前提下定期进行刷新,一次秘密共享过程可以同时共享多个秘密,并且每个参与者可以对其他参与者提供的秘密份额进行验证。方案的安全性基于Shamir门限机制和离散对数问题。     

On the first order local stability scheme for the numerical solution of time-dependent compressible flows

The diffusion, stability and monotonicity properties of the first order local stability scheme are investigated by resorting to both analysis and numerical experimentation. The scheme, deducible from either the first order Rusanov scheme or the first order van Leer scheme, is optimally stable. The magnitude of the truncation viscosity of the scheme is in between that of the Rusanov scheme and of the second order Lax-Wendroff scheme. The scheme does not, in general, yield monotonic profiles of shocks. A modified version of the local stability scheme (which preserves the local stability character at each point in the flow region and switches over to the van Leer scheme near shocks only) is proposed for practical application. Tests on one-dimensional problems show that the scheme achieves a better resolution of the flow features than is possible with the Rusanov scheme. The scheme is found to be capable of yielding a resolution which is almost equal to that of the second order schemes. Furthermore, it offers other advantages in that it resists nonlinear instabilities, is easy to programme and requires only a modest amount of storage and time on the computer.     

基于时间矩阵序列的多指标方案综合排序分配法

针对多指标方案排序选优决策问题,提出了一种基于时间矩阵序列的方案综合排序分配法.假设存在一个"隐评价函数",它能对方案的各种优先排序进行综合评价,由此得到方案的最优排序和最优决策方案.利用方案的时序信息,构造了"隐评价函数"关于方案排序的"综合效率"评价矩阵,提出了方案综合排序选优分配模型,5个供应商6个指标的综合排序案例表明该方法合理、可行.