标准模型下一种新的基于身份的分级加密方案

该文给出了一种新的基于身份的分级加密方案,在标准模型下,证明了该方案是推广selective-ID安全的。在判定BDHI假设下,该方案可以抗选择明文攻击(CPA)。另外,作为文中方案的推广应用,基于Waters方案及其变形方案,提出了一种标准模型下基于身份的分级签名方案。在DHI假设下,该方案被证明对适应性选择消息攻击是存在性不可伪造的。     

指名签名与指名代理签名

该文分别对一个指名签名方案(KPW方案)和一个指名代理签名方案(PL方案)进行分析,结果表明:在KPW方案中签名人不仅能验证而且也能向第三方证明签名的有效性,甚至能将签名转化为通常的自认证签名,因此不是指名签名方案;在PL方案中任何人都可验证签名的有效性,它只是一个自认证签名方案。该文进一步给出了KPW方案的一个改进方案,使之具有指名签名的全部性质,同时也给出了一个基于该方案的指名代理签名方案。     

层次身份基认证密钥协商方案的安全性分析和改进

该文分析了曹晨磊等人(2014)提出的层次身份基认证密钥协商方案的安全性,指出该方案无法抵抗基本假冒攻击。文中具体描述了对该方案实施基本假冒攻击的过程,分析了原安全性证明的疏漏和方案无法抵抗该攻击的原因。然后,在BONEH等人(2005)层次身份基加密方案基础上提出了一种改进方案。最后,在BJM模型中,给出了所提方案的安全性证明。复杂度分析表明所提方案在效率上同原方案基本相当。     

高效的选择密文安全的单向代理重加密方案

针对如何构造一个在标准模型下高效的选择密文安全的单向代理重加密方案这个问题,提出了一种新的、高效的单向代理重加密方案,并且在标准模型下证明了方案在自适应攻陷模型下的选择密文安全性。所提方案与LV方案相比,在安全性和效率方面都有所提升,与WJ方案相比,在同等安全条件下,运算效率有所提高。     

铁路隧道群间隙及短隧道GSM-R系统覆盖方案研究

分析了隧道群间隙及短隧道GSM-R系统常用的漏缆贯通覆盖方案,指出方案存在的问题,在此基础上提出了天线覆盖优化方案,并在对两种方案进行分析比较的基础上提出了优化设计方案。研究了隧道长度、隧道群间距和GSM-R系统覆盖方案的关系,针对不同类型的隧道群间隙及短隧道提出了GSM-R系统覆盖方案。     

铁路隧道群间隙及短隧道GSM-R系统覆盖方案研究

分析了隧道群间隙及短隧道GSM-R系统常用的漏缆贯通覆盖方案,指出方案存在的问题,在此基础上提出了天线覆盖优化方案,并在对两种方案进行分析比较的基础上提出了优化设计方案。研究了隧道长度、隧道群间距和GSM-R系统覆盖方案的关系,针对不同类型的隧道群间隙及短隧道提出了GSM-R系统覆盖方案。     

一个高效的无证书盲签名方案

提出了一个高效的无证书盲签名方案。在随机预言机模型下,证明了新方案在适应性选择消息、选择身份攻击下是存在不可伪造的,能够有效抵抗AI攻击者的替换公钥攻击和AⅡ攻击者的KGC攻击。方案中在签名阶段没有任何双线性对运算,在验证阶段只有一个双线性对运算,并且不需要使用映射到点（Mapto Point）的特殊哈希函数。与已有方案相比,所提方案在计算量上更具优势。同时方案采用无证书公钥密码体制,解决了基于证书签名方案的证书管理问题和基于身份签名方案的密钥托管问题。     

一种新型的群签名方案

该文在BB短签名方案的基础上演化出一个新的签名方案,并由此构建了一个新的群签名方案。新的群签名方案的安全性建立在随机预言机模型下,q-SDH假设和判定Diffie-Hellman假设之上的。该文提出的群签名方案的签名长度比BBS的短群签名方案的签名长度略长,但在为群成员发放资格证书以及成员私钥时,不需要可信任第三方的参与。     

软交换规划方案的研究

软交换技术目前已经成熟,本文通过对软交换的设置架构方案进行详细分析和论证,并对不同方案在规划中应注意的问题以及风险规避进行了详细论述,研究结果表明：在引入软交换设备方案中,采用分离架构方案是最佳方案和选择。     

EOC设备物理层参数测试

一、引言 目前,有线电视双向改造主要有三种方案：一是采用CMTS方案;二是采用五类线直接入户方案（EPON＋LAN方案）;三是采用同轴电缆入户方案（EPON＋EOC方案）。CMTS方案在原有的HFC线路上传输上/下行数据,     

基于安全防诬码的加密广播方案

提出了一种基于安全防诬码的加密广播方案。针对一种特权用户集大小受限的广播情形,利用安全防诬码构造了一种(n,k)-弹性加密广播方案。该方案只要求广播中心传输一次加密信息、用户存储一个密钥,就可完成广播任务。此外,特权用户集生成解密密钥的过程中,广播中心无需广播任何消息。相对于已有方案具有更低的系统带宽需求和存储复杂度。     

具有纠错能力的认证会议密钥分配方案和安全广播通信方案

本文提出了一种构造具有纠错能力的认证会议密钥分配方案和安全广播 有效方法，该方法不是采用传统的加密技术而是利用幻民错码技术，由该方法构造的两个方案不仅安全，而且可以提高通信的可靠性。     

An ID-based broadcast encryption scheme for key distribution

A broadcast encryption scheme enables a center to distribute keys and/or broadcast a message in a secure way over an insecure channel to an arbitrary subset of privileged recipients. In this paper, an ID-based broadcast encryption scheme is proposed, by which a center can distribute keys over a network, so that each member of a privileged subset of users can compute a specified key. Then a conventional private-key cryptosystem, such as DES, can be used to encrypt the subsequent broadcast with the distributed key. Because a key distribution can be done in an encrypted broadcast without any key pre-distribution, re-keying protocols for group membership operations can be simplified, a center can use the ID-based broadcast encryption scheme again to distribute a new and random session key. The ID-based broadcast encryption scheme from bilinear pairings is based on a variant of the Boneh-Franklin identity based encryption scheme.     

基于最大秩距离码的McEliece公钥加密方案

提出了基于最大秩距离码新的McElience公钥密码系统，讨论其可行性及安全性．证明了它比基于纠错码的McElience公钥密码系统里安全。而且，通过引入单向函数．使密码系统能有效地抗击消息重发攻击和相关消患攻击。     

一种后向撤销隐私安全的车载自组织网络快速匿名消息认证协议

该文提出适用于车载自组织网络的快速匿名消息认证协议。通过使用基于身份的签密技术,车辆行驶至某区域后,与该区域中心相互认证,获取其所维护的周期性群签名系统密钥材料。之后,该车辆能够使用获取的密钥材料对向网络中广播的携带有群签名的消息,实现消息的匿名认证。网络中的车辆收到其它车辆广播消息之后,仅需验证群签名的合法性,避免验证消息的签发者是否是撤销用户。此外,所采用的群签名算法支持批验证运算,能够快速处理短期内收到的多个消息。除了避免撤销验证特性之外,与已有的文献相比,文中的方案能够完善地保护撤销用户的后向隐私安全性。     

Updating the parameters of a threshold scheme by minimal broadcast

Threshold schemes allow secret data to be protected among a set of participants in such a way that only a prespecified threshold of participants can reconstruct the secret from private information (shares) distributed to them on a system setup using secure channels. We consider the general problem of designing unconditionally secure threshold schemes whose defining parameters (the threshold and the number of participants) can later be changed by using only public channel broadcast messages. In this paper, we are interested in the efficiency of such threshold schemes, and seek to minimize storage costs (size of shares) as well as optimize performance in low-bandwidth environments by minimizing the size of necessary broadcast messages. We prove a number of lower bounds on the smallest size of broadcast message necessary to make general changes to the parameters of a threshold scheme in which each participant already holds shares of minimal size. We establish the tightness of these bounds by demonstrating optimal schemes.     

STS_4e: Secure Time Synchronization in IEEE802.15.4e Networks

IEEE802.15.4e networks adopt time-synchronized medium access control protocols which enables highly reliable and ultra-low power industrial wireless networks. In these networks, nodes use timeslot to communicate which need a high-precision time synchronization. In hostile environments, the time synchronization protocol may be destroyed by external, compromise or pulse-delay attacks. In this paper, we present a secure time synchronization for IEEE802.15.4e networks called STS_4e which includes a secure single-hop pair-wise time synchronization and a secure cluster-wise time synchronization. The secure pair-wise time synchronization adopts message integrity authentication mechanism to defend against external attacks and threshold filter algorithm to defend against compromise and pulse-delay attacks. The secure cluster-wise time synchronization adopts packet-based key chain to improve µTESLA broadcast authentication mechanism which can well balance the delay of disclosed keys and the length of key chain. Finally, we implement the STS_4e scheme on OpenMoteSTM node running OpenWSN. The results show that the proposed scheme can successfully defend against time synchronization attacks as well as the low energy consumption.     

How to signcrypt a message to designated group

In an open network environment, the protection of group communication is a crucial problem. In this article, a novel broadcast group-oriented signcryption scheme is presented for group communication scenarios in distributed networks. Anyone in this scheme can signcrypt a message and distribute it to a designated group, and any member in the receiving group can unsigncrypt the ciphertext. The ciphertext and public key in the scheme are of constant size. In addition, this new scheme offers public verification of the ciphertext. This property is very important to the large-scale group communication since the gateway can filter the incorrect ciphertext and alleviate the receiver's workload. Finally, a proof in the random oracle model is given to show that the scheme is secure against chosen ciphertext attack and existential forgery.     

Novel Advanced Broadcast Scheme for Efficient Safety Message Collision Alleviation in Vehicular Networks

Safety message broadcasting may cause a broadcast storm in vehicular ad-hoc network without an effective feedback mechanism. In particular, with increasing number of vehicles, serious collisions and incurred long delays are not acceptable for emergency safety messages. In this paper, we proposed an advanced broadcast scheme by the functionality of distributed coordination function and multi-channel operation in dedicated short range communication to decrease collision probability and increase received ratio of safety messages. The proposed scheme can increases safety message transmission efficiency and reduce the latency by delicately designing a rebroadcast probability, choosing the channel and selecting the backoff timer. After broadcasting in the control channel, transmitters return to their original service channel. Then, the vehicles receiving the safety message should inform the others in the same service channel to switch to the control channel for the safety message. Afterwards, the vehicles broadcast the safety message once and go back to the original service channel. This method can inform the other vehicles in different channels to increase the broadcast penetration. The proposed scheme can work without global positioning system (GPS). However, GPS can adapt the rebroadcast probability on hot spots to enhance the efficiency of the proposed scheme. Through detailed simulations, the proposed scheme is shown to be more efficient compared to the existing ones.     

量子消息认证协议

研究了在量子信道上实现经典消息和量子消息认证的方法。给出了一个基于量子单向函数的非交互式经典消息认证加密协议。证明了给出的协议既是一个安全的加密方案,也是一个安全的认证方案。利用该认证加密协议作为子协议,构造了一个量子消息认证方案,并证明了其安全性。与BARNUM等给出的认证方案相比,该方案缩减了通信双方共享密钥的数量。