基于MANET网络的服务协议

为了实现MANET网络的服务协议,提出了一种基于OLSR路由协议的MANET网络服务发布发现协议的设计方案,分析了OLSR路由协议的特点,根据MPR节点算法的特殊性,将服务消息通过MPR节点转发,通过主动模式和被动模式获取服务消息,实现服务发现.并设计了在OLSR路由协议下的服务协议机制.     

一种基于卫星IP网络的数据链路层协议

通过分析卫星通信网络发展趋势,阐述卫星网络中现有的数据链路层协议,梳理归纳卫星网络的特点及影响,提出了一种新型卫星网络数据链路层协议(New Satellite Link Protocol,NSLP)。分析对比表明,该协议能够有效降低链路层报头开销,提高信息传输效率。在实际应用中,新型协议具有能够简化数据链路层的功能,有与TCP/IP协议兼容性好、与IP协议耦合度高、节约星上资源等诸多优点,有利于卫星IP网络整体性能的有效提升。     

Saturation throughput analysis of a carrier sensing based MU-MIMO MAC protocol in a WLAN under fading and shadowing

In wireless local area networks (WLANs), the traditional carrier sense multiple access with collision avoidance (CSMA/CA) medium access control (MAC) protocol cannot use the full benefits from multiuser multiple-input multiple-output (MU-MIMO) technique due to random medium access of the users. In this paper, we propose a carrier sensing based MAC protocol for a MU-MIMO based WLAN with full utilization of MU-MIMO technique. By modeling the WLAN system under the proposed MAC protocol as a discrete time Markov chain, we develop an analytical model for computing the saturation throughput in presence of path loss, Rayleigh fading and log-normal shadowing. The analytical model is then validated via simulation. By means of numerical and simulation results, we demonstrate that the proposed MAC protocol significantly improves throughput performance than the traditional CSMA/CA MAC protocol. Further, we compare the performance of the proposed MAC protocol with a MU-MIMO MAC protocol called Uni-MUMAC protocol and find that the proposed MAC protocol performs better than the Uni-MUMAC protocol. We also explore the effect of some of the network and wireless channel parameters on the performance of the proposed MAC protocol.

     

Secure Distributed Key Generation for Discrete-Log Based Cryptosystems

A Distributed Key Generation (DKG) protocol is an essential component of threshold cryptosystems required to initialize the cryptosystem securely and generate its private and public keys. In the case of discrete-log-based (dlog-based) threshold signature schemes (ElGamal and its derivatives), the DKG protocol is further used in the distributed signature generation phase to generate one-time signature randomizers (r = g^k). In this paper we show that a widely used dlog-based DKG protocol suggested by Pedersen does not guarantee a uniformly random distribution of generated keys: we describe an efficient active attacker controlling a small number of parties which successfully biases the values of the generated keys away from uniform. We then present a new DKG protocol for the setting of dlog-based cryptosystems which we prove to satisfy the security requirements from DKG protocols and, in particular, it ensures a uniform distribution of the generated keys. The new protocol can be used as a secure replacement for the many applications of Pedersen's protocol. Motivated by the fact that the new DKG protocol incurs additional communication cost relative to Pedersen's original protocol, we investigate whether the latter can be used in specific applications which require relaxed security properties from the DKG protocol. We answer this question affirmatively by showing that Pedersen's protocol suffices for the secure implementation of certain threshold cryptosystems whose security can be reduced to the hardness of the discrete logarithm problem. In particular, we show Pedersen's DKG to be sufficient for the construction of a threshold Schnorr signature scheme. Finally, we observe an interesting trade-off between security (reductions), computation, and communication that arises when comparing Pedersen's DKG protocol with ours.     

基于S-CDMA的HFC网上行信道接入协议

本文着重讨论了一个基于S-CDMA的HFC网上行信道的高效的接入协议--SAMA接入协议，其中包括了请求冲突解决协议和初始化协议两部分，并对这个接入协议的冲突率和吞吐量性能进行了详细分析，最后提出了该接入技术中尚待解决的问题。     

安全协议的设计与验证技术

安全协议是网络安全的基础,本文分析了目前安全协议的各种设计与验证技术,对安全协议的若干热点研究方向进行了展望,提出了一种基于多方协议中心站的容错多方安全协议.     

A Secure and Efficient Chaotic Maps Based Authenticated Key-Exchange Protocol for Smart Grid

Nicanfar and Leung proposed a multilayer consensus elliptic curve based password authenticated key-exchange (MCEPAK) protocol for smart grid. They claimed that their protocol is secure against possible attacks. In this paper, we show that the MCEPAK protocol is vulnerable to the dictionary attack and an adversary can obtain the passwords of the appliances by eavesdropping the communicated messages in the protocol. Moreover, we state that the passwords can be discovered by curious operators of the building area networks and the neighbor area networks. Theses weaknesses motivated us to introduce a chaotic maps based authenticated key exchange protocol for smart grid. To the best of our knowledge, the chaotic maps based key exchange protocol has not yet been devised for smart grid and the same objective has been fulfilled in this paper. In addition, we prove the security of the proposed protocol by a formal analysis.

     

Performance Evaluation of a New MAC Protocol for the CDMA Interconnection Network

A CDMA mobile system consists of subsystems that transmit and receive call control messages and traffic messages through the CDMA Interconnection Network (CIN). To assure high throughput and short delay in the CIN, an efficient Medium Access Control (MAC) protocol should be provided.In this study, we propose a new MAC protocol for CDMA interconnection networks in order to provide real-time communications in CDMA mobile systems. Also, we evaluate the delay performance of the proposed MAC protocol and compare it with that of existing MAC protocol. Through numerical examples, we show that the proposed protocol provides better delay performance than the existing protocol.     

Posets and protocols-picking the right three-party protocol

In this paper, we introduce a framework in which we can investigate the possibility of adapting a security protocol in order to obtain optimal efficiency according to the communication channels available. This method is based on the observation that there is a partial order imposed upon the actions of the various parties involved in a protocol. We define operations permitted on the partially ordered set associated with the protocol and obtain transformations of the original protocol while preserving the security properties. Performing these operations on the protocol we enumerate the options available to a system.     

使用构造类别代数描述和验证密码协议

密码协议必须满足安全属性的需求，对密码协议进行形式化规范需要证明其满足该属性。传统的方法或者不利于验证，或者不利于描述。本文在构造类别代数中引入时序算子，对密码协议以及协议的入侵者进行建模，在此基础上利用时序逻辑推导协议应该满足的安全属性。通过在Equicrpt协议上的应用，说明了这是一种解决密码协议描述和验证的行之有效的方法。     

基于LVM的容灾系统传输协议的实现

本文首先介绍了作者基于Linux的逻辑卷管理系统(LVM)开发的一个数据容灾系统：逻辑卷复制器(Logic Volume Replieator，简称为LVR)。传输协议是这个系统中对它的性能有至关重要影响的组成部分。我们从协议层次，连接通路，报文设计三个方面对它进行了讨论。我们围绕实现错误状态恢复、保持数据的一致性，以及接管(failovef)和恢复(failback)这三个容灾系统特性分析了这个协议的实现流程。最后，我们给出了这个协议的评价。     

Hardware invariant protocol disruptive interference for 100BaseTX Ethernet communications

In this paper, we introduce a new concept that we refer to as hardware invariant protocol disruptive interference (HIPDI). Such interference would pose a severe threat as intentional EMI to the corresponding protocol for which it was designed. In this paper, we consider only the 100BaseTX Ethernet protocol over UTP CAT-5 cable which is used extensively in local-area networks. We show that low power, narrowband, differential-mode voltage levels on a 100BaseTX Ethernet twisted-pair can seriously degrade network throughput independent of the physical features of the network or the protocol interpreter hardware. Moreover, we show that the required parameters of disruptive interference can be derived from the protocol itself using a concept we call hardware aperture. The experimental results reported herein indicate that creating such interference is practically feasible and therefore, is a possible threat to existing communication networks.     

Constant-Round Oblivious Transfer in the Bounded Storage Model

We present the first constant-round protocol for Oblivious Transfer in Maurer's bounded storage model. In this model, a long random string R is initially transmitted and each of the parties stores only a small portion of R. Even though the portions stored by the honest parties are small, security is guaranteed against any malicious party that remembers almost the entire string R (but not all of it). Previous constructions for oblivious transfer in the bounded storage model required polynomially many rounds of interaction. In contrast, our protocol uses only five messages. In addition we also improve other parameters, such as the number of bits transferred and the probability of immaturely aborting the protocol due to failure. Our techniques utilize explicit constructions from the theory of derandomization. In particular, we achieve the constant round complexity of our oblivious transfer protocol by constructing a novel four-message protocol for Interactive Hashing, in place of the well-known protocol by Naor et al. (known as the NOVY protocol) which involves many rounds of interaction. Our four-message interactive hashing protocol is constructed by use of t-wise independent permutations and may be of independent interest. For achieving constant-round complexity we also construct a new subset encoding scheme that is dense; namely, guarantees that almost every string in the image of the encoding function has a preimage. Other tools we employ include randomness extractors and averaging samplers.     

IEEE 802.11 protocol: design and performance evaluation of anadaptive backoff mechanism

In WLANs, the medium access control (MAC) protocol is the main element that determines the efficiency of sharing the limited communication bandwidth of the wireless channel. The fraction of channel bandwidth used by successfully transmitted messages gives a good indication of the protocol efficiency, and its maximum value is referred to as protocol capacity. In a previous paper we have derived the theoretical limit of the IEEE 802.11 MAC protocol capacity. In addition, we showed that if a station has an exact knowledge of the network status, it is possible to tune its backoff algorithm to achieve a protocol capacity very close to its theoretical bound. Unfortunately, in a real case, a station does not have an exact knowledge of the network and load configurations (i.e., number of active stations and length of the message transmitted on the channel) but it can only estimate it. In this work we analytically study the performance of the IEEE 802.11 protocol with a dynamically tuned backoff based on the estimation of the network status. Results obtained indicate that under stationary traffic and network configurations (i.e., constant average message length and fixed number of active stations), the capacity of the enhanced protocol approaches the theoretical limits in all the configurations analyzed. In addition, by exploiting the analytical model, we investigate the protocol performance in transient conditions (i.e., when the number of active stations sharply changes)     

Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol

In SAC'05, Strangio proposed protocol ECKE- 1 as an efficient elliptic curve Diffie-Hellman two-party key agreement protocol using public key authentication. In this letter, we show that protocol ECKE-1 is vulnerable to key-compromise impersonation attacks. We also present an improved protocol - ECKE-1N, which can withstand such attacks. The new protocol's performance is comparable to the well-known MQV protocol and maintains the same remarkable list of security properties.     

A lightweight anonymous two‐factor authentication protocol for wireless sensor networks in Internet of Vehicles

Internet of Vehicles (IoV), as the next generation of transportation systems, tries to make highway and public transportation more secure than used to be. In this system, users use public channels for their communication so they can be the victims of passive or active attacks. Therefore, a secure authentication protocol is essential for IoV; consequently, many protocols are presented to provide secure authentication for IoV. In 2018, Yu et al proposed a secure authentication protocol for WSNs in vehicular communications and claimed that their protocol could satisfy all crucial security features of a secure authentication protocol. Unfortunately, we found that their protocol is susceptible to sensor capture attack, user traceability attack, user impersonation attack, and offline sink node's secret key guessing attack. In this paper, we propose a new authentication protocol for IoV which can solve the weaknesses of Yu et al's protocol. Our protocol not only provides anonymous user registration phase and revocation smart card phase but also uses the biometric template in place of the password. We use both Burrow‐Abadi‐Needham (BAN) logic and real‐or‐random (ROR) model to present the formal analysis of our protocol. Finally, we compare our protocol with other existing related protocols in terms of security features and computation overhead. The results prove that our protocol can provide more security features and it is usable for IoV system.     

A Multiaccess Protocol for Multihop Radio Networks

We describe an adaptive multiaccess channel protocol for use in radio networks with an arbitrary distribution of stationary hidden nodes, which provides the nodes with controlled, collision-free access to the channel. The protocol can be considered to belong to the BRAM [5] protocol family, but differs in significant ways from BRAM. In this paper we describe the tenets of the protocol, then develop the protocol, and finally develop analytic expressions for its expected throughput and delay performance. Given these delay-throughput expressions, we show how protocol "delay" optimization can be achieved by dynamic adjustment of a protocol parameter as the network traffic load changes.     

An improved mutual authentication protocol based on perfect forward secrecy for satellite communications

As the mobile network progresses fast, mobile communications have a far‐reaching influence in our daily life. In order to guarantee the communication security, a myriad of experts introduced many authentication protocols. Recently, Qi et al presented an enhanced authentication with key agreement protocol for satellite communications, and they proclaimed that their protocol could defend various attacks and support varied security requirements. Regrettably, in this paper, we prove that their protocol was fruitless in resisting smart card stolen or loss attack, supporting perfect forward secrecy and had a fundamental error. To solve these problems, we present an improved protocol based on perfect forward secrecy. In addition, the analysis of our improved protocol suggests that it gets possession of faultless security properties and overcomes the flaws in the protocol of Qi et al perfectly. Thus, our improved protocol can be appropriated for the mobile communications.     

Tone Dual‐Channel MAC Protocol with Directional Antennas for Mobile Ad Hoc Networks

The directional medium access control (MAC) protocol improves the throughput of mobile ad hoc networks but has a deafness problem and requires location information for neighboring nodes. In the dual‐channel directional MAC protocol [12], the use of omnidirectional packets does not require the exact location of destination node. In this letter, we propose a tone dual‐channel MAC protocol with directional antennas to improve the throughput of mobile ad hoc networks. In the proposed MAC protocol, we use a directional CTS and an out‐of‐band directional DATA tone with a new blocking algorithm to improve the spatial reuse. We confirm the throughput performance of the proposed MAC protocol by computer simulations using the Qualnet simulator.