改进的无证书混合签密方案

对金春花等人提出的无证书混合签密方案进行了密码分析,分析表明其方案在内部攻击模型下存在保密性攻击,基于双线性对提出了一个改进的无证书混合签密方案。在随机预言机模型中,基于间隙双线性Dif-fie-Hellman问题和计算Diffie-Hellman问题证明了改进方案的安全性。改进方案在克服原方案的安全缺陷的基础上保持了原方案的高效性。     

军工科研院所保卫工作与保密工作的关系探析

文章分析了军工研究所保卫、保密工作的关系,指出在实现国防建设发展战略目标进程中,军工研究院所承担着重要任务,只有保卫、保密工作配合协作,互相支持、互为补充,才能形成保护国家秘密安全的有效防护系统。     

传感器网络安全数据融合

安全数据融合的目标是在融合数据的同时,实现传感器节点感知数据end-to-end机密性与可认证性。End-to-end机密性一般由秘密同态加密技术来保障针对end-to-end可认证性与数据融合的矛盾,在同态认证技术不适用于多源多消息的背景下,为了实现end-to-end可认证性,采用对称加密技术构造了一个安全的数据融合认证方案。采用该数据融合认证方案与秘密同态加密方案,构造了安全的数据融合协议。安全性分析表明,该安全数据融合协议能在融合数据的同时保障感知数据end-to-end机密性与可认证性。     

A secure migration process for mobile agents

This article describes a decentralized secure migration process of mobile agents between Mobile‐C agencies. Mobile‐C is an IEEE Foundation for Intelligent Physical Agents (FIPA) standard compliant multi‐agent platform for supporting C/C++ mobile and stationary agents. Mobile‐C is specially designed for mechatronic and factory automation systems where malicious agents may cause physical damage to machinery and personnel. As a mobile agent migrates from one agency to another in an open network, the security concern of mobile agent systems should not be neglected. Security breaches can be minimized considerably if an agency only accepts mobile agents from agencies known and trusted by the system administrator. In Mobile‐C, a strong authentication process is used by sender and receiver agencies to authenticate each other before agent migration. The security framework also aims to guarantee the integrity and confidentiality of the mobile agent while it is in transit. This assures that all agents within an agency framework were introduced to that framework under the supervision and permission of a trusted administrator. The Mobile‐C Security protocol is inspired from the Secure Shell (SSH) protocol, which avoids a single point of failure since it does not rely on a singular remote third party for the security process. In this protocol, both agencies must authenticate each other using public key authentication, before a secure migration process. After successful authentication, an encrypted mobile agent is transferred and its integrity is verified by the receiver agency. This article describes the Mobile‐C secure migration process and presents a comparison study with the SSH protocol. The performance analysis of the secure migration process is performed by comparing the turnaround time of mobile agent with and without security options in a homogeneous environment. Copyright © 2010 John Wiley & Sons, Ltd.     

Maximizing lifetime of event-unobservable wireless sensor networks

In wireless sensor networks (WSNs) contextual information such as the information regarding whether, when, and where the data is collected cannot be protected using only traditional measures (e.g., encryption). Contextual information can be protected against global eavesdroppers by periodic packet transmission combined with dummy traffic filtering at proxy nodes. In this paper, through a Linear Programming (LP) framework, we analyze lifetime limits of WSNs preserving event-unobservability with different proxy assignment methodologies. We show that to maximize the network lifetime data flow should pass through multiple proxies that are organized as a general directed graph rather than as a tree.     

应用区块链的多接收者多消息签密方案

信息通过公共链路进行传输时极易遭受窃听、篡改等形式的网络攻击,因此有必要保障信息在传输过程中的机密性和完整性,而签密技术能够有效地实现上述目的.基于椭圆曲线,提出一种多接收者多消息签密方案,能够有效地适配到广播系统中.采用多密钥分发中心管理系统主密钥信息,且能够周期地更新各自的秘密信息,以抵抗对应的APT攻击.不同更新周期注册的用户相互之间能够通信,不会影响系统的可用性.提出了一种基于区块链的周期更新策略,根据公有链中区块高度和时间戳触发密钥更新动作,基于区块链不可篡改特性确保方案的安全性,且该过程不需要执行交易动作,因此是免费的.基于Computational Diffie-Hellman问题和离散对数问题,在随机预言机模型下证明了签密方案的机密性和不可伪造性,该方案同时具有密钥托管安全性、前后向兼容性、不可否认性.性能分析表明,该签密方案具有较短的密文长度和较高的执行效率.在实验仿真部分,首先分析了密钥分发中心数量和门限值对签密算法性能的影响,在排除网络延迟等因素干扰下,引入多密钥分发中心后,性能损耗在5%以内;其次,基于区块链实现周期更新时的时间误差百分比会随周期的增加而下降,当周期大于550s时,其值控制在1%以内.这种误差使得攻击者很难预测更新的准确时间,增大了攻击的难度.     

Dynamic reconfiguration policies for reconfigurable coded-WDM PONs

This article studies the issues arising when reconfiguring coded-WDM networks to provide protection against eavesdropping. Although the ability to reconfigure coded-WDM PONs dynamically has been recognized as an effective means of improving the security of OCDMA networks, this article provides the first in-depth study of the tradeoffs involved in carrying out this reconfiguration process. The article commences by showing that the degree of confidentiality and the traffic loss are two important, but conflicting, objectives in the design of reconfiguration policies. The reconfiguration problem is then formulated as a Markovian decision process (MDP). The results obtained from MDP theory are applied to establish optimal reconfiguration policies for coded-WDM networks with various system parameters. Finally, the advantages of the optimal reconfiguration policies over a class of threshold-based policies are illustrated through simulation results.     

Security weakness of Tseng’s fault-tolerant conference-key agreement protocol

A fault-tolerant conference-key agreement protocol establishes a shared key among participants of a conference even when some malicious participants disrupt key agreement processes. Recently, Tseng proposed a new fault-tolerant conference-key agreement protocol that only requires a constant message size and a small number of rounds. In this paper, we show that the Tseng’s protocol cannot provide forward and backward confidentiality during a conference session for the proposed attack method. We also show that a simple countermeasure—re-randomizing short-term keys of some participants—to avoid the proposed attack can be broken by extending the proposed attack method.     

可信网络连接的安全量化分析与协议改进

可信网络连接(TNC)被认为是可信的网络体系结构的重要部分,随着TNC研究和应用的不断深入,TNC架构自身的安全性问题变得更加至关重要.文中重点研究TNC协议架构的安全性问题,首先提出了一种针对TNC协议的基于半马尔可夫过程的安全性量化分析方法;其次针对TNC完整性验证和访问授权过程中存在的安全威胁和漏洞,提出了一套安全性增强机制,并通过安全量化分析方法进行了验证.最后利用Intel IXP2400网络处理器搭建了TNC原型系统,为文中提出的改进机制和系统框架提供了安全量化验证的实际平台.