一种分布式的洋葱路由新机制

洋葱路由技术在公网上提供双向、实时的匿名通信，其面向连接和严格的源路由方式导致效率低、扩展性差。利用分布式的概念，采用分段连接技术思想提出了一种安全、高效的分布式洋葱路由机制(DORS)，给出了DORS路由实现算法，并从方案实现效率、安全性方面对DORS进行了分析。分析结果表明DORS具有良好的扩展性、鲁棒性、简单性和有效性。     

一种可验证的量子匿名通信方案

提出一种新的消息发送者和接收者同时匿名的经典消息通信方案.方案通过制备量子连续变量纠缠态,在参与者中移动式传输粒子,将1比特经典消息编码在不同的模式中.消息接收者可以计算得到匿名消息,然后通过不同模式的计算结果检验本次通信中的参与者诚实度,从而判断匿名消息是否有效.方案将传输和检测两个过程合并设计在同一轮通信中,通信信号和检测结论基于同一轮通信中的信道编码,可以验证具有自适应特征的参与者(检测过程和通信过程表现不一致的参与者)作弊.除了指数小的概率,发送者和接收者的匿名性和消息的私密性都得到保护.     

无线移动网络跨可信域的直接匿名证明方案?

基于信任委托的思想,提出一种移动环境下的跨可信域的直接匿名(direct anonymous attestation,简称DAA)证明方案,采用代理签名技术和直接匿名证明方法,实现对移动终端在多可信域之间漫游时的可信计算平台认证,并在认证过程中协商会话密钥,增强了远程证明体系的安全性。利用 Canetti-Krawczyk(CK)模型对方案的认证协议的认证安全性和匿名安全性进行了形式化分析和证明。分析表明,该方案能够抵抗平台伪装攻击和重放攻击,其性能适用于无线网络环境。     

一种无线传感器网络匿名安全路由协议*

为了能在有限资源的无线传感器网络上进行安全的匿名通信,使用双线性函数的双线性对和异或运算提出了一种匿名安全路由协议,与目前现有的无线网络匿名通信方案相比,协议不仅能提供身份的机密性、位置隐私性和路由的匿名性,而且还满足前向和后向安全性,并且大大提高了系统的计算复杂度和带宽消耗,更适合无线传感器网络。     

M2ASR——新型多径匿名源路由协议*

针对无线Ad hoc网络通信的安全与效率问题,提出一个高效并有较好匿名能力的多径匿名源路由协议M2ASR。在DSR协议的基础上,使用标签机制,对源路由的工作过程进行了修改,实现了能够应用于大规模无线网络的多径匿名路由;并在协议中首次使用IDA算法,利用Ad hoc网络的节点转发和协议本身提供的多径性质,提高了无线Ad hoc的通信效率;从理论和仿真角度对M2ASR协议的匿名性和使用IDA算法之后所带来的效率进行了分析和总结。     

Analysis of impersonation attacks on systems using RF fingerprinting and low-end receivers

Recently, physical layer security commonly known as Radio Frequency (RF) fingerprinting has been proposed to provide an additional layer of security for wireless devices. A unique RF fingerprint can be used to establish the identity of a specific wireless device in order to prevent masquerading/impersonation attacks. In the literature, the performance of RF fingerprinting techniques is typically assessed using high-end (expensive) receiver hardware. However, in most practical situations receivers will not be high-end and will suffer from device specific impairments which affect the RF fingerprinting process. This paper evaluates the accuracy of RF fingerprinting employing low-end receivers. The vulnerability to an impersonation attack is assessed for a modulation-based RF fingerprinting system employing low-end commodity hardware (by legitimate and malicious users alike). Our results suggest that receiver impairment effectively decreases the success rate of impersonation attack on RF fingerprinting. In addition, the success rate of impersonation attack is receiver dependent.     

1株桃果实采后病原真菌的鉴定以及碳源代谢指纹图谱分析

从采后贮藏过程中发病的八月脆桃果实（Amygdalus persica cv.Bayuecui）中分离到1株真菌菌株074#.通过对病原菌形态学观察以及核糖体ITS rDNA序列分析,证明菌株074#为灰葡萄孢霉菌（Botrytis elliptica）.致病性试验结果表明,桃果实为灰葡萄孢霉菌的寄主.通过Biolog FFMicroPlate分析该病原菌对95种碳源的利用能力,结果表明,Botrytis elliptica代谢指纹图谱为最适碳源包括D-果糖、蔗糖、L-苹果酸、琥珀酸、D-葡萄糖酸、L-天门冬氨酸、L-丝氨酸、腺苷、5＇-磷酸腺苷等26种,可利用碳源14种,不可利用碳源55种.     

Optimizing imaging parameters for the separation of multiple labels in a fluorescence image

A theoretical analysis is presented on how to separate the contributions from individual, simultaneously present fluorophores in a spectrally resolved image. Equations are derived that allow the calculation of the signal‐to‐noise ratio of the estimates for such contributions, given the spectral information on the individual fluorophores, the excitation wavelengths and intensities, and the number and widths of the spectral detection channels. We then ask how such imaging parameters have to be chosen for optimal fluorophore separation. We optimize the signal‐to‐noise ratio or optimize a newly defined ‘figure of merit’, which is a measure of efficiency in the use of emitted photons. The influence of photobleaching on the resolution and on the choice of imaging parameters is discussed, as well as the additional resolution gained by including fluorescence lifetime information. A surprisingly small number of spectral channels are required for an almost optimal resolution, if the borders of these channels are optimally selected. The detailed consideration of photobleaching is found to be essential, whenever there is significant bleaching. Consideration of fluorescence lifetime information (in addition to spectral information) improves results, particularly when lifetimes differ by more than a factor of two.     

异构无线网络可控匿名漫游认证协议

分析传统的匿名漫游认证协议,指出其存在匿名不可控和通信时延较大的不足,针对上述问题,本文提出异构无线网络可控匿名漫游认证协议,远程网络认证服务器基于1轮消息交互即可完成对移动终端的身份合法性验证;并且当移动终端发生恶意操作时,家乡网络认证服务器可协助远程网络认证服务器撤销移动终端的身份匿名性.本文协议在实现匿名认证的同时,有效防止恶意行为的发生,且其通信时延较小.安全性证明表明本文协议在CK安全模型中是可证安全的.     

高效的无证书多接收者匿名签密方案

针对已有的基于身份的多接收者签密方案存在的密钥托管问题,研究了无证书多接收者签密安全模型,进而基于椭圆曲线密码体制,提出一个无证书多接收者签密方案,并在随机预言机模型下证明方案的安全性建立在计算Diffie-Hellman问题及椭圆曲线离散对数问题的困难性之上。该方案无需证书管理中心,在签密阶段和解签密阶段均不含双线性对运算,且可确保发送者和接收者的身份信息不被泄露,可以方便地应用于网络广播签密服务。