A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm

Mobile devices are widely used for data access,communications and storage.However,storing a private key for signature and other cryptographic usage on a single mobile device can be challenging,due to its computational limitations.Thus,a number of(t,n)threshold secret sharing schemes designed to minimize private key from leakage have been proposed in the literature.However,existing schemes generally suffer from key reconstruction attack.In this paper,we propose an efficient and secure two-party distributed signing protocol for the SM2 signature algorithm.The latter has been mandated by the Chinese government for all electronic commerce applications.The proposed protocol separates the private key to storage on two devices and can generate a valid signature without the need to reconstruct the entire private key.We prove that our protocol is secure under nonstandard assumption.Then,we implement our protocol using MIRACL Cryptographic SDK to demonstrate that the protocol can be deployed in practice to prevent key disclosure.     

基于序列模型的无线传感网入侵检测系统

随着物联网(IoT)的快速发展，越来越多的IoT节点设备被部署，但伴随而来的安全问题也不可忽视。IoT的网络层节点设备主要通过无线传感网进行通信，其相较于互联网更开放也更容易受到拒绝服务等网络攻击。针对无线传感网面临的网络层安全问题，提出了一种基于序列模型的网络入侵检测系统，对网络层入侵进行检测和报警，具有较高的识别率以及较低的误报率。另外，针对无线传感网节点设备面临的节点主机设备的安全问题，在考虑节点开销的基础上，提出了一种基于简单序列模型的主机入侵检测系统。实验结果表明，针对无线传感网的网络层以及主机层的两个入侵检测系统的准确率都达到了99%以上，误报率在1%左右，达到了工业需求，这两个系统可以全面有效地保护无线传感网安全。     

Properties evaluation and fabrication of green clay reformulated from water sludge

Water sludge from Sungai Dua Penang fresh water processing plant has been successfully converted into functional pottery clay with improved physicochemical behavior and properties. Water sludge was generally made of kaolinite mineral that consisted of silica and alumina. At 7 h of milling duration, water sludge demonstrated a narrow particle size distribution at the size range of 107–150 µm. Water sludge owned a specific surface area of 27 m²/g with 8.8 nm (diameter) pore size and 0.05 cm³/g pore volume. Plasticity of clay body increased when clay formulation involved fine particles, e.g. water sludge or bentonite, which promote water adsorption ability. Fine particles with large surface area and better compaction also explained the enhanced hardness of pottery clay. The incorporation of clay minerals such as bentonite and sodium silicate into the formulation has facilitated metals immobilization within the clay body. Final clay product has a terra cotta color and performed a uniform shrinkage without obvious fracture. The fabrication of pottery wares from water sludge with minimized metals leakage has not only higher reutilize value but also a cost effective green method for handling waste and environmental issues.     

物联网发展中的安全风险及对策研究

分析了国内外物联网安全政策、技术、标准、产业等形势,重点强调了当前我国物联网发展中存在的安全风险,包括大连接环境下的设备风险、物联网网络本身安全风险以及物联网上承载的各类应用安全风险,提出了打造以密码为核心的物联网安全体系,加速新技术在物联网安全的应用,以新基建为契机建立物联网领域安全设备泛在化部署新体系,以多层次立体式理念确保物联网安全,呼吁供给侧需求侧建立安全协同新机制,共同促进物联网产业安全可持续发展。     

High Accuracy Network Cardinalities Estimation by Step Sampling Revision on GPU

Host cardinality estimation is an important research field in network management and network security. The host cardinality estimation algorithm based on the linear estimator array is a common method. Existing algorithms do not take memory footprint into account when selecting the number of estimators used by each host. This paper analyzes the relationship between memory occupancy and estimation accuracy and compares the effects of different parameters on algorithm accuracy. The cardinality estimating algorithm is a kind of random algorithm, and there is a deviation between the estimated results and the actual cardinalities. The deviation is affected by some systematical factors, such as the random parameters inherent in linear estimator and the random functions used to map a host to different linear estimators. These random factors cannot be reduced by merging multiple estimators, and existing algorithms cannot remove the deviation caused by such factors. In this paper, we regard the estimation deviation as a random variable and proposed a sampling method, recorded as the linear estimator array step sampling algorithm (L2S), to reduce the influence of the random deviation. L2S improves the accuracy of the estimated cardinalities by evaluating and remove the expected value of random deviation. The cardinality estimation algorithm based on the estimator array is a computationally intensive algorithm, which takes a lot of time when processing high-speed network data in a serial environment. To solve this problem, a method is proposed to port the cardinality estimating algorithm based on the estimator array to the Graphics Processing Unit (GPU). Experiments on real-world highspeed network traffic show that L2S can reduce the absolute bias by more than 22% on average, and the extra time is less than 61 milliseconds on average.     

Invasion and Defense Interactions between Enzyme‐Active Liquid Coacervate Protocells and Living Cells

The design and construction of mutual interaction models between artificial microsystems and living cells have the potential to open a wide range of novel applications in biomedical and biomimetic technologies. In this study, an artificial form of invasion‐defense mutual interactions is established in a community of glucose oxidase (GOx)‐containing liquid coacervate microdroplets and living cells, which interact via enzyme‐mediated reactive oxygen species (ROS) damage. The enzyme‐containing coacervate microdroplets, formed via liquid–liquid phase separation, act as invader protocells to electrostatically bind with the host HepG2 cell, resulting in assimilation. Subsequently, the glucose oxidation in the liquid coacervates initiates the generation of H₂O₂, which serves as an ROS resource to block cell proliferation. As a defense strategy, introduction of catalase (CAT) into the host cells is exploited to resist the ROS damage. CAT‐mediated decomposition of H₂O₂ leads to the ROS scavenging and results in the recovery of cell viability. The results obtained in the current study highlight the remarkable opportunities for the development of mutual interacting communities on the interface of artificial protocells/living cells. They also provide a new approach for engineering cellular behaviors through exploiting artificial nonliving microsystems.     

洛克希德·马丁公司网络军工产业研究

洛克希德·马丁公司(以下简称“洛马”)是美国一家拥有百年历史的国防承包商,在百年发展历程中,洛马以美国国家安全需求为牵引,逐渐成长为世界最大军工集团。伴随网络时代的来临和新安全威胁的涌现,洛马加大网络空间作战技术的研发力度和资金投入,为美国加强网络国防能力建设铸剑护航。研究以洛马网络军工产业发展为脉络,对其网络安全全谱能力进行了综合梳理;同时,多角度分析了其创新的发展路径。     

Towards secure cyber-physical information association for parts

Counterfeiting is a significant problem for safety-critical systems, since cyber-information, such as a quality control certification, may be passed off with a flawed counterfeit part. Safety-critical systems, such as planes, are at risk because cyber-information cannot be provably tied to a specific physical part instance (e.g., impeller). This paper presents promising initial work showing that using piezoelectric sensors to measure impedance identities of parts may serve as a physically unclonable function that can produce unclonable part instance identities. When one of these impedance identities is combined with cyber-information and signed using existing public key infrastructure approaches, it creates a provable binding of cyber-information to a specific part instance. Our initial results from experimentation with traditionally and additively manufactured parts indicate that it will be extremely expensive and improbable for an attacker to counterfeit a part that replicates the impedance signature of a legitimate part.     

矿工违章作业演化博弈分析——计划行为理论视角

为进一步抑制高危岗位矿工违章行为,基于计划行为理论,从有限理性角度出发,引入安全管理者奖励机制,建立煤矿高危岗位矿工违章行为与安全检查员检查行为博弈模型,构建行为收益感知矩阵,对博弈双方的复制动态方程进行分析。结果表明:当检查力度和惩罚系数一定时,管理者对矿工施加的奖惩方式,主要取决于矿工的风险规避系数;在对一线矿工违章操作施加的惩罚力度不变的情况下,安全检查员加大对一线矿工的检查频率和力度,可以减少违章操作次数;在安全检查员对矿工检查力度不变的情况下,管理者加大对矿工违章行为的惩罚力度,也可以抑制违章行为。     

Internet use and farm households food and nutrition security nexus: The case of rural Ghana

The impact of internet use on food and nutrition security of rural households in Ghana is investigated in this study. To offset the potential challenge of selection bias, an endogenous treatment regression (ETR) technique is utilized for the analysis.. The results reveal that Internet use can improve smallholder farmers’ food and nutrition security. Internet usage has a profound positive effect on the food security of households with off-farm work and larger size of landholding. Our results suggest the intensification of efforts to enhance Internet connectivity across the nation by the government and policymakers is essential since it can go a long way to affect household welfare. The findings also highlight the importance of information and communication technologies (ICTs), the Internet, patronization to improve rural household welfare.