基于变形FrFT和线性同余的光学图像加密算法

基于双随机相位编码光学图像加密系统,利用线性同余发生器（LCG）生成随机相位,结合变形分数傅里叶变换（AFrFT）,提出了一种改进的光学图像加密方法。方法的特点是：LCG函数的4个参数都可作为密钥;相比常规FrFT,变形FrFT的分数阶数目多1倍;算法密钥的数量从2重增加到8重,并且还有2个辅助密钥,大大提高了加密系统...     

一种新的基于被扰动的Lorenz系统的混沌加密算法

提出一种基于被抚动的Lorenz系统的加密算法.首先通过Legendre多项式对Lorenz系统中的系统参数b进行扰动,然后再利用Lorenz产生的随机序列对原文信息进行一系列的操作变换,使得加密的信息更加安全.通过扰动有效的补偿了计算机有限精度导致的混沌系统退化行为,经对本算法的模拟实验及详细性能分析,结果表明该加密...     

Web系统中数据加密技术的探讨

随着网络技术的飞速发展、信息化程度逐渐提高,目前大部分应用都是通过网络来完成,并且系统大都采用B/S结构,传递交换不同格式的文件。为保证能够追踪发送者的身份标记并且保证没有人在他们发送之后修改文档必须使用数字签名技术。本文详细阐述了网络文档交换采用数字签名的必要性,从实现技术上进行了分析,最后给出了在客户端签名,在服务器端验证的实现方法。     

基于DSP的数据RSA加密机

为适应基于Internet/Intranet的网络化制造中信息安全的需要,提出了基于TMS320VC5402的数据RSA加密机的整体构架,介绍了DSP、SRAM、FLASH等主要器件选型及接口,分析了RSA加密算法的实现方法,给出了系统软件结构设计.仿真结果表明该方案信息加密快,极大提高信息的安全性.     

纵向加密认证装置技术在青海电网中的应用及实践

纵向加密认证装置是抵御黑客、病毒、恶意代码等形式恶意攻击和破坏,防止电力二次系统崩溃或瘫痪,保障青海电网省、地调自动化系统及变电站监控系统等生产控制大区安全的重要手段。文章叙述了青海电网运行控制与安全防御系统纵向加密认证装置的部署方式和原理,分析了其应用的特点,着重介绍了在工程实施中遇到的具体问题和解决办法,可为今后实施类似工程提供了宝贵经验。     

Attribute Based DRM Scheme with Dynamic Usage Control in Cloud Computing

In order to achieve fine-grained access control in cloud computing, existing digital rights management （DRM） schemes adopt attribute-based encryption as the main encryption primitive. However, these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud. In this paper, we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing. We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption. Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content. The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users, and also enables the license server to implement immediate attribute and user revocation. Moreover, our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption, which allows the license server in the cloud to update the users＇ usage rights dynamically without disclosing the plaintext. Extensive analytical results indicate that our proposed scheme is secure and efficient.     

云社交网络中安全高效的加密数据共享机制(英文)

Despite that existing data sharing systems in online social networks(OSNs)propose to encrypt data before sharing,the multiparty access control of encrypted data has become a challenging issue.In this paper,we propose a secure data sharing scheme in OSNs based on ciphertext-policy attributebased proxy re-encryption and secret sharing.In order to protect users' sensitive data,our scheme allows users to customize access policies of their data and then outsource encrypted data to the OSNs service provider.Our scheme presents a multiparty access control model,which enables the disseminator to update the access policy of ciphertext if their attributes satisfy the existing access policy.Further,we present a partial decryption construction in which the computation overhead of user is largely reduced by delegating most of the decryption operations to the OSNs service provider.We also provide checkability on the results returned from the OSNs service provider to guarantee the correctness of partial decrypted ciphertext.Moreover,our scheme presents an efficient attribute revocation method that achieves both forward and backward secrecy.The security and performance analysis results indicate that the proposed scheme is secure and efficient in OSNs.     

一个抗量子密钥交换协议及其对应的加密方案(英文)

The emergence of quantum computer will threaten the security of existing public-key cryptosystems,including the Diffie Hellman key exchange protocol,encryption scheme and etc,and it makes the study of resistant quantum cryptography very urgent.This motivate us to design a new key exchange protocol and encryption scheme in this paper.Firstly,some acknowledged mathematical problems was introduced,such as ergodic matrix problem and tensor decomposition problem,the two problems have been proved to NPC hard.From the computational complexity prospective,NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them.From the algebraic structures prospective,non-commutative cryptography has been considered to resist quantum.The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures,so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures.Secondly,a new problem was constructed based on the introduced problems in this paper,then a key exchange protocol and a public key encryption scheme were proposed based on it.Finally the security analysis,efficiency,recommended parameters,performance evaluation and etc.were also been given.The two schemes has the following characteristics,provable security,security bits can be scalable,to achieve high efficiency,quantum resistance,and etc.     

A Resistant Quantum Key Exchange Protocol and Its Corresponding Encryption Scheme

The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant quantum cryptography very urgent. This motivate us to design a new key exchange protocol and eneryption scheme in this paper. Firstly, some acknowledged mathematical problems was introduced, such as ergodic matrix problem and tensor decomposition problem, the two problems have been proved to NPC hard. From the computational complexity prospective, NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them. From the algebraic structures prospective, non-commutative cryptography has been considered to resist quantum. The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures, so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures. Secondly, a new problem was constructed based on the introduced problems in this paper, then a key exchange protocol and a public key encryption scheme were proposed based on it. Finally the security analysis, efficiency, recommended parameters, performance evaluation and etc. were also been given. The two schemes has the following characteristics, provable security,security bits can be scalable, to achieve high efficiency, quantum resistance, and etc.     

分簇无线传感器网络基于随机数的两级身份认证

文中提出一种分簇无线传感器网络的基于随机数的两级身份认证方法。该方案将认证过程分为两个阶段：簇头与基站的一级认证和成员节点与基站的二级认证。整个认证过程采用对称加密的方法,通过检查随机数的一致性来保证认证过程的连贯,对存储开销的要求较低。簇头作为中转节点,在全网中具有重要作用。在保证簇头安全的前提下成员节点才与基站开始认证,这样能有效地避免成员节点与基站在簇头不安全的情况下进行身份认证而带来的时间上和能量上的浪费,提高了认证效率,同时与传统的点到点的认证相比,能量消耗相对较少。