一种无证书签名方案的分析和改进

本文介绍了无证书签名的基本工作原理,介绍并分析了Hashimoto等人提出的一种无证书签名方案,对该方案进行了Ⅰ类型攻击,证明了该方案是不安全的,不能抵御超Ⅰ类型对手的攻击,对该方案提出了改进措施。     

Low area field-programmable gate array implementation of PRESENT image encryption with key rotation and substitution

Lightweight ciphers are increasingly employed in cryptography because of the high demand for secure data transmission in wireless sensor network, embedded devices, and Internet of Things. The PRESENT algorithm as an ultra-lightweight block cipher provides better solution for secure hardware cryptography with low power consumption and minimum resource. This study generates the key using key rotation and substitution method, which contains key rotation, key switching, and binary-coded decimal-based key generation used in image encryption. The key rotation and substitution-based PRESENT architecture is proposed to increase security level for data stream and randomness in cipher through providing high resistance to attacks. Lookup table is used to design the key scheduling module, thus reducing the area of architecture. Field-programmable gate array (FPGA) performances are evaluated for the proposed and conventional methods. In Virtex 6 device, the proposed key rotation and substitution PRESENT architecture occupied 72 lookup tables, 65 flip flops, and 35 slices which are comparably less to the existing architecture.     

一种标准模型下无证书签名方案的安全性分析与改进

无证书签名具有基于身份密码体制和传统公钥密码体制的优点，可解决复杂的公钥证书管理和密钥托管问题.Wu和Jing提出了一种强不可伪造的无证书签名方案，其安全性不依赖于理想的随机预言机.针对该方案的安全性，提出了两类伪造攻击.分析结果表明，该方案无法实现强不可伪造性，并在"malicious-but-passive"的密钥生成中心攻击下也是不安全的.为了提升该方案的安全性，设计了一个改进的无证书签名方案.在标准模型中证明了改进的方案对于适应性选择消息攻击是强不可伪造的，还能抵抗恶意的密钥生成中心攻击.此外，改进的方案具有较低的计算开销和较短的私钥长度，可应用于区块链、车联网、无线体域网等领域.     

Low-cost and two-cycle hardware structures of PRINCE lightweight block cipher

In this paper, low-cost and two-cycle hardware structures of the PRINCE lightweight block cipher are presented. In the first structure, we proposed an area-constrained structure, and in the second structure, a high-speed implementation of the PRINCE cipher is presented. The substitution box (S-box) and the inverse of S-box (S-box⁻¹) blocks are the most complex blocks in the PRINCE cipher. These blocks are designed by an efficient structure with low critical path delay. In the low-cost structure, the S-boxes and S-boxes⁻¹ are shared between the round computations and the intermediate step of PRINCE cipher. Therefore, the proposed architecture is implemented based on the lowest number of computation resources. The two-cycle implementation of PRINCE cipher is designed by a processing element (PE), which is a general and reconfigurable element. This structure has a regular form with the minimum number of the control signal. Implementation results of the proposed structures in 180-nm CMOS technology and Virtex-4 and Virtex-6 FPGA families are achieved. The proposed structures, based on the results, have better critical path delay and throughput compared with other's related works.     

基于水印和密码技术的数字版权保护模式

综合考虑数字版权保护的实际需求和安全隐患,结合水印技术和密码技术提出了一种新的数字版权保护模式(WCDRM),模式中共有7个实体,其中有3个权威机构。讨论了模式的注册过程、在线交易过程、验证过程和仲裁过程,该模式可以提供多种服务。模式将作者身份标识、版权发行机构身份标识和消费者身份标识作为盲信息水印数据隐藏在数据作品中,还采用了密码算法、密码协议和水印协议技术,可以抵抗各种算法攻击和协议攻击,具有较高的安全性和较好的实用性     

基于TCM的安全Windows平台设计与实现

为了解决Windows系统的完整性度量与证明问题,提出了一种基于可信密码模块TCM (trusted cryptography module)的安全Windows平台方案。通过扩展Windows内核实现了2种安全模式：在度量模式下,所有加载的可执行程序都会被度量,度量值由TCM提供保护和对外认证;在管控模式下,度量值会进一步与管理员定制的白名单进行匹配,禁止所有不在白名单中的程序执行。实验分析表明,该方案可以增强Windows系统的安全性,抵抗一些软件攻击行为;同时,系统平均性能消耗在20~30 ms之间,不会影响Windows的正常运行。     

一种新的图像自适应并行加密算法

提出了一种新的图像自适应并行加密算法。该算法根据奇偶加密轮次对图像进行水平或垂直分组,再对分组进行子块划分,并使用相邻块像素扰动混沌映射,同时设计了新的分组扩散方法,并使用S盒完成像素非线性替代。实验结果表明,新算法具有安全、简单、高效的特点,适合并行实现。