一种新的密码本原:棘轮密钥交换的定义、模型及构造

在传统密码学应用中,人们总假定终端是安全的,并且敌手只存在于通信信道上。然而,主流的恶意软件和系统漏洞给终端安全带来了严重和直接的威胁和挑战,例如容易遭受存储内容被病毒破坏、随机数发生器被腐化等各种攻击。更糟糕的是,协议会话通常有较长的生存期,因此需要在较长的时间内存储与会话相关的秘密信息。在这种情况下,有必要设计高强度的安全协议,以对抗可以暴露存储内容和中间计算结果(包括随机数)的敌手。棘轮密钥交换是解决这一问题的一个基本工具。文中综述了密码本原——棘轮密钥交换,包括单向、半双向和双向等棘轮密钥交换的定义、模型及构造,并展望了棘轮密钥交换的未来发展趋势。     

Development of highly photoluminescent electrospun nanofibers for dual-mode secure authentication

The photochromic phenomenon has been recently used as a fascinating technology in the development of highly efficient anti-counterfeiting materials with dual-mode security encoding of concurrent photochromism and fluorescence emission. Herein, we successfully developed lanthanide-doped aluminate nanoparticles (LAN)/polystyrene (PS) electrospun nanofibers as novel secure authentication films. Different ratios of lanthanide-doped aluminate nanoparticles were mixed with polystyrene-based copolymer solutions in N,N-dimethylformamide (DMF) and subjected to electrospinning to afford photochromic and fluorescent nanofibers. The generated electrospun nanofibers demonstrated a narrow diameter distribution, a smooth surface and well-defined morphological properties. The produced smart nanofibers were applied onto cellulose paper sheets to demonstrate a dual-mode secure strategy with a simple and rapid authentication. LAN was prepared in the nano-scale for better dispersion in PS, which guarantee the formation of transparent films. LAN was studied by transmission electron microscope (TEM) and X-ray diffraction (XRD). LAN displayed diameters of 5–12 nm. On the other hand, the fibrous diameters of LAN-PS samples were studied by scanning electron microscopy (SEM) to indicate diameters of 200–300 nm. The induced security marking was invisible (363 nm) under visible daylight turning into visible green (520 nm) color under ultraviolet irradiation demonstrating a bathochromic shift. Both excitation and emission displayed high intensities. The security marking was fully reversible under ultraviolet/visible irradiation cycles without fatigue. Those advantageous properties could be attributed to the high surface area of the chromogenic nanofibrous films to result in high absorption of light leading to strong optical dual-mode photo-responsiveness. The generated LAN-PS hybrid films showed improved hydrophobic properties with increasing LAN. The nanofibers showed transparency, stretchability and flexibility. The present strategy can be reported as an efficient technology to develop many anti-counterfeiting products toward a better market with social and economic values to avoid fake products.     

适用于无线体域网的动态口令认证协议

无线体域网中传输的是与生命高度相关的敏感数据，身份认证是信息安全保护的第一道防线。现有的基于人体生物信息的身份认证方案存在信息难提取、偶然性大和误差性大的问题，基于传统密码学的认证方案需较大计算资源和能量消耗，并不适用于无线体域网环境。为此，在动态口令和非对称加密机制基础上，提出一种适用于无线体域网的动态口令双向认证轻量协议，并对其进行形式化分析。通过理论证明、SVO逻辑推理及SPIN模型检测得出：该协议满足双向认证，且能够抵御重放攻击、伪装攻击、拒绝服务器攻击和口令离线攻击，具有较高安全性。     

基于英飞凌TC275的整车控制器CCP协议底层驱动开发

针对以英飞凌TC275单片机为平台的整车控制器,进行控制器局域网络标定协议(controller area network calibration protocol,CCP)底层驱动程序的开发。依据CCP的需求开发了英飞凌TC275的控制器局域网络(controller area network,CAN)模块、系统定时器(system timer,STM)模块和FLASH模块的底层驱动程序,实现CCP标定系统的通信连接、数据上传、数据下载、数据存储等功能。为验证系统的性能,进行整车控制器的实际测试,测试结果表明:所开发的基于TC275单片机的CCP底层驱动程序能够实现CCP的功能要求。     

Effective sampling strategy to detect food and feed contamination: Herbs and spices case

Sampling plans for food safety hazards are aimed to be used to determine whether a lot of food is contaminated (with microbiological or chemical hazards) or not. One of the components of sampling plans is the sampling strategy. The aim of this study was to compare the performance of three different sampling strategies, being simple random sampling (SRS), stratified random sampling (STRS), and systematic sampling (SS), with each other for their probability of detecting a heterogeneously distributed contamination in a lot of herbs or spices (i.e., a dry food product). To this end, a simulation model was developed, and applied to different scenarios for contamination level and numbers of samples collected. In addition, as a case study, the sampling plan of a company processing herbs and spices was evaluated using the simulation model. Results showed that the effectiveness of the sampling plan is influenced by the sampling strategy. With expected low contamination levels the SS strategy performs better than the two other strategies. At higher expected contaminated levels, the STRS strategy is preferred.     

Beta-Binomial删除信道中的喷泉码文件传输协议

由于命名数据网络(NDN,Named-Data Networking)无环路、逐包、逐跳转发的特点,使得数据包回传成功率降低,而传统的TCP/IP协议中的ARQ和ACK机制对于多播会话不再适用.由于NDN中的传输信道可以等效为二进制删除信道,因此可以通过应用层编码来实现文件的可靠传输.传统的信道编码技术如卷积码、级联码和RS码等复杂度较高,而将NDN与低复杂度的喷泉码的结合可以实现分布式的存储架构,因而可通过喷泉编码在应用层协议中实现可靠的纠删机制,保证整体文件的传输可靠性.以往的研究一般是基于确定的删除概率信道模型,但是由于网络的异构性和信道噪声等因素影响,可能会造成信道丢包概率呈随机性分布.因此,本文在Beta-Binomial分布模型的前提下,根据贝叶斯统计的先验信息和中心极限定理,对随机概率下的纠删信道的文件可靠传输协议进行了数学建模和理论推导.仿真结果显示此模型更具有普适性,此传输协议可在信道状况未知的前提下从理论上求出最小发包数,减少冗余编码包,提高文件整体的投递成功率,在保证传输可靠性的同时有效提升协议传输效率.     

Rapid Discovery of Aspartyl Protease Inhibitors Using an Anchoring Approach

Pharmacophore searches that include anchors, fragments contributing above average to receptor binding, combined with one-step syntheses are a powerful approach for the fast discovery of novel bioactive molecules. Here, we are presenting a pipeline for the rapid and efficient discovery of aspartyl protease inhibitors. First, we hypothesized that hydrazine could be a multi-valent warhead to interact with the active site Asp carboxylic acids. We incorporated the hydrazine anchor in a multicomponent reaction and created a large virtual library of hydrazine derivatives synthetically accessible in one-step. Next, we performed anchor-based pharmacophore screening of the libraries and resynthesized top-ranked compounds. The inhibitory potency of the molecules was finally assessed by an enzyme activity assay and the binding mode confirmed by several soaked crystal structures supporting the validity of the hypothesis and approach. The herein reported pipeline of tools will be of general value for the rapid generation of receptor binders beyond Asp proteases.     

HSDN‐GRA: A hybrid software‐defined networking‐based geographic routing protocol with multi‐agent approach

We propose in this paper a Hybrid Software‐Defined Networking‐based Geographical Routing Protocol (HSDN‐GRA) with a clustering approach. It takes into account three different criteria to select the best relay to send data: (1) the contact duration between vehicles, (2) the available load of each vehicle, (3) and the log of encountered communication errors embedded in each cluster head. The multi‐criteria strategy allows the selection of the most reliable vehicles by avoiding communication problems and ensuring connection availability. Once the hybrid control plane has found out the next eligible neighbor, the data plane will be in charge of dividing and sending data. To validate our approach, HSDN‐GRA has been modeled and implemented in JADE, a multi‐agent platform, to be compared to other multi‐agent based protocols. Simulation results show that HSDN‐GRA achieves good performance with respect to the average routing overhead, the packet drop rate, and the throughput.     

基于区块链应用模式的铁路旅客身份认证系统

采用“区块链技术+不对称加密+生物识别+身份认证”应用模式，依托智能手机客户端设计与开发一套铁路旅客身份认证系统.基于Ethereum开发平台，应用truffle开发框架，实现铁路旅客身份认证系统智能合约的编写与部署.系统针对传统铁路身份认证模式的不足，将旅客身份数据分布式存储，弱化中心化服务器的压力，提升旅客身份数据的安全性和鲁棒性；进行生物信息认证确保旅客对身份信息的所有权；利用非对称加密技术在保护旅客隐私、实现实名制的前提下增强数据的透明性.基于区块链应用模式的铁路旅客身份认证系统能够让用户身份实现本地存储、信息摘要链上校验，实现铁路旅客身份信息数据访问的细粒度控制，保障铁路旅客身份信息安全，提升铁路旅客的乘车体验.