Key-dependent side-channel cube attack on CRAFT

CRAFT is a tweakable block cipher introduced in 2019 that aims to provide strong protection against differential fault analysis. In this paper, we show that CRAFT is vulnerable to side-channel cube attacks. We apply side-channel cube attacks to CRAFT with the Hamming weight leakage assumption. We found that the first half of the secret key can be recovered from the Hamming weight leakage after the first round. Next, using the recovered key bits, we continue our attack to recover the second half of the secret key. We show that the set of equations that are solvable varies depending on the value of the key bits. Our result shows that 99.90% of the key space can be fully recovered within a practical time.     

Synthesis,structure, CO oxidation,and H2 production activities of CaCu3−xMnxTi4−xMnxO12 (x = 0, 0.5, and 1.0)

Synthesis of nanocrystalline pristine and Mn-doped calcium copper titanate quadruple perovskites, CaCu_3?xMn_xTi_4?xMn_xO₁₂ (x = 0, 0.5, and 1.0) by modified citrate solution combustion method has been reported. Powder X-ray diffraction patterns attest the phase purity of the perovskite materials. Average particle sizes of all the materials obtained from the Scherrer's formula are in the range of 55–70 nm. The specific surface areas for all the perovskites obtained from BET isotherms are found to be low as expected for the condensed oxide systems and fall in the range of 13–17 m² g^?1. Transmission electron microscopy studies show a reduction in particle size of CaCu₃Ti₄O₁₂ with increase in Mn doping. Ca and Ti are present in +2 and +4 oxidation states in all the materials as demonstrated by X-ray photoelectron spectroscopy analyses. Cu²⁺ gets reduced in CaCu₃Ti₄O₁₂ with higher Mn content. Mn is observed to be present only in +3 oxidation state. All the materials have been examined to be active in CO oxidation as well as H₂ production from methanol steam reforming. CaCu₃Ti₄O₁₂ with ~14 at.% Mn is found to show best catalytic activities among these materials. A comprehensive analysis of the catalytic activities of these perovskites toward CO oxidation and H₂ production from MSR reveal the cooperative activity of copper-manganese in the doped perovskites and it is more effective at lower manganese content.     

Securing keystroke dynamics from replay attacks

Keystroke dynamics is a viable behavioral biometric technique for identity verification based on users’ keyboard interaction traits. Keystroke dynamics can help prevent credentials from being abused in case of theft or leakage. But what happens if the keystroke events are eavesdropped and being replayed? Attackers that intercept keystroke dynamics authentication sessions of benign users can easily replay them from other sources unchanged or with minor changes and gain illegitimate privileges. Hence, even with its major security advantages, keystroke dynamics can still expose authentication mechanisms to replay attacks. Although replay attack is one of the oldest techniques to manipulate authentication systems, keystroke dynamics does not help preventing it. We suggest a new protocol for dynamics exchange based on choosing a subset of real and fake information snippets shared between the client and service providers to lure potential attackers. We evaluated our method on four state-of-the-art keystroke dynamics algorithms and three publicly available datasets and showed that we can dramatically reduce the possibility of replay attacks while preserving highly accurate user verification.     

一种标准模型下无证书签名方案的安全性分析与改进

无证书签名具有基于身份密码体制和传统公钥密码体制的优点，可解决复杂的公钥证书管理和密钥托管问题.Wu和Jing提出了一种强不可伪造的无证书签名方案，其安全性不依赖于理想的随机预言机.针对该方案的安全性，提出了两类伪造攻击.分析结果表明，该方案无法实现强不可伪造性，并在"malicious-but-passive"的密钥生成中心攻击下也是不安全的.为了提升该方案的安全性，设计了一个改进的无证书签名方案.在标准模型中证明了改进的方案对于适应性选择消息攻击是强不可伪造的，还能抵抗恶意的密钥生成中心攻击.此外，改进的方案具有较低的计算开销和较短的私钥长度，可应用于区块链、车联网、无线体域网等领域.     

基于概要数据结构的全网络持续流检测方法

持续流是隐蔽的网络攻击过程中显现的一种重要特征，它不产生大量流量且在较长周期内有规律地发生，给传统的检测方法带来极大挑战。针对网络攻击的隐蔽性、单监测点的重负荷和信息有限的问题，提出全网络持续流检测方法。首先，设计一种概要数据结构，并将其部署在每个监测点；其次，当网络流到达监测点时，提取流的概要信息并更新概要数据结构的一位；然后，在测量周期结束时，主监测点将来自其他监测点的概要信息进行综合；最后，提出流持续性的近似估计，通过一些简单计算为每个流构建一个位向量，利用概率统计方法估计流持续性，使用修正后的持续性估计检测持续流。通过真实的网络流量进行实验，结果表明，与长持续时间流检测算法（TLF）相比，所提方法的准确性提高了50%，误报率和漏报率分别降低了22%和20%，说明全网络持续流检测方法能够有效监测高速网络流量。     

A New NTRU-Type Public-Key Cryptosystem over the Binary Field

As the development of cloud computing and the convenience of wireless sensor netowrks, smart devices are widely used in daily life, but the security issues of the smart devices have not been well resolved. In this paper, we present a new NTRU-type public-key cryptosystem over the binary field. Specifically, the security of our scheme relies on the computational intractability of an unbalanced sparse polynomial ratio problem (DUSPR). Through theoretical analysis, we prove the correctness of our proposed cryptosystem. Furthermore, we implement our scheme using the NTL library, and conduct a group of experiments to evaluate the capabilities and consuming time of encryption and decryption. Our experiments result demonstrates that the NTRU-type public-key cryptosystem over the binary field is relatively practical and effective.     

一种军棋机器博弈的多棋子协同博弈方法

针对在军棋博弈不完全信息对弈中，面对棋子不同价值、不同位置、不同搭配所产生的不同棋力，传统的单子意图搜索算法，不能满足棋子之间的协同性与沟通性，同时也缺乏对敌方的引诱与欺骗等高级对抗能力。本文提出一种结合UCT搜索策略的高价值棋子博弈方法，实现高价值棋子协同博弈的策略。实战经验表明:高价值多棋子军棋协同博弈策略优于单棋子军棋博弈策略。     

瓦斯抽采钻孔水射流协同修护技术研究与应用

瓦斯抽采钻孔普遍存在因变形、煤渣积聚及塌孔等导致钻孔堵塞和抽采效果差的问题。通过分析钻孔塌堵失稳机制,得出煤岩体性质、地质构造及多应力耦合条件是造成钻孔失稳的主要因素,进而推断相应堵孔段情形。利用高压水射流解堵作用,提出了水射流疏通-筛管护孔协同修护技术,并研制出轻型气动钻孔修复装备。应用结果表明,该协同修护技术能有效解决瓦斯抽采钻孔塌堵后无法有效抽采的技术难题,试验钻孔修护深度达到50 m,修护完成后单孔抽采瓦斯浓度和瓦斯纯流量比修复前提高0.57~3.67倍和0.99~5.15倍,抽采效果大幅改善,实现了塌堵钻孔的快速便捷修复进而确保了瓦斯流动通道的畅通。     

一种大型复杂构件加工新模式及新装备探讨

大型复杂构件是航空航天、能源、船舶等领域装备的核心结构件，此类构件通常具有尺寸大、形状复杂、刚性弱等特点。传统“分体离线加工-在线检测”模式存在工艺不稳定、过程复杂、柔性差、周期长等问题，以龙门式多轴数控机床加工为代表的“包容式”加工模式，难以适应大型复杂构件的高效高质量加工制造需求。提出一种基于移动式和吸附式机器人的多机协同原位加工新模式，通过多机器人系统自主寻位、精确定位加工与加工质量原位检测，实现大型复杂构件多安装面并行铣削、制孔与打磨等作业。多机器人系统包括移动式混联机器人、吸附式并联机器人、移动式串联铣削机器人、移动式双臂加工机器人和移动式打磨机器人。构建多机协同原位加工模式，需要揭示多机器人协同原位加工行为与大型弱刚性结构件质量控制的交互机理，面临着本体、测量、工艺和集成四个方面的挑战，需要设计高灵活、高刚度的移动式和吸附式加工机器人，解决移动机器人自主准确寻位和超大结构件原位高精检测难题，攻克加工变形误差在线补偿和振动抑制技术，通过集成实现多机协同高效高精加工，为大型复杂构件的高效高质量制造提供创新技术及装备，并实现此类构件制造核心技术及装备自主可控。     

超声强化过氧化氢-维生素C体系糖汁脱色的研究

研究超声强化过氧化氢-维生素C复合脱色剂体系对糖汁脱色的规律,考察了超声功率、复合脱色剂用量、超声温度和时间对糖汁脱色率的影响。试验结果表明:超声空化强化过氧化氢-维生素C对糖汁具有良好的脱色效果,当处理糖汁量为100 mL,超声功率为260 W,过氧化氢与维生素C的用量均为1.6 mL,空化温度为70℃,超声时间为6 min时,脱色率达到53.4%。通过正交试验分析,得到各个因素对糖汁脱色率影响的主次关系为:超声功率>复合脱色剂用量>超声时间>空化温度。