隐私保护的可验证多元多项式外包计算方案

随着云计算的发展和大数据时代的到来,如何对隐私数据进行外包计算且有效验证计算结果具有重要的现实意义。基于多线性映射和同态加密方案,提出了可验证的多元多项式外包计算方案,用户可准确验证外包计算结果的正确性。方案在标准模型中可证安全,且多项式函数和用户输入对于服务器都是保密的。分析表明,用户计算量远小于服务器的计算代价以及直接计算多项式函数。     

An improved t‐out‐of‐n e‐lottery protocol

In 2009, Lee and Chang proposed an electronic t‐out‐of‐n lottery protocol over the Internet based on the Chinese remainder theorem and blind signature. However, a security flaw exists in Lee–Chang's protocol that the lottery agent and the malicious purchaser can collude to control the winning result, which is unfair for the honest participants. On the basis of a verifiable random number generated by using the Lagrange interpolation formula over a finite field, an improved t‐out‐of‐n e‐lottery protocol is proposed, which guarantees that each participant can generate the winning result equally. The improved protocol achieves public verifiability and fairness without a trusted third party and a delaying function, which makes it more robust and more efficient. Copyright © 2013 John Wiley & Sons, Ltd.     

实例依赖的可验证随机函数的高效构造*

实例依赖的可验证随机函数是由文献[1]提出的一个新的密码学概念,它也是构造高安全性的零知识协议（如可重置零知识论证系统）的一个强有力的工具,而这些高安全性的零知识协议在智能卡和电子商务中有着重要的潜在价值。基于非交互ZAP证明系统和random oracle模型中∑OR-协议,给出了实例依赖的可验证伪随机函数的两个高效的实现和相应的安全性证明,提升了这一工具的应用价值。     

一种基于纠缠交换的可验证量子秘密共享协议*

提出了一种新的基于纠缠交换的可验证量子秘密共享协议,秘密分发者与其他参与者进行一对一的信息交互,对某一参与者等概率进入检测模式或信息模式,直至确定信息发送安全后,再与下一参与者进行信息交互。本协议不仅能够避免外部窃听,又可以防止内部欺骗,从而保证共享信息的正确性和安全性,达到可验证的效果。     

约束驱动的动态关联式装配验证系统的设计与实现

针对机械产品设计中的装配约束验证问题,采用构造装配约束验证树的方法,将机械产品设计中存在装配约束关系的信息存储在树的节点中,将修改后的设计参数存入修改器,使用监视器监视修改器内容的变化,并对验证树进行实时更新,通过验证分析器调用监视器中的堆栈信息来决定验证工作的启停,实现了装配约束关系的动态、关联验证。开发了一个动态关联式装配验证原型系统进行实例验证,结果表明,该系统能够与设计同步监测设计变化对约束关系的影响,动态地检测出违反装配约束关系的设计缺陷。     

Method for using the blockchain to protect data privacy of IoV

With the rapid development of the Internet of Things,vehicle industry is undergoing a rapid transformation from the early vehicle Ad-Hoc network to the Internet of Vehicles (IoV) in which massive vehicles and on-board smart devices can realize data sharing and interaction.However,this brings about a big challenge for the security of shared data in a huge volume containing a lot of user privacy,especially the issues of access control,trust and key escrow.To address these problems,we propose an efficient blockchain-based distributed data sharing method in IoV.In our scheme,blockchain transactions are utilized for trustworthily data storage and access as well as user revocation.To realize end device verification,we introduce certificateless cryptography for transaction verification of blockchain nodes and the ease of the key escrow problem.Moreover,we propose an efficient partial policy-hidden CP-ABE scheme for data fine-grained access control with efficient user revocation.Security analysis and experiments demonstrate that our scheme is secure,efficient and practical.     

Verifiable Distributed Oblivious Transfer and Mobile Agent Security

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivious transfer (OT) from a trusted party can be used to protect the agent’s privacy and the hosts’ privacy. In this paper, we introduce a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party with a group of threshold trusted servers. The design of VDOT uses a novel technique called consistency verification of encrypted secret shares. VDOT protects the privacy of both the sender and the receiver against malicious attacks of the servers. We also show the design of a system to apply VDOT to protect the privacy of mobile agents. Our design partitions an agent into the general portion and the security-sensitive portion. We also implement the key components of our system. As far as we know, this is the first effort to implement a system that protects the privacy of mobile agents. Our preliminary evaluation shows that protecting mobile agents not only is possible, but also can be implemented efficiently. This work was supported in part by the DoD University Research Initiative (URI) program administered by the Office of Naval Research under grant N00014-01-1-0795. Sheng Zhong was supported by ONR grant N00014-01-1-0795 and NSF grants ANI-0207399 and CCR-TC-0208972. Yang Richard Yang was supported in part by NSF grant ANI-0207399. A preliminary version of this paper was presented at the DialM-POMC Joint Workshop on Foundations of Mobile Computing in 2003. Sheng Zhong received his Ph.D. in computer science from Yale University in the year of 2004. He holds an assistant professor position at SUNY Buffalo and is currently on leave for postdoctoral research at the Center for Discrete Mathematics and Theoretical Computer Science (DIMACS). His research interests, on the practical side, are security and incentives in data mining, databases, and wireless networks. On the theoretical side, he is interested in cryptography and game theory. Yang Richard Yang is an Assistant Professor of Computer Science at Yale University. His research interests include computer networks, mobile computing, wireless networking, sensor networks, and network security. He leads the LAboratory of Networked Systems (LANS) at Yale. His recent awards include a Schlumberger Fellowship and a CAREER Award from the National Science Foundation. He received his B.E. degree from Tsinghua University (1993), and his M.S. and Ph.D. degrees from the University of Texas at Austin (1998 and 2001).     

一个完善的秘密分享方案

可验证秘密分享在实用密码学领域内是一个非常重要的工具,它在密钥管理协议、门限或分布式签名协议、电子商务、多方安全计算及团体式密码系统等许多方面都有极为广泛的应用。针对一类突发事务须及时、安全解决的特点, 利用离散对数问题的难解性,在假设初始化阶段和秘密恢复阶段始终有一位值得信赖的分发者参与的情况下,提出了一个可公开验证的门限秘密分享方案。     

A New Signature Scheme with Shared Verification

1Introduction Withthedevelopmentofcomputerandnetworkcom municationtechnology,andwiththedifferenceofuser s demands,digitalsignaturetechniquesarebeingexpand edgreatly,fromthesinglesignature,singleverification modetothemulti user sone.Forexample,adocument sy…     

非交互式可公开认证的电子选举策略

基于椭圆曲线上离散对数的难解问题提出了一种非交互式公开可认证协议，设计了非交互式零知识证明协议，用这两个协议作为基本工具构造出一个简单且有效的非交互式公开可认证的电子选举策略，任何人对投票者和计票者的数据都能进行认证．该策略可防欺诈，适用于小规模的网络选举．