A secure spectrum auction scheme without the trusted party based on the smart contract

With the development of communication 5G networks and technologies, spectrum resources are increasingly scarce. The scarcity of the spectrum resource makes market-driven spectrum auction become an important means of spectrum allocation, and due to the complexity of the network environment, the security of spectrum auctions can not be ignored. Most existing secure spectrum auction schemes introduce a semi-honest agent to complete spectrum auction. However, the hypothetical semi-honest model does not guarantee the security of spectrum auction in the actual application scenario, which may lead to potential security threats: the agent may reveal the privacy of bidders, agent or auctioneer may collude with the bidder to manipulate the spectrum auction, and so on. In this paper, a secure spectrum auction scheme without a trusted party is proposed based on the smart contract technology, and the smart contract written into the blockchain replaces the traditional semi-honest agent to cooperate with the auctioneer server to complete the auction. In order to ensure the security of our scheme, a secure spectrum auction protocol is designed, in which the Software Guard Extensions (SGX) technology and Paillier cryptosystem are used to protect the privacy of bidders. Public verification is provided in our protocol by using extensive Pedersen commitment, which prevents the auctioneer server and the bidder from colluding with each other and verifies group bid sum values. Finally, the security analysis is given to propose several types of attacks that can be defended. Besides, theoretical analysis and simulation experiments of our protocol are also provided.     

Privacy-preserving multi-attribute reverse spectrum auction scheme

Aiming the problem that the existing reverse spectrum auctions do not take the non-price attribute of spectrum into account and the security of spectrum auction,a privacy-preserving multi-attribute reverse spectrum auction was proposed.Firstly,price and non-price positive attributes of spectrum were considered as the bidding scheme of bidders and auctions was performed to judge spectrum winners.Secondly,to ensure the security of the spectrum auction,the Paillier threshold system was used to introduce a group of spectrum auction servers of auctioneers to replace the traditional single third-party agency,which could prevent the fraud collusion between spectrum auctioneers and bidders.The cryptography tools such as the anonymization technology and oblivious transfer were introduced to achieve the secure features,which could make the spectrum auction performed securely.The security analysis shows that the security protocol has strong security.The performance of the protocol is also evaluated,and experimental results show that the security scheme is superior to the multi-attribute reverse auction security scheme that can be applied in the spectrum auction scenario in terms of computational overhead.     

频谱拍卖中投标者共谋策略与多频段拍卖中共谋问题的讨论

本文通过对单频段拍卖中共谋问题的研究,从抑制共谋的角度,提出了最优的拍卖机制是第一价格封闭式拍卖,论证了频谱拍卖中投标者的最优共谋策略,给出了拍卖方基于保留价格的应对投标者共谋的对策。在单频段拍卖研究的基础上,进一步将频谱拍卖中的共谋问题引申到多频段拍卖中,讨论了当待售频段之间具有互补性和替代性时的共谋情况。     

TRADE: A truthful online combinatorial auction for spectrum allocation in cognitive radio networks

Auctions have been shown to be able to tackle the problem of spectrum scarcity effectively, but most of existing works only focus on static scenarios. They cannot deal with the requests of spectrum users as they arrive and leave dynamically. Bidders can either cheat by bidding untruthfully or cheat about the arrival and departure time. In this paper, we model the radio spectrum allocation problem as a sealed‐bid online combinatorial auction and propose a truthful mechanism called TRADE. TRADE is a truthful and an individual rational mechanism with polynomial time complexity. It can prevent bidders from cheating in the auction while achieving good bidder satisfaction, spectrum utilization, and social welfare. Copyright © 2013 John Wiley & Sons, Ltd.     

Designing Auction Mechanisms for Dynamic Spectrum Access

With the increasing demands for radio spectrum, techniques are being explored that would allow dynamic access of spectrum bands that are under-utilized. In this regard, a new paradigm called dynamic spectrum access is being investigated where wireless service providers (WSPs) would dynamically seek more spectrum from the under-utilized licensed bands when and where they need without interfering with the primary users. Currently, there is little understanding on how such a dynamic allocation will operate so as to make the system feasible under economic terms. In this paper, we consider the dynamic spectrum allocation process where multiple WSPs (bidders) compete to acquire necessary spectrum band from a common pool of spectrum. We use auction theory to analyze the allocation process when the demand from WSPs exceeds the available spectrum. We investigate various auction mechanisms under different spectrum allocation constraints to find WSPs’ bidding strategies and revenue generated by spectrum owner. We show that sequential bidding of bands provides better result than the concurrent bidding when WSPs are constrained to at most single unit allocation. On the other hand, when the bidders request for multiple units, (i.e., they are not restricted by allocation constraints) synchronous auction mechanism proves to be beneficial than asynchronous auctions.

PATH: privacy-preserving auction for heterogeneous spectrum allocations

Recently, truthful spectrum auctions have been extensively studied to improve spectrum utilization. Furthermore, privacy preservation in truthful spectrum auctions has also been taken into account. However, existing work mainly focuses on privacy-preserving homogenous spectrum auctions, while the case of heterogeneous spectrum auctions is ignored. In this paper, we propose PATH, a privacy-preserving auction for single-sided heterogeneous spectrum allocations. Through organically combining three security techniques: homomorphic encryption, secret sharing and garbled circuit, PATH reveals nothing about buyers’ bids and identities beyond the auction outcome to any participant party. Specifically, PATH not only maintains the properties of truthfulness and spectrum reuse of the underlining auction mechanism TAMES, but also implements the first provably secure solution for single-sided heterogeneous spectrum auctions. Finally, experimental results demonstrate that PATH incurs only limited computation and communication overhead, and it is feasible for large-scale applications.

     

Profit maximization for secondary users in dynamic spectrum auction of cognitive radio networks

As a powerful economic theory, auction mechanism has been extensively studied in dynamic spectrum allocation for cognitive radio networks (CRNs) recently. Different from most of existing works that focused on the mechanism design from the spectrum owner's side, we study from a new perspective on profit maximization of the secondary users (SUs). Because the spectrum auction mechanism has already been designed by the spectrum owner, we derive SUs' optimal bid strategies, which maximize their profits. First, we relax the limitation of SU's value on spectrum band, which is formerly defined as the transmission rate on channel, and introduce the affiliated value considering the impacts from other SUs. Further, the optimal value determination function is derived, which maximizes SU's expected profit; second, we analyze the auctioneer cheating issue, which has great influence on SU's profit, and the Nash equilibrium strategies for both spectrum owner and SUs are derived. Moreover, the repeated auction game mechanism is proposed that resists the auctioneer cheating effectively. Copyright © 2013 John Wiley & Sons, Ltd.     

Sequential Bandwidth and Power Auctions for Distributed Spectrum Sharing

We study a sequential auction for sharing a wireless resource (bandwidth or power) among competing transmitters. The resource is assumed to be managed by a spectrum broker (auctioneer), who collects bids and allocates discrete units of the resource via a sequential second-price auction. It is well known that a second price auction for a single indivisible good has an efficient dominant strategy equilibrium; this is no longer the case when multiple units of a homogeneous good are sold in repeated iterations. For two users with full information, we show that such an auction has a unique equilibrium allocation. The worst-case efficiency of this allocation is characterized under the following cases: (i) both bidders have a concave valuation for the spectrum resource, and (ii) one bidder has a concave valuation and the other bidder has a convex valuation (e.g., for the other user?s power). Although the worst-case efficiency loss can be significant, numerical results are presented, which show that for randomly placed transmitter-receiver pairs with rate utility functions, the sequential second-price auction typically achieves the efficient allocation. For more than two users it is shown that this mechanism always has a pure strategy equilibrium, but in general there may be multiple equilibria. We give a constructive procedure for finding one equilibrium; numerical results show that when all users have concave valuations the efficiency loss decreases with an increase in the number of users.     

一种完全匿名和公平高效的拍卖协议

为了保护电子拍卖过程中投标者的隐私,以及防止投标者中标后反悔,本文从利用签名技术和位承诺协议, 提出了一个安全有效的匿名拍卖协议。该协议不仅保证了标价的保密性和可验证性,投标者对所投标价的不可否认 性和匿名性,而且保证了在整个拍卖过程中,无人可以操纵其他人的投标。即使某一投标者与拍卖代理相互勾结, 也不会影响协议的安全性和有效性。更为重要的是,该协议遵循第二价位原理,从而使商品分配达到最优。与先前 的工作相比,该协议具有更好的扩展性和效率,适合于分布式的网上拍卖。     

The combinatorics of authentication and secrecy codes

This paper is a study of the combinatorics of unconditionally secure secrecy and authentication codes, under the assumption that each encoding rule is to be used for the transmission of some numberL of successive messages. We obtain bounds on the number of encoding rules required in order to obtain maximum levels of security. Some constructions are also given for codes which have the minimum number of encoding rules. These constructions use various types of combinatorial designs.     

Identifying the Winner's Curse in the First Spectrum Auction in the Republic of Korea Using an Event Study Approach

The first spectrum auction in the Republic of Korea is attention‐worthy owing to the fierce competition for the only 1.8‐GHz spectrum license, the winning bidder of which was suspected of overpaying for its acquisition. This study empirically investigates the existence of a “winner's curse” in the first Korean spectrum auction by using a standard event study methodology. The results show that both the winner and loser experienced significant positive returns on the completion day of the auction. The results imply that there was no winner's curse in the auction and that the losing firm might increase its competitive advantage by acquiring other spectrum licenses despite failing to achieve its initial target spectrum. Therefore, these results suggest that regulators may need to consider bringing about positive short‐term wealth benefits to all bidders by appropriately designing a spectrum auction, such as by performing multiband auctions.     

A provable secure sealed‐bid multi‐attribute auction scheme under semi‐honest model

Secure electronic auction protocol attracts increasing attention in the field of information security research. A variety of secure electronic auction protocols have achieved a lot. However, those studies mainly focus on price‐based auction model. There are few literatures involving security issues of multi‐attribute e‐auction. In recent years, the existing literatures mainly focus on the winner determination problem of multi‐attribute auction, but research of multi‐attribute e‐auction just begin from the perspective of information security. The proposal intends to start with the multi‐attribute e‐auction protocol, explores the different results in the multi‐attribute auction model because of different bid structures, focuses on qualitative attribute‐based winner determination auction model, proposes a new qualitative attribute‐based sealed‐bid multi‐attribute auction scheme under semi‐honest model for the first time. According to the security analysis and computation comparison, it provides strong bid privacy, public verifiability, and reasonable computational cost. Copyright © 2013 John Wiley & Sons, Ltd.     

Spectrum auction with interference constraint for cognitive radio networks with multiple primary and secondary users

Extensive research in recent years has shown the benefits of cognitive radio technologies to improve the flexibility and efficiency of spectrum utilization. This new communication paradigm, however, requires a well-designed spectrum allocation mechanism. In this paper, we propose an auction framework for cognitive radio networks to allow unlicensed secondary users (SUs) to share the available spectrum of licensed primary users (PUs) fairly and efficiently, subject to the interference temperature constraint at each PU. To study the competition among SUs, we formulate a non-cooperative multiple-PU multiple-SU auction game and study the structure of the resulting equilibrium by solving a non-continuous two-dimensional optimization problem, including the existence, uniqueness of the equilibrium and the convergence to the equilibrium in the two auctions. A distributed algorithm is developed in which each SU updates its strategy based on local information to converge to the equilibrium. We also analyze the revenue allocation among PUs and propose an algorithm to set the prices under the guideline that the revenue of each PU should be proportional to its resource. We then extend the proposed auction framework to the more challenging scenario with free spectrum bands. We develop an algorithm based on the no-regret learning to reach a correlated equilibrium of the auction game. The proposed algorithm, which can be implemented distributedly based on local observation, is especially suited in decentralized adaptive learning environments as cognitive radio networks. Finally, through numerical experiments, we demonstrate the effectiveness of the proposed auction framework in achieving high efficiency and fairness in spectrum allocation.     

A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor

User authentication is a prominent security requirement in wireless sensor networks (WSNs) for accessing the real‐time data from the sensors directly by a legitimate user (external party). Several user authentication schemes are proposed in the literature. However, most of them are either vulnerable to different known attacks or they are inefficient. Recently, Althobaiti et al. presented a biometric‐based user authentication scheme for WSNs. Although their scheme is efficient in computation, in this paper, we first show that their scheme has several security pitfalls such as (i) it is not resilient against node capture attack; (ii) it is insecure against impersonation attack; and (iii) it is insecure against man‐in‐the‐middle attack. We then aim to propose a novel biometric‐based user authentication scheme suitable for WSNs in order to withstand the security pitfalls found in Althobaiti et al. scheme. We show through the rigorous security analysis that our scheme is secure and satisfies the desirable security requirements. Furthermore, the simulation results for the formal security verification using the most widely used and accepted Automated Validation of Internet Security Protocols and Applications tool indicate that our scheme is secure. Our scheme is also efficient compared with existing related schemes. Copyright © 2015 John Wiley & Sons, Ltd.     

面向大数据定价的委托拍卖方案

大数据合理定价是当前大数据交易中亟待解决的具有一定挑战性问题之一.本文针对大数据定价困难问题,基于Micali-Rabin的安全计算技术提出一种具有大数据定价功能的安全委托拍卖方案.在方案中首先基于Micali-Rabin的随机向量表示方法设计满足标价密封性的大数据拍卖及验证算法.其次,基于Merkle树和Bit承诺协议实现大数据交易中数据的完整性和底价的不可否认性,特别是在定价阶段,利用一种特殊的多方安全计算协议隐藏大数据的底价,以此保障了大数据交易的公平性.最后,方案安全性和性能分析表明,该方案特别适用于大数据交易场景下的数据委托拍卖.     

一种基于定价与信任的网格资源分配算法

该文首先对基于组合双向拍卖的网格资源分配与定价模型进行改进,提出以各类资源的单价定价的算法。然后提出一种等效价格算法,设计基于信任度的价格调整函数,将不同信任度的各节点的报价,都映射为基准信任度下的等效价格。最后基于该等效报价,以组合双向拍卖模型进行网格资源分配。仿真表明所提算法的交易率较高,能防止恶意节点参与交易,所得交易效用可激励买家提高和卖家降低其等效报价。     

簇式传感器网络的可认证动态密钥管理方案

Secure sensor networks has received much attention in the last few years. A sensor network always
works unattended possibly in a hostile environment such as a battlefield. In such environments, sensor networks are subject to node capture. Constrained energy,memory, and computational capabilities of sensor nodes mandate a clever design of security solutions to minimize overhead while maintaining secure communication over the lifespan of the network. In this paper, an authenticated dynamic key management scheme, ADKM has been proposed. It provides efficient, scalable, and survivable dynamic keying in a clustered sensor network with a large number of sensor nodes. ADKM employs a combinatorial exclusion basis system (EBS) for efficiency and one-way hash chains for authentication. Analysis of security and performance demonstrate that ADKM is efficient in security of sensor networks.     

Secure Authentication Schemes for Vehicular Adhoc Networks: A Survey

Vehicular Adhoc Network (VANET) is based on the principles of Mobile Adhoc NETwork (MANET) where vehicles are considered as nodes and secure communication is established to provide a safe driving experience. Due to its unique characteristics, it has various issues and challenges. These issues can be resolved by ensuring security requirements like authentication, privacy preservation, message integrity, non-repudiation, linkability, availability etc. Authentication plays a vital role since it is the first step to establish secure communication in the vehicular network. It also distinguishes malicious vehicles from legitimate vehicles. Different authentication schemes have been proposed to establish secure vehicular communications. A survey of the existing authentication schemes is given in this paper. At first, the existing authentication schemes are broadly classified based on message signing and verification methods. Then, each category is clearly explained with its sub-categories. At last, the existing schemes in each category are compared based on security requirements, security attacks and performance parameters.

     

基于TCP代理的数据传输系统的安全性优化

随着网络技术的发展和普及,企业异地分支局域网之间的网络通信越来越频繁,用户对于安全性和数据传输的可靠性也更加重视。针对以上需求,本文对现有的基于TCP代理的数据压缩传输系统进行了分析,并进行安全性优化,提高了系统对于攻击的防御能力和数据传输的安全性。     

A Full Connectable and High Scalable Key Pre-distribution Scheme Based on Combinatorial Designs for Resource-Constrained Devices in IoT Network

Considering the internet of things (IoT), end nodes such as wireless sensor network, RFID and embedded systems are used in many applications. These end nodes are known as resource-constrained devices in the IoT network. These devices have limitations such as computing and communication power, memory capacity and power. Key pre-distribution schemes (KPSs) have been introduced as a lightweight solution to key distribution in these devices. Key pre-distribution is a special type of key agreement that aims to select keys called session keys in order to establish secure communication between devices. One of these design types is the using of combinatorial designs in key pre-distribution, which is a deterministic scheme in key pre-distribution and has been considered in recent years. In this paper, by introducing a key pre-distribution scheme of this type, we stated that the model introduced in the two benchmarks of KPSs comparability had full connectivity and scalability among the designs introduced in recent years. Also, in recent years, among the combinatorial design-based key pre-distribution schemes, in order to increase resiliency as another criterion for comparing KPSs, attempts were made to include changes in combinatorial designs or they combine them with random key pre-distribution schemes and hybrid schemes were introduced that would significantly reduce the design connectivity. In this paper, using theoretical analysis and maintaining full connectivity, we showed that the strength of the proposed design was better than the similar designs while maintaining higher scalability.