New approach to WLAN security with synchronized pseudo random

Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as "one-time passwords" for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger secur     

Fast correlation attack on streamcipher ABC v3

ABC v3 is a stream cipher submitted to the ECRYPT eStream project and has entered the second evaluation phase. Its key length is 128 bits. In this paper, we find large numbers of new weak keys of ABC family and introduce a method to search for them, and then apply a fast correlation attack to break ABC v3 with weak keys. We show that there are at least 2^103.71 new weak keys in ABC v3. Recovering the internal state of a weak key requires 236.05 keystream words and 2^50.56 operations. The attack can be applied to ABC vl and v2 with the same complexity as that of ABC v3. However, the number of weak keys of ABC vl as well as ABC v2 decreases to 2^97 ＋ 20^95.19,It reveals that ABC v3 incurs more weak keys than that of ABC vl and v2.     

A Generic Framework for Anonymous Authentication in Mobile Networks

Designing an anonymous user authentication scheme in global mobility networks is a non-trivial task because wireless networks are susceptible to attacks and mobile devices powered by batteries have limited communication, processing and storage capabilities. In this paper, we present a generic construction that converts any existing secure password authen- tication scheme based on a smart card into an anonymous authentication scheme for roaming services. The security proof of our construction can be derived from the underlying password authentication scheme employing the same assumptions. Compared with the original password authentication scheme, the transformed scheme does not sacrifice the authentication effciency, and additionally, an agreed session key can be securely established between an anonymous mobile user and the foreign agent in charge of the network being visited. Furthermore, we present an instantiation of the proposed generic construction. The performance analysis shows that compared with other related anonymous authentication schemes, our instantiation is more effcient.     

A two-stage heuristic method for vehicle routing problem with split deliveries and pickups

The vehicle routing problem （VRP） is a well-known combinatorial optimization issue in transportation and logistics network systems. There exist several limitations associated with the traditional VRP. Releasing the restricted conditions of traditional VRP has become a research focus in the past few decades. The vehicle routing problem with split deliveries and pickups （VRPSPDP） is particularly proposed to release the constraints on the visiting times per customer and vehicle capacity, that is, to allow the deliveries and pickups for each customer to be simultaneously split more than once. Few studies have focused on the VRPSPDP problem. In this paper we propose a two-stage heuristic method integrating the initial heuristic algorithm and hybrid heuristic algorithm to study the VRPSPDP problem. To validate the proposed algorithm, Solomon benchmark datasets and extended Solomon benchmark datasets were modified to compare with three other popular algorithms. A total of 18 datasets were used to evaluate the effectiveness of the proposed method. The computational results indicated that the proposed algorithm is superior to these three algorithms for VRPSPDP in terms of total travel cost and average loading rate.     

Biped walking on level ground with torso using only one actuator

It is well known that a biped robot needs actuators to walk stably on level ground. Till now, a biped robot with torso has needed at least two actuators to achieve this. Would it be possible for this kind of robot to walk on level ground with only one actuator？ This paper responds in the affirmative and proposes a simple control strategy for a planar biped robot with torso. In this control method, there is only one low gain proportional-derivative （PD） controller between the torso and the stance leg, while the swing leg remains totally free. The PD controller utilizes states of both the torso （angle and angular velocity） and the stance leg. The numerical simulations show that, by adopting this controller, a planar biped robot with torso can walk stably on level ground, and that the robot can walk with a wide range of speeds and high energy efficiency by changing the control parameters. Four period-one gaits, one of which is stable while the other three are unstable, are found by simulations. According to the literature surveyed, we are the first to have a torso only driven biped robot walk stably on level ground.     

Multi-key FHE without ciphertext-expansion in two-server model

López-Alt et al.(STOC12)put forward a primitive called multi-key fully homomorphic encryption(MKFHE),in which each involved party encrypts their own data using keys that are independently and randomly chosen whereby arbitrary computations can be performed on these encrypted data by a final collector.Subsequently,several superior schemes based on the standard assumption(LWE)were proposed.Most of these schemes were constructed by expanding a fresh GSW-ciphertext or BGV-ciphertext under a single key to a new same-type ciphertext of the same message under a combination of associated parties’keys.Therefore,the new ciphertext’s size grew more or less linearly with an increase in the number of parties.In this paper,we proposed a novel and simple scheme of MKFHE based on LWE without increasing the size of the ciphertext in the two non-collusion server model.In other words,each party first independently shares their own data between two servers and each server only needs a one-round communication with another to construct a ciphertext of the same plaintext under a sum of associated parties’keys.Our new ciphertext under multiple keys has the same size as that of the original one with only one-round communication between two servers.The communication complexity is O(kmlogq)-bit,where k is the number of input ciphertexts involved,m is the size of a GSW-ciphertext and q is a modulus.In conclusion,we proved that our scheme is CPA-secure against semi-honest adversaries.     

Hybritus: a password strength checker by ensemble learning from the query feedbacks of websites

Password authentication is vulnerable to dictionary attacks.Password strength measurement helps users to choose hard-to-guess passwords and enhance the security of systems based on password authentication.Although there are many password strength metrics and tools,none of them produces an objective measurement with inconsistent policies and different dictionaries.In this work,we analyzed the password policies and checkers of top 100 popular websites that are selected from Alexa rankings.The checkers are inconsistent and thus they may label the same password as different strength labels,because each checker is sensitive to its configuration,e.g.,the algorithm used and the training data.Attackers are empowered to exploit the above vulnerabilities to crack the protected systems more easily.As such,single metrics or local training data are not enough to build a robust and secure password checker.Based on these observations,we proposed Hybritus that integrates different websites'strategies and views into a global and robust model of the attackers with multiple layer perceptron(MLP)neural networks.Our data set is comprised of more than 3.3 million passwords taken from the leaked,transformed and randomly generated dictionaries.The data set were sent to 10 website checkers to get the feedbacks on the strength of passwords labeled as strong,medium and weak.Then we used the features of passwords generated by term frequency-inverse document frequency to train and test Hybritus.The experimental results show that the accuracy of passwords strength checking can be as high as 97.7%and over 94%even if it was trained with only ten thousand passwords.User study shows that Hybritus is usable as well as secure.     

Characterizing Economic and Social Properties of Trust and Reputation Systems in P2P Environment

Considering the fact that P2P （Peer-to-Peer） systems are self-organized and autonomous, social-control mechanism （like trust and reputation） is essential to evaluate the trustworthiness of participating peers and to combat the selfish, dishonest and malicious peer behaviors. So, naturally, we advocate that P2P systems that gradually act as an important information infrastructure should be multi-disciplinary research topic, and reflect certain features of our society. So, from economic and social perspective, this paper designs the incentive-compatible reputation feedback scheme based on well-known economic model, and characterizes the social features of trust network in terms of efficiency and cost. Specifically, our framework has two distinctive purposes： first, from high-level perspective, we argue trust system is a special kind of social network, and an accurate characterization of the structural properties of the network can be of fundamental importance to understand the dynamics of the system. Thus, inspired by the concept of weighted small-world, this paper proposes new measurements to characterize the social properties of trust system, that is, high global and local efficiency, and low cost; then, from relative low-level perspective, we argue that reputation feedback is a special kind of information, and it is not free. So, based on economic model, VCG （Vickrey-Clarke-Grove）-like reputation remuneration mechanism is proposed to stimulate rational peers not only to provide reputation feedback, but truthfully offer feedback. Furthermore, considering that trust and reputation is subjective, we classify the trust into functional trust and referral trust, and extend the referral trust to include two factors： similarity and truthfulness, which can efficiently reduce the trust inference error. The preliminary simulation results show the benefits of our proposal and the emergence of certain social properties in trust network.     

3D Modelling,Simulation and Prediction of Facial Wrinkles

The FA （facial ageing） process has been of a great interest to many researchers and some finns like airports and police departments, this is due to the fact that the face appearance changes as people age resulting in difficulties identifying certain individuals. In this paper, 2D wrinkle maps will be used in the design of a 3D system for the purpose of facial wrinkles simulation and prediction. Our findings will challenge many commercial soffwares in the innovation of the techniques in setting solid grounds to generate real-time 3D wrinkles that can be used later for various reasons. The 2D binary wrinkles will be mapped on the corresponding 3D face models using the generated outlined images. NURBS curves will then be projected on those wrinkles to form a 3D wrinkle map. The coloured wrinkle map, as well as some parameters, will be combined together in an algorithm to predict the appearance of the individual wrinkles in every age group that are divided into decades, starting from the age of 20. The novelty of the adopted procedure in comparison to the previous works is the new elements that have been integrated and collaborated to boost accuracy and generate a more realistic outcome.     

Extended Methodology of RS Design and Instances Based on GIP

Abe et al. proposed the methodology of ring signature (RS) design in 2002 and showed how to construct RS with a mixture of public keys based on factorization and/or discrete logarithms. Their methodology cannot be applied to knowledge signatures (KS) using the Fiat-Shamir heuristic and cut-and-choose techniques, for instance, the Goldreich KS. This paper presents a more general construction of RS from various public keys if there exists a secure signature using such a public key and an efficient algorithm to forge the relation to be checked if the challenges in such a signature are known in advance. The paper shows how to construct RS based on the graph isomorphism problem (GIP). Although it is unknown whether or not GIP is NP-Complete, there are no known arguments that it can be solved even in the quantum computation model. Hence, the scheme has a better security basis and it is plausibly secure against quantum adversaries.     

Using AT89C52 to Design Disorder Keyboard

针对传统密码键盘的安全性差的缺点，在传统密码键盘的基础上，设计了一种乱序密码输入键盘，增加了新的功能和特性．一方面在键盘数字按键上增加了数码管来显示0至9十个数字，且设计了随机数产生软件实现了随机变位，另一方面在按键上面贴一层特殊的透光材料。使视线具有一定的视角限制，在一定角度之外的人不能看到键盘上的数字。即使他人看到用户所按的键位，由于密码输入完毕后，键位又会重新打乱顺序，因此用户可以安全放心地在键盘前输入密码，不必担心别人通过拍摄或观察人的手型等方法来获取密码，从而大大提高了密码输入的安全性，杜绝了金融领域相关的犯罪现象。     

随机数字密码键盘的设计

针对传统键盘的键盘值固定、保密性和安全性差的缺点,在传统密码键盘的基础上,设计了一种随机数字密码键盘,使传统键盘增加了新的功能特性,即在数字键盘上增加了十个数码管来显示0至9十个数字,并通过单片机设计时钟中断程序产生随机数使数码管随机显示十个数字。通过数字位置的随机变化,即使他人观察到了用户的手势,仍无法通过判断键位获取密码,因此用户可以放心地在键盘面前输入密码,不用担心手势泄露密码,从而大大地提高了密码输入的安全性,在根源上杜绝了密码盗窃犯罪的可能。     

基于密码数据安全防护的机键接口电路研究

本文通过阐述LED数码管显示器接口技术、行列式键盘及其接口技术,实现在密码键盘上产生按一定顺序变化的随机数(LED显示),对密码起到保护作用。     

A proposal for new keypad design of electronic locks

Electronic locks, for which a password is entered on a computer-style keyboard, are described. Certain security problems associated with them are analysed. It is proposed that different labelling of the keyboard keys can reduce this problem. Theoretical figures are provided to support this claim and to aid design.     

基于手势识别的智能输入

针对在人机交互中键盘远远不能满足人们的要求,提出了一种手势识别算法,并结合键盘的按键实现智能输入．该算法采用肤色分割提取出手部区域,根据手形检测出大拇指和伸出的手指数目及位置,把手势转化为计算机所能接受的二进制语言．根据二进制数,结合键盘的按键,把不同手势定义为不同的按键,实现对计算机的智能输入．实验结果表明该算法具有一定的鲁棒性,并能达到较高的成功率．     

基于MCS-51单片机的洗衣控制系统

基于MCS-51单片机的洗衣控制系统，控制面板由按键、指示灯和LED显示器组成。按键选择洗衣机工作方式，指示灯配合按键工作，LED显示器则显示洗衣机洗涤和脱水时间。洗衣机的整体电路模块包括键盘矩阵、指示灯、电动机控制及电源电路。控制程序设计包括定时中断服务程序、外中断服务程序及主程序。     

金融交易密码多模态化方法

针对金融交易系统目前单一密码键盘模态客户身份认证存在的安全性、可靠性问题,提出了密码多模态化方法。多模态感知器获取密码码字信息,格式归一化传送所获原始模态信息,按属性前置处理、分类当前模态码字信息,公共单元融合多模态密码。对于确认的M位密码,每位分别采用N种模态输入,密码窃取率为1/(10MCN×MM)。以密码键盘与黑箱子指书为缺省模态的多模态密码输入系统的实用效果表明,所提方法实现了多模态密码码字无序交融输入,M=6时系统的密码窃取率为1/(106C2×66),而密码破解技术门类数及难度则随着模态数量增加而增加。密码输入的安全性及可靠性等多方面性能较现有单模态身份认证工作状态得到大幅提升。     

基于移位芯片的显示及键盘模块设计方法

该设计方案是一种简单实用的键盘和显示模块设计,可以实现8个按键扫描及3位数码管和8个LED的动态显示(可扩展实现8个数码管显示和16个按键扫描),只需要占用4个单片机的IO接口,驱动程序使用C51编写,易读且占用资源也较少。     

基于S3C2440A的液晶触摸乱序密码键盘设计

针对固定密码键盘存在的问题,设计了一种乱序密码键盘。给出了乱序密码键盘的组成,重点介绍了主要硬件和软件的设计方法。测试结果表明,乱序密码键盘的随机性很好,具有较高的安全性和保密性。     

基于Murphypinyin的嵌入式键盘设计

Murphypinyin是目前为止基于Qt／Embedded的一个比较好的开源中文输入法。通过将Murphpinyin开源软件包与Qt／Embedded自带输入法的融合,采用较少的按键,构建了一款适用于手持终端设备的可输入数字、中／英文的嵌入式键盘,并在S3C2440上实现。