椭圆曲线数字签名算法下的公钥密钥验证

椭圆曲线数字签名算法（ECDSA）是使用椭圆曲线对数字签名算法（DSA）的模拟。与普通的离散对数问题（Discrete logarithm problem DLP）和大数分解问题（Integer factorization problem IFP）不同,椭圆曲线离散对数问题（Ellipticcurve discrete logarithm problem ECDLP）没有亚指数时间的解决方法。因此椭圆曲线密码的单位比特强度要高于其他公钥体制。论文中介绍了椭圆密码体制及加密认证的基础知识,在素数域上引用一条椭圆曲线,建立身份认证体系进一步对公钥认证进行研究,分析如何产生密钥对,并通过算法来验证公钥是否满足要求以及CA的重要性。     

An efficient and practical threshold gateway-oriented password-authenticated key exchange protocol in the standard model

With the assistance of an authentication server, a gateway-oriented password-authenticated key exchange (GPAKE) protocol can establish a common session key shared between a client and a gateway. Unfortunately, a GPAKE protocol becomes totally insecure if an adversary can compromise the authentication server and steal the passwords of the clients. In order to provide resilience against adversaries who can hack into the authentication server, we propose a threshold GPAKE protocol and then present its security proof in the standard model based on the hardness of the decisional Diffie-Hellman (DDH) problem. In our proposal, the password is shared among n authentication servers and is secure unless the adversary corrupts more than t+1 servers. Our protocol requires n > 3t servers to work. Compared with existing threshold PAKE protocols, our protocol maintains both stronger security and greater efficiency.     

基于无证书的两方认证密钥协商协议

基于椭圆曲线上离散对数问题、双线性对映射和CDH假设,提出新的基于无证书的两方认证密钥协商协议,解决了基于身份的公钥密码方案中固有的密钥托管问题,实现了对通信双方的身份验证,防止了主动攻击。最后,分析协议的正确性,应用pi演算对协议进行形式化分析,借助Pro Verif工具验证了协议的安全性。与其它两方密钥协商协议性能相比。安全性和效率都更好。     

基于ECDLP的SIP认证密钥协商协议

SIP协议是应用层控制协议,为了提高SIP协议的安全性,文中基于椭圆曲线离散对数问题的难解性,结合用户身份、用户口令及单向陷门函数F(),提出了一种基于ECDLP的SIP认证密钥协商协议.协议过程主要由初始化、注册、登录认证、口令修改四部分组成.安全分析表明,该协议实现了双向认证、提供了安全会话密钥,能抵抗口令猜测攻击、中间人攻击、重放攻击、冒充攻击、Denning-Sacco攻击等.与相关协议比较,本文所提出的基于ECDLP的SIP认证密钥协议具有更高的安全性,能更好的满足应用需求.     

Quantum sealed-bid auction using a modified scheme for multiparty circular quantum key agreement

A feasible, secure and collusion attack-free quantum sealed-bid auction protocol is proposed using a modified scheme for multiparty circular quantum key agreement. In the proposed protocol, the set of all (n) bidders is grouped into l subsets (sub-circles) in such a way that only the initiator (who prepares the quantum state to be distributed for a particular round of communication and acts as the receiver in that round) is a member of all the subsets (sub-circles) prepared for a particular round, while any other bidder is part of only a single subset. All n bidders and auctioneer initiate one round of communication, and each of them prepares l copies of a \(\left( r-1\right) \)-partite entangled state (one for each sub-circle), where \(r=\frac{n}{l}+1\). The efficiency and security of the proposed protocol are critically analyzed. It is shown that the proposed protocol is free from the collusion attacks that are possible on the existing schemes of quantum sealed-bid auction. Further, it is observed that the security against collusion attack increases with the increase in l, but that reduces the complexity (number of entangled qubits in each entangled state) of the entangled states to be used and that makes the scheme scalable and implementable with the available technologies. The additional security and scalability are shown to arise due to the use of a circular structure in place of a complete-graph or tree-type structure used earlier.     

UAP协议的安全性分析与改进

论文分析了一个基于椭圆曲线数字签名算法(ECDSA)的无线认证和密钥协商协议(UAP协议)的安全性,指出其安全缺陷:协议的安全性取决于服务器私钥的安全保存。使用无需求逆的椭圆曲线数字签名算法,同时将认证过程密钥和服务器参数绑定,给出了改进的无线认证和密钥协商协议,有效修复了UAP协议的缺陷,提高了服务器的使用效率,满足了无线认证和密钥协商协议的安全需求。     

一种新的安全协议及其串空间模型分析

针对有限域上计算离散对数的困难,提出了一种新的身份认证与密钥协商安全协议——PJY。PJY安全协议通过两次握手就可以验证通信双方的身份,同时产生对等的会话密钥。采用串空间模型分析该安全协议的正确性,通过构造渗透串空间模型,采用认证测试证明了PJY安全协议在任意一种攻击串模式下都具有单射一致性和机密性,从而证明了PJY安全协议的正确性。     

Computing Prime Factorization And Discrete Logarithms: From Index Calculus To Xedni Calculus

The integer factorization problem (IFP), the finite field discrete logarithm problem (DLP) and the elliptic curve discrete logarithm problem (ECDLP) are essentially the only three mathematical problems that the practical public-key cryptographic systems are based on. For example, the most famous RSA cryptosystem is based on IFP, the US government's Digital Signature Standard, DSS, is based on DLP, whereas the ECC (Elliptic Curve Cryptography) and Elliptic Curve Digital Signature Algorithm (ECDSA) are based on ECDLP. The security of such cryptographic systems relies on the computational intractability of these three mathematical problems. In this paper, we shall present a survey of various methods for solving the IFP/DLP and particularly the ECDLP problems. More specifically, we shall first discuss how the index calculus as well as quantum algorithms can be used to solve IFP/DLP. Then we shall show why the index calculus cannot be used to solve ECDLP. Finally, we shall introduce a new method, xedni calculus , due to Joseph Silverman, for attack ECDLP; some open problems and new research directions, will also be addressed.     

基于无证书的两方跨域认证密钥协商协议

利用椭圆曲线上双线性对映射和离散对数问题,提出一种基于无证书的两方跨域认证密钥协商协议。该协议解决了传统的基于身份的跨域两方密钥协商协议中固有的密钥托管问题,实现了跨域通信双方的身份验证,防止了主动攻击。在保证协议正确性的基础上,采用应用Pi演算对协议进行形式化分析,并验证了协议的认证性和安全性。与其他跨域两方认证密钥协商协议性能相比,该协议的安全性和效率都更优。     

An efficient improvement remote user mutual authentication and session key agreement scheme for E-health care systems

The E-health care systems allow patients to gain the health monitoring facility and access medical services remotely. A secure mechanism for mutual authentication and session key agreement is the most important requirements for E-Health Care Systems. Recently, Amin et al.’s proposed a mutual authentication and session key agreement protocol and claimed that their scheme is secure against all possible attacks. In this paper, we show that not only their scheme is vulnerable to privileged-insider attack, replay attack, session key disclosure attack, but also does not provide patient untraceability and backward secrecy. In order to withstand the mentioned security weaknesses, we propose an efficient remote mutual authentication scheme for the systems which are using ECC and Fuzzy Extractor. The proposed scheme not only resists against different security attacks, but it also provides an efficient registration, login, mutual authentication, session key agreement, and password and biometric update phases. During the experimentation, it has been observed that the proposed scheme is secure against various known attacks. Beside, our scheme is robust against privileged-insider attack that it rarely checked in security analysis. The informal analysis will ensure that our scheme provides well security protection against the different security attacks. Furthermore, we analyzed the security of the scheme using AVISPA software and Random Oracle Model. The formal analysis results and performance evaluation vouch that our scheme is also secure and efficient in computation and communication cost.     

无对运算的无证书隐式认证及密钥协商协议

提出一种不含对运算的无证书隐式认证及密钥协商协议。该协议基于离散对数问题和可计算Diffie-Hellman假设,仅需要3次指数运算和2次散列运算,可避免复杂的双线性对运算。在随机预言机模型下的分析结果表明,该协议具有强安全性,计算开销低于同类型的其他协议。     

Authenticated communication from quantum readout of PUFs

Quantum readout of physical unclonable functions (PUFs) is a recently introduced method for remote authentication of objects. We present an extension of the protocol to enable the authentication of data: A verifier can check if received classical data were sent by the PUF holder. We call this modification QR-d or, in the case of the optical-PUF implementation, QSA-d. We discuss how QSA-d can be operated in a parallel way. We also present a protocol for authenticating quantum states.     

Parallel <Emphasis Type="Italic">LL</Emphasis> parsing

A deterministic parallel LL parsing algorithm is presented. The algorithm is based on a transformation from a parsing problem to parallel reduction. First, a nondeterministic version of a parallel LL parser is introduced. Then, it is transformed into the deterministic version—the LLP parser. The deterministic LLP(q,k) parser uses two kinds of information to select the next operation — a lookahead string of length up to k symbols and a lookback string of length up to q symbols. Deterministic parsing is available for LLP grammars, a subclass of LL grammars. Since the presented deterministic and nondeterministic parallel parsers are both based on parallel reduction, they are suitable for most parallel architectures.     

Identity based secure authentication scheme based on quantum key distribution for cloud computing

Identity theft is the most recurrent twenty-first century cybercrime. Thus, authentication is of utmost significance as the number of hackers who seek to intrigue into legitimate user’s account to obtain sensitive information is increasing. Identity based authentication operates to corroborate the identity of the user so that only the legitimate user gets access to the service. This paper proposes a quantum identity based authentication and key agreement scheme for cloud server architecture. Quantum cryptography based on the laws of quantum physics is a vital technology for securing privacy and confidentiality in the field of network security. A formal security analysis has been performed using AVISPA tool that confirms the security of the proposed scheme. The security analysis of the proposed protocol proves that it is robust against all security attacks. To confirm applicability of quantum key distribution in cloud computing, a practical long-distance entanglement-based QKD experiment has been proposed. This experiment confirms successful generation of shifted keys over distance of 100 km of optical fiber with a key rate of 4.11 bit/s and an error rate of 9.21 %.     

An uncertainty relation in terms of generalized metric adjusted skew information and correlation measure

The uncertainty principle in quantum mechanics is a fundamental relation with different forms, including Heisenberg’s uncertainty relation and Schrödinger’s uncertainty relation. In this paper, we prove a Schrödinger-type uncertainty relation in terms of generalized metric adjusted skew information and correlation measure by using operator monotone functions, which reads,

$$\begin{aligned} U_\rho ^{(g,f)}(A)U_\rho ^{(g,f)}(B)\ge \frac{f(0)^2l}{k}\left| \mathrm {Corr}_\rho ^{s(g,f)}(A,B)\right| ^2 \end{aligned}$$

for some operator monotone functions f and g, all n-dimensional observables A, B and a non-singular density matrix \(\rho \). As applications, we derive some new uncertainty relations for Wigner–Yanase skew information and Wigner–Yanase–Dyson skew information.

     

On some extremal problems for mutual information and entropy

The problem of determining the maximum mutual information I(X; Y) and minimum entropy H(X, Y) of a pair of discrete random variables X and Y is considered under the condition that the probability distribution of X is fixed and the error probability Pr{Y ≠ X} takes a given value ε, 0 ≤ ε ≤ 1. Precise values for these quantities are found, which in several cases allows us to obtain explicit formulas for both the maximum information and minimum entropy in terms of the probability distribution of X and the parameter ε.     

Almost cover-free codes

We say that an s-subset of codewords of a code X is (s, l)-bad if X contains l other codewords such that the conjunction of these l words is covered by the disjunction of the words of the s-subset. Otherwise, an s-subset of codewords of X is said to be (s, l)-bad. A binary code X is called a disjunctive (s, l) cover-free (CF) code if X does not contain (s, l)-bad subsets. We consider a probabilistic generalization of (s, l) CF codes: we say that a binary code is an (s, l) almost cover-free (ACF) code if almost all s-subsets of its codewords are (s, l)-good. The most interesting result is the proof of a lower and an upper bound for the capacity of (s, l) ACF codes; the ratio of these bounds tends as s→∞ to the limit value log₂ e/(le).     

基于椭圆曲线自验证公钥的3G通信认证方案

采用将PKBP（公钥广播协议）和SPAKA（基于自验证公钥的认证及密钥交换协议）相结合的方法,基于椭圆曲线上的离散对数难问题,设计了一种3G通信中的双向认证和密钥协商的认证系统,其安全性是基于椭圆曲线上的离散对数难问题的。与现有公钥认证协议相比,PKBP和SPAKA减少了数据传输量的和VLR与ME的在线计算量,可在无须传送公钥证书的前提下完成ME和VLR的相互认证及会话密钥协商,并可在特定场合实现对ME通话的可控、合法监听。因此,该方案提高了认证系统的安全性和效率,很适合于支持3G系统的全球移动性和通信安全性。     

基于独立集问题的零知识证明研究

零知识证明已经成为信息安全领域身份认证的关键技术之一。为了避免已知零知识证明系统的图同构问题，提出了一种知识的计算零知识证明系统，其安全性建立在NPC独立集问题上。该算法的构造基于离散对数问题的困难性，从而保证了系统的合理性、完全性、计算零知识性。并从计算复杂度和通信复杂度两方面对系统及其算法参数的选取进行了分析。理论证明，该系统是可行有效的。     

DNA sequence design using templates

Sequence design is a crucial problem in information-based biotechnology such as DNA-based computation. We introduce a simple strategy namedtemplate method that systematically generates a set of sequences of lengthl such that any of its member will have approximatelyl/3 mismatches with other sequences, their complements, and the overlaps of their concatenations.