基于Harn部分盲签名的安全电子投票方案

本文设计了一种新的Harn部分盲签名方案,并将此方案用于电子投票的设计中,形成了一个安全可靠的电子投票方案。这种电子投票方案不仅保证了投票者身份的匿名性和选票的安全、公平、保密性,还能实现投票的不可抵赖性。此方案是传统的盲签名电子投票方案的一个改进,是一个很实用的方案。     

基于身份盲签名的电子选举协议方案

在研究分析了当前电子选举协议中存在的优缺点,然后在F00协议基础上,利用椭圆曲线上的双线性映射和基于身份盲签名的思想,设计了一个具有高安全高效率的基于身份盲签名的电子选举方案.该设计方案不仅满足了安全电子选举协议的完全性、合理性、匿名性等最基本的要求,而且能很好地解决广义可验证性,且具有高效的运算效率.     

Reexamining the security of fair quantum blind signature schemes

In this paper, we reexamined the security of fair quantum blind signature protocols and found there exists a secure leakage caused by the reuse of signing key. To illustrate it, a new attack strategy is proposed based on unambiguous set discrimination of quantum state. In this attack, the attacker can forge a valid signature for any message when he owns three signatures. Finally, a feasible improved method is proposed to solve this problem.     

An inter-bank E-payment protocol based on quantum proxy blind signature

Security and anonymity are essential to E-payment systems. However, with the increasing computing power, existing E-payment systems will gradually become insecure. In this paper, we propose an inter-bank E-payment system which is based on quantum proxy blind signature. Adopting the techniques of quantum key distribution, one-time pad and quantum proxy blind signature, our quantum E-payment system could protect user??s anonymity as the traditional E-payment systems do, and also have unconditional security which the classical E-payment systems cannot provide. Furthermore, compared with the existing quantum E-payment systems, the proposed system could support inter-bank transactions.     

一种不使用Hash和Redundancy函数的代理盲签名

在密码学中,使用Hash函数和Redundancy函数必然使签名方案因这些函数的不安全性而遭受相关攻击,从而导致签名方案的安全性降低。提出了一种不使用Hash和Redundancy函数的代理盲签名,其安全性等价于解离散对数问题,而且避免了使用相关函数带来的威胁。分析表明,新方案实现了电子交易中的不可伪造性和不可链接性,有效防止了双方事后抵赖;而且减少了求幂运算的次数,避免了求Hash函数运算,使签名速度有了较大提高。     

Cryptanalysis of an inter-bank E-payment protocol based on quantum proxy blind signature

We analyze the security of an inter-bank E-payment protocol based on quantum proxy blind signature, and find that there is a security leak in the quantum channels of this protocol, which gives a chance for an outside opponent to launch a special denial-of-service attack. Furthermore, we show that the dishonest merchant can succeed to change the purchase information of the customer in this protocol.     

Improved digital signature protocol using iterated function systems

In this paper, a novel digital signature protocol is proposed. It is based on the iterated function system attractor, which is regarded as an emerging method. The idea behind our proposed method is based on selecting a known fractal set and then finding the attractor of the affine transformation functions. The attractor is then used in the encryption and decryption of a hash function to ensure the protection of the document from eavesdropping and integrity during the transmission. The properties and software implementation of the proposed protocol are discussed in detail. A comparison is made with the Rivest, Shamir, and Adleman cryptosystems, which shows that it performs better.     

新的基于身份无可信中心的盲签名和代理签名

论文分析了现有的基于身份的盲签名和代理签名,发现这些系统都需要无条件信任私钥产生中心(PKG,PrivateKeyGenerator)。因为PKG可以计算系统内任何用户的私钥,当然可以伪造任何用户的盲签名和代理签名。论文在已有基于身份无可信中心签名的基础上提出了一个基于身份无可信中心的盲签名,同时提出了一个基于身份无可信中心的代理签名。分析表明,提出的盲签名和代理签名是安全有效的。     

Robust session key generation protocol for social internet of vehicles with enhanced security provision

Social internet of things (SIoT) is an emerging concept that enables the autonomous interactions between social networks and internet of things (IoT). Vehicle-to-grid (V2G) networks are one of the instances of the SIoT. To mitigate privacy and security issues exist in the V2G networks, it is crucial to employ proper security solutions. One of the most important and popular security solutions is the key exchange protocol. During the last decade, several key exchange schemes have been proposed considering the specific requirements of V2G networks. However, the existing schemes have not reached a proper balance between security and efficiency. Therefore, in this paper, after the security assessment of a recent work, we propose a key exchange protocol, which can provide the desired performance and security properties. Rigorous formal security analyses besides the security features, communication overhead, and computational complexity comparisons indicate that the proposed scheme is a robust one to be employed in the V2G networks. To be more specific, in comparison to one of the most secure schemes, the proposed protocol has 84% improvement in execution time and 54% improvement in communication overhead. Furthermore, experiments on realistic platform indicate that the proposed protocol only takes 3 s to be executed by the computationally constrained onboard unit of electric vehicle.

     

A novel deniable authentication protocol using generalized ElGamal signature scheme

A deniable authentication protocol enables a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. This property is very useful for providing secure negotiation over the Internet. Consequently, many interactive and non-interactive deniable authentication protocols have been proposed. However, the interactive manner makes deniable protocols inefficient. In addition, a security hole is generated in deniable protocols that use the non-interactive manner if a session secret is compromised. Thus, there is no secure and efficient deniable authentication protocol as of now. In this paper, a new protocol based on the non-interactive manner is proposed to efficiently and securely achieve deniable authentication. This protocol can furthermore replace the underlying signature scheme in order to retain a secure status even if the previously used signature method is broken.     

End-to-end security implementation for mobile devices using TLS protocol

End-to-end security has been an emerging need for mobile devices with the widespread use of personal digital assistants and mobile phones. Transport Layer Security Protocol (TLS) is an end-to-end security protocol that is commonly used on the Internet, together with its predecessor, SSL protocol. By implementing TLS protocol in the mobile world, the advantage of the proven security model of this protocol can be utilized. The main design goals of mobile end-to-end security protocol are maintainability and extensibility. Cryptographic operations are performed with a free library, Bouncy Castle Cryptography Package. The object oriented architecture of proposed end-to-end security protocol implementation makes the replacement of this library with another cryptography package easier. The implementation has been experimented with different cases, which represent use of different cryptographic algorithms.     

Review on mobility aware MAC protocol using Mobile internet of things

Multimedia Tools and Applications - Modern boom and understanding of our growing needs, applications based on the Mobile Internet of Things (MIoT) are becoming important for future internet...     

A dynamic voting scheme in distributed systems

A dynamic weighted voting scheme for consistency and recovery control of replicated files in distributed systems is presented. The purpose of a replicated file is to improve the availability of a logical file in the presence of site failures and network partitions. The accessible physical copies of a replicated file will be mutually consistent and behave as a single copy. The recovery scheme requires no manual intervention. The control scheme tolerates any number of site failures and network partitions as well as repairs. Correctness results are given     

基于无证书公钥密码的终端安全移动支付协议

移动支付协议允许两方或多方通过公开网络安全交换电子现金和数字内容.在实现安全支付过程中,传统公钥密码学的证书管理问题和基于身份密码学的私钥托管问题均给支付协议带来弊端.因此,使用无证书密码学来解决此类问题.针对高效的移动支付协议的设计问题展开研究,提出了一个基于无对的无证书密码学的移动支付协议.协议引入了口令等信息实现终端安全,还应用了密钥协商协议生成对称加密密钥,并且该过程伴随着支付过程,以此降低协议的计算和通信代价.此外,协议还可以实现公平交换等支付安全属性.     

Changing policies towards encryption and internet security

There is an increasing tendency for organizations to put information on the Internet which immediately makes them vulnerable to hacking. What security is available beyond the modem?     

Improved security of a dynamic remote data possession checking protocol for cloud storage

Cloud storage offers the users with high quality and on-demand data storage services and frees them from the burden of maintenance. However, the cloud servers are not fully trusted. Whether the data stored on cloud are intact or not becomes a major concern of the users. Recently, Chen et al. proposed a remote data possession checking protocol to address this issue. One distinctive feature of their protocol support data dynamics, meaning that users are allowed to modify, insert and delete their outsourced data without the need to re-run the whole protocol. Unfortunately, in this paper, we find that this protocol fails to achieve its purpose since it is vulnerable to forgery attack and replace attack launched by a malicious server. Specifically, we show how a malicious cloud server can deceive the user to believe that the entire file is well-maintained by using the meta-data related to the file alone, or with only part of the file and its meta-data. Then, we propose an improved protocol to fix the security flaws and formally proved that our proposal is secure under a well-known security model. In addition, our improvement keeps all the desirable features of the original protocol.     

若干部分盲签名方案的密码学分析和改进

对最近提出的若干部分盲签名方案进行了安全分析,指出这些方案不像宣称的那样是安全的,存在签名请求者非法篡改事先协商好的公共信息的攻击,并对出现这种篡改攻击的原因进行了分析。分别对这些存在安全缺陷的方案进行了改进,并对改进方案的正确性、安全性和有效性进行了分析。分析表明,改进的方案在不降低原方案效率的情况下是安全的。     

Attack and improvements of fair quantum blind signature schemes

Blind signature schemes allow users to obtain the signature of a message while the signer learns neither the message nor the resulting signature. Therefore, blind signatures have been used to realize cryptographic protocols providing the anonymity of some participants, such as: secure electronic payment systems and electronic voting systems. A fair blind signature is a form of blind signature which the anonymity could be removed with the help of a trusted entity, when this is required for legal reasons. Recently, a fair quantum blind signature scheme was proposed and thought to be safe. In this paper, we first point out that there exists a new attack on fair quantum blind signature schemes. The attack shows that, if any sender has intercepted any valid signature, he (she) can counterfeit a valid signature for any message and can not be traced by the counterfeited blind signature. Then, we construct a fair quantum blind signature scheme by improved the existed one. The proposed fair quantum blind signature scheme can resist the preceding attack. Furthermore, we demonstrate the security of the proposed fair quantum blind signature scheme and compare it with the other one.     

对代理盲签名体制的攻击与改进

代理盲签名方案在实际应用中存在以下安全问题:首先是在代理签名者和消息拥有者的会话阶段容易受到恶意攻击,攻击者能使代理签名者在毫不知情的情况下对任意消息进行代理盲签名,这损害了原始签名者和代理签名者的利益;其次是代理签名者对签名权的滥用.给出了一种具体的攻击方法,并结合一具体的代理盲签名方案,通过运用授权证书结合身份认证给出了对此类攻击的防范措施,使代理盲签名体制的安全性得到了加强.     

IKE协议及其安全性分析

Intemet密钥交换协议（IKE）是用于交换和管理在VPN中使用的加密密钥的.到目前为止,它依然存在安全缺陷.基于该协议的重要的现实意义,简单地介绍了它的工作机制,并对它进行了安全性分析;对于抵御中间人攻击和DoS攻击,给出了相应的修正方法;还对主模式下预共享密钥验证方法提出了新的建议;最后给出了它的两个发展趋势：JFK和IKEv2.