Optimal agreement protocol in malicious faulty processors andfaulty links

Traditionally, the problems of Byzantine agreement, consensus, and interactive consistency are studied in a fully connected network with processors in malicious failure only. Such problems are reexamined with the assumption of malicious faults on both processors and links. The proposed protocols use the minimum number of message exchanges and can tolerate the maximum number of allowable faulty components to make each fault-free processor reach a common agreement for the cases of processor failure, link failure, or processor and link failure     

Fast generators for the Diffie-Hellman key agreement protocol and malicious standards

The Diffie-Hellman key agreement protocol is based on taking large powers of a generator of a prime-order cyclic group. Some generators allow faster exponentiation. We show that to a large extent, using the fast generators is as secure as using a randomly chosen generator. On the other hand, we show that if there is some case in which fast generators are less secure, then this could be used by a malicious authority to generate a standard for the Diffie-Hellman key agreement protocol which has a hidden trapdoor.     

Optimal asynchronous agreement and leader election algorithm for complete networks with Byzantine faulty links

Summary.  We consider agreement and leader election on asynchronous complete networks when the processors are reliable, but some of the channels are subject to failure. Fischer, Lynch, and Paterson have already shown that no deterministic algorithm can solve the agreement problem on asynchronous networks if any processor fails during the execution of the algorithm. Therefore, we consider only channel failures. The type of channel failure we consider in this paper is Byzantine failure, that is, channels fail by altering messages, sending false information, forging messages, losing messages at will, and so on. There are no restrictions on the behavior of a faulty channel. Therefore, a faulty channel may act as an adversary who forges messages on purpose to prevent the successful completion of the algorithm. Because we assume an asynchronous network, the channel delays are arbitrary. Thus, the faulty channels may not be detectable unless, for example, the faulty channels cause garbage to be sent. We present the first known agreement and leader election algorithm for asynchronous complete networks in which the processors are reliable but some channels may be Byzantine faulty. The algorithm can tolerate up to [n−22] faulty channels, where n is the number of processors in the network. We show that the bound on the number of faulty channels is optimal. When the processors terminate their corresponding algorithms, all the processors in the network will have the same correct vector, where the vector contains the private values of all the processors. Received: May 1994/Accepted: July 1995     

How to cope with faulty processors in a completely connected network of communicating processors

Computer systems consisting of a completely connected network of communicating processors should work reliable in spite of a number of malfunctioning processors that give conflicting information to different members of the system. It is necessary that all wellfunctioning processors agree on the message sent by any transmitting processor, regardless of the behaviour of the malfunctioning processors. Moreover, it is required that whenever the transmitter is wellfunctioning, the agreement reached should be equal to the message actually sent by the transmitter. In this paper it is shown by a mathematical proof that this is possible if and only if the number of malfunctioning processors is less than one-third of the total number of processors in the network. In cases where this requirement is fulfilled, we give a clear algorithm to reach agreement.     

Optimal stopping and control with two kinds of boundary conditions: application to dynamic routeing in networks

A stochastic optimal stopping and optimal control problem concerning the dynamic routeing of a randomly perturbed flow is considered. Equations for the solution of the optimal stopping and control problem are given. These equations lead to the solution of an elliptic problem with a given condition on a ‘ free boundary’ within a given domain D and a condition given on the boundary ? D of D. An example is given and a numerical study is conducted on it     

SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks

To support Evolved Packet System (EPS) in the Long Term Evolution (LTE) networks, the 3rd Generation Partnership Project (3GPP) has proposed an authentication and key agreement (AKA) protocol, named EPS-AKA, which has become an emerging standard for fourth-generation (4G) wireless communications. However, due to the requirement of backward compatibility, EPS-AKA inevitably inherits some defects of its predecessor UMTS-AKA protocol that cannot resist several frequent attacks, i.e., redirection attack, man-in-the-middle attack, and DoS attack. Meanwhile, there are additional security issues associated with the EPS-AKA protocol, i.e., the lack of privacy-preservation and key forward/backward secrecy (KFS/KBS). In addition, there are new challenges with the emergence of group-based communication scenarios in authentication. In this paper, we propose a secure and efficient AKA protocol, called SE-AKA, which can fit in with all of the group authentication scenarios in the LTE networks. Specifically, SE-AKA uses Elliptic Curve Diffie-Hellman (ECDH) to realize KFS/KBS, and it also adopts an asymmetric key cryptosystem to protect users’ privacy. For group authentication, it simplifies the whole authentication procedure by computing a group temporary key (GTK). Compared with other authentication protocols, SE-AKA cannot only provide strong security including privacy-preservation and KFS/KBS, but also provide a group authentication mechanism which can effectively authenticate group devices. Extensive security analysis and formal verification by using proverif have shown that the proposed SE-AKA is secure against various malicious attacks. In addition, elaborate performance evaluations in terms of communication, computational and storage overhead also demonstrates that SE-AKA is more efficient than those existing protocols.     

CRPD: a novel clustering routing protocol for dynamic wireless sensor networks

A wireless sensor network (WSN) consists of a large number of static or mobile, low-cost, and low-power sensor nodes. And energy is one of the most important factors that should be considered. In this paper, we propose clustering-based routing protocol for dynamic networks (CRPD) to reduce energy consumption and improve energy efficiency through clustering and routing algorithms. The basic idea is to periodically update the network topology and select the node with larger degree and high residual energy as the cluster head to be responsible for data aggregation and transmission. With the nodes moving, joining, and choosing the optimal clustering radius, the energy load of the whole network can be evenly distributed to each sensor node, which can significantly prolong the network lifetime. Extensive simulations show that CRPD is more energy-efficient than the existing protocols.     

Announced dynamic access probability protocol for next generation wireless networks

A multiple access protocol that is particularly suitable for cellular Internet access and satellite-based networks with on-board processing is developed in this paper. The basic idea is that when a user wishes to send a message, it transmits with probability p_access that depends on the load on the channel. Under conditions of low load, the probability p_access approaches 1, while at high load p_access is relatively low. This media access control protocol guarantees high channel utilization at high load, as well as low delay at low load periods. Using the statistical usage of the shared channel, the load is estimated with certain uncertainty. Our analysis shows that using the statistical usage of the shared channel, the optimal access probability can be well estimated for a broad class of load distribution patterns. In addition, we propose to use a central station to broadcast the value of p_access in networks with poor collision detection capability, or long feedback delay. The proposed method is particularly suitable for shared channels with poor collision detection capability, under conditions of bursty traffic and a large number of users. Examples for such channels are the reservation channel in satellite-based networks with on-board processing, and the control channel in cellular networks. Hence, the proposed method can be used for cellular Internet access and for accessing public satellite-based networks. The broadcast mechanism that already exists in such networks can be used to inform the users the dynamic access probability.     

A protocol for deadlock-free dynamic reconfiguration in high-speedlocal area networks

High-speed local area networks (LANs) consist of a set of switches interconnected by point-to-point links, and hosts linked to those switches through a network interface card. High-speed LANs may change their topology due to switches being turned on/off, hot expansion, link remapping, and component failures. In these cases, a distributed reconfiguration protocol analyzes the topology, computes the new routing tables, and downloads them to the corresponding switches. Unfortunately, in most cases, user traffic is stopped during the reconfiguration process to avoid deadlock. These strategies are called static reconfiguration techniques. Although network reconfigurations are not frequent, static reconfiguration such as this may take hundreds of milliseconds to execute, thus degrading system availability significantly. Several distributed real-time applications have strict communication requirements; Distributed multimedia applications have similar, although less strict, quality of service (QoS) requirements. Both stopping packet transmission and discarding packets due to the reconfiguration process prevent the system from satisfying the above requirements. Therefore, in order to support hard real-time and distributed multimedia applications over a high-speed LAN, we need to avoid stopping user traffic and discarding packets when the topology changes. In this paper, we propose a new deadlock-free distributed reconfiguration protocol that is able to asynchronously update routing tables without stopping user traffic. This protocol is valid for any topology, including regular as well as irregular topologies. It is also valid for packet switching as well as for cut-through switching techniques and does not rely on the existence of virtual channels to work. Simulation results show that the behavior of our protocol is significantly better than for other protocols based on stopping user traffic     

LPDQ: A self-scheduled TDMA MAC protocol for one-hop dynamic low-power wireless networks

Current Medium Access Control (MAC) protocols for data collection scenarios with a large number of nodes that generate bursty traffic are based on Low-Power Listening (LPL) for network synchronization and Frame Slotted ALOHA (FSA) as the channel access mechanism. However, FSA has an efficiency bounded to 36.8% due to contention effects, which reduces packet throughput and increases energy consumption. In this paper, we target such scenarios by presenting Low-Power Distributed Queuing (LPDQ), a highly efficient and low-power MAC protocol. LPDQ is able to self-schedule data transmissions, acting as a FSA MAC under light traffic and seamlessly converging to a Time Division Multiple Access (TDMA) MAC under congestion. The paper presents the design principles and the implementation details of LPDQ using low-power commercial radio transceivers. Experiments demonstrate an efficiency close to 99% that is independent of the number of nodes and is fair in terms of resource allocation.     

A revocable ID-based authenticated group key exchange protocol with resistant to malicious participants

Authenticated group key exchange (AGKE) protocol provides secure group communications for participants in cooperative and distributed applications over open network environments such as the Internet and wireless networks. In the past, a number of AGKE protocols based on the identity (ID)-based public key system (IDPKS) have been proposed, called ID-AGKE protocols. In the IDPKS system, users’ identities are viewed as the public keys to eliminate certificate management of the traditional certificate-based public key system. Nevertheless, any certificate-based public key systems or IDPKS systems must provide a revocation mechanism to revoke misbehaving/compromised users from the public key systems. However, there was little work on studying the revocation problem of the IDPKS system. Quite recently, Tseng and Tsai presented a new ID-based encryption scheme and its associated revocation mechanism to solve the revocation problem efficiently, called revocable ID-based public key system (R-IDPKS). In this paper, we follow Tseng and Tsai’s R-IDPKS system to propose the first revocable ID-AGKE (RID-AGKE) protocol. Security analysis is made to demonstrate that the proposed RID-AGKE protocol is a provably secure AGKE protocol and can resist malicious participants. As compared to the recently proposed ID-AGKE protocols, the proposed RID-AGKE protocol is provably secure and has better performance while providing an efficient revocation mechanism.     

A biometric-based authenticated key agreement scheme for session initiation protocol in ip-based multimedia networks

Multimedia Tools and Applications - Session Initial Protocol (SIP) has been widely adopted for signaling and controlling interactive sessions in multimedia communication networks. Despite its...     

A randomized algorithm for the joining protocol in dynamic distributed networks

We describe a randomized algorithm for assigning neighbours to vertices joining a dynamic distributed network. The aim of the algorithm is to maintain connectivity, low diameter and constant vertex degree. On joining each vertex donates a constant number of tokens to the network. These tokens contain the address of the donor vertex. The tokens make independent random walks in the network. A token can be used by any vertex it is visiting to establish a connection to the donor vertex. This allows joining vertices to be allocated a random set of neighbours although the overall vertex membership of the network is unknown. The network we obtain in this way is robust under adversarial deletion of vertices and edges and actively reconnects itself.     

Pricing and hedging derivative securities with neural networks:Bayesian regularization, early stopping, and bagging

We study the effectiveness of cross validation, Bayesian regularization, early stopping, and bagging to mitigate overfitting and improving generalization for pricing and hedging derivative securities with daily S&P 500 index daily call options from January 1988 to December 1993. Our results indicate that Bayesian regularization can generate significantly smaller pricing and delta-hedging errors than the baseline neural-network (NN) model and the Black-Scholes model for some years. While early stopping does not affect the pricing errors, it significantly reduces the hedging error (HE) in four of the six years we investigated. Although computationally most demanding, bagging seems to provide the most accurate pricing and delta hedging. Furthermore, the standard deviation of the MSPE of bagging is far less than that of the baseline model in all six years, and the standard deviation of the average HE of bagging is far less than that of the baseline model in five out of six years. We conclude that they be used at least in cases when no appropriate hints are available.     

高效无线通信匿名认证密钥协商协议

针对Li-Lee协议通信开销大、计算复杂性高等缺陷,提出一种改进的高效匿名认证密钥协商协议。在保留原协议安全属性基础上,重新设计原协议中本地代理与外地代理通信会话密钥建立机制,支持会话密钥更新功能。性能分析结果表明,与Li-Lee协议相比,改进协议具有通信成本低、计算开销小等优势,更适用于无线通信应用环境。     

An ant-swarm inspired dynamic multiresolution data dissemination protocol for wireless sensor networks

One of the main concerns of wireless sensor networks (WSNs) is to deliver useful information from data sources to users at a minimum power consumption due to constraints that sensor nodes must operate on limited power sources for extended time. In particular, achieving power-efficiency and multihop communication in WSN applications is a major issue. This paper continues on the investigation of a recently proposed Minimum-power Multiresolution Data Dissemination (MMDD) problem for WSNs (whose solution is considered here as a benchmark). We propose an ant-inspired solution to this problem. To the best of our knowledge, no attempts have been made so far in this direction. We have evaluated the performance of our proposed solution by conducting a variety of experiments and have found our solution to be promising in terms of total energy consumption in data dissemination.     

A secure three-factor-based authentication with key agreement protocol for e-Health clouds

The Journal of Supercomputing - The rapid development of electronic healthcare (e-Health) has brought great convenience to people’s life. In order to guarantee the security of users, a large...