Fast Verification of Network Configuration Updates

With the expansion of network services, large-scale networks have progressively become common. The network status changes rapidly in response to customer needs and configuration changes, so network configuration changes are also very frequent. However, no matter what changes, the network must ensure the correct conditions, such as isolating tenants from each other or guaranteeing essential services. Once changes occur, it is necessary to verify the after-changed network. Whereas, for the verification of large-scale network configuration changes, many current verifiers show poor efficiency. In order to solve the problem of multiple global verifications caused by frequent updates of local configurations in large networks, we present a fast configuration updates verification tool, FastCUV, for distributed control planes. FastCUV aims to enhance the efficiency of distributed control plane verification for medium and large networks while ensuring correctness. This paper presents a method to determine the network range affected by the configuration change. We present a flow model and graph structure to facilitate the design of verification algorithms and speed up verification. Our scheme verifies the network area affected by obtaining the change of the Forwarding Information Base (FIB) before and after. FastCUV supports rich network attributes, meanwhile, has high efficiency and correctness performance. After experimental verification and result analysis, our method outperforms the state-of-the-art method to a certain extent.     

An Efficient and Practical Quantum Blind Signature Protocol with Relaxed Security Model

Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness. Owing to the potential unconditional security, quantum blind signature (QBS) is more advantageous than the classical ones. In this paper, an efficient and practical quantum blind signature scheme relaxed security model is presented, where quantum superposition, decoy qubits and hash function are used for the purpose of blindness. Compared with previous QBS scheme, the presented scheme is more efficient and practical with a relaxed security model, in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.     

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature (SAS) scheme and proves the security of the proposed scheme in the random oracle model. Aggregate signature (AS) schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively, and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Because of the aggregation of many signatures into a single short signature, AS and SAS schemes can reduce bandwidth and save storage; moreover, when a SAS is verified, not only the valid but also the order in which each signer signed can be verified. AS and SAS schemes can be applied to traffic control, banking transaction and military applications. Most of the existing AS and SAS schemes are based either on pairing or Rivest–Shamir–Adleman (RSA), and hence, can be broken by Shor’s quantum algorithm for Integer Factoring Problem (IFP) and Discrete Logarithm Problem (DLP). There are no quantum algorithms to solve syndrome decoding problems. Hence, code-based cryptography is seen as one of the promising candidates for post-quantum cryptography. This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory. Specifically, we construct our scheme with the first code based signature scheme proposed by Courtois, Finiasz and Sendrier (CFS). Compared to the CFS signature scheme without aggregation, the proposed sequential aggregate signature scheme can save about 90% storage when the number of signers is asymptotically large.     

Quantum pseudosignatures

A pseudosignature is a piece of evidence with which the receiver of a message can prove to other players the identity of the originator of that message. In contrast to a signature a pseudosignature has a restricted transferability. This paper presents the first quantum pseudosignature scheme where the resulting pseudosignature and the verification procedures are classical. Therefore no long-term quantum storage is needed for this scheme. It is proved that quantum pseudosignature schemes can be more resilient than any classical pseudosignature scheme: only collusion involving the signer can abort the proposed pseudosignature scheme, but then it becomes obvious that the signer must be cheating.     

Protected Fair Secret Sharing Based Bivariate Asymmetric Polynomials in Satellite Network

Verifiable secret sharing mainly solves the cheating behavior between malicious participants and the ground control center in the satellite network. The verification stage can verify the effectiveness of secret shares issued by the ground control center to each participant and verify the effectiveness of secret shares shown by participants. We use a lot of difficult assumptions based on mathematical problems in the verification stage, such as solving the difficult problem of the discrete logarithm, large integer prime factorization, and so on. Compared with other verifiable secret sharing schemes designed for difficult problems under the same security, the verifiable secret sharing scheme based on the Elliptic Curve Cryptography (ECC) system has the advantages of less computational overhead and shorter key. At present, the binary polynomial is a single secret scheme and cannot provide effective verification. Therefore, based on a Protected Verifiable Synchronous Multi Secret Sharing (PVS-MSS) scheme, this paper is designed based on bivariate asymmetric polynomials. The advanced verifiable attribute is introduced into the Protected Secret Sharing (PSS) scheme. This paper extends the protected synchronous multi-secret sharing scheme based on bivariate polynomial design. The ECC system constructs the security channel between the ground control center and participants and constructs the verification algorithm. Through the verification algorithm, any participant can verify the consistency and effectiveness of the secret shadow and secret share received from other participants or presented by the secret distribution center. Therefore, no additional key agreement protocol is required; participants do not need to negotiate the session key for encryption; the secret share polynomial can generate the session key between participants and speed up the secret reconstruction process. The verification stage has lower computational complexity than the verifiable scheme constructed by Rivest Shamir Adleman (RSA) and other encryption methods. Chinese Remainder Theorem (CRT) is used to update the secret shadow. The secret shadow does not need to be updated with the change of the scheme shared secret, and the public value update efficiency is higher. Reduce the complexity of sharing secret updates in a synchronous multi-secret sharing scheme.     

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.     

Distributed Secure Storage Scheme Based on Sharding Blockchain

Distributed storage can store data in multiple devices or servers to improve data security. However, in today's explosive growth of network data, traditional distributed storage scheme is faced with some severe challenges such as insufficient performance, data tampering, and data lose. A distributed storage scheme based on blockchain has been proposed to improve security and efficiency of traditional distributed storage. Under this scheme, the following improvements have been made in this paper. This paper first analyzes the problems faced by distributed storage. Then proposed to build a new distributed storage blockchain scheme with sharding blockchain. The proposed scheme realizes the partitioning of the network and nodes by means of blockchain sharding technology, which can improve the efficiency of data verification between nodes. In addition, this paper uses polynomial commitment to construct a new verifiable secret share scheme called PolyVSS. This new scheme is one of the foundations for building our improved distributed storage blockchain scheme. Compared with the previous scheme, our new scheme does not require a trusted third party and has some new features such as homomorphic and batch opening. The security of VSS can be further improved. Experimental comparisons show that the proposed scheme significantly reduces storage and communication costs.     

压力表检定数据采集自动化的实现

传统压力表的检定工作主要靠手工操作，检定效率低、劳动强度高。本文解决了压力表检定过程中数据采集软件与计量部门原有的计算机管理系统的接口问题，减少了检定员的工作量，也避免了数据处理和数据输入时可能产生的错误，大大提高工作效率。     

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network (VANET) is the fundamental of smart transportation system in the future, but the security of the communication between vehicles and vehicles, between vehicles and roadside infrastructures have become increasingly prominent. Certificateless aggregate signature protocol is used to address this security issue, but the existing schemes still have many drawbacks in terms of security and efficiency: First, many schemes are not secure, and signatures can be forged by the attacker; Second, even if some scheme are secure, many schemes use a large number of bilinear pairing operation, and the computation overhead is large. At the same time, the length of the aggregated signature also increases linearly with the increase of user numbers, resulting in a large communication overhead. In order to overcome the above challenges, we propose a new certificateless aggregate signature scheme for VANET, and prove the security of the scheme under the random oracle model. The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information. The new scheme does not use bilinear pairing operation, and the calculation efficiency is high. At the same time, the length of the aggregate signature of the new scheme is constant, thereby greatly reducing the communication and storage overhead. The analysis results demonstrate that the new scheme is not only safer, but also superior in performance to the recent related schemes in computation overhead and communication cost.     

An encryption/signature scheme with low message expansion

Abstract

Secrecy, authenticity and integrity are three major services provided by the public key cryptography. To provide these three services via the ElGamal public key cryptosystem and Signature scheme, the message expanding ratio is four and the overhead of communication is heavy. In this paper, a concurrent encryption/signature scheme will be proposed to provide these three services with a lower message expanding ratio. In the new scheme, the signer can encrypt and sign the message concurrently so the signature that serves as the ciphertext is a pair of integers. Thus the message expanding ratio can be decreased to two.     

New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

Factors that influence the independence of EIA follow-up verifiers: a developing country perspective

Independent verification is an important aspect of practice for ensuring the credibility of an Environmental Impact Assessment (EIA). However, the independence of verifiers such as checkers, auditors, and Environmental Control Officers, may be influenced by various factors that may lead to a conflict of interest between role-players in EIA and EIA follow-up. Identifying these factors is, therefore, important. A total of 18 factors were identified by analysing literature from established verification professions and data derived within the South African context by means of interviews and workshops dedicated to clarifying independence of verifiers. The factors were divided into five categories: financial; commercial; professional; personal; and other. By shedding light on factors that influence the independence of EIA follow-up verifiers, this research aids in anticipating and avoiding potential conflicts of interest.     

基于数据驱动的企业产品体验升级:以出行费控系统为例

目的 在企业数字化转型阶段,针对复杂的企业级产品体验设计,通过建立相关体验数据发现洞察问题,驱动产品体验升级.方法 通过采集体验维度的相关数据,使用数据分析法洞察体验问题,推动设计方案落地并进行数据验证.结论 通过收集主客观数据进行分析,得到一套基于数据驱动的体验升级方法,帮助产品高效地发现体验问题,推进体验改进方案落地,验证体验升级价值.从如何收集体验数据、建立数据参考线,使用满意度分析、链路分析等方法分析关键的体验问题到设计方案落地后的数据验证,实现了从问题定义到方案验证的体验升级闭环.     

Signature scheme based on the root extraction problem over braid groups

Several public key cryptosystems and authentication schemes based on the conjugator search and root extraction problems over braid groups have been proposed. However, security analysis showed that it is not necessary to solve the underlying conjugator search problem or the root extraction problem in order to break these public key cryptographic algorithms. Hence, these cryptographic primitives suffer from some security drawbacks. A digital signature scheme based on the root extraction problem over braid groups is proposed. It is proven that the only way for the attacker to forge a signature is to extract the eth root for a given braid in the braid group. It is also shown that given sufficiently many message-signature pairs, the attacker needs to solve an intractable problem, the group factorisation problem, in order to forge a signature. Furthermore, it is pointed out that the attacker cannot learn much useful information by reconstructing braid equations with respect to the public and secret keys. Performance analysis shows that the proposed signature scheme is efficient and practical, and the key sizes are acceptable. The computational overheads to sign a message and to verify a signature are only equivalent to several 1024-RSA modular multiplications.     

New Representative Collective Signatures Based on the Discrete Logarithm Problem

The representative collective digital signature scheme allows the creation of a unique collective signature on document M that represents an entire signing community consisting of many individual signers and many different signing groups, each signing group is represented by a group leader. On document M, a collective signature can be created using the representative digital signature scheme that represents an entire community consisting of individual signers and signing groups, each of which is represented by a group leader. The characteristic of this type of letter is that it consists of three elements (U, E, S), one of which (U) is used to store the information of all the signers who participated in the formation of the collective signature on document M. While storing this information is necessary to identify the signer and resolve disputes later, it greatly increases the size of signatures. This is considered a limitation of the collective signature representing 3 elements. In this paper, we propose and build a new type of collective signature, a collective signature representing 2 elements (E, S). In this case, the signature has been reduced in size, but it contains all the information needed to identify the signer and resolve disputes if necessary. To construct the approved group signature scheme, which is the basic scheme for the proposed representative collective signature schemes, we use the discrete logarithm problem on the prime finite field. At the end of this paper, we present the security analysis of the AGDS scheme and a performance evaluation of the proposed collective signature schemes.     

装配线仿真流程及其案例研究

针对目前装配线仿真研究缺少模型检验步骤而导致仿真结果不可信的问题,在总结目前装配线仿真研究的基础上,引入两次仿真模型有效性的检验过程,提出完整的装配线仿真流程。为验证该流程的有效性,以实际装配线为例,在分析布局与工艺流程的基础上,考虑物流线布局、瓶颈机器数量、AGV数量和AGV速度对产能的影响,设计并基于Plant Simulation软件建立24种方案。所有方案仿真模型有效性的检验通过后,通过比较各方案的产能与机器利用率得到最佳方案。仿真结果表明,优化后的产能较初始方案提升约227%,瓶颈机器利用率提升约51%,平均机器利用率提升约121%。所提仿真优化流程可行且有效,可为装配线仿真研究与应用提供指导,对其他生产领域的仿真研究也具有借鉴意义。     

A single-sensor PV system featuring an innovative auto-adjustment variable step-size MPPT method

This paper proposes a new maximum power point tracking (MPPT) method by introducing an auto-adjustment variable step-size algorithm that uses only a single sensor. This novel scheme solves the problem encountered by traditional variable step-size methods, which require an additional calculation of the constant value. The naturally varying trend of the proposed function in this paper is applied to serve as the auto-adjustment variable step size in the MPPT algorithm, thereby enabling the system to provide reliable transient and steady-state responses even during sharp weather changes. Furthermore, the proposed new MPPT method can also be applied in the presence of a partial shadow condition. The digital signal processor handles the feedback value and directs the PWM signal to drive the switch of the converter. The simulation and experimental results verify the reliable transient and steady-state performance of the PV system with the proposed method.     

基于动态黏结滑移性能的钢筋混凝土分离式模型研究

基于钢筋混凝土黏结滑移机理,搭建能够描述循环荷载作用下钢筋混凝土之间黏结性能变化过程的动态黏结-滑移本构关系,并结合单弹簧联结单元法建立钢筋混凝土分离式模型.模型避免了人为选择法向刚度困难的问题,并通过局部坐标系求解钢筋单元解决工程配筋布置问题,保证了复杂受力条件下的计算精度与计算效率.结合混凝土损伤模型进行经典算例分...     

振动载荷下鸡蛋缓冲包装有限元分析

目的 利用发明问题解决理论(TRIZ)对高速套袋机的移外袋装置进行优化,使移外袋装置能够将外袋准确地移动到指定位置。方法 首先利用TRIZ理论对移外袋装置的系统进行组件分析,并确定他们之间的相互关系,建立组件模型图;再根据因果链分析对初始问题进行全面深入的分析,找到隐藏于初始问题背后的深层次的缺点,最后利用TRIZ理论中的技术矛盾、技术系统进化和物场模型寻找解题思路。结果 利用TRIZ理论中的矛盾矩阵、标准解工具为移外袋装置获得了5种新的解决方案。 结论 利用TRIZ理论为移外袋装置的优化提供了新的思路,并且将获得的方案运用到实际样机中,解决了移外袋装置不能将外袋准确移动到指定位置的问题。