Anonymous and secure electronic transaction protocol

We present a new protocol for electronic transactions which is not only secure but also anonymous, the latter characteristic being obtained by associating an encryption device with a chip card. Security is ensured by the use of encryption, electronic signature and authentication. In order to check the validity of the security properties enforced by the protocol, a model and a specification are provided. The protocol modeling language is a process algebra with value passing extended by an observation mechanism allowing the specification of security levels, by cryptographic primitives, and by a function call feature on private channels allowing the modeling of interactions with the crypto-system. The anonymity is expressed by an information flow property. The verification method, based on cosimulation, is proved consistent and complete and analysis confirms that this approach ensures not only anonymity (thanks to the fact that the client never discloses to the merchant any information permitting his identification), but also the quasi-impossibility of any fraudulent transaction.     

A PTD‐based transaction protocol for public transportation

Advances in wireless network technology and the increasing number of users of the personal trusted device (PTD) make the PTD an ideal channel for offering personalized services to mobile users. In this paper, we propose using a PTD as a payment tool in a mobile transaction system for public transportation. To overcome the inherent weakness of computing resources in a PTD, we use a trusted observer to coordinate the mobile transaction and to integrate cryptology (such as a digital signature and a one‐way hash function). The proposed scheme satisfies the requirements for mobile transactions. These requirements include fairness, non‐repudiation, anonymity, off‐line capability, no forgery, efficient verification, simplicity, and practicability. Because a PTD is more portable and personal than a personal computer and because the public transportation can be a necessity in our daily lives, our scheme proposes a novel use of PTDs in mobile commerce. Copyright © 2008 John Wiley & Sons, Ltd.     

一种改进的安全电子交易协议

引 言 随着网络的普及,电子商务对金融服务行业将产生巨大的影响。付费系统及其相关金融机构将在电子商务领域扮演极其重要的角色。安全电子交易协议(SET)凭其高安全性成为公开网络上最受欢迎的电子付费协议之一。但为了满足众多     

A lightweight identity authentication protocol for vehicular networks

In vehicular ad-hoc networks (VANETs), vehicles perform a handover procedure in order to connect to the next RSU. In general, the handover procedure comprises two stages, namely searching for an appropriate road side unit (RSU) to connect to and performing an authentication procedure with the selected RSU. Since the vehicles in a VANET typically have a high mobility, frequent handover operations are required, and thus the transmission delay is inevitably increased. Accordingly, this paper proposes an authentication method designated as LIAP (Lightweight Identity Authentication Protocol) to reduce the handover authentication delay. LIAP employs a DSSP (Dynamic Session Secret Process) method to improve the speed and computational efficiency of the authentication process whilst simultaneously concealing the sensitive information of the vehicle. The security analysis results and performance evaluations show that LIAP not only provides an efficient and confidential authentication capability, but also preserves the robustness of the VANET toward malicious attacks.     

Otway-Rees协议改进及形式化证明

选取认证密钥分配协议Otway-Rees协议作为研究对象,利用协议组合逻辑（PCL）作为协议证明工具,对安全协议形式化分析及证明进行了研究。首先给出了Otway-Rees协议常见的攻击形式,分析了存在的缺陷,提出了改进方案（AOR协议）;然后,为了更好地形式化描述AOR协议,对传统的PCL进行一定的扩展;紧接着,用扩展后的PCL对改进的协议中各个实体的行为和协议的安全属性进行形式化描述,将改进后的协议进行模块化划分,并利用PCL进行组合证明;最后,得出改进后的AOR协议具有密钥保密属性。     

A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol

We present a cryptographically sound security proof of the well-known Needham-Schroeder-Lowe public-key protocol for entity authentication. This protocol was previously only proved over unfounded abstractions from cryptography. We show that it is secure against arbitrary active attacks if it is implemented using standard provably secure cryptographic primitives. Nevertheless, our proof does not have to deal with the probabilistic aspects of cryptography and is, hence, in the scope of current automated proof tools. We achieve this by exploiting a recently proposed Dolev-Yao-style cryptographic library with a provably secure cryptographic implementation. Besides establishing the cryptographic security of the Needham-Schroeder-Lowe protocol, our result exemplifies the potential of this cryptographic library and paves the way for the cryptographically sound verification of security protocols by automated proof tools.     

A LoRa-based protocol for connecting IoT edge computing nodes to provide small-data-based services

Data is becoming increasingly personal. Individuals regularly interact with a variety of structured data, ranging from SQLite databases on the phone to personal sensors and open government data. The “digital traces left by individuals through these interactions” are sometimes referred to as “small data”. Examples of “small data” include driving records, biometric measurements, search histories, weather forecasts and usage alerts. In this paper, we present a flexible protocol called LoRaCTP, which is based on LoRa technology that allows data “chunks” to be transferred over large distances with very low energy expenditure. LoRaCTP provides all the mechanisms necessary to make LoRa transfer reliable by introducing a lightweight connection setup and allowing the ideal sending of an as-long-as necessary data message. We designed this protocol as communication support for small-data edge-based IoT solutions, given its stability, low power usage, and the possibility to cover long distances. We evaluated our protocol using various data content sizes and communication distances to demonstrate its performance and reliability.     

一种基于光子偏振旋转的量子身份认证方案

实际的量子密钥分发过程中,传输损耗和探测器的效率都直接影响密钥的产生效率。量子身份认证需要通信双方保证认证信息的完整性。针对以上问题,提出了一种基于光子偏振旋转的量子身份认证协议,利用对认证信息的重复编码解决传输损耗问题。考虑到协议的安全性,该协议在相邻的有效认证量子态间编入随机态。安全性分析表明该协议可成功抵御截取重发攻击以及光子数劈裂攻击。在此基础上,设计了现有技术条件下可操作的认证系统方案,考虑了传输损耗和探测效率,具有实用意义。     

Modbus/TCP协议事务调度的研究

介绍Modbus/TCP协议的事务处理模式在SCADA采集子系统中的应用,分析多事务调度的采集方式.研究表明,采用多事务异步调用技术的SCADA采集子系统具有较高的采集率,能够保证系统高效稳定运行.     

视觉零知识身份认证的研究

零知识证明协议是一种非常强大的密码系统。大部分的零知识身份识别方案的安全性是基于复杂的数学算法,和交互双方大规模的计算,即证明者和示证者。而视觉密码技术是一种特别的不需要了解密码学和相应的复杂的数学计算的密码学。因此提出了一个新的基于视觉密码的零知识身份证明方法,克服了当前零知识身份证明协议依赖计算设备和复杂计算。     

基于零知识证明的前向安全数字签名方案

提出了一种基于零知识证明协议的前向安全数字签名的新方案。新方案在因子分解、离散对数及二次剩余问题困难的假设下，在随机oracle模型下是前向安全的。     

安全电子交易协议的一种改进支付模型研究

文章从分析原有SET协议支付流程的复杂性出发,将SET的支付流程按客户的安全需要改进为低级SSL、中级SET和高级SET 3种支付级别,较好地解决了原交易过程中需要多方相互认证、复杂度高、维护成本高、交易速度慢等问题。进而在多级安全支付的处理流程上提出一种改进的SET支付模型,为进一步研究电子商务的安全支付问题给出了一个参考。     

浅谈基于哈希函数的RFID身份认证协议

对基于哈希函数的RFID身份认证协议进行了简要的介绍,对多个协议的安全性能进行了详细的分析和比较,指出其存在的安全缺陷,并提出相应的改进思路。     

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Hao proposed the YAK as a robust key agreement based on public‐key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two‐party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie‐Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols.     

A language-based approach to protocol implementation

Morpheus is a special-purpose programming language that facilitates the efficient implementation of communication protocols. Protocols are divided into three categories, called shapes, so that they can inherit code and data structures based on their category. The programmer implements a particular protocol by refining the inherited structure. Morpheus optimization techniques reduce per-layer overhead on time-critical operations to a few assembler instructions even though the protocol stack is not determined until run time. This supports divide-and-conquer simplification of the programming task by minimizing the penalty for decomposing complex protocols into combinations of simpler protocols     

A publicly verifiable lossless watermarking scheme for copyright protection and ownership assertion

In this paper, a discrete cosine transform based copyright protection scheme that does not require the original image for logo verification is proposed. Features of logistic map and discrete cosine transform are used to generate the verification map. Digital signature and timestamp are used to make copyright proving publicly verifiable. We have combined cryptographic tools and digital watermarking, in order to enhance the security and reliability of copyright protection. In addition, chaotic map is used to generate a chaotic pattern image, which can be used as secret key to improve the security of proposed algorithm. Experiments are conducted to show the robustness and effectiveness of the proposed algorithm. Experimental results show that our scheme outperforms related works in most of the cases.     

A program to provide information on the accuracy of electrical measurements

This paper describes a program for disseminating state-of-the-art information concerning accuracies in certain electrical measurements. The program is to be carried out by IRE Subcommittee 25.1, Basic Standards and Calibration Methods, who will employ task groups made up of representatives from industrial, government, and educational institutions for assistance in assembling information and preparing reports. The initiation of the work has been approved by IRE Committee 25, Measurements and Instrumentation, and IRE Committee 20, Standards. A discussion is given of the needs, plans, procedures and benefits of the program. Since the entire electrical industry can benefit greatly by this effort, this paper is being published so that members of the IRE can become acquainted with it and submit constructive suggestions for the implementation and extension of the program.     

公路网化票据管理系统的研究与设计

介绍了基于BorlandBDE数据库 ,以Delphi为开发工具 ,以TCP IP协议为标准的 ,基于PSTN的网络数据库的应用程序 ,开发出的黑龙江省公路网化票据系统软件。基本解决了目前公路收费管理复杂性、多样性的问题 ,使公路收费领域管理水平达到信息化、网络化的国内先进水平。     

移动交易业务的承载技术与安全技术分析

移动交易业务具有方便、快捷、安全的自身特点，这决定了它将具有巨大的发展潜力。本文就移动交易业务中所用到的主要承载如短消息技术和WAP技术进行了介绍，并就利用短消息进行业务开展的几种安全模型构架及适应的阶段进行了研究，就现有WAP版本的安全性进行了分析，同时提供了一种基于WPKI技术的端到端安全模型构架。最后从安全角度出发在技术、政策等方面就目前移动交易业务的开展提出了几点建议。     

A real-time VLC to UART protocol conversion system

A real-time visible light communication(VLC) to universal asynchronous receiver/transmitter(UART) conversion system is made up of a transmitter with a light emitting diode(LED) and a receiver with a photodiode(PD), by which a VLC system is connected to traditional communication modes, and the data are transferred by wireless visible light. UART packets are converted to light packets by the modulation of a 10 k Hz on-off-keying(OOK) light signal, and the data losses in the transportation are avoided by the protection of a data buffer mechanism. The experimental results reveal that the real-time VLC to UART conversion system can provide a real-time VLC transmission way for two UART devices in not less than 10 m at a baud rate not less than 19 200 Bd with stable ambient lighting at the same time.