安全多方信息比较相等协议及其应用

安全多方信息比较协议是一个由两方向多方进行推广的问题,可以在不泄漏各个参与方信息的情况下比较出多方信息是否全部相等以及得到具有相等信息的参与方的数目.该问题的研究目前尚没有见到报道.本文在半诚实模型下利用设计的F函数和具有语义安全性的加法同态加密体制设计了一个安全多方信息比较协议;分析了该协议的正确性,安全性和效率.该方案在安全多方计算研究中有广泛应用.     

有理数相等的保密判定

安全多方计算是近年来国际密码学界研究的热点.数据相等保密判定是安全多方计算的一个基本问题,在指纹匹配和关键词搜索等现实问题中有广泛的应用,因此研究数据相等保密判定有重要的理论与实际意义.本文协议I利用Paillier加密算法高效实现了两个有理数相等的保密判定,协议II基于椭圆曲线同态加密算法安全高效计算多个有理数相等判定问题,并且最后给出了恶意模型下的有理数相等保密判定协议.     

基于LWE的集合相交和相等的两方保密计算

利用格上LWE (Leaning With Error)困难性假设,将保密地比较两个数是否相等转化为判断对随机串加密后的解密是否正确,有效地解决了数和集合关系的判定、求集合交集和集合相等安全多方计算问题,并利用模拟范例证明该协议在半诚实模型下是安全的。与传统的基于数论的协议相比,该方案由于不需要模指数运算,因而具有较低的计算复杂度,同时因其基于格中困难问题,因而能抵抗量子攻击。     

保护私有信息的图形相似判定

目前,关于几何图形的相似问题仅限于多边形的相似,而一般几何图形相似的问题还没有研究.本文利用单向散列函数首先设计了保密判断两个数是否相等的协议、保密矩阵和向量是否相等的协议;最终,利用矩阵和向量相等的协议设计了保密判断图形是否同构和图形是否相似的协议.给出了以上协议的安全性证明、仿真实验与效率分析,实验数据表明本文保密的图形相似判定协议效率是两个多边形相似协议效率的889倍.图形相似的保密判定问题是一个全新的安全多方计算几何问题,本文研究成果可应用在分子生物学、机械工程和地形匹配等领域.     

基于分层时间有色Petri网的支付协议公平性分析

电子支付协议是一种重要的电子商务协议,公平性是其重要的安全属性之一。该文提出一种基于分层时间有色Petri网(HTCPN)的电子支付协议形式化分析方法。该方法在进行公平性分析时,充分考虑了两个环境因素:主体是否诚实和通信信道是否可靠,与其他形式化方法相比,可以更有效地分析协议公平性。使用该方法对典型支付协议IBS协议进行分析,分析结果验证了所提模型和方法的有效性。     

简单证明一个承诺值在特定区间内

顾客想向销售商证明其银行帐户上的钱足以购买某种商品,但不愿意泄露她帐户上的钱,因此需要一个工具证明一个承诺数在特定的区间内.目前多数这样的协议要么不能实现完整的证明,要么效率较低.本文给出了一个新的协议,协议简单、易于理解.它能够实现完整的证明,其效率比已知的协议更高.该协议可以用于电子现金、群签名、可证实加密等安全协议设计.     

用分治算法求大整数相乘问题的进一步分析

对利用分治算法解决大整数相乘问题作了进一步深入的研究和分析.在原来的分治算法的基础上,将输入规模为n的两个大整数各分成规模相等的k(2≤k≤n)部分,证明了通过恒等变形可将其乘积中的k²次乘法降为k(k+1)/2次;给出了计算两个大整数乘积的计算复杂度;证明了利用分治算法将两个大整数各分成规模相等的两部分来进行处理时的计算复杂度是最小的,进而表明利用分治算法将大整数各分成规模相等的两部分来进行处理是合理的.     

有理区间的安全多方计算与应用

本文研究了有理数与有理区间的位置关系以及两个有理区间位置关系的安全多方计算.它们已广泛应用于数据库匹配、定位搜索等领域,是保密科学计算的一个重要分支.但目前已有文献在解决有理数与有理区间的位置关系时提出的协议效率较低,且两个有理区间位置关系问题的研究较为有限.针对这些问题,本文首先用多项式表示区间,将有理数与有理区间位置关系问题转化为整数向量的内积符号判定问题,设计了新的有理数与有理区间的保密计算协议.其次,以有理数与有理区间协议作为基础模块,设计了两个有理区间位置关系的保密计算协议.最后,理论分析及实验结果均表明本文方案是安全高效的,并给出了本文协议在有理数域上的百万富翁问题及计算几何问题的应用.     

无后台服务器的射频识别标签安全查询协议

在许多射频识别(RFID)应用中,经常需要在多个标签中确定某个特定标签是否存在。在这种环境下,标签查询协议必不可少。然而,已有的协议要么存在安全漏洞,要么查询效率低下。利用Hash函数和时间戳,提出一个无后台服务器的RFID标签查询协议。GNY逻辑被用于证明新协议的正确性。分析显示提出的协议可以高效的实现特定标签的查询,且能够抵抗一些主要攻击,实现对标签隐私的保护。     

一种改进的应用于多模式串匹配的KR算法

Karp-Rabin算法是利用hash函数的特性进行字符串匹配的算法.KR算法对模式串和循环中每一次要匹配的子串按一定的hash函数求值,如果hash值相同,才进一步比较这2个串是否真正相等.Karp-Rabin算法适用于多个字符串匹配.该算法所需要的空间存储很小,相比AC算法在空间占用上具有很大的优势.本文首先将模式串进行合适的分类,求出模式串半段对应的哈希值,然后对目标段按照模式串的基准长度进行分段,每次比较目标段是否含有模式串的半段,若含有,则继续比较;否则,继续进行下一个目标段的匹配.最后通过实验验证,证明了算法的有效性.     

门限多重秘密共享方案

本文提出了一个门限多重秘密共享方案,其安全性依赖于RSA数字签名的安全性,即大数分解的困难性.该方案具有如下特点:参与者的子秘密可反复使用,可用来共享任意多个秘密;能有效预防管理员欺诈及参与者之间的互相欺骗;此外,在验证是否有欺诈行为存在的过程中,不需要执行交互协议.     

一种无纠缠态的量子秘密共享协议

秘密共享是指将一个秘密按适当的方式进行隐藏或拆分,只有若干个参与者一同协作才能恢复该秘密,该技术在云计算领域中能够确保信息安全和数据保密.提出了一种不使用纠缠态的量子秘密共享协议,通过使用量子密码算法确保系统的安全性.相比其他的秘密共享协议,该协议具有以下优点:与传统的基于数论的秘密共享协议相比,本协议由于使用量子通信的技术,从而能够有效抵抗Shor算法攻击;相比其他的量子秘密共享协议,由于本协议没有使用量子纠缠态,在技术程度上更容易实现;如果存在攻击者或恶意的参与者,该协议能够在秘密恢复过程中迅速发现,避免恢复错误的秘密.     

基于秘密认证的可验证量子秘密共享协议

该文针对量子秘密共享协议难以抵抗内部成员欺骗攻击的问题，采用秘密认证的方法提出可验证量子秘密共享协议的一般性模型，基于Bell态双粒子变换提出一种新验证算法，并以此给出一个新的可验证量子秘密共享协议。与现有的量子秘密共享协议的验证算法相比，新验证算法既能有效抵抗内部成员欺骗攻击等典型的攻击策略，又可大幅提升协议效率，而且可以与现有量子秘密共享协议相结合，具备很好的可扩展性。     

Cryptanalysis of a data security protection scheme for VoIP

A voice-over-Internet protocol technique with a new hierarchical data security protection (HDSP) scheme using a secret chaotic bit sequence has been recently proposed. Some insecure properties of the HDSP scheme are pointed out and then used to develop known/chosen-plaintext attacks. The main findings are: given n known plaintexts, about (100-(50/2/sup n/))% of secret chaotic bits can be uniquely determined; given only one specially-chosen plaintext, all secret chaotic bits can be uniquely derived; and the secret key can be derived with practically small computational complexity when only one plaintext is known (or chosen). These facts reveal that HDSP is very weak against known/chosen-plaintext attacks. Experiments are given to show the feasibility of the proposed attacks. It is also found that the security of HDSP against the brute-force attack is not practically strong. Some countermeasures are discussed for enhancing the security of HDSP and several basic principles are suggested for the design of a secure encryption scheme.     

Statistical secrecy and multibit commitments

We present and compare definitions of “statistically hiding” protocols, and we propose a novel statistically hiding commitment scheme. Informally, a protocol statistically hides a secret if a computationally unlimited adversary who conducts the protocol with the owner of the secret learns almost nothing about it. One definition is based on the L₁-norm distance between probability distributions, the other on information theory. We prove that the two definitions are essentially equivalent. We also show that statistical counterparts of definitions of computational secrecy are essentially equivalent to our main definitions. Commitment schemes are an important cryptologic primitive. Their purpose is to commit one party to a certain value, while hiding this value from the other party until some later time. We present a statistically hiding commitment scheme allowing commitment to many bits. The commitment and reveal protocols of this scheme are constant-round, and the size of a commitment is independent of the number of bits committed to. This also holds for the total communication complexity, except of course for the bits needed to send the secret when it is revealed. The proof of the hiding property exploits the equivalence of the two definitions     

Tree-LSHB+: An LPN-Based Lightweight Mutual Authentication RFID Protocol

In this paper, we propose an enhancement of the Tree-based authentication protocol, named as the Tree-LSHB+ protocol. The protocol is a lightweight authentication protocol that is suitable for use in radio frequency identification (RFID) systems. Compared with the Tree-based HB authentication protocol, our protocol provides mutual authentication in authentication stage. The authentication keys stored in the reader and the tag are also updated when the mutual authentication succeeds. It means that two drawbacks can be avoided in the Tree-based authentication protocol, one is that only the reader authenticates the tag and the other is that the secret keys stored in the tags remain unchanged all the time. We also improve the performance of Tree-based protocol with the property of Toeplitz matrix and find that the Tree-LSHB+ protocol is still a good choice for RFID authentication.     

新型有效的秘密共享方案

提出了一种新的秘密共享方案。该方案分两层实现:上层,基于Stern-Brocot树把一个大的秘密拆分为t个小整数(子秘密);底层,借鉴一维元胞自动机模型中的进化方法,把上层的t个子秘密作为初始状态,动态生成各参与者的共享。特别地,该方案能够动态扩展参与者,动态调整门限值,动态更新秘密和共享。另外,还具有计算简单,各参与者共享份额短的优点。分析结果表明,该方案安全、有效。     

An Identity-Based Group Key Agreement Proto col for Low-Power Mobile Devices

In wireless mobile networks, group mem-bers join and leave the group frequently, a dynamic group key agreement protocol is required to provide a group of users with a shared secret key to achieve cryptographic goal. Most of previous group key agreement protocols for wireless mobile networks are static and employ traditional PKI. This paper presents an ID-based dynamic authen-ticated group key agreement protocol for wireless mobile networks. In Setup and Join algorithms, the protocol re-quires two rounds and each low-power node transmits con-stant size of messages. Furthermore, in Leave algorithm, only one round is required and none of low-power nodes is required to transmit any message, which improves the e?-ciency of the entire protocol. The protocol’s AKE-security with forward secrecy is proved under Decisional bilinear in-verse Di?e-Hellman (DBIDH) assumption. It is addition-ally proved to be contributory.     

A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks

Password‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd.     

Efficient multi-secret image sharing based on Boolean operations

(n,n) visual secret sharing (VSS), first proposed by Naor and Shamir (1995) [4], is used to encode (encrypt) a secret image into n meaningless share images to be superimposed later to decode (decrypt) the original secret by human visual system after collecting all n secret images. In recent years, VSS-based image sharing (encryption) and image hiding schemes, two of a variety of applications based on VSS, have drawn much attention. In this paper, an efficient (n+1,n+1) multi-secret image sharing scheme based on Boolean-based VSS is proposed to not only keep the secret images confidential but also increase the capacity of sharing multiple secrets. The Boolean-based VSS technology, used to encode the secret images, generates n random matrices; then the n secret images are subsequently encoded into the n+1 meaningless share images. It is worthwhile to note that n secret images can be hidden by means of sharing only n+1 share images in the proposed scheme instead of 2n share images. Thus, the present scheme thus benefits from (1) reducing the demand of image transmission bandwidth, (2) easing the management overhead of meaningless share images, and (3) involving neither significant extra computational cost nor distortion for reconstructed secret images. The experimental results show the performance in terms of feasibility and image sharing capacity. Applied into image hiding schemes, the proposed scheme can enhance the hiding capacity.