不使用Hash和Redundancy函数的认证加密方案

本文提出了一类新的认证加密方案,这类方案首次将消息可恢复签名和对称加密有机结合.它有两个特点,一个是签名中的承诺值只有预定的接收者才能算出,从而又可将该承诺值用作对称加密的密钥,取得一举两得之功效;另一个是用签名中恢复出的消息与对称解密得到的消息相比较,实现消息有效性的验证,改变了传统上使用Hash函数或Redundancy函数的验证方法.因此本文提出的新方案是一类不使用Hash函数和Redundancy函数的认证加密方案,     

量子消息认证协议

研究了在量子信道上实现经典消息和量子消息认证的方法。给出了一个基于量子单向函数的非交互式经典消息认证加密协议。证明了给出的协议既是一个安全的加密方案,也是一个安全的认证方案。利用该认证加密协议作为子协议,构造了一个量子消息认证方案,并证明了其安全性。与BARNUM等给出的认证方案相比,该方案缩减了通信双方共享密钥的数量。     

传感器网络加密方案的探讨

提出了一种传感器网络中的加密方案,该方案不需要基站的参与,认证密钥和加密密钥可由通信双方根据共享的会话密钥自主地计算,因而具有良好的可扩展性;方案在加密过程中使用了计数器和消息认证码,从而较好地满足了传感器网络的安全需求.     

一种基于环上LWE的广义签密方案

广义签密可以灵活地工作在签密、签名和加密三种模式,具有很强的实用性.本文结合基于格的签名方案和密钥交换协议,构造了一个无陷门的广义签密方案.方案构造中引入了区分函数,根据输入的发送方与接收方密钥情况来自动识别加密、签名和签密三种模式,保障了算法在这三种工作模式下的优美对称性.基于环上判定性LWE问题,并借鉴FO13的方法,证明了该方案满足自适用抗选择密文攻击不可区分性安全性(IND-CCA2)和自适用抗选择消息攻击强不可伪造性安全性(SUF-CMA).该方案是基于Fiat-Shamir的中止(abort)框架,没有用到复杂的原像抽样和陷门生成算法,具有较高的计算效率.     

基于密钥分配中心的混沌加密卡认证研究

本文分析了基于密钥分配中心(KDC)的密钥分配技术,为了防止会话密钥被篡改或泄露、消息的重放攻击,采用在认证过程中增设公开密钥和附加消息认证码的机制,并采用混沌加密算法产生伪随机序列,实现了认证和加密过程中的"一次一密".该研究结果有助于序列密码算法在信息安全及网络加密卡中的应用.     

提高混沌同步通信系统传输效率的方法

本文讨论了混沌同步数字通信系统的传 输效率,考察了驱动信号取样周期对同步性能的影响,适当选取取样周期,可减少驱动信号的数据量。由于传输效率与系统设计有关,本文提出一种利用时空混沌同步的加密通信方案,该方案将时空混沌信号用作加密密钥,每个驱动信号样本可使时空系统同时产生多个密钥, 对多个消息数据进行加密,从而有效地提高了数据传输效率,为实现语音信号在计算机网上的加密实时传输提供了一条新的途径。     

PBKDF2函数的一种快速实现

PBKDF2是公钥加密标准PKCS#5的一部分,它在各类加密软件和互联网中应用广泛.对基于口令的密钥导出函数PBKDF2的实现进行了分析,给出了该算法的一种快速实现的优化方案.对优化方案进行了理论分析,并针对802.11协议的WPA/WPA2-PSK认证进行了优化方案的实验,均表明优化方案的实现效率是优化前的两倍.通过进一步的分析还发现,依赖于PBKDF2的身份认证方案抵抗暴力攻击的能力最多只有预期的一半,因此应当增加其循环次数.     

加密邮件系统中基于身份的可搜索加密方案

在加密邮件系统中,公钥可搜索加密技术可以有效地解决在不解密的情况下搜索加密邮件的问题。针对公钥可搜索加密复杂的密钥管理问题,该文在加密邮件系统中引入了基于身份的密码体制。针对可搜索加密的离线关键字猜测攻击问题,该文采用了在加密关键字和生成陷门的同时进行认证,并且指定服务器去搜索加密电子邮件的方法。同时,在随机预言机模型下,基于判定性双线性Diffie-Hellman假设,证明方案满足陷门和密文不可区分性安全。数值实验结果表明,在陷门生成和关键字密文检测阶段,该方案与现有方案相比在计算效率上较高。     

一种移动Ad Hoc网络路由和数据安全方案设计

为了解决移动Ad Hoc网络所面临的路由安全和数据安全问题,基于加密技术,结合路由安全和数据安各自的特点,提出了一种简易、高效、可靠的路由和数据安全解决方案.针对路由安全,合理地采用基于非对称加密的路由测试认证;针对数据安全,采用基于对称加密的数据保护,节省了网络开销,并且在路由认证测试消息中封装对称密的密钥一起发送给解密方目的节点,巧妙利用非对称加密加强了对称加密密钥的安全性,弥补了对称加密的不足,进一步增强了数据安全.两种加密技术各展所长,相辅相成.通过GloMoSim仿真实验表明,该方案具备较高的安全性.     

基于SRv6协议的对称密钥生成与身份认证机制研究

对称加解密是保障传输数据安全的重要机制。对称加密技术具有高速、计算复杂度低的优点,但是安全性低于非对称加密机制。因此,在现代的数据安全传输过程中,一般使用非对称加解密与对称加解密相结合的来实现效率与安全性的均衡。但是,同时使用两种加密机制会带来密钥生成、分发与管理方面的问题。对此,文章提出一种基于SRv6协议实现的对称密钥生成和分发机制,该机制利用SRv6的路由机制来实现消息路由节点共同协商生成密钥,由此可以实现一次性对称加密密钥协商生成、分发与身份认证功能。相对于现有的机制,文章所提方案在安全性、便捷性方面具有突出优点。     

带消息恢复的可证明安全自证书签名方案

To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problem. This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated receiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes.     

Comments on A Signcryption

1　ＩｎｔｒｏｄｕｃｔｉｏｎＡｓｄｅｓｃｒｉｂｅｄｉｎＲｅｆ.[7],ａｓｉｇｎｃｒｙｐｔｉｏｎｓｃｈｅｍｅｉｓａｃｒｙｐｔｏｇｒａｐｈｉｃｍｅｔｈｏｄｔｈａｔｆｕｌｆｉｌｌｓｂｏｔｈｔｈｅｆｕｎｃ ｔｉｏｎｓｏｆｓｅｃｕｒｅｅｎｃｒｙｐｔｉｏｎａｎｄｄｉｇｉｔａｌｓｉｇｎａｔｕｒｅ,ｂｕｔｗｉｔｈａｃｏｓｔｓｍａｌｌｅｒｔｈａｎｔｈａｔｒｅｑｕｉｒｅｄｂｙｓｉｇｎａｔｕｒｅ ｔｈｅｎ ｅｎｃｒｙｐｔｉｏｎ .ＡｃｃｏｒｄｉｎｇｔｏＲｅｆ.[3 ],ａｄｉｇｉｔａｌｓｉｇｎａｔｕｒｅｗｉｔｈａｍｅｓｓａｇｅｒｅｃ…     

Publicly verifiable authenticated encryption

A new authenticated encryption scheme with public verifiability is presented. The new scheme requires less computational costs and communication overhead than the conventional signature-then-encryption approaches. Furthermore the message is not divulged during the public verification.     

一种基于身份的环签密方案

使用威尔配对,本文提出了一种基于身份的环签密方案,给出了具体的算法.该方案能够使消息的发送者以一种完全匿名的方式发送消息,并且同时实现保密性和认证性两种功能.我们证明了在决策双线性Diffie-Hellman问题难解的假设下,新提出的方案对自适应选择密文攻击是安全的.与传统的先签名后加密的方案相比,本方案中密文长度有了明显的降低,在低带宽的要求下更加可行.     

Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm

An authenticated encryption scheme is a symmetric encryption scheme whose goal is to provide both privacy and integrity. We consider two possible notions of authenticity for such schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the standard notions of privacy IND-CCA and NM-CPA (indistinguishability under chosen-ciphertext attack and nonmalleability under chosen-plaintext attack) by presenting implications and separations between all notions considered. We then analyze the security of authenticated encryption schemes designed by “generic composition,” meaning making black-box use of a given symmetric encryption scheme and a given MAC. Three composition methods are considered, namely Encrypt-and-MAC, MAC-then-encrypt, and Encrypt-then-MAC. For each of these and for each notion of security, we indicate whether or not the resulting scheme meets the notion in question assuming that the given symmetric encryption scheme is secure against chosen-plaintext attack and the given MAC is unforgeable under chosen-message attack. We provide proofs for the cases where the answer is “yes” and counter-examples for the cases where the answer is “no.” M. Bellare’s work was supported in part by a 1996 Packard Foundation Fellowship in Science and Engineering, NSF CAREER Award CCR-9624439, NSF grants CNS-0524765 and CNS-0627779, and a gift from Intel Corporation. C. Namprempre’s work was supported in part by grants of the first author and the Thailand Research Fund.     

A General Construction of Tweakable Block Ciphers and Different Modes of Operations

This work builds on earlier work by Rogaway at Asiacrypt 2004 on tweakable block cipher (TBC) and modes of operations. Our first contribution is to generalize Rogaway's TBC construction by working over a ring and by the use of a masking sequence of functions. The ring can be instantiated as either GF or as . Further, over GF, efficient instantiations of the masking sequence of functions can be done using either a binary linear feedback shift register (LFSR); a powering construction; a cellular automata map; or by using a word-oriented LFSR. Rogaway's TBC construction was built from the powering construction over GF. Our second contribution is to use the general TBC construction to instantiate constructions of various modes of operations including authenticated encryption (AE) and message authentication code (MAC). In particular, this gives rise to a family of efficient one-pass AE modes of operation. Out of these, the mode of operation obtained by the use of word-oriented LFSR promises to provide a masking method which is more efficient than the one used in the well known AE protocol called OCB1.     

An Authenticated Identity-Based Key Establishment and Encryption Scheme for Wireless Sensor Networks

1Introduction Wirelesscommunicationhasbeenahotissuesince1990.includingAdhocandwirelesssensornetworks,etc.Especially,WirelessSensorNetwork(WSN).Whichhasreceivedconsiderableattentionduringlast decade[1-2].Ithasbeendevelopedforawidevarietyof applications,inc…     

对两个可转变认证加密方案的分析和改进

该文对可转变认证加密进行了研究,指出了Wu-Hsu(2002)方案和Huang-Chang(2003)方案中存在的问题,分别给出了这两个方案的改进方案,很好地解决了认证加密方案的公开验证问题。