A secure and efficient conference scheme for mobile communications

A growing application area in mobile communications is mobile teleconferencing, in which a group of mobile users collaborate in an interactive procedure, such as a board meeting, a task force, a scientific discussion, or even a virtual classroom. Wireless communications transmit conversations via radio, making them more susceptible to eavesdropping and unauthorized access than are conversations carried via wires. Therefore, it is crucial to ensure confidentiality and authenticity in mobile teleconferencing. When deploying secure services in mobile teleconferences, it has to be taken into account that the mobility of users is usually built on portable devices with limited computing capability. A secure conference scheme for mobile communications needs to be executed efficiently on portable devices. We propose a new secure and efficient conference scheme for mobile communications. Based on a modular square root technique, this scheme is secure against eavesdropping, impersonating, and tracking attacks and allows a participant to join or quit a mobile teleconference dynamically. In addition, the scheme is particularly efficient on the mobile user's portable device because the mobile user needs to perform only single modular multiplication plus encryptions and decryptions of a secret key cryptosystem.     

Conference key distribution schemes for secure digital mobilecommunications

We propose a new service for digital mobile communication systems. The service enables two or more users to hold a secure conference. Two requirements must be considered: privacy and authentication. Privacy involves ensuring that an eavesdropper cannot intercept the conversations of the parties holding the conference. Authentication involves ensuring that service is not obtained fraudulently in order to avoid usage charges. We present two new conference key distribution schemes for digital mobile communication systems. In these schemes, a group of users can generate a common secret keg over a public channel so that they may hold a secure conference     

A secure conference scheme for mobile communications

A growing application area in mobile communications is mobile teleconference in which a group of mobile users collaborate in an interactive procedure, such as a board meeting, a task force, a scientific discussion, or even a virtual classroom. Wireless communications transmit conversations via radio, making them more susceptible to eavesdropping and unauthorized access than are conversations carried via wires. Therefore, it is crucial to ensure confidentiality and authenticity in a mobile teleconference. The authors design a new secure conference scheme for mobile communications. Based on a modular square root technique, this scheme is secure against eavesdropping, impersonating, and tracking attacks and allows a participant to join or quit a mobile teleconference dynamically.     

AN EFFICIENT AND SECURE （t, n） THRESHOLD SECRET SHARING SCHEME

Based on Shamir＇s threshold secret sharing scheme and the discrete logarithm problem, a new （t, n） threshold secret sharing scheme is proposed in this paper. In this scheme, each participant＇s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other participants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each participant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir＇s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.     

Security analysis on a conference scheme for mobile communications

The conference key distribution scheme (CKDS) enables three or more parties to derive a common conference key to protect the conversation content in their conference. Designing a conference key distribution scheme for mobile communications is a difficult task because wireless networks are more susceptible to attacks and mobile devices usually obtain low power and limited computing capability. In this paper we study a conference scheme for mobile communications and find that the scheme is insecure against the replay attack. With our replay attack, an attacker with a compromised conference key can cause the conferees to reuse the compromised conference key, which in turn completely reveals subsequent conversation content.     

双重门限秘密共享方案

基于RSA密码体制、Shamir门限方案和哈希函数的安全性,设计了一种双重门限秘密共享方案。方案中,参与者只需维护一个秘密份额,可实现对多个秘密的共享。秘密份额由参与者确定和保管,秘密分发者也不知晓,秘密共享过程中,只需出示伪秘密份额。方案不需要维护安全信道,算法能够保证信息安全传送,以及验证参与者是否进行了欺骗。     

Key distribution for secure VSAT satellite communications

This paper presents modified Yacobi (1989) scheme that does not use the secret key provided by the key distribution center, but uses instead a random number generated by the user. This paper also presents the modified Diffie-Hellman (1976) and ID (identity) method which has directly mutual authentication between users and is able to defend the network from impostors. The proposed scheme based on the DH was applied to VSAT satellite communications and simulated on a PC using Montgomery (1993) algorithm and MD5 (Message Digest) for a feasible study of secure VSAT satellite communications     

一个可验证的门限多秘密分享方案

基于离散对数计算和大整数分解的困难性,利用RSA加密体制提出了一个新的门限多秘密分享方案.该方案通过零知识证明等协议来防止秘密分发者和秘密分享者的欺诈行为,因而是一个可验证的门限多秘密分享方案.该方案还具有:秘密影子可重复使用;子秘密影子可离线验证;供分享的秘密不须事先作预计算等特点.该方案可用于会议密钥(秘密)分配、安全多方计算、门限数字签名等应用领域.     

云计算平台下基于属性加密的动态版权使用控制方案（英文）

In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.     

SA-IBE:一种安全可追责的基于身份加密方案

基于身份加密(Identity-Based Encryption, IBE)方案中,用户公钥直接由用户身份得到,可以避免公钥基础设施(Public Key Infrastructure, PKI)系统的证书管理负担。但IBE存在密钥托管问题,即私钥生成器(Private Key Generator, PKG)能够解密用户密文或泄漏用户私钥,而现有解决方案一般需要安全信道传输私钥,且存在用户身份认证开销大或不能彻底解决密钥托管问题的缺陷。该文提出一种安全可追责的基于身份加密方案,即SA-IBE方案,用户原私钥由PKG颁发,然后由多个密钥隐私机构并行地加固私钥隐私,使得各机构无法获取用户私钥,也不能单独解密用户密文;设计了高效可追责的单点PKG认证方案;并采用遮蔽技术取消了传输私钥的安全信道。文中基于标准的Diffie-Hellman假设证明了SA-IBE方案的安全性、解决密钥托管问题的有效性以及身份认证的可追责性。     

一种无纠缠态的量子秘密共享协议

秘密共享是指将一个秘密按适当的方式进行隐藏或拆分,只有若干个参与者一同协作才能恢复该秘密,该技术在云计算领域中能够确保信息安全和数据保密.提出了一种不使用纠缠态的量子秘密共享协议,通过使用量子密码算法确保系统的安全性.相比其他的秘密共享协议,该协议具有以下优点:与传统的基于数论的秘密共享协议相比,本协议由于使用量子通信的技术,从而能够有效抵抗Shor算法攻击;相比其他的量子秘密共享协议,由于本协议没有使用量子纠缠态,在技术程度上更容易实现;如果存在攻击者或恶意的参与者,该协议能够在秘密恢复过程中迅速发现,避免恢复错误的秘密.     

基于Asmuth-Bloom门限方案的会议密钥分配

当多个用户举行保密的电子会议时,会议机密信息的安全性在很大程度上取决于会议的密钥。本文基于Asmuth-Bloom 门限方案提出了一种会议密钥分配方案,并分析了该方案的正确性和安全性。     

Resource-aware conference key establishment for heterogeneous networks

The Diffie-Hellman problem is often the basis for establishing conference keys. In heterogeneous networks, many conferences have participants of varying resources, yet most conference keying schemes do not address this concern and place the same burden upon less powerful clients as more powerful ones. The establishment of conference keys should minimize the burden placed on resource-limited users while ensuring that the entire group can establish the key. In this paper, we present a hierarchical conference keying scheme that forms subgroup keys for successively larger subgroups en route to establishing the group key. A tree, called the conference tree, governs the order in which subgroup keys are formed. Key establishment schemes that consider users with varying costs or budgets are built by appropriately designing the conference tree. We then examine the scenario where users have both varying costs and budget constraints. A greedy algorithm is presented that achieves near-optimal performance, and requires significantly less computational effort than finding the optimal solution. We provide a comparison of the total cost of tree-based conference keying schemes against several existing schemes, and introduce a new performance criterion, the probability of establishing the session key (PESKY), to study the likelihood that a conference key can be established in the presence of budget constraints. Simulations show that the likelihood of forming a group key using a tree-based conference keying scheme is higher than the GDH schemes of Steiner et al.. Finally, we study the effect that greedy users have upon the Huffman-based conference keying scheme, and present a method to mitigate the detrimental effects of the greedy users upon the total cost.     

Updating the parameters of a threshold scheme by minimal broadcast

Threshold schemes allow secret data to be protected among a set of participants in such a way that only a prespecified threshold of participants can reconstruct the secret from private information (shares) distributed to them on a system setup using secure channels. We consider the general problem of designing unconditionally secure threshold schemes whose defining parameters (the threshold and the number of participants) can later be changed by using only public channel broadcast messages. In this paper, we are interested in the efficiency of such threshold schemes, and seek to minimize storage costs (size of shares) as well as optimize performance in low-bandwidth environments by minimizing the size of necessary broadcast messages. We prove a number of lower bounds on the smallest size of broadcast message necessary to make general changes to the parameters of a threshold scheme in which each participant already holds shares of minimal size. We establish the tightness of these bounds by demonstrating optimal schemes.     

一个新的广播信道会议密钥协商协议

群组用户试图在开放式网络上进行安全通信时,需运行一个会议密钥协议来支持一个共同的会议密钥K.本文中,利用基于MDS码(Maximum Distance Code,极大最小距离可分码)的秘密共享方案作为基本构件,提出了一个新颖高效、可证明安全的广播信道下会议密钥协商协议.该协议在广义的Diffie-Hellman Problem(DHP)困难假设下,被动攻击者得不到任何有关诚实参与者协商出的会议密钥的信息;且无论存在多少恶意参与者,诚实参与者一定能够协商出一共同的会议密钥.     

Communication in key distribution schemes

A (g, b) key distribution scheme allows conferences of g users to generate secret keys, such that disjoint coalitions of b users cannot gain any information on the generated key (in the information-theoretic sense). We study the relationships between communication and space efficiency of key distribution schemes. We prove that communication does not help in the context of unrestricted schemes. On the other hand, we show that for restricted schemes, which are secure only when used by a limited number of conferences, communication can substantially improve the space efficiency. We also present lower bounds on the space efficiency of restricted schemes     

An Ideal Multi-secret Sharing Scheme Based on Connectivity of Graphs

Secure communication has become more and more important for many modern communication applications. In a secure communication, every pair of users need to have a secure communication channel (each channel is controlled by a server) In this paper, using monotone span programs we devise an ideal linear multi-secret sharing scheme based on connectivity of graphs. In our proposed scheme, we assume that every pair of users, \(p\) and \(q\) , use the secret key \(s_{pq} \) to communicate with each other and every server has a secret share such that a set of servers can recover \(s_{pq} \) if the channels controlled by the servers in this set can connect users, \(p\) and \(q\) . The multi-secret sharing scheme can provide efficiency for key management. We also prove that the proposed scheme satisfies the definition of a perfect multi-secret sharing scheme. Our proposed scheme is desirable for secure and efficient secure communications.     

A heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks

A mobile ad hoc network does not require fixed infrastructure to construct connections among nodes. Due to the particular characteristics of mobile ad hoc networks, most existing secure protocols in wired networks do not meet the security requirements for mobile ad hoc networks. Most secure protocols in mobile ad hoc networks, such as secure routing, key agreement and secure group communication protocols, assume that all nodes must have pre‐shared a secret, or pre‐obtained public‐key certificates before joining the network. However, this assumption has a practical weakness for some emergency applications, because some nodes without pre‐obtained certificates will be unable to join the network. In this paper, a heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks is proposed to remedy this weakness. Several heterogeneous networks (such as satellite, unmanned aerial vehicle, or cellular networks) provide wider service areas and ubiquitous connectivity. We adopt these wide‐covered heterogeneous networks to design a secure certificate distribution scheme that allows a mobile node without a pre‐obtained certificate to instantly get a certificate using the communication channel constructed by these wide‐covered heterogeneous networks. Therefore, this scheme enhances the security infrastructure of public key management for mobile ad hoc networks. Copyright © 2006 John Wiley & Sons, Ltd.     

The Size of a Share Must Be Large

A secret sharing scheme permits a secret to be shared among participants of an n-element group in such a way that only qualified subsets of participants can recover the secret. If any nonqualified subset has absolutely no information on the secret, then the scheme is called perfect. The share in a scheme is the information that a participant must remember. In [3] it was proved that for a certain access structure any perfect secret sharing scheme must give some participant a share which is at least 50\percent larger than the secret size. We prove that for each n there exists an access structure on n participants so that any perfect sharing scheme must give some participant a share which is at least about times the secret size.^1 We also show that the best possible result achievable by the information-theoretic method used here is n times the secret size. ^1 All logarithms in this paper are of base 2. Received 24 November 1993 and revised 15 September 1995     

光反馈垂直腔面发射半导体激光器的混沌驱动同步在保密通信中的应用

基于光反馈垂直腔面发射半导体激光器(VCSELs)混沌驱动同步,提出了一种光反馈VCSELs混沌保密通信系统。通过模拟信号和数字信号在该系统的混沌保密通信的实现,验证了该系统的可行性。进一步利用该方案实现了对文字和数字图像的保密通信,并对解密图像及原始图像灰度值的差值做了相关计算。数值模拟结果说明该通信方案具有良好的解密效果。