Quantum simultaneous secret distribution with dense coding by using cluster states

A new communication mode, quantum simultaneous secret distribution (QSSD) is put forward, where one sender distributes different classical secret message to multiparty receivers simultaneously. Based on the properties of the one-dimensional four-qubit cluster states, a three-party QSSD protocol is proposed, and then it is extended to the case that there are many receivers. Owing to the idea of quantum dense coding, each receiver can receive two bits of classical message by the sender only using a cluster state. In order to check security of quantum channels, a strategy which can prevent common attacks efficiently is put forward. QSSD is distinct from quantum secret sharing (QSS) and quantum broadcast communication (QBC), but it can be easily converted into QSS and QBC. QSSD is also different from the multiple-QKD communication mode where the sender shares a private key with each receiver at first, while in QSSD the sender doesn’t; in addition, only one round of one-to-many communication is performed in QSSD, while in multiple-QKD communication mode many rounds of one-to-one communication are performed.     

Generating Communication for Array Statements: Design,Implementation, and Evaluation

Array statements as included in Fortran 90 or High Performance Fortran (HPF) are a well-accepted way to specify data parallelism in programs. When generating code for such a data parallel program for a private memory parallel system, the compiler must determine when array elements must be moved from one processor to another. This paper describes a practical method to compute the set of array elements that are to be moved; it covers all the distributions that are included in HPF: block, cyclic, and block-cyclic. This method is the foundation for an efficient protocol for modern private memory parallel systems: for each block of data to be sent, the sender processor computes the local address in the receiver′s address space, and the address is then transmitted together with the data. This strategy increases the communication load but reduces the overhead on the receiving processor. We implemented this optimization in an experimental Fortran compiler, and this paper reports an empirical evaluation on a 64-node private memory iWarp system, using a number of different distributions.     

A novel cryptoprocessor architecture for chained Merkle signature scheme

One-time signature schemes rely on hash functions and are, therefore, assumed to be resistant to attacks by quantum computers. These approaches inherently raise a key management problem, as the key pair can be used only for one message. That means, for one-time signature schemes to work, the sender must deliver the verification key together with the message and the signature. Upon reception, the receiver has to verify the authenticity of the verification key before verifying the signature itself. Hash-tree based solutions tackle this problem by basing the authenticity of a large number of verification keys on the authenticity of a root key. This approach, however, causes computation, communication, and storage overhead. Due to hardware acceleration, this paper proposes, for the first time, a processor architecture which boosts the performance of a one-time signature scheme without degrading memory usage and communication properties. This architecture realizes the chained Merkle signature scheme on the basis of Winternitz one-time signature scheme. All operations, i.e., key generation, signing, and verification are implemented on an FPGA platform, which acts as a coprocessor. Timing measurements on the prototype show a performance boost of at least one order of magnitude compared to an identical software solution.     

一种实现RapidIO用户态通信接口的改进方法

提出了基于TIPC透明进程间通信协议实现RapidIO用户态通信接口的新方法。通过分析RapidIO消息传递模式的特点和TIPC底层发送-接收数据的实现机制,将发送端和接收端传输数据的内存拷贝次数均减少为一次,从而有效地提高了RapidIO通信接口的数据吞吐量,降低了通信延迟。介绍的实现方法有较强的工程应用价值。     

结合时间戳的指纹密钥数据加解密传输方案

目的 对于生物密钥而言，生物特征数据的安全与生物密钥的管理存储都很关键。为了构造能够应用在通信数据传输场景的生物密钥，同时保证生物特征本身的模糊性与密码学的精确性处于一种相对平衡状态，提出一种基于时间戳与指纹密钥的数据加解密传输方案。方法 利用发送方指纹特征点之间的相对信息，与保密随机矩阵生成发送方指纹密钥；借助通信双方的预先设定数与时间戳，生成接收方恢复指纹密钥时所需的辅助信息；利用发送方指纹密钥加密数据，实现密文数据的传输。结果 本文方法在仿真通信双方数据加解密的实现中，测试再生指纹密钥的识别率（GAR）与误识率（FAR）。通过实验数据分析，表明了本文提出的指纹密钥生成方法的可用性，以及指纹密钥作为数字身份所具备的可认证性，其中真实发送方的再生指纹密钥识别率可高达99.8%，并且本方案还可用于即时通信、对称加密等多种场景当中。结论 本文方法利用时间戳确定了通信事件的唯一性与不可否认性，同时实现了指纹密钥恢复时的"一次一密"。此外，方案通过保密随机矩阵实现了发送方指纹密钥的可撤销，极大程度保障了指纹数据的安全性。     

一种基于SSM的多源组播路由协议

为满足参与方同时为收发方的组播通信模式,该文提出了一种新的基于特定源组播的多源组播路由协议SSM-MSM,该协议利用特定源组播形成的单向组播转发树维护一个与之并行的用于多方通信的双向转发树,其路由状态、树建立和控制消息开销和组播包转发时延较小,可综合几种已有的基于SSM多方通信方案的优势。     

移动Agent发送包通信研究

通信是移动Agent系统的关键技术之一。目前为止已有很多相关研究人员提出了一些比较好的通信机制,基本上已经可以满足Agent通信的一些要求。但是如何能有效的实现已提出的机制,这方面的研究还不多。本文提出发送包方法来进行移动agent通信,采用一个HomeServer来记录每个代理的位置和状态信息,HomeServer配有一张事件列表配合每台主机通信平台的SendBox来处理未发送成功的消息。当通信双方驻留在主机上时,通信双方直接通信;当通信双方中有一方在迁移时,则将未发送成功的信息存入发送方通信平台上的SendBox,并在HomeServer的事件列表中增加一条记录,当迁移中的移动代理驻留在某一方的主机上时,由先前发送方平台的SendBox向接收方发送信息。采用发送包方法进行Agent通信能有效地实现位置透明性、异步性、可靠性和降低网络负载。     

RSU-based message authentication for vehicular ad-hoc networks

Message authentication that ensures a message is genuine and verifies the source of the sender is a key issue in vehicular ad hoc networks (VANETs). Because messages may provide life-critical traffic information or emergency messages transmitted by unfamiliar sources. Because the vehicle in a VANET transmits messages in real-time in a high-mobility environment, traditional PKI security schemes are not suitable for VANET. The use of roadside units (RSUs) makes message authentication in VANET easy, but it also causes two problems and needed to be solved: how to authenticate messages transmitted between two different RSU ranges, and how to hand off messages for the vehicles moving across different RSU communication ranges. This paper proposes a comprehensive message authentication scheme that enables the message authentication within intra and between inter RSU ranges and hand-off between different RSUs. The proposed scheme balances the overhead for computation and communication with security against attacks. Efficiency analysis and comparison with related works demonstrate that the proposed scheme is a superior message authentication method for VANET.     

基于椭圆曲线的密码体制

论述了基于椭圆曲线的三类密码体制。第一类体制提供了一种签名和认证的机制。第二类体制在发送方加密信息 ,在接收方解密信息 ,具有加密功能。第三类体制将会产生共享密钥 ,可以保证双方通信的安全性。主要对这三种体制结合具体的算法加以说明 ,从而对基于椭圆曲线的密码体制有一个宏观的把握     

Irregular Personalized Communication on Distributed Memory Machines

In this paper, we present several algorithms for performing all-to-many personalized communication on distributed memory parallel machines. We assume that each processor sends a different message (of potentially different size) to a subset of all the processors involved in the collective communication. The algorithms are based on decomposing the communication matrix into a set of partial permutations. We study the effectiveness of our algorithms from both the view of static scheduling and runtime scheduling.     

互联网环境下一种新的非否认协议研究

应用环境不同对非否认协议的要求不同,在互联网环境中,电子信息的非否认更为重要;无论非否认协议应用于什么服务,都有如下安全需求:第一,收发双方的非否认;第二,减少对第三方的信赖程度;第三,能抵御常见的篡改和重放攻击的安全威胁;第四,保证邮件信息的机密性和尽可能减少通信双方协议的交互次数;提出的互联网环境下这种新的电子信息的非否认协议,经过分析证实能够很好地解决以上这些问题。     

基于组群的可实现接收者匿名的通信模型*

基于组群的匿名实现了通过多主机的转发对发送者或双方通信关系的隐藏,典型的实现如Crowds利用转发概率实现了发送者一定程度的匿名,但该系统对于接收者匿名缺乏保护,接收者对于Crowds的组员而言完全是公开的。新模型在传统的Crowds基础上,利用公开密钥加密实现了接收者匿名,同时提出了一种新的通信加密方案,并通过改进对Jondo的管理,提高了性能,改善了匿名度。     

基于ECDLP的有身份认证的ElGamal密码体制

在公钥密码体制中,发送方用接收方的公开密钥加密消息,而接收方用自己的秘密密钥进行解密,双方不能识别对方的身份.为解决上述问题,在研究椭圆曲线ElGamal密码体制的基础上,给出了一种基于安全椭圆曲线离散对数问题的有身份认证的ElGamal密码体制.该算法可以实现通信双方的双向身份认证,有效地防止了攻击者冒充发送方伪造要发送的消息.同时该算法在通信过程中加入了可以追踪消息来源的信息,使得接收者可以对消息的真实性进行有效的验证.通过对消息的双重保护,该体制实现了在公开信道上的安全通信.     

The Design and Performance Evaluation of the DI-Multicomputer

In this paper, we propose a new multicomputer node architecture, theDI-multicomputerwhich uses packet routing on a uniform point-to-point interconnect for both local memory access and internode communication. This is achieved by integrating a router into each processor chip and eliminating the memory bus interface. Since communication resources such as pins and wires are allocated dynamically via packet routing, the DI-multicomputer is able to maximize the available communication resources, providing much higher performance for both intranode and internode communication. Multi-packet handling mechanisms are used to implement a high performance memory interface based on packet routing. The DI-multicomputer network interface provides efficient communication for both short and long messages, decoupling the processor from the transmission overhead for long messages while achieving minimum latency for short messages. Trace-driven simulations based on a suite of message passing applications show that the communication mechanisms of the DI-multicomputer can achieve up to four times speedup when compared to existing architectures.     

一种面向电子邮件的不可否认协议及其形式化分析

不同应用环境下不可否认协议的目标是不同的,面向电子邮件的不可否认协议目标有：双方不可否认;公平;协议能抵御常见的篡改和重放攻击;减少对可信第三方的信赖程度。保证邮件机密性;尽可能减少协议交互次数．提出一种面向电子邮件的不可否认协议。以解决已有协议存在的不公平、机密性保护不好和协议交互次数多的问题．形式化分析的结果表明。提出的协议能完成收发双方的不可否认以及不可否认协议所要达成的公平性和证据有效性．     

匿名通信系统中时间攻击模型研究

时间攻击是指对手研究信息穿过系统的时间来找出信息发送者和接收者之间的相关性,对支持交互式的低延时匿名通信系统形成一种巨大威胁。论文提出了一种基于重路由技术的匿名通信系统和针对该系统的时间攻击模型,理论分析和计算数据表明这种时间攻击方式可以有效地破坏匿名通信系统中信息发送者和接收者之间的连接性,但这种时间攻击的成功率受到信息到达率和节点延迟时间以及重路由路长等因素的影响。     

A Group-Based Load Balance Scheme for Software Distributed Shared Memory Systems

Load balance is an important issue for the performance of software distributed shared memory (DSM) systems. One solution of addressing this issue is exploiting dynamic thread migration. In order to reduce the data consistency communication increased by thread migration, an effective load balance scheme must carefully choose threads and destination nodes for workload migration. In this paper, a group-based load balance scheme is proposed to resolve this problem. The main characteristic of this scheme is to classify the overloaded nodes and the lightly loaded nodes into a sender group and a receiver group, and then consider all the threads of the sender group and all the nodes of the receiver group for each decision. The experimental results show that the group-based scheme reduces more communication than the previous schemes. Besides, this paper also resolves the problem of the high costs caused by group-based schemes. Therefore, the performance of the test programs is effectively enhanced after minimizing the communication increased by thread migration.     

On the Performance of Permutation Codes for Multi-User Communication

Permutation coding for multi-user communication schemes that originate from the Fast Frequency Hopping/Multiple Frequency Shift Keying modulation is investigated. Each sender is either passive or sends some signal formed as the concatenation of M elementary signals having M different specified frequencies. There is also a jammer, who can introduce disturbances. A single disturbance is either sending the signal that contains all M frequencies at a certain time instant or sending some elementary signal at all time instants. Each receiver receives a vector of M sets, where a set at each time instant contains a fixed frequency if and only if the corresponding elementary signal was sent by either some sender or the jammer. The task of the receiver is to uniquely decode the message of his sender. We present regular constructions of permutation codes for this scheme given the following parameters: the number of frequencies, number of pairs (sender, receiver), number of messages per sender, and maximum number of disturbances of the jammer.     

基于公钥自证明的认证加密方案

首先提出了一种基于公钥自证明的认证加密方案。该方案采用用户注册协议动态地完成用户向CA的匿名身份注册,并获取由CA和用户共同产生的公钥的证明,据此可以计算用户的公开密钥;通信双方使用公钥的自证明协议,动态地完成对彼此公钥的自证明;信息的接收者可以从签名中恢复原消息,这样,签名方案既具有身份鉴别作用,又具有信息保密性。其次,针对消息分块情况,给出了一种具有消息链接恢复的基于公钥自证明的认证加密方案。与文眼11演的结果相比,本文给出的方案具有实现了第三层次信任等级的自证明认证、较少的计算时间开销和较高的安全性等优点。     

Resource Management in Dataflow-Based Multithreaded Execution

Due to the large amount of potential parallelism, resource management is a critical issue in multithreaded execution. The challenge in code generation is to control the parallelism without reducing the machine's ability to exploit it. Controlled parallelism reduces idle time, communication, and delay caused by synchronization. At the same time it increases the potential for exploitation of program data structure locality. In this paper, we evaluate the performance of methods to control program parallelism and resource usage in the context of the fine-grain dataflow execution model. The methods are in themselves not new, but their performance analysis is. The two methods to control parallelism here are slicing and chunking. We present the methods and their compilation strategy and evaluate their effectiveness in terms of run time and matching store occupancy. Communication is categorized in memory, loop, call, and expression communication. Input and output message locality is measured. Two techniques to reduce communication are introduced. Grouping allocates loop and function bodies on one processor and bundling combines messages with the same sender and receiver into one. Their effects on the total communication volume are quantified.