全息印刷中的几种防伪加密设计

从实用性角度提出几种防伪加密彩虹全息设计原理与方法，并从实用效果进行分析和讨论。对提高全息标识防伪性能．有实际应用价值。     

无线匿名电话会议协议的分析与改进*

分析了文献［l］中Wang提出的一个无线匿名认证方案中的匿名电话会议认证协议,发现其存在安全漏洞,该协议不但无法保护用户的匿名性,而且还会泄露用户的机密信息,针对存在的安全漏洞对该协议进行了改进,改进后的协议保留了原方案的所有安全特性,并且比原协议具有更高的安全性。     

Symbolic protocol analysis in the union of disjoint intruder theories: Combining decision procedures

Most of the decision procedures for symbolic analysis of protocols are limited to a fixed set of algebraic operators associated with a fixed intruder theory. Examples of such sets of operators comprise XOR, multiplication, abstract encryption/decryption. In this report we give an algorithm for combining decision procedures for arbitrary intruder theories with disjoint sets of operators, provided that solvability of ordered intruder constraints, a slight generalization of intruder constraints, can be decided in each theory. This is the case for most of the intruder theories for which a decision procedure has been given. In particular our result allows us to decide trace-based security properties of protocols that employ any combination of the above mentioned operators with a bounded number of sessions.     

简化SIMON类算法的立方测试与分析*

针对轻量级分组密码算法SIMON的安全性分析,对SIMON32/64算法抵抗立方攻击的能力和算法内部结构对密钥比特的混淆和扩散性能力进行了评估。基于SIMON类算法的密钥编排特点和轮函数结构,结合立方分析的基本思想,利用FPGA测试平台设计了一个SIMON32/64的立方攻击和密钥中比特检测算法。测试结果表明：在立方变元取6维至24维时,对于7轮SIMON32/64算法,通过立方攻击能够直接恢复47比特密钥,攻击时间复杂度约为218.08;对于8轮SIMON32/64算法,能够直接恢复39比特密钥,攻击时间复杂度约为225.00。对于10轮,11轮SIMON32/64算法,通过立方测试均能够捕获到密钥中比特。     

一个基于可信密码模块的数字版权管理方案

分析可信计算密码支撑平台可信密码模块的功能和结构,在比较数字水印、防拷贝、加密、激活的数字版权管理技术的基础上,研究可信密码模块在数字版权管理中应用的优势,对数字版权作品的保护,提出用外接可信密码模块加强数字版权管理的方案,不仅与现有的数字版权管理技术兼容支持,而且有利于普及数字版权管理。     

Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage

It is secure for customers to store and share their sensitive data in the cryptographic cloud storage.However,the revocation operation is a sure performance killer in the cryptographic access control system.To optimize the revocation procedure,we present a new efficient revocation scheme which is efficient,secure,and unassisted.In this scheme,the original data are first divided into a number of slices,and then published to the cloud storage.When a revocation occurs,the data owner needs only to retrieve one slice,and re-encrypt and re-publish it.Thus,the revocation process is accelerated by affecting only one slice instead of the whole data.We have applied the efficient revocation scheme to the ciphertext-policy attribute-based encryption(CP-ABE) based cryptographic cloud storage.The security analysis shows that our scheme is computationally secure.The theoretically evaluated and experimentally measured performance results show that the efficient revocation scheme can reduce the data owner’s workload if the revocation occurs frequently.     

Key management in wireless sensor networks

ABSTRACT

We refer to a distributed architecture consisting of sensor nodes connected by wireless links and organized in a tree-shaped hierarchy. We present a paradigm for the management of the cryptographic keys used by nodes to communicate, and we consider the problems connected with key generation, distribution, and replacement. In our paradigm, names are assigned to nodes by using a uniform scheme, which is based on the position of the given node in the node hierarchy. Each node holds a hierarchical key to communicate with its ancestors, and a level key to communicate with its siblings. A single, publicly known parametric one-way function is used to assign hierarchical keys to nodes, in an iterative procedure that starts from the key of the root of the node hierarchy, and proceeds downwards to the lowest hierarchical levels. A similar procedure is used to generate the level keys. The total memory requirements for key storage are extremely low. The number of keys exchanged in a key replacement process is kept to a minimum. Dynamic access control is fully supported, whereby new nodes can be added to the node hierarchy, and existing nodes can be evicted from the hierarchy.     

Bayesian rational exchange

The notion of rational exchange introduced by Syverson (Proceedings of the 11th IEEE Computer Society Foundations Workshop, pp. 2–13, 1998) is a particularly interesting alternative when an efficient scheme for fair exchange is required but the use of a trusted third party is not allowed. A rational exchange protocol cannot provide fairness, but it ensures that rational (i.e., self-interested) parties would have no reason to deviate from the protocol. Buttyán et al. (J. Comput. Security 12(3/4), 551–588, 2004) have recently pointed out how rationality in exchange protocols can be formalized and studied within the framework provided by Game Theory. In particular, Buttyan’s formal model was used to analyze Syverson’s rational exchange protocol. In this paper, we identify a series of drawbacks in Buttyan’s model which make it somewhat restrictive and unrealistic. We propose an extension to the model which enables us to consider different classes of protocol parties (e.g., honest and dishonest parties), as well as modeling attributes such as reputation or any other participant beliefs that could have an effect on the protocol outcome. The resulting new model enables us to reason rational exchange protocols from the point of view of Bayesian rationality, a notion that may be in some scenarios more appropriate than that defined in terms of Nash equilibrium.     

TCP/IP网络的通信安全技术

该文介绍了基于TCP／IP协议的计算机网络通信安全技术,包括在TCP／IP的网络层、传输层及传输层之上等各个层次中采用密码技术以保证数据的保密性、完整性及可认证性分析了IPSEC、Secure TCP、SSL等典型的安全协议。     

论密码工作人员的艺术审美修养

本文从密码工作人员艺术审美修养的特点、任务以及对现实5--作作用和意义等方面,论述如何加强密码工作人员的艺术审美修养,陶,台美好的情感,塑造健全的人格,丰富工作和生活的情趣,激发生活和工作的创造激情,提高生活和生命的质量。