Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks

Several three-party password authenticated key exchange (3-PAKE) protocols have recently been proposed for heterogeneous wireless sensor networks (HWSN). These are efficient and designed to address security concerns in ad-hoc sensor network applications for a global Internet of Things framework, where a user may request access to sensitive information collected by resource-constrained sensors in clusters managed by gateway nodes. In this paper we first analyze three recently proposed 3-PAKE protocols and discuss their vulnerabilities. Then, based on Radio Frequency Identification technologies we propose a novel 3-PAKE protocol for HWSN applications, with two extensions for additional security features, that is provably secure, efficient and flexible.     

Low complexity quantum private queries protocol

Private information retrieval(PIR) is an important privacy protection issue of secure multi-party computation, but the PIR protocols based on classical cryptography are vulnerable because of new technologies,such as quantum computing and cloud computing. The quantum private queries(QPQ) protocols available, however, has a high complexity and is inefficient in the face of large database. This paper, based on the QKD technology which is mature now, proposes a novel QPQ protocol utilizing the key dilution and auxiliary parameter. Only N quits are required to be sent in the quantum channel to generate the raw key, then the straight k bits in the raw key are added bitwise to dilute the raw key, and a final key is consequently obtained to encrypt the database. By flexible adjusting of auxiliary parameters θ and k, privacy is secured and the query success ratio is improved. Feasibility and performance analyses indicate that the protocol has a high success ratio in first-trial query and is easy to implement, and that the communication complexity of O(N) is achieved.     

结合公钥加密和关键字可搜索加密的加密方案

带关键字搜索的公钥加密(PEKS)是一种有用的加密原语，它允许用户将在加密数据上搜索的功能委托给不可信的第三方服务器，而不影响原始数据的安全性和隐私性。但是，由于缺乏对于数据的加密以及解密能力，PEKS方案不能单独进行使用，必须与标准的公钥加密方案(PKE)相结合。因此，Baek等人在2006年引入了一种新的加密原语，称为结合PKE和PEKS的加密方案(PKE+PEKS)，它同时提供了PKE和PEKS的功能。目前，已有文献提出了几种PKE+PEKS方案。然而，他们都没有考虑关键字猜测攻击的问题。本文提出一个新的高效且能够抵抗关键字猜测攻击的PKE+PEKS方案，与已有方案相比，该方案在性能上有很大的提升，并且在生成关键字和数据密文时，不需要使用双线性对，极大地降低了计算和存储成本。安全性分析表明，本文中所提出的方案能够满足密文隐私安全性、陷门不可区分性和抗关键字猜测攻击的安全性。效率分析表明，本分提出的方案更加高效。     

A New NTRU-Type Public-Key Cryptosystem over the Binary Field

As the development of cloud computing and the convenience of wireless sensor netowrks, smart devices are widely used in daily life, but the security issues of the smart devices have not been well resolved. In this paper, we present a new NTRU-type public-key cryptosystem over the binary field. Specifically, the security of our scheme relies on the computational intractability of an unbalanced sparse polynomial ratio problem (DUSPR). Through theoretical analysis, we prove the correctness of our proposed cryptosystem. Furthermore, we implement our scheme using the NTL library, and conduct a group of experiments to evaluate the capabilities and consuming time of encryption and decryption. Our experiments result demonstrates that the NTRU-type public-key cryptosystem over the binary field is relatively practical and effective.     

基于MF-R和AWS密钥管理机制的物联网健康监测大数据分析系统

带有传感器的可穿戴式医疗设备不断生成大量数据，由于数据的复杂性，难以通过处理和分析大数据来找到有价值的决策信息。为了解决这个问题，提出了一种新的物联网体系结构，用于存储和处理医疗应用的可扩展传感器数据（大数据）。所提出的架构主要由两个子架构组成：Meta Fog重定向（MF-R）架构和AWS密钥管理机制。MF-R架构使用Apache Pig和Apache HBase等大数据技术来收集和存储不同传感器设备生成的传感器数据，并利用卡尔曼滤波消除噪声。AWS密钥管理机制使用密钥管理方案，目的是保护云中的数据，防止未经授权的访问。当数据存储在云中时，所提出的系统能够使用随机梯度下降算法和逻辑回归来开发心脏病的预测模型。仿真实验表明，和其他几种算法相比，提出的算法具有更小的误差，且在吞吐量、准确度等方面具有一定的优越性。     

一种实用的多数据库量子信息检索协议

针对目前量子私有信息检索不能适用与云存储的多数据库问题,基于现在成熟的量子密钥分发方法,提出了一种适合在多数据库环境下,实用的量子私有信息检索协议。对于不同大小的数据库,协议可通过调节参数θ和k,在保证数据库安全及用户隐私的情况下,完成信息的检索。性能分析结果表明,协议的通信复杂度低,检索成功率高、易于实施。     

葛洲坝水利枢纽泄水建筑物进水口冲磨与修复

葛洲坝水利枢纽工程已运行20余年，近年水下检查中发现泄水建筑物进水口存在不同程度的冲磨，有些已威胁到建筑物安全运行，分析冲磨原因和探讨修复材料和手段是非常重要的，本文就此问题提出一些看法和建议供参考。