In recent scenario of Wireless Sensor Networks(WSNs),there are many application developed for handling sensitive and private data such as military information,surveillance data,tracking,etc.Hence,the sensor nodes of W...In recent scenario of Wireless Sensor Networks(WSNs),there are many application developed for handling sensitive and private data such as military information,surveillance data,tracking,etc.Hence,the sensor nodes of WSNs are distributed in an intimidating region,which is non-rigid to attacks.The recent research domains of WSN deal with models to handle the WSN communications against malicious attacks and threats.In traditional models,the solution has been made for defending the networks,only to specific attacks.However,in real-time applications,the kind of attack that is launched by the adversary is not known.Additionally,on developing a security mechanism for WSN,the resource constraints of sensor nodes are also to be considered.With that note,this paper presents an Enhanced Security Model with Improved Defensive Routing Mechanism(IDRM)for defending the sensor network from various attacks.Moreover,for efficient model design,the work includes the part of feature evaluation of some general attacks of WSNs.The IDRM also includes determination of optimal secure paths and Node security for secure routing operations.The performance of the proposed model is evaluated with respect to several factors;it is found that the model has achieved better security levels and is efficient than other existing models in WSN communications.It is proven that the proposed IDRM produces 74%of PDR in average and a minimized packet drop of 38%when comparing with the existing works.展开更多
The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full h...The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of "uniqueness" and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.展开更多
Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness.Owing to the potent...Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness.Owing to the potential unconditional security,quantum blind signature(QBS)is more advantageous than the classical ones.In this paper,an efficient and practical quantum blind signature scheme relaxed security model is presented,where quantum superposition,decoy qubits and hash function are used for the purpose of blindness.Compared with previous QBS scheme,the presented scheme is more efficient and practical with a relaxed security model,in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.展开更多
Recently,an innovative trend like cloud computing has progressed quickly in InformationTechnology.For a background of distributed networks,the extensive sprawl of internet resources on the Web and the increasing numbe...Recently,an innovative trend like cloud computing has progressed quickly in InformationTechnology.For a background of distributed networks,the extensive sprawl of internet resources on the Web and the increasing number of service providers helped cloud computing technologies grow into a substantial scaled Information Technology service model.The cloud computing environment extracts the execution details of services and systems from end-users and developers.Additionally,through the system’s virtualization accomplished using resource pooling,cloud computing resources become more accessible.The attempt to design and develop a solution that assures reliable and protected authentication and authorization service in such cloud environments is described in this paper.With the help of multi-agents,we attempt to represent Open-Identity(ID)design to find a solution that would offer trustworthy and secured authentication and authorization services to software services based on the cloud.This research aims to determine how authentication and authorization services were provided in an agreeable and preventive manner.Based on attack-oriented threat model security,the evaluation works.By considering security for both authentication and authorization systems,possible security threats are analyzed by the proposed security systems.展开更多
Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if th...Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.展开更多
The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizati...The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.展开更多
Trapdoor is a key component of public key cryptography design which is the essential security foundation of modern cryptography.Normally,the traditional way in designing a trapdoor is to identify a computationally har...Trapdoor is a key component of public key cryptography design which is the essential security foundation of modern cryptography.Normally,the traditional way in designing a trapdoor is to identify a computationally hard problem,such as the NPC problems.So the trapdoor in a public key encryption mechanism turns out to be a type of limited resource.In this paper,we generalize the methodology of adversarial learning model in artificial intelligence and introduce a novel way to conveniently obtain sub-optimal and computationally hard trapdoors based on the automatic information theoretic search technique.The basic routine is constructing a generative architecture to search and discover a probabilistic reversible generator which can correctly encoding and decoding any input messages.The architecture includes a trapdoor generator built on a variational autoencoder(VAE)responsible for searching the appropriate trapdoors satisfying a maximum of entropy,a random message generator yielding random noise,and a dynamic classifier taking the results of the two generator.The evaluation of our construction shows the architecture satisfying basic indistinguishability of outputs under chosen-plaintext attack model(CPA)and high efficiency in generating cheap trapdoors.展开更多
Learning With Errors (LWE) is one of the Non-Polynomial (NP)-hard problems applied in cryptographic primitives against quantum attacks.However,the security and efficiency of schemes based on LWE are closely affected b...Learning With Errors (LWE) is one of the Non-Polynomial (NP)-hard problems applied in cryptographic primitives against quantum attacks.However,the security and efficiency of schemes based on LWE are closely affected by the error sampling algorithms.The existing pseudo-random sampling methods potentially have security leaks that can fundamentally influence the security levels of previous cryptographic primitives.Given that these primitives are proved semantically secure,directly deducing the influences caused by leaks of sampling algorithms may be difficult.Thus,we attempt to use the attack model based on automatic learning system to identify and evaluate the practical security level of a cryptographic primitive that is semantically proved secure in indistinguishable security models.In this paper,we first analyzed the existing major sampling algorithms in terms of their security and efficiency.Then,concentrating on the Indistinguishability under Chosen-Plaintext Attack (IND-CPA) security model,we realized the new attack model based on the automatic learning system.The experimental data demonstrates that the sampling algorithms perform a key role in LWE-based schemes with significant disturbance of the attack advantages,which may potentially compromise security considerably.Moreover,our attack model is achievable with acceptable time and memory costs.展开更多
文摘In recent scenario of Wireless Sensor Networks(WSNs),there are many application developed for handling sensitive and private data such as military information,surveillance data,tracking,etc.Hence,the sensor nodes of WSNs are distributed in an intimidating region,which is non-rigid to attacks.The recent research domains of WSN deal with models to handle the WSN communications against malicious attacks and threats.In traditional models,the solution has been made for defending the networks,only to specific attacks.However,in real-time applications,the kind of attack that is launched by the adversary is not known.Additionally,on developing a security mechanism for WSN,the resource constraints of sensor nodes are also to be considered.With that note,this paper presents an Enhanced Security Model with Improved Defensive Routing Mechanism(IDRM)for defending the sensor network from various attacks.Moreover,for efficient model design,the work includes the part of feature evaluation of some general attacks of WSNs.The IDRM also includes determination of optimal secure paths and Node security for secure routing operations.The performance of the proposed model is evaluated with respect to several factors;it is found that the model has achieved better security levels and is efficient than other existing models in WSN communications.It is proven that the proposed IDRM produces 74%of PDR in average and a minimized packet drop of 38%when comparing with the existing works.
基金supported by the National Grand Fundamental Research (973) Program of China under Grant 2013CB338003the National Natural Science Foundation of China (NSFC) under Grants U1536205, 61170279 and 61572485
文摘The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of "uniqueness" and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.
基金This work was supported by 2018 Provincial Key Research and Development Program(Social Development)Project of Jiangsu Province(No.BF2018719)2018 Provincial Key Research and Development Program(Modern Agriculture)Project of Jiangsu Province(No.2018301).
文摘Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness.Owing to the potential unconditional security,quantum blind signature(QBS)is more advantageous than the classical ones.In this paper,an efficient and practical quantum blind signature scheme relaxed security model is presented,where quantum superposition,decoy qubits and hash function are used for the purpose of blindness.Compared with previous QBS scheme,the presented scheme is more efficient and practical with a relaxed security model,in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.
文摘Recently,an innovative trend like cloud computing has progressed quickly in InformationTechnology.For a background of distributed networks,the extensive sprawl of internet resources on the Web and the increasing number of service providers helped cloud computing technologies grow into a substantial scaled Information Technology service model.The cloud computing environment extracts the execution details of services and systems from end-users and developers.Additionally,through the system’s virtualization accomplished using resource pooling,cloud computing resources become more accessible.The attempt to design and develop a solution that assures reliable and protected authentication and authorization service in such cloud environments is described in this paper.With the help of multi-agents,we attempt to represent Open-Identity(ID)design to find a solution that would offer trustworthy and secured authentication and authorization services to software services based on the cloud.This research aims to determine how authentication and authorization services were provided in an agreeable and preventive manner.Based on attack-oriented threat model security,the evaluation works.By considering security for both authentication and authorization systems,possible security threats are analyzed by the proposed security systems.
基金supported by the 2018 Industrial Internet Innovation and Development Project--Industrial Internet Identification Resolution System National Top-Level Node Construction Project (Phase Ⅰ)
文摘Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.
基金funded by the Special Innovation Project forGeneral Colleges and Universities in Guangdong Province (Grant No.2020KTSCX126).
文摘The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.
基金the National Natural Science Foundation of China(No.61572521,U1636114)National Key Project of Research and Development Plan(2017YFB0802000)+2 种基金Natural Science Foundation of Shaanxi Province(2021JM-252)Innovative Research Team Project of Engineering University of APF(KYTD201805)Fundamental Research Project of Engineering University of PAP(WJY201910).
文摘Trapdoor is a key component of public key cryptography design which is the essential security foundation of modern cryptography.Normally,the traditional way in designing a trapdoor is to identify a computationally hard problem,such as the NPC problems.So the trapdoor in a public key encryption mechanism turns out to be a type of limited resource.In this paper,we generalize the methodology of adversarial learning model in artificial intelligence and introduce a novel way to conveniently obtain sub-optimal and computationally hard trapdoors based on the automatic information theoretic search technique.The basic routine is constructing a generative architecture to search and discover a probabilistic reversible generator which can correctly encoding and decoding any input messages.The architecture includes a trapdoor generator built on a variational autoencoder(VAE)responsible for searching the appropriate trapdoors satisfying a maximum of entropy,a random message generator yielding random noise,and a dynamic classifier taking the results of the two generator.The evaluation of our construction shows the architecture satisfying basic indistinguishability of outputs under chosen-plaintext attack model(CPA)and high efficiency in generating cheap trapdoors.
基金supported by the National Natural Science Foundation of China(Nos.61572521 and U1636114)the National Key Project of Research and Development Plan(No.2017YFB0802000)+1 种基金the Innovative Research Team Project of Engineering University of PAP(No.KYTD201805)the Fundamental Research Project of Engineering University of PAP(No.WJY201910)。
文摘Learning With Errors (LWE) is one of the Non-Polynomial (NP)-hard problems applied in cryptographic primitives against quantum attacks.However,the security and efficiency of schemes based on LWE are closely affected by the error sampling algorithms.The existing pseudo-random sampling methods potentially have security leaks that can fundamentally influence the security levels of previous cryptographic primitives.Given that these primitives are proved semantically secure,directly deducing the influences caused by leaks of sampling algorithms may be difficult.Thus,we attempt to use the attack model based on automatic learning system to identify and evaluate the practical security level of a cryptographic primitive that is semantically proved secure in indistinguishable security models.In this paper,we first analyzed the existing major sampling algorithms in terms of their security and efficiency.Then,concentrating on the Indistinguishability under Chosen-Plaintext Attack (IND-CPA) security model,we realized the new attack model based on the automatic learning system.The experimental data demonstrates that the sampling algorithms perform a key role in LWE-based schemes with significant disturbance of the attack advantages,which may potentially compromise security considerably.Moreover,our attack model is achievable with acceptable time and memory costs.