隐私集合求交(Private Set Intersection,PSI)是一种保护数据隐私的集合计算技术,允许互不信任的各方协同计算私有数据的交集,且不透露交集以外的任何信息。PSI技术被广泛研究和应用,主要从提升性能和探索新型应用场景两个方面发力。首...隐私集合求交(Private Set Intersection,PSI)是一种保护数据隐私的集合计算技术,允许互不信任的各方协同计算私有数据的交集,且不透露交集以外的任何信息。PSI技术被广泛研究和应用,主要从提升性能和探索新型应用场景两个方面发力。首先详细梳理两方PSI的研究进展,分析和评估业界先进的算法协议;其次以卫星互联网新型应用场景为例,探索提出高性能两方PSI应用方案,实验测试不同数据类型在多种网络环境下的性能,给出新型场景下的PSI实践范式。最后进行总结与展望,给出了PSI的发展思考与建议。展开更多
A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data tran...A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data transformation based on Feistel(abbreviated as FST) and sampling output based on chaos(abbreviated as SMP). FST bases on Feistel structure and several efficient operations including bitwise xor, permutation and circulating shift. SMP is a chaos based pseudo-random sampling algorithm. It is from theoretical analysis that the round function is a pseudo-random function. The upper bounds of the average maximum differential probability and average maximum linear probability are p^2 and q^2 respectively. Finally, the good pseudo-randomness of the round function is examined with the NIST random test. The design of this round function provides an important cryptographic component for the design of chaotic image encryption algorithm.展开更多
This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the h...This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the help of a set of servers. What Alice should do is to share her secret functionf(x) among the servers. Bob obtains what he should get by interacting with the servers. This paper proposes the model and security requirements for DOFE and analyzes three distributed oblivious polynomial evaluation protocols presented in the paper. Keywords oblivious function evaluation - oblivious polynomial evaluation - secure multiparty computation - distributed - information security The research is supported by the National Basic Research 973 Program of China under Grant No. 1999035802 and the National Natural Science Foundation of China under Grant No.60273029.Hong-Da Li was born in 1960. He received the Ph.D. degree from Northwestern Polytechnical University in 2001. His current research interests are cryptology and cryptographic protocol.Xiong Yang received the B.S. degree in mathematics from Yan'an University, China, in 1984. He is an associate professor in College of Economy and Trade at South China University of Tropical Agriculture. His research interest is information security.Deng-Guo Feng was born in 1963. He is now a Ph.D. supervisor. His research interests focus on information security.Bao Li was born in 1965. He received the Ph.D. degree in cryptography in 1995 from Xidian University. His research interests include cryptographic protocols and public key cryptosystems.展开更多
隐私保护集合交集(private set intersection,PSI)计算属于安全多方计算领域的特定应用问题,不仅具有重要的理论意义也具有很强的应用背景,在大数据时代,对该问题的研究更是符合人们日益强烈的在享受各种服务的同时达到隐私保护的需求....隐私保护集合交集(private set intersection,PSI)计算属于安全多方计算领域的特定应用问题,不仅具有重要的理论意义也具有很强的应用背景,在大数据时代,对该问题的研究更是符合人们日益强烈的在享受各种服务的同时达到隐私保护的需求.对安全多方计算基础理论进行了简要介绍,并重点介绍了目前主流的安全多方计算框架下2类PSI研究技术:传统的基于公钥加密机制,混乱电路,不经意传输的PSI协议和新型的云辅助的PSI协议,并对各类协议的过程、适用性、复杂性进行简要分析总结.同时,也对隐私保护集合交集问题的应用场景进行详细说明,进一步体现对该问题的实际研究价值.随着对该问题的不断深入研究,目前已经设计了在半诚实模型下快速完成上亿元素规模的隐私集合求交集协议.展开更多
IETF提出的服务功能链(Service Function Chain,SFC)解决了服务功能在部署过程中网络拓扑与硬件设备紧密耦合、灵活性差等问题,其中,NSH协议用于支持服务功能链的实现.然而,标准的Open Flow协议对NSH协议支持不足、实现过程复杂且实现...IETF提出的服务功能链(Service Function Chain,SFC)解决了服务功能在部署过程中网络拓扑与硬件设备紧密耦合、灵活性差等问题,其中,NSH协议用于支持服务功能链的实现.然而,标准的Open Flow协议对NSH协议支持不足、实现过程复杂且实现后造成兼容性等问题.本文基于软件定义网络(Software Defined Network,SDN)和网络功能虚拟化(Network Function Virtualization,NFV)技术,根据IETF规定的相关标准,提出一种基于协议无感知转发(Protocol Oblivious Forwarding,POF)的服务功能链,利用POF在数据平面深度可编程的能力实现NSH协议.文中基于Flood Light控制器和POF交换机实现了该服务功能链,实验结果表明,基于协议无感知转发的服务功能链可以高效地实现服务功能的部署.展开更多
Source-generated energy in seismic vibrator records high frequency harmonic behavior. Conventional vibrator-earth coupling model was set up on the linear system. Some assumptions in the application of linear theory to...Source-generated energy in seismic vibrator records high frequency harmonic behavior. Conventional vibrator-earth coupling model was set up on the linear system. Some assumptions in the application of linear theory to the vibrator problem play an insignificant role in the overall coupling structure. Obviously, non-linear behaviors can be modeled using a “hard-spring” form of the Duffing equation. Model dedicates that a qualitatively similar harmonic component is present for a broad range of possible mathematical descriptions. After some qualitative analysis about the non-linear system, some conclusion can be drawn. Firstly, The design of the vibrator weight should be abided by two points as followed: In order to avoid decoupling for the vibrator to the earth, the weight should be greater than the peak of the driving force amplitude as to keep the resultant force pointing to the earth’s core. On the other hand, for the limited energy output, the vibrator overweight may damage the system high-frequency ability.Secondly, as the driving force frequency approaching to the ground hard-spring inherent frequency, the energy transmission was found to climb its peak from the system energy absorbed curve. At last, due to the non-linear coupling model system, its load curve would come into unstable frequency range, which might limit the application of the Vibroseis conventional sweeping pattern-linear sweep. A new sweeping pattern was listed: the driving signal was the pseudo-random sequence modulated by a fixed frequency cosine signal satisfying with the exploration precision and absorbing efficiency. The synthesized signal was ready to be realized by the electromagnetic driven system. Even the side-lobes noise of its auto-correlation function was restrained well. The theory coming from the Vibrator-earth coupling model was applied to the design of the Portable High-frequency Vibrator System (PHVS), and the good result was obtained. By the analysis of the vibrator base plate signal, the model was proved to be true. The exploration research on PHVS made a first step on its following optimal design.展开更多
In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or join...In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or joins the group, group center (GC) immediately changes the common encryption key and sends the new key to all valid members for forward and backward secrecy. If valid members are not on-line, they will miss the re-keying messages and will not be able to decrypt any ciphertext. Therefore, group members must be able to store the state of the system. In some applications, like global positioning systems (GPS) or pay-per-view systems, it is not reasonable to ask group members to stay on-line all the time and save the changes to the system. A hierarchical binary tree-based key management scheme are proposed for a secure group communication. This scheme reduces the key storage requirement of GC to a constant size and the group members are not required to be on-line constantly (stateless).展开更多
Pseudo-random sequences with long period, low correlation, high linear complexity, and uniform distribution of bit patterns are widely used in the field of information security and cryptography. This paper proposes an...Pseudo-random sequences with long period, low correlation, high linear complexity, and uniform distribution of bit patterns are widely used in the field of information security and cryptography. This paper proposes an approach for generating a pseudo-random multi-value sequence (including a binary sequence) by utilizing a primitive polynomial, trace function, and k-th power residue symbol over the sub extension field. All our previous sequences are defined over the prime field, whereas, proposed sequence in this paper is defined over the sub extension field. Thus, it’s a new and innovative perception to consider the sub extension field during the sequence generation procedure. By considering the sub extension field, two notable outcomes are: proposed sequence holds higher linear complexity and more uniform distribution of bit patterns compared to our previous work which defined over the prime field. Additionally, other important properties of the proposed multi-value sequence such as period, autocorrelation, and cross-correlation are theoretically shown along with some experimental results.展开更多
Existing works for securing network coding against wiretapping either incur high coding complexity or bring large bandwidth overhead. For exploiting the lightweight security mechanism for resource-constrained networks...Existing works for securing network coding against wiretapping either incur high coding complexity or bring large bandwidth overhead. For exploiting the lightweight security mechanism for resource-constrained networks, an efficient secure coding scheme is proposed in conjunction with the inherent mix- ing characteristic of network coding. The key idea is to minimize the randomizing operations to the entire plaintext data. The pro- posed scheme is shown to have properties of lightweight security complexity and lower communication overhead compared with the existing traditional solutions, and can be easy in implementation and combination with classical cryptography techniques.展开更多
文摘隐私集合求交(Private Set Intersection,PSI)是一种保护数据隐私的集合计算技术,允许互不信任的各方协同计算私有数据的交集,且不透露交集以外的任何信息。PSI技术被广泛研究和应用,主要从提升性能和探索新型应用场景两个方面发力。首先详细梳理两方PSI的研究进展,分析和评估业界先进的算法协议;其次以卫星互联网新型应用场景为例,探索提出高性能两方PSI应用方案,实验测试不同数据类型在多种网络环境下的性能,给出新型场景下的PSI实践范式。最后进行总结与展望,给出了PSI的发展思考与建议。
基金the National Natural Science Foundation of China (Grant No. 61601517)basic and advanced technology research project of Henan Province, China (Grant No. 2014302703)
文摘A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data transformation based on Feistel(abbreviated as FST) and sampling output based on chaos(abbreviated as SMP). FST bases on Feistel structure and several efficient operations including bitwise xor, permutation and circulating shift. SMP is a chaos based pseudo-random sampling algorithm. It is from theoretical analysis that the round function is a pseudo-random function. The upper bounds of the average maximum differential probability and average maximum linear probability are p^2 and q^2 respectively. Finally, the good pseudo-randomness of the round function is examined with the NIST random test. The design of this round function provides an important cryptographic component for the design of chaotic image encryption algorithm.
文摘This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the help of a set of servers. What Alice should do is to share her secret functionf(x) among the servers. Bob obtains what he should get by interacting with the servers. This paper proposes the model and security requirements for DOFE and analyzes three distributed oblivious polynomial evaluation protocols presented in the paper. Keywords oblivious function evaluation - oblivious polynomial evaluation - secure multiparty computation - distributed - information security The research is supported by the National Basic Research 973 Program of China under Grant No. 1999035802 and the National Natural Science Foundation of China under Grant No.60273029.Hong-Da Li was born in 1960. He received the Ph.D. degree from Northwestern Polytechnical University in 2001. His current research interests are cryptology and cryptographic protocol.Xiong Yang received the B.S. degree in mathematics from Yan'an University, China, in 1984. He is an associate professor in College of Economy and Trade at South China University of Tropical Agriculture. His research interest is information security.Deng-Guo Feng was born in 1963. He is now a Ph.D. supervisor. His research interests focus on information security.Bao Li was born in 1965. He received the Ph.D. degree in cryptography in 1995 from Xidian University. His research interests include cryptographic protocols and public key cryptosystems.
文摘不经意传输(OT,oblivious transfer)协议是密码学中的一个基本协议。基于物理不可克隆函数(PUF,physical unclonable function)给出物理不可克隆函数系统(PUFS,physical unclonable function system)的概念,并在此基础上提出一个新的不经意传输协议(POT,PUFS based OT),最后在通用可组合(UC,universal composition)框架内给出POT协议抵抗静态敌手的安全性证明。相比于传统基于公钥加密的OT方案,POT协议不使用任何可计算的假设,而是基于PUFS的安全属性实现,因此在很大程度上减小了计算和通信开销。
文摘隐私保护集合交集(private set intersection,PSI)计算属于安全多方计算领域的特定应用问题,不仅具有重要的理论意义也具有很强的应用背景,在大数据时代,对该问题的研究更是符合人们日益强烈的在享受各种服务的同时达到隐私保护的需求.对安全多方计算基础理论进行了简要介绍,并重点介绍了目前主流的安全多方计算框架下2类PSI研究技术:传统的基于公钥加密机制,混乱电路,不经意传输的PSI协议和新型的云辅助的PSI协议,并对各类协议的过程、适用性、复杂性进行简要分析总结.同时,也对隐私保护集合交集问题的应用场景进行详细说明,进一步体现对该问题的实际研究价值.随着对该问题的不断深入研究,目前已经设计了在半诚实模型下快速完成上亿元素规模的隐私集合求交集协议.
文摘IETF提出的服务功能链(Service Function Chain,SFC)解决了服务功能在部署过程中网络拓扑与硬件设备紧密耦合、灵活性差等问题,其中,NSH协议用于支持服务功能链的实现.然而,标准的Open Flow协议对NSH协议支持不足、实现过程复杂且实现后造成兼容性等问题.本文基于软件定义网络(Software Defined Network,SDN)和网络功能虚拟化(Network Function Virtualization,NFV)技术,根据IETF规定的相关标准,提出一种基于协议无感知转发(Protocol Oblivious Forwarding,POF)的服务功能链,利用POF在数据平面深度可编程的能力实现NSH协议.文中基于Flood Light控制器和POF交换机实现了该服务功能链,实验结果表明,基于协议无感知转发的服务功能链可以高效地实现服务功能的部署.
文摘Source-generated energy in seismic vibrator records high frequency harmonic behavior. Conventional vibrator-earth coupling model was set up on the linear system. Some assumptions in the application of linear theory to the vibrator problem play an insignificant role in the overall coupling structure. Obviously, non-linear behaviors can be modeled using a “hard-spring” form of the Duffing equation. Model dedicates that a qualitatively similar harmonic component is present for a broad range of possible mathematical descriptions. After some qualitative analysis about the non-linear system, some conclusion can be drawn. Firstly, The design of the vibrator weight should be abided by two points as followed: In order to avoid decoupling for the vibrator to the earth, the weight should be greater than the peak of the driving force amplitude as to keep the resultant force pointing to the earth’s core. On the other hand, for the limited energy output, the vibrator overweight may damage the system high-frequency ability.Secondly, as the driving force frequency approaching to the ground hard-spring inherent frequency, the energy transmission was found to climb its peak from the system energy absorbed curve. At last, due to the non-linear coupling model system, its load curve would come into unstable frequency range, which might limit the application of the Vibroseis conventional sweeping pattern-linear sweep. A new sweeping pattern was listed: the driving signal was the pseudo-random sequence modulated by a fixed frequency cosine signal satisfying with the exploration precision and absorbing efficiency. The synthesized signal was ready to be realized by the electromagnetic driven system. Even the side-lobes noise of its auto-correlation function was restrained well. The theory coming from the Vibrator-earth coupling model was applied to the design of the Portable High-frequency Vibrator System (PHVS), and the good result was obtained. By the analysis of the vibrator base plate signal, the model was proved to be true. The exploration research on PHVS made a first step on its following optimal design.
文摘In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or joins the group, group center (GC) immediately changes the common encryption key and sends the new key to all valid members for forward and backward secrecy. If valid members are not on-line, they will miss the re-keying messages and will not be able to decrypt any ciphertext. Therefore, group members must be able to store the state of the system. In some applications, like global positioning systems (GPS) or pay-per-view systems, it is not reasonable to ask group members to stay on-line all the time and save the changes to the system. A hierarchical binary tree-based key management scheme are proposed for a secure group communication. This scheme reduces the key storage requirement of GC to a constant size and the group members are not required to be on-line constantly (stateless).
文摘Pseudo-random sequences with long period, low correlation, high linear complexity, and uniform distribution of bit patterns are widely used in the field of information security and cryptography. This paper proposes an approach for generating a pseudo-random multi-value sequence (including a binary sequence) by utilizing a primitive polynomial, trace function, and k-th power residue symbol over the sub extension field. All our previous sequences are defined over the prime field, whereas, proposed sequence in this paper is defined over the sub extension field. Thus, it’s a new and innovative perception to consider the sub extension field during the sequence generation procedure. By considering the sub extension field, two notable outcomes are: proposed sequence holds higher linear complexity and more uniform distribution of bit patterns compared to our previous work which defined over the prime field. Additionally, other important properties of the proposed multi-value sequence such as period, autocorrelation, and cross-correlation are theoretically shown along with some experimental results.
基金Supported by the National Natural Science Foundation of China(11371290,61301178)the Science and Technology Innovation Foundation of Xi'an(CXY1352WL28,CXY1352WL27)
文摘Existing works for securing network coding against wiretapping either incur high coding complexity or bring large bandwidth overhead. For exploiting the lightweight security mechanism for resource-constrained networks, an efficient secure coding scheme is proposed in conjunction with the inherent mix- ing characteristic of network coding. The key idea is to minimize the randomizing operations to the entire plaintext data. The pro- posed scheme is shown to have properties of lightweight security complexity and lower communication overhead compared with the existing traditional solutions, and can be easy in implementation and combination with classical cryptography techniques.
