安全密钥与秘密属性之间关系的研究

在Strand空间中引入理想的概念 ,可以简化安全协议的证明过程 .此外 ,在Strand空间中引入安全密钥的定义 ,可以作为对协议密钥设计要求的描述 .相关文献只给出了理想结构的大致轮廓 ,论文引入新的符号以给出理想结构的内部细节 .在此基础上 ,借助理想的概念重新描述了安全密钥的设计要求 .针对具有密钥分发功能的安全协议的秘密属性 ,相关文献借助理想概念给出的证明过程缺乏直观性 .论文证明 :协议实现其秘密属性的结论等价于协议对于密钥的使用符合安全密钥的设计要求的结论 .这不仅为利用理想概念证明协议秘密属性的抽象过程提供了直观解释 ,也为证明安全协议的秘密属性提供了一个新的思路     

A Security-Improved Scheme for Virtual TPM Based on KVM

Virtual trusted platform module(vTPM) is an important part in building trusted cloud environment. Aiming at the remediation of lack of effective security assurances of vTPM instances in the existing virtual TPM architecture, this paper presents a security-improved scheme for virtual TPM based on kernel-based virtual machine(KVM). By realizing the TPM 2.0 specification in hardware and software, we add protection for vTPM's secrets using the asymmetric encryption algorithm of TPM. This scheme supports the safety migration of a TPM key during VM-vTPM migration and the security association for different virtual machines(VMs) with vTPM instances. We implement a virtual trusted platform with higher security based on KVM virtual infrastructure. The experiments show that the proposed scheme can enhance the security of virtual trusted platform and has fewer additional performance loss for the VM migration with vTPM.     

An Efficient Key Management Protocol for Wireless Sensor Networks

Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy（LEACH） for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.     

Implementation of a TPM-based security enhanced browser password manager

In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module(TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.     

基于直接匿名证言的可信平台身份证明协议的设计

直接匿名证言(DAA)既解决了隐私CA的瓶颈问题,又实现对TPM的认证和匿名,是当前可信计算平台身份证明最好的理论解决方案之一,TCG在TPMv1.2中将其作为解决平台身份证明问题的标准.但该标准中仅仅重点描述了DAA实现认证和匿名的原理、复杂运算和关键步骤,并没有给出具体和完整的协议流程.基于DAA基本原理设计了可信平台身份证明的安全协议:AI-DAA.该协议不仅能够实现可信平台身份认证和隐私保护,而且还能保证协议实体之间的双向身份认证和信息传输的机密性.协议安全性分析表明,AI-DAA不仅能防止消息重放攻击,而且还能抵御中间人攻击.     

单窃听双跳协作网络的中继选择方案及其性能分析

研究了安全通信意义下,单向译码转发（decode-and-forward,DF）协作无线网络的中继选择问题。针对窃听者既能获得信源发出的信号,又能窃取中继节点转发数据的通信系统,提出了3种中继选择方案来对抗窃听者,增强系统物理层安全性。其中,方案一选择到窃听者信噪比（signal-to-noise ratio,SNR）最小的中继节点;方案二为最大最小（max-min）选择方案,即选择信源到中继节点和中继节点到信宿的较差信噪比中最大值所对应的中继节点;方案三根据窃听信道和主信道的瞬时信道状态信息（channel state information,CSI）选择使得窃听网络有最大保密容量的中继节点。在对各方案的性能分析过程中,得到了各中继选择方案拦截概率的闭式表示,进一步对拦截概率作渐近分析,获得了各中继选择方案的分集阶数。具体地,方案一的分集阶数为1,另外2个中继选择方案的分集阶数均为中继节点个数M。数值结果验证了理论分析得到的结论。     

基于格的两方口令认证密钥交换协议

口令认证密钥交换协议能使共享低熵的通信方在开放的网络中建立安全的会话密钥,基于Gorce-Katz框架提出了基于格的两方口令认证密钥交换(password-based authenticated key exchange,2PAKE)协议,协议采用具有近似平滑投射哈希函数(approximate smooth projective Hash,ASPH)性质的选择明文攻击(chosen plaintext attack, CPA)安全的和带有标签的选择密文攻击(chosen ciphertext attack, CCA)安全的密码体制,利用平滑投射函数的纠错性生成随机参数,通过伪随机函数计算会话密钥;与同类协议相比,该方案降低客户端密钥长度,减少服务器端投射密钥的生成次数,具有较高的效率以及完美前向安全性,在抵抗量子攻击的同时可实现显式双向认证。     

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.     

Security and privacy issues in electronic health network

Electronic health network(EHN) is an information system providing functions involved in e-health. In this paper, we devise mechanisms covering three important security and privacy issues of EHN including trust management, privacy preserving, and data sharing. First, we propose an authenticated key agreement scheme based on hierarchical identity-based signature(HIBS). We abstract a hierarchical architecture from the social network architecture of EHN. To support large-scale scenarios, we introduce a virtual signature generation phase into traditional HIBS, thus our scheme will be efficient even the depth is quite big. Second, we propose a fast data searching scheme based on symmetric searchable encryption(SSE). To improve the searching efficiency, we introduce a two-level cache structure into the traditional SSE. Third, we propose an access control scheme based on hierarchical identitybased encryption(HIBE). To make it a fine-grained scheme, we organize the data owner’s file in hierarchy and introduce a virtual key generation phase to traditional HIBE. Also, the scheme can provide delegation and revocation functions easily. Besides, our schemes guarantee known-key secrecy, forward secrecy, and antidirection secrecy and possess the resistance capability to collude-attack. Evaluation results show that our scheme indeed achieves the security and efficiency.     

可支持属性撤销的基于 CP-ABE 可搜索加密方案

针对目前基于属性的可搜索加密方案存在密钥泄露以及不支持属性撤销的问题,提出了一种云环境下,安全高效、可支持属性撤销的基于 CP-ABE （ciphertext-policy attribute based encryption）的可搜索加密方案。该方案不仅可支持细粒度的访问控制,具有较高的计算效率,且用户密钥使用随机值盲化后提交服务器,保证了用户密钥的保密性和安全性。该方案支持用户属性的撤销,并在属性撤销过程中,将密文更新的大部分工作转移给云服务提供商完成,方案在保证安全性的前提下,进一步降低了用户的计算代价。方案的安全性基于 DL（decisional linear）假设,在通用模型下具有选择明文攻击安全,抗合谋攻击,前向安全和后向安全。     

A New Approach of TPM Construction Based on J2810

Trusted platform model （TPM） is special-purpose integrated circuits （ICs） built into a variety of platforms to enable strong user authentication and machine attestation-essential to prevent inappropriate access to confidential and sensitive information and to protect against compromised networks. Existing TPM products have some limitations. This paper adopts J2810TPM Single Chip cryptogram MCU produced by Jetway Company to construct typical TPM after comparing existing TPM products. Finally, an improved construction approach of TPM based on J2810 is proposed.     

基于串空间的Kao Chow加密协议形式化验证

Kao Chow加密协议是由Kao和Chow提出的,他们利用BAN逻辑证明了该协议的认证性,但没有证明该协议的保密性,而且没有说明协议参与实体间得到的新会话密钥是否一致.事实上,由于BAN逻辑自身的缺陷,它无法用于证明加密协议的保密性.基于此,给出了Kao Chow加密协议的串空间模型,这个模型不仅验证了该协议的认证性,还验证了它的保密性及新会话密钥的一致性.     

一种高连通率的传感器网络密钥预分配方法

密钥管理是无线传感器网络安全的基础,其中密钥预分配是可行性比较高的密钥管理方法,节点之间的共享密钥的概率一直是密钥预分配中比较重要的性能指标,可是现有的无线传感器网络密钥预分配方案大多存在节点间密钥共享概率低或者共享概率不稳定的问题.结合Blom对称多项式,通过改进TD方法,提出了一种改进的密钥预分配方法,该方法能够实现稳定的节点间高密钥共享概率,从而保证了无线传感器网络的安全连通,此外该方法还具有灵活易变的特性,可以改变传感器分组数目以及传感器存储的密钥个数,满足实际需求.     

The theory and practice in the evolution of trusted computing

Trusted computing （TC） is an emerging tech- nology to enhance the security of various computing plat- forms by a dedicated secure chip （TPM/TCM）, which is widely accepted by both the industrial and academic world. This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work. In theory, we focus on protocol design and security analysis. We have proposed the first ECDAA protocol scheme based on q-SDH assumption, which highlights a new way to design direct anonymous attestation scheme. In technical evolu- tion, we discuss the key technologies of trust chain, trusted network connection and TC testing and evaluation. We break through several key technologies such as trusted boot, OS measurement and remote attestation, and imple- ment a TC system from TPM/TCM to network. We also design and implement a testing and evaluation system of TC platform, which is the first one put into practical application in China. Finally, with the rapid development of cloud computing and mobile applications, TC is moving toward some new directions, such as the trust in cloud and mobile environments, new TPM standard, and flexible trust execution environment trust establishment method.     

动态分布式层次密钥管理

层次秘密通信在电子商务与电子政务以及其他的具有层次结构的系统中有广泛的应用,本文通过利用单向散列函数的不可逆计算的特性,设计了一个单向的等级加密体制的密钥管理方案,上级组结点可以安全容易的获取下级组结点的密钥,反之不然.并且在方案中实现安全组的动态添加、删除及更新组结点密钥.本方案计算量小、存贮要求低,并且可以实现分布式并行化计算.     

基于椭圆曲线的多服务组播接入控制方案

以多服务组播为研究背景,研究组播的层次接入控制技术．首先,描述了多服务组播通用的业务模型,并提出一种基于多维层次树的组密钥管理模型,将不同服务子组有机地集成在一起,以实现对多种组播业务的统一管理．其次,提出一种椭圆曲线的组密钥机制,证明了组密钥机制的安全性．最后实现基于椭圆曲线的多维层次树密钥管理算法．安全性分析证明算法能保证组播系统的安全．效率分析和实验结果表明：与已有方案相比,算法的时间效率和带宽效率提高2～3倍,具有较好的健壮性和可扩展性．     

一种适用于Ad hoc网络的轻量级密钥交换协议

通过对Ad hoc网络安全性特殊需求的分析,提出适合其特点的轻量级节点间密钥交换协议. 协议使用一种新的基于ID的身份认证机制相互验证身份;使用改进的Blom机制生成加密密钥和认证密钥,分别用于数据私密性保护和报文完整性检查. 为了防止敌方捕获密钥,提出基于节点间数据流的密钥更新机制. 针对节点撤销,给予相应的解决方案. 从不同的角度对协议进行安全性分析,通过和其他实现方法比较,在性能方面证明其高效性.     

异构分组无线传感器网络密钥管理机制

针对异构分组无线传感器网络结构和应用特点,在加密通信中使用组密钥和对密钥.组密钥使用基于双向散列链自愈组密钥分发方法按会话进行更新.网络中有直接通信需求的节点间都以双线性对方式建立对密钥.对密钥与组密钥相结合,以非交互方式按会话进行更新.分析表明：方案支持节点插入和撤销,安全高效,资源开销合理,适用于无线传感器集中式管理网络.     

Rijndael密钥生成算法存在的问题与改进

基于Serpent密钥生成算法, 提出一种改进的Rijndael密钥生成算法. 在改进过程中, 采用由连续两轮密钥生成下一轮密钥的方法, 使得Rijndael密钥生成算法在密钥生成过程中同样具有不可推导的特点, 从而提高了原有算法在密钥生成方面的安全性.     

Web服务消息安全的研究和模型实现

在.NET平台的基础上,对增强Web服务器的安全性进行了研究并给出了实现方法.利用WSE安全工具在.NET平台上实现基于WS-Security规范的消息及Web服务安全性模型,给出了对SOAP消息进行身份验证、数字签名、加解密和授权的方法,从而解决了服务请求者和服务提供者之间端到端的SOAP消息安全问题,确保了消息的机密性、完整性、不可否认性、身份验证和授权.