基于可信计算的群内安全信息共享混合模型

针对广受关注的秘密信息的安全共享问题,提出一种基于可信计算的群内安全信息共享混合模型.基于分裂密钥RSA(split-key RSA)算法,综合超级分发和微分发的优点,提出一种新的混合架构,在不影响安全性的情况下,对密钥进行了统一的分割,将控制中心端的密钥参数缩短为32bit,并且不随RSA的强度而变化,使得控制中心端的在线计算量显著降低,RSA2048模式下降低为原来的1.6%.原型系统验证对比测试结果表明,系统的运行效率有了较大提高,RSA2048模式下系统的读请求响应时间降低到原来的5%以下.     

Windows 2003中基于WEB的信息安全通道的构建

介绍了如何在Windows 2003 Server上用IIS服务器建立基于SSL的信息安全通道的全部过程,其中包括对DNS,Active Directory以及CA服务的配置,WEB服务器端证书和客户端证书的申请、安装以及配置,证书链的获取与安装等内容,简述了基于SSL的信息安全通道的原理及应用,阐明了为什么要使用信息安全通道来传输信息,并且提出了IIS服务器上高于128位加密的实验性方案。     

法律智能合约平台模型的研究与设计

现有的智能合约技术本质上只是一段链上代码,而真正的智能合约应是法律合约的数字化,可以实现合约条款的自动执行.为此,介绍了法律智能合约的重要科技,包括法律考量、预言机、事件模型等基础设施,在分析相关机构工作的基础上提出了法律智能合约的5个标准开发步骤,通过对法律流程标准的研究提出了设计智能合约模版的方法.为解决智能合约模...     

时间反演联合接收端人工噪声的安全传输方案

针对时间反演(time reversal, TR)技术无法较好地解决聚焦区内非法用户窃听的问题,提出了一种TR技术联合接收端人工噪声的物理层安全传输方案。首先,利用时间反演技术的空时聚焦性提高合法用户接收端的信噪比(signal to noise ratio, SNR)。其次,通过在接收端加入人工噪声来干扰非法用户对合法用户保密信息的窃听,以聚焦区内外系统安全性能为基础,推导出保密信干噪比(signal to interference plus noise ratio, SINR)、可达保密速率和误码率(bit error rate, BER)的解析表达式。最后,通过仿真分析证明了所提方案能提高系统的SINR和可达保密速率,同时还能降低合法用户的BER,使系统拥有更好的安全性能。     

基于自适应控制的超混沌同步及其仿真

通过对参数不匹配、结构不同等情况下Chen氏超混沌系统与Lü氏超混沌系统的异结构同步问题,提出了一种基于自适应控制的超混沌系统同步改进方法;并用双通道实现超混沌同步保密通信:一个通道传送超混沌系统的输出信号实现高精度同步,另一个通道传送用超混沌信号调制的信息信号.该方案利用超混沌信号进行数字信号保密传输,保密性更强;并且仅传输两路超混沌信号即可实现混沌同步和信号调制解调,信道利用率高;同时,自适应控制器设计简单,具有很强的工程应用前景.     

适用于数字对象的保密比较协议

分析了现有保密比较协议无法使用于不确定数字对象比较的原因,用随机构造单向散列函数的方法设计了对不确定具体范围的数字对象进行比较的一种多方保密计算方案,协议能以零泄漏的方式快速比较两个数字对象是否相同.用广泛接受的模拟范例证明了方案的保密性.     

Secure multi-party computation solution to Yao''s millionaires'' problem based on set-inclusion

Secure multi-party computation is a focus of international cryptography in recent years. Protocols for Yao's millionaires' problem have become an important building block of many secure multi-party computation protocols. Their efficiency are crucial to the efficiency of many secure multi-party computation protocols. Unfortunately, known protocols for Yao's millionaires' problem have high computational complexity or communication complexity. In this study, based on the 1-out-of-m oblivious transfer and set-inclusion problem, we propose a new protocol to solve this problem. This new protocol is very efficient in terms of both computational and communication complexities. Its privacy-preserving property is also proved by simulation paradigm which is generally accepted in the study of secure multi-party computation. We also compare the information leakage of our new protocol and the known protocols.     

基于G.729A和AES的分组语音保密通信

AES分组密码由多轮迭代的轮函数构成，对轮函数包括的4个面向字节的变换：字节变换、行移位、列混合和加载子密钥作简要介绍和分析；并简要描述了G．729A的编码、解码器的工作流程和参数结构．由于AES标准仅支持128bit的分组加密，而G．729A语音编码帧的大小为80bit，所以不能直接应用AES来加密G．729A的编码语音来实现语音保密通信，在不损害AES的安全强度下，提出两个适用于加密G．729A编码语音帧的AES修正方案：AES160和AES80，根据分组密码的随机性测试、明密独立性测试、雪崩效应测试分析AES160和AES80密码统计性能，测试结果表明AES160和AES80都有优秀的密码学统计性能，最后利用随机误码，分析基于G．729A和AES的语音保密通信系统的抗误码性能，结果表明AES160和AES80适用于加密G．729A的语音编码帧，并保留了AES的密码安全性能。     

A Micro-Payment Based Isolation of Misbehavior Secure Routing for Sensor Network

In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routing discovery and malicious nodes detection. The micro-payment scheme proposed in MIM is the first virtual currency system that can be suit for sensor network environment. Based on thc micro-payment scheme, we device an energy aware routing protocol, which forwards packets by auction. Furthermore, the base station can detect and isolate misbehave or non cooperate nodes according to the routing information.     

An Authentication Method of Distinguishing Proxy＇s Secure Accident Responsibility

The publish/subscribe （pub/sub） paradigm has asynchronous, loosely-coupled and many-to-many communication properties and is widely used in the application of large-scale distributed computing environment. There is the problem that is mutual trustable between network proxies in terms of pub/sub systems and the problem which is hardly to distinguish accident responsibility while the accident happens in Kerberos based on symmetrical encryption algorithm. A proxy identity authentication algorithm based on RSA encryption is proposed to solve the problem of mutual trust between proxies, and the security of the messages is guaranteed through certificate delegation. The algorithm can distinguish accident responsibility. The feasibility analysis, security analysis and efficiency analysis of the algorithm are carried out.