检索结果-内蒙古大学图书馆

16th International Workshop on Post-Quantum Cryptography, PQCrypto 2025

作者： Zhang, Mengyuan Wu, Wenling Sui, Han Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences Beijing China University of Chinese Academy of Sciences Beijing China

ISBN: (纸本)9783031866012

Indistinguishability under chosen plaintext attack (IND-CPA) is a crucial security notion for assessing the confidentiality of encryption algorithms. Unlike in the classical scenario, this notion is more diverse in the quantum realm, giving rise to several variants. Carstens et al. (TCC’21) have studied the relationships between various quantum IND-CPA notions, revealed the close correlation between the quantum security of cryptographic primitives and the query model employed. In this paper, we focus on the quantum IND-CPA security of authenticated encryption with associated data (AEAD). AEADs provide confidentiality and integrity for both the message and associated data (AD). However, we find that the presence of AD invalidates the quantum query models introduced in prior works. To address this issue, we introduce a new quantum query model tailored for AEAD. Based on this model, we provide a comprehensive analysis of the relationships, including implications and non-implications, between different quantum IND-CPA security notions when the target algorithm is an AEAD scheme. In addition, we explore the connection between the quantum implementation of encryption primitives and their post-quantum security. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

关键词： Quantum cryptography

来源：评论

学校读者我要写书评

暂无评论

A distributed machine learning dynamic remote proof scheme that resists collusion attacks 4

A distributed machine learning dynamic remote proof scheme t...

引用

4th International Conference on Network Communication and information Security, ICNCIS 2024

作者： Wang, Ke Wu, Qiuxin Qin, Yu School of Applied Science Beijing Information Science and Technology University Beijing100192 China Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Science Beijing100190 China

ISBN: (数字)9781510688261

ISBN: (纸本)9781510688254

Based on the security of distributed machine learning data and model based on remote proof, a cross-domain dynamic remote proof scheme based on ring signature improves the efficiency of computer cluster proof, the application of dynamic signature, realizes the real-time measurement of the confidence of computer cluster, and strengthens the real-time protection of data and model. Computers with different security domain may adopt different remote proof mechanism, and convert the proof information of different proof methods into unified proof information, thus realizes the cross-domain dynamic remote proof between computer clusters. Noise is added when the cloud server distributes data to a distributed computer cluster. Due to the particularity of distributed architecture and the unsolution of indefinite equations, the enemy cannot conspire with one or more computers to steal data or the model parameters trained by endpoints. Finally, the safety of this method is verified through safety analysis and experimental analysis, and the computational overhead required in the proof process is reduced compared with other methods. © 2025 SPIE.

关键词： Authentication

来源：评论

学校读者我要写书评

暂无评论

Statically-Directed Dynamic Taint Analysis

引用

Chinese Journal of Electronics 2025年第1期23卷 18-24页

作者： Kai Chen Yingjun Zhang State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences Beijing China Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences Beijing China

Taint analysis is a popular method in software analysis field including vulnerability/malware analysis. By identifying taint source and making suitable taint propagation rules, we could directly know whether variables in software have any relationship with input data. Static taint analysis method is efficient, but it is imprecise since runtime information is lacked. Dynamic taint analysis method usually instruments every instruction in software to catch the taint propagation process. However, this is inefficient since it usually takes lots of time for context switches between original code and instrumenting code. In this paper, we propose a statically-directed dynamic taint analysis method to increase the efficiency of taint analysis process without any loss of accuracy. In this way, there is no need to instrument every instruction. Several experiments are made on our prototype SDTaint and the results show that our method is several times more efficient than traditional dynamic taint analysis method.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Improved Differential and Linear Active S-Boxes Search Techniques for Feistel Type Ciphers

引用

Chinese Journal of Electronics 2015年第2期24卷 343-348页

作者： ZHANG Lei WU Wenling Trusted Computing and Information Assurance Laboratory Institute of Software State Key Laboratory of Computer Science Institute of Software

We propose improved differential and linear active S-boxes search techniques for Feistel type ciphers. We give a uniform representation of Feistel type structures which can benefit the analysis of differential propagation. By analyzing the properties of Feistel type environment, we present some important observations of differential propagation and propose a notion of equivalent state set which can narrow down the search space noticeably. We present a practical algorithm to improve the search of active S-boxes for Feistel type ciphers. It is basically a Viterbi search operating on equivalent state set and also adopts the pruning mechanism. Our experimental results show that the improved algorithm have advantages in respect to memory and time complexities, and it can be applied efficiently to Feistel cipher with large blocks. The search program can be implemented in normal PC, which will be more practical and useful for the designers and cryptanalysts.

关键词： Block cipher Feistel type ciphers Differential and linear active S-boxes Automatic search technique

来源：评论

学校读者我要写书评

暂无评论

Trajectory-user linking via supervised encoding

Security and Safety

引用

Security and Safety 2025年第1期 10-27页

作者： Chengrui Hu Zheng Li Siyuan Wu Bowen Shu Min Zhang Hao Li Trusted Computing and Information Assurance Laboratory Institute of SoftwareChinese Academy of Sciences CISPA Helmholtz Center for Information Security

With the explosive growth of Location-Based Services(LBS),a substantial amount of geolocation data,containing end-user private information,is amassed,posing severe privacy ***-User Linking(TUL) is a trajectory mining task aimed at linking trajectories to their *** research has introduced deep learning-based TUL ***,these models face challenges related to limited data quality and inadequate extraction of bidirectional and multi-topic semantic information from *** this study,we propose Trajectory-User Linking via Supervised Encoding(TULSE),centered on supervised encoding of location points and trajectories to address the TUL ***,TULSE extracts spatial and temporal information from location points through a novel method named Supervised Spatiotemporal ***,TULSE employs a BiLSTM with multi-head attention to capture bidirectional and multi-topic semantics from ***,recognizing the limitations of current evaluation metrics,we introduce a novel metric named Hierarchical Privacy Loss(HPL).HPL offers a more detailed assessment of TUL solutions by statistically analyzing the distribution of prediction accuracy among *** conduct extensive experiments on two benchmark datasets,and empirical results show that TULSE outperforms existing TUL methods.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Fault Analysis on a New Block Cipher DBlock with at Most Two Fault Injections

引用

Chinese Journal of Electronics 2018年第6期27卷 1277-1282页

作者： FENG Jingyi CHEN Hua GAO Si CAO Weiqiong FAN Limin ZHU Shaofeng Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences University of Chinese Academy of Sciences

DBlock is a new family of block ciphers proposed by Wu et al. in Science China in 2015, which consists of three variants specified as DBlock-128/192/***-n employs a 20-round Feistel-type structure with n-bit block size and n-bit key size. We propose the first fault analysis on DBlock and show that no more than 2 pairs of correct/faulty ciphertexts are needed to retrieve the master key. In the attack, a byte-oriented fault is injected in round 16, and three properties including differential distribution of the Sbox, bijection nature of the linear function and Feistel-type key scheduling are fully utilized to distinguish between the correct and wrong keys. A fault position guessing strategy based on known intermediates is adopted, which efficiently makes the known-fault attack apply to the random fault model. The experimental results show that, with a pair of ciphertexts, 11.820-bit exhaustive search is needed to derive the whole 128-bit key on average. With 2 pairs of ciphertexts, the unique key can be determined within 6.5 minutes.

关键词： Fault analysis Random fault model Block cipher DBlock

来源：评论

学校读者我要写书评

暂无评论

Formal analysis of TPM2.0 key management APIs

引用

Chinese Science Bulletin 2014年第32期59卷 4210-4224页

作者： Qianying Zhang Shijun Zhao Yu Qin Dengguo Feng Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences

The trusted platform module(TPM),a system component implemented on physical resources,is designed to enable computers to achieve a higher level of security than the security level that it is possible to achieve by software *** this reason,the TPM provides a way to store cryptographic keys and other sensitive data in its memory,which is shielded from access by any entity other than the *** who want to use those keys and data to achieve some security goals are restricted to interact with the TPM through its APIs defined in the TPM ***,whether the TPM can provide Protected Capabilities it claimed depends to a large extent on the security of its *** this paper,we devise a formal model,which is accessible to a fully mechanized analysis,for the key management APIs in the TPM2.0 *** identify and formalize security properties of these APIs in our model and then successfully use the automated prover Tamarin to obtain the first mechanized analysis of *** analysis shows that the key management subset of TPM APIs preserves the secrecy of non-duplicable keys for unbounded numbers of fresh keys and *** analysis also reports that the key duplication mechanism,used to duplicate a key between two hierarchies,is vulnerable to impersonation attacks,which enable an adversary to recover the duplicated key of the originating hierarchy or import his own key into the destination *** at avoiding these vulnerabilities,we proposean approach,which restricts the originating and destination TPMs to authenticate each other’s identity during *** we formally demonstrate that our approach maintains the secrecy of duplicable keys when they are duplicated.

关键词：密钥管理 API 形式分析自动校准装置 TPM 安全级别物理资源敏感数据

来源：评论

学校读者我要写书评

暂无评论

Diffusion and Security Evaluation of Feistel-PG

引用

Chinese Journal of Electronics 2017年第4期26卷 734-739页

作者： WANG Yanfeng WU Wenling ZHANG Lei Trusted Computing and Information Assurance Laboratory Institute of Software Graduate University of Chinese Academy of Sciences State Key Laboratory of Computer Science Institute of Software

Feistel-PG structure is a new specific Generalized Feistel structure(GFS) adopted in DBlock and LHash. Its main feature is adding a sbox-size permutation before the round function. Different choices of the permutation may affect the security property of ciphers with Feistel-PG structure but how it effects is not clear. We evaluate the values of diffusion round for all possible parameters and summarize the characteristics of optimum shuffles. The results show that one special kind of FeistelPG achieves full diffusion in less cost than the improved GFS. This advantage may attract the designers’ interests and this kind of Feistel-PG ciphers are suggested to designers. We also evaluate the security of suggested ciphers against various byte-oriented attacks, including differential cryptanalysis, linear cryptanalysis, impossible differential attack and integral attack. Some permutations with optimum diffusion but relatively weaker security are filtered out and these permutations should be avoided by designers.

关键词： Block cipher Diffusion Cryptanalysis GFS Feistel-PG

来源：评论

学校读者我要写书评

暂无评论

Free-space Continuous-variable Quantum Secret Sharing

arXiv

引用

arXiv 2025年

作者： Yang, Fangli Chang, Liang Qiu, Daowen Pan, Minghua Xiong, Wanjun Guangxi Key Laboratory of Trusted Software Guilin University of Electronic Technology Guilin541004 China Institute of Quantum Computing and Software School of Computer Science and Engineering Sun Yat-sen University Guangzhou510006 China Guangxi Key Laboratory of Cryptography and Information Security Guilin University of Electronic Technology Guilin541004 China

Free-space quantum cryptography has the potential to enable global quantum communication. However, most existing continuous-variable quantum secret sharing (CV-QSS) schemes rely on fiber channels. In this paper, we present a CV-QSS protocol designed for free-space transmission and construct models of crucial parameters, including channel transmittance, excess noise, and interruption probability, thus deriving the bound of the secret key rate. In particular, we provide a multi-source excess noise model for free-space CV-QSS based on the local local oscillator (LLO) scheme and a straightforward optimization of the noise. Furthermore, our research considers the impact of atmospheric turbulence on the protocol. Simulation results demonstrate that the intensification of atmospheric turbulence adversely affects the aforementioned crucial parameters, leading to a significant reduction in the key rate. However, our protocol shows its capability to securely share secrets over a distance of exceeding 60 km among five participants in the presence of turbulence with Cn2 = 1 × 10−15m−2/3, while maintaining a high key rate of approximately 0.55 bit/pulse over a distance of 10 km across twenty participants. These findings suggest that efficient CV-QSS in free space is indeed achievable. This research may serve as a reference for the design and optimization of the practical CV-QSS system. Copyright © 2025, The Authors. All rights reserved.

关键词： Atmospheric turbulence

来源：评论

学校读者我要写书评

暂无评论

Universally composable anonymous password authenticated key exchange

引用

Science China(information Sciences) 2017年第5期60卷 153-168页

作者： Xuexian HU Jiang ZHANG Zhenfeng ZHANG Jing XU Trusted Computing and Information Assurance Laboratory Institute of SoftwareChinese Academy of Sciences State Key Laboratory of Mathematical Engineering and Advanced Computing Science and Technology on Information Assurance Laboratory State Key Laboratory of Cryptology

Anonymous password authenticated key exchange(APAKE) is an important cryptographic primitive, through which a client holding a password can establish a session key with a server both authentically and anonymously. Although the server is guaranteed that the client in communication is from a pre-determined group, but the client’s actual identity is protected. Because of their convenience, APAKE protocols have been widely studied and applied to the privacy protection research. However, all existing APAKE protocols are handled in stand-alone models and do not adequately settle the problem of protocol composition, which is a practical issue for protocol implementation. In this paper, we overcome this issue by formulating and realizing an ideal functionality for APAKE within the well-known universal composability(UC) framework, which thus guarantees security under the protocol composition operations. Our formulation captures the essential security requirements of APAKE such as off-line dictionary attack resistance, client anonymity and explicit mutual authentication. Moreover, it addresses the arbitrary probabilistic distribution of passwords. The construction of our protocol, which utilizes SPHF-friendly commitments and CCA2-secure encryption schemes, can be instantiated and proven secure in the standard model, i.e., without random oracle heuristics.

关键词： anonymous password authentication key exchange universal composability provable security standard model

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：