【摘 要】
:
Identity based key agreement protocol affords a natural way to authenticate the participants in a key agreement protocol.However,most existing work cannot work in the multiple PKG environment where PK
【出 处】
:
第八届中国可信计算与信息安全学术会议
论文部分内容阅读
Identity based key agreement protocol affords a natural way to authenticate the participants in a key agreement protocol.However,most existing work cannot work in the multiple PKG environment where PKGs have both different secret master keys and different public parameters.In addition,they cannot securely support the public computation,which enables some of the time-consuming calculation to be submitted to public computing resources.In this paper,we propose a new extensible and efficient identity based key agreement protocol E2IBK.Its private key extraction method comes directly from a typical IBE (Identity Based Encryption) scheme,making it have a common and firm security basis.Through combining two participants values with different items of a proper bilinear pairing,E2IBK can be used with PKGs having both different secret master keys and different public parameters.Moreover,it supports public computation to greatly reduce the user terminals cost on computing the session key.Through theoretical analysis,we demonstrate that E2IBK has all the security properties needed by a key agreement protocol,and prove that its extensibility and efficiency outperform existing identity based key agreement protocols.
其他文献
云存储为用户提供了方便的在线数据存储服务.但是,云存储服务商并不能完全保障用户隐私数据的安全.目前针对云存储用户隐私数据的保护又缺乏对密钥的保护,本文提出一种基于可信模块的云存储用户密钥管理机制,通过引入可信硬件模块,基于无证书密码学基本原理生成和存储用户密钥信息,建立安全高效的密钥备份和恢复机制,同时,采用数据分割理论提高基于可信硬件模块密钥管理的数据保护效率.文章描述了基于可信模块的密钥管理机
提出一种适用于虚拟化环境的进程隔离方法.该方法引入安全域的概念,将进程及其依赖的环境作为整体,构成进程隔离的基本单元,通过建立安全域之间的依赖关系和安全域之间信息的交换规则,确保进程初始安全和运行过程中的隔离性.文章给出了安全域的相关概念和形式化描述,以及安全域之间信息流交换和依赖关系的相关证明.最后,以Xen虚拟化系统为例,给出了虚拟化环境下该保护方法的实现和结果分析.
在原有偏序马尔可夫JPEG通用隐写分析模型的基础上,提出一种改进的基于相邻系数关系对的统计分析模型.本文综合了系数间相关性较强的两个方向的统计值,采用像素裁剪重压缩进行图像校准,把待测图像与校准图像的统计概率之差作为特征.对三种代表性的DCT域隐写方法F5、MBl、Steghide进行隐写分析测试,实验结果表明:改进后的特征比原模型特征更有效,针对这三种隐写算法的检测效果,本文特征优于现有的单一模
随着移动云存储、电子商务等新型网络应用的出现,移动办公模式越来越多的被企业采用.无线局域网是移动办公网络的重要组成部分.但因其缺乏平台完整性验证机制及有效的域间访问控制机制,致其难以安全高效的支持更多新业务的应用及推广.本文提出一种新型企业WLAN访问控制方案,结合可信平台模块及属性基访问控制思想,将信任链扩展至WLAN域间,并在域间切换过程实现基于用户属性的细粒度访问控制,确保企业网络安全、可信
针对当前云计算基础设施服务资源访问越权问题,本文提出了一种基于任务和角色面向服务的访问控制(TRSAC)策略.该策略首先基于服务实例对工作流进行分解,细化授权对象的范围;然后结合角色信任规则计算交互实体的信任程度,动态授予角色权限;最后综合任务节点服务需求和访问角色安全等级,求解服务实体的最小授权单元,实现面向云计算IaaS层的访问控制策略.理论分析与实验结果表明,该方法虽少量增加了实时评估主客体
Chum refers the continuous process of node arrival and departure in distributed P2P network.which may result in a flash crowd or broken network scenario Svbil attack refers to a network attack against
Existing methods without a trusted third party cannot resist active attacks and conspiracy attacks.This paper proposes a location privacy-preserving solution for location based services (LBS) in vehic
随着信息化社会的到来,计算机软件对于人类社会的发展起到了推动作用.但随之而来的各种软件错误、失效使得计算机能否满足要求遭到了质疑.软件是否满足要求可以通过软件可信评估来验证.由于软件可信评估中部分可信属性,如可维护性等,存在主观判断的因素,通过对层次分析法的分析,在软件可信评估中,评估算法分为两个部分,第一部分主要验证用户输入参数是否符合一致性比例C.R.(consistency ratio);第
In view ofthe Internet ofthings secret information easv to leak in data transmission.a model of data secure transmission based on compressed sensing (CS) and digital watermarking technology in the Int
In the existing methods of image encryption based on moire phase modulation the superposed moire pattem can be reconstructed periodically.but the deformed laver leaks the profile of the secret image I