检索结果-南通市图书馆

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

机密计算发展现状与趋势

信息安全研究 2024年第1期10卷 2-5页

作者：冯登国中国科学院中国科学院软件研究所

2019年,党的十九届四中全会首次将数据列为生产要素,体现出了国家大力发展数字经济的决心和态度,标志着数据从资源到要素的转变.2020年4月,中共中央、国务院发布《关于构建更加完善的要素市场化配置体制机制的意见》,明确将数据市场与... 详细信息

2019年,党的十九届四中全会首次将数据列为生产要素,体现出了国家大力发展数字经济的决心和态度,标志着数据从资源到要素的转变.2020年4月,中共中央、国务院发布《关于构建更加完善的要素市场化配置体制机制的意见》,明确将数据市场与土地市场、劳动力市场、资本市场、技术市场并列为加快培育的5大核心生产要素市场之一,数据要素步入市场化阶段.2021年5月,国家发展改革委、中央网信办、工业和信息化部、国家能源局联合印发(发改高技〔2021〕709号)文件,东数西算工程正式启动.2022年12月,《中共中央国务院关于构建数据基础制度更好发挥数据要素作用的意见》(以下简称“数据二十条”)发布.“数据二十条”的核心是提出4项数据基础制度,包括数据产权制度、数据要素流通和交易制度、数据要素收益分配制度、数据要素治理制度.

关键词：国家发展改革委核心生产要素要素市场化工业和信息化部收益分配制度发展现状与趋势市场化阶段数据市场

Stream cipher designs: a review

在线全文

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2020年第3期63卷 80-104页

作者： Lin JIAO Yonglin HAO dengguo feng State Key Laboratory of Cryptology State Key Laboratory of Computer Science Institute of Software Chinese Academy of Sciences

Stream cipher is an important branch of symmetric cryptosystems, which takes obvious advantages in speed and scale of hardware implementation. It is suitable for using in the cases of massive data transfer or resource constraints, and has always been a hot and central research topic in cryptography. With the rapid development of network and communication technology, cipher algorithms play more and more crucial role in information security. Simultaneously, the application environment of cipher algorithms is increasingly complex, which challenges the existing cipher algorithms and calls for novel suitable designs. To accommodate new strict requirements and provide systematic scientific basis for future designs, this paper reviews the development history of stream ciphers, classifies and summarizes the design principles of typical stream ciphers in groups, briefly discusses the advantages and weakness of various stream ciphers in terms of security and implementation. Finally, it tries to foresee the prospective design directions of stream ciphers.

关键词： stream cipher survey lightweight authenticated encryption homomorphic encryption

Concretely efficient secure multi-party computation protocols: survey and more

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Security and Safety 2022年第1期1卷 48-90页

作者： dengguo feng Kang Yang State Key Laboratory of Cryptology State Key Laboratory of Computer Science Institute of Software Chinese Academy of Sciences

Secure multi-party computation(MPC) allows a set of parties to jointly compute a function on their private inputs, and reveals nothing but the output of the function. In the last decade, MPC has rapidly moved from a purely theoretical study to an object of practical interest, with a growing interest in practical applications such as privacy-preserving machine learning(PPML). In this paper, we comprehensively survey existing work on concretely efficient MPC protocols with both semi-honest and malicious security, in both dishonestmajority and honest-majority settings. We focus on considering the notion of security with abort, meaning that corrupted parties could prevent honest parties from receiving output after they receive output. We present high-level ideas of the basic and key approaches for designing different styles of MPC protocols and the crucial building blocks of MPC. For MPC applications, we compare the known PPML protocols built on MPC, and describe the efficiency of private inference and training for the state-of-the-art PPML protocols. Furthermore, we summarize several challenges and open problems to break though the efficiency of MPC protocols as well as some interesting future work that is worth being addressed. This survey aims to provide the recent development and key approaches of MPC to researchers,who are interested in knowing, improving, and applying concretely efficient MPC protocols.

关键词： Secure multi-party computation Privacy-preserving machine learning Secret sharings Garbled circuits Oblivious transfer and its arithmetic generalization

Concretely ecient secure multi-party computation protocols:survey and mor

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Security and Safety 2022年第1期1卷 47-89页

作者： dengguo feng Kang Yang State Key Laboratory of Cryptology Beijing 100878China State Key Laboratory of Computer Science Institute of SoftwareChinese Academy of SciencesBeijing 100190China

Secure multi-party computation(MPC)allows a set of parties to jointly compute a function on their private inputs,and reveals nothing but the output of the function.In the last decade,MPC has rapidly moved from a purely theoretical study to an object of practical interest,with a growing interest in practical applications such as privacy-preserving machine learning(PPML).In this paper,we comprehensively survey existing work on concretely ecient MPC protocols with both semi-honest and malicious security,in both dishonest-majority and honest-majority settings.We focus on considering the notion of security with abort,meaning that corrupted parties could prevent honest parties from receiving output after they receive output.We present high-level ideas of the basic and key approaches for designing di erent styles of MPC protocols and the crucial building blocks of MPC.For MPC applications,we compare the known PPML protocols built on MPC,and describe the eciency of private inference and training for the state-of-the-art PPML protocols.Further-more,we summarize several challenges and open problems to break though the eciency of MPC protocols as well as some interesting future work that is worth being addressed.This survey aims to provide the recent development and key approaches of MPC to researchers,who are interested in knowing,improving,and applying concretely ecient MPC protocols.

关键词： Secure multi-party computation Privacy-preserving machine learning Secret sharings Garbled circuits Oblivious transfer and its arithmetic generalization

On the Security of TLS Resumption and Renegotiation

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

China Communications 2016年第12期13卷 176-188页

作者： Xinyu Li Jingy Xu Zhenfeng Zhang dengguo feng CAS Key Laboratory of Electromagnetic Space Information University of Science and Technology of China Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences

The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of "uniqueness" and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.

关键词： TLS 1.2 resumption renegotiation security model

The theory and practice in the evolution of trusted computing

在线全文

学校读者我要写书评

暂无评论

Chinese Science Bulletin 2014年第32期59卷 4173-4189页

作者： dengguo feng Yu Qin Wei feng Jianxiong Shao Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences State Key Laboratory of Computer Science Institute of Software Chinese Academy of Sciences

Trusted computing(TC)is an emerging technology to enhance the security of various computing platforms by a dedicated secure chip(TPM/TCM),which is widely accepted by both the industrial and academic world.This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work.In theory,we focus on protocol design and security analysis.We have proposed the first ECDAA protocol scheme based on q-SDH assumption,which highlights a new way to design direct anonymous attestation scheme.In technical evolution,we discuss the key technologies of trust chain,trusted network connection and TC testing and evaluation.We break through several key technologies such as trusted boot,OS measurement and remote attestation,and implement a TC system from TPM/TCM to network.We also design and implement a testing and evaluation system of TC platform,which is the first one put into practical application in China.Finally,with the rapid development of cloud computing and mobile applications,TC is moving toward some new directions,such as the trust in cloud and mobile environments,new TPM standard,and flexible trust execution environment trust establishment method.

关键词：可信计算 TCM 计算平台移动应用 TPM 安全芯片安全分析匿名认证

A new discrete Fourier transform randomness test

在线全文

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2019年第3期62卷 90-105页

作者： Meihui CHEN Hua CHEN Limin FAN Shaofeng ZHU Wei XI dengguo feng Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences University of Chinese Academy of Sciences Southern Power Grid Science Research Institute

The randomness of random number generators(RNGs) is important for the reliability of cryptographic systems since the outputs of RNGs are usually utilized to construct cryptographic parameters.Statistical tests are employed to evaluate the randomness of the RNG outputs. The discrete Fourier transform(DFT) test is an important test item of the most popular statistical test suite NIST SP800-22. In the standard NIST DFT test and related improved studies, there exist accuracy and efficiency issues. First, the bit sequences generated by known good RNGs have a high probability to be rejected when the sequences are long or the sequence number is large, due to the deviation between the actual distribution of the test statistic values and the assumed normal distribution. Second, the long test time and high memory consumptions of the complex DFT test algorithm also affect its practicability. To solve these problems, we propose a new DFT test method for long sequences(106 or more bits). Different from the previous DFT test methods focusing on making the distribution of the test statistic values closer to the normal distribution, we reconstruct the statistic to follow the chi-square distribution. Our experiment result shows that our method has higher reliability in the two-level test, and could effectively reduce the test time and the memory consumptions.When applying our method on randomness test, the test efficiency has been increased to about 4 times for 106-bit sequences and 7 times for 107-bit sequences. In conclusion, our method has lower probability of making errors, and is more suitable for practical application scenarios.

关键词： statistical randomness test discrete Fourier transform test NIST SP800-22 two-level test chi-square distribution

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

2023年网络空间安全科技热点回眸

科技导报 2024年第1期42卷 232-244页

作者：冯登国连一峰中国科学院软件研究所北京100190

2023年,美国、欧洲、澳大利亚、日本、韩国、印度等国家或地区陆续发布网络空间安全国家政策和战略计划。与此同时,以APT攻击、勒索攻击、供应链攻击、新型网络攻击、移动端攻击为代表的高隐蔽性、高破坏性攻击活动频发,对全球网络空间... 详细信息

2023年,美国、欧洲、澳大利亚、日本、韩国、印度等国家或地区陆续发布网络空间安全国家政策和战略计划。与此同时,以APT攻击、勒索攻击、供应链攻击、新型网络攻击、移动端攻击为代表的高隐蔽性、高破坏性攻击活动频发,对全球网络空间带来严重安全威胁。零信任、机密计算、隐私计算、弹性安全技术蓬勃发展,量子密钥分发和抗量子密码技术持续取得技术创新和突破,生成式人工智能为网络安全开创了全新的发展空间,网络空间安全领域正面临前所未有的发展机遇和应用前景。

关键词：网络空间安全数据安全人工智能安全

Formal analysis of TPM2.0 key management APIs

在线全文

学校读者我要写书评

暂无评论

Chinese Science Bulletin 2014年第32期59卷 4210-4224页

作者： Qianying Zhang Shijun Zhao Yu Qin dengguo feng Trusted Computing and Information Assurance Laboratory Institute of Software Chinese Academy of Sciences

The trusted platform module(TPM),a system component implemented on physical resources,is designed to enable computers to achieve a higher level of security than the security level that it is possible to achieve by software alone.For this reason,the TPM provides a way to store cryptographic keys and other sensitive data in its memory,which is shielded from access by any entity other than the TPM.Users who want to use those keys and data to achieve some security goals are restricted to interact with the TPM through its APIs defined in the TPM specification.Therefore,whether the TPM can provide Protected Capabilities it claimed depends to a large extent on the security of its APIs.In this paper,we devise a formal model,which is accessible to a fully mechanized analysis,for the key management APIs in the TPM2.0 specification.We identify and formalize security properties of these APIs in our model and then successfully use the automated prover Tamarin to obtain the first mechanized analysis of them.The analysis shows that the key management subset of TPM APIs preserves the secrecy of non-duplicable keys for unbounded numbers of fresh keys and handles.The analysis also reports that the key duplication mechanism,used to duplicate a key between two hierarchies,is vulnerable to impersonation attacks,which enable an adversary to recover the duplicated key of the originating hierarchy or import his own key into the destination hierarchy.Aiming at avoiding these vulnerabilities,we proposean approach,which restricts the originating and destination TPMs to authenticate each other’s identity during duplication.Then we formally demonstrate that our approach maintains the secrecy of duplicable keys when they are duplicated.

关键词：密钥管理 API 形式分析自动校准装置 TPM 安全级别物理资源敏感数据