检索结果-南通市图书馆

security model and modular design of fair authentication key exchange protocols

Science china(information sciences) 2010年第2期53卷 278-287页

作者： feng dengguo & chen weidong state key laboratory of information security, institute of software, chinese academy of sciences, beij.ng 100190, china 1. state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing 100190 China

It is traditionally assumed that the legal two parties in authentication key exchange (AKE) communications are both credible. However, in more and more network applications nowadays, it is often required that such protocols be run under the circumstances where ones do not trust in each other. Therefore, in this paper we propose the idea of fair authentication key exchange (FAKE), which has not only the basic properties of AKE protocols, but also some new properties: the "session proof" embedded in the input of protocols by the customer; and if not revealed, the protocols have the deniability, otherwise the transcript of protocol is binding for the identifications. Such a method is capable of solving the contradiction between protecting privacy and the dissension on network service. Then the security model of FAKE protocols is formulated systematically and a flaw of the security model of current signature schemes proposed by Kudla is also corrected. Finally, a kind of FAKE protocol based on current signature schemes is designed and the mBJM-AK security, conditional deniability and fairness of FAKE protocols are proved in the random oracle model.

关键词： authentication key exchange protocols deniability fairness concurrent signature provable security

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Black-box testing based on colorful taint analysis

引用

Science china(information sciences) 2012年第1期55卷 171-183页

作者： chen Kai1,2,3,feng dengguo1,SU PuRui1&ZHAng YingJun1,2,3 1state key laboratory of information security,institute of software,chinese academy of Science,beij.ng 100190,china 2state key laboratory of information security,Graduate University of chinese academy of sciences,beij.ng 100049,china 3National Engineering Research Center of information security,beij.ng 100190,china 1. state key laboratory of information security Institute of Software Chinese Academy of Science Beijing 100190 China2. State Key Laboratory of Information Security Graduate University of Chinese Academy of Sciences Beijing 100049 China3. National Engineering Research Center of Information Security Beijing 100190 China

software vulnerability detection is one of the most important methods for guaranteeing software *** main classes of methods can detect vulnerabilities in binary files:white-box testing and black-box *** former needs to construct and solve path constraints to detect *** has two main drawbacks:path exploding and complexity of *** latter often aimlessly exhausts various inputs to test binary *** paper combines both testing methods to detect vulnerabilities in binary *** analyzing the input elements that aect check condition corresponding to a certain check point,we can generate one class of inputs that get to the check point to increase fuzzing *** analyzing the relationship between guard conditions and check condition,the redundant check points are *** taint analysis method(CTAM)is proposed to compute guard conditions,which is more ecient than traditional taint analysis method(TTAM).We implemented a prototype and made several experiments on *** results showed that our method could increase the eciency of black-box testing.

关键词： software testing vulnerability detection dynamic testing black-box testing colorful taint analysis

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Modular approach to the design and analysis of password-based security protocols

引用

Science in china(Series F) 2007年第3期50卷 381-398页

作者： feng dengguo chen weidong state key laboratory of information security Institute of Software Chinese Academy of Sciences Beijing100080 China

In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of ＂weak computational indistinguishability＂ based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of ＂weak pseudorandomness＂. Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution （PSKD） protocol and protected password change （PPC） protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.

关键词： security protocols weak computational indistinguishability provable security random oracle model (ROM) standardmodel

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Do multiple infections lead to better security?A new study on CHES 2014 infective countermeasure

引用

Science china(information sciences) 2021年第5期64卷 215-217页

作者： Jingyi feng Hua chen Weiqiong CAO Limin FAN Wei XI dengguo feng Trusted Computing and information Assurance laboratory (TCA) Institute of SoftwareChinese Academy of Sciences state key laboratory of Cryptology University of chinese academy of sciences Electric Power Research institute China Southern Power Grid

Dear editor,Implementation attacks such as fault attack(FA)[1] and side-channel analysis (SCA)[2] are significant threats to the cryptographic device security. Infective countermeasure is a promising strategy to resist FAs. Its principle is to scramble the data path of the encryption and make the faulty ciphertext useless in the key retrieval. The scrambling here is called infection. It can be executed either once at the end of the algorithm or multiple times between different encryption operations.

关键词： information Systems and Communication Service

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：