关闭×
Office
Quick Search
Adv Search
Current Issue
20 February 2021, Volume 48 Issue 1
  • On the significance and function of the Xiao-Massey theorem
    FENG Dengguo
    2021, 48(1):  7-13.  doi:10.19665/j.issn1001-2400.2021.01.002
    Abstract ( 28 )   HTML( 16 )   PDF (669KB) ( 16 )   Save

    Divide-and-conquer correlation analysis is an important stream cipher analytical method,which is one of the analytical methods that must be defended when designing the stream cipher.The frequently-used defense strategy is to make the cryptographic function used in the stream cipher have a certain correlation immune order.This kind of cryptographic function is called the correlation immune function.The characterization of correlation immune functions is the theoretical basis for constructing and analyzing such functions.Professor G.Z.Xiao and Professor J.L.Massey first gave the characterization of the Walsh spectrum of correlation immune Boolean functions (called Xiao-Massey theorem),which opened up a new research direction for the study of stream ciphers.This paper mainly reviews the Xiao-Massey theorem,sketches the significance of the Xiao-Massey theorem,and explains the function of the Xiao-Massey theorem.

    Progress of and some comments on the research of side-channel attack for cryptosystems
    GU Dawu,ZHANG Chi,LU Xiangjun
    2021, 48(1):  14-21.  doi:10.19665/j.issn1001-2400.2021.01.003
    Abstract ( 15 )   HTML( 13 )   PDF (1149KB) ( 13 )   Save

    Side-channel attack is among the real threats to a cryptosystem in practice.By tracking its latest development,the main research directions including information pre-processing,non-profiled and profiled analysis are classified and demonstrated.The research key points of side-channel attack are summarized,in which the limitation of relying on artificial assumptions is pointed out to be as the principal issue of the state-of-the-art methods.Once the artificial assumptions deviate from the actual situation,the effect of side-channel attack will be seriously affected or weakened.A possible technical solution to ruling out this limitation is given,that is,to make use of what we call the zero-assumption (or weak assumption) method.The next-step research points under this assumption are listed briefly.

    Survey of anonymous network applications and simulation platforms
    ZHENG Xianchun,LI Hui,WANG Rui,YAN Haonan,DAI Rui,...
    2021, 48(1):  22-38.  doi:10.19665/j.issn1001-2400.2021.01.004
    Abstract ( 14 )   HTML( 4 )   PDF (8010KB) ( 4 )   Save

    An anonymous network can hide the real identities of and location information on users and service providers. With the expansion of cyberspace and the increasing importance of privacy protection,the research on anonymous networks has been further developed.For lack of application survey of anonymous networks at present,especially for lack of relevant reviews on the research on anonymous network simulation platforms,this paper,in the light of the current research status of anonymous networks,summarizes the existing privacy protection anonymous technology and the typical representatives of practical application of the anonymous network from multiple dimensions.We investigate the advantages and disadvantages of existing simulation platforms and environments and introduce the related works in terms of usability,efficiency,authenticity and the controllable scale.Finally,prospects for future research on anonymous network application are given to provide ideas for new research content and trends.

    Overview of Sybil attacks and defenses in the distributed architecture
    XU Zhicheng,LI Xiang,MAO Jian,LIU Jianwei,ZHOU Zhi...
    2021, 48(1):  39-49.  doi:10.19665/j.issn1001-2400.2021.01.005
    Abstract ( 26 )   HTML( 5 )   PDF (1638KB) ( 5 )   Save

    In recent years,the distributed architecture has been widely used in Internet information services.The distributed architecture usually relies on multiple independent nodes to deal with potential malicious threats.However,for lack of authentication between nodes and for the difficulty of recognizing the identity in the network and the relationship between nodes,it is vulnerable to multiple identity attacks,namely,the Sybil attacks,which destroy the trust relationship between nodes.In this paper,we analyze the Sybil attacks in the distributed architecture and their defense methods.First,we give a brief introduction to attack models of the Sybil attacks in different application scenarios.Then,we discuss common Sybil defenses in distributed architectures,and then emphasize two main Sybil defenses in the social network,a typical and popular distributed architecture.Finally,we prospect the trends of future research on the Sybil attack.

    Survey of results of (n,m)-functions against differential power attack
    ZHOU Yu,CHEN Zhixiong,ZHUO Zepeng,DU Xiaoni
    2021, 48(1):  50-60.  doi:10.19665/j.issn1001-2400.2021.01.006
    Abstract ( 12 )   HTML( 10 )   PDF (1013KB) ( 10 )   Save

    (n,m) functions (or S-boxes) are the most basic components in symmetric cryptography,and its cryptographic properties determine some security of symmetric cryptography.Therefore,how to design and analyze (n,m) functions which satisfy various cryptographic properties is an important problem in the research on symmetric cryptography.With the development of the research on the side channel of symmetric cipher algorithms,there are some indicators in the aspect of (n,m) functions resisting differential power attack:the signal-to-noise ratio,transparency order and confusion coefficient.These indicators have gradually become the main indicators to measure the cryptographic properties of (n,m) functions cryptography,and have been applied to the design and analysis of block cipher S-boxes.In this paper,the research results of the signal-to-noise ratio (SNR),transparency order (TO) and confusion coefficient (CC) of (n,m) functions are summarized,including:(1) some relationships between the signal-to-noise ratio of (n,m) functions and the traditional cryptographic indicators;(2) some relationships between the transparency order of (n,m) functions and the traditional cryptographic property;some relationships between the transparency order of a Boolean function and its decomposition functions;few distributions of the transparency order of small variable balance functions;(3) the confusion coefficient of (n,m) function(s);(4)a comprehensive analysis of three indicators of a S-box in some public algorithms.Finally,the research prospect of these three indicators is given.

    Key distillation from passwords
    LIU Yingfeng,LIU Shengli
    2021, 48(1):  61-68.  doi:10.19665/j.issn1001-2400.2021.01.007
    Abstract ( 20 )   HTML( 14 )   PDF (1751KB) ( 14 )   Save

    Authentication via passwords is one of the most widely-used method for identification.Passwords can be easily memorized,but they are hardly uniformly distributed.For lack of uniformity,passwords cannot be used as keys for cryptographic schemes directly.In this paper,we explore the approach to key distillation from passwords by utilizing the entropy in passwords.To this end,we present a key distillation scheme from passwords.We first estimate the entropy of passwords,and then make use of Toeplitzmatrices to transform passwords into keys and analyze the lengths of the distilled keys.Besides,we also discuss how to distill multiple keys from the same password.Our approach can be closely combined with the modern cryptographic techniques to fulfill cryptographic functionalities.

    8 bits lightweight S-box with the Feistel structure
    DONG Xinfeng,ZHANG Wenzheng,XU Chunxiang
    2021, 48(1):  69-75.  doi:10.19665/j.issn1001-2400.2021.01.008
    Abstract ( 11 )   HTML( 4 )   PDF (910KB) ( 4 )   Save

    As a confusion component of the lightweight symmetric cryptographic algorithm,a lightweight S-box is the key to designing the lightweight symmetric cryptographic algorithm.In this paper,a new method for designing 8-bits lightweight S-boxes is proposed.The round logic operation in the S-boxes involves only 4 logic AND operations (single bits) and 4 logic XOR operations (single bits).After iterating 4 rounds,the differential uniformity of the 8-bits lightweight S-boxes is 16 and the nonlinearity is 96.Compared with the existing known methods,the 8-bits lightweight S-box designed by our method needs less hardware resources while gaining the best known cryptographic properties,such as the low differential uniformity and the high nonlinearity.

    Analysis of zero-sum distinguisher of the KNOT authenticated encryption algorithm
    YE Tao,WEI Yongzhuang,LI Lingchen
    2021, 48(1):  76-86.  doi:10.19665/j.issn1001-2400.2021.01.009
    Abstract ( 12 )   HTML( 4 )   PDF (1023KB) ( 4 )   Save

    As one of the second round candidates of the lightweight crypto standardization process,KNOT has the advantages of fast implementation in software and hardware,low hardware area and software memory.Currently,the security of KNOT has received extensive attention.In this paper,based on the flag technique,a new method to design the model of division property for S-box is proposed.Moreover,by using the structure of KNOT,a new Mixed Integer Linear Programming (MILP) model of division property for KNOT is constructed.The automated search method of zero-sum distinguisher of KNOT-256 is also further presented.It is illustrated that there exists a 30-round zero-sum distinguisher of KNOT-256 permutation.Although the security of the KNOT authenticated encryption algorithm (whose 256-bit block size version has 52 rounds in the initialization process) is not practically threatened via this distinguisher,the result verifies that the method of constructing zero-sum distinguisher is valid.

    Efficient multi-key fully homomorphic encryption scheme from RLWE
    CHE Xiaoliang,ZHOU Haonan,YANG Xiaoyuan,ZHOU Tanpi...
    2021, 48(1):  87-95.  doi:10.19665/j.issn1001-2400.2021.01.010
    Abstract ( 8 )   HTML( 11 )   PDF (904KB) ( 11 )   Save

    The ring-LWE-based BGV-type multi-key fully homomorphic encryption (MKFHE) scheme has a large size of ciphertexts and keys,and the generation process of evaluation key is complicated,which results in a low homomorphic evaluating efficiency.To improve these problems,a BGV-type MKFHE scheme with a small-size key and a high efficiency of evaluation of key generation is proposed.First,by modifying the expansion of the ciphertext,the algorithm for generation of the evaluation key is optimized and the efficiency of the algorithm is improved.Second,the low bit discarding technique is used in the generation algorithm,which reduces the calculated redundancy and decreases the calculated complexity.Finally,by applying modulus-switching and key-switching techniques to the optimized algorithm,an efficient leveled BGV-type MKFHE scheme with IND-CPA security is proposed.Compared with the previous leveled BGV-type MKFHE schemes,the proposed scheme can simplify the process of generation of the evaluation key and decrease memory (bit-size) and calculation costs.Moreover,the proposed scheme has a higher efficiency and a less noise magnitude.

    Algorithm for the detection of a low complexity contrast enhanced image source
    WANG Junxiang,HUANG Lin,ZHANG Ying,NI Jiangqun,LIN...
    2021, 48(1):  96-106.  doi:10.19665/j.issn1001-2400.2021.01.011
    Abstract ( 13 )   HTML( 6 )   PDF (4033KB) ( 6 )   Save

    With the rapid development of multimedia techniques,enhanced images,such as mobile phone pictures,are widely used due to its good visual quality,In general,conventional image enhancement algorithms include histogram equalization,gamma correction,and so on.Recently,a new reversible data hiding algorithm with the content enhancement function (denoted as RDH_CE) is proposed,which could achieve identical visual enhancement quality as conventional enhancement algorithms do when a certain amount of secret data is embedded.It is easy to have some security risk when one enhanced image with some suspicious code embedded in it is utilized.Therefore,an effective algorithm for identifying some suspicious RDH_CE and other regular ones (i.e.,histogram equalization and gamma correction) is proposed in this paper.By analyzing their implementation process,four features are designed and then SVM is employed to identify their source.Experimental results indicate that the proposed scheme can achieve a better performance compared with other state-of-art algorithms in terms of the accuracy and stability.

    Joint reversible data hiding in encrypted images with the self-correcting ability
    QIU Yingqiang,CAI Canhui,ZENG Huanqiang,FENG Gui,L...
    2021, 48(1):  107-116.  doi:10.19665/j.issn1001-2400.2021.01.012
    Abstract ( 13 )   HTML( 10 )   PDF (2729KB) ( 10 )   Save

    In order to solve the problem of extracted-bit errors in existing joint reversible data hiding methods for encrypted images and achieve a higher embedding capacity,a novel algorithm with self-correction and privacy protection is proposed.Before image encryption,the algorithm embeds self-correcting data generated by preprocessing into the down-sampling pixels of the image reversibly,and then data can be embedded into the encrypted image by reserving or flipping certain least significant bits of non-sampled pixels in each group.Experimental results show that the proposed algorithm greatly increases the embedding capacity,and that the quality of the decrypted marked image is fine.This technology can be used in military,medical,cloud services and other fields.

    Structure-statebased graybox Fuzzing technique
    LIU Huayuan,SU Yunfei,LI Ruilin,TANG Chaojing
    2021, 48(1):  117-123.  doi:10.19665/j.issn1001-2400.2021.01.013
    Abstract ( 8 )   HTML( 0 )   PDF (1537KB) ( 0 )   Save

    In order to solve the problem of program state coverage that cannot be effectively solved by code coverage feedback indicators,we propose a fuzzing method that uses the state coverage of a specific code structure in the source code as the feedback indicator,and introduce the concept of target structure state coverage distribution.By inserting piles for a specific structure,statistics of the target structure state distribution,seed selection and energy scheduling according to the structure state distribution,in order to achieve uniform program state coverage.This method implements the prototype system SFL,and compares it with the existing code coverage fuzzing method AFL.Experimental results show that the method proposed in this paper can more fully cover the program state and can accelerate the discovery speed of specific types of vulnerabilities.

    Detecting use-after-free bugs in embedded C programs
    WANG Yaxin,LI Xiaoqing,WU Gaofei,TANG Shijian,ZHU ...
    2021, 48(1):  124-132.  doi:10.19665/j.issn1001-2400.2021.01.014
    Abstract ( 17 )   HTML( 1 )   PDF (2928KB) ( 1 )   Save

    Use-after-Free (UaF) bugs in C programs seriously affect the robustness and reliability of embedded systems.Current detection methods are mostly focused on computer operating systems or applications,which does not support complex and variable embedded systems.A static code analysis can achieve the detection without the requirement of execution environment.Therefore,a static taint analysis tool based on the LLVM compiler infrastructure has been implemented to detect UaF bugs in theembedded C code automatically.Experimental results prove that this static analysis method can detect UaF bugs in C programs rapidly with low false positive and false negative.It is also proved that the tool can be applied in large-scale embedded C projects.

    TTP-free weighted muti-owner RFID tag authentication protocol
    FAN Meiyue,DONG Qingkuan,WANG Lei,YANG Can
    2021, 48(1):  133-140.  doi:10.19665/j.issn1001-2400.2021.01.015
    Abstract ( 9 )   HTML( 3 )   PDF (1186KB) ( 3 )   Save

    Aiming at the problem of multi-owner tag authentication,a TTP-free weighted multi-owner RFID tag authentication protocol is proposed.In this protocol the Shamir secret sharing threshold scheme is used to manage the key,with the message encrypted with the key stream that is generated based on the hash function.It realizes the mutual authentication between all of the readers and the tag.In the proposed protocol,no TTP is involved,and the key update and de-synchronization attack are realized.Compared with similar protocols,this protocol is more concise and effective.The formal analysis of the BAN logic proves that the protocol satisfies the mutual authentication.The analysis of security characteristics shows that the proposed protocol satisfies anti-replay attack,anti-de-synchronization attack,forward security,untraceabitility,confidentiality and denial of service attack,etc.

    Cross-domain authentication and the key agreement protocol in VANETs
    LI Xiaowei,YANG Dengqi,ZHENG Xin,ZHU Xingwen,CHEN ...
    2021, 48(1):  141-148.  doi:10.19665/j.issn1001-2400.2021.01.016
    Abstract ( 17 )   HTML( 3 )   PDF (1403KB) ( 3 )   Save

    Aiming at the problem that vehicle-to-vehicle (V-2-V) authentication and key agreement of cross-domain in VANETs (vehicular ad hoc networks) can be accomplished by the participation of servers,a cross-domain V-2-V password-based authentication and key agreement protocol without server participation is proposed.The protocol uses the method of distributing authentication credentials to achieve cross-authentication,and enhances the security of passwords by combining smart cards with passwords.The security of the protocol is proved under the hard problem of ECCDH (Elliptic Curve Computational Diffie-Hellman).Compared with the existing cross-domain authentication and key agreement protocol that requires server participation,the proposed protocol does not involve server participation,thus avoiding the communication delay caused by the server’s inability to process a large number of authentication requests.

    TargetedFool:an algorithm for achieving targeted attacks
    ZHANG Hua,GAO Haoran,YANG Xingguo,LI Wenmin,GAO Fe...
    2021, 48(1):  149-159.  doi:10.19665/j.issn1001-2400.2021.01.017
    Abstract ( 16 )   HTML( 4 )   PDF (3195KB) ( 4 )   Save

    With the development of artificial intelligence technology,deep neural networks are widely used in fields such as face recognition,voice recognition,image recognition,and autonomous driving.In recent years,experiments have proved that slight perturbations can cause misclassification of deep neural networks (DNNs) and achieving specific attack effects in a limited time is one of the focuses of research in the field of adversarial attacks.The DeepFool algorithm has a wide range of applications in machine learning platforms such as cleverhans.However,there is still room for research on targeted attacks using the DeepFool algorithm.To solve the problem that generating perturbations takes a long time and that the perturbation is easy for the human eye to observe,this paper proposes the TargetedFool algorithm based on the DeepFool algorithm for generating targeted adversarial examples on typical convolution neural networks (CNNs).Extensive experimental results show that the algorithm proposed in this paper can achieve targeted attacks on the MNIST,CIFAR-10 and ImageNet.The targeted attack described in this paper can achieve a 99.8% deception success rate in an average time of 2.84 s on the ImageNet.In addition,this paper analyzes the reason why the attack algorithm based on the DeepFool cannot generate targeted universal adversarial perturbations.

    Optimal method for the generation of the attack path based on the Q-learning decision
    LI Teng,CAO Shijie,YIN Siwei,WEI Dawei,MA Xindi,MA...
    2021, 48(1):  160-167.  doi:10.19665/j.issn1001-2400.2021.01.018
    Abstract ( 11 )   HTML( 3 )   PDF (1791KB) ( 3 )   Save

    The main research purpose of this paper is to generate a dynamic approach to finding the optimal attack path based on the Q-learning algorithm in machine learning,and to improve the efficiency and adaptability of this approach.The method,based on the Q-learning algorithm and by the reference network connectivity and partition,uses the delete inaccessible path in the network topology reduction method,and simulated by machine learning hacker attacks,combines state and action,in keep learning to improve their ability of adaptation and decision-making,so as to generate the optimal attack path efficiently.Finally,through experiments,the established simulated attacker can obtain the state-value table in the Q-learning method in the environment with the IDS alarm device,and can obtain the optimal attack path sequence from the source host to the destination host by traversing the Q table,which verifies the validity and accuracy of the model and algorithm.At the same time,by analyzing the host reachability in advance,the redundant nodes are greatly reduced,a great advantage in large network topology.

    Adaptive fast and targeted adversarial attack for speech recognition
    ZHANG Shudong,GAO Haichang,CAO Xiwen,KANG Shuai
    2021, 48(1):  168-175.  doi:10.19665/j.issn1001-2400.2021.01.019
    Abstract ( 13 )   HTML( 6 )   PDF (910KB) ( 6 )   Save

    Adversarial examples are malicious inputs designed to induce deep learning models to produce erroneous outputs,which make humans imperceptible by adding small perturbations to the input.Most research on adversarial examples is in the domain of image.Recently,studies on adversarial examples have expanded into the automatic speech recognition domain.The state-of-art attack on the ASR system comes from C &W,which aims to obtain the minimum perturbation that causes the model to be misclassified.However,this method is inefficient since it requires the optimization of two terms of loss functions at the same time,and usually requires thousands of iterations.In this paper,we propose an efficient approach based on strategies that maximize the likelihood of adversarial examples and target categories.A large number of experiments show that our attack achieves better results with fewer iterations.

    Fast network intrusion detection system using adaptive binning feature selection
    LIU Jingmei,GAO Yuanbo
    2021, 48(1):  176-182.  doi:10.19665/j.issn1001-2400.2021.01.020
    Abstract ( 26 )   HTML( 16 )   PDF (864KB) ( 16 )   Save

    Aiming at the problems of the low detection rate of traditional intrusion detection systems and the long training and detection time of intrusion detection systems based on deep learning,an adaptive binning feature selection algorithm using the information gain is proposed,which is combined with LightGBM to design a fast network intrusion detection system.First,the original data set is preprocessed to standardize the data;then the redundant features and noise in the original data are removed through the adaptive binning feature selection algorithm,and the original high-dimensional data are reduced to the low-dimensional data,thereby improving the accuracy of the system and reducing the training and detection time;finally,LightGBM is used for model training on the training set selected by the characteristics to train an intrusion detection system that can detect attack traffic.Through verification on the NSL-KDD data set,the proposed feature selection algorithm only takes 27.35 seconds in feature selection,which is 96.68% lower than that by the traditional algorithm.The designed intrusion detection system has an accuracy rate of 93.32% on the test set,and its training time is low.Compared with the existing network intrusion detection system,the accuracy rate of the proposed system is higher,and its model training speed is faster.

    Method for assessment of network security situation with deep learning
    YANG Hongyu,ZENG Renyun
    2021, 48(1):  183-190.  doi:10.19665/j.issn1001-2400.2021.01.021
    Abstract ( 15 )   HTML( 8 )   PDF (1584KB) ( 8 )   Save

    The traditional methods for assessment of network security situation rely on manual label and evaluation.When faced with a large amount of data,there appearsome problems such as low efficiency and poor flexibility.First,we propose a Deep Autoencoder-Deep Neural Network (DAEDNN) model to identify all kinds of attacks on the network.Then,the Under-Over Sampling Weighted (UOSW) algorithm is designed to improve the detection rate of the model on categories with a few training samples.Finally,we conduct model testing and calculate the attack probability.Besides,we determine the impact score of each type of attack and calculate the network security situation value.Experimental results show that the precision and recall of the proposed model are better than those of the compared models,and that the proposed model has a better performance in accuracy and efficiency.

News
Download
Links