Institute of North Electronic Equipment

Beijing, China

Institute of North Electronic Equipment

Beijing, China
SEARCH FILTERS
Time filter
Source Type

Zhao X.,Ordnance Engineering College | Zhao X.,Institute of North Electronic Equipment | Guo S.,Institute of North Electronic Equipment | Zhang F.,University of Connecticut | And 3 more authors.
Proceedings - 10th Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2013 | Year: 2013

This paper proposes a fault analysis technique on LED by combining algebraic cryptanalysis and differential fault analysis (DFA). The technique is called algebraic differential fault analysis (ADFA). In ADFA on LED, we use DFA to deduce the possible fault differences of the correct and faulty S-Box input in the last round, and convert them into algebraic equations. We then combine the equation set of LED with the injected fault and use the CryptoMiniSat solver to recover the secret key. Our experiments show that, on a common PC, ADFA can succeed on LED under the nibble-based fault model within three minutes and with only one fault injection, which is more efficient than previous DFA work. To evaluate DFA on LED, we first propose an improved evaluation algorithm of DFA, then provide a modified ADFA approach to compute the solutions for the secret key. The results are more accurate than previous work. We also successfully extend ADFA on LED to other fault models using a single fault injection, where traditional DFAs are difficult to launch. © 2013 IEEE.


Zhang F.,University of Connecticut | Zhao X.,Ordnance Engineering College | Zhao X.,Institute of North Electronic Equipment | Guo S.,Institute of North Electronic Equipment | And 2 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

This paper proposes some techniques to improve algebraic fault analysis (AFA). First, we show that building the equation set for the decryption of a cipher can accelerate the solving procedure. Second, we propose a method to represent the injected faults with algebraic equations when the accurate fault location is unknown. We take Piccolo as an example to illustrate our AFA and compare it with differential fault analysis (DFA). Only one fault injection is required to break Piccolo with the improved AFA. Finally, we extend the proposed AFA to other lightweight block ciphers, such as MIBS, LED, and DES. For the first time, the full secret key of DES can be recovered with only a single fault injection. © 2013 Springer-Verlag Berlin Heidelberg.


Zhao X.,Ordnance Engineering College | Zhang F.,University of Connecticut | Guo S.,Institute of North Electronic Equipment | Wang T.,Ordnance Engineering College | And 3 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2012

Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation. © 2012 Springer-Verlag.


Guo R.X.,Institute of North Electronic Equipment | Zhang L.T.,Institute of North Electronic Equipment
Advanced Materials Research | Year: 2013

In this paper, we present a novel algorithm for uneven illumination image processing based on HIS color space and joint color space. Compared with many existing algorithms of image enhancement for the uneven illumination image, the proposed method have high performance compared with Histogram Equalization, Homomorphic filtering and Retinex. Some experiments are implemented to testify this conclusion. © (2013) Trans Tech Publications, Switzerland.


Guo R.,Institute of North Electronic Equipment
Proceedings of the 2012 2nd International Conference on Instrumentation and Measurement, Computer, Communication and Control, IMCCC 2012 | Year: 2012

With the popularity of social network, the study of information spreading in network has become an important issue. The information spreading ability is different between different topology network. In this paper, through evaluate influence of nodes the social network model is proposed. The process of information spread is introduced by defining social influence, and social network information dissemination process is discussed also based on different model. © 2012 IEEE.


Zhang Y.,Electronic Engineering Institute | Zhang Y.,Institute of North Electronic Equipment | Huang S.,Electronic Engineering Institute | Guo S.,Institute of North Electronic Equipment | Zhu J.,Institute of North Electronic Equipment
Procedia Environmental Sciences | Year: 2011

To analyze the influence of security incidents on a networked system and accurately evaluate system security, this paper proposes a novel cyber security situation assessment model, based on multi-heterogeneous sensors. By using D-S evidence theory, we fuse security data submitted from multi-sensors, according to the network topology and the importance of services and hosts. Moreover, we adopt the evaluation policy that from bottom to top and from local to global in this model. The evaluation of a simulated network indicates that the proposed approach is suitable for network environment, and the evaluation results are precise and efficient. © 2011 Published by Elsevier Ltd.


Chen T.,University of Electronic Science and Technology of China | Zhang X.-S.,University of Electronic Science and Technology of China | Guo S.-Z.,Institute of North Electronic Equipment | Li H.-Y.,University of Electronic Science and Technology of China | Wu Y.,University of Electronic Science and Technology of China
Future Generation Computer Systems | Year: 2013

Dynamic symbolic execution for automated test generation consists of instrumenting and running a program while collecting path constraint on inputs from predicates encountered in branch instructions, and of deriving new inputs from a previous path constraint by an SMT (Satisfiability Modulo Theories) solver in order to steer next executions toward new program paths. It has been introduced into several applications, such as automated test generation, automated filter generation and malware analysis mainly for its two intrinsic properties: low false positives and high code-coverage. In this paper, we focus on the topics that are closely related to automated test generation. Our contributions are five-fold. First, we summarize the theoretical foundation of dynamic symbolic execution. Second, we highlight the challenges when turning ideas into reality. Besides, we describe the state-of-the-art solutions including advantages and disadvantages for those challenges. In addition, twelve typical tools are analyzed and many properties of those tools are censused. Finally, we outline the prospects of this research field in detail. © 2012 Elsevier B.V. All rights reserved.


Zhang Y.,National University of Defense Technology | Wang S.,Institute of North Electronic Equipment | Li J.,National University of Defense Technology
Journal of Systems Engineering and Electronics | Year: 2016

This paper improves the resampling step of particle filtering (PF) based on a broad interactive genetic algorithm to resolve particle degeneration and particle shortage. For target tracking in image processing, this paper uses the information coming from the particles of the previous fame image and new observation data to self-adaptively determine the selecting range of particles in current fame image. The improved selecting operator with jam gene is used to ensure the diversity of particles in mathematics, and the absolute arithmetical crossing operator whose feasible solution space being close about crossing operation, and non-uniform mutation operator is used to capture all kinds of mutation in this paper. The result of simulating experiment shows that the algorithm of this paper has better iterative estimating capability than extended Kalman filtering (EKF), PF, regularized partide filtering (RPF), and genetic algorithm (GA)-PF. © 2016 Beijing Institute of Aerospace Information.


Yu S.,Institute of North Electronic Equipment | Ye F.,Institute of North Electronic Equipment | Chi C.,Shijiazhuang Foreign Studies School
Proceedings of the 2012 2nd International Conference on Instrumentation and Measurement, Computer, Communication and Control, IMCCC 2012 | Year: 2012

With the development of social networks, how to evaluate the importance of node has become an important problem. In this paper, a method of evaluating node importance is proposed based on Email network model. The hierarchical structure is considered during this method and the corresponding evaluation model is proposed also. To illustrate the effect of this method, the difference is compared between it and classic approach, such as degree centrality, closeness centrality and betweenness centrality. © 2012 IEEE.


Zhao X.-J.,Ordnance Engineering College | Wang T.,Ordnance Engineering College | Guo S.-Z.,Institute of North Electronic Equipment | Zheng Y.-Y.,Ordnance Engineering College
Ruan Jian Xue Bao/Journal of Software | Year: 2011

Firstly, this paper displays an access driven Cache timing attack model, proposes non-elimination and elimination two general methods to analyze Cache information leakage during AES encryption, and builds the Cache information leakage model. Next, it uses quantitative analysis to attack a sample with the above elimination analysis method, and provides some solutions for the potential problems of a real attack. Finally, this paper describes 12 local and remote attacks on AES in OpenSSL v.0.9.8a, v.0.9.8j. Experiment results demonstrate that: the access driven Cache timing attack has strong applicability in both local and remote environments; the AES lookup table and Cache structure decide that AES is vulnerable to this type of attack, the least sample size required to recover a full AES key is about 13; the last round AES implementation in OpenSSL v.0.9.8j, which abandoned the T4 lookup table, cannot secure itself from the access driven Cache timing attack; the attack results strongly verify the correctness of the quantitative Cache information leakage theory and key analysis methods above. © ISCAS.

Loading Institute of North Electronic Equipment collaborators
Loading Institute of North Electronic Equipment collaborators