Ren Z.,Wuhan University |
Wang L.,Wuhan University |
Wang L.,Key Laboratory of Aerospace Information Security and Trusted Computing |
Wu Q.,Wuhan University |
Deng R.,Wuhan University
Chinese Journal of Electronics | Year: 2014
Many schemes have been present to tackle data integrity and retrievability in cloud storage. Few of existing schemes support data dynamics, public verification and protect data privacy simultaneously. We propose a public auditing scheme which enables privacy-preserving, data dynamics and batch auditing. A data updating information table is designed to record the status information of the data blocks and facilitate data dynamics. Homomorphic authenticator and random masking technologies are exploited to protect data privacy for data owners. The scheme employs a Trusted third party auditor (TTPA) to verify the data integrity without learning any information about the data content during the auditing process. The scheme also allows batch auditing so that TTPA can process multiple auditing requests simultaneously which greatly accelerates the auditing process. Security and performance analysis show that our scheme is secure and feasible.
Yu F.,Wuhan University |
Yu F.,Key Laboratory of Aerospace Information Security and Trusted Computing |
Xu Y.,Zhejiang Provincial Testing Institute of Electronic Products |
Yu Y.,Wuhan University |
And 2 more authors.
Journal of Computational Information Systems | Year: 2011
Program's behavior verification is the core of trusted computing dynamic attestation. The first step of program's behavior verification is building program's trusted behavior model. Static analysis based behavior model building can cover all running paths, but there may be many ε run circuits, which can lead to the failure of dynamic attestation execution. This paper gives out an improved Floyd algorithm to find out and remove one ε run circuit with shortest length. The action is repeated until there is no ε run circuit, which can optimize the trusted behavior model. This paper also carries out one theoretical analysis of the time complexity and space complexity, the optimization method is better than the method based on the traditional algorithm of finding out all elementary circuits in directed graph. Finally, this paper does some optimization experiments about real Windows binary program's behavior model. The result shows there is a large reduction in the number of directed graph's nodes and edges in the behavior model after deleting all ε run circuits. Copyright © 2011 Binary Information Press.
Wang C.,Shanghai University |
Wang C.,Key Laboratory of Aerospace Information Security and Trusted Computing |
Zhang H.,Hubei University |
Zhang H.,Key Laboratory of Aerospace Information Security and Trusted Computing |
China Communications | Year: 2011
Elliptic curve cryptography is one of the most important public-key cryptography. The Koblitz Curve is a special kind of elliptic curve in ECC and its security mainly depends on the base field. Based on Evolutionary Cryptography theory, which becomes a principal concept for cryptography design and cryptanalysis, we propose a new algorithm for secure EC generation based on Ant Colony Optimization (ACO) to accelerate the search process of safe base field. We preliminarily deal with secure Koblitz curve selecting over the field F (2800). Experiments show that the base field and base point of secure curves generated by ant colony algorithm have gone beyond the parameter range of Koblitz curves recommended by NIST. We can present many new secure Koblitz curves, including base field and base point, which are not recommended by NIST. The maximum size of our secure Koblitz curve has gone beyond 700bit. The algorithm in this paper follows the same cryptography criteria recommended by the ANSI. So, it can resist current attacks. Theoretical analysis and experimental results prove that the new algorithm is effective and successful, and it is the first successful practice of Evolutionary Cryptography theory in public cryptography research.
Fajiang Y.,Hubei University |
Fajiang Y.,Key Laboratory of Aerospace Information Security and Trusted Computing |
Jing C.,Hubei University |
Jing C.,Key Laboratory of Aerospace Information Security and Trusted Computing |
And 3 more authors.
Electronic Commerce Research | Year: 2014
The platform remote attestation (RA) is one of the main features of trusted computing platform proposed by the trusted computing group (TCG). The privacy certificate authority (CA) solution of RA requires users to pay for multiple certificates, and the direct anonymous attestation (DAA) solution leads to inefficiency. TCG RA also suffers from limitations of platform configuration privacy. This paper proposed a RA scheme based on an improved combined public key cryptography (ICPK) (abbreviated to RA-ICPK). RA-ICPK is a certificate-less scheme without using public key infrastructure CA signature or DAA signature, which combines commitment scheme, zero-knowledge proof and ring signature (RS) to own the property of unforgeability and privacy. RA-ICPK is mainly based on elliptic curve cryptography without bilinear pair computing, and only carries out zero-knowledge proof one time. RA-ICPK need not depend on trusted third parties to check trusted platform modules identity and integrity values revocations. © 2014 Springer Science+Business Media New York
Wang J.,Wuhan University |
Wang J.,Key Laboratory of Aerospace Information Security and Trusted Computing |
Hu H.,Arizona State University |
Zhao B.,Wuhan University |
And 7 more authors.
Chinese Journal of Electronics | Year: 2013
Information Card (InfoCard) is a user-centric identity management metasystem. It has been accepted as a standard of OASIS Identity Metasystem Interoperability Technical Committee. However, there is currently a lack of security analysis to InfoCard protocol, especially, with formal methods. In this paper, we accommodate such a requirement by analyzing security properties of InfoCard protocol adopting a formal protocol analysis tool. Our analysis result discovers that current InfoCard protocol is vulnerable against the session replay attack. Furthermore, we reveal the importance of two optional elements in InfoCard metasystem, token scope and proof key, and found that InfoCard protocol will be susceptible to manin-the-middle attack and token replay attack if these two optional elements lack.