Time filter

Source Type

Xin W.,Peking University | Xin W.,MoE Key Laboratory of High Confidence Software Technologies PKU | Sun H.,Peking University | Sun H.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 6 more authors.
Cryptology and Information Security Series | Year: 2012

Nowadays, RFID technology is increasingly become popular and begin to enter many spheres of everyday life and industrial sectors, supply chain management is one of the most significant applications using RFID solutions. Recently, the path-checking scheme in which readers can verify the validity of the product's path in supply chain is receiving more and more attentions. In this paper, we first review some existing RFID path-checking protocols and point out the defections of their constructions. Then we propose a path-checking solution based on Boldyreva's ordered multisignatures (OMS), a reader will provide its own signature when a tag passes by in order to record the path information, the scheme achieves that each reader in the supply chain can verify the validity of the path taken by the tag. However, OMS can also be verified by adversaries who have the public keys of the readers, so we improve Boldyreva's scheme to implement verification by designated readers, which also protect the path privacy of the tags. In order to resist impersonate attacks, we add mutual authentication into our path-checking scheme by extending Ma's protocol using only pseudorandom number generator. Finally, we do some security and privacy analysis and compare our solution with recently proposed CHECKER. © 2012 The authors and IOS Press.


Yu L.,Peking University | Yu L.,MoE Key Laboratory of High Confidence Software Technologies PKU | Wang Y.,National Computer Emergency Response Team and Coordination Center | Wu Z.,Peking University | And 7 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2014

With the increasing popularity of online social networks, such as twitter and weibo, privacy preserving publishing of social network data has raised serious concerns. Previous works only consider a single static release of social network data, which are not inadequate for analyzing the evolution of social networks. In this paper, we focus on the problem of preserving edges when edges are deleted or added in multiple releases of social network data. To achieve this objective, we propose the Dynamic Safety Condition, which effectively constrains nodes partition to ensure sparsity of edges between any two group. Using this condition, we devise the heuristic algorithm DEP, which anonymizes a sequential graphs to satisfy the privacy objective. Finally, we verify the effectiveness of the algorithm through experiments. © 2014 Springer International Publishing Switzerland.


Wu Z.,Peking University | Wu Z.,MoE Key Laboratory of High Confidence Software Technologies PKU | Yu L.,National Computer Emergency Response Team and Coordination Center | Zhu J.,Peking University | And 7 more authors.
Proceedings - 2014 IEEE International Conference on Ubiquitous Intelligence and Computing, 2014 IEEE International Conference on Autonomic and Trusted Computing, 2014 IEEE International Conference on Scalable Computing and Communications and Associated Symposia/Workshops, UIC-ATC-ScalCom 2014 | Year: 2014

In mobile Internet, Location-Based Services (LBSs) as a popular kind of context-aware recommendation systems can recommend Point of Interest (POI) data according to current locations of users. However, the inherent feature leads to leak sensitive location information of users into untrusted LBS providers. This paper aims at the location privacy problem on query prediction which forecasts next locations and violates user privacy seriously. To tackle this, we propose a novel location privacy protection solution. The contribution is three-fold. First, we model query prediction on cloaking regions using the Bayesian inference. Next, the proposed location anonymization method can generalize locations into safer cloaking regions against such query prediction attacks. Finally, a series of experiments evaluate the performance of this solution and demonstrate its availability. © 2014 IEEE.


Yang Y.,Peking University | Yang Y.,MoE Key Laboratory of High Confidence Software Technologies PKU | Guan Z.,Peking University | Guan Z.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 6 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

Cryptography is a fundamental building block for security sensitive Web applications. Because the architecture of JavaScript can not provide sufficient performance, the client-side web applications still lacks high performance cryptography primitives. In this paper we studied the feasibility of a new Web standard, i.e., the WebGL API for accelerating AES in JavaScript by exploiting the ability of GPU. We design and implemented AES using 128-bit key length. We compared the performance of our approach to the currently reported fastest pure JavaScript implementation and found our approach runs more than ten times faster in major browsers on all platform. Our work showed the potential optimization of using GPU via WebGL to accelerate JavaScript code. © Springer International Publishing 2013.


Yang Y.,Peking University | Yang Y.,MoE Key Laboratory of High Confidence Software Technologies PKU | Guan Z.,Peking University | Guan Z.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 3 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2015

In recent years, memory disclosure attacks, such as cold boot attack and DMA attack, have posed huge threats to cryptographic applications in real world. In this paper, we present a CPU-bounded memory disclosure attacks resistant yet efficient software implementation of elliptic curves cryptography on general purpose processors. Our implementation performs scalar multiplication using CPU registers only in kernel level atomatically to prevent the secret key and intermediate data from leaking into memory. Debug registers are used to hold the private key, and kernel is patched to restrict access to debug registers. We take full advantage of the AVX and CLMUL instruction sets to speed up the implementation. When evaluating the proposed implementation on an Intel i7-2600 processor (at a frequency of 3.4GHz), a full scalar multiplication over binary fields for key length of 163 bits only requires 129 μs, which outperforms the unprotected implementation in the well known OpenSSL library by a factor of 78.0%. Furthermore, our work is also flexible for typical Linux applications. To the best of our knowledge, this is the first practical ECC implementation which is resistant against memory disclosure attacks so far. © Springer International Publishing Switzerland 2015.


Wu Z.,Peking University | Wu Z.,MoE Key Laboratory of High Confidence Software Technologies PKU | Yu L.,Peking University | Yu L.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 6 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2014

Location-Based Service (LBS) providers can send geo-tagged data to mobile users who report their current location information. Location-related user privacy is a vital concern since untrusted LBS can monitor and misuse user location information. This paper aims at how to efficiently protect location privacy in query processing. In proxy-based location anonymizers, location cloaking algorithms need heavy bandwidth for query processing after blurring exact locations into a region. To alleviate it, the proposed query framework can integrate location cloaking and data caching. Next, we devise a novel location anonymization algorithm which takes advantage of the caching feature. Finally, we evaluate this solution experimentally for showing its improvement. © Springer International Publishing Switzerland 2014.


Zhu J.,Peking University | Zhu J.,MoE Key Laboratory of High Confidence Software Technologies PKU | Wu Z.,China Academy of Information and Communications Technology | Guan Z.,Peking University | And 3 more authors.
Proceedings - 2015 IEEE 12th International Conference on Ubiquitous Intelligence and Computing, 2015 IEEE 12th International Conference on Advanced and Trusted Computing, 2015 IEEE 15th International Conference on Scalable Computing and Communications, 2015 IEEE International Conference on Cloud and Big Data Computing, 2015 IEEE International Conference on Internet of People and Associated Symposia/Workshops, UIC-ATC-ScalCom-CBDCom-IoP 2015 | Year: 2015

To mitigate security problem brought by Android malware, various work has been proposed such as behavior based malware detection and data mining based malware detection. In this paper, we put forward a novel Android malware detection model using data mining techniques. We design an algorithm with two steps. The first step is modeling Android application code into graph structure, called API control flow graph by us. Next step is calculating API sequences fulfilling minimum intra-family support in each malware family because malware in malware family usually share similar behavior pattern. Finally, supervised learning method is took advantage in building our malware detecting model with API sequences as input features. We evaluate this model with 1200 applications, half of them are malicious and half are benign, and find it effective in identifying Android malware and even unknown malware. © 2015 IEEE.


Tang C.,Peking University | Tang C.,MoE Key Laboratory of High Confidence Software Technologies PKU | Wang Y.,Peking University | Wang Y.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 10 more authors.
Proceedings - International Conference on Advanced Information Networking and Applications, AINA | Year: 2011

Private attributes of Online Social Network(OSN) users can be inferred from other information (which is usually from users' friends and group information). To address this, social networking sites allow users to hide their friend lists and group lists, so that general public cannot see them. However, if a user doesn't make his friend list public, but his friends have public friend list where we can find him, we can do reverse lookup to extend the friend lists of the user. Furthermore, many social networks allow non-group members to list the members of public groups (e.g., Facebook). These are strong violations of OSN users' privacy, and can be considered as privacy risks caused by the asymmetric configuration of settings in OSNs. In this paper we present the privacy risks due to the lack of symmetric configurations, which exist in most of the OSNs. To make our idea more clear, we propose a inference attack and show that it can be used to infer users' private information, even for users already made their friend list private. We theoretically analyze the risk of proposed privacy issues, and evaluate the risk using experiments based on real-world OSN data. We show that it is not sufficient to only disable friend list and group list to guarantee privacy, and propose methods to mitigate these privacy issues. © 2011 IEEE.


Dong Q.,Peking University | Guan Z.,MoE Key Laboratory of High Confidence Software Technologies PKU
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2015

Proliferation of Electronic Commerce (EC) has revolutionized the way people purchase online. Web-based technologies enable people to more actively interact with merchants and service providers. Such purchasing logs and comments further lead to proliferation of recommender systems. Existing recommendation algorithms exploit either prior transactions or customer reviews to predict user interests towards certain items. Vast noise may be introduced into such information by fake raters, and information redundancy also makes recommender system entangled. In this work, we first examine user reviews and prior transactions to estimate user credibility and item importance to reduce effect from content polluters. Then we propose to alleviate the redundant information from homogeneous users based on link analysis. A unified framework is finally proposed to incorporate them in a mathematical formulation, which can be efficiently optimized. Experimental results on real world data reveal that our model can significantly outperform other baselines. © Springer International Publishing Switzerland 2015.


Yang Y.,Peking University | Yang Y.,MoE Key Laboratory of High Confidence Software Technologies PKU | Guan Z.,Peking University | Guan Z.,MoE Key Laboratory of High Confidence Software Technologies PKU | And 4 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2015

RSA is a public key cryptography widely used for end-to-end authentication and key exchange in various Internet protocols, such as SSL and TLS. Compared with symmetric cryptography, the cryptographic operations in RSA is much more time consuming. This brings pressure on performance to service providers using secure protocols, and hinders these protocols from being more widely used. Graphics Processing Units (GPUs) are increasingly used for intensive data parallelism general purpose computing. GPUs often provide better throughput than CPUs at the same cost. In this paper, we propose a new approach to parallelize Montgomery multiplication under the Single Instruction Multiple Thread (SIMT) threading model of GPUs, and construct a parallel RSA implementation based on this approach, combining with other optimization techniques both in the algorithmic level and implementation level. The performance evaluation shows our RSA implementation achieves a record-breaking latency for RSA decryption implementations on GPUs: 2.6 ms for RSA-1024 and 6.5 ms for RSA-2048. The peak throughtput of decryptions per second of our implementation reaches 5,244 for RSA-2048 and 34,981 for RSA-1024 respectively, which is much faster than existing integer-based implementations. The peak throughput of our implementation is slightly slower than the fastest floating-point based implementation, while the latency of our implementation is 3 times faster. © Springer International Publishing Switzerland 2015.

Loading MoE Key Laboratory of High Confidence Software Technologies PKU collaborators
Loading MoE Key Laboratory of High Confidence Software Technologies PKU collaborators