Pang Liaojun

Key Binding Based on Biometric Shielding Functions

The tremendous evolution in networking, communication and mobility creates greater security assurance demand than can be provided by simple security measures, such as requiring passwords to gain access to a system. Biometric technologies are being used increasingly as an effective means. The combination of biometrics and cryptography is promising although there are some issues to be addressed. The key issue of the biometric encryption is how to deal with the contradiction about the veracity of cryptography and the simulation of biometric. The shielding function is a potential tool to solve this problem. In this paper, we shall review and analyze the classic biometrics-based cryptographic key management. And then, we construct a new fingerprint-based key binding scheme by using the shielding function and the WFMT method.

A Novel Hash-based RFID Mutual Authentication Protocol

RFID is considered as a significant technology which supplies amounts of change in chain management. The most important problem with the RFID system is that the attacker can access the tags information, which leads to the security and privacy problems. Aimed at these problems, a secure hash-based mutual authentication protocol is proposed by utilizing the hash function, the PRNG (pseudo-random number generator) and the secret key. In the proposal, the tag conceals the ID with a random number, the hash function and the secret key. A hash value is transmitted as a substitute for the ID, which realizes the anonymous transmission of the information. The reader and the tag authenticate each other, which eliminates intended or meaningless interferences from the attacker. The computational complexity of the proposed protocol is the same with several hash-based protocols, provided adequate security level and efficiency for practical applications.

An efficient and secure multi-secret sharing scheme with general access structures

A multiple secret sharing scheme can share a group of secrets in each sharing session, which is very useful especially in sharing large secrets. However, most of the existing multiple secret sharing schemes are (t, n) threshold schemes, so they are fit for only threshold applications and unfit for the applications of general access structures. Due to the fact that a (t, n) threshold scheme could only handle a small fraction of the secret sharing idea, a novel multi-secret sharing scheme is proposed, which is designed based on general access structures. The security of this scheme is the same as that of Shamirs threshold secret sharing scheme. Compared with the existing multiple secret sharing schemes, the proposed scheme can provide greater capabilities for many applications because it is able to deal with applications of general access structures.

Fair data collection scheme in wireless sensor networks

To solve the slow congestion detection and rate convergence problems in the existing rate control based fair data collection schemes, a new fair data collection scheme is proposed, which is named the improved scheme with fairness or ISWF for short. In ISWF, a quick congestion detection method, which combines the queue length with traffic changes of a node, is used to solve the slow congestion detection problem, and a new solution, which adjusts the rate of sending data of a node by monitoring the channel utilization rate, is used to solve the slow convergence problem. At the same time, the probability selection method is used in ISWF to achieve the fairness of channel bandwidth utilization. Experiment and simulation results show that ISWF can effectively reduce the reaction time in detecting congestion and shorten the rate convergence process. Compared with the existing tree-based fair data collection schemes, ISWF can achieve better fairness in data collection and reduce the transmission delay effectively, and at the same time, it can increase the average network throughput by 9.1% or more.

A Novel Biometric-Based Authentication Scheme with Privacy Protection

Since biometric data are unique and permanent characteristics of individuals, the privacy protection of biometric authentication schemes has become a common concern of the public. Recently, Tang et al. proposed a biometric-based authentication scheme in an attempt to solve the privacy concerns. However, their scheme cannot resist the attack of tamper. Motivated by these concerns, in this paper, we proposed a new biometric-based authentication scheme, which achieves identity privacy and transaction untraceability. Its security is based on the semantic security of the ElGamal algorithm. Analysis results show that our scheme is higher in efficiency than Tang et al. scheme does, and meanwhile, it can resist the tamper attack. It is concluded that the proposed scheme is more secure and more practical than the existing ones.

Security analysis and improvement of TNC IF-T Protocol Binding to TLS

The TNC IF-T Protocol Binding to TLS (TIPBT) is specified by Trusted Computing Group (TCG) for TNC assessment exchanges. However, the TIPBT cannot be analysed by current Strand Space Model (SSM) because of the different requirements from the traditional security protocols. In order to solve this problem, first, we give an extension of the SSM and point out the TIPBT cannot prevent Man-in-the-Middle (MITM) attacks in some cases based on the extended SSM. Then, we improve the TIPBT and show that the improved TIPBT can resist MITM attacks in the extended SSM.

Mutual Authentication and Ownership Transfer Scheme Conforming to EPC-C1G2 Standard

In a RFID (Radio Frequency Identification)-enabled system, RFID tags often need to change hands from one owner to another during their lifetime, which makes the design of excellent RFID tag ownership transfer schemes more urgent than ever before. In this paper, we propose a lightweight mutual authentication and ownership transfer scheme, which conforms to the standard EPC Class-1 Generation-2 (EPC-C1G2). This scheme can resist tracking, counterfeiting, and denial of service attacks and achieve the privacy protection of both the new user and the old user. At the same time, this scheme has a certain ability to detect tags which need to transfer their ownership and achieves complete ownership transfer. Compared with the existing similar schemes, this scheme is more secure and efficient.

Adaptive Algorithms to Mitigate Inefficiency in Reliability Differentiation Mechanisms for Wireless Sensor Networks

This short paper presents practical algorithms for mitigating inefficiency in reliability differentiation service based on geographical stateless routing, which has great potential applications in large scale wireless sensor networks (WSN). Based on available algorithm, the paper presents a mathematical formalization to systematic understanding the multipath redundancy problem of WSN. With the information beyond one hop and the load balancing mechanism, the data retransmission and reliability differentiation reassignments are reduced. The illustration and simulation demonstrate the proposed algorithmspsila effectiveness and the capability to provide reliability differentiation service.

A secure and efficient (t, n) multi-secret sharing scheme

Based on Shamirs secret sharing, a (t, n) multi-secret sharing scheme is proposed in this paper.p secrets can be shared amongn participants, andt or more participants can co-operate to reconstruct these secrets at the same time, butt−1 or fewer participants can derive nothing about these secrets. Each participants secret shadow is as short as each secret. Compared with the existing schemes, the proposed scheme is characterized by the lower complexity of the secret reconstruction and less public information. The security of this scheme is the same as that of Shamirs threshold scheme. Analyses show that this scheme is an efficient, computationally secure scheme.

Multi-party Non-repudiation Protocol with Different Message Exchanged

Based on the hardness assumption of discrete logarithm problem and a group oriented encryption scheme, a new multi-party non-repudiation protocol is presented. The features of this protocol are the following: In the B2C or B2B E-commerce application,it is necessary for an organisations/people to deal with all kinds of requests,business documents, agreements, payments, contracts, acknowledgments as a batch.The protocol allows such organisations/people to send different messages to multiple different recipients, eliminates the previous restriction on the exchange of the same message. The protocol also utilizes an off-line third trusted party (TTP for short) and has higher efficiency than those protocols with an on-line TTP.