Weidong Qiu

Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards

By exploiting a smart card, this paper presents a robust and efficient password-authenticated key agreement scheme. This paper strengthens the security of the scheme by addressing untraceability property such that any third party over the communication channel cannot tell whether or not he has seen the same (unknown) smart card twice through the authentication sessions. The proposed remedy also prevents a kind of denial of service attack found in the original scheme. High performance and other good functionalities are preserved.

Identity-based threshold key-insulated encryption without random oracles

With more and more cryptosystems being deployed on insecure environments such as mobile devices, key exposures appear to be unavoidable. This is perhaps the most devastating attack on a cryptosystem, since it typically means that security is entirely lost. This problem is especially hard to tackle in identity-based encryption (IBE) settings, where the public key is determined as a users identity and is not desirable to be changed. In this paper, we extend Dodis et al.s key-insulation idea and present a new paradigm named threshold key-insulation. The new paradigm not only greatly enhances the security of the system, but also provides flexibility and efficiency. To deal with the key-exposure problem in IBE settings, we further propose an identity-based threshold key-insulated encryption (IBTKIE) scheme. The proposed scheme is proved to be semantically secure without random oracles.

A key management protocol with robust continuity for sensor networks

Robust continuity should be paid much more attention in sensor network key management protocols, especially in privacy-vital environment. However, to our best of knowledge, few papers on key management have addressed the robust continuity in sensor networks. Therefore, in this paper, we present a new key management protocol with robust continuity for sensor networks. The purpose is to minimize the key management redesign effort as well as to make the node flexible and adaptable to many different applications. Compared to existing key management protocols, our proposed protocol has the following merits: First, our protocol addresses the continuity between the pairwise key and group key, it can establish the pairwise key and group key with the same pre-distributed secrets. Second, our protocol can deal with the continuity of the pairwise key and the group key themselves; it can update both of them to support the changes in the size of the network.

Building Representative-Based Data Aggregation Tree in Wireless Sensor Networks

Data aggregation is an essential operation to reduce energy consumption in large-scale wireless sensor networks (WSNs). A compromised node may forge an aggregation result and mislead base station into trusting a false reading. Efficient and secure aggregation scheme is critical in WSN applications due to the stringent resource constraints. In this paper, we propose a method to build up the representative-based aggregation tree in the WSNs such that the sensing data are aggregated along the route from the leaf cell to the root of the tree. In the cinema of large-scale and high-density sensor nodes, representative-based aggregation tree can reduce the data transmission overhead greatly by directed aggregation and cell-by-cell communications. It also provides security services including the integrity, freshness, and authentication, via detection mechanism in the cells.

On the security of 4-bit involutive S-boxes for lightweight designs

In this work we investigate all the 4-bit involutive S-boxes with linear, differential and almost resilient analysis. The results show that involutive S-boxes can be optimal against linear attack. We prove that for a 4-bit involutive S-box there always exists a pair of input and output differences such that the Hamming distance is 1, which does not satisfy the strict resistance on differential analysis. Moreover, we find that the almost resilient property is not effective to judge the security of 4-bit involutive S-boxes in practise. How to use the almost resilient property to set up a criterion for an optimal secure S-box needs investigations.

Key-Insulated Encryption Based Key Pre-distribution Scheme for WSN

In wireless sensor network (WSN) security is as important as performance and energy efficiency for many applications. Key pre-distribution is a good approach to solve the key agreement problem in the WSN. Based on the Key-Insulated Encryption, a new key pre-distribution scheme, KIE-WSN scheme, is proposed in this paper. The proposed scheme has two important security properties: semantically security and optimal KIE-(N-1, N) safety, which means that even if N-1 nodes are compromised, there are no security threatens to the left network. Compared with the existed schemes, the proposed KIE-WSN scheme has better performance in the storage and communication cost.

Transitive Signature Scheme from LFSR

Linear feedback sequence register (LFSR) is a useful cryptographic primitive which is widely implemented in many cryptosystems to represent finite field elements with the counterparts of minimal polynomials. In this paper, an efficient transitive signature scheme from LFSR (LFSR-TS) is considered. First, two derived LFSR sequence operations are designed for LFSR-TS, which are not proposed prior to the current work. Next, the security of LFSR-TS is proven to be existentially unforgeable against the adaptive chosen-message attack in the standard model, which only requires the assumption of the discrete logarithm problem (DLP). Finally, the comparison of performances is presented amongst LFSR-TS and some related schemes.

RCP mining: Towards the summarization of spatial co-location patterns

Co-location pattern mining is an important task in spatial data mining. However, the traditional framework of co-location pattern mining produces an exponential number of patterns because of the downward closure property, which makes it hard for users to understand, or apply. To address this issue, in this paper, we study the problem of mining representative co-location patterns (RCP). We first define a covering relationship between two co-location patterns by finding a new measure to appropriately quantify the distance between patterns in terms of their prevalence, based on which the problem of RCP mining is formally formulated. To solve the problem of RCP mining, we first propose an algorithm called RCPFast, adopting the post-mining framework that is commonly used by existing distance-based pattern summarization techniques. To address the peculiar challenge in spatial data mining, we further propose another algorithm, RCPMS, which employs the mine-and-summarize framework that pushes pattern summarization into the co-location mining process. Optimization strategies are also designed to further improve the performance of RCPMS. Our experimental results on both synthetic and real-world data sets demonstrate that RCP mining effectively summarizes spatial co-location patterns, and RCPMS is more efficient than RCPFast, especially on dense data sets.

Identity-based threshold decryption revisited

We present an identity-based threshold decryption scheme, which is secure against adaptive chosen ciphertext attack (IND-CCA) in the random oracle and generic model (ROM+GM). In our scheme, a onetime Schnorr signature is used for public checkability of ciphertexts, and a new method was proposed to distribute the shares of the decryption key to decrease the number of bilinear pairings involved. Hence our scheme is more efficient than the recent proposals by Baek and Zheng in [1] and by Kiltz and Galindo in [13].

A Verified Group Key Agreement Protocol for Resource-Constrained Sensor Networks

As a result of the growing popularity of wireless sensor networks (WSNs), secure group communication becomes an important research issue for network security because of the popularity of group-oriented applications in WSNs, such as electronic monitoring and collaborative sensing. The secure group key agreement protocol design is crucial for achieving secure group communications. As we all know, most security technologies are currently deployed in wired networks and are not fully applicable to WSNs involving mobile nodes with limited capability. In 2008, we proposed a Bloms matrix based group key management protocol (BKM) with robust continuity for WSNs. Unfortunately, in this paper we present that the BKM has a security weakness in which participants cannot confirm that their contributions were actually involved in the group key establishment. This is an important property of group key agreement. Therefore, we propose a verified group key agreement protocol (V-BKA) for resource-constrained WSNs. We show that the proposed protocol produces contributory group key agreement. We demonstrate that the proposed protocol is a perfect key management protocol and is well suited for resource- constrained WSNs.