China Communications

Archive

  • Select all
    |
    NETWORK SECURITY
  • NETWORK SECURITY
    T-IP: A Self-Trustworthy and Secure Internet Protocol
    Xiaofeng Wang, Huan Zhou, Jinshu Su, Baosheng Wang, Qianqian Xing, Pengkun Li
    2018, 15(2): 1-14.
    Abstract ( )   Knowledge map   Save
    IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol (T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages: (1) Self-Trustworthy IP address. (2) Low connection latency and transmission overhead. (3) Reserving the important merit of IP to be stateless. (4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and DoS attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec.
  • NETWORK SECURITY
    A Learning Evasive Email-Based P2P-Like Botnet
    Zhi Wang, Meilin Qin, Mengqi Chen, Chunfu Jia, Yong Ma
    2018, 15(2): 15-24.
    Abstract ( )   Knowledge map   Save
    Nowadays, machine learning is widely used in malware detection system as a core component. The machine learning algorithm is designed under the assumption that all datasets follow the same underlying data distribution. But the real-world malware data distribution is not stable and changes with time. By exploiting the knowledge of the machine learning algorithm and malware data concept drift problem, we show a novel learning evasive botnet architecture and a stealthy and secure C&C mechanism. Based on the email communication channel, we construct a stealthy email-based P2P-like botnet that exploit the excellent reputation of email servers and a huge amount of benign email communication in the same channel. The experiment results show horizontal correlation learning algorithm is difficult to separate malicious email traffic from normal email traffic based on the volume features and time-related features with enough confidence. We discuss the malware data concept drift and possible defense strategies.
    • CRYPTOGRAPHY
  • CRYPTOGRAPHY
    Quantum Polynomial-Time Fixed-Point Attack for RSA
    Yahui Wang, Huanguo Zhang, Houzhen Wang
    2018, 15(2): 25-32.
    Abstract ( )   Knowledge map   Save
    Security analysis of public-key cryptosystems is of fundamental significance for both theoretical research and applications in cryptography. In particular, the security of widely used public-key cryptosystems merits deep research to protect against new types of attacks. It is therefore highly meaningful to research cryptanalysis in the quantum computing environment. Shor proposed a well-known factoring algorithm by finding the prime factors of a number , which is exponentially faster than the best known classical algorithm. The idea behind Shor’s quantum factoring algorithm is a straightforward programming consequence of the following proposition: to factor , it suffices to find the order ; once such an is found, one can compute or . For odd values of it is assumed that the factors of cannot be found (since is not generally an integer). That is, the order must be even. This restriction can be removed, however, by working from another angle. Based on the quantum inverse Fourier transform and phase estimation, this paper presents a new polynomial-time quantum algorithm for breaking RSA, without explicitly factoring the modulus . The probability of success of the new algorithm is greater than , exceeding that of the existing quantum algorithm for attacking RSA based on factorization. In constrast to the existing quantum algorithm for attacking RSA, the order of the fixed point for RSA does not need to be even. It changed the practices that cryptanalysts try to recover the private-key, directly from recovering the plaintext to start, a ciphertext-only attack attacking RSA is proposed.
  • CRYPTOGRAPHY
    Quantum Key Distribution Network: Optimal Secret-Key- Aware Routing Method for Trust Relaying
    Chao Yang, Hongqi Zhang, Jinhai Su
    2018, 15(2): 33-45.
    Abstract ( )   Knowledge map   Save
    Since the QKD network can overcome the distance limitation and expand the point-to-point QKD system to a multi-user key distribution system, some testing QKD networks have been built. However, all of this previous research seldom focused on the routing mechanism of QKD network in detail. Therefore, this paper focuses on the routing issue in trust relaying QKD network, builds a model of the trust relaying QKD network and proposes a secret-key-aware routing method. In our method, a dynamic model for the residual local key is proposed to forecast the residual local key quantity of each QKD link more accurately, and the cost of QKD link and relaying path are defined by multiple affecting factors, e.g. the generation, consumption rate and the local key depletion index. The proposed method is implemented and evaluated in a simulation environment. The simulation results show that our routing method can increase the success rate of key exchange, make all the QKD links participate key exchange with almost equal opportunity to achieve load balance, and trade off the local key generation and consumption of each QKD link. Therefore, our proposed method can contribute to effectively improve the holistic performance of the trust relaying QKD network.
  • CRYPTOGRAPHY
    Collision Attacks against AEZ-PRF for Authenticated Encryption AEZ
    Tairong Shi, Chenhui Jin, Jie Guan
    2018, 15(2): 46-53.
    Abstract ( )   Knowledge map   Save
    AEZ is an AES-based authenticated encryption submitted to the ongoing CAESAR competition and was presented at Eurocrypt 2015 with AEZ v3. There are three models for AEZ, AEZ-core, AEZ-tiny and AEZ-prf. In this paper, we consider the security of AEZ-prf for AEZ v4.2, the latest version of AEZ. Our major finding is a collision of any 256-bit associated data for AES-prf. Then we launch collision attacks in a quantum setting and a classical setting respectively under different assumptions. In the quantum setting, by Simon’s quantum algorithm, we amount a forgery with quantum superposition queries and an overwhelming probability close to 1. In the classical setting, one with the key of AEZ-prf can also construct the forgeries. Our results show that the AEZ-prf models of AEZ v4.2 is not secure in both the quantum setting and classical world. Furthermore, our results can also be applied to AEZ v3, which has been published on Eurocrypt 2015. As far as we know, no cryptanalysis of AEZ v4.2 has been published so far.
  • CRYPTOGRAPHY
    Automatic Search of Impossible Differentials and Zero-Correlation Linear Hulls for ARX Ciphers
    Kai Zhang, Jie Guan, Bin Hu
    2018, 15(2): 54-66.
    Abstract ( )   Knowledge map   Save
    In lightweight cryptographic primitives, round functions with only simple operations XOR, modular addition and rotation are widely used nowadays. This kind of ciphers is called ARX ciphers. For ARX ciphers, impossible differential cryptanalysis and zero-correlation linear cryptanalysis are among the most powerful attacks, and the key problems for these two attacks are discovering more and longer impossible differentials (IDs) and zero-correlation linear hulls (ZCLHs). However, finding new IDs and ZCLHs for ARX ciphers has been a manual work for a long time, which has been an obstacle in improving these two attacks. This paper proposes an automatic search method to improve the efficiency of finding new IDs and ZCLHs for ARX ciphers. In order to prove the efficiency of this new tool, we take HIGHT, LEA, SPECK three typical ARX algorithms as examples to explore their longer and new impossible differentials and zero-correlation linear hulls. To the best of our knowledge, this is the first application of automatic search method for ARX ciphers on finding new IDs and ZCLHs. For HIGHT, we find more 17 round IDs and multiple 17 round ZCLHs. This is the first discovery of 17 round ZCLHs for HIGHT. For LEA, we find extra four 10 round IDs and several 9 round ZCLHs. In the specification of LEA, the designers just identified three 10 round IDs and one 7 round ZCLH. For SPECK, we find thousands of 6 round IDs and forty-four 6 round ZCLHs. Neither IDs nor ZCLHs of SPECK has been proposed before. The successful application of our new tool shows great potential in improving the impossible differential cryptanalysis and zero-correlation linear cryptanalysis on ARX ciphers..
  • CRYPTOGRAPHY
    Cryptanalysis of a Cryptosystem with Non-Commutative Platform Groups
    Jinhui Liu, Jianwei Jia, Huanguo Zhang, Rongwei Yu, Yong Yu, Wangqing Wu
    2018, 15(2): 67-73.
    Abstract ( )   Knowledge map   Save
    A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
  • CRYPTOGRAPHY
    Cost Sharing Based Truthful Spectrum Auction with Collusion-Proof
    Deming Pang, Zhigang Deng, Gang Hu, Yingwen Chen, Ming Xu
    2018, 15(2): 74-87.
    Abstract ( )   Knowledge map   Save
    Spectrum auction is an important approach of spectrum distribution in cognitive radio networks. However, a single secondary user (SU) probably can’t afford the price of spectrum. Multiple SUs grouping together to participate in the auction as a whole is helpful to increase purchasing power. However, SUs could suffer from a new group cheating problem, i.e., parts of users conspire to manipulate the auction by submitting untruthful bids. Existing auction mechanisms were mainly designed to be strategy-proof only for individual user and can’t deal with group cheating. In this paper, a novel spectrum auction mechanism called COSTAG (COst Sharing based Truthful Auction with Group-buying) is proposed to address the group cheating problem. COSTAG consists of a grouping rule to perform grouping and a payment rule to determine the market-clearing price in the spectrum auction. Different from single-echelon pricing approach employed in existing works, a multi-echelon pricing strategy is designed to increase the transaction rate and optimize social profit for the auction. Comprehensive theoretical analysis shows that COSTAG can satisfy the crucial economic robustness properties, both individual and group truthfulness. Simulations demonstrate that comparing with existing works, COSTAG can improve the system performance significantly.
    • COMPUTER SYSTEM SECURITY
  • COMPUTER SYSTEM SECURITY
    Dynamic Integrity Measurement Model Based on vTPM
    Ruizhong Du, Wangyang Pan, Junfeng Tian
    2018, 15(2): 88-99.
    Abstract ( )   Knowledge map   Save
    With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module (TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model (DIMM) based on virtual Trusted Platform Module (vTPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.
  • COMPUTER SYSTEM SECURITY
    A Trusted Attestation Mechanism for the Sensing Nodes of Internet of Things Based on Dynamic Trusted Measurement
    Bei Gong, Yubo Wang, Xiangang Liu, Fazhi Qi, Zhihui Sun
    2018, 15(2): 100-121.
    Abstract ( )   Knowledge map   Save
    Internet of things has been widely applied to industrial control, smart city and environmental protection, in these application scenarios, sensing node needs to make real-time response to the feedback control of the application layer. Therefore, it is necessary to monitor whether or not awareness nodes are trusted in real time, but the existing mechanisms for trusted certification lack the real-time measurement and tracking of the sensing node. To solve the above problems,this paper proposes a dynamic metric based authentication mechanism for sensing nodes of Internet of things. Firstly, the dynamic trustworthiness measure of the sensing nodes is carried out by introducing the computational function such as the trust function, the trustworthiness risk assessment function, the feedback control function and the active function of the sensing node. The dynamic trustworthiness measure of sensing nodes from multiple dimensions can effectively describe the change of trusted value of sensing nodes. Then, on the basis of this, a trusted attestation based on node trusted measure is realized by using the revocable group signature mechanism of local verifier. The mechanism has anonymity, unforgeability and traceability, which is proved the security in the standard model. Simulation experiments show that the proposed trusted attestation mechanism is flexible, practical and efficient and has better attack resistance. It can effectively guarantee the reliable data transmission of nodes and realize the dynamic tracking of node reliability, which has a lower impact on system performance.
  • COMPUTER SYSTEM SECURITY
    TPTVer: A Trusted Third Party Based Trusted Verifier for Multi-Layered Outsourced Big Data System in Cloud Environment
    Jing Zhan, Xudong Fan, Lei Cai, Yaqi Gao, Junxi Zhuang
    2018, 15(2): 122-137.
    Abstract ( )   Knowledge map   Save
    Cloud computing is very useful for big data owner who doesn’t want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last, the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the MapReduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process, we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
  • COMPUTER SYSTEM SECURITY
    Decentralized Attribute-Based Encryption and Data Sharing Scheme in Cloud Storage
    Xiehua Li, Yanlong Wang, Ming Xu, Yaping Cui
    2018, 15(2): 138-152.
    Abstract ( )   Knowledge map   Save
    In this paper, we consider the problems of data sharing between multiple distrusted authorities. Prior solutions rely on trusted third parties such as CAs, or are susceptible to collusion between malicious authorities, which can comprise the security of honest ones. In this paper, we propose a new multi-authority data sharing scheme - Decentralized Multi-Authority ABE (DMA), which is derived from CP-ABE that is resilient to these types of misbehavior. Our system distinguishes between a data owner (DO) principal and attribute authorities (AAs): the DO owns the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scheme correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a complete end-to-end implementation that demonstrates the practical efficacy of our technique.
  • COMPUTER SYSTEM SECURITY
    CAPT: Context-Aware Provenance Tracing for Attack Investigation
    Cheng Tan, Lei Zhao, Weijie Liu, Lai Xu, Lina Wang
    2018, 15(2): 153-169.
    Abstract ( )   Knowledge map   Save
    APT attacks are prolonged and have multiple stages, and they usually utilize zero-day or one-day exploits to be penetrating and stealthy. Among all kinds of security techniques, provenance tracing is regarded as an important approach to attack investigation, as it discloses the root cause, the attacking path, and the results of attacks. However, existing techniques either suffer from the limitation of only focusing on the log type, or are highly susceptible to attacks, which hinder their applications in investigating APT attacks. We present CAPT, a context-aware provenance tracing system that leverages the advantages of virtualization technologies to transparently collect system events and network events out of the target machine, and processes them in the specific host which introduces no space cost to the target. CAPT utilizes the contexts of collected events to bridge the gap between them, and provides a panoramic view to the attack investigation. Our evaluation results show that CAPT achieves the effective provenance tracing to the attack cases, and it only produces 0.21 MB overhead in 8 hours. With our newly-developed technology, we keep the run-time overhead averages less than 4%.
  • COMPUTER SYSTEM SECURITY
    Powermitter: Data Exfiltration from Air-Gapped Computer through Switching Power Supply
    Bo Zhao, Mingtao Ni, Peiru Fan
    2018, 15(2): 170-189.
    Abstract ( )   Knowledge map   Save
    Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired networks. Although the feasibility of infiltrating an air-gapped computer has been proved in recent years, data exfiltration from such systems is still considered to be a challenging task. In this paper we present Powermitter, a novel approach that can exfiltrate data through an air-gapped computer via its power adapter. Our method utilizes the switched-mode power supply, which exists in all of the laptops, desktop computers and servers nowadays. We demonstrate that a malware can indirectly control the electromagnetic emission frequency of the power supply by leveraging the CPU utilization. Furthermore, we show that the emitted signals can be received and demodulated by a dedicated device. We present the proof of concept design of the power covert channel and implement a prototype of Powermitter consisting of a transmitter and a receiver. The transmitter leaks out data by using a variant binary frequency shift keying modulation, and the emitted signal can be captured and decoded by software based virtual oscilloscope through such covert channel. We tested Powermitter on three different computers. The experiment results show the feasibility of this power covert channel. We show that our method can also be used to leak data from different types of embedded systems which use switching power supply.
  • COMPUTER SYSTEM SECURITY
    An Integration Testing Framework and Evaluation Metric for Vulnerability Mining Methods
    Jin Li, Jinfu Chen, Minhuan Huang, Minmin Zhou, Wanggen Xie, Zhifeng Zeng, Shujie Chen, Zufa Zhang
    2018, 15(2): 190-208.
    Abstract ( )   Knowledge map   Save
    Software vulnerability mining is an important way to detect whether there are some loopholes existing in the software, and also is an important way to ensure the security of information systems. With the rapid development of information technology and software industry, most of the software has not been rigorously tested before being put in use, so that the hidden vulnerabilities in software will be exploited by the attackers. Therefore, it is of great significance for us to actively detect the software vulnerabilities in the security maintenance of information systems. In this paper, we firstly studied some of the commonly used vulnerability detection methods and detection tools, and analyzed the advantages and disadvantages of each method in different scenarios. Secondly, we designed a set of evaluation criteria for different mining methods in the loopholes evaluation. Thirdly, we also proposed and designed an integration testing framework, on which we can test the typical static analysis methods and dynamic mining methods as well as make the comparison, so that we can obtain an intuitive comparative analysis for the experimental results. Finally, we reported the experimental analysis to verify the feasibility and effectiveness of the proposed evaluation method and the testing framework, with the results showing that the final test results will serve as a form of guidance to aid the selection of the most appropriate and effective method or tools in vulnerability detection activity.
  • COMPUTER SYSTEM SECURITY
    A Cloud-Assisted Malware Detection and Suppression Framework for Wireless Multimedia System in IoT Based on Dynamic Differential Game
    Weiwei Zhou, Bin Yu
    2018, 15(2): 209-223.
    Abstract ( )   Knowledge map   Save
    As a novel dynamic network service infrastructure, Internet of Things (IoT) has gained remarkable popularity with obvious superiorities in the interoperability and real-time communication. Despite of the convenience in collecting information to provide the decision basis for the users, the vulnerability of embedded sensor nodes in multimedia devices makes the malware propagation a growing serious problem, which would harm the security of devices and their users financially and physically in wireless multimedia system (WMS). Therefore, many researches related to the malware propagation and suppression have been proposed to protect the topology and system security of wireless multimedia network. In these studies, the epidemic model is of great significance to the analysis of malware propagation. Considering the cloud and state transition of sensor nodes, a cloud-assisted model for malware detection and the dynamic differential game against malware propagation are proposed in this paper. Firstly, a SVM based malware detection model is constructed with the data sharing at the security platform in the cloud. Then the number of malware-infected nodes with physical infectivity to susceptible nodes is calculated precisely based on the attributes of WMS transmission. Then the state transition among WMS devices is defined by the modified epidemic model. Furthermore, a dynamic differential game and target cost function are successively derived for the Nash equilibrium between malware and WMS system. On this basis, a saddle-point malware detection and suppression algorithm is presented depending on the modified epidemic model and the computation of optimal strategies. Numerical results and comparisons show that the proposed algorithm can increase the utility of WMS efficiently and effectively.