Assessing the Impact of Climate Change on Intensity-Duration-Frequency (IDF) Curves for the Qassim Region, Saudi Arabia by Mohammed ALRakathi, Abdullah Alodah

Get full text

Security analysis of public-key cryptosystems based on matrix action problem against quantum attack by Huawei HUANG

“…As a generalization of the discrete logarithm problem, semigroup action problem has important applications in the design of public-key cryptography.Public-key cryptosystems based on action problem of integer matrix semigroups on the direct product of commutative groups were analyzed.The matrix was regarded as the exponent of direct product elements, and this class of matrix action had the exponential rules similar to group.It was proved that if the matrix action was injective or the number of generators of the hidden subgroup was less than or equal to the square of the order of the matrix, the matrix action problem could be reduced in polynomial time to the hidden subgroup problem of the direct sum of the additive group of the matrices.And it was proved that commutative matrix action problem could also be reduced to hidden subgroup problem of the direct sum of the additive group of the matrices in polynomial time.The cryptosystems based on this class of matrix action problem cannot against quantum attacks.This conclusion has theoretical significance in the design of public-key cryptography against quantum attacks.…”
Get full text

Lightweight defense mechanism against adversarial attacks via adaptive pruning and robust distillation by Bin WANG, Simin LI, Yaguan QIAN, Jun ZHANG, Chaohao LI, Chenming ZHU, Hongfei ZHANG

“…Adversarial training is one of the commonly used defense methods against adversarial attacks, by incorporating adversarial samples into the training process.However, the effectiveness of adversarial training heavily relied on the size of the trained model.Specially, the size of trained models generated by the adversarial training will significantly increase for defending against adversarial attacks.This imposes constraints on the usability of adversarial training, especially in a resource-constraint environment.Thus, how to reduce the model size while ensuring the robustness of the trained model is a challenge.To address the above issues, a lightweight defense mechanism was proposed against adversarial attacks, with adaptive pruning and robust distillation.A hierarchically adaptive pruning method was applied to the model generated by adversarial training in advance.Then the trained model was further compressed by a modified robust distillation method.Experimental results on CIFAR-10 and CIFAR-100 datasets showed that our hierarchically adaptive pruning method presented stronger robustness under various FLOP than the existing pruning methods.Moreover, the fusion of pruning and robust distillation presented higher robustness than the state-of-art robust distillation methods.Therefore, the experimental results prove that the proposed method can improve the usability of the adversarial training in the IoT edge computing environment.…”
Get full text

5G-based smart airport network security scheme design and security analysis by Xinxin XING, Qingya ZUO, Jianwei LIU

“…To meet the security requirements of smart airports, a 5G-based smart airport network security solution was proposed.The security characteristics and security requirements of the 5G scenario in smart airport were analyzed, and the pain points of security requirements in the current scenario were summarized in five aspects:unified security management and control, network slicing security, security monitoring and early warning, edge computing security, and IoT-aware node security.And then a 5G network security system was designed for smart airports.The functional components of this system included 5G network unified security management and control functions for ubiquitous networks, lightweight 5G network identity authentication and authentication functions, 5G network slice security protection for multi-service requirements, 5G network security monitoring and early warning based on big data analysis, integrated security protection function based on edge computing, and sensory node security protection function based on device behavior analysis.This comprehensive approach built an all-in-one security platform covering business encryption, network security, terminal trustworthiness, identity trustworthiness, and security management and control.Additionally, the potential counterfeit base station attacks in the existing 5G authentication and key agreement (AKA) were analyzed.Due to the lack of authenticity verification of the messages forwarded by the SN, the attacker can pretend to be the real SN to communicate with the UE and the HN, thus carrying out the base station masquerading attack.This kind of attack may lead to the leakage of smart airport network data, and encounter problems such as tampering and deception by opponents.Aiming at the network security requirements of smart airports and the security issues of 5G authentication and key agreement protocol, an improved 5G authentication and key agreement protocol was designed.Formal security models, security goal definitions, and analysis were performed to ensure the robustness and effectiveness of the protocol against attacks.…”
Get full text

Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 by Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG

“…The certificateless cryptosystem can solve the problems of certificate management and key escrow at the same time, but its security model always assumes that Type II adversary (named malicious KGC) will not launch public key replacement attacks.This security assumption has certain limitations in real-world applications.As an efficient identity-based cryptographic scheme, SM9 signature scheme adopts R-ate bilinear pairing which has good security and high computational efficiency.However, it requires KGC to generate and manage keys for users, so it has the problem of key escrow.In view of the above problems, a certificateless signature scheme against malicious KGC was constructed based on blockchain and SM9 signature algorithm.Based on the properties of decentralization and tamper-proof of blockchain, the proposed scheme used the smart contract to record part of the public key corresponding to the user’s secret value on the blockchain.Then, the verifier can revoke the smart contract to query the user’s public key during the signature verification stage.Therefore, the proposed scheme ensured the authenticity of the user’s public key.The user’s private key consisted of the partial private key generated by KGC and a secret randomly chosen by the user.The user required the partial private key generated by KGC to endorse his identity identifier when the user generates the private key for the first time.Subsequently, the private key can be independently updated by changing the secret and the corresponding partial public key.During this process, the identity remains unchanged, which provided a viable solution for key management in decentralized application scenarios.The blockchain relied on the consensus mechanism to ensure the consistency of the distributed data.Based on the traceability of the blockchain, the change log of user’s partial public key was stored in the blockchain, which can trace the source of malicious public key replacement attacks and thereby prevent malicious KGC from launching public key replacement attacks.According to the experimental simulation and security proof results, the total overhead of signature and verification of the proposed scheme is only 7.4ms.Compared with similar certificateless signature schemes, the proposed scheme can effectively resist public key replacement attacks and has higher computational efficiency.…”
Get full text