Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-gen...Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM) systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortu- nately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters' private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.展开更多
Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesd...Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesdropper,who will be able to destroy the authentication function.Afterwards,he or she can acquire the secret transmitted message or even modify it while escaping detection,by implementing an efficient man-in-the-middle attack.Furthermore,we show a simple scheme to defend this attack,that is,applying non-reusable identity strings.展开更多
Equipped with millions of sensors and smart meters in smart gird,a reliable and resilient wireless communication technology is badly needed.Mobile networks are among the major energy communication networks which contr...Equipped with millions of sensors and smart meters in smart gird,a reliable and resilient wireless communication technology is badly needed.Mobile networks are among the major energy communication networks which contribute to global energy consumption increase rapidly.As one of core technologies of smart grid employing mobile networks,Demand Response(DR) helps improving efficiency,reliability and security for electric power grid infrastructure.Security of DR events is one of the most important issues in DR.However,the security requirements of different DR events are dynamic for variousactual demands.To address this,an event-oriented dynamic security service mechanism is proposed for DR.Three kinds of security services including security access service,security communication service and security analysis service for DR event are composited dynamically by the fine-grained sub services.An experiment prototype of the network of State Grid Corporation of China(SGCC) is established.Experiment and evaluations shows the feasibility and effectiveness of the proposed scheme in smart grid employing mobile network.展开更多
Many previous broadcast encryption schemes can only guarantee confidentiality but cannot verify integrity and authenticity for broadcast messages. In this paper, a broadcast signcryption protocol for ad hoc networks i...Many previous broadcast encryption schemes can only guarantee confidentiality but cannot verify integrity and authenticity for broadcast messages. In this paper, a broadcast signcryption protocol for ad hoc networks is proposed based on cluster-based structure. The proposed protocol not only guarantees confidentiality but also verifies integrity and authenticity for broadcast messages. More importantly, the proposed scheme enables the cluster head to robustly add or remove any cluster member without changing secret key of other cluster members. Moreover, the proposed protocol avoids massive message exchange for key setup among cluster members. The analysis of security and performance shows that the proposed protocol is secure, efficient, and more practical protocol for ad hoc networks.展开更多
基金co-supported by the National Natural Science Foundation of China (Nos. U1233108, U1333127, 2014H H0029, 61103207)the Research Funds for Science & Technology Department of Sichuan Province (No. 2012GZ0001)+1 种基金the Fundamental Research Funds for Chinese Central Universities (No. ZYGX2011J059)the Shanghai Science and Technology Committee (No. 11511505300)
文摘Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM) systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortu- nately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters' private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61272057 and 61170270)
文摘Chang et al.[Chin.Phys.623 010305(2014)]have proposed a quantum broadcast communication and authentication protocol.However,we find that an intercept-resend attack can be preformed successfully by a potential eavesdropper,who will be able to destroy the authentication function.Afterwards,he or she can acquire the secret transmitted message or even modify it while escaping detection,by implementing an efficient man-in-the-middle attack.Furthermore,we show a simple scheme to defend this attack,that is,applying non-reusable identity strings.
基金supported by National Natural Science Foundation of China(Grant No. 61401273 and 61431008)Doctoral Scientific Fund Project of the Ministry of Education of China(No.20130073130006)JSPS KAKENHI Grant Number 15K15976,26730056,JSPS A3 Foresight Program
文摘Equipped with millions of sensors and smart meters in smart gird,a reliable and resilient wireless communication technology is badly needed.Mobile networks are among the major energy communication networks which contribute to global energy consumption increase rapidly.As one of core technologies of smart grid employing mobile networks,Demand Response(DR) helps improving efficiency,reliability and security for electric power grid infrastructure.Security of DR events is one of the most important issues in DR.However,the security requirements of different DR events are dynamic for variousactual demands.To address this,an event-oriented dynamic security service mechanism is proposed for DR.Three kinds of security services including security access service,security communication service and security analysis service for DR event are composited dynamically by the fine-grained sub services.An experiment prototype of the network of State Grid Corporation of China(SGCC) is established.Experiment and evaluations shows the feasibility and effectiveness of the proposed scheme in smart grid employing mobile network.
基金Supported by the National Natural Science Foundation of China (61070164)the Natural Science Foundation of Guangdong Province (81510632010000022)the Science and Technology Planning Project of Guangdong Province (2010B010600025)
文摘Many previous broadcast encryption schemes can only guarantee confidentiality but cannot verify integrity and authenticity for broadcast messages. In this paper, a broadcast signcryption protocol for ad hoc networks is proposed based on cluster-based structure. The proposed protocol not only guarantees confidentiality but also verifies integrity and authenticity for broadcast messages. More importantly, the proposed scheme enables the cluster head to robustly add or remove any cluster member without changing secret key of other cluster members. Moreover, the proposed protocol avoids massive message exchange for key setup among cluster members. The analysis of security and performance shows that the proposed protocol is secure, efficient, and more practical protocol for ad hoc networks.
