Range-based attacks on links in random scale-free networks

Range and load play key roles in the problem of attacks on links in random scale-free (RSF) networks. In this paper we obtain the approximate relation between range and load in RSF networks by the generating function theory, and then give an estimation about the impact of attacks on the efficiency of the network. The results show that short-range attacks are more destructive for RSF networks, and are confirmed numerically.

Geographical constraints to range-based attacks on links in complex networks

In this paper, we studied range-based attacks on links in geographically constrained scale-free networks and found that there is a continuous switching of roles of short-and long-range attacks on links when tuning the geographical constraint strength. Our results demonstrate that the geography has a significant impact on the network efficiency and security; thus one can adjust the geographical structure to optimize the robustness and the efficiency of the networks. We introduce a measurement of the impact of links on the efficiency of the network, and an effective attacking strategy is suggested

Sequence variation and genetic diversity in the giant panda

About 336-444 bp mitochondrial D-loop region and tRNA gene were sequenced for 40 individuals of the giant panda which were collected from Mabian, Meigu, Yuexi, Baoxing, Pingwu, Qingchuan, Nanping and Baishuijiang, respectively. 9 haplotypes were found in 21 founders. The results showed that the giant panda has low genetic variations, and that there is no notable genetic isolation among geographical populations. The ancestor of the living giant panda population perhaps appeared in the late Pleistocene, and unfortunately, might have suffered bottle-neck attacks. Afterwards, its genetic diversity seemed to recover to same extent.

MATING COMPETITION AND INTERGROUP TRANSFER OF MALES IN TIBETAN MACAQUES (MACACA-THIBETANA) AT MT EMEI, CHINA

In five groups of seasonally provisioned Tibetan macaques (Macaca thibetana) at Mt. Emei, males were sampled for wounds as an indicator of their competition for females during about 80 days in the 1987 mating season. Quantitative data on intergroup transfer were collected in a period between June 1986 and December 1987. The young adult (YA) males, the most active age-class in mating activity and intergroup transfer, received most of the wounds. Wounds tended to appear more in the front of body for YA and subadults (SA) than they did for middle-old aged (MO) males. This implies that some of the MO males were more active and aggressive in the fights. During the 1.5 year period, 5/6 of the YA and 5/17 of the MO males made intergroup shifts. Although YA males faced a high risk of receiving wounds at transfer, they usually rose in rank. On the other hand, the MO males transferred more smoothly but dropped in rank. The peripheral SA males, which rarely emigrated in the population, were an active component in determining the wounding rate, and the rate and direction of male migration. Three SA immigrants died of severe attacks made by resident males in 1988 and 1991. Adult sex ratios and their variations were considerably reduced with male nonrandom shifts and better conservation of the population.

RSA-Based Password-Authenticated Key Exchange, Revisited

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e; (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

an improved smart card based password authentication scheme with provable security

Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Lee–Kim–Yoo [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards & Interfaces 27 (2) (2005) 181–183] and Lee-Chiu [N.Y. Lee, Y.C. Chiu, Improved remote authentication scheme with smart card, Computer Standards & Interfaces 27 (2) (2005) 177–180] respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. We also propose an improved scheme with formal security proof.

对DES的Rectangle攻击和Boomerang攻击

作为加密标准，DES（data encryption standard）算法虽然已被AES（advanced encryption standard）算法所取代，但其仍有着不可忽视的重要作用．在一些领域，尤其是金融领域，DES和Triple DES仍被广泛使用着．而近年来又提出了一些新的密码分析方法，其中，Rectangle攻击和Boomerang攻击已被证明是非常强大而有效的．因此，有必要重新评估DES算法抵抗这些新分析方法的能力．研究了DES算法针对Rectangle攻击和Boomerang攻击的安全性．利用DES各轮最优差分路径及其概率，分别得到了对12轮DES的Rectangle攻击和对11轮DES的Boomerang攻击．攻击结果分别为：利用Rectangle攻击可以攻击到12轮DES，数据复杂度为2~(62)。个选择明文，时间复杂度为2~(42)次12轮加密；利用Boomerang攻击可以攻击到11轮DES，数据复杂度为2~(58)个适应性选择明密文，时间复杂度为2~(38)次11轮加密．由于使用的都是DES各轮的最优差分路径，所以可以相信，该结果是Rectangle攻击和Boomerang攻击对DES所能达到的最好结果．

对低轮AES-256的相关密钥-不可能差分密码分析

研究AES-256抵抗相关密钥-不可能差分密码分析的能力.首先给出相关密钥的差分,该差分可以扩展到8轮(甚至更多轮)子密钥差分;然后构造出一个5.5轮的相关密钥不可能差分特征.最后,给出一个对7轮AES-256的攻击和4个对8轮AES-256的攻击.

Au(111)电极上分子相互作用扫描隧道显微镜研究

本论文利用扫描隧道显微镜(STM)在Au(111)电极上结合电化学方法在分子水平上观察分子的吸附组装和结构调控等。主要内容如下： (1) 用现场电化学扫描隧道显微镜(ECSTM)在Au(111)电极上研究了巯基己醇(MHO)取代六苯并苯的详细过程。取代速度强烈依赖于MHO的浓度。浓度较低时，反应速度较慢，我们可以用现场ECSTM跟踪观察详细的取代过程。取代首先发生在靠近重构线肘部的位置，出现单分子或多个六苯并苯分子的取代而形成的pits。随着取代过程的进行，这些小的pits生长或合并成较大的pits；pits周围的六苯并苯分子逐渐被MHO取代，最终在限定的区域内形成有序的domain。观察局部区域的取代过程，我们发现沿着重构线的方向扩展速度最快。快速取代之后，MHO在Au(111)电极表面形成( )R30°晶格结构，而慢速取代之后，MHO在表面形成c(4×2)超结构。与MHO在干净的Au(111)电极上的吸附相比，在六苯并苯修饰的Au(111)电极上即使在很低的浓度下也没有观察到平躺的物理吸附相，而是直接形成化学吸附相。这可能是由于六苯并苯的存在，MHO的碳氢链不能直接与Au原子接触。通过数据分析，我们发现取代速率曲线呈倒S形状。 (2) 我们用循环伏安法(CV)和ECSTM研究了腺嘌呤(Adenine，A)，胸腺嘧啶(Thymine，T)和鸟嘌呤(Guanine，G)单组分及混合组分(A+T)的电化学二维相变。施加在Au(111)电极上的电位不同，A会呈现不同的吸附状态，包括物理吸附相和化学吸附相。在物理吸附的电势范围，高分辨ECSTM图像显示，同一个电势下共存着多样性的A的吸附结构。当基底电势变得更正时，一种更倾斜的吸附状态也就是A的化学吸附相会形成。在较负电位下，A和T能通过分子之间氢键作用在Au(111)电极上形成一种新的网络结构，而G能形成多层吸附。 (3) 利用STM研究了不同方法移除硫醇自组装膜之后金电极表面的再生情况。分别使用了化学法和电化学还原脱附法。化学法比较简单，使用的试剂有王水，piranha和NaBH4。王水对金电极表面有强腐蚀作用；piranha和NaBH4对金表面的作用较小，但是NaBH4处理之后的金表面上会有较多的亮岛出现。在移除自组装膜之后的电极上直接组装六苯并苯，我们观察到用piranha和NaBH4处理之后的金电极表面上六苯并苯自组装膜缺陷较多，有序domain也比较小。电化学法脱附可以得到比较干净的金表面，直接组装的六苯并苯自组装膜有序性好，缺陷少。而且，电化学脱附法通过控制电位可以实现硫醇自组装膜和六苯并苯自组装膜的相互转换。

对称加密方案的密文验证安全性

文中研究由密文的完整性检查而导致的数据保密性问题,提出一个新的安全概念——加密方案在密文验证攻击下的不可区分性(IND-CVA:indistinguishability ofencryption scheme under ciphertext verification attacks)来刻画加密方案在这种情况下的保密安全性。IND-CVA允许敌手访问加密oracle和密文验证oracle。与IND-CPA和IND-CCA相比,IND-CVA比IND-CPA稍微强些,但要比IND-CCA弱得多。IND-CVA能使多数常用的加密方案(如:OTP,CBC,及CTR)得以满足。并且,这个IND-CVA可以恰当地刻画安全信道的保密安全性。将认证方案和加密方案结合起来是保证通信安全的一种常用方法。然而,在IND-CVA模型下,当利用认证方案来加强保密安全性的时候,却有可能反而破坏了原有的保密安全性。IND-CVA揭示了完整性对保密性的影响,准确刻画了安全信道的保密性要求,为协议设计提供了有益的参考。

Local histogram based geometric invariant image watermarking

Compared with other existing methods, the feature point-based image watermarking schemes can resist to global geometric attacks and local geometric attacks, especially cropping and random bending attacks (RBAs), by binding watermark synchronization with salient image characteristics. However, the watermark detection rate remains low in the current feature point-based watermarking schemes. The main reason is that both of feature point extraction and watermark embedding are more or less related to the pixel position, which is seriously distorted by the interpolation error and the shift problem during geometric attacks. In view of these facts, this paper proposes a geometrically robust image watermarking scheme based on local histogram. Our scheme mainly consists of three components: (1) feature points extraction and local circular regions (LCRs) construction are conducted by using Harris-Laplace detector; (2) a mechanism of grapy theoretical clustering-based feature selection is used to choose a set of non-overlapped LCRs, then geometrically invariant LCRs are completely formed through dominant orientation normalization; and (3) the histogram and mean statistically independent of the pixel position are calculated over the selected LCRs and utilized to embed watermarks. Experimental results demonstrate that the proposed scheme can provide sufficient robustness against geometric attacks as well as common image processing operations. (C) 2010 Elsevier B.V. All rights reserved.