RSA-Based Password-Authenticated Key Exchange, Revisited

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e; (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

Climate change, sea level rise and integrated coastal zone management: An IPCC approach

Expansion of economic activities, urbanisation, increased resource use and population growth are continuously increasing the vulnerability of the coastal zone. This vulnerability is now further raised by the threat of climate change and accelerated sea level rise. The potentially severe impacts force policy-makers to also consider long-term planning for climate change and sea level rise. For reasons of efficiency and effectiveness this long-term planning should be integrated with existing short-term plans, thus creating an Integrated Coastal Zone Management programme. As a starting point for coastal zone management, the assessment of a country's or region's vulnerability to accelerated sea level rise is of utmost importance. The Intergovernmental Panel on Climate Change has developed a common methodology for this purpose. Studies carried out according to this Common Methodology have been compared and combined, from which general conclusions on local, regional and global vulnerability have been drawn, the latter in the form of a Global Vulnerability Assessment. In order to address the challenge of coping with climate change and accelerated sea level rise, it is essential to foresee the possible impacts, and to take precautionary action. Because of the long lead times needed for creating the required technical and institutional infrastructures, such action should be taken in the short term. Furthermore, it should be part of a broader coastal zone management and planning context. This will require a holistic view, shared by the different institutional levels that exist, along which different needs and interests should be balanced.

CIM系统设计中的关键问题

虽然新的制造系统不断涌现 ,企业仍然对CIM给予很大广泛的认可。本文讨论了CIM设计中的一些关键问题。首先 ,根据业务过程重组来实施CIM至关重要 ,其次 ,必须采用CIM的功能体系结构规范和容纳各种功能系统 ,以便更好地执行业务流过程。同时 ,需要有相应的集成基础结构来支持整个企业的数据管理。