Nucleophilic transformations of cyclic phosphate triesters

Reactions of cyclic phosphate triesters, such as 2-ethoxy-1,3,2-dioxaphospholane 2-oxide, with Grignard reagents such as phenyl-, alkyl-, ethynyl-, and allyl-magnesium halides result in ring opening leading to the corresponding phosphonates, via nucleophilic attack of carbon on the phosphorus atom. Treatment of 2-ethoxy-1,3,2-dioxaphospholane 2-oxide with sodium borohydride yields ethyl 2-hydroxyethyl phosphite. This reaction is exclusive for the five-membered cyclic system: under these conditions acyclic phosphate triesters, such as triethyl phosphate, are unreactive and the analogous six-membered ring system, 2-ethoxy-1,3,2-dioxaphosphorinane 2-oxide reacts only partially to give unidentified phosphate esters and traces of phosphonate products. Both compounds were inert to NaBH₄.     

两个无证书签名方案的分析与改进

无证书密码体制结合了基于身份密码体制和传统公钥密码体制的优点,受到了密码和信息安全研究者的极大关注.对梁景玲等提出的消息可恢复的无证书签名方案和侯红霞等提出的无证书短签名方案进行安全性分析,发现两个方案都不能抵抗公钥替换攻击.通过修改签名者密钥生成算法,增加对用户公钥的有效性验证,提高了梁等方案的安全性.通过在签名阶段将用户公钥绑定进HaSh函数,弥补了侯等方案的安全缺陷.     

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

Similar to device-independent quantum key distribution(DI-QKD), semi-device-independent quantum key distribution(SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices.The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a oneway prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD.     

对一个无证书盲签名方案的攻击与改进

对黄茹芬等提出的一个高效的无证书盲签名方案进行了安全性分析,指出方案不能抵抗公钥替换攻击.为此,提出了一个改进方案.改进方案在随机预言模型和计算Diffie-Hellman(CDH)问题、q-强Diffie-Hellman(q-SDH)问题及逆计算Diffie-Hellman(inv-CDH)问题困难的假设下对适应性选择消息和身份攻击是存在不可伪造的.     

Wavelength assignment for reducing in-band crosstalk attack propagation in optical networks: ILP formulations and heuristic algorithms

Today’s Transparent Optical Networks (TONs) are highly vulnerable to various physical-layer attacks, such as high-power jamming, which can cause severe service disruption or even service denial. The transparency of TONs enables certain attacks to propagate through the network, not only increasing their damage proportions, but also making source identification and attack localization more difficult. High-power jamming attacks causing in-band crosstalk in switches are amongst the most malicious of such attacks. In this paper, we propose a wavelength assignment scheme to reduce their damage assuming limited attack propagation capabilities. This complements our previous work in Furdek et al. (M. Furdek, N. Skorin-Kapov, M. Grbac, Attack-aware wavelength assignment for localization of in-band crosstalk attack propagation, IEEE/OSA Journal of Optical Communications and Networking 2 (11) (2010) 1000–1009) where we investigated infinite jamming attack propagation to find an upper bound on the network vulnerability to such attacks. Here, we consider a more realistic scenario where crosstalk attacks can spread only via primary and/or secondary attackers and define new objective criteria for wavelength assignment, called the PAR (Primary Attack Radius) and SAR (Secondary Attack Radius), accordingly. We formulate the problem variants as integer linear programs (ILPs) with the objectives of minimizing the PAR and SAR values. Due to the intractability of the ILP formulations, for larger instances we propose GRASP (Greedy Randomized Adaptive Search Procedure) heuristic algorithms to find suboptimal solutions in reasonable time. Results show that these approaches can obtain solutions using the same number of wavelengths as classical wavelength assignment, while significantly reducing jamming attack damage proportions in optical networks.     

Information Theory Based Evaluation of the RC4 Stream Cipher Outputs

This paper presents a criterion, based on information theory, to measure the amount of average information provided by the sequences of outputs of the RC4 on the internal state. The test statistic used is the sum of the maximum plausible estimates of the entropies H(jt|zt), corresponding to the probability distributions P(jt|zt) of the sequences of random variables (jt)t∈T and (zt)t∈T, independent, but not identically distributed, where zt are the known values of the outputs, while jt is one of the unknown elements of the internal state of the RC4. It is experimentally demonstrated that the test statistic allows for determining the most vulnerable RC4 outputs, and it is proposed to be used as a vulnerability metric for each RC4 output sequence concerning the iterative probabilistic attack.     

On the security of stepwise triangular systems

In 2003 and 2004, Kasahara and Sakai suggested the two schemes RSE(2)PKC and RSSE(2)PKC, respectively. Both are examples of public key schemes based on ultivariate uadratic equations. In this article, we first introduce Step-wise Triangular Schemes (STS) as a new class of ultivariate uadratic public key schemes. These schemes have m equations, n variables, L steps or layers, r the number of equations and new variables per step and q the size of the underlying finite field . Then, we derive two very efficient cryptanalytic attacks. The first attack is an inversion attack which computes the message/signature for given ciphertext/message in O(mn ³ Lq ^r + n ² Lrq ^r ), the second is a structural attack which recovers an equivalent version of the secret key in O(mn ³ Lq ^r + mn ⁴) operations. As the legitimate user also has a workload growing with q ^r to recover a message/compute a signature, q ^r has to be small for efficient schemes and the attacks presented in this article are therefore efficient. After developing our theory, we demonstrate that both RSE(2)PKC and RSSE(2)PKC are special instances of STS and hence, fall to the attacks developed in our article. In particular, we give the solution for the crypto challenge proposed by Kasahara and Sakai. Finally, we demonstrate that STS cannot be the basis for a secure ultivariate uadratic public key scheme by discussing all possible variations and pointing out their vulnerabilities.     

Relative reactivities of halogen-substituted substrates (R-Br,R-C1) toward the halophilic attack by a carbanion

Relative reactivities of bromine-substituted substrates (R-Br) or chlorine-substituted substrates (R-CI) toward bromophilic or chlorophilic attack by a carbanion have been evaluated by the intermolecular competition kinetics. Relative reactivity orders are CF3CFBr2 >CF3CBr3≥CBr4 > CHBr3 > CF3CFBrCF2Br > CF2Br2 > BrCF2CF2Br > BrCH2CO2Et≥ BrCF2CFHBr > CH2Br2 > BrCH2CH2Br, and CI3CNO2 > CI3CCN > CI3CCOPh > cyclo-C5CI6> CI3CCOCI > CCI3CF2CI > CCI3CF3 ≥ CCI4 > CCI3CCI3 ≥ CCI3(CF2)2CI > CI3CCOCCI3 > CCI3(CF2)6CI > CI3CCO2Et > CI3CF > CI3CPh>CI3CCH2O2CCH3.     

对恐怖袭击事件记录数据的量化分析与研究

恐怖主义是人类的共同威胁,利用数据挖掘可以为反恐防恐提供有价值的信息支持.基于数据挖掘的思路,从恐怖袭击事件中提取能描述危险程度的特征属性,构建量化分级模型,并考虑准确率评价指标进行优化.通过组内平方和法分析改进高斯混合模型(GMM),对恐怖组织进行聚类分析,侦查出潜在最相关的嫌疑人.建立相关模型结合统计分析,得到恐怖袭击发生的主要原因、时空特性和蔓延特性,并对未来全球反恐态势进行预测,帮助反恐组织提高反恐的精准性和打击能力.     

Extending the participatory learning paradigm to include source credibility

We provide an overview of the participatory learning paradigm (PLP) and discuss the importance of the acceptance function in determining which observations are used for learning. We introduce a formal model that uses this (PLP) We then extend this model in two directions. First, we consider situations in which we have incomplete observations, we only have observations about a subset of the variables of interest. Next we extend this model to allow for the inclusion in the learning process of information about the learning agents belief about the credibility of the source of the learning experience. Here we distinguish between the content of a learning experience and the source of the experience. We provide a means to allow the learning agents belief about the credibility of the source to determine the effect of the content. Furthermore we suggest a method to allow the modification of agents belief about the credibility of the source to also be part of the learning process.