电子商务信息系统安全管理体系PRS-ISMS的研究

信息是电子商务至关重要的资产,电子商务的正常运转必须建立在安全的信息系统之上,因而电子商务信息系统安全问题成为人们日益关注的重点.根据电子商务信息系统特点,从信息系统过程(Process)、资源(Resource)和安全目标(Security)三个视角分析了电子商务信息安全风险的要素及其关系,构建了三维信息系统安全管理体系模型PRS-ISMS,提出了改进的信息安全风险管理过程PRS-PDCA.     

A new modified remote user authentication scheme using smart cards

In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar＇s scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar＇s is presented.     

Revisiting key schedule’s diffusion in relation with round function’s diffusion

We study the weakness of key schedules from an observation: many existing attacks use the fact that the key schedules poorly distribute key bits in the diffusion path of round functions. This reminds us of the importance of the diffusion’s relation between key schedules and round functions. We present new cryptanalysis results by exploring such diffusion relation and propose a new criterion for necessary key schedule diffusion. We discuss potential attacks and summarize the causes for key schedules without satisfying this criterion. One major cause is that overlapping between the diffusion of key schedules and round functions leads to information leakage of key bits. Finally, a measure to estimate our criterion for recursive key schedules is presented. Today designing key schedule still lacks practical and necessary principles. For a practical key schedule with limited diffusion, our work adds more insight to its requirements and helps to maximize the security level.     

考虑无缺陷退货的在线商品信息发布策略

消费者网络购物面临的不确定性往往导致非质量原因的退货。合理发布产品信息,并提供退货保障,是网络零售商促进消费者购买和提高利润的有效策略。基于消费者效用理论和博弈论,构建了产品信息影响消费者购买和退货模型,研究了零售商在垄断和竞争情形下的产品信息发布决策问题,发现垄断性零售商的最优信息发布策略和竞争性零售商在发布产品信息量和信息内容方面的均衡策略均取决于产品价值和退货成本特征,提出了不同市场结构下基于产品特征的在线商品信息发布策略。     

基于非对称半监督集成SVM的托攻击检测方法

受推荐系统在电子商务领域重大经济利益的驱动,恶意用户以非法牟利为目的实施托攻击,操纵改变推荐结果,使推荐系统面临严峻的信息安全威胁,如何识别和检测托攻击成为保障推荐系统信息安全的关键。传统支持向量机(SVM)方法同时受到小样本和数据不均衡两个问题的制约。为此,提出一种半监督SVM和非对称集成策略相结合的托攻击检测方法。首先训练初始SVM,然后引入K最近邻法优化分类面附近样本的标记质量,利用标记数据和未标记数据的混合样本集减少对标记数据的需求。最后,设计一种非对称加权集成策略,重点关注攻击样本的分类准确率,降低集成分类器对数据不均衡的敏感性。实验结果表明,本文方法有效地解决了小样本问题和数据不均衡分布问题,获得了较好的检测效果。     

基于概率的保持前缀地址随机化算法的安全评估

地址随机化算法通常用于在发布流量数据之前进行去隐私处理.保持前缀地址随机化算法就是其中一个常用算法.对于保持前缀地址随机化算法而言,由于引入了更多的限制,因此也面临更多的安全风险.分析了相关性攻击对保持前缀地址随机化算法的安全影响,并利用概率分析和仿真评估了不同攻击方法对其安全性能的影响.     

Strengthening the security of authenticated key exchange against bad randomness

Recent history has revealed that many random number generators (RNGs) used in cryptographic algorithms and protocols were not providing appropriate randomness, either by accident or on purpose. Subsequently, researchers have proposed new algorithms and protocols that are less dependent on the RNG. One exception is that all prominent authenticated key exchange (AKE) protocols are insecure given bad randomness, even when using good long-term keying material. We analyse the security of AKE protocols in the presence of adversaries that can perform attacks based on chosen randomness, i.e., attacks in which the adversary controls the randomness used in protocol sessions. We propose novel stateful protocols, which modify memory shared among a user’s sessions, and show in what sense they are secure against this worst case randomness failure. We develop a stronger security notion for AKE protocols that captures the security that we can achieve under such failures, and prove that our main protocol is correct in this model. Our protocols make substantially weaker assumptions on the RNG than existing protocols.     

Novel generic construction of leakage-resilient PKE scheme with CCA security

Leakage of private state information (e.g. the secret keys) through various leakage attacks (e.g. side channel attacks, cold-boot attacks, etc) has become a serious threat to the security of computer systems in practice. Nowadays, it has become a common requirement that cryptographic schemes should withstand the leakage attacks. Although some research progresses have been made towards designing leakage-resilient cryptographic schemes, there are still some unsolved issues. For example, the computational costs of the existing generic construction of leakage-resilient public-key encryption (PKE) schemes is generally very high. One of the main reasons is that the underlying building blocks, e.g. non-interactive zero-knowledge argument, one-time lossy filter or one-time signature, are computationally expensive. Moreover, the above constructions of PKE with leakage resilience normally require the upper bound of leakage to be fixed. However, in many real-world applications, this requirement cannot provide sufficient protection against various leakage attacks. In order to mitigate the above problems, this paper presents a generic method of designing leakage amplified PKE schemes with leakage resilience and chosen-ciphertext attacks (CCA) security. Firstly, we define a new cryptography primitive, called identity-based hash proof system with two encapsulated key (T-IB-HPS). Then, two generic constructions of leakage-resilient PKE schemes are proposed using T-IB-HPS and message authentication code (MAC). The CCA security of our proposed constructions can be reduced to the security of the underlying T-IB-HPS and MAC. In the proposed generic method, the leakage parameter has an arbitrary length that can be flexibly adjusted according to the specific leakage requirements. In order to demonstrate the practicability of our generic method, two instantiations of T-IB-HPS are introduced. The first instantiation is proved based on the truncated augmented bilinear Diffie–Hellman exponent assumption, and the second instantiation is proved based on the related security assumptions over the composite order bilinear group.

     

Impacts of risk attitude and outside option on compensation contracts under different information structures

We consider an agency problem where a firm (she) hires a manager (he) who has related managerial expertise to implement a new project. The manager’s managerial expertise is his private information and characterized as an uncertain variable. The revenue brought about by the project in the future is also assumed to be uncertain. In light of these challenges, this paper investigates the impacts of the manager’s risk attitude and the type-and-effort dependent outside option on the optimal compensation contracts under different information structures. Through developing the manager’s decision criterion based on his risk attitude instead of the expected-utility-maximization criterion, we find that, if the manager is conservative and the outside option’s revenue uncertainty is sufficiently high, the optimal commission rate will be distorted upwards under asymmetric managerial expertise information compared with that under symmetric managerial expertise information. Our analysis also confirms that the existence of a type-and-effort dependent outside option distorts up the compensation structure tailored at a fixed outside option. We further show that, comparing with the setting of a fixed outside option when the manager is aggressive, the presence of a type-and-effort dependent outside option results in a surprising phenomenon that the manager’s private information makes no distortion of the firm’s profit.     

Cryptanalyzing a nonlinear chaotic algorithm (NCA) for image encryption

This paper describes the security weakness of a recently proposed image encryption algorithm based on a logistic-like new chaotic map. We show that the chaotic map’s distribution is far from ideal, thus making it a bad candidate as a pseudo-random stream generator. As a consequence, the images encrypted with this algorithm are shown to be breakable through different attacks of variable complexity.     

基于VaR-Copula的信息安全评价模型研究

近年来,我国信息安全面临的形势越来越严峻,而作为信息安全风险防范的最基础手段——风险评价理论和方法还没有得到有效发展和真正发挥作用.研究在深入分析信息安全风险理论基础上,采用VaR理论和Copula法,构建了一种信息安全评价模型,得到了从整体上来把握和衡量信息安全的VaR指标,解决了现有研究主要集中于构建指标体系及其基础上评价模型的弊端.最后,并采用实例验证了该模型的有效性.     

Generic attacks on the Lai–Massey scheme

In this paper we present generic attacks on the Lai–Massey scheme inspired by Patarin’s attacks on the Feistel scheme. For bijective round functions, the attacking results are better than non-bijective round functions for the 3, 4-round Lai–Massey scheme. Our results show that there are some security differences of these two schemes against known attacks. The generic attacks on the 4-round and 5-round Lai–Massey scheme require more complexity than the 4-round and 5-round Feistel scheme respectively. Through the analysis we believe the Lai–Massey scheme has some advantage than the Feistel scheme within 5 rounds.     

A secure arithmetic coding based on Markov model

We propose a modification of the standard arithmetic coding that can be applied to multimedia coding standards at entropy coding stage. In particular, we introduce a randomized arithmetic coding scheme based on order-1 Markov model that achieves encryption by scrambling the symbols’ order in the model and choosing the relevant order’s probability randomly, which is done with higher compression efficiency and good security. Experimental results and security analyses indicate that the algorithm can not only resist to existing attacks based on arithmetic coding, but also be immune to other cryptanalysis.     

Research and Development with Stock-Dependent Spillovers and Price Competition in a Duopoly

This paper investigates the research and development accumulation and pricing strategies of two firms competing for consumer demand in a dynamic framework. A firm’s research and development is production-cost-reducing and can benefit from part of the competitor’s research and development stock without payment. We consider decisions in a game characterized by Nash equilibrium. In this dynamic game, a player’s action depends on whether the competitor’s current research and development stock are observable. If the competitor’s current research and development stock are not observable or observable only after a certain time lag, a player’s action can be solely based on the information on the current period t (open-loop strategy). In the converse case, it can also include the information on the competitor’s reaction to a change in the current value of the state vector (closed-loop strategy), which allows for strategic interaction to take place throughout the game. Given the cumulative nature of research and development activities, a primary goal of this paper is to determine whether, regardless of the observability of the competitor’s current research and development stock, free research and development spillovers generate a lower level of scientific knowledge than research and development appropriability. A second objective of the paper is to determine how the observability of the rival’s current research and development stock affects a firm’s research and development and pricing decisions and payoffs under imperfect research and development appropriability.     

对一个无证书盲签名方案的攻击与改进

对黄茹芬等提出的一个高效的无证书盲签名方案进行了安全性分析,指出方案不能抵抗公钥替换攻击.为此,提出了一个改进方案.改进方案在随机预言模型和计算Diffie-Hellman(CDH)问题、q-强Diffie-Hellman(q-SDH)问题及逆计算Diffie-Hellman(inv-CDH)问题困难的假设下对适应性选择消息和身份攻击是存在不可伪造的.     

Optimal pricing and inventory policies with reliable and random-yield suppliers: characterization and comparison

In this paper, we study the joint pricing and inventory replenishment problem for a periodic-review inventory system with random demand and dual suppliers, one of the suppliers is reliable but more expensive, the other supplier is less expensive but is unreliable with random yield. We characterize the firm’s optimal policies that simultaneously determine the optimal ordering and pricing decisions in each period over a finite planning horizon, and investigate the impacts of supply source diversification and supplier reliability on the firm and on its customers. We show that having source diversification or higher reliability of suppliers not only increases the firm’s expected profit, but also results in a lower optimal selling price, thus they benefit both the firm and its customers.     

ST摘帽如何影响公司价值和股价

以2004~2015年的ST公司为研究样本,利用事件研究法和双重差分模型,研究了ST摘帽对公司价值和股价的影响效应。实证结果表明,摘帽公告可以引起显著为正的累计超额收益率。而且,摘帽的部分信息含量可以被市场提前预期到,并立即反应到股价上。因此,仅从摘帽信息的股价反应速度看,我国的股票市场是半强式有效市场。此外,双重差分的实证结果显示,ST摘帽对公司价值没有显著的影响。但是,具体而言,摘帽事件可以同时显著地提高公司的市值和账面价值。这些结果都基本符合ST制度的政策预期。为了缓解内生性问题,在考虑控制变量的影响和倾向值匹配后,双重差分的实证结果是稳健的。     

Chaotic map based key agreement with/out clock synchronization

In order to address Bergamo et al.’s attack, Xiao et al. proposed a key agreement protocol using chaotic maps. Han then presented three attacks on Xiao et al.’s protocol. To enhance the security of key agreement based on chaotic maps, Chang et al. proposed a new key agreement using passphrase, which works in clock synchronization environment. However, their protocol still has some issues: one is its passphrase is not easy to remember and much longer than password; the second one is it cannot resist guessing attack if the constructed passphrase is easy to remember and also has already existed in some rational dictionaries; the third one is it cannot work without clock synchronization. In this paper, we will present two different key agreement protocols, which can resist guessing attack. The first one works in clock synchronization environment. The second one can work without clock synchronization. They both use authenticated password for secure communications. The protocols are secure against replaying attacks and a shared session key can be established.     

A novel keyed parallel hashing scheme based on a new chaotic system

Hash functions play important role in the information security era. Although there are different methods to design these functions, in recent years chaos theory has emerged as a strong solution in this area. Chaotic hash functions use one-dimensional maps such as logistic and tent, or employ complex multi-dimensional maps which are typically insecure or slow and most of them has been successfully attacked. In this paper, we propose a new chaotic system and employ it to design a secure and fast hash function. The improved security factor has roots in the hyper sensitivity of the proposed chaotic map while properties like speed and security can be parameterized. On the other hand, the proposed hash function has a dynamic random array of functions and can be implemented by a parallel architecture. This data-level parallel architecture makes it fast to generate the hash value. Statistical simulations show success of the proposed hashing scheme. Cryptanalysis of proposed function, such as key sensitivity, meet-in-the-middle attack, collision, preimage resistance and high level attacks, proves security of the proposed function.     

Lattice-Based Cryptography: A Survey*

Most of current public key cryptosystems would be vulnerable to the attacks of the future quantum computers.Post-quantum cryptography offers mathematical methods to secure information and communications against such attacks,and therefore has been receiving a significant amount of attention in recent years.Lattice-based cryptography,built on the mathematical hard problems in(high-dimensional) lattice theory,is a promising post-quantum cryptography family due to its excellent efficiency,moderate s...