New lower bounds on the size of (n,r)‐arcs in PG(2,q)

An $\left(n,r\right)$‐arc in $\text{PG}\left(2,q\right)$ is a set of $n$ points such that each line contains at most $r$ of the selected points. It is well known that $\left(n,r\right)$‐arcs in $\text{PG}\left(2,q\right)$ correspond to projective linear codes. Let $m_r\left(2,q\right)$ denote the maximal number $n$ of points for which an $\left(n,r\right)$‐arc in $\text{PG}\left(2,q\right)$ exists. In this paper we obtain improved lower bounds on $m_r\left(2,q\right)$ by explicitly constructing $\left(n,r\right)$‐arcs. Some of the constructed $\left(n,r\right)$‐arcs correspond to linear codes meeting the Griesmer bound. All results are obtained by integer linear programming.     

iCETD: An improved tag generation design for memory data authentication in embedded processor systems

Security becomes increasingly important in computing systems. Data integrity is of utmost importance. One way to protect data integrity is attaching an identifying tag to individual data. The authenticity of the data can then be checked against its tag. If the data is altered by the adversary, the related tag becomes invalid and the attack will be detected. The work presented in this paper studies an existing tag design (CETD) for authenticating memory data in embedded processor systems, where data that are stored in the memory or transferred over the bus can be tampered. Compared to other designs, this design offers the flexibility of trading-off between the implementation cost and tag size (hence the level of security); the design is cost effective and can counter the data integrity attack with random values (namely the fake values used to replace the valid data in the attack are random). However, we find that the design is vulnerable when the fake data is not randomly selected. For some data, their tags are not distributed over the full tag value space but rather limited to a much reduced set of values. When those values were chosen as the fake value, the data alteration would likely go undetected. In this article, we analytically investigate this problem and propose a low cost enhancement to ensure the full-range distribution of tag values for each data, hence effectively removing the vulnerability of the original design.     

Optimising the Termofluids CFD code for petascale simulations

ABSTRACT

This paper presents some recent efforts carried out on the expansion of the scalability of TermoFluids multi-physics Computational Fluid Dynamics (CFD) code, aiming to achieve petascale capacity for a single simulation. We describe different aspects that we have improved in our code in order to efficiently run it on 131,072 CPU-cores. This work has been developed using the BlueGene/Q Mira supercomputer of the Argonne Leadership Computing Facility, where we have obtained feedback at the targeted scale. In summary, this is a practical paper showing our experience at reaching the petascale paradigm for a single simulation with TermoFluids.     

无线传感器网络节点复制攻击和女巫攻击防御机制研究

在无线传感器网络(WSNs)中,节点复制攻击和女巫攻击可扰乱数据融合和阈值选举等网络操作.发起这两种攻击需先通过邻居发现认证过程.考虑到在WSNs中发起邻居认证是不频繁的,提出了一种基于单向密钥链的ID认证防御机制(OKCIDA),降低攻击者在任何时间段发起这两种攻击的可能性.然后基于椭圆曲线离散对数问题,构造对称参数,并组合OKCIDA和利用节点邻居关系,提出了一种无需位置的邻居认证协议(LFNA),以阻止复制节点和女巫节点成功加入网络.最后给出了安全性证明和分析,并在安全和开销方面将LFNA与已有典型防御方案进行了比较,结果表明该方案具有一定的优势.     

基于PRESENT算法的RFID安全认证协议

物联网中RFID技术的应用非常广泛,但是RFID系统的安全性却存在着很大隐患。在RFID系统中标签与读写器间的通信信道是最易受到攻击,传输数据的完整性与保密性得不到保障,因而需要加强RFID系统通信的安全机制。考虑到RFID系统的硬件条件与成本限制,需要建立一个适合RFID系统的安全认证协议,来解决在RFID系统中信息传输所遇到的安全问题。PRESENT算法是轻量级的分组加密算法,将PRESENT结合到RFID系统的安全认证协议中,形成了新的RFID安全认证协议PRSA(PRESENT based RFID security authentication)。此协议可以增强RFID系统的安全性而又不会占用过多的硬件资源,从而能够适用于低成本的RFID系统的通信安全。     

基于块差值的半脆弱可逆视频认证方法

针对半脆弱可逆视频认证问题,提出一种基于块差值直方图调整的半脆弱可逆视频认证方法.在H.264帧内预测后重构的I帧Y分量中,通过预测残差对图像块分类.根据人眼视觉模型,在纹理复杂的区域嵌入比纹理平滑区域更多的水印.在接收端使用K-means对各块的差值进行聚类,自适应判断块差值所属区间,实现高准确率的水印提取.通过空间和时间认证之后,通过嵌入算法的逆操作实现无损视频还原.实验结果表明:提出算法具有良好的视觉效果,能够抵抗常规图像处理和噪声攻击,并实现对恶意篡改区域定位功能.     

一种改进的基于挑战/应答机制的短波接入认证系统研究与设计

挑战/应答方式是一种常用的安全性较高的动态身份认证技术,但窄带信道条件和高效率、高安全性要求限制了其在军事短波环境中的应用。基于短波终端和岸基短波台站已有的安全基础—预共享对称密钥,设计了一种改进的基于挑战/应答机制的短波接入双向认证系统。针对短波接入网实际应用,在认证过程中引入随机数和时间戳两种动态因子,在增强接入认证系统安全性的同时,有效减少了认证过程中的开销,实现通信双方相互认证的同时还能够完成会话和完整性密钥的协商。     

叠加训练序列设计及其高效传输技术研究

采用训练序列与信息数据叠加的传输方案由于消除训练序列占用的频带开销而受到广泛关注。然而,如何高效的分离叠加信号是实现高效信道估计和可靠检测的基础。通过叠加周期训练序列,研究了基于数据依赖的叠加训练(DDST)方案的高效信道估计和检测方案。并结合信道编码技术,研究了编码条件下DDST方案与传统时分复用(TDM)方案的性能。仿真结果表明,在消除训练带宽开销的情况下,获得DDST方案与TDM的误码率基本保持一致。     

DS-SS/EBPSK调制的码分多址研究

为了实现直序扩频扩展的二元相移键控(DS-SS/EBPSK)调制的多址通信,研究了一种DS-SS/EBPSK调制的码分多址实现方法.首先对DS-SS/EBPSK调制信号进行分析,公式化表述了DS-SS/EBPSK的调制过程,得到了可用于解扩和码分多址的等效扩频序列;在此基础上,设计了相关接收机对DS-SS/EBPSK调制信号进行检测,利用不同用户扩频序列互相关很小的特点实现多址传输;最后以m序列为例,仿真了期望用户的误码性能与用户数量和m序列周期长度的关系.仿真结果验证了此种码分多址实现方式的可行性,同时也表明多用户的于扰程度取决于扩频序列之间的互相关性.