基于能量分析技术的芯片后门指令分析方法

芯片后门指令是激活硬件木马的典型方式之一,其安全风险高,影响范围广,且难于检测.本文提出了一种基于能量分析的后门指令检测方法,通过对指令分段穷举、并分别采集其能量信息,可有效区分常规指令和后门指令.实验表明,通过简单能量分析即可从能量迹中直接判定出后门指令.进一步,本文提出了一种自动化识别后门指令的相关能量分析方法,通过判断其相关系数与系数均值之间的关系,可高效、自动地完成后门指令分析.     

Authentication scheme for multi-cloud environment based on smart card

To solve the problem of the access keys stored in a smart card increasing linearly with the number of registered clouds without third party participated in authentication,an authentication scheme was proposed for multi-cloud environment based on smart card.In the proposed scheme,the authentication was realized between user and multiple clouds without third party participation when the smart card only stored two access key.Thus the storage cost of smart card was reduced effectively.Because there was no public key cryptography,the authentication messages was generated by using XOR homomorphic function and Hash function,thus the computational cost of the smart card and the cloud servers was reduced effectively.Moreover,the proposed scheme also didn’t need to store any user’s information on the cloud servers,thereby reducing the storage and management costs of the cloud servers.The security analysis and the performance analysis show that the proposed scheme is able to resist multiple attacks,which is secure and efficient.     

钢铁冶金企业门禁一卡通系统的应用研究

作为"一卡通"的一个子系统,门禁系统早已超越了单纯的门道及钥匙管理,它已经逐渐发展成为一套完整的出入管理系统.本文对钢铁冶金企业中应用较为广泛的门禁一卡通系统的功能进行了需求分析,给出了系统的网络结构设计,并详细介绍该系统的各项功能以及可靠性及安全防护措施,对系统特点进行了详细描述.     

基于物联网的病房监控系统的设计研究

随着电子信息技术、多媒体技术以及网络技术的快速发展,物联网技术也得到了快速的发展.本系统采用的是S3C6410微处理器,结合视频通信模块、传感器模块,对医院病房进行实时监控以及室内温湿度的检测,通过USB无线网卡连接互联网,设计一个无线视频传输系统,将设备采集到的数据通过网络传送到网络服务器,操作系统内移植了嵌入式Web服务器GoA-head,结合PHP、HTML等脚本语言,采用了B/S架构将各项环境参数及指标在网页上显示,实现了运行稳定、速度快、成本低、体积小的无线视频监控平台,具有很大的实用价值.     

A lightweight password‐based authentication protocol using smart card

With its simplicity and feasibility, password‐based remote user authentication becomes a popular way to control remote access to network. These years, numerous password‐based authentication schemes have been proposed. Recently, Maitra et al proposed a smart card–based scheme which claims to be resistant to various attacks. Unfortunately, we found some important flaws in this scheme. Therefore, in this paper, we will demonstrate that the scheme of Maitra et al is not secure enough as claimed: neither resisting against off‐line password guessing attack and insider attack nor preserve forward secrecy. To overcome those flaws, we put forward an improved new scheme which not only is resistant to all known attacks but also provides many attractive attributes, such as user revocation and re‐register. Also, we compared the scheme with other related schemes, the result proved the superiority of our scheme. Particularly, we show a new way (beyond the conventional Deffie‐Hellman approach) to achieve forward secrecy. Furthermore, we put some efforts into exploring the design principle of authentication schemes.     

基于Windows平台的音效增强系统设计与实现

针对消费电子类产品中扬声器体积小型化所导致的低频重放能力有限、动态范围较小、频响曲线不佳、声场过窄等问题,开发了iSurround音效增强算法,包括扬声器均衡、图示均衡器、立体声增强、虚拟低音、动态范围压缩和自动音量控制等.在Windows平台上以虚拟声卡的形式实现该算法,最后运用主观听音实验的方法,证明了iSurround音效增强算法在低音表现力、声场宽度、空间环绕感等方面有明显提高.同时,也与目前主流音效算法就行了比较.     

Cryptanalysis and security enhancement of a robust two‐factor authentication and key agreement protocol

Two‐factor user authentication scheme allows a user to use a smart card and a password to achieve mutual authentication and establish a session key between a server and a user. In 2012, Chen et al. showed that the scheme of Sood et al. does not achieve mutual authentication and is vulnerable to off‐line password guessing and smart card stolen attacks. They also found that another scheme proposed by Song is vulnerable to similar off‐line password guessing and smart card stolen attacks. They further proposed an improved scheme. In this paper, we first show that the improved scheme of Chen et al. still suffers from off‐line password guessing and smart card stolen attacks, does not support perfect forward secrecy, and lacks the fairness of session key establishment. We then propose a new security‐enhanced scheme and show its security and authentication using the formal verification tool ProVerif, which is based on applied pi calculus. Copyright © 2014 John Wiley & Sons, Ltd.     

工艺文件管理系统-TFMIS设计与开发

论述了工艺文件管理系统建设的重要性,介绍了工艺文件管理系统设计与开发中的思想、方法、技术和经验。     

基于PC总线的位置测量与电机控制卡

由于光栅,步进电机以及ＩＰＣ工业控制机在机械工业尤其是数控领域中普遍采用,研制出集光栅益检测与步进电机控制两个功能一体的适用于ＩＰＣ工控机的接口卡具有实用价值。文章介绍了基于ＰＣ总线的接口卡的设计,包括硬件结构体系,组成接口卡的几个功能模块以及误差测量控制系统的软件设计,并给出了应用实例。采用该体系结构,在丝杠磨床上实现了传动误差的测量与补偿,大大减小了丝杠传动误差。     

不同知识引出方法对科学概念结构表征的影响——来自多维标度法的证据

不同知识引出方式对获得的群体概念结构的影响,是概念结构研究中重要且未解决的问题。以17名中学化学教师为被试,通过自由分类、概念构图和语义相关性评定,引出被试对15个与原子相关概念的认识,并以多维标度法分析群体概念结构。研究发现:由不同知识引出方式获得的群体概念结构具有不同的特点,通过语义相关性评定获得的群体概念结构更适合呈现科学概念具有复杂关系的特点。研究结果有助于研究者选择合适的研究方法,实施更有效的群体概念结构研究。