Survey of information security

Science in China Series F: Information Sciences - Tập 50 - Trang 273-298 - 2007
ChangXiang Shen1, HuangGuo Zhang2, DengGuo Feng3, ZhenFu Cao4, JiWu Huang5
1Computing Technology Institute of China Navy, Beijing, China
2School of Computer, Wuhan University, Wuhan, China
3Institute of Software, Chinese Academy of Sciences, Beijing, China
4Department of Computer Science and Technology, Shanghai Jiaotong University, Shanghai, China
5Information Technology Institute, Zhongshan University, Guangzhou, China

Tóm tắt

The 21st century is the age of information when information becomes an important strategic resource. The information obtaining, processing and security guarantee capability are playing critical roles in comprehensive national power, and information security is related to the national security and social stability. Therefore, we should take measures to ensure the information security of our country. In recent years, momentous accomplishments have been obtained with the rapid development of information security technology. There are extensive theories about information security and technology. However, due to the limitation of length, this article mainly focuses on the research and development of cryptology, trusted computing, security of network, and information hiding, etc.

Tài liệu tham khảo

Shen C X. Thinking on the Enhancement of Information Security Assurance Architecture, Literary of Information Security (in Chinese). Wuhan: Hubei Science and Technology Press, 2002

Zhang H G, Wang L N, Huang C H. Research and practice for information security discipline construction and personnel training. In: Symposium on Deans of Computer Institute of China. Beijing: Higher Education Press, 2005

Pfleeger C P, Pfleeger S L. Security in Computing. 3rd ed. NJ: Prentice Hall, 2003

Stallings W. Cryptography and Network Security-Principles and Practices. 4th ed. Pearson Education, 2006

Qin S H, Liu W Q. Operating System Security (in Chinese). Beijing: Qinghua University Press, 2004

Schneier B. Applied Cryptography, Protocols, Algorithms and Source Code in C. New York: John Wiley & Sons, 1996

Mao W. Modern Cryptography: Theory and Practice. HJ: Prentice Hall PTR, 2003

Feng D G. Research state and development trend of cryptology in and abroad. J Commun (in Chinese), 2002, 23(5): 18–26

Cao Z F, Shui XQ. Development direction and latest progress for cryptology. Comput Edu (in Chinese), 2005, 19–21

Wang X Y, Feng D G, Lai X J, et al. Collisions for Hash functions MD4, MD5, HAVAL-128 and RIPEMD, Cryptology ePrint Archive: Report 2004/1999, Aug. 2004

Wang X Y, Lai X J, Feng D G, et al. Cryptanalysis of the Hash function MD4 and RIPEMD. In: Advance in Cryptology-Europcrypt’05, LNCS 3494. Berlin: Springer-Verlag, 2005. 1–18

Wang X Y, Yu H B. How to break MD5 and other Hash functions. In: Advance in Cryptology — Eurocrypt’05, LNCS 3494. Berlin: Springer-Verlag, 2005. 19–35

Wang X Y, Yu H B, Yin Y L. Efficient collision search attacks on SHA-0. In: Advance in Cryptology — Crypto 05, LNCS 3621. Berlin: Springer-Verlag, 2005. 1–16

Wang X Y, Yin Y L, Yu H B. Finding collisions in the full SHA-1. In: Advance in Cryptology —Crypto 05, LNCS 3621. Berlin: Springer-Verlag, 2005. 17–36

Federal Information Processing Standards Publication (FIPS 197) Advanced Encryption Standard (AES), Nov. 26, 2001

Zhang H G, Feng X T, Qin Z P, et al. Research on evolutionary cryptosystems and evolutionary DES. Chin J Comput (in Chinese), 2003, 26(12): 1678–1684

Meng Q S, Zhang H G, Qin Z P, et al. Design bent function using evolving method. Acta Elect Sin (in Chinese), 2004, 32(11): 1901–1903

Zhang H G, Wang Y H, Wang B J, et al. Evolutionary random number generator based on LFSR. Wuhan Univ J Natur Sci, 2007, 12(1): 179–182

Luo Q B, Zhang J Z, Zhou J. Complexity Analysis of the Chaotic Key Squence, CHINACRYPT’2006 (in Chinese). Beijing: Press of Science and Technology of China, 2006

Ding C S, Xiao G Z, Shan W J. The stability theory of stream ciphers. Lecture Notes in Computer Science 561. Berlin: Springer-Verlag, 1991

Diffie W, Hellman M E. New directions in cryptography. IEEE Trans Inform Theory, 1976, iT-22(6): 644–654

Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public key cryptosystems. Comm ACM, 1978, 21: 120–126

Merkle R C, Hellman M E. Hiding information and signatures in trap dorr knapsacks. IEEE Trans Inform Theory, 1978, 24(5): 525–530

Rabin M O. Digitalized signatures and public key functions as intractable as factorization. Technical Report LCS/TR212, Cambridge MA (1979), MIT

ElGamal T. A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans Inform Theory, 1985, IT-31(4): 469–472

Koblitz N. Elliptic curve cryptosystem. Math Comput, 1978, 48: 203–209

McEliece R J. A public key cryptosystem based on algebraic coding theory. DSN Progress Rep. 42-44, Jet Propulsion Lab, 1978, 114–116

Tao R J, Chen S H. A finite automaton public key cryptosystem and digital signatures. Chin J Comput (in Chinese), 1985, 8(6): 401–409

Cao Z F. The multi-dimension RSA and its low exponent security. Sci China Ser E-Tech Sci, 2000, 43(4): 349–354

Cao Z F. A threshold key escrow scheme based on public key cryptosystem. Sci China Ser E-Tech Sci, 2001, 44(4): 441–448

Cao Z F. A public key cryptosystem based on a conic over finite fields Fp. In: Advances in Cryptology-Chinacrypt’98 (in Chinese). Beijing: Science Press, 1998. 45–49

Cao Z F. Conic analog of RSA cryptosystem and some improved RSA cryptosystems. J Heilongjiang Univ (in Chinese), 1999, 16(4): 15–18

Cao Z F, Zhang Biao. MC public key cryptosystem based on Chinese remainder theorem. In: Advances in Cryptology-CHINACRYPT’2000 (in Chinese). Beijing: Science Press, 2000. 29–33

Zhou Y, Cao Z F, Chai Z C. Construct secure proxy cryptosystem. CISC 2005, Lecture Notes in Computer Science, Vol. 3822. Berlin: Springer-Verlag, 2005. 150–161

Cao Z F. Public Key Cryptosystem (in Chinese). Harbin: Helongjiang Education Press, 1993

Schnorr C P. Efficient identification and signature for smart cards. J Cryptograp, 1991, 4(3): 161–174

NIST. Digital Signature Standard (DSS), Federal Information Process Standards Publication, 186

Mambo M, Usuda K, Okamoto E. Proxy signatures: delegation of the power to sign messages. IEICE Trans Fundam, 1996, E79-A(9): 1338–1354

Shao J, Cao Z F, Lu R X. Improvement of Yang et al.’s threshold proxy signature scheme. J Systems Software, 2007, 80: 172–177

Chaum D. Blind signatures for untraceable payments. In: Crypto’82. New York: Plenum Press, 1993. 199–203

Cao Z F, Zhu H J, Lu R X. Provably secure robust threshold partial blind signature. Sci China Ser F-Inf Sci, 2006, 49(5): 604–615

Liang X H, Cao Z F, Chai Z C, et al. ID-based threshold blind signature scheme from bilinear pair. In: ChinaCrypto’2006, 2006. 244–252

Boneh D, Gentry C, Lynn B, et al. Aggregate and verifiably encrypted signatures from bilinear maps. In: Advances in Cryptography — Eurocrypt 2003, LNCS 2656. Berlin: Springer-Verlag, 2003. 416–432

Chaum D, van Antwerpen H. Undeniable signatures. In: CRYPTO’89, LNCS 435. Berlin: Springer-Verlag, 1989. 212–216

Lu R X, Cao Z F, Zhou Y. Threshold undeniable signature scheme based on coni. Appl Math Comput, 2005, 162(1): 165–177

Bellare M, Miner S. A forward-secure digital signature scheme. In: CRYPTO’99, LNCS 1666. Berlin: Springer-Verlag, 1999. 431–448

Chai Z C, Cao Z F. Factoring-based proxy signature schemes with forward-security. In: Zhang J, et al. eds. CIS’2004, Lecture Notes in Computer Science, Vol. 3314. Berlin, Heidelberg: Springer-Verlag, 2004. 1034–1040

Dodis Y, Katz J, Xu S, et al. Strong key-insulated signature schemes. In: Public Key Cryptography-PKC 2003, LNCS 2567. Berlin: Springer-Verlag, 2003. 130–144

Shamir A, Tauman Y. Improved online/offline signature schemes. In: Proceedings of Advances in Cryptology: Crypto’01, LNCS 2139. Berlin: Springer-Verlag, 2001. 355–367

Desmedt Y. Society and group oriented cryptography: a new concept. In: Crypto’87, LNCS 293. Berlin: Springer-Verlag, 1988. 120–127

Wang L C, Cao Z F, Li X X et al. Simulatability and security of certificateless threshold signatures. Inform Sci, 2007, 177(6): 1382–1394

Shao J, Cao Z F. A traceable threshold signature scheme with multiple signing policies. Comput Secur, 2006, 25(3): 201–206

Rivest R, Shamir A, Tauman Y. How to leak a secret. In: ASIACRYPT 2001, LNCS 2248. Berlin: Springer-Verlag, 2001. 552–565

Lu R X, Cao Z F, Dong X L. Pairing-based proxy ring signature scheme with proxy signer privacy protection. In: China-Crypto’2006, 2006. 1–10

Jakobsson M, Sako K, Impagliazzo R. Designated verifier proofs and their applications. In: EUROCRYPT’96, LNCS 1070. Berlin: Springer-Verlag, 1996. 143–154

Lu R X, Cao Z F, Dong X L, et al. Designated verifier proxy signature scheme from bilinear pairings. In: The International Multi-Symposiums in Computer and Computational Sciences (IMSCCS 06), June 20–24. 2006. 40–47

Chaum D. Designated confirmer signatures. In: Eurocypt’94, LNCS 950. Berlin: Springer-Verlag, 1995. 86–91

Wang G. Bibliography on signatures. Available at: http://icsd.i2r.a-star.edu.sg/staff/guilin/bible.htm.

ITU-T, Rec. X.509 (revised) the Directory — Authentication Framework, 1993, International Telecommunication Union, Geneva, Switzerland

Shamir A. Identity-based cryptosystems and signature schemes. In: Advances in Cryptography — Crypto’84, LNCS 196. Berlin: Springer-Verlag, 1984. 47–53

Boneh D, Franklin M. Identity-based encryption from the Weil pairing, SIAM. J Comput, 2003, 32(3): 586–615

Barreto P S L M. The Pairing-Based Crypto Lounge, http://paginas.terra.com.br/informatica/paulobarreto/ pblounge.html

Lu R X, Cao Z F, Dong X L. Efficient ID-based one-time proxy signature and its application in E-cheque. In: 5th International Conference on Cryptology and Network Security-CANS 2006, Lecture Notes in Computer Science, Vol. 4301. 2006, 153–167

Duan S S, Cao Z F. Efficient and provably secure multi-receiver identity-based signcryption. ACISP 2006, Lecture Notes in Computer Science, Vol. 4058. 2006, 195–206

Baek J, Zheng Y. Identity-based threshold decryption. In: Practice and Theory in Public Key Cryptography-PKC’2004, Singapore (SG), March 2004, LNCS 2947. Berlin: Springer-Verlag, 2004. 262–276

Al-Riyami S S, Paterson K G. Certificateless public key cryptography. In: Advances in Cryptology — Asiacrypt’2003, LNCS 2894. Berlin: Springer-Verlag, 2003. 452–473

Nan X H. Identity Authentication Based on CPK (in Chinese). Beijing: National Defense Industry Press, 2006

Goldwasser S, Micali S. Probabilisticencryption. J Comput Syst Sci, 28(3): 270–299

Dolev D, Dwork C, Naor M. Non-malleable cryptography. SIAM J Comput, 2000, 30(2): 391–437

Goldwasser S, Micali S, Rivest R. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J Comput, 1988, 17(2): 281–308

An J, Dodis Y, Rabin T. On the security of joint signature and encryption. In: Advances in Cryptology — EUROCRYPT’02, LNCS 2332. Berlin: Springer-Verlag, 2002. 83–107

Pointcheval D. Provable Security for Public Key Schemes, http://www.di.ens.fr/:_pointche/pub.php?reference=Po04

Bellare M, Rogaway P. Entity authentication and key distribution. In: Advances in Cryptology — Crypto 1993, LNCS 773. Berlin: Springer-Verlag, 1993, 110–125

Bellare M, Rogaway P. Provably secure session key distribution: The three party case. In: 27th ACM Symposium on the Theory of Computing. New York: ACM Press, 1995. 57–66

Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks. In: Advances in Cryptology — Eurocrypt 2000 LNCS 1807. Berlin: Springer-Verlag, 2000. 139–155

Canetti R, Krawczyk H. Analysis of key-exchange protocols and their use for building secure channels. In: Advances in Cryptology — Eurocrypt 2001 LNCS 2045. Berlin: Springer-Verlag, 2001. 453–474

Choo K K R, Boyd C, Hitchcock Y. Examining indistinguishability-based proof models for key establishment protocols. In: Advances in Cryptology — Asiacrypt 2005, LNCS 3788. Berlin: Springer-Verlag, 2005. 585–604

Choo K K R. Provably-Secure Mutual Authentication and Key Establishment Protocols Lounge, http://sky.fit.qut.edu.au/:_choo/lounge.html

Lu R X, Cao Z F. Simple three-party key exchange protocol. Comput Secur, 2007, 26(1): 94–97

Lu R X, Cao Z F. Efficient remote user authentication scheme using smart card. Comput Networks, 2005, 49(4): 535–540

Shao J, Cao Z F, Lu R X. An improved deniable authentication protocol. Networks, 2006, 48(4): 179–181

Bellare M, Rogaway P. Random oracles are practical: a paradigm for designing efficient protocols. In: Proc. of the 1st ACM Conference on Computer and Communication Security. New York: ACM Press, 1993. 62–73

Fiat A, Shamir A. How to prove yourself: {Practical} solutions to identification and signature problems. In: Advances in Cryptology—Crypto’ 86. Berlin: Springer-Verlag, 1986. 186–194

Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. In: Proceedings of the 30th Annual Symposium on the Theory of Computing (STOC’98). New York: ACM Press, 1998. 209–218

Cramer R, Shoup V. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Advance in Cryptology-Crypto’98, LNCS 1462. Berlin: Springer-Verlag, 1998. 13–25

Water B. Efficient identity-based encryption without random oracle. In: Advances in Wyptology CRYPTO 2004 LNCS 3152. Berlin: Springer-verlag, 2004. 443–459

Boneh D, Boyen X. Short signatures without random oracles. In: Advance in Cryptology-Eurocrypt’04, LNCS 3027, 2004. 56–73

Zeng G H. Quantum Identity Authentication Without Lost of Quantum Channel. In: CHINACRYPT’2004. Beijing: Science Press, 2004

Xiao G Z, Lu M X. DNA computing and DNA code. J Engin Math, 2006, 23(1): 1–6

Department of Defense Computer Security Center. DoD 5200.28-STD. Department of Defense Trusted Computer System Evaluation Criteria [S]. USA: DOD, December 1985

National Computer Security Center. NCSC-TG-021. Trusted Database Management System Interpretation [S]. USA: DOD, April 1991

National Computer Security Center. NCSC-TG-005. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria [S]. USA: DOD, July 1987

Trusted Computing Group. TCG Specification Architecture Overview [EB/OL]. [2005-03-01]. https://www.trustedcomputinggroup.org

The Open Trusted Computing (OpenTC) consortium. General activities of OpenTC [EB/OL]. [2006-3-1]. http://www.opentc.net/activities

Microsoft. Trusted Platform Module Services in Windows Longhorn [EB/OL]. [2005-4-25]. http://www.microsoft.com/resources/ngscb

Intel Corporation. LaGrande Technology Architectural Overview [EB/OL]. [2004-5-1]. http://www.intel.com/technology/security

Avizienis A, Laprie J-C, Randell B, et al. Basic concepts and taxonomy of dependable and secure computing. IEEE Trans Depend Secure Comput, 2004, 1(1): 11–33

Zhang H G, Luo J, Jin G, et al. Development of trusted computing research. J Wuhan Univ (Nat Sci Ed) (in Chinese), 2006, 52(5): 513–518

Zhang H G, Wu G Q, Qin Z P, et al. A new type of secure microcomputer. In: Proc. of First Chinese Conference on Trusted Computing and Information Security. J Wuhan Univ (Nat Sci Ed) (in Chinese), 2004, 50(s1): 1–6

Zhan H G, Liu Y Z, Yu F J, et al. A new type of embedded secure module. In: Proc. of First Chinese Conference on Trusted Computing and Information Security. J Wuhan Univ (Nat Sci Ed) (in Chinese), 2004, 50(s1): 7–11

Yan F, Zhang H G, Sun Q, et al. An improved grid security infrastructure by trusted computing. Wuhan Univ J Nat Sci, 2006, 11(6): 1805–1808

Patel J, Luke T W T, Jennings N R, et al. A probabilistic trust model for handling inaccurate reputation sources. In: Trust Management, Third International Conference, iTrust 2005. Paris, France, May 23–26, 2005. 193–209

Beth T, Borcherding M, Klein B. Valuation of trust in open network. In: Proceeding of the European Symposium on Research in Security (ESORICS). Brighton: Springer-Verlag, 1994. 3–18

Tang W, Chen Z. Research of subjective trust management model based on the fuzzy set theory. J Software (in Chinese), 2003, 14(8): 1401–1408

Audun J. An algebra for assessing trust in certification chains. In: The Proceedings of NDSS’99, Network and Distributed System Security Symposium. San Diego: The Internet Society, 1999

Yuan L L, Zeng G S, Wang W. Trust evaluation model based on Dempster-Shafer evidence theory. J Wuhan Univ (Nat Sci Ed) (in Chinese), 2006, 52(5): 627–630

Qu Y W. Software Behavior (in Chinese). Beijing: The Electronic Industry Press, 2004

Lin C, Peng X H. Research on trustworthy network. Chine J Comput (in Chinese), 2005, 28(5): 751–758

Chen H W, Wang J, Dong W. The high trusted software engineer. Acta Elect Sin, 2003, 31(12): 1933–1938

Feng D G. Network Security-Principle and Technology (in Chinese). Beijing: Science Press, 2003

Feng D G. Research State and Development Trend of Information Security Technology in and abroad (in Chinese). 2005, Qinghua University Press, 2006. 236–256

Feng D G, Wang X Y. Progress and Prospect on Information Security Research in China. J Comput Sci Tech, 2006, 21(5): 740–755

Shim S S Y, Gong L, Rubin A D, et al. Securing the high-speed internet. IEEE Comput, 2004, 37(6): 33–35

Anderson J P. Computer security technology planning study. ESD-TR-73-51, Vol. II, Electronic Systems Division, Air Force Systems Command, Bedford, MA, USA

Carle J, Simplot-Ryl D. Energy-efficient area monitoring for sensor networks. IEEE Comput, 2004, 37(2): 40–46

Enz C C, El-Hoiydi A, Decotignie J, et al. WiseNET: an ultralow-power wireless sensor network solution. IEEE Comput, 2004, 37(8): 62–70

Simmons G J. The prisoner’s problem and the subliminal channel. In: Advances in Cryptology: Proceedings of CRYPTO’83. NY: Plenum Press, 1984. 51–67

Wang Y M, Zhang T, Huang J W, et al. Information Hiding-Theory and Technology (in Chinese). Beijing: Tsinghua University Press, 2006

A guide to understanding covert channel analysis of trusted systems. National Computer Security Center. NCSC-TG-030

Petitcolas F A P, Anderson R J, Kuhn M G. Information hiding — A survey. Proc. IEEE, 1999, 87(7): 1062–1078

Anderson R, Petitcolas F A. P. On the limits of steganography. IEEE J Select Areas Commun, 1998, 16(4): 474–481

Swanson M D, Kobayashi M, Tewfik A. H. Multimedia data embedding and watermarking technologies. Proc. IEEE, 1998, 86(6): 1064–1087

Johnson N F, Jajodia S. Steganalysis of images created using current steganography software. In: Proc. of 2nd International Workshop on Information Hiding. LNCS 1525, 1998. 273–289

Bender W, Gruhl D, Morimoto N, et al. Techniques for data hiding. IBM System J, 1996, 35(3/4): 313–337

Cox I J, Killian J, Leighton F T, et al. Secure spread spectrum watermarking for multimedia. IEEE Trans Image Proc, 1997, 6(12): 1673–1687

Chen B, Wornell G W. Quantization index modulation: A class of provably good methods for digital watermarking and information embedding. IEEE Trans Inform Theory, 2001, 47(4): 1423–1443

Thông tin
Thông tin xuất bản

Science in China Series F: Information Sciences

Tập 50

273-298

Thông tin tác giả