42results about How to "Satisfy confidentiality" patented technology

The invention discloses a multiple uncertainty encryption system with a misleading function, which aims at attacks such as rubber-hose attacks, key stealing, brute force attacks and the like. Multiple encryption is performed, and an algorithm and encryption multiplicity are uncertain, so the system has multiple uncertainty, a password analyzer cannot perform analysis, and even though the brute force attacks are adopted, a plaintext obtained only by incomplete single decryption is meaningless. The encryption multiplicity of the algorithm, encryption algorithms of each layer and keys of each layer are all uncertain, and are all included in a structural master key. The multiple uncertainty makes securer the algorithm. The system is required to comprise an improved one-time pad mechanism, and one-time pad has high reversibility, so the encryption system can obtain pseudo keys in two ways to mislead and confuse the password analyzer, and has high value in military affairs and special occasions.

The invention discloses an Internet of Things data access control method and system based on a block chain and an IBE algorithm. A private key generation center PKG carries out system initialization, and constructs an alliance chain; Internet of Things equipment acquires data, encrypts the data to obtain a ciphertext, and sends the ciphertext to the Internet of Things gateway; the Internet of Things gateway sends the ciphertext to an Internet of Things system cloud platform or a local database for storage; a hash value corresponding to the ciphertext is generated, and the ciphertext identifier and a key value pair corresponding to the hash value are stored in the block chain; the PKG generates a private key; a data requester initiates a data request transaction on a block chain, an access control contract deployed on the block chain verifies validity of a data request, the PKG establishes a secure connection with the data requester to share a private key after verification is passed, and the data requester decrypts encrypted data by applying an IBE decryption algorithm to obtain request data. According to the invention, safe and credible fine-grained access control in an Internet of Things environment can be realized, and confidentiality, integrity and availability are satisfied.

The invention relates to an intelligent security chip signature information transmission method and system based on a 2-dimensional bar code. The 2-dimensional bar code is generated by the following steps: an intelligent security chip is inserted into a terminal device; the intelligent security chip is used to put a signature on the original data and thus signature value information is obtained; and the terminal device assemblies the original data, the signature value information and a message verification code to generate a 2-dimensional bar code, and displays the 2-dimensional bar code. Scanning authentication of the 2-dimensional bar code comprises the following steps: an application scans the 2-dimensional bar code, parses the data of the 2-dimensional bar code so as to obtain the to-be-authenticated data, and then sends the to-be-authenticated data to an application background; an authentication center verifies the to-be-authenticated data, and sends a verification result back to the application through the application background. With application of the intelligence security chip signature information transmission method and system based on a 2-dimensional bar code, in an intelligent card identity authentication application system, the problem of poor data communication between an intelligent card and a background system due to unavailable card reading devices is solved, so that comparative transmission of the signature information of the intelligent card is fulfilled without using a particular intelligent card reading device.

The invention requests to protect a privacy protection data aggregation method and system for a smart power grid. The method and system can protect the data privacy of a single user from being leakedand aggregates the sum of data in a certain area, and only a control center can read an aggregation result. The method comprises a system initialization step, a user registration step, an encrypted data generation step, a data aggregation step and a data decryption step. According to the invention, an intelligent electric meter and an aggregator negotiate a session key, and a BGN encryption algorithm based on an elliptic curve is used to encrypt the data. The method does not depend on a trusted third party, the system can still operate normally when the intelligent electric meter is missing, so that better reliability is achieved, the identity of the user is anonymous, and an attacker cannot obtain the real identity of the user. According to the method, the calculation efficiency is improved, the corresponding security requirements of confidentiality, integrity, certification and the like are met, and the security can be proved.

The invention discloses a method for establishing safety communication of network groups. The method comprises the following steps of: processing long-term secret data and authentication information of group communication members by using an SHA (Secure Hash Algorithm) safety hash function which is 512 bits in length; and distributing a key by using an interpolation polynomial according to a secret partition threshold scheme of Shamir to keep a group key fresh, confidential and authenticable and effectively resist external attacks and internal attacks. According to the invention, all information is transmitted on a public channel, so that the method has the characteristics of low calculation amount, high running speed and high server calculation efficiency.

This invention relates to one information safety method and its function module based on industry controlled network and to the safety management method, which comprises the following steps: establishing safety function module in the net; defining safety function module input interface and outputting interface and safety affairs and executing control form dispatching formula when the affairs arrive; processing the input unsigned char to fulfill the data coding and buffer the results in the output interface; finally executing the control form to send one affair signal and completing the coding formula in the key dispatching system.

The invention discloses a cloud computing data security boundary protection method. The cloud computing data security boundary protection method comprises the steps that a cloud service request instruction sent by a user is received, and a data structure and safety parameters of a system are initialized and sent to the user; the user generates a secret key message; the user sends a data storage request, the header information of the metadata of the data storage request is generated, and a cloud data center initializes a plain data append tree; the user generates and sends an encrypted data block to the cloud data center; the cloud data center maintains the plain data append tree in real time according to the serial number and version number of the data block; the user executes security boundary verification and append operation of data on the plain data append tree by utilizing the secret key information of the user. The cloud computing data center of a cloud server terminal not only provides the encryption, fault tolerance and security boundary maintenance functions for the data of the user, but also meets the confidentiality, integrity and survivability of the data.

The invention belongs to the fields of communication data authentication and privacy in a wireless network and provides a certificateless multi-proxy signcryption method with forward secrecy. An original signcrypter private key is constantly updated in a dynamic updating stage, and a proxy secret key is constantly updated too, a signcryption public key is unchanged in a whole process; furthermore, the private key is updated through a secrete key updating algorithm which is an one-way function; therefore, system overhead under a condition of higher security is reduced due to addition of a certificateless cryptosystem, thus meeting requirements of an original multi-proxy signcryption system on security, strong identifiability, public verification, strong non-repudiation and abuse resistance; in addition, the method can meet higher requirements on forward secrecy and strong unforgeability.

The invention discloses a wireless sensor network security routing method based on IPv6 addressing. Network IP addressing and network joining and leaving rules of nodes based on a tree topological structure are provided by aiming at the practical requirement that data require security transmission in a wireless sensor network so that storage space of IP addresses and routing tables is greatly saved, and time and space utilization efficiency is enhanced. Meanwhile, a message security routing transmission strategy based on unicast and multicast is designed, and the network is enabled to resist attack means like replaying and capturing by the characteristic of combination of encryption and decryption, hash algorithm and timestamps.

The invention provides an electric power data sharing method and system. The method comprises the steps of obtaining an access request of electric power data; carrying out approval verification on a data sharing requirement in the original power data corresponding to the access request; after the approval verification is passed, extracting original power data; and determining a shielding strategyaccording to the data sharing requirement, shielding the original power data according to the shielding strategy, and generating shared power data. By implementing the method and the device, the shared electric power data is generated by executing approval verification and setting the shielding strategy corresponding to the original electric power data, so that the requirements on confidentiality,security and privacy of the electric power data are met, the resource sharing of the electric power data is realized, and the utilization rate of the electric power data is further improved.

The invention discloses a method of enhancing UVA (Unmanned Aerial Vehicle) MANET network security in the field of wireless communication technology. The method of enhancing UVA MANET network securitycomprises the specific steps as follows: S1, performing bidirectional identity authentication between UVA nodes, to be specific, S1.1, sending an identity authentication request to a UVA node A by aUVA node B, S1.2, responding to the identity authentication request of the UVA node A by the UVA node B, and S1.3, sending the identity authentication request to the UVA node A by the UVA B, and S1.4,responding to the identity authentication request of the UVA node B by the UVA node A; S2, negotiating symmetric master keys; S3, generating a session key; and S4, generating a digital signature, tobe specific, signing a message M and then sending the message signature sigma and the message M to the UVA node B by the UVA node A, and verifying the correctness of the signature by the node B. By adoption of a form of double keys, a key trusteeship problem and possibility of revealing a system private key due to inverse derivation of a malicious node can be well overcome through a negligible calculated amount.

The invention belongs to the technical field of the computer network secret communication, and specifically relates to a broadcast encryption method capable of sending private information. The method comprises the following steps: 1, setting a broadcast encryption system parameter, establishing a user set space, generating a public key and a main private key required by the broadcast system; 2, generating the private key for each use by a PKG and secretly sending the private key to the user; 3, encrypting the broadcasted information by using a symmetric encryption algorithm with key as K, and encrypting the communication information of the broadcaster and each user by using the symmetric encryption algorithm with the key as shown in description, and then broadcasting the generated ciphertext; and 4, after the user receives the ciphertext information, if the user belongs to the authorized user set, recovering the key K and the formula as shown in description by using the self private key and the broadcast ciphertext header Hdr, and respectively decrypting the corresponding encryption information to recover the plaintext information. By using the method disclosed by the invention, the confidentiality, the collusion attack resistance and the chosen plaintext attack security are satisfied at the same time; the method has the advantages of being low in expenditure and capable of sending the private information.

The invention discloses a method for encrypting a public key in a signed quadratic residue class group. The method comprises the steps of 1, setting system parameters; 2, generating a secret key; 3, selecting a random number by a sender, carrying out encryption on a message, and generating a ciphertext data packet; 4, sending the ciphertext data packet to a receiver by the sender through a public channel; and 5, verifying the effectiveness of the ciphertext after the receiver receives the ciphertext data packet, decrypting the ciphertext data packet by using a private key, and acquiring the message. The method disclosed by the invention satisfies the confidentiality, the integrity and the chosen-ciphertext attack security simultaneously, and realizes public verification of the ciphertext legitimacy; the method does not use bilinear pairings and one-time signatures which are time-consuming, so that defects of other public key encryption methods in which the ciphertext legitimacy is verified by using the bilinear pairings and the one-time signatures are overcome, thereby having higher computational efficiency and higher practical values.

The invention discloses a method and system for detecting a fixed-point sample, and the method comprises the steps: obtaining a detection task, and obtaining the positioning information of a samplingplace of a sample according to a specified place in the detection task; extracting a sample of the designated place according to the positioning information; acquiring a to-be-detected sample and field evidences when the sample is sampled at the designated place, labeling the field evidences, and acquiring labeling information of the field evidences; encoding the sample, storing the code of the sample, the on-site evidence and the labeling information of the on-site evidence, and setting the labeling information of the on-site evidence to be in a hidden state; and detecting the sample, storingthe detection result of the sample into the coded data item corresponding to the sample, and summarizing the detection result of the sample according to the statistical category of the labeling information.

The invention belongs to the technical field of electric power measurement, and discloses a sensor device for electric power measurement and a control method. The control method comprises the steps of: detecting current and voltage data by means of current and voltage detectors; detecting temperature and humidity data by means of temperature and humidity sensors; performing infrared detection by using an infrared detector; setting electric power metering parameters, and setting normal threshold ranges of temperature, humidity and infrared radiation quantity; when the temperature, humidity andinfrared radiation quantity exceeds preset threshold values, performing corresponding adjustment by means of a pressure regulator, a heat dissipation device and a dehumidification device; analyzing power data by using an analysis program; and sharing the power data by means of a sharing program. The sensor device can monitor environmental data of the device in real time, avoids abnormality of thedevice caused by over-high temperature and humidity, can automatically adjust the environmental temperature and humidity data to ensure stable operation of the device, and can automatically alarm andinterrupt when encountering abnormality, and guarantees the operation safety of the device.

The invention relates to a non-threshold protective airtight door of a cavern, which is characterized in that: a sealing beam operating handle and a door locking operating handle are arranged on the large door leaf, the door hinges and ground locks are respectively arranged on both sides of the large door leaf, and the small door leaf It is arranged at the lower part of the large door leaf, and the small door leaf is equipped with a key lock device and a small door lock; the large door leaf is provided with a sealing beam operating handle and a small door hinge, and the left side of the large leaf is provided with a large door hinge. There are door lock operation handles and door locks on both sides of the back, and a sealing beam device is installed at the bottom of the door leaf, and the door frame is pre-buried in the reinforced concrete wall. The present invention is a multi-functional protective airtight door integrating protective airtightness and two built-in locks. It adopts double doors and double locks. The two locks are opened by two different keys respectively, and the door can be opened. confidentiality. It solves the problems of various types of military material cavern doors, large space occupation, large number of doors, cumbersome opening and high cost.