A computer package for measuring the strength of encryption algorithms

Designers and users of encryption algorithms used in cipher systems need a systematic approach in examining their ciphers prior to use, to ensure that they are safe from cryptanalytic attack. This paper describes a computer package used for assessing the security of newly-developed encryption algorithms.     

A uniform-complexity treatment of encryption and zero-knowledge

We provide a treatment of encryption and zero-knowledge in terms of uniform complexity measures. This treatment is appropriate for cryptographic settings modeled by probabilistic polynomial-time machines. Our uniform treatment allows the construction of secure encryption schemes and zero-knowledge proof systems (for allNP) using only uniform complexity assumptions. We show that uniform variants of the two definitions of security, presented in the pioneering work of Goldwasser and Micali, are in fact equivalent. Such a result was known before only for nonuniform formalization. Nonuniformity is implicit in all previous treatments of zero-knowledge in the sense that a zero-knowledge proof is required to “leak no knowledge” onall instances. For practical purposes, it suffices to require that it isinfeasible to find instances on which a zero-knowledge proof “leaks knowledge.” We show how to construct such zero-knowledge proof systems for every language inNP, using only a uniform complexity assumption. Properties of uniformly zero-knowledge proofs are investigated and their utility is demonstrated. This research was partially supported by the Fund for Basic Research Administered by the Israeli Academy of Sciences and Humanities. Revision of this work was supported by Grant No. 89-00312 from the United States-Israel Binational Science Foundation (BSF), Jerusalem, Israel.     

企业网络信息安全问题及其解决方案研究

本文介绍了企业信息安全问题及其解决方案，文中首先对企业网络建设面临的安全威胁进行了阐述，然后以目前企业普遍采用的一种网络环境为例提出了详细的安全解决方案，最后就信息加密问题进行了讨论。     

A Software-Optimized Encryption Algorithm

We describe the software-efficient encryption algorithm SEAL 3.0. Computational cost on a modern 32-bit processor is about 4 clock cycles per byte of text. The cipher is a pseudorandom function family: under control of a key (first preprocessed into an internal table) it stretches a 32-bit position index into a long, pseudorandom string. This string can be used as the keystream of a Vernam cipher. Received 3 May 1996 and revised 17 September 1997     

Two-Key Triple Encryption

In this paper we consider multiple encryption schemes built from conventional cryptosystems such as DES. The existing schemes are either vulnerable to variants of meet-in-the-middle attacks, i.e., they do not provide security corresponding to the full key length used or there is no proof that the schemes are as secure as the underlying cipher. We propose a variant of two-key triple encryption with a new method of generating three keys from two. Our scheme is not vulnerable to the meet-in-the-middle attack and, under an appropriate assumption, we can show that our scheme is at least about as hard to break as the underlying block cipher. Received 22 June 1995 and revised 11 October 1996     

AES加密算法在Linux文件系统中的设计与研究

本文主要是通过运用先进的AES加密算法，设计出一个在Linux操作系统下的安全文件系统（ASFS，AES Algorithm Safely File System）。使加密技术和文件系统紧密结合，能够让系统自动地对系统中的文件和目录进行加密和解密操作；从而提高文件系统的安全性，有效地保护用户的数据。     

密钥ESCROW技术

描述美国政府开发的密钥Escrow中期系统,讨论SKIPJACK算法、加密芯片、系统保护、操作安全和芯片编程。     

基于ATtiny12的专用存储芯片的设计与实现

ASIC芯片全定制费用高、风险大、周期长，因此在全定制之前一般先用FPGA或CPLD等可编程逻辑器件做功能验证。但在一些空间极为有限、成本极低的应用场合，采用FPGA或者CPLD显然不是最佳的解决方案。而利用体积小、性能强、成本低的单片机实现芯片全定制将是一个不错的选择。按此设想，文章给出了一种基于微处理器的科学、经济、快速的ASIC芯片功能验证方案，并成功设计出用于某通信设备中的专用加密芯片。     

数字签名等技术在地区电网计量计费系统中的应用

由于多种原因,目前许多地区电网电能计量计费系统中数据的安全性仍受到较大的威胁。在目前常用的计算机网络安全技术的基础上,提出对远程网络数据利用数字签名技术来保证网络数据的完整性;而对计量计费系统主站系统中的电能量数据,则采用以防火墙和安全物理隔离网关设备为主,其他安全技术为辅的安全防范方案。采用了上述技术的某电能计量计费系统,已在多个地区电网得到应用,其2年的运行结果表明,该方案能够有效提高整个计量计费系统的安全性,具有一定的实用价值。     

安全技术在地区电网计量计费系统中的应用

在分析了目前国内电能计量计费系统的结构以及数据传输方式的基础上,结合现代计算机网络安全技术,提出对远程数据采用数字签名技术来确保远程数据的完整性;而对计量计费系统主站中的数据采用防火墙和安全物理隔离网关设备来进一步增强该系统数据的安全性.采用这些技术的电能计量计费系统已在多个地区电网得到了应用.