X射线双星系统的探测

搜寻X射线双星并建立大规模样本是解决众多科学问题(如\"银河系中有多少黑洞X射线双星?黑洞和中子星之间有无质量间隙?球状星团中有无黑洞?\"等)的基础.爱因斯坦探针卫星拥有更灵敏的探测能力,将在运行的几年之中,预计可以发现一批新的中子星和黑洞X射线双星,研究其空间和动力学质量分布成为解决上述问题的关键.国家重点研发计划(编号:2016YFA040080X);;国家自然科学基金(编号:1133305);;中国科学院战略性先导科技专项(编号:XDA15052100,XDB23040000)资助项

Power Analysis Attack: Attack, Countermeasure, and Evaluation

侧信道密码分析是密码学研究的一个重要分支。与传统的密码分析方法不同，侧信道分析不仅关注密码方案的基本数学性质，同时还注重分析并利用密码方案运行时产生的物理信息泄露，例如运行时间、瞬时能量消耗以及电磁辐射等。其中，作为一种被公认有效的侧信道分析方法，能量分析攻击对广泛应用的各类智能安全设备(例如，智能卡等)的物理安全性造成了极其严重的现实威胁，日益受到学术界与产业界的共同关注。因此，研究能量分析攻击的攻防机理，揭示这类攻击的现实威胁，建立高效新颖的分析方法，提出有效的防御措施，合理客观地刻画攻防手段的有效性，对于安全高效的密码模块的设计、分析、构建与测评，具有重要的理论价值与迫切的现实意义。具体地，论文的主要工作及主要贡献包括如下五项内容：能耗泄漏刻画对目标密码设备的能耗泄漏特征进行精确刻画是提出高效能量分析攻击方法的先决条件。 现有在线能耗泄露刻画技术对泄露特征的刻画较为精确，但需要对目标设备具有完全访问能力这一假设极大地限制了其应用范围。因此，本文提出一种基于比特权重的能耗泄漏刻画方法(Bitwisely WeightedCharacterization，简称BWC)，显著地拓展了在线泄露刻画手段的适用范畴。与已有其它典型在线泄露刻画方法不同，BWC方法的显著特点之一是它并不依赖于目标设备中实现的密码算法，而仅仅关注密码设备自身的能耗泄露特征，因此具有更好的通用性。区分器的构造与分析能量分析攻击本质上利用了目标设备能量消耗特征与依赖密钥的中间值的相关性，如何更有效地挖掘并利用这种相关性是建立高效分析方法的前提。因此，区分器构造与分析是能量分析攻击中的核心问题之一，而高效性与通用性则是区分器构造的主要目标。作为BWC方法的一个具体应用，本文构造了两种增强型侧信道类区分器，即BWC-DPA区分器与BWC-CPA区分器，两者的攻击效果均优于原区分器。此外，鉴于已有MIA类区分器存在的局限性，本文提出了基于局部Kolmogorov-Smirnov检测的PKS区分器，该区分器对线性能耗泄漏和非线性能耗泄漏的利用效果均强于已有MIA类区分器。算法级防御对策的设计与分析轻量级密码算法可广泛应用于受限环境(如RFID、无线传感网络)，是当前密码学最活跃的研究方向之一。 为了增强这类密码算法实现对能量分析攻击的抵御能力，受硬件防御对策&ldquo;双栅逻辑&rdquo;的启发，本文提出了一种适用于轻量级密码实现的算法级防御措施――比特平衡编码(Bitwisely BalancedenCoding，简称BBC)方案。BBC方法适用于多种典型的轻量级密码算法实现，能够以较低的开销有效地降低能耗信息泄露造成的风险，特别地，增强了抵御高阶CPA攻击的能力。区分器有效性的度量如何正确审视已有多种能量分析攻击的实际威胁，客观评估防御措施的有效性，是当前侧信道密码分析领域的困难问题。其中，量化度量作为一种最关键的客观刻画尺度，其构造与分析仍然面临许多方法与技术挑战。为此，本文提出了区分度这一度量指标。区分度依赖于攻击结果的统计分布特征，可用于评估高斯区分器的有效性，这一工作部分解决了区分器有效性度量指标的构造问题。此外，本文还对区分度与成功率的相关性进行了理论分析与实验研究，证实了区分度的合理性，并取得了度量指标相关性方面的一些初步理论成果。密码分析基础支撑工具研制密码分析基础支撑工具是对密码算法与密码模块进行实际的检测分析的必要技术条件，也是已有检测分析方法与技术实用化的重要一环。因此，本文对密码分析基础支撑工具的研制进行研究。具体地，针对随机性检测这一传统密码分析中应用最广泛的量化检测工作，本文设计并实现了一款基于DSP的高速随机性检测专用设备，即LOIS-RTC随机性检测卡。该检测卡完全兼容并支持《随机性检测规范》，有力地推动了随机性检测技术的实用化。此外，本文提出了一种密码实现能耗模拟方法，并给基于这种方法研制出原型系统IMScale。该系统能够支持对多种典型密码算法软件实现的能量消耗特征进行指令级模拟，可为密码算法设计阶段的安全性评估提供有效的技术支撑。Side-channel attacks have become an increasingly important branch of ongo-ing cryptanalysis theoretical researches and cryptographic engineering practices.Unlike its traditional black-box based counterpart, side-channel cryptanalysis notonly investigates mathematical properties of underlying cryptographic scheme,but also concerns a broad spectrum of unintended observable leakages during itsexecution, such as running time, power consumptions, electromagnetic emana-tions and so on.&nbsp; Power analysis attacks, one of the most widely believed typesof powerful side-channel attacks, pose serious threats to the physical securityof multiple kinds of smart secure devices (say smart card for instance) runningcryptographic schemes, and therefore have attracted wide attentions from bothacademia and industrial sectors since its first introduction by P. Kocher in 1999.Motivated by this, this dissertation investigated the mechanisms of poweranalysis attacks and their countermeasures, aiming to establish practical effectivecharacterization and analysis approaches, to propose effective countermeasures,and to capture the effectiveness of these in a reasonable and objective way.&nbsp; Weargue that these works are not only of theoretical significance, but also of prac-tical interest for the design, analysis, construction and testing of cryptographicmodules.&nbsp; Specifically, main contents and contributions of this dissertation arefive-fold as follows.Characterization of Power LeakageAccurate characterization of the power leakages of crypto devices is an essen-tial prerequisite for developing more effective power analysis attacks. Even mostof the currently existing online characterization approaches are capable of catch-ing the characteristics of power consumption leakages, they bear one restrictionthat a full access to target devices is explicitly assumed, which severely limitstheir practicality.&nbsp; We proposed a compact yet efficient approach to more accu-rately characterizing side-channel leakages. It is called Bitwisely Weighted Char-acterization (BWC for short) approach. One remarkable property of BBC is thativ it is completely independent of the underlying cryptographic scheme, and onlyconcerns the inherent power consumption characteristics of the crypto devices,which immediately implies more genericity than those algorithm-dependent.Construction and Analysis of DistinguisherBasically, power analysis attacks work because they exploit the dependencybetween power leakages and intermediate values related to the secret key beingused.&nbsp; Consequently, how to effectively exploit this dependency is considerablypertinent to developing more powerful attacks. Therefore, construction and anal-ysis of side-channel distinguishers has been, and is one of core issues for poweranalysis attacks, with effectiveness and genericity being its two main goals. As aconcrete application of BBC approach, we constructed two new BWC-based side-channel distinguishers, namely BWC-DPA and BWC-CPA. The effectiveness ofthese two distinguishers is better than that of their original counterparts.&nbsp; Onthe other hand, we developed a new generic side-channel distinguisher based onpartial Kolmogorov-Smirnov test, namely PKS distinguisher. PKS distinguisherovercomes some serious limitations inherent in existing MIA-type distinguishers.Specifically, PKS distinguisher has obvious advantages over existing MIA-like dis-tinguishers in terms of both success rate and guessing entropy, and shows betterapplicability as well.Design and Analysis of Algorithmic CountermeasureLight weight block ciphers are especially suitable for resource-restricted com-puting devices (eg. RFID tags and wireless sensors), and turns to be one of themost active research topics. In order to enhance the resistance level of light weightblock cipher implementations against power analysis attacks, we proposed an al-gorithmic countermeasure called Bitwisely Balanced enCoding (BBC for short).Taking LBlock and PRESENT as two cases of study, we performed simulationexperiments and the results show that BBC countermeasure can obtain highsecurity enhancement with reasonable cost.Evaluation of Distinguisher&rsquo;s EffectivenessHow to properly investigate the real threats of power analysis attacks andhow to objectively evaluate the actual resistance of countermeasures against at-ABSTRACT vtacks remains to be one challenging task, one of which is the construction ofusable quantitative metrics. We proposed a sound approach to evaluating the ef-fectiveness of DPA attacks from the perspective of distinguishers&rsquo; statistical char-acteristics. Specifically, we formally defined the notion of Gaussian Distinguisherin one typical DPA attack setting and then proved that two most frequently usedDPA distinguishers were Gaussian. After that, Distinctive Level, a useful quanti-tative metric, was introduced to evaluate the effectiveness of DPA attacks. Thismetric virtually equips the designer with the capability of judging to what extentattacks will succeed.&nbsp; We performed experiments using both simulated and realpower traces afterwards, the results of which evidently demonstrated the validityand the effectiveness of the methods we had proposed. In addition, we examinedthe relationship between distinctive level and success rate by theoretical reason-ing as well as experimental evaluation, and the results validate the soundness ofdistinctive level.Design and Development of Basic Supporting Tools for Cryptanal-ysis and TestingThe availability of some basic supporting tools for cryptanalysis and testingis appallingly helpful for those practioners who carry out real analysis and testingof cryptographic algorithms and modules. This also serves a crucial step towardspracticalization of available or self-developed approaches and techniques.&nbsp; Thismotivates the design and development of some basic supporting tools for thesetasks.&nbsp; On the one hand, we designed and developed one DSP-based high-speedrandom testing device, namely LOIS-RTC card, tailoring for the task of perform-ing randomness testing of cryptographic schemes.&nbsp; The functions of this deviceare fully compatible with those specified in national random testing standard,and it is vital for performing traditional cryptanalysis and testing. On the otherhand, we proposed an instruction-level power consumption software simulationapproach, aiming to analyze and assess the resistance of cryptographic imple-mentations in the presence of power analysis attacks. Additionally, we designedand developed one prototype system of power consumption simulations for cryp-tographic implementations, called IMScale.&nbsp; This prototype is instrumental forperforming side-channel cryptanalysis.Keywords:&nbsp; Cryptography, Side-Cannel Cryptanalysis, Power Analysis Attack,Distinguisher, Countermeasure, Quantitative Metrics, Instruction-Level PowerSimulation, Randomness Testing</p

the evolution of security requirements for cryptographic modules:the status quo, dilemma and future trends

联邦信息处理规范FIPS 140系美国国家标准技术研究所(NIST)制定并由美国联邦政府颁布的密码模块安全要求。FIPS 140-1与FIPS 140-2先后于1994年和2001年颁布执行。按照NIST每5年启动1次标准审查的既定方针,FIPS 140-2的审查暨FIPS 140-3的制定工作于2005年1月启动。但是,在先后公布FIPS 140-3草案与修订草案并面向全球征集到2000余条修订意见后,时至今日,FIPS 140-3标准仍未颁布,这一事实引人深思。通过对近20年来FIPS 140系列标准演变的分析,结合密码分析与应用技术的发展,探讨FIPS 140系列标准随着密码模块技术发展产生的结构性与技术性改进以及当前陷于困境的可能原因,展望可能的发展趋势。国家自然科学基金资助项目(61073178)|北京市自然科学基金资助项目(4112064

干旱地区城镇绿地植物群落配置适宜性评价[J]

以乌鲁木齐市建成区园林绿地中的道路绿地、公园绿地和居住区绿地为研究对象，运用典型样地取样法选取了13个样地，共布设69个样方；筛选了用于评价不同类型绿地植物配置适宜性和稳定性与否的5个生态适宜性和8个稳定性评价指标；利用专家咨询法确定了各项指标权重；用指数和构建了生态适宜性和稳定性的评价模型；对不同类型绿地植物配置的适宜性和稳定性进行了分项和综合评价

页岩气开采中的若干力学前沿问题

页岩气的开采涉及破裂和收集输运两个关键过程.如何实现2000 m以下、复杂地应力作用下、多相复杂介质组分的页岩层内网状裂纹的形成,同时将孔洞、缝隙中的游离、吸附气体进行高效收集,涉及到诸多的核心力学问题.这一工程过程涵盖了力学前沿研究的诸多领域:介质和裂纹从纳米尺度到千米尺度的空间跨越,游离、吸附气体输运过程中微秒以下的时间尺度事件到历经数年开采的时间尺度跨越,不同尺度上流体固体的相互作用,以及压裂过程中通过监测信息反演内部破坏状态等.针对近年来我们国家页岩气勘探开发工作所取得的成就及后续发展中面临的前沿力学问题,在综合介绍页岩气藏的基本特征和开发技术的基础上,以页岩气开采中的若干力学前沿问题为主线,从页岩力学性质及其表征方法、页岩气藏实验模拟技术、页岩气微观流动机制及流固耦合特征、水力压裂过程数值模拟方法、水力压裂过程微地震监测技术、高效环保的无水压裂技术等6个方面的最新研究进展进行了总结和展望,结合页岩气藏开发的工程实践,深入探究了其中力学关键问题,以期对从事页岩气领域的开发和研究的从业人员提供理论基础,同时,该方面的内容对力学学科、尤其是岩土力学领域的科研工作也具有重要指导价值.</p

页岩气开采中的若干力学前沿问题

页岩气的开采涉及破裂和收集输运两个关键过程.如何实现2000 m以下、复杂地应力作用下、多相复杂介质组分的页岩层内网状裂纹的形成,同时将孔洞、缝隙中的游离、吸附气体进行高效收集,涉及到诸多的核心力学问题.这一工程过程涵盖了力学前沿研究的诸多领域:介质和裂纹从纳米尺度到千米尺度的空间跨越,游离、吸附气体输运过程中微秒以下的时间尺度事件到历经数年开采的时间尺度跨越,不同尺度上流体固体的相互作用,以及压裂过程中通过监测信息反演内部破坏状态等.针对近年来我们国家页岩气勘探开发工作所取得的成就及后续发展中面临的前沿力学问题,在综合介绍页岩气藏的基本特征和开发技术的基础上,以页岩气开采中的若干力学前沿问题为主线,从页岩力学性质及其表征方法、页岩气藏实验模拟技术、页岩气微观流动机制及流固耦合特征、水力压裂过程数值模拟方法、水力压裂过程微地震监测技术、高效环保的无水压裂技术等6个方面的最新研究进展进行了总结和展望,结合页岩气藏开发的工程实践,深入探究了其中力学关键问题,以期对从事页岩气领域的开发和研究的从业人员提供理论基础,同时,该方面的内容对力学学科、尤其是岩土力学领域的科研工作也具有重要指导价值