With the rapid development of multi-scenario applications of the Internet of Vehicles and 5G communications,ensuring mutual trust authentication and secure communication between high-speed vehicles has become increasingly important.The identity authentication in the current Internet of Vehicles access scenario and the securityin the process of communicating with Internet of Vehicles have become the two most important lines of defense.First,this paper introduces the research background of existing mutual trust authentication and secure communication in Internet of Vehicles,and points out the principles and technologies used in secure mutual trust authentication and secure communication,including elliptic curve encryption,Hash function,digital signature,blockchain,etc.Then,it classifies protocols,including anonymous access security mutual trust authentication protocol,group access security mutual trust protocol,cross-domain authentication security mutual trust protocol,etc.Due to the broadcast characteristics of the wireless channel,the information exchanged between vehicle nodes may be eavesdropped,forged or replayed.Therefore,the security communication of Internet of Vehicles based on blockchain and 5G-based light-weight car networking security communication are discussed.Then,it analyzes the existing problems and security threats in the mutual trust authentication and secure communication of the existing car networking.Finally,the impact of 5G communication on the safety certification and communication of the Internet of Vehicles is discussed,and the integration of 5G technology will further develop the mutual trust authentication and secure communication of the Internet of Vehicles in the future.At the same time,it also makes certain predictions and prospects for the future key trends of the combined research of the Internet of Vehicles and 5G technology.

The sharp increase in the number of edge devices has led to an explosive growth in the amount of data.The centralized data processing model,represented by cloud computing model,has been unable to meet the real-time and high-efficiency requirements of data processing due to its storage characteristics and transmission bandwidth limitations.As the amount of data grows,the importance of edge computing is recognized.Edge computing faces huge security challenges in the development process due to the new features of the edge computing model such as lightweight equipment and heterogeneous architecture.As an important means of protecting information security,cryptography is of great significance for dealing with the security challenges of edge computing.Traditional mature and complete cryptography technologies require corresponding adjustments to the characteristics of edge computing,in order to meet the needs of the new architecture.This paper starts with the security challenges that edge computing model faces,analyzes the corresponding cryptographic technical solutions in the data security field and the application security field,and compares existing research schemes to show the advantages of different technologies in edge computing security protection,which provides new ideas for the application of cryptographic technologies for edge computing.

Nowadays,smartphones are widely used and stored with sensitive information,and the loss of any personal device can cause fatal information compromise.Thus,the people's attention towards data security has been elevated to a higher level.Considering the delicacy of traditional authentications,this paper investigates an implicit authentication mechanism based on over-sampling and one-class classification,for pattern unlock on smartphones.First,a fusion of time,two-dimensional and three-dimensional sensors is employed,to collect user behavioral biometrics comprehensively.Second,in order to ease the impact caused by noise contained in high-dimensional data,a feature screening,which is composed of feature selection and dimensional compression,is designed.Particularly,in view of the existing limitations of the current binary classification schemes,SVM SMOTE is used to over-sample the user behavioral data,and a one-class classification authentication mechanism is delivered to implement classification,of which the learning process is only based on a single-class diminutive training set.A series of experiments have been conducted on actual data,and results show that the proposed scheme,when only relies on a single-class diminutive training set,performs partially better than the traditional binomial KNN classifier which is trained on large-scale data,in terms of accuracy,FAR,FRR and AUC.

As an important research of pervasive computing and human-computer interaction,identity recognition is widely researched.Although traditional WiFi based identification methods have made good progress,they still face challenges such as limi-ted classification ability,high storage cost and long training time.The above problems motivate us to propose a lightweight gait recognition model based on multi-layer neural networks,which is named as LWID(LightWeight Identification).We firstly reconstruct original time series data into graphs to retain characteristic information among different carriers to the maximum extent.Then we design a bionic Balloon mechanism to tailor neurons in network layer.By combining convolution kernels of different size,we extract data features and integrate channel information in the feature map.The proposed method realizes model scale lightweight with higher classification ability.Experimental results show that the model has 98.8% recognition rate in a 50-person dataset.Compared with traditional WiFi based identification model,LWID has stronger classification ability and robustness.Meanwhile,the model is compressed to 6.14% of current computer vision model size with same accuracy.

Password recovery is the key technology of password back and electronic forensics.While encrypted office documents are widely used,it is of great significance to achieve the effective recovery of office encrypted documents for information security.Password recovery is a computation-intensive task and requires hardware acceleration to implement the recovery process.Traditional CPUs and GPUs are limited by the processor structure,which greatly limits the further increase in password verification speed.In view of this,this paper proposes a password recovery system based on FPGA cluster.Through detailed analysis of the office encryption mechanism,the password recovery process of each version of office is given.Secondly,the core Hash algorithm is optimized with a pipeline structure on FPGA,the AES algorithm is improved by LUT merging operation,and the password generation algorithm is implemented in parallel at high speed.At the same time,the architecture of FPGA is designed with multiple algorithm sub-modules in parallel,which realizes the fast recovery of office password.Finally,the FPGA accelerator card is used to build the cluster,and the dynamic password segmentation strategy is used to fully explore the low-power and high-performance computing features of FPGAs.The experimental results show that the optimized FPGA accelerator card is more than twice the GPU in terms of computing speed and energy efficiency ratio,which has obvious advantages and is very suitable for large-scale deployment in the cloud to shorten the recovery time and retrieve the password.

Identity authentication is the first line of defense for the security of networks and information systems,and password is the most common method of identity authentication.Researches usually assume that user-constructed passwords obey uniform distribution.However,recent studies found that passwords obey Zipf's law,which means that most password-related security protocols underestimate the advantage of an attacker and thus fail to achieve the claimed security.In response to the above problem,first of all,Password-Based Signatures (PBS) protocol proposed by Gjøsteen,et al. and Password-Protected Secret Sharing (PPSS) protocol proposed by Jarecki,et al.are taken as typical representatives.Based on the basic assumption that passwords obey Zipf's law,the security proofs of these two protocols are demonstrated to be flawed,and the security is redefined.Furthermore,the improvements to the two protocols are given respectively.In improved PBS protocol,an attacker's advantage is recalculated.By limiting the guess number of an attacker and entrusting a trusted third party to keep the key,the protocol can prevent a malicious attacker from disguising a legitimate user,and can prevent a malicious server from guessing a user's password and for-ging the signature.In improved PPSS protocol,a Honey_List is set on the server side based on honeywords to detect and prevent online password guessing attack.

Password authentication is the main authentication method nowadays.It is widely used in various fields,such as finance,military and internet.In this paper,password security is studied from the perspective of an attacker.Large-scale real user data is used for statistical analyses of password general characteristics,and for password vulnerability analyses based on Probabilistic Context-Free Grammars (PCFG) password guessing algorithm and TarGuess-I targeted password guessing model.Through the above analyses,it is found in users' passwords that there are vulnerable behaviors that can be easily discovered and exploited by attackers,such as choosing simple structure passwords,generating passwords based on patterns,password containing semantics and passwords containing personal information (i.e.,name and user name).These vulnerable behavior characteristics are summarized to provide a basis for reminding users to avoid setting weak passwords and studying the method of password strength meter.

With the rapid development of network and information techniques,as an important part of automatic driving,the vehicular ad hoc networks are the core module of the future intelligent transportation system.As a result,the security and conditional privacy of the vehicular ad hoc networks (VANET) has become an urgent research hotspot.However,most of the current conditional privacy-preserving authentication schemes for VANET environment suffer from the problem of cross-datacenter authentication.To the best of our knowledge,blockchain technology has lots of advantages like decentralized and unforgeability bringing a promising solution to this problem compared with the traditional cryptography technologies.However,the current message authentication schemes based on blockchain technology for VANET environment cannot provide unlinkability.To address this issue,this paper designs a lightweight conditional privacy-preserving authentication scheme for VANET environment using physically unclonable function and blockchain technology,which can provide message authentication,integrity,identity privacy preserving,unlinkability and traceability.

In order to solve the problem of identity blindness and efficient heterogeneous cross-domain authentication,an efficient heterogeneous cross-domain authentication scheme based on proxy blind signature is proposed.The scheme reconstructs an efficient and secure cross-domain identity authentication model.Combined with the advantages of proxy signature and blind signature,a trusted certification authority CA is introduced in the cloud to give the third party legal agent the trusted agency authority to perform the proxy blind signature operation.This agent not only reduces the communication load of the inter-cloud certification authority CA,realizes the information interaction between the authorized agent blind signer in different domains and the requesting agent blind signer,but also satisfies the blindness of bidirectional entity identity synchronous authentication and the identi-fiability of the proxy blind signature,and improves the authentication security.The results show that based on the mathematical difficulty,the scheme can meet the performance of anti-substitution attack,resist replay attack,man-in-the-middle attack,identity untraceability and so on,and complete the cross-domain identity authentication with high efficiency and security between foreign users.

An authenticated key agreement protocol can achieve the authentication and key agreement between users in the secure network communications.In most of large scale network applications,there are multiple Private Key Generators,and a higher-level PKG authenticates the identity and generates a private key for lower-level PKG.Most of the existing identity-based authenticated key agreement protocols with multiple PKGs are designed by using bilinear pairing which needs much more computation resource,and they are also not secure enough.To solve the security and efficiency problems of existing protocols with multiple PKGs,a novel identity-based authenticated key agreement protocol with hierarchical PKGs based on Elliptic Curve Cryptosystem is proposed.In this new scheme,PKGs are not independent to each other,and the lower-level PKG is subordinate to the higher-level PKG.Security analysis show that the proposed protocol can overcome the disadvantages of the existing protocols,and meets security properties such as ephemeral secret leakage resistance,forward security and forgery attack resistance.Comparing with the existing protocols,the novel protocol is free from bilinear paring operation,so it can supply more security with lower computational overhead.