240 resultados para Attack
Resumo:
We analyse the security of the cryptographic hash function LAKE-256 proposed at FSE 2008 by Aumasson, Meier and Phan. By exploiting non-injectivity of some of the building primitives of LAKE, we show three different collision and near-collision attacks on the compression function. The first attack uses differences in the chaining values and the block counter and finds collisions with complexity 233. The second attack utilizes differences in the chaining values and salt and yields collisions with complexity 242. The final attack uses differences only in the chaining values to yield near-collisions with complexity 299. All our attacks are independent of the number of rounds in the compression function. We illustrate the first two attacks by showing examples of collisions and near-collisions.
Resumo:
Current military conflicts are characterized by the use of the improvised explosive device. Improvements in personal protection, medical care, and evacuation logistics have resulted in increasing numbers of casualties surviving with complex musculoskeletal injuries, often leading to lifelong disability. Thus, there exists an urgent requirement to investigate the mechanism of extremity injury caused by these devices in order to develop mitigation strategies. In addition, the wounds of war are no longer restricted to the battlefield; similar injuries can be witnessed in civilian centers following a terrorist attack. Key to understanding such mechanisms of injury is the ability to deconstruct the complexities of an explosive event into a controlled, laboratory-based environment. In this article, a traumatic injury simulator, designed to recreate in the laboratory the impulse that is transferred to the lower extremity from an anti-vehicle explosion, is presented and characterized experimentally and numerically. Tests with instrumented cadaveric limbs were then conducted to assess the simulator’s ability to interact with the human in two mounting conditions, simulating typical seated and standing vehicle passengers. This experimental device will now allow us to (a) gain comprehensive understanding of the load-transfer mechanisms through the lower limb, (b) characterize the dissipating capacity of mitigation technologies, and (c) assess the bio-fidelity of surrogates.
Resumo:
The lower limb of military vehicle occupants has been the most injured body part due to undervehicle explosions in recent conflicts. Understanding the injury mechanism and causality of injury severity could aid in developing better protection. Therefore, we tested 4 different occupant postures (seated, brace, standing, standing with knee locked in hyper‐extension) in a simulated under‐vehicle explosion (solid blast) using our traumatic injury simulator in the laboratory; we hypothesised that occupant posture would affect injury severity. No skeletal injury was observed in the specimens in seated and braced postures. Severe, impairing injuries were observed in the foot of standing and hyper‐extended specimens. These results demonstrate that a vehicle occupant whose posture at the time of the attack incorporates knee flexion is more likely to be protected against severe skeletal injury to the lower leg.
Resumo:
In the current market, extensive software development is taking place and the software industry is thriving. Major software giants have stated source code theft as a major threat to revenues. By inserting an identity-establishing watermark in the source code, a company can prove it's ownership over the source code. In this paper, we propose a watermarking scheme for C/C++ source codes by exploiting the language restrictions. If a function calls another function, the latter needs to be defined in the code before the former, unless one uses function pre-declarations. We embed the watermark in the code by imposing an ordering on the mutually independent functions by introducing bogus dependency. Removal of dependency by the attacker to erase the watermark requires extensive manual intervention thereby making the attack infeasible. The scheme is also secure against subtractive and additive attacks. Using our watermarking scheme, an n-bit watermark can be embedded in a program having n independent functions. The scheme is implemented on several sample codes and performance changes are analyzed.
Resumo:
A dynamic accumulator is an algorithm, which gathers together a large set of elements into a constant-size value such that for a given element accumulated, there is a witness confirming that the element was indeed included into the value, with a property that accumulated elements can be dynamically added and deleted into/from the original set such that the cost of an addition or deletion operation is independent of the number of accumulated elements. Although the first accumulator was presented ten years ago, there is still no standard formal definition of accumulators. In this paper, we generalize formal definitions for accumulators, formulate a security game for dynamic accumulators so-called Chosen Element Attack (CEA), and propose a new dynamic accumulator for batch updates based on the Paillier cryptosystem. Our construction makes a batch of update operations at unit cost. We prove its security under the extended strong RSA (es-RSA) assumption
Resumo:
In moderate to high sea states, the effectiveness of ship fin stabilizers can severely deteriorate due to nonlinear effects arising from unsteady hydrodynamic characteristics of the fins: dynamic stall. These nonlinear effects take the form of a hysteresis, and they become very significant when the effective angle of attack of the fins exceeds a certain threshold angle. Dynamic stall can result in a complete loss of control action depending on how much the fins exceed the threshold angle. When this is detected, it is common to reduce the gain of the controller that commands the fins. This approach is cautious and tends to reduce performance when the conditions leading to dynamic stall disappear. An alternative approach for preventing the effects while keeping high performance, consists of estimating the effective angle of attack and set a conservative constraint on it as part of the control objectives. In this paper, we investigate the latter approach, and propose the use of a model predictive control (MPC) to prevent the development of these nonlinear effects by considering constraints on both the mechanical angle of the fins and the effective angle of attack.
Resumo:
The unimolecular reactivities of a range of perbenzoate anions (X-C6H5CO3-), including the perbenzoate anion itself (X=H), nitroperbenzoates (X=para-, meta-, ortho-NO2), and methoxyperbenzoates (X=para-, meta-OCH3) were investigated in the gas phase by electrospray ionization tandem mass spectrometry. The collision-induced dissociation mass spectra of these compounds reveal product ions consistent with a major loss of carbon dioxide requiring unimolecular rearrangement of the perbenzoate anion prior to fragmentation. Isotopic labeling of the perbenzoate anion supports rearrangement via an initial nucleophilic aromatic substitution at the ortho carbon of the benzene ring, while data from substituted perbenzoates indicate that nucleophilic attack at the ipso carbon can be induced in the presence of electron-withdrawing moieties at the ortho and para positions. Electronic structure calculations carried out at the B3LYP/6311++G(d,p) level of theory reveal two competing reaction pathways for decarboxylation of perbenzoate anions via initial nucleophilic substitution at the ortho and ipso positions, respectively. Somewhat surprisingly, however, the computational data indicate that the reaction proceeds in both instances via epoxidation of the benzene ring with decarboxylation resulting-at least initially-in the formation of oxepin or benzene oxide anions rather than the energetically favored phenoxide anion. As such, this novel rearrangement of perbenzoate anions provides an intriguing new pathway for epoxidation of the usually inert benzene ring.
Resumo:
In the developing digital economy, the notion of traditional attack on enterprises of national significance or interest has transcended into different modes of electronic attack, surpassing accepted traditional forms of physical attack upon a target. The terrorist attacks that took place in the United States on September 11, 2001 demonstrated the physical devastation that could occur if any nation were the target of a large-scale terrorist attack. Therefore, there is a need to protect criticalnational infrastructure and critical information infrastructure. In particular,this protection is crucial for the proper functioning of a modern society and for a government to fulfill one of its most important prerogatives – namely, the protection of its people. Computer networks have many benefits that governments, corporations, and individuals alike take advantage of in order to promote and perform their duties and roles. Today, there is almost complete dependence on private sector telecommunication infrastructures and the associated computer hardware and software systems.1 These infrastructures and systems even support government and defense activity.2 This Article discusses possible attacks on critical information infrastructures and the government reactions to these attacks.
Resumo:
The hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in aqueous buffer solutions and in soil suspensions at pH values ranging from 5.2 to 11.2 was investigated. Hydrolysis of all three compounds in both aqueous buffer and soil suspensions was highly pH-sensitive. The rate of hydrolysis was much faster in the acidic pH range (5.2-6.2) than under neutral and moderately alkaline conditions (8.2-9.4), but it increased rapidly as the pH exceeded 10.2. All three compounds degraded faster at pH 5.2 than at pH 11.2. Hydrolysis rates of all three compounds could be described well with pseudo-first-order kinetics. There were no significant differences (P =0.05) in the rate constants (k, day-1) of the three compounds in soil suspensions from those in buffer solutions within the pH ranges studied. A functional relationship based on the propensity of nonionic and anionic species of the herbicides to hydrolyse was used to describe the dependence of the 'rate constant' on pH. The hydrolysis involving attack by neutral water was at least 100-fold faster when the sulfonylurea herbicides were undissociated (acidic conditions) than when they were present as the anion at near neutral pH. In aqueous buffer solution at pH > 11, a prominent degradation pathway involved O-demethylation of metsulfuron-methyl to yield a highly polar degradate, and hydrolytic opening of the triazine ring. It is concluded that these herbicides are not likely to degrade substantially through hydrolysis in most agricultural (C) 2000 Society of Chemical Industry.
Resumo:
Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.
Resumo:
The objectives of this study were to describe root caries patterns of Chinese adults and to analyze the effect of selected demographic and socioeconomic factors on these patterns. A total sample of 1080 residents aged 35-44-years-old and 1080 residents aged 65-74-years-old from three urban and three rural survey sites in Hubei Province participated in both an oral health interview and a clinical oral health examination. Root surface caries prevalence rates were 13.1% in the middle-aged group and 43.9% in the elderly group. The mean number of teeth affected by caries in the middle-aged group was reported at 0.21 and 1.0 in the elderly group. Mean Root Caries Index (RCI) scores of the middle-aged were reported at 6.29 and elderly subjects were reported at 11.95. Elderly people living in rural areas reported a higher RCI score (13.24) than those living in urban areas (10.70). A significantly higher frequency of root surface caries was observed in elderly participants (P < 0.001, OR = 3.80) and ethnic minorities (P < 0.001, OR = 1.93). In addition, smokers, nontea drinkers, and those with an annual household income of 10,000 yuan or less tended to have higher caries prevalence. RCI figures for the different tooth types ranged from 1% to 16%, indicating a wide variation in attack rates. In conclusion, our study suggests that root surface caries occurrence is high among the Chinese adult population, especially older adults. With an increasing number of retained teeth in both middle-aged and elderly people, root caries is a growing disease in the People's Republic of China which deserves more attention in future research.
Resumo:
This paper presents algebraic attacks on SOBER-t32 and SOBER-t16 without stuttering. For unstuttered SOBER-t32, two different attacks are implemented. In the first attack, we obtain multivariate equations of degree 10. Then, an algebraic attack is developed using a collection of output bits whose relation to the initial state of the LFSR can be described by low-degree equations. The resulting system of equations contains 2^69 equations and monomials, which can be solved using the Gaussian elimination with the complexity of 2^196.5. For the second attack, we build a multivariate equation of degree 14. We focus on the property of the equation that the monomials which are combined with output bit are linear. By applying the Berlekamp-Massey algorithm, we can obtain a system of linear equations and the initial states of the LFSR can be recovered. The complexity of attack is around O(2^100) with 2^92 keystream observations. The second algebraic attack is applicable to SOBER-t16 without stuttering. The attack takes around O(2^85) CPU clocks with 2^78 keystream observations.
Resumo:
Cheating detection in linear secret sharing is considered. The model of cheating extends the Tompa-Woll attack and includes cheating during multiple (unsuccessful) recovery of the secret. It is shown that shares in most linear schemes can be split into subshares. Subshares can be used by participants to trade perfectness of the scheme with cheating prevention. Evaluation of cheating prevention is given in the context of different strategies applied by cheaters.
Resumo:
In this paper we analyse properties of the message expansion algorithm of SHA-1 and describe a method of finding differential patterns that may be used to attack reduced versions of SHA-1. We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code. Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.
Resumo:
Several recently proposed ciphers, for example Rijndael and Serpent, are built with layers of small S-boxes interconnected by linear key-dependent layers. Their security relies on the fact, that the classical methods of cryptanalysis (e.g. linear or differential attacks) are based on probabilistic characteristics, which makes their security grow exponentially with the number of rounds N r r. In this paper we study the security of such ciphers under an additional hypothesis: the S-box can be described by an overdefined system of algebraic equations (true with probability 1). We show that this is true for both Serpent (due to a small size of S-boxes) and Rijndael (due to unexpected algebraic properties). We study general methods known for solving overdefined systems of equations, such as XL from Eurocrypt’00, and show their inefficiency. Then we introduce a new method called XSL that uses the sparsity of the equations and their specific structure. The XSL attack uses only relations true with probability 1, and thus the security does not have to grow exponentially in the number of rounds. XSL has a parameter P, and from our estimations is seems that P should be a constant or grow very slowly with the number of rounds. The XSL attack would then be polynomial (or subexponential) in N r> , with a huge constant that is double-exponential in the size of the S-box. The exact complexity of such attacks is not known due to the redundant equations. Though the presented version of the XSL attack always gives always more than the exhaustive search for Rijndael, it seems to (marginally) break 256-bit Serpent. We suggest a new criterion for design of S-boxes in block ciphers: they should not be describable by a system of polynomial equations that is too small or too overdefined.