300 resultados para Algebraic attack
Resumo:
Halevi and Krawczyk proposed a message randomization algorithm called RMX as a front-end tool to the hash-then-sign digital signature schemes such as DSS and RSA in order to free their reliance on the collision resistance property of the hash functions. They have shown that to forge a RMX-hash-then-sign signature scheme, one has to solve a cryptanalytical task which is related to finding second preimages for the hash function. In this article, we will show how to use Dean’s method of finding expandable messages for finding a second preimage in the Merkle-Damgård hash function to existentially forge a signature scheme based on a t-bit RMX-hash function which uses the Davies-Meyer compression functions (e.g., MD4, MD5, SHA family) in 2 t/2 chosen messages plus 2 t/2 + 1 off-line operations of the compression function and similar amount of memory. This forgery attack also works on the signature schemes that use Davies-Meyer schemes and a variant of RMX published by NIST in its Draft Special Publication (SP) 800-106. We discuss some important applications of our attack.
Resumo:
In the modern era of information and communication technology, cryptographic hash functions play an important role in ensuring the authenticity, integrity, and nonrepudiation goals of information security as well as efficient information processing. This entry provides an overview of the role of hash functions in information security, popular hash function designs, some important analytical results, and recent advances in this field.
Resumo:
Protection of passwords used to authenticate computer systems and networks is one of the most important application of cryptographic hash functions. Due to the application of precomputed memory look up attacks such as birthday and dictionary attacks on the hash values of passwords to find passwords, it is usually recommended to apply hash function to the combination of both the salt and password, denoted salt||password, to prevent these attacks. In this paper, we present the first security analysis of salt||password hashing application. We show that when hash functions based on the compression functions with easily found fixed points are used to compute the salt||password hashes, these hashes are susceptible to precomputed offline birthday attacks. For example, this attack is applicable to the salt||password hashes computed using the standard hash functions such as MD5, SHA-1, SHA-256 and SHA-512 that are based on the popular Davies-Meyer compression function. This attack exposes a subtle property of this application that although the provision of salt prevents an attacker from finding passwords, salts prefixed to the passwords do not prevent an attacker from doing a precomputed birthday attack to forge an unknown password. In this forgery attack, we demonstrate the possibility of building multiple passwords for an unknown password for the same hash value and salt. Interestingly, password||salt (i.e. salts suffixed to the passwords) hashes computed using Davies-Meyer hash functions are not susceptible to this attack, showing the first security gap between the prefix-salt and suffix-salt methods of hashing passwords.
Resumo:
Industrial control systems (ICS) have been moving from dedicated communications to switched and routed corporate networks, making it probable that these devices are being exposed to the Internet. Many ICS have been designed with poor or little security features, making them vulnerable to potential attack. Recently, several tools have been developed that can scan the internet, including ZMap, Masscan and Shodan. However, little in-depth analysis has been done to compare these Internet-wide scanning techniques, and few Internet-wide scans have been conducted targeting ICS and protocols. In this paper we present a Taxonomy of Internet-wide scanning with a comparison of three popular network scanning tools, and a framework for conducting Internet-wide scans.
Resumo:
Criminology has long sought to define and understand criminal motivations. There has, however, been less attention paid to the motivations involved in “everyday” thought and behaviour that may place someone in harm’s way. This doesn’t mean that victims are somehow motivated to become victims, but they may behave in such a way that victimisation happens as a matter of course. In the parlance of victimity, victim behaviour has often been referred to as either “victim facilitated” or “victim precipitated”. However, while some use these terms to explain the role of victim behaviour in relation to harm or loss, they actually do little to further our knowledge about the cognitive and behavioural milieu in which victimisation occurs. For example, a victim of homicide may precipitate the attack by violently confronting a partner (in retaliation for real or imagined wrongs). Another victim may facilitate domestic violence by not leaving their partner for financial reasons (“cannot afford to go out on my own”). Far from blaming the victim, understanding the motivational nature of victim behaviour can be accomplished by juxtaposing motivations for offender behaviour. This presentation applies offender motivations to victim behaviours, and presents anecdotal and research support for this approach.
Resumo:
In this paper we attack round-reduced Keccak hash function with a technique called rotational cryptanalysis. We focus on Keccak variants proposed as SHA-3 candidates in the NIST’s contest for a new standard of cryptographic hash function. Our main result is a preimage attack on 4-round Keccak and a 5-round distinguisher on Keccak-f[1600] permutation — the main building block of Keccak hash function.
Resumo:
Discussion of censorship and media freedom in the context of The Interview. A few weeks before the murderous attack by Islamic extremists on the satirical journal Charlie Hebdo, the Hollywood dream factory had its own encounter with would-be censors. The Interview (Evan Goldberg and Seth Rogen, 2014), as everyone with an interest in culture and current affairs cannot fail to be aware of by now, is a comedy in the “grossout” tradition exemplified by commercially successful movies such as Ted (Seth MacFarlane, 2012) and Bridesmaids (Paul Feig, 2011). Their humour is a combination of slapstick, physical comedy, and scatological jokes involving body fluids and the like— hence the “gross”. The best of them have been very funny, as well as bordering on the offensive (see Ted’s scene involving prostitutes, a foul-mouthed teddy bear and the entertainment value of someone taking a dump on the living room floor). They have often been controversial, as in the Farrelly brothers’ Me, Myself and Irene (2000), starring Jim Carrey as a schizophrenic police officer. At their most outrageous they have pushed the boundaries of political correctness to the limit.
Resumo:
We present an approach for detecting sensor spoofing attacks on a cyber-physical system. Our approach consists of two steps. In the first step, we construct a safety envelope of the system. Under nominal conditions (that is, when there are no attacks), the system always stays inside its safety envelope. In the second step, we build an attack detector: a monitor that executes synchronously with the system and raises an alarm whenever the system state falls outside the safety envelope. We synthesize safety envelopes using a modified machine learning procedure applied on data collected from the system when it is not under attack. We present experimental results that show effectiveness of our approach, and also validate the several novel features that we introduced in our learning procedure.
Resumo:
In the 21st century city, public space for a range of users, but especially children and young people, has come under threat. Watson proposed that “public space itself has come under attack from several directions-thematisation, enclosure into malls and other controlled spaces, and privatisation, or from urban planning and design interventions to erase its uniqueness”. Largely as a result of these trends, Scott observed that “young urbanites form a marginalised age class movement is restricted, out of fear and distrust, within aims to protect, monitored by city surveillance methods within the security-obsessed fabric”. The use of public space by children and young people is a contentious issue in a number of countries and a range of measures deployed to control public space curtail the rights of children and young people to claim the space for their use through curfews, oppressive camera surveillance and at times, the unwarranted attentions of police and private security personnel.
Resumo:
Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.
Resumo:
This project analyses and evaluates the integrity assurance mechanisms used in four Authenticated Encryption schemes based on symmetric block ciphers. These schemes are all cross chaining block cipher modes that claim to provide both confidentiality and integrity assurance simultaneously, in one pass over the data. The investigations include assessing the validity of an existing forgery attack on certain schemes, applying the attack approach to other schemes and implementing the attacks to verify claimed probabilities of successful forgeries. For these schemes, the theoretical basis of the attack was developed, the attack algorithm implemented and computer simulations performed for experimental verification.
Resumo:
Projective Hjelmslev planes and affine Hjelmslev planes are generalisations of projective planes and affine planes. We present an algorithm for constructing projective Hjelmslev planes and affine Hjelmslev planes that uses projective planes, affine planes and orthogonal arrays. We show that all 2-uniform projective Hjelmslev planes, and all 2-uniform affine Hjelmslev planes can be constructed in this way. As a corollary it is shown that all $2$-uniform affine Hjelmslev planes are sub-geometries of $2$-uniform projective Hjelmslev planes.
Resumo:
We provide the first evidence for interspecific warfare in bees, a spectacular natural phenomenon that involves a series of aerial battles and leads to thousands of fatalities from both attacking and defending colonies. Molecular analysis of fights at a hive of the Australian stingless bee Tetragonula carbonaria revealed that the attack was launched by a related species, Tetragonula hockingsi, which has only recently extended its habitat into southeastern Queensland. Following a succession of attacks by the same T. hockingsi colony over a 4-month period, the defending T. carbonaria colony was defeated and the hive usurped, with the invading colony installing a new queen. We complemented our direct observations with a 5-year study of more than 260 Tetragonula hives and found interspecific hive changes, which were likely to be usurpation events, occurring in 46 hives over this period. We discuss how fighting swarms and hive usurpation fit with theoretical predictions on the evolution of fatal fighting and highlight the many unexplained features of these battles that warrant further study.
Resumo:
The phosphatidylinositol-3-kinase (PI3K)/Akt/mTOR pathway is one of the most frequently activated signaling pathways in prostate cancer cells, and loss of the tumor suppressor PTEN and amplification of PIK3CA are the two most commonly detected mechanisms for the activation of these pathways. Aberrant activation of PI3K/Akt/mTOR has been implicated not only in the survival and metastasis of prostate cancer cells but also in the development of drug resistance. As such, selective inactivation of this pathway may provide opportunities to attack prostate cancer from all fronts. However, while preclinical studies examining specific inhibitors of PI3K or mTOR have yielded promising results, the evidence from clinical trials is less convincing. Emerging evidence from the analyses of some solid tumors suggests that a class of dual PI3K/mTOR inhibitors, which bind to and inactivate both PI3K and mTOR, may achieve better anti-cancer outcomes. In this review, we will summarize the mechanisms of action of these inhibitors, their effectiveness when used alone or in combination with other chemotherapeutic compounds, and their potential to serve as the next generation therapies for prostate cancer patients, particularly those who are resistant to the frontline chemotherapeutic drugs.
Resumo:
RFID is an important technology that can be used to create the ubiquitous society. But an RFID system uses open radio frequency signal to transfer information and this leads to pose many serious threats to its privacy and security. In general, the computing and storage resources in an RFID tag are very limited and this makes it difficult to solve its secure and private problems, especially for low-cost RFID tags. In order to ensure the security and privacy of low-cost RFID systems we propose a lightweight authentication protocol based on Hash function. This protocol can ensure forward security and prevent information leakage, location tracing, eavesdropping, replay attack and spoofing. This protocol completes the strong authentication of the reader to the tag by twice authenticating and it only transfers part information of the encrypted tag’s identifier for each session so it is difficult for an adversary to intercept the whole identifier of a tag. This protocol is simple and it takes less computing and storage resources, it is very suitable to some low-cost RFID systems.