Practical attack on NLM-MAC scheme

The NLM stream cipher designed by Hoon Jae Lee, Sang Min Sung, Hyeong Rag Kim is a strengthened version of the LM summation generator that combines linear and non-linear feedback shift registers. In recent works, the NLM cipher has been used for message authentication in lightweight communication over wireless sensor networks and for RFID authentication protocols. The work analyses the security of the NLM stream cipher and the NLM-MAC scheme that is built on the top of the NLM cipher. We first show that the NLM cipher suffers from two major weaknesses that lead to key recovery and forgery attacks. We prove the internal state of the NLM cipher can be recovered with time complexity about nlog7×2, where the total length of internal state is 2⋅n+22⋅n+2 bits. The attack needs about n2n2 key-stream bits. We also show adversary is able to forge any MAC tag very efficiently by having only one pair (MAC tag, ciphertext). The proposed attacks are practical and break the scheme with a negligible error probability.

Safety envelope for security

We present an approach for detecting sensor spoofing attacks on a cyber-physical system. Our approach consists of two steps. In the first step, we construct a safety envelope of the system. Under nominal conditions (that is, when there are no attacks), the system always stays inside its safety envelope. In the second step, we build an attack detector: a monitor that executes synchronously with the system and raises an alarm whenever the system state falls outside the safety envelope. We synthesize safety envelopes using a modified machine learning procedure applied on data collected from the system when it is not under attack. We present experimental results that show effectiveness of our approach, and also validate the several novel features that we introduced in our learning procedure.

Analytical study of implementation issues of NTRU

Nth-Dimensional Truncated Polynomial Ring (NTRU) is a lattice-based public-key cryptosystem that offers encryption and digital signature solutions. It was designed by Silverman, Hoffstein and Pipher. The NTRU cryptosystem was patented by NTRU Cryptosystems Inc. (which was later acquired by Security Innovations) and available as IEEE 1363.1 and X9.98 standards. NTRU is resistant to attacks based on Quantum computing, to which the standard RSA and ECC public-key cryptosystems are vulnerable to. In addition, NTRU has higher performance advantages over these cryptosystems. Considering this importance of NTRU, it is highly recommended to adopt NTRU as part of a cipher suite along with widely used cryptosystems for internet security protocols and applications. In this paper, we present our analytical study on the implementation of NTRU encryption scheme which serves as a guideline for security practitioners who are novice to lattice-based cryptography or even cryptography. In particular, we show some non-trivial issues that should be considered towards a secure and efficient NTRU implementation.

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.

A low-cost attack on branch-based software watermarking schemes

In 2005, Ginger Myles and Hongxia Jin proposed a software watermarking scheme based on converting jump instructions or unconditional branch statements (UBSs) by calls to a fingerprint branch function (FBF) that computes the correct target address of the UBS as a function of the generated fingerprint and integrity check. If the program is tampered with, the fingerprint and integrity checks change and the target address will not be computed correctly. In this paper, we present an attack based on tracking stack pointer modifications to break the scheme and provide implementation details. The key element of the attack is to remove the fingerprint and integrity check generating code from the program after disassociating the target address from the fingerprint and integrity value. Using the debugging tools that give vast control to the attacker to track stack pointer operations, we perform both subtractive and watermark replacement attacks. The major steps in the attack are automated resulting in a fast and low-cost attack.

No Right to Live? Malaysia’s Islam and Implications for Its Sexual Minority Storytellers

This chapter discusses the fast emerging challenges for Malay and Muslim sexual minority storytellers in the face of an aggressive state-sponsored Islamisation of a constitutionally secular Malaysia. I examine the case of Azwan Ismail, a gay Malay and Muslim Malaysian who took part in the local ‘It Gets Better’ project, and who suffered an onslaught of hostile comments from fellow Malay Muslims. Azwan’s experience makes one question how a message of discouraging suicidal tendencies among sexual minority youths can be so vehemently misperceived. Azwan’s existential challenges – stemming from the tension between his own constructions of self and those of others – (re)present a unique challenge in the long struggle for human rights. In my examination of the arising contradictions, I highlight the challenges for Azwan’s existential self – one who is deemed morally bankrupt by hostile audiences. The purist Sunni Islam agenda in a constitutionally secular Malaysia not only rejects the human rights of the sexual minorities in Malaysia but has also influenced, and is often a leading hostile voice in both regional and international blocs. This self-righteous, supremacist and authoritarian Islam discourages discourse and attacks all differing opinions. This resulting disabling environment for vulnerable, minority communities and their human rights manifests in State-endorsed discrimination, compulsory counselling, forced rehabilitation and criminalisation. It places the rights of the sexual minorities to live within such a society in doubt. In discussing the arising issues, I draw upon literature that investigates the way in which personal stories have traditionally been used to advance human rights. Included too, is the significance and implications of the work by social psychologists in explaining the loss of credibility of personal stories. I then advance an analytical framework that will allow storytelling as a very individual form of witnessing to reclaim and regain its ‘truth to power’.

Modelling ciphersuite and version negotiation in the TLS protocol

Real-world cryptographic protocols such as the widely used Transport Layer Security (TLS) protocol support many different combinations of cryptographic algorithms (called ciphersuites) and simultaneously support different versions. Recent advances in provable security have shown that most modern TLS ciphersuites are secure authenticated and confidential channel establishment (ACCE) protocols, but these analyses generally focus on single ciphersuites in isolation. In this paper we extend the ACCE model to cover protocols with many different sub-protocols, capturing both multiple ciphersuites and multiple versions, and define a security notion for secure negotiation of the optimal sub-protocol. We give a generic theorem that shows how secure negotiation follows, with some additional conditions, from the authentication property of secure ACCE protocols. Using this framework, we analyse the security of ciphersuite and three variants of version negotiation in TLS, including a recently proposed mechanism for detecting fallback attacks.

Post-quantum key exchange for the TLS protocol from the ring learning with errors problem

Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. We demonstrate the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, we accompany these cipher suites with a rigorous proof of security. Our approach ties lattice-based key exchange together with traditional authentication using RSA or elliptic curve digital signatures: the post-quantum key exchange provides forward secrecy against future quantum attackers, while authentication can be provided using RSA keys that are issued by today's commercial certificate authorities, smoothing the path to adoption. Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high. With our R-LWE cipher suites integrated into the Open SSL library and using the Apache web server on a 2-core desktop computer, we could serve 506 RLWE-ECDSA-AES128-GCM-SHA256 HTTPS connections per second for a 10 KiB payload. Compared to elliptic curve Diffie-Hellman, this means an 8 KiB increased handshake size and a reduction in throughput of only 21%. This demonstrates that provably secure post-quantum key-exchange can already be considered practical.

Case-control study of ADARB1 and ADARB2 gene variants in migraine

Background: Migraine causes crippling attacks of severe head pain along with associated nausea, vomiting, photophobia and/or phonophobia. The aim of this study was to investigate single nucleotide polymorphisms (SNPs) in the adenosine deaminase, RNA-specific, B1 (ADARB1)and adenosine deaminase, RNA specific, B2 (ADARB2) genes in an Australian case-control Caucasian population for association with migraine. Both candidate genes are highly expressed in the central nervous system (CNS) and fit criteria for migraine neuropathology. SNPs in the ADARB2 gene were previously found to be positively associated with migraine in a pedigree-based GWAS using the genetic isolate of Norfolk Island, Australia. The ADARB1 gene was also chosen for investigation due to its important function in editing neurotransmitter receptor transcripts. Methods: Four SNPs in ADARB1 and nine in ADARB2 were selected by inspecting blocks of LD in Haploview for genotyping using either TaqMan or Sequenom assays. These SNPs were genotyped in two-hundred and ninety one patients who satisfied the International Classification of Headache Disorders, ICHD-II 2004 diagnostic criteria for migraine and three-hundred and fourteen controls and PLINK was used for association testing. Results: Chi-square (χ2) analysis found no significant association between any of the SNPs tested in the ADARB1 and ADARB2 genes in this study and the occurrence of migraine. Conclusions: In contrast to findings that SNPs in the ADARB2 gene were positively associated with migraine in the Norfolk Island population, we find no evidence to support the involvement of RNA editing genes in migraine susceptibility in an Australian Caucasian population.

Authentically ambiguous, credibly anonymous: Perceptually reframing the personal narrative towards effective persuasion in aggressive human rights contexts

Testing the strategies of discourse and materiality, this practice-based and practice-led research experiments with how anonymous storytelling by vulnerable communities, like that of the sexual minorities and their allies in Malaysia, can better speak to their human rights issues without further subjecting them to personal attacks and targetted persecution. The research identifies the critical role of the voice in lending authenticity and credibility to first person narratives; and contextual credibility as a form of credibility which personal stories naturally aspire to achieve with audiences. Adopting a discursive view of persuasion and recognising too that the power of persuasion may in effect lie with those who receive these stories rather than with those who tell them, the insights and knowledge gained from the research informed the development of the field output, Persuasive Storytelling by Vulnerable Communities in Aggressive Contexts: A Human Rights Communication Framework.

Analysis of one-pass block cipher based authenticated encryption schemes

This project analyses and evaluates the integrity assurance mechanisms used in four Authenticated Encryption schemes based on symmetric block ciphers. These schemes are all cross chaining block cipher modes that claim to provide both confidentiality and integrity assurance simultaneously, in one pass over the data. The investigations include assessing the validity of an existing forgery attack on certain schemes, applying the attack approach to other schemes and implementing the attacks to verify claimed probabilities of successful forgeries. For these schemes, the theoretical basis of the attack was developed, the attack algorithm implemented and computer simulations performed for experimental verification.

Bees at war: Interspecific battles and nest usurpation in stingless bees

We provide the first evidence for interspecific warfare in bees, a spectacular natural phenomenon that involves a series of aerial battles and leads to thousands of fatalities from both attacking and defending colonies. Molecular analysis of fights at a hive of the Australian stingless bee Tetragonula carbonaria revealed that the attack was launched by a related species, Tetragonula hockingsi, which has only recently extended its habitat into southeastern Queensland. Following a succession of attacks by the same T. hockingsi colony over a 4-month period, the defending T. carbonaria colony was defeated and the hive usurped, with the invading colony installing a new queen. We complemented our direct observations with a 5-year study of more than 260 Tetragonula hives and found interspecific hive changes, which were likely to be usurpation events, occurring in 46 hives over this period. We discuss how fighting swarms and hive usurpation fit with theoretical predictions on the evolution of fatal fighting and highlight the many unexplained features of these battles that warrant further study.

Robust iris recognition using decision fusion and degradation modelling

This thesis investigates the use of fusion techniques and mathematical modelling to increase the robustness of iris recognition systems against iris image quality degradation, pupil size changes and partial occlusion. The proposed techniques improve recognition accuracy and enhance security. They can be further developed for better iris recognition in less constrained environments that do not require user cooperation. A framework to analyse the consistency of different regions of the iris is also developed. This can be applied to improve recognition systems using partial iris images, and cancelable biometric signatures or biometric based cryptography for privacy protection.

Susceptibility to social engineering in social networking sites: The case of Facebook

Past research has suggested that social engineering poses the most significant security risk. Recent studies have suggested that social networking sites (SNSs) are the most common source of social engineering attacks. The risk of social engineering attacks in SNSs is associated with the difficulty of making accurate judgments regarding source credibility in the virtual environment of SNSs. In this paper, we quantitatively investigate source credibility dimensions in terms of social engineering on Facebook, as well as the source characteristics that influence Facebook users to judge an attacker as credible, therefore making them susceptible to victimization. Moreover, in order to predict users’ susceptibility to social engineering victimization based on their demographics, we investigate the effectiveness of source characteristics on different demographic groups by measuring the consent intentions and behavior responses of users to social engineering requests using a role-play experiment.

Measuring source credibility of social engineering attackers on Facebook

Past research has suggested that social networking sites are the most common source for social engineering-based attacks. Persuasion research shows that people are more likely to obey and accept a message when the source’s presentation appears to be credible. However, many factors can impact the perceived credibility of a source, depending on its type and the characteristics of the environment. Our previous research showed that there are four dimensions of source credibility in terms of social engineering on Facebook: perceived sincerity, perceived competence, perceived attraction, and perceived worthiness. Because the dimensionalities of source credibility as well as their measurement scales can fluctuate from one type of source to another and from one type of context to another, our aim in this study includes validating the existence of those four dimensions toward the credibility of social engineering attackers on Facebook and developing a valid measurement scale for every dimension of them.