Analysis of one-pass block cipher based authenticated encryption schemes

This project analyses and evaluates the integrity assurance mechanisms used in four Authenticated Encryption schemes based on symmetric block ciphers. These schemes are all cross chaining block cipher modes that claim to provide both confidentiality and integrity assurance simultaneously, in one pass over the data. The investigations include assessing the validity of an existing forgery attack on certain schemes, applying the attack approach to other schemes and implementing the attacks to verify claimed probabilities of successful forgeries. For these schemes, the theoretical basis of the attack was developed, the attack algorithm implemented and computer simulations performed for experimental verification.

An algorithm for constructing Hjelmslev planes

Projective Hjelmslev planes and affine Hjelmslev planes are generalisations of projective planes and affine planes. We present an algorithm for constructing projective Hjelmslev planes and affine Hjelmslev planes that uses projective planes, affine planes and orthogonal arrays. We show that all 2-uniform projective Hjelmslev planes, and all 2-uniform affine Hjelmslev planes can be constructed in this way. As a corollary it is shown that all $2$-uniform affine Hjelmslev planes are sub-geometries of $2$-uniform projective Hjelmslev planes.

Bees at war: Interspecific battles and nest usurpation in stingless bees

We provide the first evidence for interspecific warfare in bees, a spectacular natural phenomenon that involves a series of aerial battles and leads to thousands of fatalities from both attacking and defending colonies. Molecular analysis of fights at a hive of the Australian stingless bee Tetragonula carbonaria revealed that the attack was launched by a related species, Tetragonula hockingsi, which has only recently extended its habitat into southeastern Queensland. Following a succession of attacks by the same T. hockingsi colony over a 4-month period, the defending T. carbonaria colony was defeated and the hive usurped, with the invading colony installing a new queen. We complemented our direct observations with a 5-year study of more than 260 Tetragonula hives and found interspecific hive changes, which were likely to be usurpation events, occurring in 46 hives over this period. We discuss how fighting swarms and hive usurpation fit with theoretical predictions on the evolution of fatal fighting and highlight the many unexplained features of these battles that warrant further study.

Robust iris recognition using decision fusion and degradation modelling

This thesis investigates the use of fusion techniques and mathematical modelling to increase the robustness of iris recognition systems against iris image quality degradation, pupil size changes and partial occlusion. The proposed techniques improve recognition accuracy and enhance security. They can be further developed for better iris recognition in less constrained environments that do not require user cooperation. A framework to analyse the consistency of different regions of the iris is also developed. This can be applied to improve recognition systems using partial iris images, and cancelable biometric signatures or biometric based cryptography for privacy protection.

Susceptibility to social engineering in social networking sites: The case of Facebook

Past research has suggested that social engineering poses the most significant security risk. Recent studies have suggested that social networking sites (SNSs) are the most common source of social engineering attacks. The risk of social engineering attacks in SNSs is associated with the difficulty of making accurate judgments regarding source credibility in the virtual environment of SNSs. In this paper, we quantitatively investigate source credibility dimensions in terms of social engineering on Facebook, as well as the source characteristics that influence Facebook users to judge an attacker as credible, therefore making them susceptible to victimization. Moreover, in order to predict users’ susceptibility to social engineering victimization based on their demographics, we investigate the effectiveness of source characteristics on different demographic groups by measuring the consent intentions and behavior responses of users to social engineering requests using a role-play experiment.

Measuring source credibility of social engineering attackers on Facebook

Past research has suggested that social networking sites are the most common source for social engineering-based attacks. Persuasion research shows that people are more likely to obey and accept a message when the source’s presentation appears to be credible. However, many factors can impact the perceived credibility of a source, depending on its type and the characteristics of the environment. Our previous research showed that there are four dimensions of source credibility in terms of social engineering on Facebook: perceived sincerity, perceived competence, perceived attraction, and perceived worthiness. Because the dimensionalities of source credibility as well as their measurement scales can fluctuate from one type of source to another and from one type of context to another, our aim in this study includes validating the existence of those four dimensions toward the credibility of social engineering attackers on Facebook and developing a valid measurement scale for every dimension of them.

Atheroma: Is calcium important or not? A modelling study of stress within the atheromatous fibrous cap in relation to position and size of calcium deposits

Atheromatous plaque rupture h the cause of the majority of strokes and heart attacks in the developed world. The role of calcium deposits and their contribution to plaque vulnerability are controversial. Some studies have suggested that calcified plaque tends to be more stable whereas others have suggested the opposite. This study uses a finite element model to evaluate the effect of calcium deposits on the stress within the fibrous cap by varying their location and size. Plaque fibrous cap, lipid pool and calcification were modeled as hyperelastic, Isotropic, (nearly) incompressible materials with different properties for large deformation analysis by assigning time-dependent pressure loading on the lumen wall. The stress and strain contours were illustrated for each condition for comparison. Von Mises stress only increases up to 1.5% when varying the location of calcification in the lipid pool distant to the fibrous cap. Calcification in the fibrous cap leads to a 43% increase of Von Mises stress when compared with that in the lipid pool. An increase of 100% of calcification area leads to a 15% stress increase in the fibrous cap. Calcification in the lipid pool does not increase fibrous cap stress when it is distant to the fibrous cap, whilst large areas of calcification close to or in the fibrous cap may lead to a high stress concentration within the fibrous cap, which may cause plaque rupture. This study highlights the application of a computational model on a simulation of clinical problems, and it may provide insights into the mechanism of plaque rupture.

Closed-form solutions for low-rank non-rigid reconstruction

Recovering the motion of a non-rigid body from a set of monocular images permits the analysis of dynamic scenes in uncontrolled environments. However, the extension of factorisation algorithms for rigid structure from motion to the low-rank non-rigid case has proved challenging. This stems from the comparatively hard problem of finding a linear “corrective transform” which recovers the projection and structure matrices from an ambiguous factorisation. We elucidate that this greater difficulty is due to the need to find multiple solutions to a non-trivial problem, casting a number of previous approaches as alleviating this issue by either a) introducing constraints on the basis, making the problems nonidentical, or b) incorporating heuristics to encourage a diverse set of solutions, making the problems inter-dependent. While it has previously been recognised that finding a single solution to this problem is sufficient to estimate cameras, we show that it is possible to bootstrap this partial solution to find the complete transform in closed-form. However, we acknowledge that our method minimises an algebraic error and is thus inherently sensitive to deviation from the low-rank model. We compare our closed-form solution for non-rigid structure with known cameras to the closed-form solution of Dai et al. [1], which we find to produce only coplanar reconstructions. We therefore make the recommendation that 3D reconstruction error always be measured relative to a trivial reconstruction such as a planar one.

Blast response and failure analysis of a segmented buried tunnel

Underground tunnels are vulnerable to terrorist attacks which can cause collapse of the tunnel structures or at least extensive damage, requiring lengthy repairs. This paper treats the blast impact on a reinforced concrete segmental tunnel buried in soil under a number of parametric conditions; soil properties, soil cover, distance of explosive from the tunnel centreline and explosive weight and analyses the possible failure patterns. A fully coupled Fluid Structure Interaction (FSI) technique incorporating the Arbitrary Lagrangian-Eulerian (ALE) method is used in this study. Results indicate that the tunnel in saturated soil is more vulnerable to severe damage than that buried in either partially saturated soil or dry soil. The tunnel is also more vulnerable to surface explosions which occur directly above the centre of the tunnel than those that occur at any equivalent distances in the ground away from the tunnel centre. The research findings provide useful information on modeling, analysis, overall tunnel response and failure patterns of segmented tunnels subjected to blast loads. This information will guide future development and application of research in this field.

On the leakage resilience of secure channel establishment

Secure communication channels are typically constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties and establishes shared secret keys, and a secure data transmission layer, which uses the secret keys to encrypt data. We address the partial leakage of communicating parties' long-term secret keys due to various side-channel attacks, and the partial leakage of plaintext due to data compression. Both issues can negatively affect the security of channel establishment and data transmission. In this work, we advance the modelling of security for AKE protocols by considering more granular partial leakage of parties' long-term secrets. We present generic and concrete constructions of two-pass leakage-resilient key exchange protocols that are secure in the proposed security models. We also examine two techniques--heuristic separation of secrets and fixed-dictionary compression--for enabling compression while protecting high-value secrets.

Continuous after-the-fact leakage-resilient eCK-secure key exchange

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to capture the security of AKE protocols even when the adversary learns certain secret values. Increased granularity of security can be modelled by considering partial leakage of secrets in the manner of models for leakage-resilient cryptography, designed to capture side-channel attacks. In this work, we use the strongest known partial-leakage-based security model for key exchange protocols, namely continuous after-the-fact leakage eCK (CAFL-eCK) model. We resolve an open problem by constructing the first concrete two-pass leakage-resilient key exchange protocol that is secure in the CAFL-eCK model.

Genome-wide association study of migraine implicates a common susceptibility variant on 8q22.1

Migraine is a common episodic neurological disorder, typically presenting with recurrent attacks of severe headache and autonomic dysfunction. Apart from rare monogenic subtypes, no genetic or molecular markers for migraine have been convincingly established. We identified the minor allele of rs1835740 on chromosome 8q22.1 to be associated with migraine (P = 5.38 x 10(-)(9), odds ratio = 1.23, 95% CI 1.150-1.324) in a genome-wide association study of 2,731 migraine cases ascertained from three European headache clinics and 10,747 population-matched controls. The association was replicated in 3,202 cases and 40,062 controls for an overall meta-analysis P value of 1.69 x 10(-)(1)(1) (odds ratio = 1.18, 95% CI 1.127-1.244). rs1835740 is located between MTDH (astrocyte elevated gene 1, also known as AEG-1) and PGCP (encoding plasma glutamate carboxypeptidase). In an expression quantitative trait study in lymphoblastoid cell lines, transcript levels of the MTDH were found to have a significant correlation to rs1835740 (P = 3.96 x 10(-)(5), permuted threshold for genome-wide significance 7.7 x 10(-)(5). To our knowledge, our data establish rs1835740 as the first genetic risk factor for migraine.

Nausea associated with migraines

Migraines are particularly common in young adults, with the prevalence reducing after the late 40s and early 50s years of age.1,2 Migraines are headaches that can have a throbbing or pulsating feeling, and often occur with nausea, vomiting, and sensitivity to light and sound. These headaches can last between a few hours to three days.1,3 They place a significant burden of disease on quality of life, and have a socio-economic impact through loss of productiveness and sick days.4 Most people report experiencing at least one migraine attack each month, with many reporting that migraine attacks interfered with their daily activities.2 Migraines have been ranked as the third most prevalent and seventh highest specific cause of disability around the world...

Initialisation flaws in the A5-GMR-1 satphone encryption algorithm

A5-GMR-1 is a synchronous stream cipher used to provide confidentiality for communications between satellite phones and satellites. The keystream generator may be considered as a finite state machine, with an internal state of 81 bits. The design is based on four linear feedback shift registers, three of which are irregularly clocked. The keystream generator takes a 64-bit secret key and 19-bit frame number as inputs, and produces an output keystream of length between $2^8$ and $2^{10}$ bits. Analysis of the initialisation process for the keystream generator reveals serious flaws which significantly reduce the number of distinct keystreams that the generator can produce. Multiple (key, frame number) pairs produce the same keystream, and the relationship between the various pairs is easy to determine. Additionally, many of the keystream sequences produced are phase shifted versions of each other, for very small phase shifts. These features increase the effectiveness of generic time-memory tradeoff attacks on the cipher, making such attacks feasible.

Computation of turbulent flow in an IFRF quarl burner

A computational model for isothermal axisymmetric turbulent flow in a quarl burner is set up using the CFD package FLUENT, and numerical solutions obtained from the model are compared with available experimental data. A standard k-e model and and two versions of the RNG k-e model are used to model the turbulence. One of the aims of the computational study is to investigate whether the RNG based k-e turbulence models are capable of yielding improved flow predictions compared with the standard k-e turbulence model. A difficulty is that the flow considered here features a confined vortex breakdown which can be highly sensitive to flow behaviour both upstream and downstream of the breakdown zone. Nevertheless, the relatively simple confining geometry allows us to undertake a systematic study so that both grid-independent and domain-independent results can be reported. The systematic study includes a detailed investigation of the effects of upstream and downstream conditions on the predictions, in addition to grid refinement and other tests to ensure that numerical error is not significant. Another important aim is to determine to what extent the turbulence model predictions can provide us with new insights into the physics of confined vortex breakdown flows. To this end, the computations are discussed in detail with reference to known vortex breakdown phenomena and existing theories. A major conclusion is that one of the RNG k-e models investigated here is able to correctly capture the complex forward flow region inside the recirculating breakdown zone. This apparently pathological result is in stark contrast to the findings of previous studies, most of which have concluded that either algebraic or differential Reynolds stress modelling is needed to correctly predict the observed flow features. Arguments are given as to why an isotropic eddy-viscosity turbulence model may well be able to capture the complex flow structure within the recirculating zone for this flow setup. With regard to the flow physics, a major finding is that the results obtained here are more consistent with the view that confined vortex breakdown is a type of axisymmetric boundary layer separation, rather than a manifestation of a subcritical flow state.