493 resultados para economic security
Resumo:
Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs. Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87. If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 2 54.
Resumo:
Most previous work on unconditionally secure multiparty computation has focused on computing over a finite field (or ring). Multiparty computation over other algebraic structures has not received much attention, but is an interesting topic whose study may provide new and improved tools for certain applications. At CRYPTO 2007, Desmedt et al introduced a construction for a passive-secure multiparty multiplication protocol for black-box groups, reducing it to a certain graph coloring problem, leaving as an open problem to achieve security against active attacks. We present the first n-party protocol for unconditionally secure multiparty computation over a black-box group which is secure under an active attack model, tolerating any adversary structure Δ satisfying the Q 3 property (in which no union of three subsets from Δ covers the whole player set), which is known to be necessary for achieving security in the active setting. Our protocol uses Maurer’s Verifiable Secret Sharing (VSS) but preserves the essential simplicity of the graph-based approach of Desmedt et al, which avoids each shareholder having to rerun the full VSS protocol after each local computation. A corollary of our result is a new active-secure protocol for general multiparty computation of an arbitrary Boolean circuit.
Resumo:
NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.
Resumo:
Espionage, surveillance and clandestine operations by secret agencies and governments were something of an East–West obsession in the second half of the twentieth century, a fact reflected in literature and film. In the twenty-first century, concerns of the Cold War and the threat of Communism have been rearticulated in the wake of 9/11. Under the rubric of ‘terror’ attacks, the discourses of security and surveillance are now framed within an increasingly global context. As this article illustrates, surveillance fiction written for young people engages with the cultural and political tropes that reflect a new social order that is different from the Cold War era, with its emphasis on spies, counter espionage, brainwashing and psychological warfare. While these tropes are still evident in much recent literature, advances in technology have transformed the means of tracking, profiling and accumulating data on individuals’ daily activities. Little Brother, The Hunger Games and Article 5 reflect the complex relationship between the real and the imaginary in the world of surveillance and, as this paper discusses, raise moral and ethical issues that are important questions for young people in our age of security.
Resumo:
Small and medium firms (SMEs) that operate in global markets are vulnerable to external shocks in uncertain, hostile and volatile business environments given their limited resources and inexperience. In such environments entrepreneurial firms respond by making strategic choices to mitigate such vulnerabilities. This research examines one such important strategic choice – entrepreneurial posturing and its link to financial performance in Finnish SMEs during the global financial crisis. Findings suggest that the dimensions of entrepreneurial posturing have a differential effect on firm performance depending upon the severity of the business environment as well as the firm’s degree of internationalization. Implications for theory and practice are discussed and directions for future research provided.
Resumo:
This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)
Resumo:
In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.
Resumo:
The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.
Resumo:
Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.
Resumo:
The focus of Cents and Sustainability is to respond to the call by Dr Gro Brundtland in the seminal book Our Common Future to achieve, 'a new era of economic growth - growth that is forceful and at the same time socially and environmentally sustainable'. With the 20th anniversary of Our Common Future in 2007, it is clearly time to re-examine this important work in a modern global context. Using the framework of ‘Decoupling Economic Growth from Environmental Pressures’, Cents and Sustainability investigates a range of new evidence and research in order to develop a deeper understanding of how, and under what conditions, this 'forceful sustainable growth' is possible. With an introduction by Dr Jim MacNeill (former Secretary General to the Brundtland Commission, and former Director, OECD Environment Directorate 1978 -1984), the book will carry forewords from Dr Gro Brundtland (former Chair of the World Commission on Environment and Development), Dr Rajendra Pachauri (Chief, Intergovernmental Panel on Climate Change (IPCC), and joint recipient of the 2007 Nobel Peace Prize on behalf of the IPCC), and Dr Kenneth Ruffing (former Deputy Director and Chief Economist of the OECD Environment Directorate 2000 - 2005). Beginning with a detailed explanation of decoupling theory, along with investigation into a range of issues and barriers to its achievement, the book then focuses on informing national strategies for decoupling. Then putting this into action the book focuses on five key areas of decoupling, namely greenhouse gas emissions, biodiversity, freshwater extraction, waste production, and air pollution, and in each case showing compelling evidence for significant cost effective reductions in environmental pressures. The book concludes with a detailed case study of the groundbreaking application of public interest litigation to combat air pollution in Delhi, India.
Resumo:
With increasing signs of climate change and the influence of national and international carbon-related laws and agreements, governments all over the world are grappling with how to rapidly transition to low-carbon living. This includes adapting to the impacts of climate change that are very likely to be experienced due to current emission levels (including extreme weather and sea level changes), and mitigating against further growth in greenhouse gas emissions that are likely to result in further impacts. Internationally, the concept of ‘Biophilic Urbanism’, a term coined by Professors Tim Beatley and Peter Newman to refer to the use of natural elements as design features in urban landscapes, is emerging as a key component in addressing such climate change challenges in rapidly growing urban contexts. However, the economics of incorporating such options is not well understood and requires further attention to underpin a mainstreaming of biophilic urbanism. Indeed, there appears to be an ad hoc, reactionary approach to creating economic arguments for or against the design, installation or maintenance of natural elements such as green walls, green roofs, streetscapes, and parklands. With this issue in mind, this paper will overview research as part of an industry collaborative research project that considers the potential for using a number of environmental economic valuation techniques that have evolved over the last several decades in agricultural and resource economics, to systematically value the economic value of biophilic elements in the urban context. Considering existing literature on environmental economic valuation techniques, the paper highlights opportunities for creating a standardised language for valuing biophilic elements. The conclusions have implications for expanding the field of environmental economic value to support the economic evaluations and planning of the greater use of natural elements in cities. Insights are also noted for the more mature fields of agricultural and resource economics.
Resumo:
Built environment design around the world faces a number of 21st Century challenges such as rising urban heat island effect and rising pollution, which are further worsened by consequences of climate change and increasing urban populations. Such challenges have caused cities around the globe to investigate options that can help to significantly reduce the environmental pressures from current and future development, requiring new areas of innovation. One such area is ‘Biophilic Urbanism’, which refers to the use of natural elements as design features in urban centres to assist efforts to address climate change issues in rapidly growing economies. Singapore is an illustration of a thriving economy that exemplifies the value of embedding nature into its built environment. The significance of urban green space has been recognised in Singapore as early as the 1960s when Lee Kuan Yew embarked on the ‘Garden City’ concept. 50 years later, Singapore has achieved its Garden City goal and is now entering a new era of sustainability, to create a ‘City in a Garden’. Although the economics of such efforts is not entirely understood, the city of Singapore has continued to pursue visions of becoming a biophilic city. Indeed, there appears to be important lessons to be learned from a city that has challenged the preconceived notion that protecting vegetation in a city is not economically viable. Hence, this paper will discuss the case study of Singapore to highlight the drivers, along with the economic considerations identified along the way. The conclusions have implications for expanding the notion of biophilic urbanism, particularly in the Australian context by discussing the lessons learned from this city. The research is part of Sustainable Built Environment National Research Centre, and has been developed in collaboration with the Curtin University Sustainability Policy Institute.
Resumo:
This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.
Resumo:
In this paper we discuss the social, economic and institutional aspects of the development of carbon management systems within Australia's tropical savannas. Land-use values in savanna landscapes are changing as a result of changing economic markets, greater recognition of native title, and growing social demands and expectations for tourism, recreation and conservation. In addition, there is increasing interest in developing markets and policy arrangements for greenhouse gas abatement, carbon sequestration and carbon trade in savannas. We argue that for carbon management to lead to national greenhouse outcomes, attention must be paid to social, economic and institutional issues in environmental planning and policy arrangements. From an economic perspective, the financial impact of carbon management on savanna enterprises will depend on appropriate and available policy mechanisms, unit price for carbon, landscape condition, existing management strategies and abatement measurements used. Local social and cultural features of communities and regions may enhance or constrain the implementation of carbon abatement strategies, depending on how they are perceived. In terms of institutional arrangements, policies and plans must support and enable carbon management. We identify three areas that require priority investigation and adjustment: regional planning arrangements, property rights, and rules for accounting at enterprise and regional scales. We conclude that the best potential for managing for carbon will be achieved while managing for range of other natural resource management outcomes, especially where managing for carbon delivers collateral benefits to enterprises.
Resumo:
When the acronym of ëBRICí was coined in 2001 by Jim OíNeill of Goldman Sachs, it was expected that economic growth rates in India, Brazil and Russia would eventually catch up with that of China. However, China has continued to outperform the other economies in the group, even after it was renamed ëBRICSí to reflect the inclusion of South Africa in 2010. The focus of this chapter is on one of the BRICS economies, namely India. Its aim is to examine from an economic perspective, why Indiaís performance has not lived up to expectations, and comment on the key challenges it faces in meeting them. We begin with some descriptive statistics regarding the progress of the Indian economy since 1990. While it has been growing at a rapid rate since the reforms it introduced in the1990s, there has been a slowdown in its overall GDP growth rates since 2008. The rate of growth experienced in the period 2003ñ07 was an average of 10.5 per cent. However, since the recession following the Global Financial Crisis (GFC) of 2008, the growth rate has fallen. From the period 2008ñ12 it has only registered an average growth rate of 6.5 per cent (World Bank, 2013). This chapter suggests that one of the major factors underpinning this slowdown is the performance of Indiaís agricultural sector. The importance of the agricultural sector is highlighted by the following stylized facts.
