240 resultados para Attack
Resumo:
Both the SSS and SOBER-t32 stream cipher designs use a single word-based shift register and a nonlinear filter function to produce keystream. In this paper we show that the algebraic attack method previously applied to SOBER-t32 is prevented from succeeding on SSS by the use of the key dependent substitution box (SBox) in the nonlinear filter of SSS. Additional assumptions and modifications to the SSS cipher in an attempt to enable algebraic analysis result in other difficulties that also render the algebraic attack infeasible. Based on these results, we conclude that a well chosen key-dependent substitution box used in the nonlinear filter of the stream cipher provides resistance against such algebraic attacks.
Resumo:
A self-escrowed public key infrastructure (SE-PKI) combines the usual functionality of a public-key infrastructure with the ability to recover private keys given some trap-door information. We present an additively homomorphic variant of an existing SE-PKI for ElGamal encryption. We also propose a new efficient SE-PKI based on the ElGamal and Okamoto-Uchiyama cryptosystems that is more efficient than the previous SE-PKI. This is the first SE-PKI that does not suffer from a key doubling problem of previous SE-PKI proposals. Additionally, we present the first self-escrowed encryption schemes secure against chosen-ciphertext attack in the standard model. These schemes are also quite efficient and are based on the Cramer-Shoup cryptosystem, and the Kurosawa-Desmedt hybrid variant in different groups.
Resumo:
The photocatalytic disinfection of Enterobacter cloacae and Enterobacter coli using microwave (MW), convection hydrothermal (HT) and Degussa P25 titania was investigated in suspension and immobilized reactors. In suspension reactors, MW-treated TiO(2) was the most efficient catalyst (per unit weight of catalyst) for the disinfection of E. cloacae. However, HT-treated TiO(2) was approximately 10 times more efficient than MW or P25 titania for the disinfection of E. coli suspensions in surface water using the immobilized reactor. In immobilized experiments, using surface water a significant amount of photolysis was observed using the MW- and HT-treated films; however, disinfection on P25 films was primarily attributed to photocatalysis. Competitive action of inorganic ions and humic substances for hydroxyl radicals during photocatalytic experiments, as well as humic substances physically screening the cells from UV and hydroxyl radical attack resulted in low rates of disinfection. A decrease in colony size (from 1.5 to 0.3 mm) was noted during photocatalytic experiments. The smaller than average colonies were thought to occur during sublethal (•) OH and O(2) (•-) attack. Catalyst fouling was observed following experiments in surface water and the ability to regenerate the surface was demonstrated using photocatalytic degradation of oxalic acid as a model test system
Resumo:
Blends of lignin and poly(hydroxybutyrate) (PHB) were obtained by melt extrusion. They were buried in a garden soil for up to 12 months, and the extent and mechanism of degradation were investigated by gravimetric analysis, thermogravimetric analysis (TGA), differential scanning calorimetry (DSC), X-ray photoelectron spectroscopy (XPS), scanning electron microscopy (SEM) and Fourier transform infra-red spectroscopy (FTIR) over the entire range of compositions. The PHB films were disintegrated and lost 45 wt% of mass within 12 months. This value dropped to 12 wt% of mass when only 10 wt% of lignin was present, suggesting that lignin both inhibited and slowed down the rate of PHB degradation. TGA and DSC indicated structural changes, within the lignin/PHB matrix, with burial time, while FTIR results confirmed the fragmentation of the PHB polymer. XPS revealed an accumulation of biofilms on the surface of buried samples, providing evidence of a biodegradation mechanism. Significant surface roughness was observed with PHB films due to microbial attack caused by both loosely and strongly associated micro-organisms. The presence of lignin in the blends may have inhibited the colonisation of the micro-organisms and caused the blends to be more resistant to microbial attack. Analysis suggested that lignin formed strong hydrogen bonds with PHB in the buried samples and it is likely that the rate of breakdown of PHB is reduced, preventing rapid degradation of the blends.
Resumo:
Non-state insurgent actors are too weak to compel powerful adversaries to their will, so they use violence to coerce. A principal objective is to grow and sustain violent resistance to the point that it either militarily challenges the state, or more commonly, generates unacceptable political costs. To survive, insurgents must shift popular support away from the state and to grow they must secure it. State actor policies and actions perceived as illegitimate and oppressive by the insurgent constituency can generate these shifts. A promising insurgent strategy is to attack states in ways that lead angry publics and leaders to discount the historically established risks and take flawed but popular decisions to use repressive measures. Such decisions may be enabled by a visceral belief in the power of coercion and selective use of examples of where robust measures have indeed suppressed resistance. To avoid such counterproductive behaviours the cases of apparent 'successful repression' must be understood. This thesis tests whether robust state action is correlated with reduced support for insurgents, analyses the causal mechanisms of such shifts and examines whether such reduction is because of compulsion or coercion? The approach is founded on prior research by the RAND Corporation which analysed the 30 insurgencies most recently resolved worldwide to determine factors of counterinsurgent success. This new study first re-analyses their data at a finer resolution with new queries that investigate the relationship between repression and insurgent active support. Having determined that, in general, repression does not correlate with decreased insurgent support, this study then analyses two cases in which the data suggests repression seems likely to be reducing insurgent support: the PKK in Turkey and the insurgency against the Vietnamese-sponsored regime after their ousting of the Khmer Rouge. It applies 'structured-focused' case analysis with questions partly built from the insurgency model of Leites and Wolf, who are associated with the advocacy of US robust means in Vietnam. This is thus a test of 'most difficult' cases using a 'least likely' test model. Nevertheless, the findings refute the deterrence argument of 'iron fist' advocates. Robust approaches may physically prevent effective support of insurgents but they do not coercively deter people from being willing to actively support the insurgency.
Resumo:
This paper presents a model for generating a MAC tag with a stream cipher using the input message indirectly. Several recent proposals represent instances of this model with slightly different options. We investigate the security of this model for different options, and identify cases which permit forgery attacks. Based on this, we present a new forgery attack on version 1.4 of 128-EIA3. Design recommendations to enhance the security of proposals following this general model are given.
Resumo:
12.1 Drugs for hypertension 12.1.1 Epidemiology and pathophysiology 12.1.2 Diuretics for hypertension 12.2.3 Vasodilators for hypertension 12.4.4 β-Adrenoceptor blockers for hypertension 12.2. Drugs for angina 12.2.1 Typical angina 12.2.2 Drugs to treat an attack of typical angina 12,2.3 Drugs to prevent an attack of typical angina 12.2.4 Atypical angina 12.3 Drugs for heart failure 12.3.1 The heart failure epidemic 12.3.2 Compensatory changes in heart failure 12.3.3 Diuretics for heart failure 12.3.4 ACE inhibitors and AT1-receptor antagonists 12.3.5 β-adrenoceptor antagonists 12.3.6 Digoxin
Resumo:
Authigenic illite-smectite and chlorite in reservoir sandstones from several Pacific rim sedimentary basins in Australia and New Zealand have been examined using an Electroscan Environmental Scanning Electron Microscope (ESEM) before, during, and after treatment with fresh water and HCl, respectively. These dynamic experiments are possible in the ESEM because, unlike conventional SEMs that require a high vacuum in the sample chamber (10-6 torr), the ESEM will operate at high pressures up to 20 torr. This means that materials and processes can be examined at high magnifications in their natural states, wet or dry, and over a range of temperatures (-20 to 1000 degrees C) and pressures. Sandstones containing the illite-smectite (60-70% illite interlayers) were flushed with fresh water for periods of up to 12 hours. Close examination of the same illite-smectite lines or filled pores, both before and after freshwater treatments, showed that the morphology of the illite-smectite was not changed by prolonged freshwater treatment. Chlorite-bearing sandstones (Fe-rich chlorite) were reacted with 1M to 10M HCl at temperatures of up to 80 degrees C and for periods of up to 48 hours. Before treatment the chlorites showed typically platy morphologies. After HCl treatment the chlorite grains were coated with an amorphous gel composed of Ca, Cl, and possibly amorphous Si, as determined by EDS analyses on the freshly treated rock surface. Brief washing in water removed this surface coating and revealed apparently unchanged chlorite showing no signs of dissolution or acid attack. However, although the chlorite showed no morphological changes, elemental analysis only detected silicon and oxygen.
Resumo:
NeSSi (network security simulator) is a novel network simulation tool which incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profile-based automated attack generation, traffic analysis and support for detection algorithm plug-ins allow it to be used for security research and evaluation purposes. NeSSi has been successfully used for testing intrusion detection algorithms, conducting network security analysis and developing overlay security frameworks. NeSSi is built upon the agent framework JIAC, resulting in a distributed and extensible architecture. In this paper, we provide an overview of the NeSSi architecture as well as its distinguishing features and briefly demonstrate its application to current security research projects.
Resumo:
Sfinks is a shift register based stream cipher designed for hardware implementation and submitted to the eSTREAM project. In this paper, we analyse the initialisation process of Sfinks. We demonstrate a slid property of the loaded state of the Sfinks cipher, where multiple key-IV pairs may produce phase shifted keystream sequences. The state update functions of both the initialisation process and keystream generation and also the pattern of the padding affect generation of the slid pairs.
Resumo:
The effect of HCl on authigenic chlorite in three different sandstones has been examined uisng an Environmental Scanning Electron Microscope (ESEM), together with conventional analytical techniques. The ESEM enabled chlorites to be directly observed in situ at high magnifications during HCl treatment, and was particularly effective in allowing the same chlorite areas to be closely compared before and after acid treatment. Chlorites were reacted with 1M to 10M HCl at temperatures up to 80°C and for periods up to five months. After all treatments, chlorites show extensive leaching of iron, magnesium and aluminum, and their crystalline structure is destroyed. However, despite these major compositional and structural changes, chlorites show little or no visible evidence of acid attack, with precise morphological detail of individual plates preserved in all samples following acid treatments. Chlorite dissolution, sensu stricto, did not occur as a result of acidization of the host sandstones. Acid-treated chlorides are likely to exits in a structurally weakened state that may make them susceptible to physical disintegration during fluid flow. Accordingly, fines migration may be a significant engineering problem associated with the acidization of chlorite-bearing sandstones. © 1993.
Resumo:
A5/1 is a shift register based stream cipher which uses a majority clocking rule to update its registers. It is designed to provide privacy for the GSM system. In this paper, we analyse the initialisation process of A5/1. We demonstrate a sliding property of the A5/1 cipher, where every valid internal state is also a legitimate loaded state and multiple key-IV pairs produce phase shifted keystream sequences. We describe a possible ciphertext only attack based on this property.
Resumo:
A complex attack is a sequence of temporally and spatially separated legal and illegal actions each of which can be detected by various IDS but as a whole they constitute a powerful attack. IDS fall short of detecting and modeling complex attacks therefore new methods are required. This paper presents a formal methodology for modeling and detection of complex attacks in three phases: (1) we extend basic attack tree (AT) approach to capture temporal dependencies between components and expiration of an attack, (2) using enhanced AT we build a tree automaton which accepts a sequence of actions from input message streams from various sources if there is a traversal of an AT from leaves to root, and (3) we show how to construct an enhanced parallel automaton that has each tree automaton as a subroutine. We use simulation to test our methods, and provide a case study of representing attacks in WLANs.
Resumo:
Smartphones started being targets for malware in June 2004 while malware count increased steadily until the introduction of a mandatory application signing mechanism for Symbian OS in 2006. From this point on, only few news could be read on this topic. Even despite of new emerging smartphone platforms, e.g. android and iPhone, malware writers seemed to lose interest in writing malware for smartphones giving users an unappropriate feeling of safety. In this paper, we revisit smartphone malware evolution for completing the appearance list until end of 2008. For contributing to smartphone malware research, we continue this list by adding descriptions on possible techniques for creating the first malware(s) for Android platform. Our approach involves usage of undocumented Android functions enabling us to execute native Linux application even on retail Android devices. This can be exploited to create malicious Linux applications and daemons using various methods to attack a device. In this manner, we also show that it is possible to bypass the Android permission system by using native Linux applications.
Resumo:
In the modern connected world, pervasive computing has become reality. Thanks to the ubiquity of mobile computing devices and emerging cloud-based services, the users permanently stay connected to their data. This introduces a slew of new security challenges, including the problem of multi-device key management and single-sign-on architectures. One solution to this problem is the utilization of secure side-channels for authentication, including the visual channel as vicinity proof. However, existing approaches often assume confidentiality of the visual channel, or provide only insufficient means of mitigating a man-in-the-middle attack. In this work, we introduce QR-Auth, a two-step, 2D barcode based authentication scheme for mobile devices which aims specifically at key management and key sharing across devices in a pervasive environment. It requires minimal user interaction and therefore provides better usability than most existing schemes, without compromising its security. We show how our approach fits in existing authorization delegation and one-time-password generation schemes, and that it is resilient to man-in-the-middle attacks.
