Analysis of simplified variants of SHA-256

In this paper we analyse the role of some of the building blocks of SHA-256. We show that the disturbance-correction strategy is applicable to the SHA-256 architecture and we prove that functions Σ, σ are vital for the security of SHA-256 by showing that for a variant without them it is possible to find collisions with complexity 2^64 hash operations. As a step towards an analysis of the full function, we present the results of our experiments on Hamming weights of expanded messages for different variants of the message expansion and show that there exist low-weight expanded messages for XOR-linearised variants.

Finding good differential patterns for attacks on SHA-1

In this paper we analyse properties of the message expansion algorithm of SHA-1 and describe a method of finding differential patterns that may be used to attack reduced versions of SHA-1. We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code. Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.

Side Channel Analysis of Some Hash Based MACs: A Response to SHA-3 Requirements

The forthcoming NIST’s Advanced Hash Standard (AHS) competition to select SHA-3 hash function requires that each candidate hash function submission must have at least one construction to support FIPS 198 HMAC application. As part of its evaluation, NIST is aiming to select either a candidate hash function which is more resistant to known side channel attacks (SCA) when plugged into HMAC, or that has an alternative MAC mode which is more resistant to known SCA than the other submitted alternatives. In response to this, we perform differential power analysis (DPA) on the possible smart card implementations of some of the recently proposed MAC alternatives to NMAC (a fully analyzed variant of HMAC) and HMAC algorithms and NMAC/HMAC versions of some recently proposed hash and compression function modes. We show that the recently proposed BNMAC and KMDP MAC schemes are even weaker than NMAC/HMAC against the DPA attacks, whereas multi-lane NMAC, EMD MAC and the keyed wide-pipe hash have similar security to NMAC against the DPA attacks. Our DPA attacks do not work on the NMAC setting of MDC-2, Grindahl and MAME compression functions.

Grøstl – a SHA-3 candidate

Grøstl is a SHA-3 candidate proposal. Grøstl is an iterated hash function with a compression function built from two fixed, large, distinct permutations. The design of Grøstl is transparent and based on principles very different from those used in the SHA-family. The two permutations are constructed using the wide trail design strategy, which makes it possible to give strong statements about the resistance of Grøstl against large classes of cryptanalytic attacks. Moreover, if these permutations are assumed to be ideal, there is a proof for the security of the hash function. Grøstl is a byte-oriented SP-network which borrows components from the AES. The S-box used is identical to the one used in the block cipher AES and the diffusion layers are constructed in a similar manner to those of the AES. As a consequence there is a very strong confusion and diffusion in Grøstl. Grøstl is a so-called wide-pipe construction where the size of the internal state is significantly larger than the size of the output. This has the effect that all known, generic attacks on the hash function are made much more difficult. Grøstl has good performance on a wide range of platforms and counter-measures against side-channel attacks are well-understood from similar work on the AES.

Grøstl - a SHA-3 candidate

Grøstl is a SHA-3 candidate proposal. Grøstl is an iterated hash function with a compression function built from two �fixed, large, distinct permutations. The design of Grøstl is transparent and based on principles very different from those used in the SHA-family. The two permutations are constructed using the wide trail design strategy, which makes it possible to give strong statements about the resistance of Grøstl against large classes of cryptanalytic attacks. Moreover, if these permutations are assumed to be ideal, there is a proof for the security of the hash function. Grøstl is a byte-oriented SP-network which borrows components from the AES. The S-box used is identical to the one used in the block cipher AES and the diffusion layers are constructed in a similar manner to those of the AES. As a consequence there is a very strong confusion and diffusion in Grøstl

SHA-3 Design and Cryptanalysis Report

The competition to select a new secure hash function standard SHA-3 was initiated in response to surprising progress in the cryptanalysis of existing hash function constructions that started in 2004. In this report we survey design and cryptanalytic results of those 14 candidates that remain in the competition, about 1.5 years after the competition started with the initial submission of the candidates in October 2008. Implementation considerations are not in the scope of this report. The diversity of designs is also reflected in the great variety of cryptanalytic techniques and results that were applied and found during this time. This report gives an account of those techniques and results.

Cholesterol-lowering management of stroke : inconsistencies of evidence and practice

Cholesterol-lowering treatment by statins is an important and costly issue; however, its role in stroke has not been well documented. The aim of the present study was to review literature and current practice regarding cholesterol-lowering treatment for stroke patients. A literature review was conducted on lipids in stroke and their management with both statins and diet, including the cost-effectiveness of medical nutrition therapy. Qualifying criteria and prescription procedures of the Pharmaceutical Benefits Scheme (PBS) were also reviewed. Data on lipid levels and statin prescriptions were analysed for 468 patients admitted to a stroke unit. The literature shows that management with both medication and diet can be effective, especially when combined; however, 60% of patients with an ischaemic event had fasting total cholesterol measures ≥4 mmol/L (n = 231), with only 52% prescribed statins on discharge (n = 120). Hypercholesterolaemia is an underdiagnosed and undertreated risk factor within the stroke population. It appears that the PBS has not kept pace with advances in the evidence in terms of statin use in the stroke population, and review is needed. The present review should address the qualifying criteria for the stroke population and recommendations on referral to dietitians for dietary advice. Cholesterol-lowering treatment for both stroke patients and the wider population is an area that needs awareness raising and review by the PBS, medical practitioners and dietitians. The role of dietary and pharmacological treatments needs to be clearly defined, including adjunct therapy, and the cost-effectiveness of medical nutrition therapy realised.

Existential experience : the unfolding

This paper reports on a project concerned with the relationship between person and space in the context of achieving a contemplative state. The need for such a study originated with the desire to contribute to the design of multicultural spaces which could be used for a range of activities including prayer and meditation. Given that the words ‘prayer’ and ‘meditation’ are highly value-laden and potentially alienating for some people, it was decided to use the more accessible term ‘contemplative’. While the project is still underway,several findings have emerged that can be reported on and are of relevance to the conference both methodologically and substantively. Informed by phenomenological methodology, data were collected from a diverse group of people using photo-elicitation and interviewing. The technique of photo-elicitation proved to be highly effective in helping people to reveal their everyday lived experience of contemplative spaces. This methodological aspect of the project is described more fully in the paper. The initial stage of analysis produced two categories of data: varying conceptions of contemplation and contemplative space; and, common understandings of contemplation and contemplative space. From this it was found that achieving a state of contemplation involves both the person and the environment in a dialectic process of unfolding. The unfolding has various physical, psycho-social, and existential dimensions or qualities which operate sequentially and simultaneously. In the paper, these are labelled:the unfolding of the core; distinction; manifestation; cleansing; creation; and sharing, and have parallels with Mircea Eliade’s 1959 definition of sacred as 'something that manifests itself, shows itself, as something wholly different from the profane’. It also connects with the views of Nishida Kitaro from the Kyoto School of Philosophy on the theme of ‘absolute nothingness’: ‘the body-mind is dropped off and we are united with the consciousness of absolute nothingness’ (Kitaro in Heisig, 2001, p. 169). According to Marion (2005), ‘nothingness’ is defined by givenness. In the paper, this fold of givenness is interpreted in the context of the qualities of the environment that accomplish the act of coming forward into visibility through the dialectic relationship with a person. (Eliade, 1959, Heisig, 2001, Marion, 2002)

Review on Australian and international practices for asset management in building infrastructure

Both in developed and developing economies, major public funding is invested in civil infrastructure assets. Efficiency and comfort level of expected and demanded living standards are largely dependant on the management strategies of these assets. Buildings are one of the major & vital assets, which need to be maintained primarily to ensure its functionality by effective & efficient delivery of services and to optimize economic benefits. Not withstanding, public building infrastructure is not considered in Infrastructure report card published by Australian Infrastructure Report Card Alliance Partners (2001). The reason appears to be not having enough data to rate public building infrastructure. American Infrastructure Report Card (2001) gave “School Buildings” ‘d-’ rating, which is below ‘poor’. For effective asset management of building infrastructure, a need emerged to optimise the budget for managing assets, to cope up with increased user expectations, to response effectively to possible asset failures, to deal with ageing of assets and aging populations and to treat other scenarios including technology advancement and non-asset solutions. John (Asset Management, 2001) suggests that in the area of asset management worldwide, UK, Australia and New Zealand are leading.

Identification of critical input variables for risk-based cost estimates for road maintenance and rehabilitation

An estimation of costs for maintenance and rehabilitation is subject to variation due to the uncertainties of input parameters. This paper presents the results of an analysis to identify input parameters that affect the prediction of variation in road deterioration. Road data obtained from 1688 km of a national highway located in the tropical northeast of Queensland in Australia were used in the analysis. Data were analysed using a probability-based method, the Monte Carlo simulation technique and HDM-4’s roughness prediction model. The results of the analysis indicated that among the input parameters the variability of pavement strength, rut depth, annual equivalent axle load and initial roughness affected the variability of the predicted roughness. The second part of the paper presents an analysis to assess the variation in cost estimates due to the variability of the overall identified critical input parameters.

Challenges in residual service life assessment for refurbishment

A need for an efficient life care management of building portfolio is becoming increasingly due to increase in aging building infrastructure globally. Appropriate structural engineering practices along with facility management can assist in optimising the remaining life cycle costs for existing public building portfolio. A more precise decision to either demolish, refurbish, do nothing or rebuilt option for any typical building under investigation is needed. In order to achieve this, the status of health of the building needs to be assessed considering several aspects including economic and supply-demand considerations. An investment decision for a refurbishment project competing with other capital works and/or refurbishment projects can be supported by emerging methodology residual service life assessment. This paper discusses challenges in refurbishment projects of public buildings and with a view towards development of residual service life assessment methodology

Optimisation of maintenance expenditure for buildings : refurbish or demolish

With an increase in growing number of aging public building infrastructure globally, there is an opportunity for an efficient life care management rather then mere demolition and rebuild. By carefully implementing appropriate structural engineering practices with facility management, the whole of life cycle costs for public building assets can be optimised and public money can be saved and better utilised elsewhere. A need of decision support tool/methodology which can assist asset manager make better decision among demolish, refurbish, do nothing or rebuilt option for any typical building under consideration is growing in order to optimise maintenance funds. The paper is part of research project focusing on development of such methodology known as residual service life prediction. The paper is mainly focusing on following three major aspects of public building infrastructure; first, issues and challenges in optimisation of maintenance funds, second, residual service life prediction methodology and issues and challenges in the development of such methodology. The paper concludes with the authors’ observations and further research potentials

Building infrastructure asset management : Australian practices

Generally, major public funding is invested in civil infrastructure assets. The efficiency and comfort level of expected and actual living standards is largely dependant on the management strategies of these assets. Buildings are one of the major & vital assets, which need to be maintained primarily to ensure their functionality by effective & efficient delivery of services and to optimise economic benefits. In Australia, billions of dollars are spent annually managing and maintaining built assets. These assets make up the social and economic infrastructure, which facilitate the essential services to public and business. Buildings are one of the prime & fundamental assets, which need to be managed effectively and efficiently to ensure that related services are delivered economically and sustainably

Comparative study of guidelines and practices for building infrastructure asset management

This paper presents a comparative study of primarily Australian (and limited international) practices and guidelines on Buildings Asset Management (BAM). The objective of this study was to identify potential gaps in current practices and potential areas of research for further improvement. The paper starts with an overview of BAM. Later sections cover current BAM practices and guidelines across different states of Australia; give a limited overview of international practices and concludes with the authors’ observations.