Timing attack di Paul C. Kocher: attacco al sistema di sicurezza RSA mediante strumenti di statistica

In questa tesi ho voluto descrivere il Timing Attack al sistema crittografico RSA, il suo funzionamento, la teoria su cui si basa, i suoi punti di forza e i punti deboli. Questo particolare tipo di attacco informatico fu presentato per la prima volta da Paul C. Kocher nel 1996 all’“RSA Data Security and CRYPTO conferences”. Nel suo articolo “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems” l’autore svela una nuova possibile falla nel sistema RSA, che non dipende da debolezze del crittosistema puramente matematiche, ma da un aspetto su cui nessuno prima di allora si era mai soffermato: il tempo di esecuzione delle operazioni crittografiche. Il concetto è tanto semplice quanto geniale: ogni operazione in un computer ha una certa durata. Le variazioni dei tempi impiegati per svolgere le operazioni dal computer infatti, necessariamente dipendono dal tipo di algoritmo e quindi dalle chiavi private e dal particolare input che si è fornito. In questo modo, misurando le variazioni di tempo e usando solamente strumenti statistici, Kocher mostra che è possibile ottenere informazioni sull’implementazione del crittosistema e quindi forzare RSA e altri sistemi di sicurezza, senza neppure andare a toccare l’aspetto matematico dell’algoritmo. Di centrale importanza per questa teoria diventa quindi la statistica. Questo perché entrano in gioco molte variabili che possono influire sul tempo di calcolo nella fase di decifrazione: - La progettazione del sistema crittografico - Quanto impiega la CPU ad eseguire il processo - L’algoritmo utilizzato e il tipo di implementazione - La precisione delle misurazioni - Ecc. Per avere più possibilità di successo nell’attaccare il sistema occorre quindi fare prove ripetute utilizzando la stessa chiave e input differenti per effettuare analisi di correlazione statistica delle informazioni di temporizzazione, fino al punto di recuperare completamente la chiave privata. Ecco cosa asserisce Kocher: “Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext.”, cioè, contro sistemi vulnerabili, l’attacco è computazionalmente poco costoso e spesso richiede solo di conoscere testi cifrati e di ottenere i tempi necessari per la loro decifrazione.

When Beauty Goes to Sleep: an analysis of the symbolism behind the sleeping beauty tale

Approaching the world of the fairy tale as an adult, one soon realizes that things are not what they once seemed during story time in bed. Something that once appeared so innocent and simple can become rather complex when digging into its origin. A kiss, for example, can mean something else entirely. I can clearly remember my sister, who is ten years older than I am, telling me that the fairy tales I was told had a mysterious hidden meaning I could not understand. I was probably 9 or 10 when she told me that the story of Sleeping Beauty, which I used to love so much in Disney’s rendering, was nothing more than the story of an adolescent girl, with all the necessary steps needed to become a woman, the bleeding of menstruation and the sexual awakening - even though she did not really put it in these terms. This shocking news troubled me for a while, so much so that I haven’t watched that movie since. But in reality it was not fear that my sister had implanted in me: it was curiosity, the feeling that I was missing something terribly important behind the words and images. But it was not until last year during my semester abroad in Germany, where I had the chance to take a very interesting English literature seminar, that I fully understood what I had been looking for all these years. Thanks to what I learned from the work of Bruno Bettelheim, Jack Zipes, Vladimir Propp, and many other authors that wrote extensively about the subject, I feel I finally have the right tools to really get to know this fairy tale. But what I also know now is that the message behind fairy tales is not to be searched for behind only one version: on the contrary, since they come from oral traditions and their form was slowly shaped by centuries of recountals and retellings, the more one digs, the more complete the understanding of the tale will be. I will therefore look for Sleeping Beauty’s hidden meaning by looking for the reason why it did stick so consistently throughout time. To achieve this goal, I have organized my analysis in three chapters: in the first chapter, I will analyze the first known literary version of the tale, the French Perceforest, and then compare it with the following Italian version, Basile’s Sun, Moon, and Talia; in the second chapter, I will focus on the most famous and by now classical literary versions of Sleeping Beauty, La Belle Au Bois Dormant, written by the Frenchman, Perrault, and the German Dornröschen, recorded by the Brothers Grimm’s; finally, in the last chapter, I will analyze Almodovar’s film Talk to Her as a modern rewriting of this tale, which after a closer look, appears closely related to the earliest version of the story, Perceforest.

The road to augmented reality: a comprehensive study of hardware and applications over the last ten years

Augmented reality has been growing extensively over the years in all aspects and multiple fields. My aim in this paper is to present a comprehensive study on augmented reality(AR) hardware and its applications from early developments to the possible future trends. Particularly my research is more focused on last 11 years(2012-2022), where I systematically reviewed 30 research papers per year to get a clear knowledge on trends of AR. A total of 330 publications were reviewed and grouped according to their application. The review's main contribution is to show the entire landscape of AR research and to provide a broad view of how it has evolved. Along with various AR glasses history and specifications are presented in detail. In the penultimate chapter I explained my methodology of research following my analysis from the past to the present along with my thoughts for the future. To conclude my study, In the final chapter I made some statements about possible future with AR, VR and XR(extended reality).