Timing attack di Paul C. Kocher: attacco al sistema di sicurezza RSA mediante strumenti di statistica

In questa tesi ho voluto descrivere il Timing Attack al sistema crittografico RSA, il suo funzionamento, la teoria su cui si basa, i suoi punti di forza e i punti deboli. Questo particolare tipo di attacco informatico fu presentato per la prima volta da Paul C. Kocher nel 1996 all’“RSA Data Security and CRYPTO conferences”. Nel suo articolo “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems” l’autore svela una nuova possibile falla nel sistema RSA, che non dipende da debolezze del crittosistema puramente matematiche, ma da un aspetto su cui nessuno prima di allora si era mai soffermato: il tempo di esecuzione delle operazioni crittografiche. Il concetto è tanto semplice quanto geniale: ogni operazione in un computer ha una certa durata. Le variazioni dei tempi impiegati per svolgere le operazioni dal computer infatti, necessariamente dipendono dal tipo di algoritmo e quindi dalle chiavi private e dal particolare input che si è fornito. In questo modo, misurando le variazioni di tempo e usando solamente strumenti statistici, Kocher mostra che è possibile ottenere informazioni sull’implementazione del crittosistema e quindi forzare RSA e altri sistemi di sicurezza, senza neppure andare a toccare l’aspetto matematico dell’algoritmo. Di centrale importanza per questa teoria diventa quindi la statistica. Questo perché entrano in gioco molte variabili che possono influire sul tempo di calcolo nella fase di decifrazione: - La progettazione del sistema crittografico - Quanto impiega la CPU ad eseguire il processo - L’algoritmo utilizzato e il tipo di implementazione - La precisione delle misurazioni - Ecc. Per avere più possibilità di successo nell’attaccare il sistema occorre quindi fare prove ripetute utilizzando la stessa chiave e input differenti per effettuare analisi di correlazione statistica delle informazioni di temporizzazione, fino al punto di recuperare completamente la chiave privata. Ecco cosa asserisce Kocher: “Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext.”, cioè, contro sistemi vulnerabili, l’attacco è computazionalmente poco costoso e spesso richiede solo di conoscere testi cifrati e di ottenere i tempi necessari per la loro decifrazione.

Attacco di Wiener a RSA

La mia tesi parla di un attacco crittografico ad RSA, ideato da Wiener, basato sulle frazioni continue. Il primo capitolo riguarda RSA, il secondo spiega la teoria delle frazioni continue e nel terzo spiego l'attacco passo per passo.

Propuesta de un método de entrenamiento de la RSA en baloncesto

La capacidad de repetir sprints (RSA) es una cualidad determinante del rendimiento de los deportistas en los deportes de equipo y de raqueta debido a la sucesión de esfuerzos máximos que tienen lugar durante la competición con un tiempo de descanso generalmente incompleto entre las acciones. Debido a esos descansos incompletos se produce una disminución del rendimiento que se manifiesta en la reducción de la velocidad de desplazamiento. Los factores que provocan este hecho están condicionados por la potencia muscular, la condición física aeróbica y la capacidad tampón del músculo. Con toda la información obtenida se realizan dos propuestas de entrenamiento (una para cada objetivo) de la RSA de forma integrada en el baloncesto, planteando diferentes ejercicios para su desarrollo.

Invaliditetsförsäkringkomiténs publikation no. : I[-V].

Mode of access: Internet.

Riksförsäkringsanstalten.

Added title page: The National Insurance Office.

The long-term impact of vocational rehabilitation : RSA-SSA data link analysis.

"September 6, 1989."

RSA-Grid: A grid computing based framework for power system reliability and security analysis

Grid computing is an emerging technology for providing the high performance computing capability and collaboration mechanism for solving the collaborated and complex problems while using the existing resources. In this paper, a grid computing based framework is proposed for the probabilistic based power system reliability and security analysis. The suggested name of this computing grid is Reliability and Security Grid (RSA-Grid). Then the architecture of this grid is presented. A prototype system has been built for further development of grid-based services for power systems reliability and security assessment based on probabilistic techniques, which require high performance computing and large amount of memory. Preliminary results based on prototype of this grid show that RSA-Grid can provide the comprehensive assessment results for real power systems efficiently and economically.

A combined approach for hiding partial information in RSA

Partial information leakage in deterministic public-key cryptosystems refers to a problem that arises when information about either the plaintext or the key is leaked in subtle ways. Quite a common case is where there are a small number of possible messages that may be sent. An attacker may be able to crack the scheme simply by enumerating all the possible ciphertexts. Two methods are proposed for facing the partial information leakage problem in RSA that incorporate a random element into the encrypted message to increase the number of possible ciphertexts. The resulting scheme is, effectively, an RSA-like cryptosystem which exhibits probabilistic encryption. The first method involves encrypting several similar messages with RSA and then using the Quadratic Residuosity Problem (QRP) to mark the intended one. In this way, an adversary who has correctly guessed two or more of the ciphertexts is still in doubt about which message is the intended one. The cryptographic strength of the combined system is equal to the computational difficulty of factorising a large integer; ideally, this should be feasible. The second scheme uses error-correcting codes for accommodating the random component. The plaintext is processed with an error-correcting code and deliberately corrupted before encryption. The introduced corruption lies within the error-correcting ability of the code, so as to enable the recovery of the original message. The random corruption offers a vast number of possible ciphertexts corresponding to a given plaintext; hence an attacker cannot deduce any useful information from it. The proposed systems are compared to other cryptosystems sharing similar characteristics, in terms of execution time and ciphertext size, so as to determine their practical utility. Finally, parameters which determine the characteristics of the proposed schemes are also examined.

Evaluating responses of maize (Zea mays L.) to soil physical conditions using a boundary line approach

The functional relation between the decline in the rate of a physiological process and the magnitude of a stress related to soil physical conditions is an important tool for uses as diverse as assessment of the stress-related sensitivity of different plant cultivars and characterization of soil structure. Two of the most pervasive sources of stress are soil resistance to root penetration (SR) and matric potential (psi). However, the assessment of these sources of stress on physiological processes in different soils can be complicated by other sources of stress and by the strong relation between SR and psi in a soil. A multivariate boundary line approach was assessed as a means of reducing these cornplications. The effects of SR and psi stress conditions on plant responses were examined under growth chamber conditions. Maize plants (Zea mays L.) were grown in soils at different water contents and having different structures arising from variation in texture, organic carbon content and soil compaction. Measurements of carbon exchange (CE), leaf transpiration (ILT), plant transpiration (PT), leaf area (LA), leaf + shoot dry weight (LSDW), root total length (RTL), root surface area (RSA) and root dry weight (RDW) were determined after plants reached the 12-leaf stage. The LT, PT and LA were described as a function of SR and psi with a double S-shaped function using the multivariate boundary line approach. The CE and LSDW were described by the combination of an S-shaped function for SR and a linear function for psi. The root parameters were described by a single S-shaped function for SR. The sensitivity to SR and psi depended on the plant parameter. Values of PT, LA and LSDW were most sensitive to SR. Among those parameters exhibiting a significant response to psi, PT was most sensitive. The boundary line approach was found to be a useful tool to describe the functional relation between the decline in the rate of a physiological process and the magnitude of a stress related to soil physical conditions. (C) 2009 Elsevier B.V. All rights reserved.

Val/Leu(247) Polymorphism of beta 2-glycoprotein I in Brazilian Patients with Antiphospholipid Syndrome-A Genetic Risk Factor?

A genetic polymorphism of the beta 2-glycoprotein I (beta 2-GPI) is recognized by antiphospholipid antibodies (aPL) and may even play a role in the development of antiphospholipid syndrome (APS). The objectives of this study were to determine a Val/Leu SNP at position 247 of the beta 2-GPI gene in Brazilian patients with APS and to compare these data with clinical and laboratory manifestations. Polymorphism assignment was performed by PCR followed by Rsa I restriction endonuclease. The titration of anti-beta 2-GPI antibodies was detected by ELISA. The results showed significantly higher frequencies of the V-encoding allele and the homozygous VV genotype in patients with APS than in control subjects (OR = 1.781, P = 0.0068; and OR = 6.413, P < 0.0001, respectively). The frequency of this genotype was also significantly higher in patients with arterial and venous thrombosis than in the control group (52% and 44%, respectively, versus 13%). Anti-beta 2-GPI-positive patients had significantly higher frequencies of the VV genotype than the controls subjects (OR = 8.179, P < 0.0001). These results suggest that the V-encoding allele and the homozygous VV genotype at position 247 of the beta 2-GPI gene may play a role in the generation of anomalous beta 2-GPI, with consequent auto-antibody production, and in phenotype expression of arterial and venous thrombosis in APS patients.

How important are brain banks for alcohol research?

This article contains the proceedings of a symposium at the 2002 RSA/ISBRA Meeting in San Francisco, organized and chaired by Clive Harper and co-chaired by Izuru Matsumoto. The presentations were (1) Introduction, by Clive Harper; (2) The quality of tissue-a critical issue, by Therese Garrick; (3) The first systematic brain tissue donor program in Japan, by Izuru Matsumoto; (4) Brain scans after death-really! by Adolf Pfefferbaum, Elfar Adalsteinsson, and Edith Sullivan; (5) Capture that (genial) expression, by Joanne Lewohl and Peter Dodd; and (6) Neurochemical/pharmacological studies: experimental design and limitations, by Roger Butterworth.

Gene Expression in Brain: A Window on Ethanol Dependence, Neuroadaptation, and Preference

This article represents the proceedings of a symposium at the 2002 joint RSA/ISBRA Conference in San Francisco, California. The organizer was Paula L. Hoffman and the co-chairs were Paula L. Hoffman and Michael Miles. The presentations were (1) Introduction and overview of the use of DNA microarrays, by Michael Miles; (2) DNA microarray analysis of gene expression in brains of P and NP rats, by Howard J. Edenberg; (3) Gene expression patterns in brain regions of AA and ANA rats, by Wolfgang Sommer; (4) Patterns of gene expression in brains of selected lines of mice that differ in ethanol tolerance, by Boris Tabakoff; (5) Gene expression profiling related to initial sensitivity and tolerance in gamma-protein kinase C mutants, by Jeanne Wehner; and (6) Gene expression patterns in human alcoholic brain: from microarrays to protein profiles, by Joanne Lewohl.