一类广义Feistel密码的安全性评估

该文评估一类广义Feistel密码（GFC）抵抗差分和线性密码分析的能力：如果轮函数是双射且它的最大差分和线性特征的概率分别是p和q，则16轮GFC的差分和线性特征的概率的上界为p~7和q~7；如果轮函数采用SP结构且是双射，S盒的最大差分和线性特征的概率是pS和qS，P变换的分支数为P_d，则16轮GFC的差分和线性特征的概率的上界为(pS)~(3P_d+1)和(qS)~(3P_d+1)。

一类基于混沌函数的分组密码的安全性评估

评估了一类基于混沌函数的分组密码（generalized Feistel structure,简称GFS）抵抗差分密码分析和线性密码分析的能力，如果轮函数是双射且它的最大差分特征概率和线性逼近概率分别是p和q，则r轮GFS的最大差分特征和线性逼近的概率分别以p^r-1和q^r-1为其上界。

SOAP processing performance and enhancement

The web services (WS) technology provides a comprehensive solution for representing, discovering, and invoking services in a wide variety of environments, including Service Oriented Architectures (SOA) and grid computing systems. At the core of WS technology lie a number of XML-based standards, such as the Simple Object Access Protocol (SOAP), that have successfully ensured WS extensibility, transparency, and interoperability. Nonetheless, there is an increasing demand to enhance WS performance, which is severely impaired by XML's verbosity. SOAP communications produce considerable network traffic, making them unfit for distributed, loosely coupled, and heterogeneous computing environments such as the open Internet. Also, they introduce higher latency and processing delays than other technologies, like Java RMI and CORBA. WS research has recently focused on SOAP performance enhancement. Many approaches build on the observation that SOAP message exchange usually involves highly similar messages (those created by the same implementation usually have the same structure, and those sent from a server to multiple clients tend to show similarities in structure and content). Similarity evaluation and differential encoding have thus emerged as SOAP performance enhancement techniques. The main idea is to identify the common parts of SOAP messages, to be processed only once, avoiding a large amount of overhead. Other approaches investigate nontraditional processor architectures, including micro-and macrolevel parallel processing solutions, so as to further increase the processing rates of SOAP/XML software toolkits. This survey paper provides a concise, yet comprehensive review of the research efforts aimed at SOAP performance enhancement. A unified view of the problem is provided, covering almost every phase of SOAP processing, ranging over message parsing, serialization, deserialization, compression, multicasting, security evaluation, and data/instruction-level processing.

Propuesta de Mecanismos de Verificación de Integridad de Plataformas Móviles de Computación basados en Entornos Seguros de Ejecución

Las prestaciones y características de los dispositivos móviles actuales los sitúa a un nivel similar a los ordenadores de escritorio tradicionales en cuanto a funcionalidad y posibilidades de uso, añadiendo además la movilidad y la sensación de pertenencia al usuario que se deriva de ésta. Estas cualidades convierten a las plataformas móviles de computación en verdaderos ordenadores personales, y cada día es más popular su utilización en ámbitos distintos del ocio y las comunicaciones propiamente dichas, pasando a convertirse en herramientas de apoyo a la productividad también en el entorno profesional y corporativo. La utilización del dispositivo móvil como parte de una infraestructura de telecomunicaciones da lugar a nuevas expresiones de problemas clásicos de gestión y seguridad. Para tratar de abordarlos con la flexibilidad y la escalabilidad necesarias se plantean alternativas novedosas que parten de enfoques originales a estos problemas, como las ideas y conceptos que se engloban en la filosofía del Control de Acceso a la Red (Network Access Control, o NAC). La mayoría de los planteamientos de NAC se basan, en el ámbito de la seguridad, en comprobar ciertas características del dispositivo móvil para tratar de determinar hasta qué punto puede éste suponer una amenaza para los recursos de la red u otros usuarios de la misma. Obtener esta información de forma fiable resulta extremadamente difícil si se caracteriza el dispositivo mediante un modelo de caja blanca, muy adecuado dada la apertura propia de los sistemas operativos móviles actuales, muy diferentes de los de antaño, y la ausencia de un marco de seguridad efectivo en ellos. Este trabajo explora el Estado de la Técnica en este ámbito de investigación y plantea diferentes propuestas orientadas a cubrir las deficiencias de las soluciones propuestas hasta el momento y a satisfacer los estrictos requisitos de seguridad que se derivan de la aplicación del modelo de caja blanca, materializándose en última instancia en la definición de un mecanismo de evaluación de características arbitrarias de un cierto dispositivo móvil basado en Entornos Seguros de Ejecución (Trusted Execution Environments, o TEEs) con elevadas garantías de seguridad compatible con los planteamientos actuales de NAC. ABSTRACT The performance and features of today’s mobile devices make them able to compete with traditional desktop computers in terms of functionality and possible usages. In addition to this, they sport mobility and the stronger sense of ownership that derives from it. These attributes change mobile computation platforms into truly personal computers, allowing them to be used not only for leisure or as mere communications devices, but also as supports of productivity in professional and corporative environments. The utilization of mobile devices as part of a telecommunications infrastructure brings new expressions of classic management and security problems with it. In order to tackle them with appropriate flexibility and scalability, new alternatives are proposed based on original approaches to these problems, such as the concepts and ideas behind the philosophy of Network Access Control (NAC). The vast majority of NAC proposals are based, security-wise, on checking certain mobile device’s properties in order to evaluate how probable it is for it to become a threat for network resources or even other users of the infrastructure. Obtaining this information in a reliable and trustworthy way is extremely difficult if the device is characterized using a white-box model, which is the most appropriate if the openness of today’s mobile operating systems, very different from former ones, and the absence of an effective security framework are taken into account. This work explores the State of the Art related with the aforementioned field of research and presents different proposals targeted to overcome the deficiencies of current solutions and satisfy the strict security requirements derived from the application of the white box model. These proposals are ultimately materialized in the definition of a high-security evaluation procedure of arbitrary properties of a given mobile device based on Trusted Execution Environments (TEEs) which is compatible with modern NAC approaches.

Workshop on Methodology for Evaluating the Effectiveness of Transit Crime Reduction Measures in Automated Guideway Transit Systems. Proceedings. Final report.

Urban Mass Transportation Administration, Washington, D.C.

Evaluation of the contribution of fisheries and aquaculture to food security in developing countries

Fish contain important nutrients such as essential fatty acids, iron, zinc, calcium, vitamin A and vitamin C. Production of freshwater fish depends on the strategic application of various management techniques. The demand for fish products has increased beyond the natural supply, resulting in a high pressure on fisheries. Development of aquaculture is necessary for a rapid growth in fish production. A number of constraints hamper the development of aquaculture. Introduction of polyculture technologies in some countries is a way of maximizing production from different levels of the food chain. The roles of women in making fish products available to consumers is frequently over-looked by policy makers. Gender equity in policy-making and management of fisheries and in capacity building is an important issue. Fish production from inland waters and coastal areas can be increased by adopting cage and pen culture systems. Input subsidies and loans to resource poor farmers can boost fish production.

Practical Evaluation of Security against Generalized Interpolation Attack

Interpolation attack was presented by Jakobsen and Knudsen at FSE'97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In other words, it is difficult to evaluate the security against interpolation attack. This paper generalizes the interpolation attack. The generalization makes easier to evaluate the security against interpolation attack. We call the generalized interpolation attack linear sum attack. We present an algorithm that evaluates the security of byte-oriented ciphers against linear sum attack. Moreover, we show the relationship between linear sum attack and higher order differential attack. In addition, we show the security of CRYPTON, E2, and RIJNDAEL against linear sum attack using the algorithm.

Justice and Home Affairs databases and a Smart Borders System at EU external borders. An evaluation of current and forthcoming proposals. CEPS Paper in Liberty and Security No. 52/December 2012

This study examines current and forthcoming measures related to the exchange of data and information in EU Justice and Home Affairs policies, with a focus on the ‘smart borders’ initiative. It argues that there is no reversibility in the growing reliance on such schemes and asks whether current and forthcoming proposals are necessary and original. It outlines the main challenges raised by the proposals, including issues related to the right to data protection, but also to privacy and non-discrimination.