Extensions of the cube attack based on low degree annihilators

At Crypto 2008, Shamir introduced a new algebraic attack called the cube attack, which allows us to solve black-box polynomials if we are able to tweak the inputs by varying an initialization vector. In a stream cipher setting where the filter function is known, we can extend it to the cube attack with annihilators: By applying the cube attack to Boolean functions for which we can find low-degree multiples (equivalently annihilators), the attack complexity can be improved. When the size of the filter function is smaller than the LFSR, we can improve the attack complexity further by considering a sliding window version of the cube attack with annihilators. Finally, we extend the cube attack to vectorial Boolean functions by finding implicit relations with low-degree polynomials.

Potential interstellar molecules : Formation of neutral C6CO from C6CO- in the gas phase

Computations at the RCCSD(T)/aug-cc-pVDZ//B3LYP/6-31G* level of theory indicate that neutral C6CO is a stable species. The ground state of this neutral is the singlet cumulene oxide :C=C=C=C=C=C=C=O. The adiabatic electron affinity and dipole moment of singlet C6CO are 2.47 eV and 4.13 D, respectively, at this level of theory. The anion (C6CO)(-.) should be a possible precursor to this neutral. It has been formed by an unequivocal synthesis in the ion source of a mass spectrometer by the S(N)2(Si) reaction between (CH3)(3)Si-C=C-C=C-C=C-CO-CMe3 and F- to form C-=C-C=C-C=C-CO-CMe3 which loses Me3C in the source to form C6CO-.. Charge stripping of this anion by vertical Franck-Condon oxidation forms C6CO, characterised by the neutralisation-reionisation spectrum (-NR+) of C6CO-., which is stable during the timeframe of this experiment (10(-6) s), Copyright (C) 2000 John Wiley & Sons, Ltd.

MöBIUS-α commutative functions and partially coincident functions

The M¨obius transform of Boolean functions is often involved in cryptographic design and analysis. As studied previously, a Boolean function f is said to be coincident if it is identical with its M¨obius transform fμ, i.e., f = fμ...

An ontology-based service discovery approach for the provisioning of product-service bundles

More and more traditional manufacturing companies form or join inter-organizational networks to bundle their physical products with related services to offer superior value propositions to their customers. Some of these product-related services can be digitized completely and thus fully delivered electronically. Other services require the physical integration of external factors, but can still be coordinated electronically. In both cases companies and consumers face the problem of discovering appropriate product-related service offerings in the network or market. Based on ideas from the web service discovery discipline we propose a meet-in-the-middle approach between heavy-weight semantic technologies and simple boolean search to address this issue. Our approach is able to consider semantic relations in service descriptions and queries and thus delivers better results than syntax-based search. However – unlike most semantic approaches – it does not require the use of any formal language for semantic markup and thus requires less resources and skills for both service providers and consumers. To fully realize the potentials of the proposed approach a domain ontology is needed. In this research-in-progress paper we construct such an ontology for the domain of product-service bundles through analysis and synthesis of related work on service description. This will serve as an anchor for future research to iteratively improve and evaluate the ontology through collaborative design efforts and practical application.

Causal behavioural profiles : efficient computation, applications, and evaluation

Analysis of behavioural consistency is an important aspect of software engineering. In process and service management, consistency verification of behavioural models has manifold applications. For instance, a business process model used as system specification and a corresponding workflow model used as implementation have to be consistent. Another example would be the analysis to what degree a process log of executed business operations is consistent with the corresponding normative process model. Typically, existing notions of behaviour equivalence, such as bisimulation and trace equivalence, are applied as consistency notions. Still, these notions are exponential in computation and yield a Boolean result. In many cases, however, a quantification of behavioural deviation is needed along with concepts to isolate the source of deviation. In this article, we propose causal behavioural profiles as the basis for a consistency notion. These profiles capture essential behavioural information, such as order, exclusiveness, and causality between pairs of activities of a process model. Consistency based on these profiles is weaker than trace equivalence, but can be computed efficiently for a broad class of models. In this article, we introduce techniques for the computation of causal behavioural profiles using structural decomposition techniques for sound free-choice workflow systems if unstructured net fragments are acyclic or can be traced back to S- or T-nets. We also elaborate on the findings of applying our technique to three industry model collections.

Computational aspects of probabilistic assessment of UAS robust autonomy

As the level of autonomy in Unmanned Aircraft Systems (UAS) increases, there is an imperative need for developing methods to assess robust autonomy. This paper focuses on the computations that lead to a set of measures of robust autonomy. These measures are the probabilities that selected performance indices related to the mission requirements and airframe capabilities remain within regions of acceptable performance.

Characterisations of extended resiliency and extended immunity of S-boxes

New criteria of extended resiliency and extended immunity of vectorial Boolean functions, such as S-boxes for stream or block ciphers, were recently introduced. They are related to a divide-and-conquer approach to algebraic attacks by conditional or unconditional equations. Classical resiliency turns out to be a special case of extended resiliency and as such requires more conditions to be satisfied. In particular, the algebraic degrees of classically resilient S-boxes are restricted to lower values. In this paper, extended immunity and extended resiliency of S-boxes are studied and many characterisations and properties of such S-boxes are established. The new criteria are shown to be necessary and sufficient for resistance against the divide-and-conquer algebraic attacks by conditional or unconditional equations.

Cheating immune secret sharing

We consider secret sharing with binary shares. This model allows us to use the well developed theory of cryptographically strong boolean functions. We prove that for given secret sharing, the average cheating probability over all cheating and original vectors, i.e., ρ ¯= 1 n ⋅ 2 −n ∑ n c=1 ∑ α∈Vn ρ c,α , satisfies ρ ¯⩾ 1 2 , and the equality holds ⇔ ρc,α satisfies ρc,α = 1/2 for every cheating vector δc and every original vector α. In this case the secret sharing is said to be cheating immune. We further establish a relationship between cheating-immune secret sharing and cryptographic criteria of boolean functions. This enables us to construct cheating-immune secret sharing.

Cryptanalysis of FORK-256

In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with complexity of 2^125 (resp. 2^120) and with negligible memory, and by exhibiting a 22-bit near pseudo-collision. We also show that we can find collisions for the full compression function with a small amount of memory with complexity not exceeding 2^126.6 hash evaluations. We further show how to reduce this complexity to 2^109.6 hash computations by using 273 memory words. Finally, we show that this attack can be extended with no additional cost to find collisions for the full hash function, i.e. with the predefined IV.

A particle based model to simulate microscale morphological changes of plant tissues during drying

Fundamental understanding on microscopic physical changes of plant materials is vital to optimize product quality and processing techniques, particularly in food engineering. Although grid-based numerical modelling can assist in this regard, it becomes quite challenging to overcome the inherited complexities of these biological materials especially when such materials undergo critical processing conditions such as drying, where the cellular structure undergoes extreme deformations. In this context, a meshfree particle based model was developed which is fundamentally capable of handling extreme deformations of plant tissues during drying. The model is built by coupling a particle based meshfree technique: Smoothed Particle Hydrodynamics (SPH) and a Discrete Element Method (DEM). Plant cells were initiated as hexagons and aggregated to form a tissue which also accounts for the characteristics of the middle lamella. In each cell, SPH was used to model cell protoplasm and DEM was used to model the cell wall. Drying was incorporated by varying the moisture content, the turgor pressure, and cell wall contraction effects. Compared to the state of the art grid-based microscale plant tissue drying models, the proposed model can be used to simulate tissues under excessive moisture content reductions incorporating cell wall wrinkling. Also, compared to the state of the art SPH-DEM tissue models, the proposed model better replicates real tissues and the cell-cell interactions used ensure efficient computations. Model predictions showed good agreement both qualitatively and quantitatively with experimental findings on dried plant tissues. The proposed modelling approach is fundamentally flexible to study different cellular structures for their microscale morphological changes at dehydration.

Nanofabrication of single-crystalline flat-panel display microemitters : a plasma-building unit approach

This contribution is focused on plasma-enhanced chemical vapor deposition systems and their unique features that make them particularly attractive for nanofabrication of flat panel display microemitter arrays based on ordered patterns of single-crystalline carbon nanotip structures. The fundamentals of the plasma-based nanofabrication of carbon nanotips and some other important nanofilms and nanostructures are examined. Specific features, challenges, and potential benefits of using the plasma-based systems for relevant nanofabrication processes are analyzed within the framework of the "plasma-building unit" approach that builds up on extensive experimental data on plasma diagnostics and nanofilm/nanostructure characterization, and numerical simulation of the species composition in the ionized gas phase (multicomponent fluid models), ion dynamics and interaction with ordered carbon nanotip patterns, and ab initio computations of chemical structure of single crystalline carbon nanotips. This generic approach is also applicable for nanoscale assembly of various carbon nanostructures, semiconductor quantum dot structures, and nano-crystalline bioceramics. Special attention is paid to most efficient control strategies of the main plasma-generated building units both in the ionized gas phase and on nanostructured deposition surfaces. The issues of tailoring the reactive plasma environments and development of versatile plasma nanofabrication facilities are also discussed.

Nonlinear secret sharing immune against cheating

The paper investigates the design of secret sharing that is immune against cheating (as defined by the Tompa-Woll attack). We examine secret sharing with binary shares and secrets. Bounds on the probability of successful cheating are given for two cases. The first case relates to secret sharing based on bent functions and results in a non-perfect scheme. The second case considers perfect secret sharing built on highly nonlinear balanced Boolean functions.

On algebraic immunity and annihilators

Algebraic immunity AI(f) defined for a boolean function f measures the resistance of the function against algebraic attacks. Currently known algorithms for computing the optimal annihilator of f and AI(f) are inefficient. This work consists of two parts. In the first part, we extend the concept of algebraic immunity. In particular, we argue that a function f may be replaced by another boolean function f^c called the algebraic complement of f. This motivates us to examine AI(f ^c ). We define the extended algebraic immunity of f as AI *(f)= min {AI(f), AI(f^c )}. We prove that 0≤AI(f)–AI *(f)≤1. Since AI(f)–AI *(f)= 1 holds for a large number of cases, the difference between AI(f) and AI *(f) cannot be ignored in algebraic attacks. In the second part, we link boolean functions to hypergraphs so that we can apply known results in hypergraph theory to boolean functions. This not only allows us to find annihilators in a fast and simple way but also provides a good estimation of the upper bound on AI *(f).

On cheating immune secret sharing

The paper addresses the cheating prevention in secret sharing. We consider secret sharing with binary shares. The secret also is binary. This model allows us to use results and constructions from the well developed theory of cryptographically strong boolean functions. In particular, we prove that for given secret sharing, the average cheating probability over all cheating vectors and all original vectors, i.e., 1/n 2n ∑c=1...n ∑α∈V n ρc,α , denoted by ρ, satisfies ρ ≥ ½, and the equality holds if and only if ρc,α satisfies ρc,α= ½ for every cheating vector δc and every original vector α. In this case the secret sharing is said to be cheating immune. We further establish a relationship between cheating-immune secret sharing and cryptographic criteria of boolean functions.This enables us to construct cheating-immune secret sharing.

On secure multi-party computation in black-box groups

We study the natural problem of secure n-party computation (in the passive, computationally unbounded attack model) of the n-product function f G (x 1,...,x n ) = x 1 ·x 2 ⋯ x n in an arbitrary finite group (G,·), where the input of party P i is x i  ∈ G for i = 1,...,n. For flexibility, we are interested in protocols for f G which require only black-box access to the group G (i.e. the only computations performed by players in the protocol are a group operation, a group inverse, or sampling a uniformly random group element). Our results are as follows. First, on the negative side, we show that if (G,·) is non-abelian and n ≥ 4, then no ⌈n/2⌉-private protocol for computing f G exists. Second, on the positive side, we initiate an approach for construction of black-box protocols for f G based on k-of-k threshold secret sharing schemes, which are efficiently implementable over any black-box group G. We reduce the problem of constructing such protocols to a combinatorial colouring problem in planar graphs. We then give two constructions for such graph colourings. Our first colouring construction gives a protocol with optimal collusion resistance t < n/2, but has exponential communication complexity O(n*2t+1^2/t) group elements (this construction easily extends to general adversary structures). Our second probabilistic colouring construction gives a protocol with (close to optimal) collusion resistance t < n/μ for a graph-related constant μ ≤ 2.948, and has efficient communication complexity O(n*t^2) group elements. Furthermore, we believe that our results can be improved by further study of the associated combinatorial problems.