933 resultados para Terrorist attacks
Resumo:
Authenticated Encryption (AE) is the cryptographic process of providing simultaneous confidentiality and integrity protection to messages. This approach is more efficient than applying a two-step process of providing confidentiality for a message by encrypting the message, and in a separate pass providing integrity protection by generating a Message Authentication Code (MAC). AE using symmetric ciphers can be provided by either stream ciphers with built in authentication mechanisms or block ciphers using appropriate modes of operation. However, stream ciphers have the potential for higher performance and smaller footprint in hardware and/or software than block ciphers. This property makes stream ciphers suitable for resource constrained environments, where storage and computational power are limited. There have been several recent stream cipher proposals that claim to provide AE. These ciphers can be analysed using existing techniques that consider confidentiality or integrity separately; however currently there is no existing framework for the analysis of AE stream ciphers that analyses these two properties simultaneously. This thesis introduces a novel framework for the analysis of AE using stream cipher algorithms. This thesis analyzes the mechanisms for providing confidentiality and for providing integrity in AE algorithms using stream ciphers. There is a greater emphasis on the analysis of the integrity mechanisms, as there is little in the public literature on this, in the context of authenticated encryption. The thesis has four main contributions as follows. The first contribution is the design of a framework that can be used to classify AE stream ciphers based on three characteristics. The first classification applies Bellare and Namprempre's work on the the order in which encryption and authentication processes take place. The second classification is based on the method used for accumulating the input message (either directly or indirectly) into the into the internal states of the cipher to generate a MAC. The third classification is based on whether the sequence that is used to provide encryption and authentication is generated using a single key and initial vector, or two keys and two initial vectors. The second contribution is the application of an existing algebraic method to analyse the confidentiality algorithms of two AE stream ciphers; namely SSS and ZUC. The algebraic method is based on considering the nonlinear filter (NLF) of these ciphers as a combiner with memory. This method enables us to construct equations for the NLF that relate the (inputs, outputs and memory of the combiner) to the output keystream. We show that both of these ciphers are secure from this type of algebraic attack. We conclude that using a keydependent SBox in the NLF twice, and using two different SBoxes in the NLF of ZUC, prevents this type of algebraic attack. The third contribution is a new general matrix based model for MAC generation where the input message is injected directly into the internal state. This model describes the accumulation process when the input message is injected directly into the internal state of a nonlinear filter generator. We show that three recently proposed AE stream ciphers can be considered as instances of this model; namely SSS, NLSv2 and SOBER-128. Our model is more general than a previous investigations into direct injection. Possible forgery attacks against this model are investigated. It is shown that using a nonlinear filter in the accumulation process of the input message when either the input message or the initial states of the register is unknown prevents forgery attacks based on collisions. The last contribution is a new general matrix based model for MAC generation where the input message is injected indirectly into the internal state. This model uses the input message as a controller to accumulate a keystream sequence into an accumulation register. We show that three current AE stream ciphers can be considered as instances of this model; namely ZUC, Grain-128a and Sfinks. We establish the conditions under which the model is susceptible to forgery and side-channel attacks.
Resumo:
Availability has become a primary goal of information security and is as significant as other goals, in particular, confidentiality and integrity. Maintaining availability of essential services on the public Internet is an increasingly difficult task in the presence of sophisticated attackers. Attackers may abuse limited computational resources of a service provider and thus managing computational costs is a key strategy for achieving the goal of availability. In this thesis we focus on cryptographic approaches for managing computational costs, in particular computational effort. We focus on two cryptographic techniques: computational puzzles in cryptographic protocols and secure outsourcing of cryptographic computations. This thesis contributes to the area of cryptographic protocols in the following ways. First we propose the most efficient puzzle scheme based on modular exponentiations which, unlike previous schemes of the same type, involves only a few modular multiplications for solution verification; our scheme is provably secure. We then introduce a new efficient gradual authentication protocol by integrating a puzzle into a specific signature scheme. Our software implementation results for the new authentication protocol show that our approach is more efficient and effective than the traditional RSA signature-based one and improves the DoSresilience of Secure Socket Layer (SSL) protocol, the most widely used security protocol on the Internet. Our next contributions are related to capturing a specific property that enables secure outsourcing of cryptographic tasks in partial-decryption. We formally define the property of (non-trivial) public verifiability for general encryption schemes, key encapsulation mechanisms (KEMs), and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption avors. We show that some generic transformations and concrete constructions enjoy this property and then present a new public-key encryption (PKE) scheme having this property and proof of security under the standard assumptions. Finally, we combine puzzles with PKE schemes for enabling delayed decryption in applications such as e-auctions and e-voting. For this we first introduce the notion of effort-release PKE (ER-PKE), encompassing the well-known timedrelease encryption and encapsulated key escrow techniques. We then present a security model for ER-PKE and a generic construction of ER-PKE complying with our security notion.
Resumo:
Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.
Resumo:
This chapter examines the doctrinal methodology which many lawyers consider best typifies a distinctly legal approach to research. Legal research skills have been identified as a core skill for lawyers, and within the profession, such skills are regarded as synonymous with the doctrinal research method. Good legal research skills are a necessary step in attaining the ability to ‘think like a lawyer’ and achieving valid legal reasoning outcomes. For lawyers, therefore, the doctrinal method is an intuitive aspect of legal work. Yet as this chapter demonstrates, the doctrinal methodology is not without its detractors. There have been serious criticisms of the method put forward by exponents of the various critical legal theories, as well as a perception in some academic circles that the doctrinal research method is nothing more than mere ‘scholarship’ and as a result less compelling or respected than the research methods used by those in the sciences and social sciences. Despite these attacks, and the incursions on the method posed by the growth in the use of non-doctrinal and interdisciplinary research work by lawyers, the argument put forward in this chapter is that the doctrinal method still necessarily forms the basis for most, if not all, legal research projects.
Resumo:
Maritime security has emerged as a critical legal and political issue in the contemporary world. Terrorism in the maritime domain is a major maritime security issue. Ten out of the 44 major terrorist groups of the world, as identified in the US Department of State’s Country Reports on Terrorism, have maritime terrorism capabilities. Prosecution of maritime terrorists is a politically and legally difficult issue, which may create conflicts of jurisdiction. Prosecution of alleged maritime terrorists is carried out by national courts. There is no international judicial institution for the prosecution of maritime terrorists. International law has therefore anticipated a vital role for national courts in this respect. The international legal framework for combating maritime terrorism has been elaborately examined in existing literature therefore this paper will only highlight the issues regarding the prosecution of maritime terrorists. This paper argues that despite having comprehensive intentional legal framework for the prosecution of maritime terrorists there is still some scopes for conflicts of jurisdiction particularly where two or more States are interested to prosecute the same offender. This existing legal problem has been further aggravated in the post September 11 era. Due to the political and security implications, States may show reluctance in ensuring the international law safeguards of alleged perpetrators in the arrest, detention and prosecution process. Nevertheless, international law has established a comprehensive system for the prosecution of maritime terrorists where national courts is the main forum of ensuring the international law safeguards of alleged perpetrators as well as ensuring the effective prosecution of maritime terrorists thereby playing an instrumental role in establishing a rule based system for combating maritime terrorism. Using two case studies, this paper shows that the role of national courts has become more important in the present era because there may be some situations where no State is interested to initiate proceedings in international forums for vindicating rights of an alleged offender even if there is a clear evidence of violation of international human rights law in the arrest, detention and prosecution process. This paper presents that despite some bottlenecks national courts are actively playing this critical role. Overall, this paper highlights the instrumental role of national courts in the international legal order.
Resumo:
Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.
Resumo:
In recent years face recognition systems have been applied in various useful applications, such as surveillance, access control, criminal investigations, law enforcement, and others. However face biometric systems can be highly vulnerable to spoofing attacks where an impostor tries to bypass the face recognition system using a photo or video sequence. In this paper a novel liveness detection method, based on the 3D structure of the face, is proposed. Processing the 3D curvature of the acquired data, the proposed approach allows a biometric system to distinguish a real face from a photo, increasing the overall performance of the system and reducing its vulnerability. In order to test the real capability of the methodology a 3D face database has been collected simulating spoofing attacks, therefore using photographs instead of real faces. The experimental results show the effectiveness of the proposed approach.
Resumo:
The Transport Layer Security (TLS) protocol is the most widely used security protocol on the Internet. It supports negotiation of a wide variety of cryptographic primitives through different cipher suites, various modes of client authentication, and additional features such as renegotiation. Despite its widespread use, only recently has the full TLS protocol been proven secure, and only the core cryptographic protocol with no additional features. These additional features have been the cause of several practical attacks on TLS. In 2009, Ray and Dispensa demonstrated how TLS renegotiation allows an attacker to splice together its own session with that of a victim, resulting in a man-in-the-middle attack on TLS-reliant applications such as HTTP. TLS was subsequently patched with two defence mechanisms for protection against this attack. We present the first formal treatment of renegotiation in secure channel establishment protocols. We add optional renegotiation to the authenticated and confidential channel establishment model of Jager et al., an adaptation of the Bellare--Rogaway authenticated key exchange model. We describe the attack of Ray and Dispensa on TLS within our model. We show generically that the proposed fixes for TLS offer good protection against renegotiation attacks, and give a simple new countermeasure that provides renegotiation security for TLS even in the face of stronger adversaries.
Resumo:
Migraine is a common neurological disorder characterised by temporary disabling attacks of severe head pain and associated disturbances. There is significant evidence to suggest a genetic aetiology to the disease however few causal mutations have been conclusively linked to the migraine subtypes Migraine with (MA) or without Aura (MO). The Potassium Channel, Subfamily K, member 18 (KCNK18) gene, coding the potassium channel TRESK, is the first gene in which a rare mutation resulting in a non-functional truncated protein has been identified and causally linked to MA in a multigenerational family. In this study, three common polymorphisms in the KCNK18 gene were analysed for genetic variation in an Australian case-control migraine population consisting of 340 migraine cases and 345 controls. No association was observed for the polymorphisms examined with the migraine phenotype or with any haplotypes across the gene. Therefore even though the KCNK18 gene is the only gene to be causally linked to MA our studies indicate that common genetic variation in the gene is not a contributor to MA.
Resumo:
Migraine is a common neurovascular brain disorder characterised by recurrent attacks of severe headache that may be accompanied by various neurological symptoms. Migraine is thought to result from activation of the trigeminovascular system followed by vasodilation of pain-producing intracranial blood vessels and activation of second-order sensory neurons in the trigeminal nucleus caudalis. Calcitonin gene-related peptide (CGRP) is a mediator of neurogenic inflammation and the most powerful vasodilating neuropeptide, and has been implicated in migraine pathophysiology. Consequently, genes involved in CGRP synthesis or CGRP receptor genes may play a role in migraine and/or increase susceptibility. This study investigates whether variants in the gene that encodes CGRP, calcitonin-related polypeptide alpha (CALCA) or in the gene that encodes a component of its receptor, receptor activity modifying protein 1 (RAMP1), are associated with migraine pathogenesis and susceptibility. The single nucleotide polymorphisms (SNPs) rs3781719 and rs145837941 in the CALCA gene, and rs3754701 and rs7590387 at the RAMP1 locus, were analysed in an Australian Caucasian population of migraineurs and matched controls. Although we find no significant association of any of the SNPs tested with migraine overall, we detected a nominally significant association (p = 0.031) of the RAMP1 rs3754701 variant in male migraine subjects, although this is non-significant after Bonferroni correction for multiple testing.
Resumo:
Migraine is a neurological disorder that affects the central nervous system causing painful attacks of headache. A genetic vulnerability and exposure to environmental triggers can influence the migraine phenotype. Migraine interferes in many facets of people’s daily life including employment commitments and their ability to look after their families resulting in a reduced quality of life. Identification of the biological processes that underlie this relatively common affliction has been difficult because migraine does not have any clearly identifiable pathology or structural lesion detectable by current medical technology. Theories to explain the symptoms of migraine have focused on the physiological mechanisms involved in the various phases of headache and include the vascular and neurogenic theories. In relation to migraine pathophysiology the trigeminovascular system and cortical spreading depression have also been implicated with supporting evidence from imaging studies and animal models. The objective of current research is to better understand the pathways and mechanisms involved in causing pain and headache to be able to target interventions. The genetic component of migraine has been teased apart using linkage studies and both candidate gene and genome-wide association studies, in family and case-control cohorts. Genomic regions that increase individual risk to migraine have been identified in neurological, vascular and hormonal pathways. This review discusses knowledge of the pathophysiology and genetic basis of migraine with the latest scientific evidence from genetic studies.
Resumo:
Focal segmental glomerulosclerosis (FSGS) is the consequence of a disease process that attacks the kidney's filtering system, causing serious scarring. More than half of FSGS patients develop chronic kidney failure within 10 years, ultimately requiring dialysis or renal transplantation. There are currently several genes known to cause the hereditary forms of FSGS (ACTN4, TRPC6, CD2AP, INF2, MYO1E and NPHS2). This study involves a large, unique, multigenerational Australian pedigree in which FSGS co-segregates with progressive heart block with apparent X-linked recessive inheritance. Through a classical combined approach of linkage and haplotype analysis, we identified a 21.19 cM interval implicated on the X chromosome. We then used a whole exome sequencing approach to identify two mutated genes, NXF5 and ALG13, which are located within this linkage interval. The two mutations NXF5-R113W and ALG13-T141L segregated perfectly with the disease phenotype in the pedigree and were not found in a large healthy control cohort. Analysis using bioinformatics tools predicted the R113W mutation in the NXF5 gene to be deleterious and cellular studies support a role in the stability and localization of the protein suggesting a causative role of this mutation in these co-morbid disorders. Further studies are now required to determine the functional consequence of these novel mutations to development of FSGS and heart block in this pedigree and to determine whether these mutations have implications for more common forms of these diseases in the general population.
Resumo:
A loss of function mutation in the TRESK K2P potassium channel (KCNK18), has recently been linked with typical familial migraine with aura. We now report the functional characterisation of additional TRESK channel missense variants identified in unrelated patients. Several variants either had no apparent functional effect, or they caused a reduction in channel activity. However, the C110R variant was found to cause a complete loss of TRESK function, yet is present in both sporadic migraine and control cohorts, and no variation in KCNK18 copy number was found. Thus despite the previously identified association between loss of TRESK channel activity and migraine in a large multigenerational pedigree, this finding indicates that a single non-functional TRESK variant is not alone sufficient to cause typical migraine and highlights the genetic complexity of this disorder. Migraine is a common, disabling neurological disorder with a genetic, environmental and in some cases hormonal component. It is characterized by attacks of severe, usually unilateral and throbbing headache, can be accompanied by nausea, vomiting and photophobia and is clinically divided into two main subtypes, migraine with aura (MA) when a migraine is accompanied by transient and reversible focal neurological symptoms and migraine without aura (MO)1. The multifactorial and clinical heterogeneity of the disorder have considerably hindered the identification of common migraine susceptibility genes and most of our current understanding comes from the studies of familial hemiplegic migraine (FHM), a rare monogenic autosomal dominant form of MA2. So far, the three susceptibility genes that have been convincingly identified in FHM families all encode ion channels or transporters: CACNA1A encoding the α1 subunit of the Cav2.1 calcium channel3, SCN1A encoding the Nav1.1 sodium channel4 and ATP1A2 encoding the α2 subunit of the Na+/K+ pump5. It is believed that mutations in these genes may lead to increased efflux of glutamate and potassium in the synapse and thereby cause migraine by rendering the brain more susceptible to cortical spreading depression (CSD)6 which is thought to play a role in initiating a migraine attack7,8. However, these genes have not to date been implicated in common forms of migraine9. Nevertheless, current opinion suggests that typical migraine, like FHM, is also disorder of neuronal excitability, ion homeostasis and neurotransmitter release10,11,12. Mutations in the SLC4A4 gene encoding the sodium-bicarbonate cotransporter NBCe1, have recently been implicated in several different forms of migraine13, and a variety of genes involved in glutamate homeostasis (PGCP, MTDH14 and LRP115) and a cation channel (TRPM8)15 have also recently been implicated in migraine via genome-wide association studies. Ion channels are therefore highly likely to play an important role in the pathogenesis of typical migraine. TRESK (KCNK18), is a member of the two-pore domain (K2P) family of potassium channels involved in the control of cellular electrical excitability16. Regulation of TRESK activity by the calcium-dependent phosphatase calcineurin17, as well as its expression in dorsal root ganglia (DRG)18 and trigeminal ganglia (TG)19,20 has led to a proposed role for this channel in a variety of pain pathways. In a recent study, a frameshift mutation (F139Wfsx24) in TRESK was identified in a large multigenerational pedigree where it co-segregated perfectly with typical MA and a significant genome-wide linkage LOD score of 3.0. Furthermore, functional analysis revealed that this mutation caused a complete loss of TRESK function and that the truncated subunit was also capable of down regulating wild-type channel function. This therefore highlighted KCNK18 as potentially important candidate gene and suggested that TRESK dysfunction might play a possible role in the pathogenesis of familial migraine with visual aura20. Additional screening for KCNK18 mutations in unrelated sporadic migraine and control cohorts also identified a number of other missense variants; R10G, A34V, C110R, S231P and A233V20. The A233V variant was found only in the control cohort, whilst A34V was identified in a single Australian migraine proband for which family samples were not available, but it was not detected in controls. By contrast, the R10G, C110R, and S231P variants were found in both migraineurs and controls in both cohorts. In this study, we have investigated the functional effect of these variants to further probe the potential association of TRESK dysfunction with typical migraine.
Resumo:
Objective To evaluate relative telomere length of female migraine patients. Background Migraine is a debilitating disorder affecting 6-28% of the population. Studies on the mechanisms of migraine have demonstrated genetic causes but the pathophysiology and subcellular effects of the disease remain poorly understood. Shortened telomere length is associated with age-related or chronic diseases, and induced stresses. Migraine attacks may impart significant stress on cellular function, thus this study investigates a correlation between shortening of telomeres and migraine. Methods Relative telomere length was measured using a previously described quantitative polymerase chain reaction method. A regression analysis was performed to assess differences in mean relative telomere length between migraine patients and healthy controls. Results The leukocyte telomeres of a cohort of 142 Caucasian female migraine subjects aged 18-77 years and 143 matched 17-77-year-old healthy control Caucasian women were examined.A significantly shorter relative telomere length was observed in the migraine group compared with the control group after adjusting for age and body mass index (P = .001). In addition, age of onset was observed to associate with the loss of relative telomere length, especially at early age of onset (<17 years old). No association was observed between relative telomere length and the severity and frequency of migraine attacks and the duration of migraine. Conclusion Telomeres are shorter in migraine patients and there is more variation in telomere length in migraine patients.
Resumo:
Background Migraine is a neurological disorder characterized by recurrent attacks of severe headache, affecting around 12% of Caucasian populations. It is well known that migraine has a strong genetic component, although the number and type of genes involved is still unclear. Prior linkage studies have reported mapping of a migraine gene to chromosome Xq 24–28, a region containing a cluster of genes for GABA A receptors (GABRE, GABRA3, GABRQ), which are potential candidate genes for migraine. The GABA neurotransmitter has been implicated in migraine pathophysiology previously; however its exact role has not yet been established, although GABA receptors agonists have been the target of therapeutic developments. The aim of the present research is to investigate the role of the potential candidate genes reported on chromosome Xq 24–28 region in migraine susceptibility. In this study, we have focused on the subunit GABA A receptors type ε (GABRE) and type θ (GABRQ) genes and their involvement in migraine. Methods We have performed an association analysis in a large population of case-controls (275 unrelated Caucasian migraineurs versus 275 controls) examining a set of 3 single nucleotide polymorphisms (SNPs) in the coding region (exons 3, 5 and 9) of the GABRE gene and also the I478F coding variant of the GABRQ gene. Results Our study did not show any association between the examined SNPs in our test population (P > 0.05). Conclusion Although these particular GABA receptor genes did not show positive association, further studies are necessary to consider the role of other GABA receptor genes in migraine susceptibility.
