On the security of PAS (predicate-based authentication service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

Cryptanalysis of the LAKE hash family

We analyse the security of the cryptographic hash function LAKE-256 proposed at FSE 2008 by Aumasson, Meier and Phan. By exploiting non-injectivity of some of the building primitives of LAKE, we show three different collision and near-collision attacks on the compression function. The first attack uses differences in the chaining values and the block counter and finds collisions with complexity 233. The second attack utilizes differences in the chaining values and salt and yields collisions with complexity 242. The final attack uses differences only in the chaining values to yield near-collisions with complexity 299. All our attacks are independent of the number of rounds in the compression function. We illustrate the first two attacks by showing examples of collisions and near-collisions.

Design of a traumatic injury simulator for assessing lower limb response to high loading rates

Current military conflicts are characterized by the use of the improvised explosive device. Improvements in personal protection, medical care, and evacuation logistics have resulted in increasing numbers of casualties surviving with complex musculoskeletal injuries, often leading to lifelong disability. Thus, there exists an urgent requirement to investigate the mechanism of extremity injury caused by these devices in order to develop mitigation strategies. In addition, the wounds of war are no longer restricted to the battlefield; similar injuries can be witnessed in civilian centers following a terrorist attack. Key to understanding such mechanisms of injury is the ability to deconstruct the complexities of an explosive event into a controlled, laboratory-based environment. In this article, a traumatic injury simulator, designed to recreate in the laboratory the impulse that is transferred to the lower extremity from an anti-vehicle explosion, is presented and characterized experimentally and numerically. Tests with instrumented cadaveric limbs were then conducted to assess the simulator’s ability to interact with the human in two mounting conditions, simulating typical seated and standing vehicle passengers. This experimental device will now allow us to (a) gain comprehensive understanding of the load-transfer mechanisms through the lower limb, (b) characterize the dissipating capacity of mitigation technologies, and (c) assess the bio-fidelity of surrogates.

A standing vehicle occupant is likely to sustain a more severe injury than one who has flexed knees in an under‐vehicle explosion : a cadaveric study

The lower limb of military vehicle occupants has been the most injured body part due to undervehicle explosions in recent conflicts. Understanding the injury mechanism and causality of injury severity could aid in developing better protection. Therefore, we tested 4 different occupant postures (seated, brace, standing, standing with knee locked in hyper‐extension) in a simulated under‐vehicle explosion (solid blast) using our traumatic injury simulator in the laboratory; we hypothesised that occupant posture would affect injury severity. No skeletal injury was observed in the specimens in seated and braced postures. Severe, impairing injuries were observed in the foot of standing and hyper‐extended specimens. These results demonstrate that a vehicle occupant whose posture at the time of the attack incorporates knee flexion is more likely to be protected against severe skeletal injury to the lower leg.

Source code watermarking based on function dependency oriented sequencing

In the current market, extensive software development is taking place and the software industry is thriving. Major software giants have stated source code theft as a major threat to revenues. By inserting an identity-establishing watermark in the source code, a company can prove it's ownership over the source code. In this paper, we propose a watermarking scheme for C/C++ source codes by exploiting the language restrictions. If a function calls another function, the latter needs to be defined in the code before the former, unless one uses function pre-declarations. We embed the watermark in the code by imposing an ordering on the mutually independent functions by introducing bogus dependency. Removal of dependency by the attacker to erase the watermark requires extensive manual intervention thereby making the attack infeasible. The scheme is also secure against subtractive and additive attacks. Using our watermarking scheme, an n-bit watermark can be embedded in a program having n independent functions. The scheme is implemented on several sample codes and performance changes are analyzed.

A new dynamic accumulator for batch updates

A dynamic accumulator is an algorithm, which gathers together a large set of elements into a constant-size value such that for a given element accumulated, there is a witness confirming that the element was indeed included into the value, with a property that accumulated elements can be dynamically added and deleted into/from the original set such that the cost of an addition or deletion operation is independent of the number of accumulated elements. Although the first accumulator was presented ten years ago, there is still no standard formal definition of accumulators. In this paper, we generalize formal definitions for accumulators, formulate a security game for dynamic accumulators so-called Chosen Element Attack (CEA), and propose a new dynamic accumulator for batch updates based on the Paillier cryptosystem. Our construction makes a batch of update operations at unit cost. We prove its security under the extended strong RSA (es-RSA) assumption

Constrained predictive control of ship fin stabilizers to prevent dynamic stall

In moderate to high sea states, the effectiveness of ship fin stabilizers can severely deteriorate due to nonlinear effects arising from unsteady hydrodynamic characteristics of the fins: dynamic stall. These nonlinear effects take the form of a hysteresis, and they become very significant when the effective angle of attack of the fins exceeds a certain threshold angle. Dynamic stall can result in a complete loss of control action depending on how much the fins exceed the threshold angle. When this is detected, it is common to reduce the gain of the controller that commands the fins. This approach is cautious and tends to reduce performance when the conditions leading to dynamic stall disappear. An alternative approach for preventing the effects while keeping high performance, consists of estimating the effective angle of attack and set a conservative constraint on it as part of the control objectives. In this paper, we investigate the latter approach, and propose the use of a model predictive control (MPC) to prevent the development of these nonlinear effects by considering constraints on both the mechanical angle of the fins and the effective angle of attack.

Correlates of female sexual functioning : adult attachment and differentiation of self

Introduction Female sexual functioning is affected by a range of factors including motivation, psychological well-being, and relationship issues. In understanding female sexual dysfunction (FSD), there has been a tendency to privilege diagnostic and medical over relationship issues. Aim To investigate the association between women’s experience of intimacy in close relationships - operationalized in terms of attachment and degree of differentiation of self - and FSD. Methods Two hundred and thirty sexually active Australian women responded to an invitation to complete a set of validated scales to assess potential correlates of sexual functioning. Main Outcome Measures The Female Sexuality Function Index, the Experiences in Close Relationships Scale, the Differentiation of Self Inventory, as well as a set of study-specific questions were subject to hierarchical multiple regression analyses Results Relational variables of attachment avoidance and to a lesser degree, attachment anxiety were associated with FSD. Participants with lower levels of differentiation of self were more likely to report sexual difficulties. The inability to maintain a sense of self in the presence of intimate others was the strongest predictors of sexual problems. A history of sexual abuse in adulthood and higher levels of psychological distress were also associated with sexual difficulties. Conclusions The findings provide support for a relational understanding of female sexual functioning. Attachment avoidance, attachment anxiety, and degree of differentiation of self are shown to be associated with sexual difficulties. The findings support the need to focus on relational and psychological factors in women’s experience of sex.

Practical Advice for Entrepreneurs

I am interested in the psychology of entrepreneurship—how entrepreneurs think, decide to act, and feel. I recently realized that while my publications in academic journals have implications for entrepreneurs, those implications have remained relatively hidden in the text of the articles and hidden in articles published in journals largely inaccessible to those involved in the entrepreneurial process. This book is designed to bring the practical implications of my research to the forefront. I decided to take a different approach with this book and not write it for a publisher. I did this because I wanted the ideas to be freely available: (1) I wanted those interested in practical advice for entrepreneurs to be able to freely download, distribute, and use this information (I only ask that the content be properly cited), (2) I wanted to release the chapters independently and make chapters available as they are finished, and; (3) I wanted this work to be a dialogue rather than a one-way conversation—I hope readers email me feedback (positive and negative) so that I can use this information to revise the book. In producing the journal articles underpinning this book, I have had the pleasure of working with many talented and wonderful colleagues—they are cited at the end of each chapter. I hope you find some of the advice in this book useful.

Practice & procedure : Personal Injuries Proceedings Act 2002

The decision of Atkinson J in Watkins v State of Queensland [2007] QSC 057 on an application for disclosure of documents under s27 of the Personal Injuries Proceedings Act 2002 (Qld) required determination of a range of issues relating to the disclosure of documents and legal professional privilege.

The loss of carbon dioxide from activated perbenzoate anions in the gas phase : Unimolecular rearrangement via epoxidation of the benzene ring

The unimolecular reactivities of a range of perbenzoate anions (X-C6H5CO3-), including the perbenzoate anion itself (X=H), nitroperbenzoates (X=para-, meta-, ortho-NO2), and methoxyperbenzoates (X=para-, meta-OCH3) were investigated in the gas phase by electrospray ionization tandem mass spectrometry. The collision-induced dissociation mass spectra of these compounds reveal product ions consistent with a major loss of carbon dioxide requiring unimolecular rearrangement of the perbenzoate anion prior to fragmentation. Isotopic labeling of the perbenzoate anion supports rearrangement via an initial nucleophilic aromatic substitution at the ortho carbon of the benzene ring, while data from substituted perbenzoates indicate that nucleophilic attack at the ipso carbon can be induced in the presence of electron-withdrawing moieties at the ortho and para positions. Electronic structure calculations carried out at the B3LYP/6311++G(d,p) level of theory reveal two competing reaction pathways for decarboxylation of perbenzoate anions via initial nucleophilic substitution at the ortho and ipso positions, respectively. Somewhat surprisingly, however, the computational data indicate that the reaction proceeds in both instances via epoxidation of the benzene ring with decarboxylation resulting-at least initially-in the formation of oxepin or benzene oxide anions rather than the energetically favored phenoxide anion. As such, this novel rearrangement of perbenzoate anions provides an intriguing new pathway for epoxidation of the usually inert benzene ring.

Crisis on impact : responding to cyber attacks on critical information infrastructures

In the developing digital economy, the notion of traditional attack on enterprises of national significance or interest has transcended into different modes of electronic attack, surpassing accepted traditional forms of physical attack upon a target. The terrorist attacks that took place in the United States on September 11, 2001 demonstrated the physical devastation that could occur if any nation were the target of a large-scale terrorist attack. Therefore, there is a need to protect criticalnational infrastructure and critical information infrastructure. In particular,this protection is crucial for the proper functioning of a modern society and for a government to fulfill one of its most important prerogatives – namely, the protection of its people. Computer networks have many benefits that governments, corporations, and individuals alike take advantage of in order to promote and perform their duties and roles. Today, there is almost complete dependence on private sector telecommunication infrastructures and the associated computer hardware and software systems.1 These infrastructures and systems even support government and defense activity.2 This Article discusses possible attacks on critical information infrastructures and the government reactions to these attacks.

Motor Accident Insurance Act 1994 - obligation to disclose

In Turpin v Allianz Australia Insurance Ltd (unreported, Supreme Court of Queensland, S5216 of 2001), Mullins J, 17.10.2001) the plaintiff applied for a declaration that the respondent disclose pursuant to s47 of the Motor Accident Insurance Act 1994 copies of three statements referred to in a loss assessor's investigation report as "attached". The issue involved determination of whether the statements must be disclosed under s48(2) even though protected by legal professional privilege. The Court applied the decision of the Queensland Court of Appeal in James v Workcover Queensland.

Hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in alkaline soil and aqueous solutions

The hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in aqueous buffer solutions and in soil suspensions at pH values ranging from 5.2 to 11.2 was investigated. Hydrolysis of all three compounds in both aqueous buffer and soil suspensions was highly pH-sensitive. The rate of hydrolysis was much faster in the acidic pH range (5.2-6.2) than under neutral and moderately alkaline conditions (8.2-9.4), but it increased rapidly as the pH exceeded 10.2. All three compounds degraded faster at pH 5.2 than at pH 11.2. Hydrolysis rates of all three compounds could be described well with pseudo-first-order kinetics. There were no significant differences (P =0.05) in the rate constants (k, day-1) of the three compounds in soil suspensions from those in buffer solutions within the pH ranges studied. A functional relationship based on the propensity of nonionic and anionic species of the herbicides to hydrolyse was used to describe the dependence of the 'rate constant' on pH. The hydrolysis involving attack by neutral water was at least 100-fold faster when the sulfonylurea herbicides were undissociated (acidic conditions) than when they were present as the anion at near neutral pH. In aqueous buffer solution at pH > 11, a prominent degradation pathway involved O-demethylation of metsulfuron-methyl to yield a highly polar degradate, and hydrolytic opening of the triazine ring. It is concluded that these herbicides are not likely to degrade substantially through hydrolysis in most agricultural (C) 2000 Society of Chemical Industry.

Security analysis of the non-aggressive challenge response of the DNP3 Protocol using a CPN Model

Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.