Crisis on impact : responding to cyber attacks on critical information infrastructures

In the developing digital economy, the notion of traditional attack on enterprises of national significance or interest has transcended into different modes of electronic attack, surpassing accepted traditional forms of physical attack upon a target. The terrorist attacks that took place in the United States on September 11, 2001 demonstrated the physical devastation that could occur if any nation were the target of a large-scale terrorist attack. Therefore, there is a need to protect criticalnational infrastructure and critical information infrastructure. In particular,this protection is crucial for the proper functioning of a modern society and for a government to fulfill one of its most important prerogatives – namely, the protection of its people. Computer networks have many benefits that governments, corporations, and individuals alike take advantage of in order to promote and perform their duties and roles. Today, there is almost complete dependence on private sector telecommunication infrastructures and the associated computer hardware and software systems.1 These infrastructures and systems even support government and defense activity.2 This Article discusses possible attacks on critical information infrastructures and the government reactions to these attacks.

Hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in alkaline soil and aqueous solutions

The hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in aqueous buffer solutions and in soil suspensions at pH values ranging from 5.2 to 11.2 was investigated. Hydrolysis of all three compounds in both aqueous buffer and soil suspensions was highly pH-sensitive. The rate of hydrolysis was much faster in the acidic pH range (5.2-6.2) than under neutral and moderately alkaline conditions (8.2-9.4), but it increased rapidly as the pH exceeded 10.2. All three compounds degraded faster at pH 5.2 than at pH 11.2. Hydrolysis rates of all three compounds could be described well with pseudo-first-order kinetics. There were no significant differences (P =0.05) in the rate constants (k, day-1) of the three compounds in soil suspensions from those in buffer solutions within the pH ranges studied. A functional relationship based on the propensity of nonionic and anionic species of the herbicides to hydrolyse was used to describe the dependence of the 'rate constant' on pH. The hydrolysis involving attack by neutral water was at least 100-fold faster when the sulfonylurea herbicides were undissociated (acidic conditions) than when they were present as the anion at near neutral pH. In aqueous buffer solution at pH > 11, a prominent degradation pathway involved O-demethylation of metsulfuron-methyl to yield a highly polar degradate, and hydrolytic opening of the triazine ring. It is concluded that these herbicides are not likely to degrade substantially through hydrolysis in most agricultural (C) 2000 Society of Chemical Industry.

Security analysis of the non-aggressive challenge response of the DNP3 Protocol using a CPN Model

Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.

Root caries patterns and risk factors of middle-aged and elderly people in China

The objectives of this study were to describe root caries patterns of Chinese adults and to analyze the effect of selected demographic and socioeconomic factors on these patterns. A total sample of 1080 residents aged 35-44-years-old and 1080 residents aged 65-74-years-old from three urban and three rural survey sites in Hubei Province participated in both an oral health interview and a clinical oral health examination. Root surface caries prevalence rates were 13.1% in the middle-aged group and 43.9% in the elderly group. The mean number of teeth affected by caries in the middle-aged group was reported at 0.21 and 1.0 in the elderly group. Mean Root Caries Index (RCI) scores of the middle-aged were reported at 6.29 and elderly subjects were reported at 11.95. Elderly people living in rural areas reported a higher RCI score (13.24) than those living in urban areas (10.70). A significantly higher frequency of root surface caries was observed in elderly participants (P < 0.001, OR = 3.80) and ethnic minorities (P < 0.001, OR = 1.93). In addition, smokers, nontea drinkers, and those with an annual household income of 10,000 yuan or less tended to have higher caries prevalence. RCI figures for the different tooth types ranged from 1% to 16%, indicating a wide variation in attack rates. In conclusion, our study suggests that root surface caries occurrence is high among the Chinese adult population, especially older adults. With an increasing number of retained teeth in both middle-aged and elderly people, root caries is a growing disease in the People's Republic of China which deserves more attention in future research.

Algebraic attacks on SOBER-t32 and SOBER-t16 without stuttering

This paper presents algebraic attacks on SOBER-t32 and SOBER-t16 without stuttering. For unstuttered SOBER-t32, two different attacks are implemented. In the first attack, we obtain multivariate equations of degree 10. Then, an algebraic attack is developed using a collection of output bits whose relation to the initial state of the LFSR can be described by low-degree equations. The resulting system of equations contains 2^69 equations and monomials, which can be solved using the Gaussian elimination with the complexity of 2^196.5. For the second attack, we build a multivariate equation of degree 14. We focus on the property of the equation that the monomials which are combined with output bit are linear. By applying the Berlekamp-Massey algorithm, we can obtain a system of linear equations and the initial states of the LFSR can be recovered. The complexity of attack is around O(2^100) with 2^92 keystream observations. The second algebraic attack is applicable to SOBER-t16 without stuttering. The attack takes around O(2^85) CPU clocks with 2^78 keystream observations.

Cheating prevention in linear secret sharing

Cheating detection in linear secret sharing is considered. The model of cheating extends the Tompa-Woll attack and includes cheating during multiple (unsuccessful) recovery of the secret. It is shown that shares in most linear schemes can be split into subshares. Subshares can be used by participants to trade perfectness of the scheme with cheating prevention. Evaluation of cheating prevention is given in the context of different strategies applied by cheaters.

Finding good differential patterns for attacks on SHA-1

In this paper we analyse properties of the message expansion algorithm of SHA-1 and describe a method of finding differential patterns that may be used to attack reduced versions of SHA-1. We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code. Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.

Cryptanalysis of block ciphers with overdefined systems of equations

Several recently proposed ciphers, for example Rijndael and Serpent, are built with layers of small S-boxes interconnected by linear key-dependent layers. Their security relies on the fact, that the classical methods of cryptanalysis (e.g. linear or differential attacks) are based on probabilistic characteristics, which makes their security grow exponentially with the number of rounds N r r. In this paper we study the security of such ciphers under an additional hypothesis: the S-box can be described by an overdefined system of algebraic equations (true with probability 1). We show that this is true for both Serpent (due to a small size of S-boxes) and Rijndael (due to unexpected algebraic properties). We study general methods known for solving overdefined systems of equations, such as XL from Eurocrypt’00, and show their inefficiency. Then we introduce a new method called XSL that uses the sparsity of the equations and their specific structure. The XSL attack uses only relations true with probability 1, and thus the security does not have to grow exponentially in the number of rounds. XSL has a parameter P, and from our estimations is seems that P should be a constant or grow very slowly with the number of rounds. The XSL attack would then be polynomial (or subexponential) in N r> , with a huge constant that is double-exponential in the size of the S-box. The exact complexity of such attacks is not known due to the redundant equations. Though the presented version of the XSL attack always gives always more than the exhaustive search for Rijndael, it seems to (marginally) break 256-bit Serpent. We suggest a new criterion for design of S-boxes in block ciphers: they should not be describable by a system of polynomial equations that is too small or too overdefined.

Cryptanalysis of FORK-256

In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with complexity of 2^125 (resp. 2^120) and with negligible memory, and by exhibiting a 22-bit near pseudo-collision. We also show that we can find collisions for the full compression function with a small amount of memory with complexity not exceeding 2^126.6 hash evaluations. We further show how to reduce this complexity to 2^109.6 hash computations by using 273 memory words. Finally, we show that this attack can be extended with no additional cost to find collisions for the full hash function, i.e. with the predefined IV.

Social engineering in social networking sites : how good becomes evil

Social Engineering (ES) is now considered the great security threat to people and organizations. Ever since the existence of human beings, fraudulent and deceptive people have used social engineering tricks and tactics to trick victims into obeying them. There are a number of social engineering techniques that are used in information technology to compromise security defences and attack people or organizations such as phishing, identity theft, spamming, impersonation, and spaying. Recently, researchers have suggested that social networking sites (SNSs) are the most common source and best breeding grounds for exploiting the vulnerabilities of people and launching a variety of social engineering based attacks. However, the literature shows a lack of information about what types of social engineering threats exist on SNSs. This study is part of a project that attempts to predict a persons’ vulnerability to SE based on demographic factors. In this paper, we demonstrate the different types of social engineering based attacks that exist on SNSs, the purposes of these attacks, reasons why people fell (or did not fall) for these attacks, based on users’ opinions. A qualitative questionnaire-based survey was conducted to collect and analyse people’s experiences with social engineering tricks, deceptions, or attacks on SNSs.

Cryptology and network security

This book constitutes the refereed proceedings of the 11th International Conference on Cryptology and Network Security, CANS 2012, held in Darmstadt, Germany, in December 2012. The 22 revised full papers, presented were carefully reviewed and selected from 99 submissions. The papers are organized in topical sections on cryptanalysis; network security; cryptographic protocols; encryption; and s-box theory.

Parallel authentication and public-key encryption

A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.

Hybrid graphite film–carbon nanotube platform for enzyme immobilization and protection

A novel platform consisting of a multilayered substrate, activated graphite-like carbon film, and dense forest of long, vertically-aligned multiwall carbon nanotubes grown by the chemical vapor deposition is designed, fabricated, and tested for covalent immobilization of enzymatic biocatalysts with the aim of protecting them from shear forces and microbial attacks present in bioreactors. The covalent bonding ensures enzyme retention in a flow, while the dense nanotube forest may serve as a protection of the enzymes from microbial attack without impeding the flow of reactants and products. This platform was demonstrated for the two reference enzymes, horseradish peroxidase and catalase, which were immobilized without degrading their biological activity. This combination of an activated carbon layer for an efficient immobilization of biocatalysts with a protective layer of inert carbon nanotubes could dramatically improve the efficiency and longevity of enzymatic bio-catalysis employed in a large variety of advanced biotechnological processes.

Modes of nanotube growth in plasmas and reasons for single-walled structure

The conditions for carbon nanotube synthesis in the bulk of arc discharges and on plasma-exposed solid surfaces are compared to reveal the main distinguishing features of the growth kinetics and explain the striking difference between the growth of the nanotubes in both cases. It is shown that this difference is due to very different exposure of the discharge-synthesized and surface-bound nanotubes to ion fluxes, with the ratio of the ion fluxes collected per nanotube in the two cases reaching up to six orders of magnitude. Depending on the plasma parameters and the sizes of the nanotubes and metal catalyst particles, four distinct growth modes of the nanotubes in the plasma bulk have been identified. These results shed light on why single-walled carbon nanotube growth is more favourable in the bulk of arc plasmas rather than on plasma-exposed surfaces.

Malleability attacks on multi-party key agreement protocols

Multi-party key agreement protocols indirectly assume that each principal equally contributes to the final form of the key. In this paper we consider three malleability attacks on multi-party key agreement protocols. The first attack, called strong key control allows a dishonest principal (or a group of principals) to fix the key to a pre-set value. The second attack is weak key control in which the key is still random, but the set from which the key is drawn is much smaller than expected. The third attack is named selective key control in which a dishonest principal (or a group of dishonest principals) is able to remove a contribution of honest principals to the group key. The paper discusses the above three attacks on several key agreement protocols, including DH (Diffie-Hellman), BD (Burmester-Desmedt) and JV (Just-Vaudenay). We show that dishonest principals in all three protocols can weakly control the key, and the only protocol which does not allow for strong key control is the DH protocol. The BD and JV protocols permit to modify the group key by any pair of neighboring principals. This modification remains undetected by honest principals.