The BRUTUS Automatic Cryptanalytic Framework: Testing CAESAR Authenticated Encryption Candidates for Weaknesses

This report summarizes our results from security analysis covering all 57 competitions for authenticated encryption: security, applicability, and robustness (CAESAR) first-round candidates and over 210 implementations. We have manually identified security issues with three candidates, two of which are more serious, and these ciphers have been withdrawn from the competition. We have developed a testing framework, BRUTUS, to facilitate automatic detection of simple security lapses and susceptible statistical structures across all ciphers. From this testing, we have security usage notes on four submissions and statistical notes on a further four. We highlight that some of the CAESAR algorithms pose an elevated risk if employed in real-life protocols due to a class of adaptive-chosen-plaintext attacks. Although authenticated encryption with associated data are often defined (and are best used) as discrete primitives that authenticate and transmit only complete messages, in practice, these algorithms are easily implemented in a fashion that outputs observable ciphertext data when the algorithm has not received all of the (attacker-controlled) plaintext. For an implementor, this strategy appears to offer seemingly harmless and compliant storage and latency advantages. If the algorithm uses the same state for secret keying information, encryption, and integrity protection, and the internal mixing permutation is not cryptographically strong, an attacker can exploit the ciphertext–plaintext feedback loop to reveal secret state information or even keying material. We conclude that the main advantages of exhaustive, automated cryptanalysis are that it acts as a very necessary sanity check for implementations and gives the cryptanalyst insights that can be used to focus more specific attack methods on given candidates.

A Cyber-Physical Security Analysis of Synchronous-Islanded Microgrid Operation

Cyber-security research in the field of smart grids is often performed with a focus on either the power and control domain or the Information and Communications Technology (ICT) domain. The characteristics of the power equipment or ICT domain are commonly not collectively considered. This work provides an analysis of the physical effects of cyber-attacks on microgrids – a smart grid construct that allows continued power supply when disconnected from a main grid. Different types of microgrid operations are explained (connected, islanded and synchronous-islanding) and potential cyber-attacks and their physical effects are analyzed. A testbed that is based on physical power and ICT equipment is presented to validate the results in both the physical and ICT domain.

Impact of Referral Protocols on the Dental Management of Patients Undergoing Treatment for Head and Neck Oncology in Northern Ireland

Objective: To evaluate the handling, by a group of practice-based researchers, of a recently introduced bulk fill resin-based composite restorative material, Filtek Bulk Fill Restorative (3M ESPE).

Methods: The twelve selected evaluators were sent explanatory letters, a pack of the material under investigation to use for 8 weeks, and a questionnaire.

Results: The evaluators rated the ease of use of the bulk fill restorative the same as the previously used posterior composite material. The provision of one shade only for evaluation may have compromised the score for aesthetic quality. No post-operative sensitivity was reported.

Conclusions: The bulk fill material was well received as indicated by the high number of evaluators who would both purchase the material and recommend it to colleagues.

Clinical relevance: A recently introduced bulk fill restorative material achieved a rating for handling which was similar to the evaluators’ previously used resin composite, although there were some concerns regarding the translucency of the material.

On the Security of Balanced Encoding Countermeasures

Most cryptographic devices should inevitably have a resistance against the threat of side channel attacks. For this, masking and hiding schemes have been proposed since 1999. The security validation of these countermeasures is an ongoing research topic, as a wider range of new and existing attack techniques are tested against these countermeasures. This paper examines the side channel security of the balanced encoding countermeasure, whose aim is to process the secret key-related data under a constant Hamming weight and/or Hamming distance leakage. Unlike previous works, we assume that the leakage model coefficients conform to a normal distribution, producing a model with closer fidelity to real-world implementations. We perform analysis on the balanced encoded PRINCE block cipher with simulated leakage model and also an implementation on an AVR board. We consider both standard correlation power analysis (CPA) and bit-wise CPA. We confirm the resistance of the countermeasure against standard CPA, however, we find with a bit-wise CPA that we can reveal the key with only a few thousands traces.

Twitter Sentiment Analysis for Security-Related Information Gathering

Analysing public sentiment about future events, such as demonstration or parades, may provide valuable information while estimating the level of disruption and disorder during these events. Social media, such as Twitter or Facebook, provides views and opinions of users related to any public topics. Consequently, sentiment analysis of social media content may be of interest to different public sector organisations, especially in the security and law enforcement sector. In this paper we present a lexicon-based approach to sentiment analysis of Twitter content. The algorithm performs normalisation of the sentiment in an effort to provide intensity of the sentiment rather than positive/negative label. Following this, we evaluate an evidence-based combining function that supports the classification process in cases when positive and negative words co-occur in a tweet. Finally, we illustrate a case study examining the relation between sentiment of twitter posts related to English Defence League and the level of disorder during the EDL related events.

Internet of Things. A proposed secured network topology

The myriad of technologies and protocols working at different layers pose significant security challenges in the upcoming Internet of Things (IoT) paradigm. Security features and needs vary from application to application and it is layer specific. In addition, security has to consider the constraints imposed by energy limited sensor nodes and consider the specific target application in order to provide security at different layers. This paper analyses current standardization efforts and protocols. It proposes a generic secured network topology for IoT and describes the relevant security challenges. Some exploitation examples are also provided.

Exploiting Direct Links for Physical Layer Security in Multi-User Multi-Relay Networks

We present two physical layer secure transmission schemes for multi-user multi-relay networks, where the communication from M users to the base station is assisted by direct links and by N decode-and-forward relays. In this network, we consider that a passive eavesdropper exists to overhear the transmitted information, which entails exploiting the advantages of both direct and relay links for physical layer security enhancement. To fulfill this requirement, we investigate two criteria for user and relay selection and examine the achievable secrecy performance. Criterion I performs a joint user and relay selection, while Criterion II performs separate user and relay selections, with a lower implementation complexity. We derive a tight lower bound on the secrecy outage probability for Criterion I and an accurate analytical expression for the secrecy outage probability for Criterion II. We further derive the asymptotic secrecy outage probabilities at high transmit signal-to-noise ratios and high main-to-eavesdropper ratios for both criteria. We demonstrate that the secrecy diversity order is min (MN, M + N) for Criterion I, and N for Criterion II. Finally, we present numerical and simulation results to validate the proposed analysis, and show the occurrence condition of the secrecy outage probability floor

Methodologies for traffic profiling in communication networks

Internet Tra c, Internet Applications, Internet Attacks, Tra c Pro ling, Multi-Scale Analysis abstract Nowadays, the Internet can be seen as an ever-changing platform where new and di erent types of services and applications are constantly emerging. In fact, many of the existing dominant applications, such as social networks, have appeared recently, being rapidly adopted by the user community. All these new applications required the implementation of novel communication protocols that present di erent network requirements, according to the service they deploy. All this diversity and novelty has lead to an increasing need of accurately pro ling Internet users, by mapping their tra c to the originating application, in order to improve many network management tasks such as resources optimization, network performance, service personalization and security. However, accurately mapping tra c to its originating application is a di cult task due to the inherent complexity of existing network protocols and to several restrictions that prevent the analysis of the contents of the generated tra c. In fact, many technologies, such as tra c encryption, are widely deployed to assure and protect the con dentiality and integrity of communications over the Internet. On the other hand, many legal constraints also forbid the analysis of the clients' tra c in order to protect their con dentiality and privacy. Consequently, novel tra c discrimination methodologies are necessary for an accurate tra c classi cation and user pro ling. This thesis proposes several identi cation methodologies for an accurate Internet tra c pro ling while coping with the di erent mentioned restrictions and with the existing encryption techniques. By analyzing the several frequency components present in the captured tra c and inferring the presence of the di erent network and user related events, the proposed approaches are able to create a pro le for each one of the analyzed Internet applications. The use of several probabilistic models will allow the accurate association of the analyzed tra c to the corresponding application. Several enhancements will also be proposed in order to allow the identi cation of hidden illicit patterns and the real-time classi cation of captured tra c. In addition, a new network management paradigm for wired and wireless networks will be proposed. The analysis of the layer 2 tra c metrics and the di erent frequency components that are present in the captured tra c allows an e cient user pro ling in terms of the used web-application. Finally, some usage scenarios for these methodologies will be presented and discussed.