922 resultados para Security risk
Resumo:
At CRYPTO 2006, Halevi and Krawczyk proposed two randomized hash function modes and analyzed the security of digital signature algorithms based on these constructions. They showed that the security of signature schemes based on the two randomized hash function modes relies on properties similar to the second preimage resistance rather than on the collision resistance property of the hash functions. One of the randomized hash function modes was named the RMX hash function mode and was recommended for practical purposes. The National Institute of Standards and Technology (NIST), USA standardized a variant of the RMX hash function mode and published this standard in the Special Publication (SP) 800-106. In this article, we first discuss a generic online birthday existential forgery attack of Dang and Perlner on the RMX-hash-then-sign schemes. We show that a variant of this attack can be applied to forge the other randomize-hash-then-sign schemes. We point out practical limitations of the generic forgery attack on the RMX-hash-then-sign schemes. We then show that these limitations can be overcome for the RMX-hash-then-sign schemes if it is easy to find fixed points for the underlying compression functions, such as for the Davies-Meyer construction used in the popular hash functions such as MD5 designed by Rivest and the SHA family of hash functions designed by the National Security Agency (NSA), USA and published by NIST in the Federal Information Processing Standards (FIPS). We show an online birthday forgery attack on this class of signatures by using a variant of Dean’s method of finding fixed point expandable messages for hash functions based on the Davies-Meyer construction. This forgery attack is also applicable to signature schemes based on the variant of RMX standardized by NIST in SP 800-106. We discuss some important applications of our attacks and discuss their applicability on signature schemes based on hash functions with ‘built-in’ randomization. Finally, we compare our attacks on randomize-hash-then-sign schemes with the generic forgery attacks on the standard hash-based message authentication code (HMAC).
Resumo:
We present some improved analytical results as part of the ongoing work on the analysis of Fugue-256 hash function, a second round candidate in the NIST’s SHA3 competition. First we improve Aumasson and Phans’ integral distinguisher on the 5.5 rounds of the final transformation of Fugue-256 to 16.5 rounds. Next we improve the designers’ meet-in-the-middle preimage attack on Fugue-256 from 2480 time and memory to 2416. Finally, we comment on possible methods to obtain free-start distinguishers and free-start collisions for Fugue-256.
Resumo:
Halevi and Krawczyk proposed a message randomization algorithm called RMX as a front-end tool to the hash-then-sign digital signature schemes such as DSS and RSA in order to free their reliance on the collision resistance property of the hash functions. They have shown that to forge a RMX-hash-then-sign signature scheme, one has to solve a cryptanalytical task which is related to finding second preimages for the hash function. In this article, we will show how to use Dean’s method of finding expandable messages for finding a second preimage in the Merkle-Damgård hash function to existentially forge a signature scheme based on a t-bit RMX-hash function which uses the Davies-Meyer compression functions (e.g., MD4, MD5, SHA family) in 2 t/2 chosen messages plus 2 t/2 + 1 off-line operations of the compression function and similar amount of memory. This forgery attack also works on the signature schemes that use Davies-Meyer schemes and a variant of RMX published by NIST in its Draft Special Publication (SP) 800-106. We discuss some important applications of our attack.
Resumo:
Protection of passwords used to authenticate computer systems and networks is one of the most important application of cryptographic hash functions. Due to the application of precomputed memory look up attacks such as birthday and dictionary attacks on the hash values of passwords to find passwords, it is usually recommended to apply hash function to the combination of both the salt and password, denoted salt||password, to prevent these attacks. In this paper, we present the first security analysis of salt||password hashing application. We show that when hash functions based on the compression functions with easily found fixed points are used to compute the salt||password hashes, these hashes are susceptible to precomputed offline birthday attacks. For example, this attack is applicable to the salt||password hashes computed using the standard hash functions such as MD5, SHA-1, SHA-256 and SHA-512 that are based on the popular Davies-Meyer compression function. This attack exposes a subtle property of this application that although the provision of salt prevents an attacker from finding passwords, salts prefixed to the passwords do not prevent an attacker from doing a precomputed birthday attack to forge an unknown password. In this forgery attack, we demonstrate the possibility of building multiple passwords for an unknown password for the same hash value and salt. Interestingly, password||salt (i.e. salts suffixed to the passwords) hashes computed using Davies-Meyer hash functions are not susceptible to this attack, showing the first security gap between the prefix-salt and suffix-salt methods of hashing passwords.
Resumo:
Male and Female, Cyclist and Driver Perceptions of Crash Risk in Critical Road Situations. Governments are promoting cycling but many Australians, particularly women, do not ride because they perceive it to be too risky. This research compared the risks perceived by female and male, cyclists and drivers in specific on-road situations, accounting for factors such as travel patterns and experience, perceived skill, and risk taking behaviours. Compared to their male counterparts, female cyclists and drivers gave similarly elevated perceptions of risk. These differences are not completely accounted for by cycling patterns or perceptions of skill. Thus, these gender differences are not specific to cycling, but may reflect wider differences in risk perception.
Resumo:
Background: This study attempted to develop health risk-based metrics for defining a heatwave in Brisbane, Australia. Methods: Poisson generalised additive model was performed to assess the impact of heatwaves on mortality and emergency hospital admissions (EHAs) in Brisbane. Results: In general, the higher the intensity and the longer the duration of a heatwave, the greater the health impacts. There was no apparent difference in EHAs risk during different periods of a warm season. However, there was a greater risk of mortality in the second half of a warm season than that in the first half. While elderly (>75 years)were particularly vulnerable to both the EHA and mortality effects of a heatwave, the risk for EHAs also significantly increased for two other age groups (0-64 years and 65-74 years) during severe heatwaves. Different patterns between cardiorespiratory mortality and EHAs were observed. Based on these findings, we propose the use of a teiered heat warning system based on the health risk of heatwave. Conclusions: Health risk-based metrics are a useful tool for the development of local heatwave definitions. thsi tool may have significant implications for the assessment of heatwave-related health consequences and development of heatwave response plans and implementation strategies.
Resumo:
Severe dioxin contamination at Bien Hoa and Da Nang airbases, Vietnam is of international concern. Public Health risk reduction programs were implemented in Bien Hoa in 2007-2009 and in Da Nang in 2009-2011. In 2009 and 2011 we reported the encouraging results of these interventions in improving the knowledge, attitude and practices (KAP) of local residents in reducing the dioxin exposure risk through foods. In 2013 we revisited these dioxin hot spots, aimed to evaluate whether the results of the intervention were maintained and to identify factors affecting the sustainability of the programs. To assess this, 16 in-depth interviews, six focus group discussions, and pre and post intervention KAP surveys were undertaken. 800 respondents from six intervention wards and 200 respondents from Buu Long Ward (the control site) were randomly selected to participate in the surveys. The results showed that as of 2013, the programs were rated as "moderately sustained" with a score of 3.3 out of 5.0 (cut off points 2.5 to <3.5) for Bien Hoa, and "well sustained" with a score of 3.8 out of 5.0 (cut off points 3.5 to <4.5) for Da Nang. Most formal intervention program activities had ceased and dioxin risk communication activities were no longer integrated into local routine health education programs. However, the main outcomes were maintained and were better than that in the control ward. Migration, lack of official guidance from City People's Committees and local authorities as well as the politically sensitive nature of dioxin issues were the main challenges for the sustainability of the programs.
Resumo:
In 2003 Robert Fardon was the first prisoner to be detained under the Dangerous Prisoners (Sexual Offenders) Act 2003 (Qld), the first of the new generation preventive detention laws enacted in Australia and directed at keeping sex offenders in prison or under supervision beyond the expiry of their sentences where a court decides, on the basis of psychiatric assessments, that unconditional release would create an unacceptable risk to the community. A careful examination of Fardon’s case shows the extent to which the administration of the regime was from the outset governed by politics and political calculation rather than the logic of risk management and community protection. In 2003 Robert Fardon was the first person detained under the Dangerous Prisoners (Sexual Offenders) Act 2003 (Qld) (hereafter DPSOA), a newly enacted Queensland law aimed at the preventive detention of sex offenders. It was the first of a new generation of such laws introduced in Australia, now also in force in NSW, Western Australia and Victoria. The laws have been widely criticized by lawyers, academics and others (Keyzer and McSherry 2009; Edgely 2007). In this article I want to focus on the details of how the Queensland law was administered in Fardon’s case, he being perhaps the most well-known prisoner detained under such laws and certainly the longest held. It will show, I hope, that seemingly abstract rule of law principles invoked by other critics are not simply abstract: they afford a crucial practical safeguard against the corruption of criminal justice in which the ends both of community protection and of justice give way to opportunistic exploitation of ‘the mythic resonance of crime and punishment for electoral purposes’ (Scheingold 1998: 888).
Resumo:
Background Chronic leg ulcers, remaining unhealed after 4–6 weeks, affect 1-3% of the population, with treatment costly and health service resource intensive. Venous disease contributes to approximately 70% of all chronic leg ulcers and these ulcers are often associated with pain, reduced mobility and a decreased quality of life. Despite evidence-based care, 30% of these ulcers are unlikely to heal within a 24-week period and therefore the recognition and identification of risk factors for delayed healing of venous leg ulcers would be beneficial. Aim To review the available evidence on risk factors for delayed healing of venous leg ulcers. Methods: A review of the literature in regard to risk factors for delayed healing in venous leg ulcers was conducted from January 2000 to December 2013. Evidence was sourced through searches of relevant databases and websites for resources addressing risk factors for delayed healing in venous leg ulcers specifically. Results Twenty-seven studies, of mostly low-level evidence (Level III and IV), identified risk factors associated with delayed healing. Risk factors that were consistently identified included: larger ulcer area, longer ulcer duration, a previous history of ulceration, venous abnormalities and lack of high compression. Additional potential predictors with inconsistent or varying evidence to support their influence on delayed healing of venous leg ulcers included decreased mobility and/or ankle range of movement, poor nutrition and increased age. Discussion Findings from this review indicate that a number of physiological risk factors are asso- ciated with delayed healing in venous leg ulcers and that social and/or psychological risk factors should also be considered and examined further. Conclusion The findings from this review can assist health professionals to identify prognostic indicators or risk factors significantly associated with delayed healing in venous leg ulcers. This will facilitate realistic outcome planning and inform implementation of appropriate early strategies to promote healing.
Resumo:
Since the beginning of 1980s, the Iranian health care system has undergone several reforms designed to increase accessibility of health services. Notwithstanding these reforms, out-of-pocket payments which create a barrier to access health services contribute almost half of total health are financing in Iran. This study aimed to provide a greater understanding about the inequality and determinants of the out-of-pocket expenditure (OOPE) and the related catastrophic expenditure (CE) for hospital services in Iran using a nationwide survey data, the 2003 Utilisation of Health Services Survey (UHSS). The concentration index and the Heckman selection model were used to assess inequality and factors associated with these expenditures. Inequality analysis suggests that the CE is concentrated among households in lower socioeconomic levels. The results of the Heckman selection model indicate that factors such as length of stay, admission to a hospital owned by private sector or Ministry of Health and Medical Education, and living in remote areas are positively associated with higher OOPE. Results of the ordered-probit selection model demonstrate that length of stay, lower household wealth index, and admission to a private hospital are major factors contributing to the increase in the probability of CE. Also, we find that households living in East Azarbaijan, Kordestan and Sistan and Balochestan face a higher level of CE. Based on our findings, the current employer-sponsored health insurance system does not offer equal protection against hospital expenditure in Iran. It seems that a single universal health insurance scheme that covers health services for all Iranian—regardless of their employment status—can better protect households from catastrophic health spending.
Resumo:
Background The high recurrence rate of chronic venous leg ulcers has a significant impact on an individual’s quality of life and healthcare costs. Objectives This study aimed to identify risk and protective factors for recurrence of venous leg ulcers using a theoretical approach by applying a framework of self and family management of chronic conditions to underpin the study. Design Secondary analysis of combined data collected from three previous prospective longitudinal studies. Setting The contributing studies’ participants were recruited from two metropolitan hospital outpatient wound clinics and three community-based wound clinics. Participants Data were available on a sample of 250 adults, with a leg ulcer of primarily venous aetiology, who were followed after ulcer healing for a median follow-up time of 17 months after healing (range: 3 to 36 months). Methods Data from the three studies were combined. The original participant data were collected through medical records and self-reported questionnaires upon healing and every 3 months thereafter. A Cox proportion-hazards regression analysis was undertaken to determine the influential factors on leg ulcer recurrence based on the proposed conceptual framework. Results The median time to recurrence was 42 weeks (95% CI 31.9–52.0), with an incidence of 22% (54 of 250 participants) recurrence within three months of healing, 39% (91 of 235 participants) for those who were followed for six months, 57% (111 of 193) by 12 months, 73% (53 of 72) by two years and 78% (41 of 52) of those who were followed up for three years. A Cox proportional-hazards regression model revealed that the risk factors for recurrence included a history of deep vein thrombosis (HR 1.7, 95% CI 1.07–2.67, p=0.024), history of multiple previous leg ulcers (HR 4.4, 95% CI 1.84–10.5, p=0.001), and longer duration (in weeks) of previous ulcer (HR 1.01, 95% CI 1.003–1.01, p<0.001); while the protective factors were elevating legs for at least 30 minutes per day (HR 0.33, 95% CI 0.19–0.56, p<0.001), higher levels of self-efficacy (HR 0.95, 95% CI 0.92–0.99, p=0.016), and walking around for at least three hours/day (HR 0.66, 95% CI 0.44–0.98, p=0.040). Conclusions Results from this study provide a comprehensive examination of risk and protective factors associated with leg ulcer recurrence based on the chronic disease self and family management framework. These results in turn provide essential steps towards developing and testing interventions to promote optimal prevention strategies for venous leg ulcer recurrence.
Resumo:
Many drivers and non-cyclists perceive cycling as an extremely risky activity with women in particular being concerned about the risk of injury. The low rates of cycling participation by women pose a threat to the achievement of government targets for cycling participation and restrict the potential transport, health and environmental benefits that increased levels of cycling could provide. This study seeks to extend earlier research in gender and cycling by comparing the risks perceived by female and male cyclists and drivers in specific on-road situations while accounting for other potentially gender-related factors such as travel patterns and experience, perceived skill, and risk taking behaviors. In an online survey, 444 regular cyclists and 151 (non-cyclist) car drivers rated the level of risk in six situations: Failing to yield; Going through a red light; Not signaling when turning; Swerving; Tailgating; and Not checking traffic. The study found that the higher levels of risk perceived by women are not completely accounted for by differences in cycling patterns or perceptions of skill. Compared to their male counterparts, female cyclists and car drivers had similarly elevated perceptions of risk suggesting that these gender differences are not specific to cycling, but reflect wider differences in risk perception. Not all of the gender differences were consistent across cyclists and drivers. Higher levels of perceived skill were evident for male cyclists but not for male car drivers. Further research is needed to explore the robustness and interpretation of this finding.
Resumo:
In parts of the Indo-Pacific, large-scale exploitation of the green turtle Chelonia mydas continues to pose a serious threat to the persistence of this species; yet very few studies have assessed the pattern and extent of the impact of such harvests. We used demographic and genetic data in an age-based model to investigate the viability of an exploited green turtle stock from Aru, south-east Indonesia. We found that populations are decreasing under current exploitation pressures. The effects of increasingly severe exploitation activities at foraging and nesting habitat varied depending on the migratory patterns of the stock. Our model predicted a rapid decline of the Aru stock in Indonesia under local exploitation pressure and a shift in the genetic composition of the stock. We used the model to investigate the influence of different types of conservation actions on the persistence of the Aru stock. The results show that local management actions such as nest protection and reducing harvests of adult nesting and foraging turtles can have considerable conservation outcomes and result in the long-term persistence of genetically distinct management units. © 2010 The Authors. Animal Conservation © 2010 The Zoological Society of London.
Resumo:
Aim: To quantify the consequences of major threats to biodiversity, such as climate and land-use change, it is important to use explicit measures of species persistence, such as extinction risk. The extinction risk of metapopulations can be approximated through simple models, providing a regional snapshot of the extinction probability of a species. We evaluated the extinction risk of three species under different climate change scenarios in three different regions of the Mexican cloud forest, a highly fragmented habitat that is particularly vulnerable to climate change. Location: Cloud forests in Mexico. Methods: Using Maxent, we estimated the potential distribution of cloud forest for three different time horizons (2030, 2050 and 2080) and their overlap with protected areas. Then, we calculated the extinction risk of three contrasting vertebrate species for two scenarios: (1) climate change only (all suitable areas of cloud forest through time) and (2) climate and land-use change (only suitable areas within a currently protected area), using an explicit patch-occupancy approximation model and calculating the joint probability of all populations becoming extinct when the number of remaining patches was less than five. Results: Our results show that the extent of environmentally suitable areas for cloud forest in Mexico will sharply decline in the next 70 years. We discovered that if all habitat outside protected areas is transformed, then only species with small area requirements are likely to persist. With habitat loss through climate change only, high dispersal rates are sufficient for persistence, but this requires protection of all remaining cloud forest areas. Main conclusions: Even if high dispersal rates mitigate the extinction risk of species due to climate change, the synergistic impacts of changing climate and land use further threaten the persistence of species with higher area requirements. Our approach for assessing the impacts of threats on biodiversity is particularly useful when there is little time or data for detailed population viability analyses. © 2013 John Wiley & Sons Ltd.
Resumo:
Background Symptoms of depression can be recurrent or limited to one episode. This study discusses the prospective association between psychological health, measured as change in depression symptoms, and the risk of diabetes mellitus in Australian women. Methods Data obtained from the Mater-University of Queensland Study of Pregnancy. Depression was measured using the Delusions-Symptoms: States Inventory. To examine possible transitions over time, depression was grouped into four categories and assessed at different phases over the 21-year period. Multiple logistic regression models and sensitivity analysis to assess the robustness of our analytical strategy were performed. Results Three hundred and one women reported diabetes 21 years after the index pregnancy. Almost one-third of the women who reported depression symptoms continued to report these at a subsequent follow-up (FU) phase. About 1 in 20 women who had not reported depression symptoms at the 5-year FU did so at the subsequent 14-year FU. In prospective analyses, we did not find a significant association between diabetes and negative change (not depressed to depressed, at subsequent phase); however, for women with positive history of symptoms of depression and women with persistent symptoms, there was a 1.97-fold (95% confidence interval [CI]: 1.14–3.40) to 2.23-fold (95% CI: 1.09–4.57) greater risk of diabetes. Conclusions Our study suggests that an increased risk of diabetes is significantly associated with persistent depression symptoms. It highlights the importance of recognizing depression symptoms in terms of women's psychological wellbeing and thus provides a basis for targeting those most at risk.
