NTRUCCA : how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model

NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.

A Cyber-Physical System Simulator for risk-free transport studies

The article introduces a novel platform for conducting controlled and risk-free driving and traveling behavior studies, called Cyber-Physical System Simulator (CPSS). The key features of CPSS are: (1) simulation of multiuser immersive driving in a threedimensional (3D) virtual environment; (2) integration of traffic and communication simulators with human driving based on dedicated middleware; and (3) accessibility of multiuser driving simulator on popular software and hardware platforms. This combination of features allows us to easily collect large-scale data on interesting phenomena regarding the interaction between multiple user drivers, which is not possible with current single-user driving simulators. The core original contribution of this article is threefold: (1) we introduce a multiuser driving simulator based on DiVE, our original massively multiuser networked 3D virtual environment; (2) we introduce OpenV2X, a middleware for simulating vehicle-to-vehicle and vehicle to infrastructure communication; and (3) we present two experiments based on our CPSS platform. The first experiment investigates the “rubbernecking” phenomenon, where a platoon of four user drivers experiences an accident in the oncoming direction of traffic. Second, we report on a pilot study about the effectiveness of a Cooperative Intelligent Transport Systems advisory system.

Modelling NPO-government relations : Australian case studies

Non-profit organizations (NPOs) are major providers of services in many fields of endeavour, and often receive financial support from government. This article investigates different forms of government/nonprofit funding relationships, with the viewpoint being mainly, though not exclusively, from the perspective of the non-profit agencies. While there are a number of existing typologies of government/NPO relations, these are dated and in need of further empirical analysis and testing. The article advances an empirically derived extension to current models of government/NPO relations. A future research agenda is outlined based on the constructs that underpin typologies, rather than discrete categorization of relationships.

Security analysis of Australian and E.U. e-passport implementation

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)

On the (in)security of IDEA in various hashing modes

In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.

Privacy enhancements for hardware-based security modules

The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.

On the security of PAS (predicate-based authentication service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

Formal security analysis of Australian e-passport implementation

This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.

High pressure in situ diffraction studies of metal–hydrogen systems

“Hybrid” hydrogen storage, where hydrogen is stored in both the solid material and as a high pressure gas in the void volume of the tank can improve overall system efficiency by up to 50% compared to either compressed hydrogen or solid materials alone. Thermodynamically, high equilibrium hydrogen pressures in metal–hydrogen systems correspond to low enthalpies of hydrogen absorption–desorption. This decreases the calorimetric effects of the hydride formation–decomposition processes which can assist in achieving high rates of heat exchange during hydrogen loading—removing the bottleneck in achieving low charging times and improving overall hydrogen storage efficiency of large hydrogen stores. Two systems with hydrogenation enthalpies close to −20 kJ/mol H2 were studied to investigate the hydrogenation mechanism and kinetics: CeNi5–D2 and ZrFe2−xAlx (x = 0.02; 0.04; 0.20)–D2. The structure of the intermetallics and their hydrides were studied by in situ neutron powder diffraction at pressures up to 1000 bar and complementary X-ray diffraction. The deuteration of the hexagonal CeNi5 intermetallic resulted in CeNi5D6.3 with a volume expansion of 30.1%. Deuterium absorption filled three different types of interstices, Ce2Ni2 and Ni4 tetrahedra, and Ce2Ni3 half-octahedra and was accompanied by a valence change for Ce. Significant hysteresis was observed between deuterium absorption and desorption which profoundly decreased on a second absorption cycle. For the Al-modified Laves-type C15 ZrFe2−xAlx intermetallics, deuteration showed very fast kinetics of H/D exchange and resulted in a volume increase of the FCC unit cells of 23.5% for ZrFe1.98Al0.02D2.9(1). Deuterium content, hysteresis of H/D uptake and release, unit cell expansion and stability of the hydrides systematically change with the amount of Al content. In the deuteride D atoms exclusively occupy the Zr2(Fe,Al)2 tetrahedra. Observed interatomic distances are Zr–D = 1.98–2.11; (Fe, Al)–D = 1.70–1.75A˚ . Hydrogenation slightly increases the magnetic moment of the Fe atoms in ZrFe1.98Al0.02 and ZrFe1.96Al0.04 from 1.9 �B at room temperature for the alloy to 2.2 �B for its deuteride.

Pilot plant studies of ion exchange for desalination of coal seam gas produced water

This paper reports a study of ion exchange (IX) as an alternative CSG water treatment to the widely used reverse osmosis (RO) desalination process. An IX pilot plant facility has been constructed and operated using both synthetic and real CSG water samples. Application of appropriate synthetic resin technology has proved the effectiveness of IX processes.

Numerical studies and design of hollow flange channel beams subject to combined bending and shear actions

LiteSteel beam (LSB) is a cold-formed steel hollow flange channel section produced using a patented manufacturing process involving simultaneous cold-forming and dual electric resistance welding. It is commonly used as floor joists and bearers in residential, industrial and commercial buildings. Design of the LSB is governed by the Australian cold-formed steel structures code, AS/NZS 4600. Due to the geometry of the LSB, as well as its unique residual stress characteristics and initial geometric imperfections resultant of manufacturing processes, currently available design equations for common cold-formed sections are not directly applicable to the LSB. Many research studies have been carried out to evaluate the behaviour and design of LSBs subject to pure bending actions and predominant shear actions. To date, however, no investigation has been conducted into the strength of LSB sections under combined bending and shear actions. Hence experimental and numerical studies were conducted to assess the combined bending and shear behaviour of LSBs. Finite element models of LSBs were developed to simulate their combined bending and shear behaviour and strength of LSBs. They were then validated by comparing the results with available experimental test results and used in a detailed parametric study. The results from experimental and finite element analyses were compared with current AS/NZS 4600 and AS 4100 design rules. Both experimental and numerical studies show that the AS/NZS 4600 design rule based on circular interaction equation is conservative in predicting the combined bending and shear capacities of LSBs. This paper presents the details of the numerical studies of LSBs and the results. In response to the inadequacies of current approaches to designing LSBs for combined bending and shear, two lower bound design equations are proposed in this paper.

UbiOpticon : participatory sousveillance with urban screens and mobile phone cameras

In many cities around the world, surveillance by a pervasive net of CCTV cameras is a common phenomenon in an attempt to uphold safety and security across the urban environment. Video footage is being recorded and stored, sometimes live feeds are being watched in control rooms hidden from public access and view. In this study, we were inspired by Steve Mann’s original work on sousveillance (surveillance from below) to examine how a network of camera equipped urban screens could allow the residents of Oulu in Finland to collaborate on the safekeeping of their city. An agile, rapid prototyping process led to the design, implementation and ‘in the wild’ deployment of the UbiOpticon screen application. Live video streams captured by web cams integrated at the top of 12 distributed urban screens were broadcast and displayed in a matrix arrangement on all screens. The matrix also included live video streams of two roaming mobile phone cameras. In our field study we explored the reactions of passers-by and users of this screen application that seeks to inverse Bentham’s original panopticon by allowing the watched to be watchers at the same time. In addition to the original goal of participatory sousveillance, the system’s live video feature sparked fun and novel user-led apprlopriations.

Molecular structural studies of the amorphous mineral pitticite Fe, AsO4, SO4, H2O

Some minerals are colloidal and show no X-ray diffraction patterns. Vibrational spectroscopy offers one of the few methods for the assessment of the structure of these types of mineral. Among this group of minerals is pitticite simply described as Fe, AsO4, SO4, H2O. The objective of this research is to determine the molecular structure of the mineral pitticite using vibrational spectroscopy. Raman microscopy offers a useful method for the analysis of such colloidal minerals. Raman and infrared bands are attributed to the , and water stretching vibrations. The Raman spectrum is dominated by a very intense sharp band at 983 cm−1 assigned to the symmetric stretching mode. A strong Raman band at 1041 cm−1 is observed and is assigned to the antisymmetric stretching mode. Low intensity Raman bands at 757 and 808 cm−1 may be assigned to the antisymmetric and symmetric stretching modes. Raman bands observed at 432 and 465 cm−1 are attributable to the doubly degenerate ν2(SO4)2- bending mode.