Distinguishing attack on SOBER-128 with linear masking

We present a distinguishing attack against SOBER-128 with linear masking. We found a linear approximation which has a bias of 2^− − 8.8 for the non-linear filter. The attack applies the observation made by Ekdahl and Johansson that there is a sequence of clocks for which the linear combination of some states vanishes. This linear dependency allows that the linear masking method can be applied. We also show that the bias of the distinguisher can be improved (or estimated more precisely) by considering quadratic terms of the approximation. The probability bias of the quadratic approximation used in the distinguisher is estimated to be equal to O(2^− − 51.8), so that we claim that SOBER-128 is distinguishable from truly random cipher by observing O(2^103.6) keystream words.

Cryptanalysis of Tav-128 Hash Function

Many RFID protocols use cryptographic hash functions for their security. The resource constrained nature of RFID systems forces the use of light weight cryptographic algorithms. Tav-128 is one such 128-bit light weight hash function proposed by Peris-Lopez et al. for a low-cost RFID tag authentication protocol. Apart from some statistical tests for randomness by the designers themselves, Tav-128 has not undergone any other thorough security analysis. Based on these tests, the designers claimed that Tav-128 does not posses any trivial weaknesses. In this article, we carry out the first third party security analysis of Tav-128 and show that this hash function is neither collision resistant nor second preimage resistant. Firstly, we show a practical collision attack on Tav-128 having a complexity of 237 calls to the compression function and produce message pairs of arbitrary length which produce the same hash value under this hash function. We then show a second preimage attack on Tav-128 which succeeds with a complexity of 262 calls to the compression function. Finally, we study the constituent functions of Tav-128 and show that the concatenation of nonlinear functions A and B produces a 64-bit permutation from 32-bit messages. This could be a useful light weight primitive for future RFID protocols.

Low probability differentials and the cryptanalysis of full-round CLEFIA-128

So far, low probability differentials for the key schedule of block ciphers have been used as a straightforward proof of security against related-key differential analysis. To achieve resistance, it is believed that for cipher with k-bit key it suffices the upper bound on the probability to be 2− k . Surprisingly, we show that this reasonable assumption is incorrect, and the probability should be (much) lower than 2− k . Our counter example is a related-key differential analysis of the well established block cipher CLEFIA-128. We show that although the key schedule of CLEFIA-128 prevents differentials with a probability higher than 2− 128, the linear part of the key schedule that produces the round keys, and the Feistel structure of the cipher, allow to exploit particularly chosen differentials with a probability as low as 2− 128. CLEFIA-128 has 214 such differentials, which translate to 214 pairs of weak keys. The probability of each differential is too low, but the weak keys have a special structure which allows with a divide-and-conquer approach to gain an advantage of 27 over generic analysis. We exploit the advantage and give a membership test for the weak-key class and provide analysis of the hashing modes. The proposed analysis has been tested with computer experiments on small-scale variants of CLEFIA-128. Our results do not threaten the practical use of CLEFIA.

A preference-based semantics for CTD reasoning

In [8] the authors developed a logical system based on the definition of a new non-classical connective ⊗ capturing the notion of reparative obligation. The system proved to be appropriate for handling well-known contrary-to-duty paradoxes but no model-theoretic semantics was presented. In this paper we fill the gap and define a suitable possible-world semantics for the system for which we can prove soundness and completeness. The semantics is a preference-based non-normal one extending and generalizing semantics for classical modal logics.

Fungal Planet description sheets: 128-153

Novel species of microfungi described in the present study include the following from Australia: Catenulostroma corymbiae from Corymbia, Devriesia stirlingiae from Stirlingia, Penidiella carpentariae from Carpentaria, Phaeococcomyces eucalypti from Eucalyptus, Phialophora livistonae from Livistona, Phyllosticta aristolochiicola from Aristolochia, Clitopilus austroprunulus on sclerophyll forest litter of Eucalyptus regnans and Toxicocladosporium posoqueriae from Posoqueria. Several species are also described from South Africa, namely: Ceramothyrium podocarpi from Podocarpus, Cercospora chrysanthemoides from Chrysanthemoides, Devriesia shakazului from Aloe, Penidiella drakensbergensis from Protea, Strelitziana cliviae from Clivia and Zasmidium syzygii from Syzygium. Other species include Bipolaris microstegii from Microstegium and Synchaetomella acerina from Acer (USA), Brunneiapiospora austropalmicola from Rhopalostylis (New Zealand), Calonectria pentaseptata from Eucalyptus and Macadamia (Vietnam), Ceramothyrium melastoma from Melastoma (Indonesia), Collembolispora aristata from stream foam (Czech Republic), Devriesia imbrexigena from glazed decorative tiles (Portugal), Microcyclospora rhoicola from Rhus (Canada), Seiridium phylicae from Phylica (Tristan de Cunha, Inaccessible Island), Passalora lobeliaefistulosis from Lobelia (Brazil) and Zymoseptoria verkleyi from Poa (The Netherlands). Valsalnicola represents a new ascomycete genus from Alnus (Austria) and Parapenidiella a new hyphomycete genus from Eucalyptus (Australia). Morphological and culture characteristics along with ITS DNA barcodes are also provided. © 2012 Nationaal Herbarium Nederland & Centraalbureau voor Schimmelcultures.

Sapientia, 1978, Vol. XXXIII, nº 128 (número completo)

Contenido: Vida del espíritu / Octavio N. Derisi – Tomás de Aquino y las tres esferas del espíritu / Ángel González Álvarez – Función de la razón en la ética / Teófilo Urdánoz – Entre la ontología y la antropología filosófica / Diego F. Pró -- Notas y comentarios -- Bibliografía

Diário da Constituinte [gravação de vídeo] : [programa n. 128]

Os constituintes avaliam o andamento da Assembleia Nacional Constituinte e destacam a necessidade de compactar o texto elaborado pela Comissão de Sistematização. Francisco Pinto (PMDB-BA) afirma que a nova Carta não pode ser conjuntural. Genebaldo Correia (PMDB-BA) defende uma Constituição de consenso, que represente a média da sociedade brasileira. Cristovam Chiaradia (PFL-MG) relata que devemos ter uma Constituição humana que contemple todas as classes sociais. Oswaldo Macedo (PMDB-PR) comenta a participação popular na Constituinte. Gonzaga Patriota (PMDB-PE) afirma que a população participou de muitos artigos da Constituição e acredita numa Carta duradoura. Celso Furtado, Ministro da Cultura, ressalta a importância da participação dos brasileiros neste momento. Carlos Eduardo Novaes, jornalista, conclama o povo a participar da Assembleia Nacional Constituinte (ANC). Na sessão O Povo Pergunta, cidadão quer saber o que a Constituinte está fazendo para melhorar a justiça no país. Leite Chaves (PMDB-PR) responde que a justiça será mais rápida, mais barata e mais próxima do povo, pois as cortes serão especializadas e alcançarão as demandas da sociedade.