Forgery attacks on ++AE authenticated encryption mode

In this paper, we analyse a block cipher mode of operation submitted in 2014 to the cryptographic competition for authenticated encryption (CAESAR). This mode is designed by Recacha and called ++AE (plus-plus-ae). We propose a chosen plaintext forgery attack on ++AE that requires only a single chosen message query to allow an attacker to construct multiple forged messages. Our attack is deterministic and guaranteed to pass ++AE integrity check. We demonstrate the forgery attack using 128-bit AES as the underlying block cipher. Hence, ++AE is insecure as an authenticated encryption mode of operation.

Are rural development programmes socially inclusive? Social inclusion, civic engagement, participation, and social capital: Exploring the differences

Considerable importance is attached to social exclusion/inclusion in recent EU rural development programmes. At the national/regional operation of these programmes groups of people who are not participating are often identified as ‘socially excluded groups’. This article contends that rural development programmes are misinterpreting the social processes of participation and consequently labelling some groups as socially excluded when they are not. This is partly because of the interchangeable and confused use of the concepts social inclusion, social capital and civic engagement, and partly because of the presumption that to participate is the default position. Three groups identified as socially excluded groups in Northern Ireland are considered. It is argued that a more careful analysis of what social inclusion means, what civic engagement means, and why participation is presumed to be the norm, leads to a different conclusion about who is excluded. This has both theoretical and policy relevance for the much used concept of social inclusion.

Dissipative Optomechanics in a Michelson--Sagnac Interferometer

Dissipative optomechanics studies the coupling of the motion of an optical element to the decay rate of a cavity. We propose and theoretically explore a realization of this system in the optical domain, using a combined Michelson-Sagnac interferometer, which enables a strong and tunable dissipative coupling. Quantum interference in such a setup results in the suppression of the lower motional sideband, leading to strongly enhanced cooling in the non-sideband-resolved regime. With state-of-the-art parameters, ground-state cooling and low-power quantum-limited position transduction are both possible. The possibility of a strong, tunable dissipative coupling opens up a new route towards observation of such fundamental optomechanical effects as nonlinear dynamics. Beyond optomechanics, the suggested method can be readily transferred to other setups involving nonlinear media, atomic ensembles, or single atoms.

WHIRLBOB, the Whirlpool Based Variant of STRIBOB: Lighter, Faster, and Constant Time

WHIRLBOB, also known as STRIBOBr2, is an AEAD (Authenticated Encryption with Associated Data) algorithm derived from STRIBOBr1 and the Whirlpool hash algorithm. WHIRLBOB/STRIBOBr2 is a second round candidate in the CAESAR competition. As with STRIBOBr1, the reduced-size Sponge design has a strong provable security link with a standardized hash algorithm. The new design utilizes only the LPS or ρ component of Whirlpool in flexibly domain-separated BLNK Sponge mode. The number of rounds is increased from 10 to 12 as a countermeasure against Rebound Distinguishing attacks. The 8 ×8 - bit S-Box used by Whirlpool and WHIRLBOB is constructed from 4 ×4 - bit “MiniBoxes”. We report on fast constant-time Intel SSSE3 and ARM NEON SIMD WHIRLBOB implementations that keep full miniboxes in registers and access them via SIMD shuffles. This is an efficient countermeasure against AES-style cache timing side-channel attacks. Another main advantage of WHIRLBOB over STRIBOBr1 (and most other AEADs) is its greatly reduced implementation footprint on lightweight platforms. On many lower-end microcontrollers the total software footprint of π+BLNK = WHIRLBOB AEAD is less than half a kilobyte. We also report an FPGA implementation that requires 4,946 logic units for a single round of WHIRLBOB, which compares favorably to 7,972 required for Keccak / Keyak on the same target platform. The relatively small S-Box gate count also enables efficient 64-bit bitsliced straight-line implementations. We finally present some discussion and analysis on the relationships between WHIRLBOB, Whirlpool, the Russian GOST Streebog hash, and the recent draft Russian Encryption Standard Kuznyechik.

STRIBOB: Authenticated Encryption from GOST R 34.11-2012 LPS Permutation.

Authenticated encryption algorithms protect both the confidentiality and integrity of messages in a single processing pass. We show how to utilize the L◦P ◦S transform of the Russian GOST R 34.11-2012 standard hash “Streebog” to build an efficient, lightweight algorithm for Authenticated Encryption with Associated Data (AEAD) via the Sponge construction. The proposed algorithm “StriBob” has attractive security properties, is faster than the Streebog hash alone, twice as fast as the GOST 28147-89 encryption algorithm, and requires only a modest amount of running-time memory. StriBob is a Round 1 candidate in the CAESAR competition.