H.M.'s personal crossword puzzles: understanding memory and language.

The amnesic patient H.M. has been solving crossword puzzles nearly all his life. Here, we analysed the linguistic content of 277 of H.M.'s crossword-puzzle solutions. H.M. did not have any unusual difficulties with the orthographic and grammatical components inherent to the puzzles. He exhibited few spelling errors, responded with appropriate parts of speech, and provided answers that were, at times, more convincing to observers than those supplied by the answer keys. These results suggest that H.M.'s lexical word-retrieval skills remain fluid despite his profound anterograde amnesia. Once acquired, the maintenance of written language comprehension and production does not seem to require intact medial temporal lobe structures.

Enhancing Library Instruction with Crossword Puzzles in Kinesiology Classes

The poster was presented at the 2016 Tri-Chapter Meeting (MACMLA, NY-NJ and PHIL Chapters), The 3Ls - Librarians, Leadership and Learning on September 25, 2016 in Philadelphia, PA (http://macmla.libguides.com/tri-chapter2016-posters).

Mastering medical terminology : Australia and New Zealand Workbook

Mastering Medical Terminology: Australia and New Zealand Workbook is the indispensable companion to Mastering Medical Terminology Textbook. Packed with a range of exercises and activities to accompany the main text, the Workbook provides an ideal resource for self-testing and revision in a fun, practical and accessible format, and forms a key part of the Mastering Medical Terminology suite of products which are all available for separate purchase enabling you to pick and choose the right package for your learning requirements. Featuring a variety of question types including crossword puzzles, anagrams, multiple-choice questions and label-the-diagram exercises, the Workbook uses entirely Australian spelling and aligns to the chapters of the main text. When used in combination with the main text and MedWords app, Mastering Medical Terminology: Australia and New Zealand Workbook will make the scholarship of medical terminology not only manageable, but fun!

Mastering medical terminology online workbook

Key Features: "Aligns to Mastering Medical Terminology: Australia and New Zealand. Self-test to practise and revise combining forms, word roots, prefixes and suffixes. Crossword puzzles, anagrams and label-the-diagram exercises Also available iOS/Android app featuring audio glossary, flashcards and MCQs."--publisher website

Puzzling thoughts for H. M.: can new semantic information be anchored to old semantic memories?

Researchers currently debate whether new semantic knowledge can be learned and retrieved despite extensive damage to medial temporal lobe (MTL) structures. The authors explored whether H. M., a patient with amnesia, could acquire new semantic information in the context of his lifelong hobby of solving crossword puzzles. First, H. M. was tested on a series of word-skills tests believed important in solving crosswords. He also completed 3 new crosswords: 1 puzzle testing pre-1953 knowledge, another testing post-1953 knowledge, and another combining the 2 by giving postoperative semantic clues for preoperative answers. From the results, the authors concluded that H. M. can acquire new semantic knowledge, at least temporarily, when he can anchor it to mental representations established preoperatively.

Relative income, happiness, and utility : an explanation for the Easterlin paradox and other puzzles

The well-known Easterlin paradox points out that average happiness has remained constant over time despite sharp rises in GNP per head. At the same time, a micro literature has typically found positive correlations between individual income and individual measures of subjective well-being. This paper suggests that these two findings are consistent with the presence of relative income terms in the utility function. Income may be evaluated relative to others (social comparison) or to oneself in the past (habituation). We review the evidence on relative income from the subjective well-being literature. We also discuss the relation (or not) between happiness and utility, and discuss some nonhappiness research (behavioral, experimental, neurological) related to income comparisons. We last consider how relative income in the utility function can affect economic models of behavior in the domains of consumption, investment, economic growth, savings, taxation, labor supply, wages, and migration.

Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols

Client puzzles are meant to act as a defense against denial of service (DoS) attacks by requiring a client to solve some moderately hard problem before being granted access to a resource. However, recent client puzzle difficulty definitions (Stebila and Ustaoglu, 2009; Chen et al., 2009) do not ensure that solving n puzzles is n times harder than solving one puzzle. Motivated by examples of puzzles where this is the case, we present stronger definitions of difficulty for client puzzles that are meaningful in the context of adversaries with more computational power than required to solve a single puzzle. A protocol using strong client puzzles may still not be secure against DoS attacks if the puzzles are not used in a secure manner. We describe a security model for analyzing the DoS resistance of any protocol in the context of client puzzles and give a generic technique for combining any protocol with a strong client puzzle to obtain a DoS-resistant protocol.

Defending web services against denial of service attacks using client puzzles

The interoperable and loosely-coupled web services architecture, while beneficial, can be resource-intensive, and is thus susceptible to denial of service (DoS) attacks in which an attacker can use a relatively insignificant amount of resources to exhaust the computational resources of a web service. We investigate the effectiveness of defending web services from DoS attacks using client puzzles, a cryptographic countermeasure which provides a form of gradual authentication by requiring the client to solve some computationally difficult problems before access is granted. In particular, we describe a mechanism for integrating a hash-based puzzle into existing web services frameworks and analyze the effectiveness of the countermeasure using a variety of scenarios on a network testbed. Client puzzles are an effective defence against flooding attacks. They can also mitigate certain types of semantic-based attacks, although they may not be the optimal solution.

Efficient modular exponentiation-based puzzles for denial-of-service protection

Client puzzles are moderately-hard cryptographic problems neither easy nor impossible to solve that can be used as a counter-measure against denial of service attacks on network protocols. Puzzles based on modular exponentiation are attractive as they provide important properties such as non-parallelisability, deterministic solving time, and linear granularity. We propose an efficient client puzzle based on modular exponentiation. Our puzzle requires only a few modular multiplications for puzzle generation and verification. For a server under denial of service attack, this is a significant improvement as the best known non-parallelisable puzzle proposed by Karame and Capkun (ESORICS 2010) requires at least 2k-bit modular exponentiation, where k is a security parameter. We show that our puzzle satisfies the unforgeability and difficulty properties defined by Chen et al. (Asiacrypt 2009). We present experimental results which show that, for 1024-bit moduli, our proposed puzzle can be up to 30 times faster to verify than the Karame-Capkun puzzle and 99 times faster than the Rivest et al.'s time-lock puzzle.

Practical client puzzles in the standard model

Client puzzles are cryptographic problems that are neither easy nor hard to solve. Most puzzles are based on either number theoretic or hash inversions problems. Hash-based puzzles are very efficient but so far have been shown secure only in the random oracle model; number theoretic puzzles, while secure in the standard model, tend to be inefficient. In this paper, we solve the problem of constucting cryptographic puzzles that are secure int he standard model and are very efficient. We present an efficient number theoretic puzzle that satisfies the puzzle security definition of Chen et al. (ASIACRYPT 2009). To prove the security of our puzzle, we introduce a new variant of the interval discrete logarithm assumption which may be of independent interest, and show this new problem to be hard under reasonable assumptions. Our experimental results show that, for 512-bit modulus, the solution verification time of our proposed puzzle can be up to 50x and 89x faster than the Karame-Capkum puzzle and the Rivest et al.'s time-lock puzzle respectively. In particular, the solution verification tiem of our puzzle is only 1.4x slower than that of Chen et al.'s efficient hash based puzzle.

Effort-release public-key encryption from cryptographic puzzles

Timed-release cryptography addresses the problem of “sending messages into the future”: information is encrypted so that it can only be decrypted after a certain amount of time, either (a) with the help of a trusted third party time server, or (b) after a party performs the required number of sequential operations. We generalise the latter case to what we call effort-release public key encryption (ER-PKE), where only the party holding the private key corresponding to the public key can decrypt, and only after performing a certain amount of computation which may or may not be parallelisable. Effort-release PKE generalises both the sequential-operation-based timed-release encryption of Rivest, Shamir, and Wagner, and also the encapsulated key escrow techniques of Bellare and Goldwasser. We give a generic construction for ER-PKE based on the use of moderately hard computational problems called puzzles. Our approach extends the KEM/DEM framework for public key encryption by introducing a difficulty notion for KEMs which results in effort-release PKE. When the puzzle used in our generic construction is non-parallelisable, we recover timed-release cryptography, with the addition that only the designated receiver (in the public key setting) can decrypt.

Modelling client puzzles and denial-of-service resistant protocols

Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.

From solving puzzles to designing solutions : integrating design thinking into evidence based practice

Evidence based practice (EBP) focuses on solving ‘tame’ problems, where literature supports question construction toward determining a solution. What happens when there is no existing evidence, or when the need for agility precludes a full EBP implementation? How might we build a more agile and innovative practice that facilitates the design of solutions to complex and wicked problems, particularly in cases where there is no existing literature? As problem solving and innovation methods, EBP and design thinking overlap considerably. The literature indicates the potential benefits to be gained for evidence based practice from adopting a human-centred rather than literature-focused foundation. The design thinking process is social and collaborative by nature, which enables it to be more agile and produce more innovative results than evidence based practice. This paper recommends a hybrid approach to maximise the strengths and benefits of the two methods for designing solutions to wicked problems. Incorporating design thinking principles and tools into EBP has the potential to move its applicability beyond tame problems and continuous improvement, and toward wicked problem solving and innovation. The potential of this hybrid approach in practice is yet to be explored.

Crossword puzzle attack on NLS

NLS is one of the stream ciphers submitted to the eSTREAM project. We present a distinguishing attack on NLS by Crossword Puzzle (CP) attack method which is introduced in this paper. We build the distinguisher by using linear approximations of both the non-linear feedback shift register (NFSR) and the nonlinear filter function (NLF). Since the bias of the distinguisher depends on the Konst value, which is a key-dependent word, we present the graph showing how the bias of distinguisher vary with Konst. In result, we estimate the bias of the distinguisher to be around O(2^−30). Therefore, we claim that NLS is distinguishable from truly random cipher after observing O(2^60) keystream words. The experiments also show that our distinguishing attack is successful on 90.3% of Konst among 2^32 possible values. We extend the CP attack to NLSv2 which is a tweaked version of NLS. In result, we build a distinguisher which has the bias of around 2− 48. Even though this attack is below the eSTREAM criteria (2^−40), the security margin of NLSv2 seems to be too low.

Multiple modular additions and crossword puzzle attack on NLSv2

NLS is a stream cipher which was submitted to the eSTREAM project. A linear distinguishing attack against NLS was presented by Cho and Pieprzyk, which was called Crossword Puzzle (CP) attack. NLSv2 is a tweak version of NLS which aims mainly at avoiding the CP attack. In this paper, a new distinguishing attack against NLSv2 is presented. The attack exploits high correlation amongst neighboring bits of the cipher. The paper first shows that the modular addition preserves pairwise correlations as demonstrated by existence of linear approximations with large biases. Next, it shows how to combine these results with the existence of high correlation between bits 29 and 30 of the S-box to obtain a distinguisher whose bias is around 2^−37. Consequently, we claim that NLSv2 is distinguishable from a random cipher after observing around 2^74 keystream words.