对低轮AES-256的相关密钥-不可能差分密码分析

研究AES-256抵抗相关密钥-不可能差分密码分析的能力.首先给出相关密钥的差分,该差分可以扩展到8轮(甚至更多轮)子密钥差分;然后构造出一个5.5轮的相关密钥不可能差分特征.最后,给出一个对7轮AES-256的攻击和4个对8轮AES-256的攻击.

Analysis of simplified variants of SHA-256

In this paper we analyse the role of some of the building blocks of SHA-256. We show that the disturbance-correction strategy is applicable to the SHA-256 architecture and we prove that functions Σ, σ are vital for the security of SHA-256 by showing that for a variant without them it is possible to find collisions with complexity 2^64 hash operations. As a step towards an analysis of the full function, we present the results of our experiments on Hamming weights of expanded messages for different variants of the message expansion and show that there exist low-weight expanded messages for XOR-linearised variants.

Cryptanalysis of FORK-256

In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with complexity of 2^125 (resp. 2^120) and with negligible memory, and by exhibiting a 22-bit near pseudo-collision. We also show that we can find collisions for the full compression function with a small amount of memory with complexity not exceeding 2^126.6 hash evaluations. We further show how to reduce this complexity to 2^109.6 hash computations by using 273 memory words. Finally, we show that this attack can be extended with no additional cost to find collisions for the full hash function, i.e. with the predefined IV.

Extending FORK-256 attack to the full hash function

In a paper published in FSE 2007, a way of obtaining near-collisions and in theory also collisions for the FORK-256 hash function was presented [8]. The paper contained examples of near-collisions for the compression function, but in practice the attack could not be extended to the full function due to large memory requirements and computation time. In this paper we improve the attack and show that it is possible to find near-collisions in practice for any given value of IV. In particular, this means that the full hash function with the prespecified IV is vulnerable in practice, not just in theory. We exhibit an example near-collision for the complete hash function.

Improved Security Analysis of Fugue-256 (Poster)

We present some improved analytical results as part of the ongoing work on the analysis of Fugue-256 hash function, a second round candidate in the NIST’s SHA3 competition. First we improve Aumasson and Phans’ integral distinguisher on the 5.5 rounds of the final transformation of Fugue-256 to 16.5 rounds. Next we improve the designers’ meet-in-the-middle preimage attack on Fugue-256 from 2480 time and memory to 2416. Finally, we comment on possible methods to obtain free-start distinguishers and free-start collisions for Fugue-256.

Depth profile composition studies of thin film CdS: Cu,S solar cells using XPS and AES

Surface composition and depth profile studies of hemiplated thin film CdS:CuzS solar cells have been carried out using x-ray photoelectron spectroscopy (XPS) and Auger electron spectroscopy (AES) techniques. These studies indicate that the junction is fairly diffused in the as-prepared cell. However, heat treatment of the cell at 210°C in air relatively sharpens the junction and improves the cell performance. Using the Cu(2p3p)/S(2p) ratio as well as the Cu(LVV)/(LMM) Auger intensity ratio, it can be inferred that the nominal valency of copper in the layers above the junction is Cut and it is essentially in the CUSS form. Copper signals are observed from layers deep down in the cell. These seem to appear mostly from the grain boundary region. From the observed concentration of Cd, Cu and S in these deeper layers and the Cu(LVV)/(LMM) ratio it appears that the signals from copper essentially originate partly from copper in CuS and partly from Cu2t trapped in the lattice. It is significant to note that the nominal valence state of copper changes rather abruptly from Cut to Cuz+ across the junction.

Evidence in view: Matton Developments Pty Ltd v CGU Insurance Limited [2014] QSC 256

Rule 478 of the Uniform Civil Procedure Rules 1999 (Qld)(view by court) is silent as to the manner in which a court might be expected to exercise the discretion to order an inspection or demonstration under the rule and also as to the use which may be made of any inspection or demonstration ordered. The decision in Matton Developments Pty Ltd v CGU Insurance Limited [2014] QSC 256 provides guidance on both matters. This case provides some guidance on the circumstances in which a court may exercise its discretion to order a view or demonstration

A 100MHz to 1GHz, 0.35V to 1.5V supply 256 x 64 SRAM mock using symmetrized 9T SRAM cell with controlled read

In this paper, we present Dynamic Voltage and Frequency Managed 256 x 64 SRAM block in 65nm technology, for frequency ranging from 100MHz to 1GHz. The total energy is minimized for any operating frequency in the above range and leakage energy is minimized during standby mode. Since noise margin of SRAM cell deteriorates at low voltages, we propose Static Noise Margin improvement circuitry, which symmetrizes the SRAM cell by controlling the body bias of pull down NMOS transistor. We used a 9T SRAM cell that isolates Read and Hold Noise Margin and has less leakage. We have implemented an efficient technique of pushing address decoder into zigzag-super-cut-off in stand-by mode without affecting its performance in active mode of operation. The Read Bit Line (RBL) voltage drop is controlled and pre-charge of bit lines is done only when needed for reducing power wastage.

The role of lysine-256 in the structure and function of sheep liver recombinant serine hydroxymethyltransferase

The active site lysine residue, K256, involved in Schiffs base linkage with pyridoxal-5'-phosphate (PEP) in sheep liver recombinant serine hydroxymethyltransferase (rSHMT) was changed to glutamine or arginine by site-directed mutagenesis. The purified K256Q and K256R SHMTs had less than 0.1% of catalytic activity with serine and H(4)folate as substrates compared to rSHMT. The mutant enzymes also failed to exhibit the characteristic visible absorbance spectrum (lambda(max) 425 nm) and did not produce the quinonoid intermediate (lambda(max) 495 nm) upon the addition of glycine and H(4)folate. The mutant enzymes were unable to catalyze aldol cleavage of beta-phenylserine and transamination of D-alanine. These results suggested that the mutation of the lysine had resulted in the inability of the enzyme to bind to the cofactor. Therefore, the K256Q SHMT was isolated as a dimer and the K256R SHMT as a mixture of dimers and tetramers which were converted to dimers slowly. On the other hand, rSHMT was stable as a tetramer for several months, further confirming the role of PLP in maintenance of oligomeric structure. The mutant enzymes also failed to exhibit the increased thermal stability upon the addition of serine, normally observed with rSHMT. The enhanced thermal stability has been attributed to a change in conformation of the enzyme from open to closed form leading to reaction specificity. The mutant enzymes were unable to undergo this conformational change probably because of the absence of bound cofactor.

A 100MHz to 1GHz, 0.35V to 1.5V Supply 256 x 64 SRAM Block Using Symmetrized 9T SRAM Cell with Controlled Read

In this paper, we present dynamic voltage and frequency Managed 256 x 64 SRAM block in 65 nm technology, for frequency ranging from 100 MHz to 1 GHz. The total energy is minimized for any operating frequency in the above range and leakage energy is minimized during standby mode. Since noise margin of SRAM cell deteriorates at low voltages, we propose static noise margin improvement circuitry, which symmetrizes the SRAM cell by controlling the body bias of pull down NMOS transistor. We used a 9T SRAM cell that isolates Read and hold noise margin and has less leakage. We have implemented an efficient technique of pushing address decoder into zigzag- super-cut-off in stand-by mode without affecting its performance in active mode of operation. The read bit line (RBL) voltage drop is controlled and pre-charge of bit lines is done only when needed for reducing power wastage.

O papel da energia nas ações de mitigação

Descreve as alternativas energéticas que se colocam para mitigar boa parte das emissões de gases de efeito estufa (GEE) do planeta. Enfatiza o potencial para o uso mais eficiente da energia em todos os setores da economia e nas oportunidade de substituição de combustíveis fósseis por combustíveis renováveis. Ressalta a importância de mudança de hábitos de consumo para reduzir as emissões de GEE a níveis considerados seguros, de maneira a se estabilizarem as concentrações de gases na atmosfera em níveis suficientemente baixos.

Ações de mitigação das emissões no Brasil

Sintetiza os fatos que levaram a adoção da Convenção-Quadro das Nações Unidas sobre Mudança do Clima. Descreve e analisa as iniciativas do Brasil no sentido de colaborar com a proteção climática e com a redução da emissão de gases poluentes. Destaca os seguintes pontos: desenvolvimento de matriz energética "limpa" (álcool e biodiesel); combate ao desperdício de energia elétrica; programa de redução de emissões veiculares; redução de incêndios florestais e do desmatamento; projetos ligados ao Mecanismo de Desenvolvimento Limpo.