Elastic block ciphers: method, security and instantiations

We introduce the concept of an elastic block cipher which refers to stretching the supported block size of a block cipher to any length up to twice the original block size while incurring a computational workload that is proportional to the block size. Our method uses the round function of an existing block cipher as a black box and inserts it into a substitution- permutation network. Our method is designed to enable us to form a reduction between the elastic and the original versions of the cipher. Using this reduction, we prove that the elastic version of a cipher is secure against key-recovery attacks if the original cipher is secure against such attacks. We note that while reduction-based proofs of security are a cornerstone of cryptographic analysis, they are typical when complete components are used as sub-components in a larger design. We are not aware of the use of such techniques in the case of concrete block cipher designs. We demonstrate the general applicability of the elastic block cipher method by constructing examples from existing block ciphers: AES, Camellia, MISTY1, and RC6. We compare the performance of the elastic versions to that of the original versions and evaluate the elastic versions using statistical tests measuring the randomness of the ciphertext. We also use our examples to demonstrate the concept of a generic key schedule for block ciphers.

Robust estimation and hypothesis testing under short-tailedness and inliers

Estimation and hypothesis testing based on normal samples censored in the middle are developed and shown to be remarkably efficient and robust to symmetric shorttailed distributions and to inliers in a sample. This negates the perception that sample mean and variance are the best robust estimators in such situations (Tiku, 1980; Dunnett, 1982). Professor Emeritus, Department of Mathematics and Statistics, McMaster University, Professor Emeritus, Department of Mathematics and Statistics, McMaster University,     

Parameterized fuzzy operators in fuzzy decision making

The basic operations of fuzzy sets, such as negation, intersection, and union, usually are computed by applying the one‐complement, minimum, and maximum operators to the membership functions of fuzzy sets. However, different decision agents may have different perceptions for these fuzzy operations. In this article, the concept of parameterized fuzzy operators will be introduced. A parameter α will be used to represent the degree of softness. The variance of α captures the differences of decision agents' subjective attitudes and characteristics, which result in their differing perceptions. The defined parameterized fuzzy operators also should satisfy the axiomatic requirements for the traditional fuzzy operators. A learning algorithm will be proposed to obtain the parameter α given a set of training data for each agent. In this article, the proposed parameterized fuzzy operators will be used in individual decision‐making problems. An example is given to show the concept and application of the parameterized fuzzy operators. © 2003 Wiley Periodicals, Inc.     

Fault-Tolerant Convergence Routing

This paper presents fault-tolerant protocols for fast packet switch networks withconvergence routing. The objective is to provide fast reconfiguration and continuous host-to-host communication after a link or a node (switch) failure,Convergence routingcan be viewed as a variant ofdeflection routing,which combines, in a dynamic fashion, the on-line routing decision with the traffic load inside the network. Unlike other deflection techniques, convergence routing operates withglobal sense of directionand guarantees that packets will reach or converge to their destinations. Global sense of direction is achieved by embedding of virtual rings to obtain a linear ordering of the nodes. We consider virtual ring embeddings over (i) a single spanning tree, and (ii) over two edge-disjoint spanning trees. Thus, the fault-tolerant solution is based on spanning trees and designed for a switch-based (i.e., arbitrary topology) architecture called MetaNet. In this work, the original MetaNet's convergence routing scheme has been modified in order to facilitate the property that the packet header need not be recomputed after a failure and/or a reconfiguration. This is achieved by having, at the network interface, a translator that maps the unique destination address to a virtual address. It is argued that virtual rings embedded over two-edge disjoint spanning trees increase the fault tolerance for both node and link faults and provides continuous host-to-host communication.     

The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.     

Characterization of Security Notions for Probabilistic Private-Key Encryption

The development of precise definitions of security for encryption, as well as a detailed understanding of their relationships, has been a major area of research in modern cryptography. Here, we focus on the case of private-key encryption. Extending security notions from the public-key setting, we define security in the sense of both indistinguishability and non-malleability against chosen-plaintext and chosen-ciphertext attacks, considering both non-adaptive (i.e., ``lunchtime') and adaptive oracle access (adaptive here refers to an adversary's ability to interact with a given oracle even after viewing the challenge ciphertext). We then characterize the 18 resulting security notions in two ways. First, we construct a complete hierarchy of security notions; that is, for every pair of definitions we show whether one definition is stronger than the other, whether the definitions are equivalent, or whether they are incomparable. Second, we partition these notions of security into two classes (computational or information-theoretic) depending on whether one-way functions are necessary in order for encryption schemes satisfying the definition to exist. Perhaps our most surprising result is that security against adaptive chosen-plaintext attack is (polynomially) equivalent to security against non-adaptive chosen-plaintext attack. On the other hand, the ability of an adversary to mount a (non-adaptive) chosen-plaintext attack is the key feature distinguishing computational and information-theoretic notions of security. These results hold for all security notions considered here.     

A cognitive reinterpretation of Stanley Milgram's observations on obedience to authority.

Comments on S. Milgram's (1974) observations on obedience to authority. It is suggested that the underlying cause for Milgram's Ss' striking conduct could be conceptual and not the alleged "capacity of man to abandon his humanity…as he merges his unique personality into larger institutional structures." (PsycINFO Database Record (c) 2010 APA, all rights reserved)     

Fuzzy multicriteria selection of alternatives: The worst‐case method

In this article, we propose the method of the multicriteria alternative selection under uncertainty. The basis of the method is the principle of the Bellman–Zadeh fuzzy measures intersection and nine‐point linguistic rating scale of Saaty. The novelty of the method presented here consists of the fact that it does not require labor‐intensive procedures, requiring arraying and array processing of paired comparisons matrix. Instead, special correlations are used, which are based on the comparison with the worst alternative and the least important criterion. As an example for the utilization of our method, we use the problem for choosing cars. © 2010 Wiley Periodicals, Inc.     

Dielectric relaxation phenomena in the compound: LiCo<Subscript>3/5</Subscript>Mn<Subscript>1/5</Subscript>Cu<Subscript>1/5</Subscript>VO<Subscript>4</Subscript>

Solution-based chemical method has been used to produce LiCo_3/5Mn_1/5Cu_1/5VO₄ ceramics. The formation of the compound is checked by X-ray diffraction analysis and it reveals an orthorhombic unit cell structure with lattice parameters of a = 9.8262 Å, b = 3.0706 Å, c = 14.0789 Å. Field emission scanning electron micrograph indicates a polycrystalline texture of the material with grains of unequal sizes (~0.2 to 3 μm). Complex impedance spectroscopy technique is used to study the dielectric properties. Temperature dependence of dielectric constant (ε _r) at various frequencies exhibits the dielectric anomalies in ε _r at T _c (transition temperature) = 245, 255, 260 and 265 °C with (ε_r)_max. ~458, 311, 214 and 139 for 50, 100, 200 and 500 kHz, respectively. Frequency dependence of tangent loss at various temperatures shows the presence of dielectric relaxation in the material.