Cryptography: all-out attacks or how to attack cryptography without intensive cryptanalysis

This article deals with operational attacks leaded against cryptographic tools. Problem is approached from several point of view, the goal being always to retrieve a maximum amount of information without resorting to intensive cryptanalysis. Therefore, focus will be set on errors, deliberate or not, from the implementation or the use of such tools, to information leakage. First, straight attacks on encryption keys are examined. They are searched in binary files, in memory, or in memory files (such as hibernation files). We also show how a bad initialization on a random generator sharply reduces key entropy, and how to negate this entropy by inserting backdoors. Then, we put ourselves in the place of an attacker confronted to cryptography. He must first detect such algorithms are used. Solutions for this problem are presented, to analyze binary files as well as communication streams. Sometimes, an attacker can only access encrypted streams, without having necessary tools to generate such a stream, and is unable to break the encryption used. In such situations, we notice that it often remains information leakages which appear to be clearly interesting. We show how classic methods used in network supervision, forensics and sociology while studying social networks bring pertinent information. We build for example sociograms able to reveal key elements of an organization, to determine the type of organization, etc. The final part puts in place the set of results obtained previously through the analysis of a closed network protocol. Packet format identification relies on the behavioural analysis of the program, once all the cryptographic elements have been identified.     

SSVEP-based brain-computer interfaces are vulnerable to square wave attacks

Science China Information Sciences -     

New related-key rectangle attacks on reduced AES-192 and AES-256

In this paper, we examine the security of reduced AES-192 and AES-256 against related-key rectangle attacks by exploiting the weakness in the AES key schedule. We find the following two new attacks: 9-round reduced AES-192 with 4 related keys, and 10-round reduced AES-256 with 4 related keys. Our results show that related-key rectangle attack with 4 related keys on 9-round reduced AES-192 requires a data complexity of about 2¹⁰¹ chosen plaintexts and a time complexity of about 2^174.8 encryptions, and moreover, related-key rectangle attack with 4 related keys on 10-round reduced AES-256 requires a data complexity of about 2^97.5 chosen plaintexts and a time complexity of about 2²⁵⁴ encryptions. These attacks are the first known attacks on 9-round reduced AES-192 and 10-round reduced AES-256 with only 4 related keys. Furthermore, we give an improvement of the 10-round reduced AES-192 attack presented at FSE2007, which reduces both the data complexity and the time complexity. Supported by the National Natural Science Foundation of China (Grant No. 60673072), and the National Basic Research Program of China (Grant No. 2007CB311201)     

Smallest k-point enclosing rectangle and square of arbitrary orientation

Given a set of n points in 2D, the problem of identifying the smallest rectangle of arbitrary orientation, and containing exactly k(?n) points is studied in this paper. The worst case time and space complexities of the proposed algorithm are O(n²logn+nk(n−k)(n−k+logk)) and O(n), respectively. The algorithm is then used to identify the smallest square of arbitrary orientation, and containing exactly k points in O(n²logn+kn²(n−k)logn) time.     

Input-trees of finite automata and application to cryptanalysis

In this paper,Weights of output set and of input set for finite automata are discussed.For a weakly invertible finite automaton,we prove that for states with minimal output weight,the distruibution of input sets is uniform.Then for a kind of compound finite automata,we give weights of output set and of input set explicitly,and a characterization of their input-trees.For finite automaton public key cryptosystems,of which automata in public keys belong to such a kind of compound finite automata,we evaluate search amounts of exhaust search algorithms in average case and in worse case for both encryption and signature,and success ful probabilities of stochastic search algorithms for both encryption and signature.In addition,a result on mutual invertibility of inite automata is also given.     

基本语言值的扩充与归约

本文首先讨论了基本语言值互补、互斥关系的可变性及互化规则，然后在此基础上给出了基本语言值的扩充与归约方法。从而为模糊控制器中的语言值选取和定义提供了理论依据和可行方法。     

Extending Modula-2 to Build Large, Integrated Systems

Designed to build both system and application software for large systems, Modula-2+ supports exception handling, automatic storage management, and concurrency for multiprocessors without compromising the integrity of Modula-2.     

Extending IP to Low-Power, Wireless Personal Area Networks

Extending IP to low-power, wireless personal area networks (LoWPANs) was once considered impractical because these networks are highly constrained and must operate unattended for multiyear lifetimes on modest batteries. Many vendors embraced proprietary protocols, assuming that IP was too resource-intensive to be scaled down to operate on the microcontrollers and low-power wireless links used in LoWPAN settings. However, 6LoWPAN radically alters the calculation by introducing an adaptation layer that enables efficient IPv6 communication over IEEE 802.15.4 LoWPAN links.     

The autoscritcher and the superscritcher: aids to cryptanalysis ofthe German Enigma cipher machine, 1944-6

At the US Army Signal Security Agency during World War II, two systems were built to assist cryptanalysts in breaking messages enciphered on Enigma-type machines. Called the Autoscritcher, the first machine used relay technology. The final system, the Superscritcher, was fully electronic and contained about 3500 vacuum tubes. Both machines operated successfully. The system approach both machines was the same, but differed from that of the Bombe mechanical machines in use to do a similar job. The Superscritcher proved the practicality of electronic digital technology for computing applications. It also showed that a more flexible architecture was needed to allow the solving of more than one class of problems. An account of the design, construction, and test of the Superscritcher and the Autoscritcher is presented     

Extending the rand,adjusted rand and jaccard indices to fuzzy partitions

The first stage of knowledge acquisition and reduction of complexity concerning a group of entities is to partition or divide the entities into groups or clusters based on their attributes or characteristics. Clustering is one of the most basic processes that are performed in simplifying data and expressing knowledge in a scientific endeavor. It is akin to defining classes. Since the output of clustering is a partition of the input data, the quality of the partition must be determined as a way of measuring the quality of the partitioning (clustering) process. The problem of comparing two different partitions of a finite set of objects reappears continually in the clustering literature. This paper looks at some commonly used clustering measures including the rand index (RI), adjusted RI (ARI) and the jaccuard index(JI) that are already defined for crisp clustering and extends them to fuzzy clustering measures giving FRI,FARI and FJI. These new indices give the same values as the original indices do in the special case of crisp clustering. The extension is made by first finding equivalent expressions for the parameters, a, b, c, and d of these indices in the case of crisp clustering. A relationship called bonding that describes the degree to which two cluster members are in the same cluster or class is first defined. Through use in crisp clustering and fuzzy clustering the effectiveness of the indices is demonstrated.     

车载物联网技术及其应用探讨

随着车载物联网技术的高速发展,车载物联网技术已经开始被多个领域所应用,并取得了很大的成功,如何实现车载物联网技术的更高发展成为当前热门研究课题.本文首先详细概述了车载物联网相关理论,然后分析了当前车载物联网技术在不同领域中的应用,最后对当前我国车载物联网技术所面临的挑战进行了详细的分析研究.     

Extending CLIPS to support temporal representation and reasoning

Applications using expert systems for monitoring and control problems often require the ability to represent temporal knowledge and to apply reasoning based on that knowledge. Incorporating temporal representation and reasoning into expert systems leads to two problems in development: dealing with an implied temporal order of events using a non-procedural tool; and maintaining the large number of temporal relations that can occur among facts in the knowledge base. In this paper we explore these problems by using an expert system shell, CLIPS (C Language Integrated Production System), to create temporal relations using common knowledge-based constructs. We also build an extension to CLIPS through a user-defined function which generates the temporal relations from those facts. We use the extension to create and maintain temporal relations in a workflow application that monitors and controls an engineering design change review process. We also propose a solution to ensure truth maintenance among temporally related facts that links our temporal extension to the CLIPS facility for truth maintenance.     

Extending Prolog with modularity,concurrency and meta-rules

This paper presents the main features of an extension to Prolog toward modularity and concurrency—calledCommunicating Prolog Units (CPU)—whose main aim is to allow logic programming to be used as an effective tool for system programming and prototyping. While Prolog supports only a single set of clauses and sequential computations, CPU allows programmers to define different theories (P-unis) and parallel processes interacting via P-units, according to a model very similar to Linda’s generative communication. The possibility of expressingmeta-rules to specify where and how object-level (sub)golas have to be proved, not only enhances modularity, but also increases the expressive power and flexibility of CPU systems.     

浅析应对网络攻击的方法和策略

网络信息是否安全不仅关系到个人的隐私安全更关系到整个国家的信息安全,如何应对计算机网络攻击成为我们关注的焦点,本文对网络攻击危害与方法、手段进行了分析,并提出相应的策略,提升网络安全性.     

Extending objects to support multiple interfaces and access control

A mechanism, called views, that allows programmers to specify multiple interfaces for objects and to control explicitly access to each interface is described. This mechanism provides a simple and flexible means of specifying enforceable access restrictions at many levels of granularity. It also results in system organization that supports browsing based on a number of different criteria. Views is defined, some examples of its uses are given, the impact of views on system organization is discussed, and five approaches to implementing views are outlined     

Extending equation-based congestion control to high-speed and long-distance networks

TCP-friendly rate control (TFRC), an equation-based congestion control protocol, has been a promising alternative to TCP for multimedia streaming applications. However, TFRC using the TCP response function, has the same poor performance as TCP in high-speed and long-distance networks. In this paper, we propose high-speed equation-based rate control (HERC), as an extension of TFRC by replacing the TCP response function with a high-speed response function. HERC could be used for applications, such as high-definition video streaming, and remote collaboration involving high-resolution visualization, which prefer a high-speed and relatively smooth sending rate. The impact of a general high-speed response function on the throughput and smoothness of HERC is studied analytically and verified by using simulation. Our result indicates that by using the response function of a high-speed TCP variant and tuning HERC parameters accordingly, HERC can compete fairly with high-speed TCP flows in the same network, while maintaining the desired smoothness of TFRC.