Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Countermeasure against the SPA attack on an embedded McEliece cryptosystem

International audience—In this paper, we present a novel countermeasure against a simple power analysis based side channel attack on a software implementation of the McEliece public key cryptosys-tem. First, we attack a straightforward C implementation of the Goppa codes based McEliece decryption running on an ARM Cortex-M3 microprocessor. Next, we demonstrate on a realistic example that using a " chosen ciphertext attack " method, it is possible to recover the complete secret permutation matrix. We show that this matrix can be completely recovered by an analysis of a dynamic power consumption of the microprocessor. Then, we estimate the brute-force attack complexity reduction depending on the knowledge of the permutation matrix. Finally, we propose an efficient software countermeasure having low computational complexity. Of course, we provide all the necessary details regarding the attack implementation and all the consequences of the proposed countermeasure especially in terms of power consumption

Cryptography using evolutionary computing

We present a method of generating encryptors, in particular, Pseudo Random Number Generators (PRNG), using evolutionary computing. Working with a system called Eureqa, designed by the Cornell Creative Machines Lab, we seed the system with natural noise sources obtained from data that can include atmospheric noise generated by radio emissions due to lightening, for example, radioactive decay, electronic noise and so on. The purpose of this is to `force' the system to output a result (a nonlinear function) that is an approximation to the input noise. This output is then treated as an iterated function which is subjected to a range of tests to check for potential cryptographic strength in terms of a positive Lyapunov exponent, maximum entropy, high cycle length, key diffusion characteristics etc. This approach provides the potential for generating an unlimited number of unique PRNG that can be used on a 1-to-1 basis. Typical applications include the encryption of data before it is uploaded onto the Cloud by a user that is provided with a personalised encryption algorithm rather than just a personal key using a `known algorithm' that may be subject to a `known algorithm attack' and/or is `open' to the very authorities who are promoting its use

Secure Trapdoor Hash Functions Based on Public-Key Cryptosystems

In this paper we systematically consider examples representative of the various families of public-key cryptosystems to see if it would be possible to incorporate them into trapdoor hash functions, and we attempt to evaluate the resulting strengths and weaknesses of the functions we are able to construct. We are motivated by the following question: Question 1.2 How likely is it that the discoverer of a heretofore unknown public-key cryptosystem could subvert it for use in a plausible secure trapdoor hash algorithm? In subsequent sections, our investigations will lead to a variety of constructions and bring to light the non-adaptability of public-key cryptosystems that are of a \low density. More importantly, we will be led to consider from a new point of view the effects of the unsigned addition, shift, exclusive-or and other logical bit string operators that are presently used in constructing secure hash algorithms: We will show how the use of publickey cryptosystems leads to \fragile secure hash algorithms, and we will argue that circular shift operators are largely responsible for the security of modern high-speed secure hash algorithms

Using the Simplex Code to Construct Relative Difference Sets in 2-groups

Relative Difference Sets with the parameters (2a, 2b, 2a, 2a-b) have been constructed many ways (see [2], [3], [5], [6], and [7] for examples). This paper modifies an example found in [1] to construct a family of relative difference sets in 2-groups that gives examples for b = 2 and b = 3 that have a lower rank than previous examples. The Simplex code is used in the construction

Free Speech in Cyberspace: Communications Decency and Beyond

It is a great honor to be this year\u27s Emanuel Emroch Lecturer. Though I never had the privilege of knowing Mr. Emroch, I do feel on this occasion as though I were almost an honorary member of the Emroch family. And I am deeply grateful to that family for having continued a tradition which seems to me as fitting and as appropriate a memorial as one could imagine. It is a living memorial in the best sense and it gives those who gather in the name of the person being so honored a chance not only to carry on their own conversations but to reflect on their debt to the person whose name and generosity made it all possible