Improved Fast Correlation Attacks on the Sosemanuk Stream Cipher

In this paper, we present a new algorithm for fast correlation attacks on stream ciphers with improved cryptanalysis results on the Sosemanuk stream cipher, one of the 7 finalists in the eSTREAM project in 2008. The new algorithm exploits the direct sum construction of covering codes in decoding phase which approximates the random vectors to a nearest codeword in a linear code. The new strategy provides large flexibility for the adversary and could reduce the time/memory/data complexities significantly. As a case study, we carefully revisit Sosemanuk and demonstrate a state recovery attack with a time complexity of 2134.8, which is 220 times faster than achievable before by the same kind of attack and is the fastest one among all known attacks so far. Our result indicates an inefficiency in longer keys than 135 bits and depicts that the security margin of Sosemanuk is around 28 for the 128-bit security for the first time

Determination and quantitative evaluation of image-based registration accuracy for robotic neurosurgery

Stereotactic neurosurgical robots allow quick, accurate location of small targets within the brain, relying on accurate registration of preoperative MRI/CT images with patient and robot coordinate systems. Fiducial markers or a stereotactic frame are used as registration landmarks and the patient’s head is fixed in position. An image-based system could be quick, non-invasive and allow the head to be moved during surgery giving greater ease of access. Submillimetre surgical precision at the target point is required. An octant representation is utilized to investigate full region of interest (ROI) head registration using parts only, with registration performed using the Iterative Closest Point (ICP) algorithm. Use of two octants sequentially obtained a mean RMS distance of 0.813±0.026 mm; adding subsequent octants did not significantly improve performance. An RMS distance of 0.812±0.025 mm was obtained for three octants used simultaneously. ICP was compared with Coherent Point Drift, and 3D Normal Distribution Transform, with and without added or smoothed noise, and was least affected by starting position or noise added; a mean accuracy of 0.884±0.050 mm across ten noise levels and four starting positions was achieved, which was shown to translate to submillimetre accuracy at points within the head

Fast Correlation Attack Revisited --Cryptanalysis on Full Grain-128a, Grain-128, and Grain-v1

A fast correlation attack (FCA) is a well-known cryptanalysis technique for LFSR-based stream ciphers. The correlation between the initial state of an LFSR and corresponding key stream is exploited, and the goal is to recover the initial state of the LFSR. In this paper, we revisit the FCA from a new point of view based on a finite field, and it brings a new property for the FCA when there are multiple linear approximations. Moreover, we propose a novel algorithm based on the new property, which enables us to reduce both time and data complexities. We finally apply this technique to the Grain family, which is a well-analyzed class of stream ciphers. There are three stream ciphers, Grain-128a, Grain-128, and Grain-v1 in the Grain family, and Grain-v1 is in the eSTREAM portfolio and Grain-128a is standardized by ISO/IEC. As a result, we break them all, and especially for Grain-128a, the cryptanalysis on its full version is reported for the first time

Doppler Encoded Excitation Patterning (DEEP) Microscopy

Traditional optical imaging systems rely on lenses and spatially-resolved detection to probe distinct locations on the object. We develop a novel computational approach to 2D and 3D imaging that instead measures the object\u27s spatial Fourier transform using a single-element detector and without requiring precision optics. This wide-field technique can be used to image biological and synthetic structures in fluoresced or scattered light using coherent or broadband illumination. It employs dynamic structured illumination, acousto-optics, RF electronics, and tomographic algorithms to circumvent several trade-offs in conventional imaging, such as the dependence of the optical transfer function on the imaging lenses and the coupling of resolution and depth of field. We use Fourier optics concepts to derive the dynamic optical transfer function, evaluate different Fourier sampling strategies, and investigate and compare tomographic algorithms for 2D and 3D image synthesis. We also develop conceptual and analytical models to describe imaging of fluorescent as well as amplitude and phase scattering objects, the effects of broadband and spatially-incoherent illumination, and nonlinear wide-field super-resolution imaging. We consider sources of noise, analyze and simulate SNR behavior for several types of noise and Fourier sampling strategies, and compare the sensitivity of the technique to conventional imaging. We describe several experimental proof-of-concept systems and present two-dimensional high-resolution tomographic image reconstructions in both scattered and fluoresced light demonstrating a thousandfold improvement in the depth of field compared to conventional lens-based microscopy. Finally, we explore approaches for high-speed Fourier sampling and propose several related sensing techniques, including wide-field fluorescence imaging in scattering media

Algebraic attacks on certain stream ciphers

To encrypt data streams of arbitrary lengths, keystream generators are used in modern cryptography which transform a secret initial value, called the key, into a long sequence of seemingly random bits. Many designs are based on linear feedback shift registers (LFSRs), which can be constructed in such a way that the output stream has optimal statistical and periodical properties and which can be efficiently implemented in hardware. Particularly prominent is a certain class of LFSR-based keystream generators, called (ι,m)-combiners or simply combiners. The maybe most famous example is the E0 keystream generator deployed in the Bluetooth standard for encryption. To evaluate the combiner’s security, cryptographers adopted an adversary model where the design and some parts of the input and output are known. An attack is a method to derive the key using the given knowledge. In the last decades, several kinds of attacks against LFSR-based keystream generators have been developed. In 2002 a new kind of attacks came up, named ”algebraic attacks”. The basic idea is to model the knowledge by a system of equation whose solution is the secret key. For several existing combiners, algebraic attacks represent the fastest theoretical attacks publicly known so far. This thesis discusses algebraic attacks against combiners. After providing the required mathematical fundament and a background on combiners, we describe algebraic attacks and explore the two main steps (generating the system of equations and computing the solution) in detail. The efficiency of algebraic attacks is closely connected to the degree of the equations. Thus, we examine the existence of low-degree equations in several situations and discuss multiple design principles to thwart their existence. Furthermore, we investigate ”fast algebraic attacks”, an extension of algebraic attacks.To encrypt data streams of arbitrary lengths, keystream generators are used in modern cryptography which transform a secret initial value, called the key, into a long sequence of seemingly random bits. Many designs are based on linear feedback shift registers (LFSRs), which can be constructed in such a way that the output stream has optimal statistical and periodical properties and which can be efficiently implemented in hardware. Particularly prominent is a certain class of LFSR-based keystream generators, called (ι,m)-combiners or simply combiners. The maybe most famous example is the E0 keystream generator deployed in the Bluetooth standard for encryption. To evaluate the combiner’s security, cryptographers adopted an adversary model where the design and some parts of the input and output are known. An attack is a method to derive the key using the given knowledge. In the last decades, several kinds of attacks against LFSR-based keystream generators have been developed. In 2002 a new kind of attacks came up, named ”algebraic attacks”. The basic idea is to model the knowledge by a system of equation whose solution is the secret key. For several existing combiners, algebraic attacks represent the fastest theoretical attacks publicly known so far. This thesis discusses algebraic attacks against combiners. After providing the required mathematical fundament and a background on combiners, we describe algebraic attacks and explore the two main steps (generating the system of equations and computing the solution) in detail. The efficiency of algebraic attacks is closely connected to the degree of the equations. Thus, we examine the existence of low-degree equations in several situations and discuss multiple design principles to thwart their existence. Furthermore, we investigate ”fast algebraic attacks”, an extension of algebraic attacks

Research Laboratory of Electronics quarterly progress report no. 84

Reports of research in general physics, plasma dynamics, and communication

On the power of message passing for learning on graph-structured data

This thesis proposes novel approaches for machine learning on irregularly structured input data such as graphs, point clouds and manifolds. Specifically, we are breaking up with the regularity restriction of conventional deep learning techniques, and propose solutions in designing, implementing and scaling up deep end-to-end representation learning on graph-structured data, known as Graph Neural Networks (GNNs). GNNs capture local graph structure and feature information by following a neural message passing scheme, in which node representations are recursively updated in a trainable and purely local fashion. In this thesis, we demonstrate the generality of message passing through a unified framework suitable for a wide range of operators and learning tasks. Specifically, we analyze the limitations and inherent weaknesses of GNNs and propose efficient solutions to overcome them, both theoretically and in practice, e.g., by conditioning messages via continuous B-spline kernels, by utilizing hierarchical message passing, or by leveraging positional encodings. In addition, we ensure that our proposed methods scale naturally to large input domains. In particular, we propose novel methods to fully eliminate the exponentially increasing dependency of nodes over layers inherent to message passing GNNs. Lastly, we introduce PyTorch Geometric, a deep learning library for implementing and working with graph-based neural network building blocks, built upon PyTorch

NBS monograph

From Introduction: "This report is the first of a series intended to provide a selective overview of research and development efforts and requirements in the somewhat overlapping fields of the computer and information sciences and technologies. The projected series of reports will attempt to outline the probable range of R & D activities in the computer and information sciences and technologies through selective reviews of the literature and to develop a reasonable consensus with respect to the opinions of workers in these and potentially related fields as to areas of continuing R & D concern for research program planning or review in these areas.