Random Permutation Statistics and An Improved Slide-Determine Attack on KeeLoq

KeeLoq is a lightweight block cipher which is extensively used in the automotive industry. Its periodic structure, and overall simplicity makes it vulnerable to many different attacks. Only certain attacks are considered as really "practical" attacks on KeeLoq: the brute force, and several other attacks which require up to 2p16 known plaintexts and are then much faster than brute force, developed by Courtois et al., and (faster attack) by Dunkelman et al. On the other hand, due to the unusually small block size, there are yet many other attacks on KeeLoq, which require the knowledge of as much as about 2p32 known plaintexts but are much faster still. There are many scenarios in which such attacks are of practical interest, for example if a master key can be recovered, see Section 2 in [11] for a detailed discussion. The fastest of these attacks is an attack by Courtois, Bard and Wagner from that has a very low complexity of about 2p28 KeeLoq encryptions on average. In this paper we will propose an improved and refined attack which is faster both on average and in the best case. We also present an exact mathematical analysis of probabilities that arise in these attacks using the methods of modern analytic combinatorics

Revitalizing Labor In Today\u27s World Markets

[Excerpt] Competitiveness for firms is possible via the high road or low road, or some combination of the two. For a nation, however, if competitiveness means the ability of a country\u27s firms to sell on world markets while contributing to rising average incomes and living standards at home, then only the high road will do, especially for advanced industrial societies such as Germany and the United States. The tragedy of today\u27s touted American model is that it is based too much on the low road, and as a result includes growing income polarization and a deep representation gap. American workers, in spite of the long 1990s miniboom, don\u27t earn enough and don\u27t have enough voice in the workplace. The decline of the labor movement has gone hand in hand with growing economic and social polarization. Perhaps the best remedy, and certainly the one that allows workers themselves to solve these problems, is a revitalization of American unions. In today\u27s world economy, union revitalization requires both the capacity to organize and mobilize and a proactive willingness to use new strength and representation to contribute to firm and national competitiveness. German unions are strong to the extent they can do both of these, within an institutional environment that is far more supportive than that in which American unions must operate. German unions today, however, among many other problems, are being badgered by employers about the virtues of the American model, which in part means roll back the unions, to drive down labor costs and raise productivity. On their own turf, German unions have done a good job fending off the attacks. However, in the long run, their continuing influence may well depend on the strength of unions in other countries, throughout Europe and elsewhere. Especially in the United States, where a revival of the labor movement could do much to revise the American model and remove downward pressure on the German high road. The revitalization of the unions in the United States, therefore, is important not only for American workers and society, but for German unions and society as well. Economic growth and improved productivity and firm competitiveness may not require strong unions in the U.S. or Germany, but as past performance in many countries has shown, neither are strong unions incompatible with growth, productivity and competitiveness. Strong unions, we do know, raise wages, improve benefits and employment security, and offer protected representation in the workplace, all of which are all too often missing in the American workplace

Survey and Benchmark of Block Ciphers for Wireless Sensor Networks

Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far.We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications

New Slide Attacks on Almost Self-Similar Ciphers

The slide attack is a powerful cryptanalytic tool which has the unusual property that it can break iterated block ciphers with a complexity that does not depend on their number of rounds. However, it requires complete self similarity in the sense that all the rounds must be identical. While this can be the case in Feistel structures, this rarely happens in SP networks since the last round must end with an additional post-whitening subkey. In addition, in many SP networks the final round has additional asymmetries -- for example, in AES the last round omits the MixColumns operation. Such asymmetry in the last round can make it difficult to utilize most of the advanced tools which were developed for slide attacks, such as deriving from one slid pair additional slid pairs by repeatedly re-encrypting their ciphertexts. In this paper we overcome this last round problem by developing four new types of slide attacks. We demonstrate their power by applying them to many types of AES-like structures (with and without linear mixing in the last round, with known or secret S-boxes, with 1,2 and 3 periodicity in their subkeys, etc). In most of these cases, the time complexity of our attack is close to $2^{n/2}$, which is the smallest possible complexity for slide attacks. Our new slide attacks have several unique properties: The first attack uses slid sets in which each plaintext from the first set forms a slid pair with some plaintext from the second set, but without knowing the exact correspondence. The second attack makes it possible to create from several slid pairs an exponential number of new slid pairs which form a hypercube spanned by the given pairs. The third attack has the unusual property that it is always successful, and the fourth attack can use known messages instead of chosen messages, with only slightly higher time complexity

KLEIN: A New Family of Lightweight Block Ciphers

Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact

Forgery-Resistant Touch-based Authentication on Mobile Devices

Mobile devices store a diverse set of private user data and have gradually become a hub to control users' other personal Internet-of-Things devices. Access control on mobile devices is therefore highly important. The widely accepted solution is to protect access by asking for a password. However, password authentication is tedious, e.g., a user needs to input a password every time she wants to use the device. Moreover, existing biometrics such as face, fingerprint, and touch behaviors are vulnerable to forgery attacks. We propose a new touch-based biometric authentication system that is passive and secure against forgery attacks. In our touch-based authentication, a user's touch behaviors are a function of some random "secret". The user can subconsciously know the secret while touching the device's screen. However, an attacker cannot know the secret at the time of attack, which makes it challenging to perform forgery attacks even if the attacker has already obtained the user's touch behaviors. We evaluate our touch-based authentication system by collecting data from 25 subjects. Results are promising: the random secrets do not influence user experience and, for targeted forgery attacks, our system achieves 0.18 smaller Equal Error Rates (EERs) than previous touch-based authentication.Comment: Accepted for publication by ASIACCS'1

Slide Attacks on a Class of Hash Functions

Abstract. This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery attacks. In other cases, we can at least distinguish a given hash function from a random oracle. To illustrate our results, we describe attacks against the Grindahl-256 and Grindahl-512 hash functions. To the best of our knowledge, this is the first cryptanalytic result on Grindahl-512. Furthermore, we point out a slide-based distinguisher attack on a slightly modified version of RadioGatún. We finally discuss simple countermeasures as a defense against slide attacks. Key words: slide attacks, hash function, Grindahl, RadioGatún, MAC, sponge function.

Predispositions and symptoms of Agrilus borer attack in declining oak trees

International audienceThis paper presents results of a semi-quantitative study on the role of Agrilus biguttatus F. in oak decline in Belgium. Larvae of this insect breed in living subcortical tissues of European oak. Several factors favouring attacks are discussed, among which the overall health condition and the local physical and biochemical status of the host tree. Larvae, feeding galleries, pupae, imago and D-shaped emergence-holes of A. biguttatus were observed exclusively in declining and recently dead oaks. Attacks start in the south-facing, sun-exposed parts of the subcrown stem, with a preference for thicker-barked trees or similar areas within declining trees. The feeding of early larval stages induces subcortical necrosis and longitudinal bark cracking. The more destructive tunnelling of advanced larval stages cuts functional vessels and phloem elements, which enhances the decline. In conclusion, effects on wood quality and suitable control options are discussed.Prédispositions et symptômes d'attaques d'Agrilus dans des chênes dépérissants. Nous présentons les résultats d'une étude semi-quantitative portant sur le rôle du Coléoptère Agrilus biguttatus F. dans le dépérissement de chênes en Belgique. Les larves de cet insecte s'attaquent au xylème et au phloème vivants. Plusieurs facteurs favorisant les attaques sont discutés. Parmi ces facteurs, la santé générale et les états physiques et biochimiques locaux de l'arbre hôte semblent être décisifs pour permettre sa colonisation. Des larves, des galeries sous-corticales, des nymphes, des adultes et des trous d'émergence en forme de D d'A. biguttatus ont été trouvés uniquement dans des chênes dépérissants ou morts récemment. Les attaques commencent dans les parties ensoleillées de l'arbre situées en dessous de la couronne et exposées vers le sud, avec une préférence pour des arbres ou des zones de l'arbre qui sont affaiblis et qui ont une écorce épaisse. Les larves juvéniles endommagent le cambium vasculaire et provoquent ainsi une fissuration longitudinale dans l'écorce. Les galeries des stades larvaires plus avancés coupent des éléments de xylème et de phloème fonctionnels et stimulent ainsi le dépérissement. Pour conclure, les effets sur la qualité du bois et des mesures de contrôle adéquates sont discutés