Some Words on Cryptanalysis of Stream Ciphers

In the world of cryptography, stream ciphers are known as primitives used to ensure privacy over a communication channel. One common way to build a stream cipher is to use a keystream generator to produce a pseudo-random sequence of symbols. In such algorithms, the ciphertext is the sum of the keystream and the plaintext, resembling the one-time pad principal. Although the idea behind stream ciphers is simple, serious investigation of these primitives has started only in the late 20th century. Therefore, cryptanalysis and design of stream ciphers are important. In recent years, many designs of stream ciphers have been proposed in an effort to find a proper candidate to be chosen as a world standard for data encryption. That potential candidate should be proven good by time and by the results of cryptanalysis. Different methods of analysis, in fact, explain how a stream cipher should be constructed. Thus, techniques for cryptanalysis are also important. This thesis starts with an overview of cryptography in general, and introduces the reader to modern cryptography. Later, we focus on basic principles of design and analysis of stream ciphers. Since statistical methods are the most important cryptanalysis techniques, they will be described in detail. The practice of statistical methods reveals several bottlenecks when implementing various analysis algorithms. For example, a common property of a cipher to produce n-bit words instead of just bits makes it more natural to perform a multidimensional analysis of such a design. However, in practice, one often has to truncate the words simply because the tools needed for analysis are missing. We propose a set of algorithms and data structures for multidimensional cryptanalysis when distributions over a large probability space have to be constructed. This thesis also includes results of cryptanalysis for various cryptographic primitives, such as A5/1, Grain, SNOW 2.0, Scream, Dragon, VMPC, RC4, and RC4A. Most of these results were achieved with the help of intensive use of the proposed tools for cryptanalysis

Some Results on Distinguishing Attacks on Stream Ciphers

Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of different attack models. The first new attack given is a linear correlation attack in the form of a distinguishing attack. In this attack a specific class of weak feedback polynomials for LFSRs is identified. If the feedback polynomial is of a particular form the attack will be efficient. Two new distinguishing attacks are given on classical stream cipher constructions, namely the filter generator and the irregularly clocked filter generator. It is also demonstrated how these attacks can be applied to modern constructions. A key recovery attack is described for LILI-128 and a distinguishing attack for LILI-II is given. The European network of excellence, called eSTREAM, is an effort to find new efficient and secure stream ciphers. We analyze a number of the eSTREAM candidates. Firstly, distinguishing attacks are described for the candidate Dragon and a family of candidates called Pomaranch. Secondly, we describe resynchronization attacks on eSTREAM candidates. A general square root resynchronization attack which can be used to recover parts of a message is given. The attack is demonstrated on the candidates LEX and Pomaranch. A chosen IV distinguishing attack is then presented which can be used to evaluate the initialization procedure of stream ciphers. The technique is demonstrated on four candidates: Grain, Trivium, Decim and LEX

Multidimensional linear cryptanalysis

Linear cryptanalysis is an important tool for studying the security of symmetric ciphers. In 1993 Matsui proposed two algorithms, called Algorithm 1 and Algorithm 2, for recovering information about the secret key of a block cipher. The algorithms exploit a biased probabilistic relation between the input and output of the cipher. This relation is called the (one-dimensional) linear approximation of the cipher. Mathematically, the problem of key recovery is a binary hypothesis testing problem that can be solved with appropriate statistical tools. The same mathematical tools can be used for realising a distinguishing attack against a stream cipher. The distinguisher outputs whether the given sequence of keystream bits is derived from a cipher or a random source. Sometimes, it is even possible to recover a part of the initial state of the LFSR used in a key stream generator. Several authors considered using many one-dimensional linear approximations simultaneously in a key recovery attack and various solutions have been proposed. In this thesis a unified methodology for using multiple linear approximations in distinguishing and key recovery attacks is presented. This methodology, which we call multidimensional linear cryptanalysis, allows removing unnecessary and restrictive assumptions. We model the key recovery problems mathematically as hypothesis testing problems and show how to use standard statistical tools for solving them. We also show how the data complexity of linear cryptanalysis on stream ciphers and block ciphers can be reduced by using multiple approximations. We use well-known mathematical theory for comparing different statistical methods for solving the key recovery problems. We also test the theory in practice with reduced round Serpent. Based on our results, we give recommendations on how multidimensional linear cryptanalysis should be used

Energy monitoring as a practice: Investigating use of the iMeasure online energy feedback tool

Energy feedback is a prominent feature of policy initiatives aimed at reducing domestic energy consumption. However little research has been conducted on the phenomenon of energy monitoring itself, with most studies looking at whether, and how, feedback impacts on energy conservation. This paper aims to address that gap from a practice theory perspective. In particular we: set out the difference between energy feedback and energy monitoring; define the practice of energy monitoring; and investigate the rationale and qualitative experiences of those performing energy monitoring. An online energy feedback tool (‘iMeasure’) was the basis of the case study. A netnographic analysis of online discussion about the tool informed complementary in-depth interviews with ten current/former iMeasure users. We found energy monitoring to be a distinct practice that focuses on measuring and identifying energy use trends and requires specific know-how to perform. However, its connections to other household practices were weak and, for those who did perform monitoring, there was no guarantee that this practice would reorganise other practices to induce household energy saving. In fact, monitoring often followed decisions to make energy-related changes, rather than prompting them. We conclude that policy expectations need to be reframed in terms of how energy monitoring tools are used

From Dragondoom to Dragonstar: Side-channel Attacks and Formally Verified Implementation of WPA3 Dragonfly Handshake

It is universally acknowledged that Wi-Fi communications are important to secure. Thus, the Wi-Fi Alliance published WPA3 in 2018 with a distinctive security feature: it leverages a Password-Authenticated Key Exchange (PAKE) protocol to protect users' passwords from offline dictionary attacks. Unfortunately, soon after its release, several attacks were reported against its implementations, in response to which the protocol was updated in a best-effort manner. In this paper, we show that the proposed mitigations are not enough, especially for a complex protocol to implement even for savvy developers. Indeed, we present **Dragondoom**, a collection of side-channel vulnerabilities of varying strength allowing attackers to recover users' passwords in widely deployed Wi-Fi daemons, such as hostap in its default settings. Our findings target both password conversion methods, namely the default probabilistic hunting-and-pecking and its newly standardized deterministic alternative based on SSWU. We successfully exploit our leakage in practice through microarchitectural mechanisms, and overcome the limited spatial resolution of Flush+Reload. Our attacks outperform previous works in terms of required measurements. Then, driven by the need to end the spiral of patch-and-hack in Dragonfly implementations, we propose **Dragonstar**, an implementation of Dragonfly leveraging a formally verified implementation of the underlying mathematical operations, thereby removing all the related leakage vector. Our implementation relies on HACL*, a formally verified crypto library guaranteeing secret-independence. We design Dragonstar, so that its integration within hostap requires minimal modifications to the existing project. Our experiments show that the performance of HACL*-based hostap is comparable to OpenSSL-based, implying that Dragonstar is both efficient and proved to be leakage-free.Comment: Accepted at 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P

Fast Correlation Attacks over Extension Fields, Large-unit Linear Approximation and Cryptanalysis of SNOW 2.0

Several improvements of fast correlation attacks have been proposed during the past two decades, with a regrettable lack of a better generalization and adaptation to the concrete involved primitives, especially to those modern stream ciphers based on word-based LFSRs. In this paper, we develop some necessary cryptanalytic tools to bridge this gap. First, a formal framework for fast correlation attacks over extension fields is constructed, under which the theoretical predictions of the computational complexities for both the offline and online/decoding phase can be reliably derived. Our decoding algorithm makes use of Fast Walsh Transform (FWT) to get a better performance. Second, an efficient algorithm to compute the large-unit distribution of a broad class of functions is proposed, which allows to find better linear approximations than the bitwise ones with low complexity in symmetric-key primitives. Last, we apply our methods to SNOW 2.0, an ISO/IEC 18033-4 standard stream cipher, which results in the significantly reduced complexities all below 2^164.15. This attack is more than 2^49 times better than the best published result at Asiacrypt 2008. Our results have been verified by experiments on a small-scale version of SNOW 2.0

Exosomes And Their Role In Asbestos Exposure And Mesothelioma

Malignant mesothelioma (MM) is a locally invasive and highly aggressive cancer arising on the mesothelial surface of organ cavities (mainly pleural) as a direct result of asbestos exposure. The latency period of MM is long (20-50yrs) after initial asbestos exposure, and the prognostic outcomes are dismal with median life expectancy of 6-12 months post-diagnosis. There are no useful biomarkers for early MM diagnosis, no successful therapeutic interventions. These vast voids of knowledge led to our hypotheses that secreted vesicles, termed exosomes, play an important role in MM development and tumorigenic properties. Exosomes are nano-sized particles secreted from all cell types and carry biologically active cargo in the form of proteins, RNA, and lipids that can potently act as intercellular messengers in both healthy settings and disease states. We are the first to have conducted studies implicating the roles of exosomes in MM pathogenesis. Firstly, we analyzed the proteomic signature of exosomes from asbestos exposure models, in vitro and in vivo. Our in vitro data demonstrated that asbestos exposed lung epithelial cells and macrophages secrete exosomes with differentially abundant proteins compared to non-exposed controls and some of these proteins are relevant to asbestos exposure toxicology and MM development. Additionally, the exosomes from asbestos exposed cells significantly modulated the gene expression of target mesothelial cells in a way that reflected epithelial to mesenchymal transition and other tumorigenic properties. The in vivo mouse studies illustrated that mouse serum exosomes house differentially abundant proteins after asbestos exposure and this is measurable at an organism wide scale. Secondly, we assayed the miRNA composition of MM tumor exosomes compared to healthy mesothelial cell exosomes and found signature differences in miRNA abundances, particularly that MM tumor cells had significantly higher amounts of tumor suppressor miRNA, particularly miR-16-5p, in their exosomes. This led to the hypothesis that MM tumor cells preferentially secrete tumor suppressor miRNAs via exosomes to rid themselves of the anti-tumor effects. We employed exosomes secretion inhibitors and exosome force-feeding to demonstrate that MM cells do in fact secrete miR-16-5p (along with other tumor suppressor miRNAs) through exosomes and that this property can be targeted as a potentially novel therapeutic advance. Furthermore, we identified a mechanism of miR-16-5p loading into exosomes by the RNA binding protein HuR, and this mechanism is interestingly regulated by miR-16-5p itself in a negative feedback loop. Our studies thus far provide intriguing evidence on the role of exosomes in asbestos exposure and MM biology. We demonstrated the potential for exosomes as protein biomarkers in asbestos exposure and conduits of tumorigenic information to mesothelial cells. In addition, we incriminate exosomes as vehicles of tumor suppressor removal from MM tumor cells and we can target this as a potential n MM therapy

Psychological Effects of Training in Martial Arts After Interpersonal Trauma

Individuals who experience a traumatic event may have an adverse emotional reaction that negatively impacts their quality of life. The purpose of this qualitative phenomenological study was to explore the influence of training in the martial arts as an intervention in the treatment of interpersonal trauma. The biopsychosocial model provided the framework for the study. The research questions addressed the effects of training in the martial arts and the biological, psychological, and social functioning of individuals who had sustained a form of interpersonal trauma. Data were collected from semistructured interviews with 9 participants. Data were analyzed using Moustakas\u27s modified van Kamm method. Findings indicated that martial arts training was transformative and positive for participants. Benefits included mentorship, a sense of achievement, increased confidence, better parenting, and recovery from substance abuse. Findings may be used to promote martial arts training as a treatment intervention for people who have experienced interpersonal trauma

Gender Representation In American Made English Language Learning Textbooks: A Multi-Modal Study

Using Critical Discourse Analysis and computational linguistics in the present study, I investigated the discursive representations of gender in two series of English Language Development textbooks in the largest markets in the USA Texas and California. In addition, I examined the pictorial gender representations within images of these two series adhering to Critical Image Analysis. I also engaged in previously unnavigated realms of learning material study by examining the linguistic and pictorial gendering of non-human characters as well as examining types and tokens of gendered language. I also investigated the roles genre played in gendered messaging in both series. Finally, I investigated how diversity, design, and access give power to some and not to others in these two series, employing Janks Interdependent Theory of Critical Literacy as my framework. The results indicate that while overt sexism has been removed from current US texts, more subtle forms of bias exist linguistically and pictorially that place males in positions of supremacy and suppress the accomplishments of females. These texts promote traditional gender and family roles while overrepresenting males and underrepresenting females when compared to US Census Data. Stories place males in adventurous, aggressive, and competitive environments that are not open to female agents. Female agents are most often seen at home or going home and appear confident within domestic spheres. Females are materialist while males are pragmatic. Through an investigation of non-humans, I found that females are small, underestimated, and unintelligent while males are big, cunning, and drawn as the norm. Female non-humans often are othered pictorially through adornment, facial features, and coloring.In addition, these texts lack genuine diversity or design, giving power and supremacy to white males while suppressing the voices of females. The texts do present multiple hybrid identities which allow males and females to access several varieties of discourse. Implications at the school, institutional, and societal level are discussed, and recommendations for challenging gender bias in teacher training and classroom discourse are given as well as a discussion of future research

Personal excavation: multiplicity and museological display

Modern and contemporary artists have employed and co-opted the technologies of industrial mass production to create and distribute works of art in forms variously termed as multiples, printed matter or mail art. This strategy was pre-eminent in the 1960s and early 1970s when there was a widespread interest among artists in creating prints and books as works of art, and it was most central to the art group known as Fluxus, in Conceptual art and in the mail art movement. The multiple has re-emerged in recent contemporary art and it is an important strand in my practice. However, my works are not only informed by the methods of industrial mass-production, but also by the practices of the hand-made. It is one of my prime principles to engage with the theme of multiplicity and to use multiply produced forms. The potentialities by assembled or collaged image provides a very remarkable point from which to approach contemporary aesthetic debates within postmodernism and to launch any searching examination of the formative currents in post-modern art. While contemporary art has challenged the rigid boundaries between form and content, the role of ‘the museological display’ remains crucial to the understanding of complex and uncanny elements in contemporary art practices. In my opinion, the condition of being on display is, therefore, fundamental to the construction of the category of ‘Art’ in the western world. An interrogation of the museum artefact has been one of my longstanding projects since 1992. In my work, I have struggled to explore aspects of visual potentiality through five years’ research in London. In summery, my research is approached in the following ways: First, I engaged with notion of ‘pseudo-archaism’ approached through my knowledge of ancient Korean artefacts and culture and use this as a way of re-questioning the western museum artefact. In my view, western museum practices employ a mode of archaeological methodology that can be understood as a form of personal excavation. Thus exploiting my position as a Korean national moved to London, my work engages with issues linked to the hybrid and cultural displacement and tied to the process of migration. Second, I analyse the nature of the artists’ inherent collecting impulse both through my personal collecting and by reference to the collecting practices of other contemporary artists. Consequently, my research carries me into the areas of psychoanalysis and sociology. Third, I analyse the appropriateness of the museological display as medium. In my investigation, I propose that the museum artefact when displayed in multiple forms can be approached by the use of an Eastern-informed meditative conception and quasi-scientific archaeological method. Lastly, I try to conceptualise my use of found materials. Throughout my research, I try to evaluate and conceptualise crucial elements of my practice such as ambiguity, authenticity, repetition, and consistency. The methodology that informs my practice is tied to researching the museum artefact in relation to my cultural identity. In this way, I have considered questions of personal identity and taxonomical methodology, and have approached identity as both ambiguous when in the process of migration and simultaneously linked to my experience of cultural displacement. 6 These are crucial parameters within which to find and develop my own visual language. As my work has progressed, I have had to establish the principles that inform my project as a sort of archaeological process: namely, one involving collecting, classification and display. At the same time, I am always aware of the hand-made aspects of artefacts. This is because I am instinctively interested in both their physical presence, and their symbolic aspect, which generates psychoanalytical associations, especially ideas of repetition and multiplicity. It is in my research into materials, particularly bones and stones, that my acts of personal collecting can be seen as a form of personal discovery and excavation. Throughout my work, I always keep in my mind the sense that subjectivity has to be objective and objectivity has to be subjective. In Chapter 1, I debate the view that instinctive collecting impulses in artists in relation to the assemblages of various found materials might be understood in terms of ‘hunting’ and the notion of art objects as ‘hunting objects’. My position exploits the repetitive nature of personal collecting as a form of personal excavation, which is associated in my own imagination, in terms of hunted objects. My works have also been careful to develop the innate possibilities and potentialities of the materials themselves. Thus, I try to link the collecting principles and motivations of both western and eastern museum artefact. In my research, I regard my experiences in London as an important source to consider hybrid and cultural displacement in post-modernity. In my examination of the dialogue between the artist and archaeology, I link my interest in pseudo-archaism to the concept of spontaneous response taken from Korean aesthetics