123 research outputs found

    Efficient Security Algorithm for Provisioning Constrained Internet of Things (IoT) Devices

    Get PDF
    Addressing the security concerns of constrained Internet of Things (IoT) devices, such as client- side encryption and secure provisioning remains a work in progress. IoT devices characterized by low power and processing capabilities do not exactly fit into the provisions of existing security schemes, as classical security algorithms are built on complex cryptographic functions that are too complex for constrained IoT devices. Consequently, the option for constrained IoT devices lies in either developing new security schemes or modifying existing ones as lightweight. This work presents an improved version of the Advanced Encryption Standard (AES) known as the Efficient Security Algorithm for Power-constrained IoT devices, which addressed some of the security concerns of constrained Internet of Things (IoT) devices, such as client-side encryption and secure provisioning. With cloud computing being the key enabler for the massive provisioning of IoT devices, encryption of data generated by IoT devices before onward transmission to cloud platforms of choice is being advocated via client-side encryption. However, coping with trade-offs remain a notable challenge with Lightweight algorithms, making the innovation of cheaper secu- rity schemes without compromise to security a high desirable in the secure provisioning of IoT devices. A cryptanalytic overview of the consequence of complexity reduction with mathematical justification, while using a Secure Element (ATECC608A) as a trade-off is given. The extent of constraint of a typical IoT device is investigated by comparing the Laptop/SAMG55 implemen- tations of the Efficient algorithm for constrained IoT devices. An analysis of the implementation and comparison of the Algorithm to lightweight algorithms is given. Based on experimentation results, resource constrain impacts a 657% increase in the encryption completion time on the IoT device in comparison to the laptop implementation; of the Efficient algorithm for Constrained IoT devices, which is 0.9 times cheaper than CLEFIA and 35% cheaper than the AES in terms of the encryption completion times, compared to current results in literature at 26%, and with a 93% of avalanche effect rate, well above a recommended 50% in literature. The algorithm is utilised for client-side encryption to provision the device onto AWS IoT core

    Simulating the nonlinear QED vacuum

    Get PDF

    A Battle of Memory and Image: War Tourism as Reconstruction Strategy in Sarajevo

    Get PDF
    Sarajevo, known as ‘the Jerusalem of Europe’, is one of the most attractive tourist destinations in the Balkan region. Its geo-political position, tremendous landscape and rich historical and cultural heritage including architectural portrayals of different eras turns the city into an authentic, vibrant place of living. Alongside, the 1990s’ Bosnian War left heavy traces in the urban landscape and signs of the conflict are clearly traceable in today’s Sarajevo. The city has managed to recover slowly since the war ended in 1995, but the urban fabric seems to be avoided during the implementation of post-war reconstruction applications. The study investigates the representation of war as a tourist attraction, evaluating the physical expressions of belonging in the city and how this is reflected in today’s narratives. In this scope, the main objective of this paper is to examine the process and outcomes of the post-war tourism industry in spatial, cultural, socio-political and economical manner in the case of Sarajevo. The research is based on a comparative historical urban analysis to illustrate the impact of war tourism in the city and 11 in-depth interviews to narrate the related personal and collective memories. Results show that the new post-war physical (reconstruction strategy policies) and social (citizens’ perception) layer integrated in the existing townscape emboldens the vision of war tourism.Avrupa’nın Kudüs’ü olarak bilinen Saraybosna, turistik açıdan Balkanların en çekici yerlerinden biridir. Jeopolitik konumu, görkemli peyzajı ve farklı dönemlerin mimari tasvirlerini içeren zengin tarihi ve kültürel mirası, şehri otantik ve canlı bir yaşam alanına dönüştürmektedir. Bunun yanı sıra, 1990’ların Bosna Savaşı, kentsel peyzajda derin izler bırakmıştır ve savaşın izleri günümüz kentine net bir şekilde yansımaktadır. Şehir, savaşın sona erdiği 1995’ten bu yana yavaş yavaş toparlanmayı başarmıştır, ancak savaş sonrası yeniden yapılanma sürecinde kentsel dokunun fiziksel bir olgudan daha fazlası olduğu göz ardı edilmiş gözükmektedir. Bu kapsamda, bu çalışmanın amacı, Saraybosna özelinde savaş sonrası turizm endüstrisinin süreç ve sonuçlarını mekânsal, kültürel, sosyo-politik ve ekonomik olarak incelemektir. Çalışma, savaşın bir cazibe merkezi olarak temsilini araştırarak, kentte aidiyetin fiziksel izdüşümlerini ve bunların günümüz anlatılarına nasıl yansıdığını değerlendirmektedir. Araştırma, kişisel ve kolektif algıları esas alarak karşılaştırmalı tarihsel kentsel analize dayanmaktadır ve buna ilişkin kentlilerle 11 derinlemesine görüşme yapılmıştır. Sonuçlar, mevcut kent peyzajına entegre edilmiş savaş sonrası yeni fiziksel (yeniden inşa stratejileri ve politikaları) ve sosyal (kentlilerin algısı) boyutların savaş turizmi vizyonunu desteklediğini göstermektedir

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Polynomial IOPs for Memory Consistency Checks in Zero-Knowledge Virtual Machines

    Get PDF
    Zero-Knowledge Virtual Machines (ZKVMs) have gained traction in recent years due to their potential applications in a variety of areas, particularly blockchain ecosystems. Despite tremendous progress on ZKVMs in the industry, no formal definitions or security proofs have been established in the literature. Due to this lack of formalization, existing protocols exhibit significant discrepancies in terms of problem definitions and performance metrics, making it difficult to analyze and compare these advancements, or to trust the security of the increasingly complex ZKVM implementations. In this work, we focus on random-access memory, an influential and expensive component of ZKVMs. Specifically, we investigate the state-of-the-art protocols for validating the correct functioning of memory, which we refer to as the \emph{memory consistency checks}. Isolating these checks from the rest of the system allows us to formalize their definition and security notion. Furthermore, we summarize the state-of-the-art constructions using the Polynomial IOP model and formally prove their security. Observing that the bottleneck of existing designs lies in sorting the entire memory trace, we break away from this paradigm and propose a novel memory consistency check, dubbed Permem\mathsf{Permem}. Permem\mathsf{Permem} bypasses this bottleneck by introducing a technique called the address cycle method, which requires fewer building blocks and---after instantiating the building blocks with state-of-the-art constructions---fewer online polynomial oracles and evaluation queries. In addition, we propose gcq\mathsf{gcq}, a new construction for the lookup argument---a key building block of the memory consistency check, which costs fewer online polynomial oracles than the state-of-the-art construction cq\mathsf{cq}

    Memory Checking for Parallel RAMs

    Get PDF
    When outsourcing a database to an untrusted remote server, one might want to verify the integrity of contents while accessing it. To solve this, Blum et al. [FOCS `91] propose the notion of memory checking. Memory checking allows a user to run a RAM program on a remote server, with the ability to verify integrity of the storage with small local storage. In this work, we define and initiate the formal study of memory checking for Parallel RAMs (PRAMs). The parallel RAM model is very expressive and captures many modern architectures such as multi-core architectures and cloud clusters. When multiple clients run a PRAM algorithm on a shared remote server, it is possible that there are concurrency issues that cause inconsistencies. Therefore, integrity verification is even more desirable property in this setting. Assuming only the existence of one-way functions, we construct an online memory checker (one that reports faults as soon as they occur) for PRAMs with O(logN)O(\log N) simulation overhead in both work and depth. In addition, we construct an offline memory checker (one that reports faults only after a long sequence of operations) with amortized O(1)O(1) simulation overhead in both work and depth. Our constructions match the best known simulation overhead of the memory checkers in the standard single-user RAM setting. As an application of our parallel memory checking constructions, we additionally construct the first maliciously secure oblivious parallel RAM (OPRAM) with polylogarithmic overhead

    Secure and Distributed Assessment of Privacy-Preserving Releases of GWAS

    Full text link
    Genome-wide association studies (GWAS) identify correlations between the genetic variants and an observable characteristic such as a disease. Previous works presented privacy-preserving distributed algorithms for a federation of genome data holders that spans multiple institutional and legislative domains to securely compute GWAS results. However, these algorithms have limited applicability, since they still require a centralized instance to decide whether GWAS results can be safely disclosed, which is in violation to privacy regulations, such as GDPR. In this work, we introduce GenDPR, a distributed middleware that leverages Trusted Execution Environments (TEEs) to securely determine a subset of the potential GWAS statistics that can be safely released. GenDPR achieves the same accuracy as centralized solutions, but requires transferring significantly less data because TEEs only exchange intermediary results but no genomes. Additionally, GenDPR can be configured to tolerate all-but-one honest-but-curious federation members colluding with the aim to expose genomes of correct members

    MIGRATIONS / MEDIATIONS. Promoting Transcultural Dialogue through Media, Arts and Culture

    Get PDF
    This special issue – stemmed from a three-year-research program funded by Università Cattolica that provided encounters, reaserch networks and opened perspectives and collaborations –1 starts from the assumption that migration is a historical and natural phenomenon, but its definition is political, linked to the time frame and socio-economic context, and influenced by the media, as the infrastructure that constitutes the world, in material and symbolic ways. Today, both social interaction and cultural reproduction pass through the media. Whether analog or digital, media contribute to the process of construction of reality by people, as well as to the formation of shared imaginaries and social representations. By suggesting to us what and how to think, old and new media – together with a multiplicity of institutions, subjects, sources, tools and communicative practices that coexist rather than replace each other – shape our common sense of the world2. Sometimes fueling fear of the other and legitimizing its criminalization, sometimes stimulating curiosity and empathy3 toward the other and the elsewhere
    corecore