Chicken or the Egg - Computational Data Attacks or Physical Attacks

Side-channel and fault injection analyses are well-known domains that have been used for years to evaluate the resistance of hardware based products. These techniques remain a threat for the secret assets embedded in products like smart cards or System On Chip. But most of these products contain nowadays several strong protections rendering side-channel and fault attacks difficult or inefficient. For two decades embedded cryptography for payment, pay tv, identity areas have relied a lot on secure elements. Nowadays more alternative solutions on mobile phones appear with the aim to offer software-based security services including payment and security solutions as the HCE and DRM products. Cryptographic operations running in such applications are then executed most often on unprotected hardware devices. Therefore the binary code is often accessible to attackers who can use static and dynamic reverse engineering techniques to extract and analyse operations including data modification as faults. Hence, hiding or obfuscating secrets and/or whitebox cryptography becomes a strong alternatives to secure element storage for assets. We explain in this paper how directly from the binary or with the extracted source code we can perform statistical and fault analyses using similar techniques as those used in hardware-based security. This concerns particularly side-channel or fault injections techniques. Using our tool and virtualization technique, an attacker can emulate and trace and modify any chosen computational data (memory or register manipulation, any machine language operation) executed in the mobile application. It means the attacker is not no longer restricted by any physical limitations imposing a leakage model (and additional noise) or making fault injection tied with physical limitations. Hence statistical and fault attacks can go potentially further in software-based implementation compared to hardware based devices. As a consequence, complex techniques like high order, collision and horizontal statistical attacks become very efficient and can be easily performed on the computational data execution traces. A similar consequence applies for fault injection attacks. Hence the word statistical and fault analysis on computational data becomes more appropriate and one can wonder who has been the first between computational data or physical attack techniques? Chicken or the Egg

Thoughts about a General Theory of Influence in a DIME/PMESII/ASCOP/IRC2 Model

The leading question of this paper is: “How would influence warfare (“iWar”) work and how can we simulate it?” The paper discusses foundational aspects of a theory and model of influence warfare by discussing a framework built along the DIME/PMESII/ASCOP dimension forming a prism with three axes. The DIME concept groups the many instruments of power a nation state can muster into four categories: Diplomacy, Information, Military and Economy. PMESII describes the operational environment in six domains: Political, Military, Economic, Social, Information and Infrastructure. ASCOPE is used in counter insurgency (COIN) environments to analyze the cultural and human environment (aka the “human terrain”) and encompasses Areas, Structures, Capabilities, Organization, People and Events. In addition, the model reflects about aspects of information collection requirements (ICR) and information capabilities requirements (ICR) - hence DIME/PMESII/ASCOP/ICR2. This model was developed from an influence wargame that was conducted in October 2018. This paper introduces basic methodical questions around model building in general and puts a special focus on building a framework for the problem space of influence/information/hybrid warfare takes its shape in. The article tries to describe mechanisms and principles in the information/influence space using cross discipline terminology (e.g. physics, chemistry and literature). On a more advanced level this article contributes to the Human, Social, Culture, Behavior (HSCB) models and community. One goal is to establish an academic, multinational and whole of government influence wargamer community. This paper introduces the idea of the perception field understood as a molecule of a story or narrative that influences an observer. This molecule can be drawn as a selection of vectors that can be built inside the DIME/PMESII/ASCOP prism. Each vector can be influenced by a shielding or shaping action. These ideas were explored in this influence wargame

Towards fostering the role of 5G networks in the field of digital health

A typical healthcare system needs further participation with patient monitoring, vital signs sensors and other medical devices. Healthcare moved from a traditional central hospital to scattered patients. Healthcare systems receive help from emerging technology innovations such as fifth generation (5G) communication infrastructure: internet of things (IoT), machine learning (ML), and artificial intelligence (AI). Healthcare providers benefit from IoT capabilities to comfort patients by using smart appliances that improve the healthcare level they receive. These IoT smart healthcare gadgets produce massive data volume. It is crucial to use very high-speed communication networks such as 5G wireless technology with the increased communication bandwidth, data transmission efficiency and reduced communication delay and latency, thus leading to strengthen the precise requirements of healthcare big data utilities. The adaptation of 5G in smart healthcare networks allows increasing number of IoT devices that supplies an augmentation in network performance. This paper reviewed distinctive aspects of internet of medical things (IoMT) and 5G architectures with their future and present sides, which can lead to improve healthcare of patients in the near future

Bio-AKA: An efficient fingerprint based two factor user authentication and key agreement scheme

The fingerprint has long been used as one of the most important biological features in the field of biometrics. It is person-specific and remain identical though out one’s lifetime. Physically uncloneable functions (PUFs) have been used in authentication protocols due to the unique physical feature of it. In this paper, we take full advantage of the inherent security features of user’s fingerprint biometrics and PUFs to design a new user authentication and key agreement scheme, namely Bio-AKA, which meets the desired security characteristics. To protect the privacy and strengthen the security of biometric data and to improve the robustness of the proposed scheme, the fuzzy extractor is employed. The scheme proposed in the paper can protect user’s anonymity without the use of password and allow mutual authentication with key agreement. The experimental results show superior robustness and the simplicity of our proposed scheme has been validated via our performance and security analysis. The scheme can be an ideal candidate for real life applications that requires remote user authentication

Cryptocurrency Constellations across the Three-Dimensional Space: Governance Decentralization, Security, and Scalability

In the post-Bitcoin era, many cryptocurrencies with a variety of goals and purposes have emerged in the digital arena. This article aims to map cryptocurrency protocols across three main defining dimensions, which are governance decentralization, security, and scalability. We theorize about the organizational and technological features that impact these three dimensions. Such features encompass roles permissiveness, validation network size, resource expenditure, and number of transactions per second. We map the different cryptocurrency constellations based on their consensus mechanisms, discussing the organizational and technological features of the various protocols applications and how they experience and play with the tradeoffs among governance decentralization, security, and scalability

Automata for infinite argumentation structures

The theory of abstract argumentation frameworks (afs) has, in the main, focused on finite structures, though there are many significant contexts where argumentation can be regarded as a process involving infinite objects. To address this limitation, in this paper we propose a novel approach for describing infinite afs using tools from formal language theory. In particular, the possibly infinite set of arguments is specified through the language recognized by a deterministic finite automaton while a suitable formalism, called attack expression, is introduced to describe the relation of attack between arguments. The proposed approach is shown to satisfy some desirable properties which cannot be achieved through other “naive” uses of formal languages. In particular, the approach is shown to be expressive enough to capture (besides any arbitrary finite structure) a large variety of infinite afs including two major examples from previous literature and two sample cases from the domains of multi-agent negotiation and ambient intelligence. On the computational side, we show that several decision and construction problems which are known to be polynomial time solvable in finite afs are decidable in the context of the proposed formalism and we provide the relevant algorithms. Moreover we obtain additional results concerning the case of finitaryafs

The Ecology and Evolution of Ant- Aphid Interactions

The evolution of species interactions is a fascinating subject, and one of vital importance if we are to understand how biological communities change over time. This thesis considers the interaction between aphids (Homoptera) and ants (Formicidae). Ants tend aphids for sugary honeydew and in return provide a variety of protective services. A literature review in Chapter 1 introduces the subject and provides background information. Chapter 2 considers ant- aphid interactions in a community setting. Specifically, I consider the fitness effects of the ant- aphid interaction on host plants. Net benefits or costs to plants depend on the densities of ants and aphids; these densities may themselves change depending on context dependent factors. Chapters 3 and 4 consider how semiochemicals can allow species to respectively maintain or avoid synchrony in space and time with mutualists or antagonists. Chapter 3 shows ladybirds avoid prey patches guarded by ants by reducing oviposition in response to ant semiochemicals. Chapter 4 shows that aphid walking dispersal can be limited by ant semiochemicals. This may be adaptive for aphids to remain in areas of enemy- free space. Alternatively, if levels of kin competition are high limited dispersal could be costly to aphids. In Chapter 5 I consider interactions between invasive and native ants. Ecological dominance in ants may be mediated by the ability to monopolise honeydew- producing resources. Chapter 6 explores ants’ decisions whether to tend or prey upon aphids. Predation of aphids depends on colony demand (e.g. through cues from the presence of larvae) as well as the quality or quantity of supply (e.g. increased predation of unproductive aphids). Finally, Chapter 7 deals with macroevolutionary patterns in the interaction between ants and aphids. Specifically, I identify ecological traits that characterise aphid- tending ants. A final discussion chapter summarises how ant-aphid interactions fit into existing mutualism theory