Fault Attack on ACORN v3

Fault attack is one of the most efficient side channel attacks and has attracted much attention in recent public cryptographic literatures. In this work we introduce a fault attack on the authenticated cipher ACORN v3. Our attack is done under the assumption that a fault is injected into an initial state of ACORN v3 randomly, and contains two main steps: fault locating and equation solving. At the first step, we introduce concepts of unique set and non-unique set, where differential strings belonging to unique sets can determine the fault location uniquely. For strings belonging to non-unique sets, we use some strategies to increase the probability of determining the fault location uniquely to almost 1. At the second step, we demonstrate several ways of retrieving equations, and then obtain the initial state by solving equations with the guess-and-determine method. With $n$ fault experiments, we can recover the initial state with time complexity $c \cdot2^{146.5-3.52\cdot n}$, where $c$ is the time complexity of solving linear equations and $26<n<43$. We also apply the attack to ACORN v2, which shows that, comparing with ACORN v2, the tweaked version ACORN v3 is more vulnerable against the fault attack

Comparing verbal media for alarm handling: Speech versus textual displays

The rise of computers in command and control domains has meant that control operations can be performed via desk-based visual display terminals. This trend has also produced the potential to display information to operators in a variety of formats. Of particular interest has been the use of text-based displays for alarm presentation. There are possible limitations to the use of text for alarm presentation, not least of which is the need for a dedicated alarms display screen (or, at least, a display page). Given the capability of computers to synthesize speech, it is possible that speech-based alarms could generate the same information as text-based displays without the need for dedicated screen space. In this paper an experimental comparison of speech-based and text-based displays for presentation of alarms is reported. The findings show that speech leads to longer response times than text displays, but that it has minimal effect on the efficacy of fault handling. The results are discussed within the alarm initiated activities framework and implications for alarm system design are outlined

A criteria-driven approach to the CO2 storage site selection of East Mey for the acorn project in the North Sea

Carbon Capture and Storage (CCS) is an essential tool in the fight against climate change. Any prospective storage site must meet various criteria that ensure the effectiveness, safety and economic viability of the storage operations. Finding the most suitable site for the storage of the captured CO2 is an essential part of the CCS chain of activity. This work addresses the site selection of a second site for the Acorn CCS project, a project designed to develop a scalable, full-chain CCS project in the North Sea (offshore northeast Scotland). This secondary site has been designed to serve as a backup and upscaling option for the Acorn Site, and has to satisfy pivotal project requirements such as low cost and high storage potential. The methodology followed included the filtering of 113 input sites from the UK CO2Stored database, according to general and project-specific criteria in a multi-staged approach. This criteria-driven workflow allowed for an early filtering out of the less suitable sites, followed by a more comprehensive comparison and ranking of the 15 most suitable sites. A due diligence assessment was conducted of the top six shortlisted sites to produce detailed assessment of their storage properties and suitability, including new geological interpretation and capacity calculations for each site. With the new knowledge generated during this process, a critical comparison of the sites led to selection of East Mey as the most suitable site, due to its outstanding storage characteristics and long-lasting hydrocarbon-production history, that ensure excellent data availability to risk-assess storage structures. A workshop session was held to present methods and results to independent stakeholders; feedback informed the final selection criteria. This paper provides an example of a criteria-driven approach to site selection that can be applied elsewhere.Project ACT-Acorn is gratefully thanked for funding this study. ACT Acorn, project 271500, received funding from BEIS (UK), RCN (Norway) and RVO (Netherland), and was co-funded by the European Commission under the ERA-Net instrument of the Horizon 2020 programme. ACT Grant number 691712. J. Alcalde is funded by MICINN (Juan de la Cierva fellowship - IJC2018-036074-I). S. Ghanbari is currently supported by the Energi Simulation. Energi Simulation is also thanked for funding the chair in reactive transport simulation held by E. Mackay.Peer reviewe

Differential Fault Attack on Grain v1, ACORN v3 and Lizard

Differential Fault Attack (DFA) is presently a very well known technique to evaluate security of a stream cipher. This considers that the stream cipher can be weakened by injection of the fault. In this paper we study DFA on three ciphers, namely Grain v1, Lizard and ACORN v3. We show that Grain v1 (an eStream cipher) can be attacked with injection of only 5 faults instead of 10 that has been reported in 2012. For the first time, we have mounted the fault attack on Lizard, a very recent design and show that one requires only 5 faults to obtain the state. ACORN v3 is a third round candidate of CAESAR and there is only one hard fault attack on an earlier version of this cipher. However, the `hard fault\u27 model requires a lot more assumption than the generic DFA. In this paper, we mount a DFA on ACORN v3 that requires 9 faults to obtain the state. In case of Grain v1 and ACORN v3, we can obtain the secret key once the state is known. However, that is not immediate in case of Lizard. While we have used the basic framework of DFA that appears in literature quite frequently, specific tweaks have to be explored to mount the actual attacks that were not used earlier. To the best of our knowledge, these are the best known DFA on these three ciphers

Inapplicability of Differential Fault Attacks against Cellular Automata based Lightweight Authenticated Cipher

Authenticated encryption (AE) schemes are a necessity to secure the physical devices connected to the Internet. Two AE schemes, TinyJambu and Elephant, are finalists of NIST lightweight cryptography competition. Another AE scheme, ACORN v3, a CAESAR competition finalist, has been shown to be particularly vulnerable against Differential Fault Attack (DFA), even more than its previous version ACORN v2. TinyJambu is also susceptible to DFA. An optimized interpolation attack has been proposed against one instance of Elephant, Delirium, recently. We propose methods to strengthen these schemes using the Cellular Automata (CA) and increase their resistance to these attacks. The Programmable Cellular Automata (PCA) 90-150 is effectively deployed to make these ciphers robust against DFA. We also provide mathematical analysis of the invigorated schemes and show that significant improvement is achieved in all the three enhanced schemes

Fault Attack on the Authenticated Cipher ACORN v2

Fault attack is an efficient cryptanalysis method against cipher implementations and has attracted a lot of attention in recent public cryptographic literatures. In this work we introduce a fault attack on the CAESAR candidate ACORN v2. Our attack is done under the assumption of random fault injection into an initial state of ACORN v2 and contains two main steps: fault locating and equation solving. At the first step, we first present a fundamental fault locating method, which uses 99-bit output keystream to determine the fault injected location with probability 97.08%. And then several improvements are provided, which can further increase the probability of fault locating to almost 1. As for the system of equations retrieved at the first step, we give two solving methods at the second step, that is, linearization and guess-and-determine. The time complexity of our attack is not larger than c·2179.19-1.76N at worst, where N is the number of fault injections such that 31≤N≤88 and c is the time complexity of solving linear equations. Our attack provides some insights into the diffusion ability of such compact stream ciphers

CPA expert 2000 fall/winter 2001

https://egrove.olemiss.edu/aicpa_news/1042/thumbnail.jp

Getting to Outcomes: A User's Guide to a Revised Indicators Framework for Education Organizing

Research for Action (RFA) has been among those engaged in education organizing research and has drawn on its previous efforts–as well as the knowledge built by community organizing groups and other researchers–to create this User's Guide. The Indicators Framework can serve as a tool to help education organizing groups engage in self-reflection and evaluation of their efforts. Communities for Public Education Reform (CPER) commissioned RFA to update its theory of change, developed in partnership with CPER in 2002. The theory of change explains how education organizing works to strengthen communities and improve schools. Accompanying this theory of change was a set of indicators that could be used to assess the outcomes of the organizing process. This updated Indicators Framework reflects the adaptations education organizing groups are making in response to the new education realities, and to over a decade of experience working to change schools in low-income neighborhoods