Comparison of cube attacks over different vector spaces

We generalise the cube attack of Dinur and Shamir (and the similar AIDA attack of Vielhaber) to a more general higher order differentiation attack, by summing over an arbitrary subspace of the space of initialisation vectors. The Moebius transform can be used for efficiently examining all the subspaces of a big space, similar to the method used by Fouque and Vannet for the usual cube attack. Secondly we propose replacing the Generalised Linearity Test proposed by Dinur and Shamir with a test based on higher order differentiation/Moebius transform. We show that the proposed test provides all the information provided by the Generalised Linearity Test, at the same computational cost. In addition, for functions that do not pass the linearity test it also provides, at no extra cost, an estimate of the degree of the function. This is useful for guiding the heuristics for the cube/AIDA attacks

Demilitarization regimes in contemporary international law: the Greek case and beyond

Εκ πρώτης όψεως, φαντάζει σχεδόν ως παραδοξότητα το γεγονός ότι το ακριβές περιεχόμενο του νομικού όρου της αποστρατικοποίησης, δεν έχει αποκρυσταλλωθεί στη νομική θεωρία, παρότι τυγχάνει αντικείμενο εκτεταμένης επισκόπησης για πάνω από έναν αιώνα. Η νομική διαμάχη ως προς το ζήτημα της αποστρατικοποίησης των νησιών του Αιγαίου, με άλλα λόγια η "Ελληνική περίπτωση", συνιστά το ιδανικό παράδειγμα για να διασαφηνίσει την εν θέματι έννοια και να αναδείξει τη θέση της, στο πλαίσιο του σύγχρονου Δημοσίου Διεθνούς Δικαίου. Η διαμάχη επιπλέον, είναι απολύτως επίκαιρη, καθότι το ζήτημα εγείρεται από την Τουρκία σε διαρκή βάση. Η παρούσα εργασία, πέραν την Ελληνικής περίπτωσης, καταπιάνεται επίσης με καθεστώτα αποστρατικοποίησης, έξω από το πλαίσιο της κρατικής κυριαρχίας, επιχειρώντας να αναδείξει τις νομικές ιδιαιτερότητες αυτών. Ειδικότερα, θα αναλυθούν τα καθεστώτα αποστρατικοποίησης, τα οποία έχουν εφαρμοστεί στην Ανταρκτική, στο διάστημα και στο βυθό της θάλασσας. Η εργασία, σκοπεί στην προσέγγιση της έννοιας της αποστρατικοποίησης υπό νομικούς όρους και στην επισήμανση κάποιων όψεων λιγότερο προβεβλημάνων από τη νομική βιβλιογραφία. Προκειμένου το αποτέλεσμα να καταστεί πλήρες και δογματικά ακριβές, το πρώτο κεφάλαιο αποτυπώνει την ιστορική εξέλιξη της έννοιας και τις διάφορες μορφές τις οποίες προσέλαβε η αποστρατικοποίηση ανά τους αιώνες. Ακολούθως, το δεύτερο κεφάλαιο καταπιάνεται με τα καθεστώτα αποστρατικοποίησης, τα οποία εκφεύγουν της σφαίρας της κρατικής κυριαρχίας (Ανταρκτική, διάστημα, βυθός θάλασσας). Το τρίτο κεφάλαιο, το οποίο συνιστά και τον πυρήνα της εργασίας, καταπιάνεται με το νομικό πλαίσιο, το οποίο διέπει τη διαμάχη ως προς την αποστρατικοποίηση των νησιών του Αιγαίου. Εντός αυτού, εκτίθεται το σύνολο της αναπτυχθείσας επιχειρηματολογίας, τόσο της Ελλάδας όσο και της Τουρκίας, ως προς τις τρεις ζώνες αποστρατικοποίησης του Αιγαίου: Nησιά των Στενών (Λήμνος και Σαμοθράκη), νησιά του Κεντρικού Αιγαίου (Λέσβος, Χίος, Σάμος και Ικαρία), Δωδεκάνησα. Τέλος, το τέταρτο κεφάλαιο περικλείει τα σχετικά συμπεράσματα της συγκριτικής ανάλυσης των επιχειρημάτων των δύο κρατών.At first glance, it seems almost paradoxical that the exact content of demilitarization, has not been crystalized yet by international law theory, despite the fact that the notion, has concerned heavily the legal literature, for more than a century. The dispute regarding the Aegean islands’ demilitarization, i.e. the Greek case, constitutes the perfect example, in order to shed some light to this obscure term and examine its relevance and validity in the context of contemporary international law. The inquiry is also extremely relevant, as Turkey raises the matter of Aegean’s demilitarization on a constant basis. The present work, also discusses the status of some extraterritorial demilitarization regimes, exposing their legal nature and peculiarities. Each and every approach to these regimes, is always critical, since it reflects the heavy interest of the international community as a whole, to the status and the resilience of the common heritage of humankind. This paper purports to approach the notion of demilitarization, mostly under legal terms and elaborate on some facets that are not so obvious and are infrequently exposed by literature. In order for the result to be doctrinally coherent, it is deemed necessary to dedicate the first Chapter to the historic evolution of the term, so as to clarify all the different formats that the notion has acquired throughout history and categorize them appropriately. Subsequently, the second Chapter will address in detail three pioneering demilitarization regimes pertaining some extraterritorial spheres, namely Antarctica, Outer Space and Seabed. The third Chapter, constitutes the core of the dissertation and within it, it is being analyzed the exact legal framework that governs the demilitarization of the Aegean islands. In this part, it is also displayed the aggregate of both Greek and Turkish argumentation, on the three distinct demilitarization zones of the Aegean, i.e. the islands of the Straits (Lemnos and Samothrace), the Central Aegean islands (Lesvos, Chios, Samos, Ikaria) and the Dodecanese Islands. Lastly, the fourth chapter contains the conclusions of this comparative exam

Implementation of DEMOS Voting

Η εργασία αυτή ασχολείται τις προκλήσεις στην υλοποίηση των συστημάτων ηλεκτρονικής ψηφοφορίας. Στο πρώτο μέρος αναλύονται οι προδιαγραφές με τις οποίες τα συστήματα ψηφοφορίας (είτε παραδοσιακά, είτε ηλεκτρονικά) οφείλουν να συμμορφώνονται. Έμφαση δίνεται στις λεπτομέρειες υλοποίησης των συστημάτων ηλεκτρονικής ψηφοφορίας και στο πως αυτά συγκρίνονται με τα συστήματα που βασίζονται σε έντυπα. Στο δεύτερο μέρος περιγράφεται ένα νέο σύστημα ηλεκτρονικής ψηφοφορίας που υλοποιήθηκε στα πλαίσια αυτής της εργασίας. Στόχος αυτού του συστήματος είναι να ικανοποιήσει τις παραπάνω απαιτήσεις.This work deals with the implementation challenges of electronic voting systems. The first part analyzes the standards that an ideal voting system (either traditional or electronic) should comply with. Focus is put on the implementation details of electronic voting systems and how they compare to paper-based ones. The second part describes a new electronic voting system that was implemented as part of this work. The goal of this system is to fulfill the above requirements

Ausgewählte Chancen und Herausforderungen der digitalen Transformation für die Produktentwicklung und Unternehmensorganisation im Finanzdienstleistungssektor

Vor dem Hintergrund der digitalen Transformation sind Finanzdienstleistungsunternehmen auf unterschiedlichen Ebenen zahlreichen Chancen sowie Herausforderungen ausgesetzt. Während der Einsatz neuer Technologien die Optimierung bestehender Geschäftsprozesse sowie das Angebot digitalisierter Finanzdienstleistungen ermöglicht, geht dies zugleich mit veränderten Arbeitsbedingungen innerhalb der Unternehmensorganisation einher. Darüber hinaus sind Finanzdienstleister dazu angehalten die sich ändernden Kundenerwartungen bei den bisherigen Geschäftsaktivitäten sowie bei der Produktentwicklung zu berücksichtigen. Das Ziel der vorliegenden kumulativen Dissertation ist es, bestehende Forschungsdesiderate hinsichtlich der Auswirkungen der digitalen Transformation auf den Finanzdienstleistungssektor, differenziert nach der Kunden- und Produktperspektive sowie der internen Unternehmensperspektive, vertiefend zu analysieren. Das Technology-Organization-Environment (TOE)-Framework von DePietro et al. (1990) wird dabei als theoretischer Rahmen zur Einordnung und Strukturierung der Forschungsmodule verwendet. Die Ergebnisse der acht Module zeigen, dass die Kundenbedürfnisse und –erwartungen im Finanzdienstleistungssektor verstärkt von der digitalen Transformation beeinflusst werden. Dies zeigt sich in der Beratungstätigkeit bspw. durch das Angebot neuer Kundenkanäle sowie der aus dem steigenden Wettbewerbsdruck resultierenden erhöhten Preistransparenz. Im Rahmen der Produktentwicklung sind zudem u. a. ESG-Risiken und Silent Cyber-Risiken zu beachten. Aus der Analyse der Auswirkungen der digitalen Transformation auf die Unternehmensorganisation geht hervor, dass über den Einsatz digitaler Innovationen innerhalb des Backoffice die Realisation von Effizienzgewinnen sowie das Entgegenwirken eines Personalmangels möglich ist. Darüber hinaus wird in den Modulen der Einfluss des Faktors Mensch auf die Cyber-Sicherheit hervorgehoben. Während dieser einerseits als „schwächstes Glied“ und potenzielles Angriffsziel im Sicherheitskonstrukt der Unternehmen dargestellt wird, ist andererseits das Potenzial der Beschäftigten zur Frühwarnung zu berücksichtigen

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Security Testing: A Survey

Identifying vulnerabilities and ensuring security functionality by security testing is a widely applied measure to evaluate and improve the security of software. Due to the openness of modern software-based systems, applying appropriate security testing techniques is of growing importance and essential to perform effective and efficient security testing. Therefore, an overview of actual security testing techniques is of high value both for researchers to evaluate and refine the techniques and for practitioners to apply and disseminate them. This chapter fulfills this need and provides an overview of recent security testing techniques. For this purpose, it first summarize the required background of testing and security engineering. Then, basics and recent developments of security testing techniques applied during the secure software development lifecycle, i.e., model-based security testing, code-based testing and static analysis, penetration testing and dynamic analysis, as well as security regression testing are discussed. Finally, the security testing techniques are illustrated by adopting them for an example three-tiered web-based business application

Randomness Generation for Secure Hardware Masking - Unrolled Trivium to the Rescue

Masking is a prominent strategy to protect cryptographic implementations against side-channel analysis. Its popularity arises from the exponential security gains that can be achieved for (approximately) quadratic resource utilization. Many variants of the countermeasure tailored for different optimization goals have been proposed over the past decades. The common denominator among all of them is the implicit demand for robust and high entropy randomness. Simply assuming that uniformly distributed random bits are available, without taking the cost of their generation into account, leads to a poor understanding of the efficiency and performance of secure implementations. This is especially relevant in case of hardware masking schemes which are known to consume large amounts of random bits per cycle due to parallelism. Currently, there seems to be no consensus on how to most efficiently derive many pseudo-random bits per clock cycle from an initial seed and with properties suitable for masked hardware implementations. In this work, we evaluate a number of building blocks for this purpose and find that hardware-oriented stream ciphers like Trivium and its reduced-security variant Bivium B outperform all competitors when implemented in an unrolled fashion. Unrolled implementations of these primitives enable the flexible generation of many bits per cycle while maintaining high performance, which is crucial for satisfying the large randomness demands of state-of-the-art masking schemes. According to our analysis, only Linear Feedback Shift Registers (LFSRs), when also unrolled, are capable of producing long non-repetitive sequences of random-looking bits at a high rate per cycle even more efficiently than Trivium and Bivium B. Yet, these instances do not provide black-box security as they generate only linear outputs. We experimentally demonstrate that using multiple output bits from an LFSR in the same masked implementation can violate probing security and even lead to harmful randomness cancellations. Circumventing these problems, and enabling an independent analysis of randomness generation and masking scheme, requires the use of cryptographically stronger primitives like stream ciphers. As a result of our studies, we provide an evidence-based estimate for the cost of securely generating n fresh random bits per cycle. Depending on the desired level of black-box security and operating frequency, this cost can be as low as 20n to 30n ASIC gate equivalents (GE) or 3n to 4n FPGA look-up tables (LUTs), where n is the number of random bits required. Our results demonstrate that the cost per bit is (sometimes significantly) lower than estimated in previous works, incentivizing parallelism whenever exploitable and potentially moving low randomness usage in hardware masking research from a primary to secondary design goal

Framing Global Mathematics

This open access book is about the shaping of international relations in mathematics over the last two hundred years. It focusses on institutions and organizations that were created to frame the international dimension of mathematical research. Today, striking evidence of globalized mathematics is provided by countless international meetings and the worldwide repository ArXiv. The text follows the sinuous path that was taken to reach this state, from the long nineteenth century, through the two wars, to the present day. International cooperation in mathematics was well established by 1900, centered in Europe. The first International Mathematical Union, IMU, founded in 1920 and disbanded in 1932, reflected above all the trauma of WW I. Since 1950 the current IMU has played an increasing role in defining mathematical excellence, as is shown both in the historical narrative and by analyzing data about the International Congresses of Mathematicians. For each of the three periods discussed, interactions are explored between world politics, the advancement of scientific infrastructures, and the inner evolution of mathematics. Readers will thus take a new look at the place of mathematics in world culture, and how international organizations can make a difference. Aimed at mathematicians, historians of science, scientists, and the scientifically inclined general public, the book will be valuable to anyone interested in the history of science on an international level