Preimage resistance beyond the birthday bound: Double-length hashing revisited

Security proofs are an essential part of modern cryptography. Often the challenge is not to come up with appropriate schemes but rather to technically prove that these satisfy the desired security properties. We provide for the first time techniques for proving asymptotically optimal preimage resistance bounds for block cipher based double length, double call hash functions. More precisely, we consider for some \keylength>\blocklength compression functions H:\{0,1\}^{\keylength+\blocklength} \rightarrow \{0,1\}^{2\blocklength} using two calls to an ideal block cipher with an \blocklength-bit block size. Optimally, an adversary trying to find a preimage for $H$ should require \Omega(2^{2\blocklength}) queries to the underlying block cipher. As a matter of fact there have been several attempts to prove the preimage resistance of such compression functions, but no proof did go beyond the \Omega(2^{\blocklength}) barrier, therefore leaving a huge gap when compared to the optimal bound. In this paper, we introduce two new techniques on how to lift this bound to \Omega(2^{2\blocklength}). We demonstrate our new techniques for a simple and natural design of $H$, being the concatenation of two instances of the well-known Davies-Meyer compression function

Dwog Paco: Tackling the Challenges of Reintegrating Ex-LRA in Kitgum District

Broad intentions The people of northern Uganda face the complex challenge of reintegrating former members of the LRA rebel group back into their communities. One month of field research in Kitgum district was carried out to study the reintegration process of LRA returnees and the roles of various stakeholders such as government, NGOs, traditional leaders, community members, and the returnees themselves in facilitating the process. This paper also analyzes the impact of the Government of Uganda’s Amnesty Act on the return of formerly abducted people. Methodology The research entailed the collection of both quantitative and qualitative information from various stakeholders involved in the reintegration process of returnees from the LRA. To gather qualitative data, the following research methods were employed: literature review, interviews, focus group discussions, observation, transect walks, and experiential learning. Relevant actors in the Amnesty Commission (AC), local NGOs, local community, and traditional institutions were consulted for information. One-on-one interviews and focus group discussions with over 50 returnees from the LRA throughout Kitgum district were conducted. Quantitative information was also retrieved from the interviews and focus group discussions and from the AC’s database. Both content analysis and statistical analysis were utilized. Findings Findings are divided into the following categories: the impact of Amnesty Act, the experience and role of returnees in reintegration, and the challenges of other actors in reintegration. The AC has played an enormous role in peace-building in Northern Uganda through collaboration with local actors. Both the AC and CPA use a grassroots follow-up system which has numerous advantages given the shortfalls of center-based follow-ups. Returnees from the bush experienced difficulties upon return in terms of relations with other community members and financial issues, but they have confronted these obstacles using various ways to rebuild relationships

SAMUDRA Report No. 61, March 2012

Contents: UNCSD: Rio+20. Shrimp Aquaculture in Central America. Sovereign Rights of Indigenous Fishers. Access to Fisheries Information. Harmonizing Fishworkers’ Rights. The Delhi MPA Workshop

Attacking and securing beacon-enabled 802.15.4 networks

The IEEE 802.15.4 standard has attracted timecritical applications in wireless sensor networks because of its beacon-enabled mode and guaranteed timeslots (GTSs). However, the GTS management scheme’s security mechanisms still leave the 802.15.4 medium access control vulnerable to attacks. Further, the existing techniques in the literature for securing 802.15.4 networks either focus on nonbeacon-enabled 802.15.4 networks or cannot defend against insider attacks for beacon-enabled 802.15.4 networks. In this paper, we illustrate this by demonstrating attacks on the availability and integrity of the beaconenabled 802.15.4 network. To confirm the validity of the attacks, we implement the attacks using Tmote Sky motes for wireless sensor nodes, where the malicious node is deployed as an inside attacker. We show that the malicious node can freely exploit information retrieved from the beacon frames to compromise the integrity and availability of the network. To defend against these attacks, we present BCN-Sec, a protocol that ensures the integrity of data and control frames in beacon-enabled 802.15.4 networks. We implement BCN-Sec, and show its efficacy during various attacks

Towards exploratory hypothesis testing and analysis

10.1109/ICDE.2011.5767907Proceedings - International Conference on Data Engineering745-75

A market-oriented agent-based model for information retrieval

International audienceInformation Retrieval in the World Wide Web (Web IR) is essential for a number of activities and it is an active domain of research and development. The main challenges concern the relevance of the results provided to users' queries and the performance regarding respond-time. On the other hand, agent-based market systems prove to be efficient for implementing e-commerce or B2B applications on the internet, thanks to inherent properties such as prominency of interactions, scalability, flexibility, interoperability, etc. Although the use of agents in other application domains is not yet widespread, the integration of mobile agents into market mechanisms bring clear and efficient solutions to Quality of Service issues encountered in most distributed applications and notably in Web IR systems. Mobility allows defining the seller – buyer model of interaction, where agents act on behalf of final users or devices providing re-sources, while the generic Market Place architecture provides an organizational setting for the matching of demands and offers. The paper shows how this framework applies to Web IR and provides experimental validation results from a Jade implementation

Unsupervised Anomaly Detection with Rejection

Anomaly detection aims at detecting unexpected behaviours in the data. Because anomaly detection is usually an unsupervised task, traditional anomaly detectors learn a decision boundary by employing heuristics based on intuitions, which are hard to verify in practice. This introduces some uncertainty, especially close to the decision boundary, that may reduce the user trust in the detector's predictions. A way to combat this is by allowing the detector to reject examples with high uncertainty (Learning to Reject). This requires employing a confidence metric that captures the distance to the decision boundary and setting a rejection threshold to reject low-confidence predictions. However, selecting a proper metric and setting the rejection threshold without labels are challenging tasks. In this paper, we solve these challenges by setting a constant rejection threshold on the stability metric computed by ExCeeD. Our insight relies on a theoretical analysis of such a metric. Moreover, setting a constant threshold results in strong guarantees: we estimate the test rejection rate, and derive a theoretical upper bound for both the rejection rate and the expected prediction cost. Experimentally, we show that our method outperforms some metric-based methods

Finding minimum representative pattern sets

10.1145/2339530.2339543Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining51-5