1,321 research outputs found
A Standalone FPGA-based Miner for Lyra2REv2 Cryptocurrencies
Lyra2REv2 is a hashing algorithm that consists of a chain of individual
hashing algorithms, and it is used as a proof-of-work function in several
cryptocurrencies. The most crucial and exotic hashing algorithm in the
Lyra2REv2 chain is a specific instance of the general Lyra2 algorithm. This
work presents the first hardware implementation of the specific instance of
Lyra2 that is used in Lyra2REv2. Several properties of the aforementioned
algorithm are exploited in order to optimize the design. In addition, an
FPGA-based hardware implementation of a standalone miner for Lyra2REv2 on a
Xilinx Multi-Processor System on Chip is presented. The proposed Lyra2REv2
miner is shown to be significantly more energy efficient than both a GPU and a
commercially available FPGA-based miner. Finally, we also explain how the
simplified Lyra2 and Lyra2REv2 architectures can be modified with minimal
effort to also support the recent Lyra2REv3 chained hashing algorithm.Comment: 13 pages, accepted for publication in IEEE Trans. Circuits Syst. I.
arXiv admin note: substantial text overlap with arXiv:1807.0576
Detecting child sexual abuse images: Traits of child sexual exploitation hosting and displaying websites
BackgroundAutomated detection of child sexual abuse images (CSAI) often relies on image attributes, such as hash values. However, electronic service providers and others without access to hash value databases are limited in their ability to detect CSAI. Additionally, the increasing amount of CSA content being distributed means that a large percentage of images are not yet cataloged in hash value databases. Therefore, additional detection criteria need to be determined to improve identification of non-hashed CSAI. ObjectiveWe aim to identify patterns in the locations and folder/file naming practices of websites hosting and displaying CSAI, to use as additional detection criteria for non-hashed CSAI. MethodsUsing a custom-designed web crawler and snowball sampling, we analyzed the locations and naming practices of 103 Surface Web websites hosting and/or displaying 8108 known CSAI hash values. ResultsWebsites specialize in either hosting or displaying CSAI with only 20% doing both. Neither hosting nor displaying websites fear repercussions. Over 27% of CSAI were displayed in the home directory (i.e., main page) with only 6% located in at least 4th-level sub-folder. Websites focused more on organizing images than hiding them with 68% of hosted and 54% of displayed CSAI being found in folders formatted year/month. Qualitatively, hosting websites were likely to use alphanumeric or disguised folder and file names to conceal images, while displaying websites were more explicit. ConclusionFile and folder naming patterns can be combined with existing criteria to improve automated detection of websites and website locations likely hosting and/or displaying CSAI
Segurança e privacidade em terminologia de rede
Security and Privacy are now at the forefront of modern concerns, and drive
a significant part of the debate on digital society. One particular aspect that
holds significant bearing in these two topics is the naming of resources in the
network, because it directly impacts how networks work, but also affects how
security mechanisms are implemented and what are the privacy implications
of metadata disclosure. This issue is further exacerbated by interoperability
mechanisms that imply this information is increasingly available regardless of
the intended scope.
This work focuses on the implications of naming with regards to security and
privacy in namespaces used in network protocols. In particular on the imple-
mentation of solutions that provide additional security through naming policies
or increase privacy. To achieve this, different techniques are used to either
embed security information in existing namespaces or to minimise privacy ex-
posure. The former allows bootstraping secure transport protocols on top of
insecure discovery protocols, while the later introduces privacy policies as part
of name assignment and resolution.
The main vehicle for implementation of these solutions are general purpose
protocols and services, however there is a strong parallel with ongoing re-
search topics that leverage name resolution systems for interoperability such
as the Internet of Things (IoT) and Information Centric Networks (ICN), where
these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus-
sĂŁo sobre a sociedade digital. Um aspecto particularmente subtil nesta dis-
cussĂŁo Ă© a forma como atribuĂmos nomes a recursos na rede, uma escolha
com consequĂȘncias prĂĄticas no funcionamento dos diferentes protocols de
rede, na forma como se implementam diferentes mecanismos de segurança
e na privacidade das vĂĄrias partes envolvidas. Este problema torna-se ainda
mais significativo quando se considera que, para promover a interoperabili-
dade entre diferentes redes, mecanismos autónomos tornam esta informação
acessĂvel em contextos que vĂŁo para lĂĄ do que era pretendido.
Esta tese foca-se nas consequĂȘncias de diferentes polĂticas de atribuição de
nomes no contexto de diferentes protocols de rede, para efeitos de segurança
e privacidade. Com base no estudo deste problema, são propostas soluçÔes
que, atravĂ©s de diferentes polĂticas de atribuição de nomes, permitem introdu-
zir mecanismos de segurança adicionais ou mitigar problemas de privacidade
em diferentes protocolos. Isto resulta na implementação de mecanismos de
segurança sobre protocolos de descoberta inseguros, assim como na intro-
dução de mecanismos de atribuiçao e resolução de nomes que se focam na
protecçao da privacidade.
O principal veĂculo para a implementação destas soluçÔes Ă© atravĂ©s de ser-
viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas
soluçÔes extende-se também a outros tópicos de investigação que recorrem
a mecanismos de resolução de nomes para implementar soluçÔes de intero-
perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na
informação (ICN).Programa Doutoral em Informåtic
Lohkoketjun hajautettu DNS ilman luottamusta: IOT laitteen osoitteen julkaisu ja datan verifiointi
Blockchain enabled distributed DNS makes possible to have a trustless system, where no participant needs to be trusted. Blockstack is such a distributed DNS that is built on top of Bitcoinâs blockchain. In this thesis I will extend this trustless feature to data sharing from an IOT device, by creating a proof of concept implementation. Cryptographically linking parts together, the trustless feature of the underlying blockchain can be preserved from the blockchain to the shared data from the device.Lohkoketjun pÀÀlle rakennettu hajautettu DNS mahdollistaa jĂ€rjestelmĂ€n, jossa ei tarvitse luottaa muihin osapuoliin. Blockstack on tĂ€llainen hajautettu DNS, joka on rakennettu Bitcoinin lohkoketjun pÀÀlle. TĂ€ssĂ€ työssĂ€ laajennan tĂ€mĂ€n luottamattomuus ominaisuuden IOT laitteen datan jakamiseen demo-ohjelman muodossa. Kryptograafisesti linkittĂ€mĂ€llĂ€ eri osat toisiinsa, voidaan perustalla olevan lohkoketjun luottamattomuus ominaisuus laajentaa myös IOT laitteen jakamaan dataan asti
Innovative Solution Approach for Controlling Access to Visibility Data in Open Food Supply Chains
Visibility data (providing details about supply chain activities in e.g. production, logistics, and quality processes) is of highly sensitive nature â not just in the food sector, but also beyond. Amongst other things, unauthorized data access can be (mis)used to uncover supply chain relationships, volumes, and other business context information. At the same time, it becomes increasingly important to share visibility data with trading partners, e.g. to meet customer requirements and legal obligations. So far, it is not a trivial matter to access or even discover that data, which is often stored in numerous distributed databases.A possible means to overcome this predicament is a Discovery Service (DS), which has knowledge of the parties owning information about specific objects (e.g. product batches) and can provide pointers to the actual data sources to authorized clients while leaving no opportunity to misuse accessible data. It is important to note that a DS itself does not contain actual visibility data, but only references to it. Yet, even the knowledge that party A, B and C have information about a specific product is still sensitive as the querying client would be able to reveal the flow of goods and may take advantage of that knowledge. For instance, he could identify his supplierâs upstream vendor and, for the sake of saving costs, try to procure products directly from that upstream vendor rather than from his previous supplier. Hence, a DS should provide the ability to prevent such scenarios if it strives to achieve a high level of acceptance.A key enabler for a DS is a trust-inspiring means to ascertain whether a querying party is actually part of a given chain of custody (CoC). In conjunction with a set of rules previously defined by the respective data owners, the DS is then able to decide which service addresses (if at all) can be provided in the message response to the query client. Afterwards, the querying party can gather detailed information about a specific object by querying the indicated data sources. In this context, our paper addresses the following research question: How can a DS ascertain if and to which extent a trading partner, whether known or not, is entitled to get pointers to visibility data stored in distributed repositories while ensuring privacy of the data owners?In pursuing this research question, we first provide the relevant background including the current state of the art. Second, we explain and discuss the solution approach and complete our paper by outlining the solution we are going to realize in the course of the research project âFoodAuthentâ (funded by the German Ministry of Food and Agriculture).
Trusty URIs: Verifiable, Immutable, and Permanent Digital Artifacts for Linked Data
To make digital resources on the web verifiable, immutable, and permanent, we
propose a technique to include cryptographic hash values in URIs. We call them
trusty URIs and we show how they can be used for approaches like
nanopublications to make not only specific resources but their entire reference
trees verifiable. Digital artifacts can be identified not only on the byte
level but on more abstract levels such as RDF graphs, which means that
resources keep their hash values even when presented in a different format. Our
approach sticks to the core principles of the web, namely openness and
decentralized architecture, is fully compatible with existing standards and
protocols, and can therefore be used right away. Evaluation of our reference
implementations shows that these desired properties are indeed accomplished by
our approach, and that it remains practical even for very large files.Comment: Small error corrected in the text (table data was correct) on page
13: "All average values are below 0.8s (0.03s for batch mode). Using Java in
batch mode even requires only 1ms per file.
- âŠ